9.6. Privilege Levels and Rings
The simplest sort of privilege mechanism, implemented by many CPUs, employs two privilege levels. These two levels are often called the user and supervisor or user and kernel levels. The MMU makes higher-level instruction and data spaces inaccessible to user-level code to protect the most privileged (supervisor or kernel) code and data.
The Diamond 232L CPU’s MMU operates with four privilege levels called rings. In the Diamond 232L CPU, kernel code resides at Ring 0. Code running at Ring 0 can access the address spaces in all of the other privilege rings. The privilege levels are called rings because conceptually, lower-numbered levels (with higher privilege) envelop or “ring” higher-numbered levels. Figure 9.7 illustrates this concept of nested privilege levels.
Figure 9.7 shows the one kernel task at Ring 0 running two other processes at Ring 1. The process running at Ring 1 on the left is running one task at Ring 2, which in turn is running one task at Ring 3. The task running at Ring 1 on the right is running two tasks at Ring 2. One of those tasks at Ring 2 is running three tasks at Ring 3 and the other task running at Ring 2 is running one task at Ring 3. At any given moment, the Diamond 232L CPU can be executing one task at each of the ring levels.
Figure 9.7. The Diamond 232L CPU core’s MMU can manage as many as four privilege rings.
A simple way (but not the only way) to think about the four privilege rings is:
Ring 0: Shared kernel address space
Ring 1: Per-process kernel address space
Ring 2: Shared application address space
Ring 3: Thread-level address space
Each of the running tasks is differentiated by a value held in the Diamond 232L CPU’s ASID registers. There is a separate ASID register for each of the CPU’s four privilege rings. Thus at any time, four separate tasks running can be running on the processor—one at each of the four privilege or ring levels.
Each task has a different 8-bit ASID assigned to it by the operating system kernel. The task running at Ring 0 always has an ASID value of 1, so there can only be one such task. An assigned ASID value of 0 is invalid. (At reset, the processor initializes some entries in the TLB as invalid but the ASID-management software should not use this value.) The other 254 ASID values are assigned to tasks running in Rings 1, 2, and 3.
The ASID values for the four active tasks (one active task running in each of the four privilege rings) are stored in the Diamond 232L CPU’s 32-bit RASID special register, shown in Figure 9.8. When the OS kernel swaps out a task running at Ring 1, 2, or 3, it must also change the corresponding ASID stored in the RASID register. The MMU uses the ASID values as an input to the address-translation process.
Figure 9.8. The Diamond 232L CPU core’s RASID register holds the four ASID values for the four actively running tasks. The ASID for the ring-0 task is always set to 1.
