Skip to main content

Posts

Showing posts with the label privilege levels

Privilege Levels in processor and Virtual Memory

Privilege Levels in processor and Virtual Memory Privilege Levels: The processor has Ring Levels 0-3, 0 being most privileged, 3 being least privileged. All processes in user land, be it root or non-root, execute in Ring 3. (Ring 1,2 are unused in Linux) A process in Privilege level 3 cannot read/write/execute segments which belong to supervisor (the kernel). So a write to memory locations higher than PAGE_OFFSET (3GB on i386) causes segmentation fault. Same goes for hardware access through in/out or mapped i/o (exceptions are iopl etc). Virtual Memory: Virtual Memory ensures no access to physical RAM pages by processes. Hence you *cannot* under any circumstances write a physical address, Hence there is ZERO chance of even reading kernel data, let alone messing them up.