Reputation: 313
Which part of Linux kernel enforces privilege separation and how?
I want to know how privilege separation is enforced by the kernel and the part of kernel that is responsible for this task.
For example, assume there are two processes running -- one at ring 0 and another at ring 3. How does the kernel keep track of the ring number of each process?
Edit: I know about ring numbers. My question is about the part of kernel (module or something) which performs checks on the processes to find out their privilege level. I believe there might be a component of kernel which would check the ring number of a process.
Upvotes: 1
Views: 738
Answers (1)
Reputation:
There is no concept of a ring number of a process.
The kernel is mapped in one area of memory, userspace is mapped in another. On boot the kernel specifies an address where the cpu has to jump to when the syscall instruction is executed. So someone does syscall, the cpu switches to ring0 and jumps to the address as instructed by the kernel. It is now executing kernel code. Then, on return, the cpu switches back to ring3 and resumes execution.
Similar story for other ways of entering the kernel like exceptions.
So, how does linux kernel enforce separation? It sets things up for usersapace to execute in ring3. Anything triggering the cpu to switch to ring0 also makes the jump to an address configured by the kernel on boot. no code other than kernel code executes in ring0
Upvotes: 4
Related Questions
- how does a process in linux decides privileges it has
- Do Linux capabilities partition the possible privileged operations?
- How are memory read, write, execute permissions enforced in the Linux kernel?
- Different privileges in kernel module execution
- What is CPU kernel/privileged mode, and how is it guarded by the OS?
- What decides privilege level of the process?
- How does linux protect memory?
- How exactly does OS protect kernel
- why user space kernel space sepearation in linux
- How does Android enforce permissions?