Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp7486693rwb;
        Wed, 23 Nov 2022 07:09:00 -0800 (PST)
X-Google-Smtp-Source: AA0mqf5jUiijojJUfC9XjMUhg+DuY89mm2TFrncTzxydcxPZaeMotP8nqE6o14CYbIfnNxy3Nn39
X-Received: by 2002:a17:90a:9c07:b0:218:9f75:deae with SMTP id h7-20020a17090a9c0700b002189f75deaemr19812810pjp.58.1669216139964;
        Wed, 23 Nov 2022 07:08:59 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1669216139; cv=none;
        d=google.com; s=arc-20160816;
        b=KsGWOOE15TwiZMccYtaNPIZLNDA/e4bwkL9SXyrQJ3mL8ccbIiuFze4yezpWII3HYY
         LcdoiH2KUOb4vZNeqrf5J0j7QIr/8AItSks/i/kFoQ22dD45LPRYEWofRLDh8CHvvX4b
         9j82xQjAZJOZLJcQSW9bNxZ8Y8TYJxF6wV7Dt0Tuo46D9ZCrntyIiYvFoFyBz/zfQSs4
         9hpFT7ghJSOK0cH4b0H4CPvFxno/BQuQdoadYtIt/L1D0ceIC11LmsLFwsq2M9N3wbSs
         WQpl8hp+7UOA2ZnRliGHJVTmJNL+ETHOSoq2/+y5xxognTJv6nmSrud221eZdXtYqNuJ
         0+Wg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=mkrl1qYnEF0nV8h3riXI/pOVznkU+bfGO4ZhdA9IknQ=;
        b=t4egnfjsA8C0ReaROeWXj3l+4Qfn/srcDH2mvn+Ei6fNRjvOiodQVw/pcmgVqgtRof
         6bMjUzQZljCC9aVAHKerXOUZIez/rLTpWlbhlFDCPqY4NxvIUgpGfOpkmy3CjulXsMbF
         mp9Xg4y6BMXhVSWBdiQdsgN2lgpAOS73P7S580uwAlzCEnSGSd/ad3ES4SS6Q1+xYda5
         KP7m8eQGE8jYWcAQ6m+ZZDCH7wGXvqjFG59P1zauyclku6p9P09C1Lgvy4vPsZw6iVpU
         BlJ47Yq5LnJ64QD0uCpPkPEMqVy/7MP9kAcoXp1PKDaw5qTGfGb0P9ps3MX5bV5q0XHz
         z7iw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=0g5FXXZC;
       spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-wireless-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id pi14-20020a17090b1e4e00b0021812e71e68si2354998pjb.84.2022.11.23.07.08.47;
        Wed, 23 Nov 2022 07:08:59 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=0g5FXXZC;
       spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S237323AbiKWPFM (ORCPT <rfc822;ray.jantz@gmail.com> + 68 others);
        Wed, 23 Nov 2022 10:05:12 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40280 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235959AbiKWPFL (ORCPT
        <rfc822;linux-wireless@vger.kernel.org>);
        Wed, 23 Nov 2022 10:05:11 -0500
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C625D21AA;
        Wed, 23 Nov 2022 07:05:09 -0800 (PST)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 6242761D63;
        Wed, 23 Nov 2022 15:05:09 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3FA29C433C1;
        Wed, 23 Nov 2022 15:05:08 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1669215908;
        bh=B2ieTl57vrLj6dHchJgEC9dcze5oWG9C+goXxPF5SqM=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=0g5FXXZCC8LhG0Z5R5xKISTS656yCpFLisQI0FDcpbqrHIewFYMRDfqr0QvrIUKqS
         0dytqyrB3Xu0+54ZhF78G3qt22od7L0qoNpMofTHuz1lKNPd1Gf90ezjkS9NsX4hhp
         qmNu0RFrnMDNl1X2181dL+JJbwj+dMO41hmoFobU=
Date:   Wed, 23 Nov 2022 16:05:05 +0100
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     Johannes Berg <johannes@sipsolutions.net>
Cc:     linux-kernel@vger.kernel.org,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Jakub Kicinski <kuba@kernel.org>,
        Paolo Abeni <pabeni@redhat.com>, Kalle Valo <kvalo@kernel.org>,
        Oleksij Rempel <linux@rempel-privat.de>,
        Maciej =?utf-8?Q?=C5=BBenczykowski?= <maze@google.com>,
        Neil Armstrong <neil.armstrong@linaro.org>,
        Mauro Carvalho Chehab <mchehab@kernel.org>,
        Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>,
        Jacopo Mondi <jacopo@jmondi.org>,
        =?utf-8?Q?=C5=81ukasz?= Stelmach <l.stelmach@samsung.com>,
        Laurent Pinchart <laurent.pinchart@ideasonboard.com>,
        linux-usb@vger.kernel.org, netdev@vger.kernel.org,
        linux-wireless@vger.kernel.org,
        Ilja Van Sprundel <ivansprundel@ioactive.com>,
        Joseph Tartaro <joseph.tartaro@ioactive.com>
Subject: Re: [PATCH] USB: disable all RNDIS protocol drivers
Message-ID: <Y342oUJu9CFHNmlW@kroah.com>
References: <20221123124620.1387499-1-gregkh@linuxfoundation.org>
 <9b78783297db1ebb1a7cd922be7eef0bf33b75b9.camel@sipsolutions.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <9b78783297db1ebb1a7cd922be7eef0bf33b75b9.camel@sipsolutions.net>
X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-wireless.vger.kernel.org>
X-Mailing-List: linux-wireless@vger.kernel.org

On Wed, Nov 23, 2022 at 03:20:36PM +0100, Johannes Berg wrote:
> On Wed, 2022-11-23 at 13:46 +0100, Greg Kroah-Hartman wrote:
> > The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on
> > any system that uses it with untrusted hosts or devices.  Because the
> > protocol is impossible to make secure, just disable all rndis drivers to
> > prevent anyone from using them again.
> > 
> 
> Not that I mind disabling these, but is there any more detail available
> on this pretty broad claim? :)

I don't want to get into specifics in public any more than the above.

The protocol was never designed to be used with untrusted devices.  It
was created, and we implemented support for it, when we trusted USB
devices that we plugged into our systems, AND we trusted the systems we
plugged our USB devices into.  So at the time, it kind of made sense to
create this, and the USB protocol class support that replaced it had not
yet been released.

As designed, it really can not work at all if you do not trust either
the host or the device, due to the way the protocol works.  And I can't
see how it could be fixed if you wish to remain compliant with the
protocol (i.e. still work with Windows XP systems.)

Today, with untrusted hosts and devices, it's time to just retire this
protcol.  As I mentioned in the patch comments, Android disabled this
many years ago in their devices, with no loss of functionality.

thanks,

greg k-h