Title Software-Defined CPU Modes Authors Michael Roitzsch, Till Miemietz, Christian von Elm, Nils Asmussen E-Mail michael.roitzsch@barkhauseninstitut.org Affiliation Barkhausen Institut, Dresden, Deutschland Abstract In bygone years, operating systems interacted with the CPU in the simple terms of traditional user and kernel mode. Privileged features, like page-table manipulation and interrupt handling, were restricted to kernel mode, while user mode handled regular application code. But as the systems community demanded more features to play with, CPU vendors delivered: Hypervisor modes with nested paging enable hardware-supported virtualization and monitor modes enable isolated security contexts. In the recent past, the trend of adding CPU modes perpetuated: SGX, MPK, SEV, and TDX are among the latest additions to the family. This plethora of new modes would not be a problem if they did not also come with a lot of complexity, that is present in our CPUs, whether the system uses a new mode or not. Consequently, the isolation promises between modes and between protection domains implemented by a mode (like address spaces) have become more difficult to reason about. At the same time, the systems community has no shortage of ideas for new CPU modes: MPK is being abused for intra-application sandboxing, nested paging in user mode would help with garbage collection. But although details of existing modes are implemented in microcode, they are inseparably linked to the silicon. Although firmware is ultimately software, the operating system cannot influence this microcode to disable unneeded modes or to add new ones. This talk poses the question: What if we could? What if we approached the construction of CPU modes from a completely different perspective? Let us assume we could not just change microcode, but instead had CPUs, where the very nature of CPU modes was fully programmable. The goal of such a CPU design would be to throw away all existing CPU modes and replace them with software. In the talk, we show how such a software-defined CPU mode design would function and explore the advantages it enables. We believe that pushing all existing modes under a common design umbrella would enforce a cleaner structure and more control over exposed functionality. At the same time, the flexibility of software-defined modes enables interesting new use cases. Language of the Presentation English PDF for the GI Digital Library https://www.betriebssysteme.org/wp-content/uploads/2023/07/SD-CPU.pdf