If CALL targets a less privileged CS, or RET ( RETURN ) a more privileged CS, a general protection exception occurs by definition; a trusted program cannot directly invoke a less trusted one.
If CALL targets a more privileged CS, a general protection exception occurs
because a less privileged program cannot access a more privileged object
(code segment).
It is IMPOSSIBLE to DIRECTLY call a code segment which is a different privilege
level than the caller.
It IS POSSIBLE to INDIRECTLY call a more privileged code segment.