From my understanding. kernel mode is a hardware feature. Ex. it can be set via a register (value1 -> kernel mode, value2 -> user mode).
When the kernel loads and runs an user application, the user application should communicate to the kernel via system call to perform privileged action, during which an interrupt will happen, the execution will switch to kernel mode and the privileged action performed.
My question is:
What is the mechanism that prevents a malicious user application from setting that "mode" register and enter the kernel mode (ex. for x86)? It make sense that only the kernel can set this register, I would like to know more details about how this is enforced.