You'd be surprised how unsafe those are too, even though they aren't RDMA protocols. USB and SDIO stacks aren't really designed with malicious input in mind; it's like the 90s all over again if you think of those as the network protocols they are.
That's right, any kind of communication opens up some form of attack surface. Eliminating DMA is still worthwhile by reducing its total size, and shifting more of the implementation to the softare stack gives the device owner (hopefully the user) more control over the attack surface.
