Apple Silicon Hardware Secrets: SPRR and Guarded Exception Levels (GXF)

Apple’s new M1 SoC contains interesting and undocumented new hardware features. SPRR allows redefining the meaning of pagetable permission bits and GXF introduces lateral execution levels. This post explores these new features and documents how Apple uses them to protect macOS against attacks.