Re: [PATCH] USB: disable all RNDIS protocol drivers

From: Greg Kroah-Hartman
Date: Wed Nov 23 2022 - 10:05:15 EST


On Wed, Nov 23, 2022 at 03:20:36PM +0100, Johannes Berg wrote:
> On Wed, 2022-11-23 at 13:46 +0100, Greg Kroah-Hartman wrote:
> > The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on
> > any system that uses it with untrusted hosts or devices. Because the
> > protocol is impossible to make secure, just disable all rndis drivers to
> > prevent anyone from using them again.
> >
>
> Not that I mind disabling these, but is there any more detail available
> on this pretty broad claim? :)

I don't want to get into specifics in public any more than the above.

The protocol was never designed to be used with untrusted devices. It
was created, and we implemented support for it, when we trusted USB
devices that we plugged into our systems, AND we trusted the systems we
plugged our USB devices into. So at the time, it kind of made sense to
create this, and the USB protocol class support that replaced it had not
yet been released.

As designed, it really can not work at all if you do not trust either
the host or the device, due to the way the protocol works. And I can't
see how it could be fixed if you wish to remain compliant with the
protocol (i.e. still work with Windows XP systems.)

Today, with untrusted hosts and devices, it's time to just retire this
protcol. As I mentioned in the patch comments, Android disabled this
many years ago in their devices, with no loss of functionality.

thanks,

greg k-h