Content deleted Content added
Guy Harris (talk | contribs) →Implementations: As the page currently describes both systems with privileged/unprivileged modes and systems with multiple rings, mention the former, which preceded protection rings, first. (The GE-645 had the same two modes the other GE-600 series machines did, but didn't implement rings in hardware; the Honeywell 6180 implemented both modes and rings.) |
Guy Harris (talk | contribs) →Implementations: Fix tpo. |
||
Line 12:
==Implementations==
Several computer systems introduced in the 1960s, such as the [[IBM System/360]], [[Digital Equipment Corporation|DEC]] [[PDP-6]]/[[PDP-10]], the [[GE-600 series]], and the [[Burroughs Corporation|Burroughs]] [[B5000]] series and [[B6500]] series, support two processor modes; a mode that grants full privileges to code running in that mode, and a mode that prevents direct access to [[input/output]] devices and some other hardware facilities to code running in that mode. The first mode is referred to by names such as ''supervisor state'' (System/360), ''executive mode'' (PDP-6/PDP-10), ''master mode'' (GE-600 series), ''control mode'' (B5000 series), and ''control state'' (B6500 series). The second mode is referred to by names such as ''problem state'' (System/360), ''user mode'' (PDP-6/PDP-10), ''slave mode'' (GE-600 series), and ''normal state'' (B6500 series); there are multiple non-control
Multiple rings of protection were among the most revolutionary concepts introduced by the [[Multics]] operating system, a highly secure predecessor of today's [[Unix]] family of operating systems. The [[GE 645]] mainframe computer did have some hardware access control, but that was not sufficient to provide full support for rings in hardware, so Multics supported them by trapping ring transitions in software;<ref>{{cite journal|title=A Hardware Architecture for Implementing Protection Rings|url=http://www.multicians.org/protection.html|journal=[[Communications of the ACM]]|date=March 1972|volume=15 |issue=3|access-date=27 September 2012}}</ref> its successor, the [[Honeywell 6180]], implemented them in hardware, with support for eight rings.<ref>{{cite web|title=Multics Glossary - ring|url=http://www.multicians.org/mgr.html#ring|access-date=27 September 2012}}</ref> However, most general-purpose systems use only two rings, even if the hardware they run on provides more [[CPU modes]] than that. For example, Windows 7 and Windows Server 2008 (and their predecessors) use only two rings, with ring 0 corresponding to [[#SUPERVISOR-MODE|kernel mode]] and ring 3 to [[user space|user mode]],<ref name="russinovich"/> because earlier versions of Windows NT ran on processors that supported only two protection levels.<ref>{{cite book|last=Russinovich|first=Mark|title=Windows Internals Part 1|edition=6th |year=2012|publisher=Microsoft Press|location=Redmond, Washington|isbn=978-0-7356-4873-9|page=17|quote=The reason Windows uses only two levels is that some hardware architectures that were supported in the past (such as [[DEC Alpha|Compaq Alpha]] and [[MIPS architecture|Silicon Graphics MIPS]]) implemented only two privilege levels.}}</ref>
| |||