On Mon, Oct 16, 2023 at 11:16 AM Christoph Hellwig <hch@xxxxxx> wrote: > > On Mon, Oct 16, 2023 at 12:49:45AM +0530, Kanchan Joshi wrote: > > OTOH, this patch implemented a software-only way out. There are some > > checks, but someone (either SW or HW) has to do those to keep things > > right. > > It only verifies it to the read/write family of commands by > interpreting these commands. It still leaves a wide hole for any > other command. Can you please explain for what command do you see the hole? I am trying to see if it is really impossible to fix this hole for good. We only need to check for specific io commands of the NVM/ZNS command set that can do extra DMA. Along the same lines, disallowing KV does not seem necessary either. For admin commands, we allow only very few, and for those this hole does not exist.