Various embodiments of the present invention introduce privilege-level mapping into a computer architecture not initially designed for supporting virtualization. Privilege-level mapping can, with relatively minor changes to processor logic, fully prevent privileged-level-information leaks by which non-privilege code can determine the current machine-level privilege level at which they are executing. In one embodiment of the present invention, a new privilege-level mapping register is introduced, and privilege-level mapping is enabled for all but code invoked by privileged-level-0-forcing hardware events.

System for selectively enabling operating modes of a device. The system includes a method for selectively enabling operating modes of a device during a device initialization, wherein the operating modes comprise a privileged mode and a non-privileged mode. The method includes determining during the device initialization whether the device is to operate in the privileged mode or in both the privileged and non-privileged modes, and enabling the privileged mode if it is determined that the device is to operate only in the privileged mode. The method also includes enabling both the privileged and the non-privileged modes if it is determined that the device is to operate in both the privileged and the non-privileged modes.

In a single machine that has entities running in an untrusted environment and entities running in a trusted environment, the trustworthiness of the entities in the trusted environment is projected to the entities in the untrusted environment. This is applicable, for example, to Microsoft.RTM.'s Next Generation Secure Computing Base (NGSCB), where a regular operating system (e.g., the Windows.RTM. operating system) hosts a secure operating system (e.g., the nexus).