Can anyone explain the specific details of how protection rings work? I understand the general details, but not the specifics.
How does the processor "know" the protection ring of the currently executing program, and how does it prevent unprivileged code from doing anything disallowed?
How do programs elevate from, say, ring 3 to ring 0, or alternatively how do they reduce their protection from ring 0 to ring 3? Is there any specific instruction/action that does it?
What specifically is unprivileged code not allowed to do? IIRC, ring 3 code cannot:
- write to the memory of ring 2 or lower protection rings
- read the memory of ring 2 or lower protection rings
- execute certain processor instructions
Is this the case? Is there anything else ring 3 programs are not allowed to do?
Feel free to give me a link to a resource explaining this if you don't feel like explaining it yourself.