Privilege Level
In all three cases, only privileged applications (usually the OS kernel) may modify IF. Note that this only applies to protected mode code (real mode code may always modify IF).
CLI and STI are privileged instructions, which trigger a general protection fault if an unprivileged application attempts to execute it, while POPF will simply not modify the IF flag if the application is unprivileged.
The privilege level required to execute a CLI or STI instruction, or set IF using POPF, is not determined by the IOPL (I/O Privilege Level) in EFLAGS. If the IOPL is set to 2 for example, any program running only in ring 0 can execute a CLI. Most modern operating systems set the IOPL to be 0 so only the kernel can execute CLI/STI. The reason for this is that since clearing IF will force the processor to ignore ALL interrupts, the kernel may never get control back if it is not set to 1 again.
Read more about this topic: Interrupt Flag
Famous quotes containing the words privilege and/or level:
“I read, with a kind of hopeless envy, histories and legends of people of our craft who “do not write for money.” It must be a pleasant experience to be able to cultivate so delicate a class of motives for the privilege of doing one’s best to express one’s thoughts to people who care for them. Personally, I have yet to breathe the ether of such a transcendent sphere. I am proud to say that I have always been a working woman, and always had to be ...”
—Elizabeth Stuart Phelps (1844–1911)
“One of the peculiar sins of the twentieth century which we’ve developed to a very high level is the sin of credulity. It has been said that when human beings stop believing in God they believe in nothing. The truth is much worse: they believe in anything.”
—Malcolm Muggeridge (1903–1990)