[rwmj]

Companies using any ISA can add secret or closed extensions. That is simply outside the scope of an ISA specification.

If you want to ensure there is no secret stuff in your chip you'd better be prepared to create your own designs and manufacture them in your own foundry. RISC-V would still be an excellent starting point.

[pgeorgi]

Extensions are fair game, of course. As is not buying chips with closed extensions.

But designing the hooks for anti-user binary blobs into the ISA just encourages misbehavior as soon as they can get away with it.

RISC-V code in privileged and protected pockets of the systems is so much easier to design, maintain and update than ISA extensions that I consider that the bigger problem due to its future ubiquity.

[rwmj]

The machine mode is there for a very good reasons of microarchitecture design scalability, allowing the same machine model to be presented to the operating system with everything from tiny designs to everything-in-hardware. In all existing designs it is open source. It's quite reasonable to have this explicit layer, since in many other cases it has been hidden away (think: Transmeta, or many x86 emulators).