4-9
PROCEDURE CALLS, INTERRUPTS, AND EXCEPTIONS
If an operating system or executive uses this multilevel protection mechanism, a call to a proce-
dure that is in a more privileged protection level than the calling procedure is handled in a
similar manner as a far call (refer to Section 4.3.2., Far CALL and RET Operation). The
differences are as follows:
The segment selector provided in the CALL instruction references a special data structure
called a call gate descriptor. Among other things, the call gate descriptor provides the
following:
Access rights information.
The segment selector for the code segment of the called procedure.
An offset into the code segment (that is, the instruction pointer for the called
procedure).
The processor switches to a new stack to execute the called procedure. Each privilege level
has its own stack. The segment selector and stack pointer for the privilege level 3 stack are
stored in the SS and ESP registers, respectively, and are automatically saved when a call to
a more privileged level occurs. The segment selectors and stack pointers for the privilege
level 2, 1, and 0 stacks are stored in a system segment called the task state segment (TSS).
The use of a call gate and the TSS during a stack switch are transparent to the calling procedure,
except when a general-protection exception is raised.
Figure 4-3. Protection Rings
Level 0
Level 1
Level 2
Level 3
Protection Rings
Operating
Operating System
Services (Device
Drivers, Etc.)
Applications
01
23
Highest
Lowest
Privilege Levels
System
Kernel
