The user/supervisor/machine privilege split you model here is exactly how the Linux kernel's syscall entry (ECALL on RISC-V, SYSCALL on x86, SVC on ARM) protects itself from user processes, and privilege-escalation CVEs found yearly in Linux and Windows are precisely bugs at this boundary. Meltdown and Spectre are also privilege-boundary failures, where speculative execution let user code read data it should never reach.