2

I can understand the theory behind the different privilege levels x86_64 arch has. Read a lot about them in the intel/amd dev guides.

But what I cannot afford to understand is when (practical use cases) do we need different privilege level. Why do we use a kernel stack for example with DPL 0 and not 3 (we would just run the code segment with cpl 0).

I am confused about that.

Could you please explain with real world example(s)/dangers?

Thanks

Edit:

I am more interested in the cases the kernel sets a more privileged profile to an application stack

Community
  • 1
  • 1
Jdarc
  • 55
  • 6
  • PL 0 allows the kernel to prevent userspace programs from messing with its stuff, or from granting themselves the ability to mess with each other's stuff. – Sneftel May 28 '15 at 22:34
  • Yes i know that but the question is when do the kernel decides to increase the privilege, what for exactly? – Jdarc May 29 '15 at 05:34
  • 2
    "I am more interested in the cases the kernel sets a more privileged profile to an application stack" sorry I can't understand what you mean. Do you want to known why the CPU has a ring 0 stack associated with a call gate & similar? Because this way you can handle syscall/interrupt even if the user space stack is corrupted (says points to read only mem o unallocated pages). Do you want to know why there are different privilege levels? Because programs are like children if you let them unsupervised they hurt their selves and mess up the house. –  Jun 17 '15 at 15:16
  • I think I read something about an OS that used multiple privilege levels, rather than just kernel / user. Maybe it was something like device drivers running with less privilege than core kernel code? – Peter Cordes Jul 13 '15 at 08:06

0 Answers0