Privilege level checking instruction for implementing a secure hierarchical computer system

1. A method of securing a computer system having a memory and an instruction unit when a calling routine having an original low privilege level desires to call on a service routine having a higher privilege level than the calling routine is normally permitted to access, said method comprising the steps of:

• reading an access rights field contained in a register within the instruction unit to determine current access rights of the calling routine;
  
  reading an access rights field of a page in the memory containing a gateway instruction indicated by the calling routine;
  
  comparing the access rights field in the register within the instruction unit to the access rights field of the page in memory containing the gateway instructions indicated by the calling routine to determine whether the calling route is permitted entry to the page containing the gateway instruction; and
  
  performing the following substeps if the access rights field of the calling routine indicates that the calling routine is permitted entry to the page containing the gateway instruction;
  
  raising the low privilege level of the calling routine to the higher privilege level specified by the gateway instruction,storing a return address and the low privilege level of the calling routine in a target register of the calling routine, so that the calling routine cannot forge its privilege level,branching control of the instruction unit from the calling routine to a location of the service routine as specified by the gateway instruction,executing the service routine, andreturning control to the calling routine at an address specified by the target register with the original low privilege level stored in the target register.