x86 protection rings

Question about which tools to use, bugs, the best way to implement a function, etc should go here. Don't forget to see if your question is answered in the wiki first! When in doubt post here.
Post Reply
User avatar
AlfaOmega08
Member
Member
Posts: 226
Joined: Wed Nov 07, 2007 12:15 pm
Location: Italy

x86 protection rings

Post by AlfaOmega08 »

Usually we use Ring 0 for the kernel and Ring 3 for user programs. Some drivers uses Ring 0, some other Ring 3.
But what about Rings 1 and 2?

I've read (from an unreliable source) that the Vista kernel runs some drivers in Ring 1, to have more stability than Ring 0 and more speed than Ring 3. Is this true?

How can this be realized? IIRC if I use paging I can only use segments with Ring 0 for Kernel page or Ring 3 for User page.

What are the differences between the 4 rings? In Ring 0 you are allowed to run any instruction, while in Ring 3 you cannot run many privileged instructions such as CLI/STI/HLT LGDT/LIDT/LTR and so. Ring 1 and 2 have the possibility to run such instructions?

Thanks
Please, correct my English...
Motherboard: ASUS Rampage II Extreme
CPU: Core i7 950 @ 3.06 GHz OC at 3.6 GHz
RAM: 4 GB 1600 MHz DDR3
Video: nVidia GeForce 210 GTS... it sucks...
Top
stlw
Member
Member
Posts: 357
Joined: Fri Apr 04, 2008 6:43 am
Contact:
Contact stlw

Re: x86 protection rings

Post by stlw »

AlfaOmega08 wrote:Usually we use Ring 0 for the kernel and Ring 3 for user programs. Some drivers uses Ring 0, some other Ring 3.
But what about Rings 1 and 2?

I've read (from an unreliable source) that the Vista kernel runs some drivers in Ring 1, to have more stability than Ring 0 and more speed than Ring 3. Is this true?

How can this be realized? IIRC if I use paging I can only use segments with Ring 0 for Kernel page or Ring 3 for User page.

What are the differences between the 4 rings? In Ring 0 you are allowed to run any instruction, while in Ring 3 you cannot run many privileged instructions such as CLI/STI/HLT LGDT/LIDT/LTR and so. Ring 1 and 2 have the possibility to run such instructions?

Thanks
There is not too much difference between Rings above zero in x86 architecture. In Ring 1 you can't run priviledged instructions the same way as in Ring 3.
The only gain is protection - the Ring 1 segments will be accessable from Ring 3 and Ring 0 from Ring 1.
But all this only if you using segments for protections which already nobody does ...

Stanislav
Top
User avatar
Colonel Kernel
Member
Member
Posts: 1437
Joined: Tue Oct 17, 2006 6:06 pm
Location: Vancouver, BC, Canada
Contact:
Contact Colonel Kernel

Re: x86 protection rings

Post by Colonel Kernel »

Vista runs some drivers in ring 3 for stability, not ring 1. However, Virtual PC runs guest OS kernels in ring 1 (a technique called "ring compression"), but this is an old technique that isn't necessary for CPUs that have the VT extensions.
Top three reasons why my OS project died:
  1. Too much overtime at work
  2. Got married
  3. My brain got stuck in an infinite loop while trying to design the memory manager
Don't let this happen to you!
Top
Post Reply

Return to “OS Development”