From: Kalle Valo <kvalo@kernel.org>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: linux-kernel@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"Paolo Abeni" <pabeni@redhat.com>,
"Oleksij Rempel" <linux@rempel-privat.de>,
"Maciej Żenczykowski" <maze@google.com>,
"Neil Armstrong" <neil.armstrong@linaro.org>,
"Mauro Carvalho Chehab" <mchehab@kernel.org>,
"Andrzej Pietrasiewicz" <andrzejtp2010@gmail.com>,
"Jacopo Mondi" <jacopo@jmondi.org>,
"Łukasz Stelmach" <l.stelmach@samsung.com>,
"Laurent Pinchart" <laurent.pinchart@ideasonboard.com>,
linux-usb@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless@vger.kernel.org,
"Ilja Van Sprundel" <ivansprundel@ioactive.com>,
"Joseph Tartaro" <joseph.tartaro@ioactive.com>
Subject: Re: [PATCH] USB: disable all RNDIS protocol drivers
Date: Wed, 23 Nov 2022 17:21:01 +0200 [thread overview]
Message-ID: <87o7sxofxe.fsf@kernel.org> (raw)
In-Reply-To: <20221123124620.1387499-1-gregkh@linuxfoundation.org> (Greg Kroah-Hartman's message of "Wed, 23 Nov 2022 13:46:20 +0100")
Greg Kroah-Hartman <gregkh@linuxfoundation.org> writes:
> The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on
> any system that uses it with untrusted hosts or devices. Because the
> protocol is impossible to make secure, just disable all rndis drivers to
> prevent anyone from using them again.
>
> Windows only needed this for XP and newer systems, Windows systems older
> than that can use the normal USB class protocols instead, which do not
> have these problems.
>
> Android has had this disabled for many years so there should not be any
> real systems that still need this.
>
> Cc: "David S. Miller" <davem@davemloft.net>
> Cc: Eric Dumazet <edumazet@google.com>
> Cc: Jakub Kicinski <kuba@kernel.org>
> Cc: Paolo Abeni <pabeni@redhat.com>
> Cc: Kalle Valo <kvalo@kernel.org>
> Cc: Oleksij Rempel <linux@rempel-privat.de>
> Cc: "Maciej Żenczykowski" <maze@google.com>
> Cc: Neil Armstrong <neil.armstrong@linaro.org>
> Cc: Mauro Carvalho Chehab <mchehab@kernel.org>
> Cc: Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>
> Cc: Jacopo Mondi <jacopo@jmondi.org>
> Cc: "Łukasz Stelmach" <l.stelmach@samsung.com>
> Cc: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
> Cc: linux-usb@vger.kernel.org
> Cc: netdev@vger.kernel.org
> Cc: linux-kernel@vger.kernel.org
> Cc: linux-wireless@vger.kernel.org
> Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
> Reported-by: Joseph Tartaro <joseph.tartaro@ioactive.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> ---
> Note, I'll submit patches removing the individual drivers for later, but
> that is more complex as unwinding the interaction between the CDC
> networking and RNDIS drivers is tricky. For now, let's just disable all
> of this code as it is not secure.
>
> I can take this through the USB tree if the networking maintainers have
> no objection. I thought I had done this months ago, when the last round
> of "there are bugs in the protocol!" reports happened at the end of
> 2021, but forgot to do so, my fault.
>
> drivers/net/usb/Kconfig | 1 +
> drivers/net/wireless/Kconfig | 1 +
For wireless:
Acked-by: Kalle Valo <kvalo@kernel.org>
Feel free to take this via your tree.
--
https://patchwork.kernel.org/project/linux-wireless/list/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
next prev parent reply other threads:[~2022-11-23 15:21 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-23 12:46 [PATCH] USB: disable all RNDIS protocol drivers Greg Kroah-Hartman
2022-11-23 14:20 ` Johannes Berg
2022-11-23 15:05 ` Greg Kroah-Hartman
2022-11-23 16:27 ` Johannes Berg
2023-01-10 22:47 ` James Hilliard
2022-11-23 15:21 ` Kalle Valo [this message]
2022-11-23 18:29 ` Jakub Kicinski
2022-11-23 20:27 ` Maciej Żenczykowski
2023-01-11 13:38 ` Jan Engelhardt
2023-01-11 14:56 ` Greg Kroah-Hartman
2023-07-03 21:11 ` Enrico Mioso
2023-07-04 6:47 ` Greg Kroah-Hartman
2023-07-12 9:22 ` Oliver Neukum
2023-07-12 13:00 ` Johannes Berg
2023-07-12 16:39 ` Greg Kroah-Hartman
2023-07-13 0:28 ` Johannes Berg
2023-07-13 5:34 ` Greg Kroah-Hartman
2023-07-13 8:33 ` Oliver Neukum
2023-07-13 9:49 ` Maciej Żenczykowski
2023-07-13 12:21 ` Johannes Berg
2023-07-13 5:21 ` Mauro Carvalho Chehab
-- strict thread matches above, loose matches on Subject: below --
2022-11-23 15:40 Nicolas Cavallari
2022-11-23 15:55 ` Greg Kroah-Hartman
2022-11-24 0:58 ` Lars Melin
2022-11-29 22:48 ` Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o7sxofxe.fsf@kernel.org \
--to=kvalo@kernel.org \
--cc=andrzejtp2010@gmail.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=ivansprundel@ioactive.com \
--cc=jacopo@jmondi.org \
--cc=joseph.tartaro@ioactive.com \
--cc=kuba@kernel.org \
--cc=l.stelmach@samsung.com \
--cc=laurent.pinchart@ideasonboard.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=linux@rempel-privat.de \
--cc=maze@google.com \
--cc=mchehab@kernel.org \
--cc=neil.armstrong@linaro.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.