2.3. User Space and Kernel Space
Processes run normally in an unprivileged operation mode, that means they have
no access to physical memory or devices. This operation mode is called in Linux
user space. More abstractly, the concept of security boundaries of an operating
system introduces the term ring. Note, that this must be a hardware supported
feature of the platform. A certain group of rights is assigned to a ring. Intel
hardware [21] supports four rings, but only two rings are used by Linux. These
are ring 0 with full rights and ring 3 with least rights. Ring 1 and 2 are unused.
System processes run in ring 0 and user processes in ring 3. If a process needs
higher privileges, it must perform a transition from ring 3 to ring 0. The transition
passes a gateway, that performs security checks on arguments. This transition is
called system call and produces a certain amount of calculating overhead.
Processes run normally in an unprivileged operation mode, that means they have
no access to physical memory or devices. This operation mode is called in Linux
user space. More abstractly, the concept of security boundaries of an operating
system introduces the term ring. Note, that this must be a hardware supported
feature of the platform. A certain group of rights is assigned to a ring. Intel
hardware [21] supports four rings, but only two rings are used by Linux. These
are ring 0 with full rights and ring 3 with least rights. Ring 1 and 2 are unused.
System processes run in ring 0 and user processes in ring 3. If a process needs
higher privileges, it must perform a transition from ring 3 to ring 0. The transition
passes a gateway, that performs security checks on arguments. This transition is
called system call and produces a certain amount of calculating overhead.