From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Cc: linux-kernel@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"Paolo Abeni" <pabeni@redhat.com>,
"Kalle Valo" <kvalo@kernel.org>,
"Oleksij Rempel" <linux@rempel-privat.de>,
"Maciej Żenczykowski" <maze@google.com>,
"Neil Armstrong" <neil.armstrong@linaro.org>,
"Mauro Carvalho Chehab" <mchehab@kernel.org>,
"Andrzej Pietrasiewicz" <andrzejtp2010@gmail.com>,
"Jacopo Mondi" <jacopo@jmondi.org>,
"Łukasz Stelmach" <l.stelmach@samsung.com>,
"Laurent Pinchart" <laurent.pinchart@ideasonboard.com>,
linux-usb@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless@vger.kernel.org,
"Ilja Van Sprundel" <ivansprundel@ioactive.com>,
"Joseph Tartaro" <joseph.tartaro@ioactive.com>
Subject: Re: [PATCH] USB: disable all RNDIS protocol drivers
Date: Wed, 23 Nov 2022 16:55:53 +0100 [thread overview]
Message-ID: <Y35CiSPS+A0pHtwO@kroah.com> (raw)
In-Reply-To: <04ea37cc-d97a-3e00-8a99-135ab38860f2@green-communications.fr>
On Wed, Nov 23, 2022 at 04:40:33PM +0100, Nicolas Cavallari wrote:
> On 23/11/2022 13:46, Greg Kroah-Hartman wrote:
> > The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on
> > any system that uses it with untrusted hosts or devices. Because the
> > protocol is impossible to make secure, just disable all rndis drivers to
> > prevent anyone from using them again.
> >
> > Windows only needed this for XP and newer systems, Windows systems older
> > than that can use the normal USB class protocols instead, which do not
> > have these problems.
> >
> > Android has had this disabled for many years so there should not be any
> > real systems that still need this.
>
> I kind of disagree here. I have seen plenty of android devices that only
> support rndis for connection sharing, including my android 11 phone released
> in Q3 2020. I suspect the qualcomm's BSP still enable it by default.
Qualcomm should not have it enabled, and if they do, they are adding
code that Google says should not be enabled, and so Qualcom is
responsible for supporting that mess. Good luck to them.
> There are also probably cellular dongles that uses rndis by default. Maybe
> ask the ModemManager people ?
That would be very very sad if it were the case, as they are totally
unsafe.
> I'm also curious if reimplementing it in userspace would solve the security
> problem.
The kernel would be happier, as all of the buffer overflows that are
possible would only be happening in userspace. But I doubt any library
or userspace code that interacts with the protocol would really enjoy
it.
thanks,
greg k-h
next prev parent reply other threads:[~2022-11-23 15:56 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-23 15:40 [PATCH] USB: disable all RNDIS protocol drivers Nicolas Cavallari
2022-11-23 15:55 ` Greg Kroah-Hartman [this message]
2022-11-24 0:58 ` Lars Melin
2022-11-29 22:48 ` Dan Williams
-- strict thread matches above, loose matches on Subject: below --
2022-11-23 12:46 Greg Kroah-Hartman
2022-11-23 14:20 ` Johannes Berg
2022-11-23 15:05 ` Greg Kroah-Hartman
2022-11-23 16:27 ` Johannes Berg
2023-01-10 22:47 ` James Hilliard
2022-11-23 15:21 ` Kalle Valo
2022-11-23 18:29 ` Jakub Kicinski
2022-11-23 20:27 ` Maciej Żenczykowski
2023-01-11 13:38 ` Jan Engelhardt
2023-01-11 14:56 ` Greg Kroah-Hartman
2023-07-03 21:11 ` Enrico Mioso
2023-07-04 6:47 ` Greg Kroah-Hartman
2023-07-12 9:22 ` Oliver Neukum
2023-07-12 13:00 ` Johannes Berg
2023-07-12 16:39 ` Greg Kroah-Hartman
2023-07-13 0:28 ` Johannes Berg
2023-07-13 5:34 ` Greg Kroah-Hartman
2023-07-13 8:33 ` Oliver Neukum
2023-07-13 9:49 ` Maciej Żenczykowski
2023-07-13 12:21 ` Johannes Berg
2023-07-13 5:21 ` Mauro Carvalho Chehab
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y35CiSPS+A0pHtwO@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=andrzejtp2010@gmail.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=ivansprundel@ioactive.com \
--cc=jacopo@jmondi.org \
--cc=joseph.tartaro@ioactive.com \
--cc=kuba@kernel.org \
--cc=kvalo@kernel.org \
--cc=l.stelmach@samsung.com \
--cc=laurent.pinchart@ideasonboard.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=linux@rempel-privat.de \
--cc=maze@google.com \
--cc=mchehab@kernel.org \
--cc=neil.armstrong@linaro.org \
--cc=netdev@vger.kernel.org \
--cc=nicolas.cavallari@green-communications.fr \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).