neumeka
October 17th, 2006, 02:57 AM
Modern operating systems have the concept of protection rings - a mechanism implemented in hardware which protects processes and data from other processes and data. Code segments are assigned privilege levels, with level 0 being the most privileged and level n being the least. Only processes running at a privilege level equal to or greater than the CS privilege level are allowed some kind of access to it (i.e. read/write/execute).
The paper that introduces the notion of protection levels in the Multics system (A Hardware Architecture for Implementing Protection Rings A Hardware Architecture for Implementing Protection Rings (ftp://ftp.digital.com/pub/Digital/SRC/publications/mds/protection.pdf)), explains the relationship between rings as follows:
The sets of access capabilities represented by the various rings of a process form a collection of nested subsets, with ring 0 the largest set and ring r — 1 the smallest set in the collection.
In other words, ring 0 has the most privileges, ring 1 has a subset of ring 0's privileges, ring 2 has a subset of ring 1's and so on. Although the paper makes no mention of "inner" or "outer" rings, the above explanation seems to denote ring 0 as being the outer ring and ring n being the inner ring, because ring n has a restricted subset of ring 0's privileges.
However, most articles on ring mode security that I have found on the internet (including processor programming manuals) denote ring 0 as being the innermost ring. Does anyone have any explanations for this discrepancy?
The paper that introduces the notion of protection levels in the Multics system (A Hardware Architecture for Implementing Protection Rings A Hardware Architecture for Implementing Protection Rings (ftp://ftp.digital.com/pub/Digital/SRC/publications/mds/protection.pdf)), explains the relationship between rings as follows:
The sets of access capabilities represented by the various rings of a process form a collection of nested subsets, with ring 0 the largest set and ring r — 1 the smallest set in the collection.
In other words, ring 0 has the most privileges, ring 1 has a subset of ring 0's privileges, ring 2 has a subset of ring 1's and so on. Although the paper makes no mention of "inner" or "outer" rings, the above explanation seems to denote ring 0 as being the outer ring and ring n being the inner ring, because ring n has a restricted subset of ring 0's privileges.
However, most articles on ring mode security that I have found on the internet (including processor programming manuals) denote ring 0 as being the innermost ring. Does anyone have any explanations for this discrepancy?