IBM 10 SP1 EAL4 Figure 4-1: Levels of Privilege

System x: The System x servers are powered by Intel processors. Intel processors provide four execution

modes, identified with processor privilege levels 0 through 3. The highest privilege level execution mode

corresponds to processor privilege level 0; the lowest privilege level execution mode corresponds to processor

privilege level 3. The SLES kernel, as with most other UNIX-variant kernels, utilizes only two of these

execution modes. The highest, with processor privilege level of 0, corresponds to the kernel mode; the

lowest, with processor privilege of 3, corresponds to the user mode.

System p: The System p servers are powered by PowerPC, POWER5 and POWER5+ processors. These

processors provide three execution modes, identified by the PR bit (bit 49) and the HV bit (bit 3) of the

Machine State Register of the processor. Values of 0 for both PR and HV bits indicate a hypervisor execution

four execution modes identified with processor privilege levels 0 through 3. The highest privilege level

execution mode corresponds to processor privilege level 0; the lowest privilege level execution mode

corresponds to processor privilege level 3. The SLES kernel, as with most other UNIX-variant kernels, only

utilizes two of these execution modes. The highest, with processor privilege level of 0, corresponds to the

kernel mode; the lowest, with processor privilege of 3, corresponds to the user mode.

User and kernel modes, which are offered by all of the eServer systems, implement hardware privilege as

follows:

modify any addressable resources, such as memory, page tables, I/O address space, and memory

management registers. This is not possible in the user mode.