On Mon, Oct 16, 2023 at 12:29:23PM -0600, Keith Busch wrote: > It sounds like the kernel memory is the only reason for the concern, and > you don't really care if we're corrupting user memory. If so, let's just > use that instead of kernel bounce buffers. (Minor digression, the > current bounce 'buf' is leaking kernel memory on reads since it doesn't > zero it). No, arbitrary memory overwrite is always an issue, userspace or kernel, data or metadata buffer. Note that even without block layer bounce buffering, there can always be other kernel memory involved, e.g. swiotlb. We need to get the fix to disable the unprivileged passthrough in ASAP.
