A typical computer system may provide different levels of system resource access to code executing on a processor. This often is achieved, for example, by associating one of multiple hierarchical privilege levels to each type of code that may run on the system. In such a system, the most trusted code (e.g., kernel code) is granted the highest level of privilege, and less trusted code (e.g., device drivers, applications, and other user code) is granted a lower level of privilege. The higher the level of privilege, the more access the code has to system resources. Conversely, the lower the level of privilege, the less access the code has to system resources. For example, kernel code may have virtually unrestricted access to system resources, whereas application code may be restricted from accessing certain memory areas, inputs/outputs (I/Os), and so on.
To reduce the risk that malicious or faulty code may compromise data and/or functionality of the system, hierarchical privilege schemes typically are hardware enforced. For example, a processor may implement “supervisor” and “user” modes of operation to enforce a hierarchical privilege scheme. In such a system, a hardware-mediated flag may be implemented, where the state of the flag is used to determine whether or not to allow execution of various resource-affecting operations. The flag may be set while the system is in supervisor mode, for example, allowing highly privileged code to have extensive access to system resources. Conversely, the flag may be cleared while the system is in user mode, thus restricting access to some resources by less privileged code.
The ability to execute code at various privilege levels on a processor allows software to be built utilizing these privilege levels, such that two or more levels of software can co-exist while maintaining hardware-enforced isolation. However, this ability typically comes at the cost of significant processor logic to track the privilege state and to control state changes. Generally, the logic for providing hardware enforcement of a hierarchical privilege scheme is an integral part of the processor design, and adding this functionality to an existing processor architecture can be costly in terms of hardware development and cycle time.