Would the kernel even need RAM access for its internal operations? It seems like today’s CPU caches are so large that a kernel could safely operating without ever leaving the chip, aside from anything that the userland asks it to work on. So in that case you wouldn’t need to ever run userland code against kernel CPU’s caches.
The pagetable itself can be very large; disk cache and network buffers can also take a huge amount of memory and are probably great targets for data exfiltration.
