Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp9436824rwl; Wed, 11 Jan 2023 05:49:14 -0800 (PST) X-Google-Smtp-Source: AMrXdXspFaHxSG932KQRk0tdu01QI8c6WyCBZVWs2RuuOMga6KP6bgl/YZGnWy7mn9+BOwJaWnzR X-Received: by 2002:a62:1d96:0:b0:575:e8c5:eb14 with SMTP id d144-20020a621d96000000b00575e8c5eb14mr68989346pfd.18.1673444954553; Wed, 11 Jan 2023 05:49:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673444954; cv=none; d=google.com; s=arc-20160816; b=pfH2oRE8WxMxeAsjUttWVlQLoojuN/a2Irz0v9A3hK5qZMcs/Au1NRH3etyLQKppWZ KSustixaFoohzT+PCSF20RKxUj7RYFpVMTZLWoNUqo1jeOcOXEoDSu7NCUg6D7MypaAc 9wwKV7XP1ml+THH9jWkULkVzxu7SX56uTlyqEYskMC++N9zrcz6QOW8BPWz12nVQ3RFQ NdOt6obJKJGIYCV1uw9IHLqFiG2g1kjex4S/d7fVNDXxyCoeBSFgPzR7FNia+XLGpNLr P39d9hEwIygwXSBD8tavyqJ93XxLauJfwDIpklsgnjsNIOk8mKwv5fYCelSms9pxkv7+ y8Yw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent:references:message-id :in-reply-to:subject:cc:to:from:date; bh=fyGFfa8p2nA1YJRrlQqhEJ58GL5Kn2pUoGA9aGVHXOI=; b=hsCy6y2z3GbkOlzSuh54fYoxq4UgBlXsS9nQh3rjpnmhROEpNAWP1Li6U2XzXPCDWe RImohf/DdDfozFEIG8Ky2nFPvJJb9DLTduqxYlOYfA8eEjMYxzeBrHOnFoLGTlhcjeTG xHTy1QkjMfiVWL+Er9EeuwTtIFxgh83OJjXbRHRiqxYW7EJLniJv7jkTImkVzGSrNy+4 PyQhbHHhPnEBYg07KBf7E2+++V2r+gBRKXu80DxuGitrSElDyzdqEGKyLSQDAF0upfyX koM4ejOZcUK+ti/f5MHfGwCNcOp+mGuPDFyg9MJx1Q2bGFIOXBvAsnKQXuxLpHeScye4 bpPQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j12-20020a056a00174c00b00580d9a62ab8si5748099pfc.184.2023.01.11.05.49.02; Wed, 11 Jan 2023 05:49:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238931AbjAKNkv (ORCPT + 66 others); Wed, 11 Jan 2023 08:40:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32998 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239317AbjAKNkH (ORCPT ); Wed, 11 Jan 2023 08:40:07 -0500 Received: from a3.inai.de (a3.inai.de [IPv6:2a01:4f8:10b:45d8::f5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2F661BC9C; Wed, 11 Jan 2023 05:38:05 -0800 (PST) Received: by a3.inai.de (Postfix, from userid 25121) id 8F7A7586A6705; Wed, 11 Jan 2023 14:38:04 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by a3.inai.de (Postfix) with ESMTP id 8EAB9616497A1; Wed, 11 Jan 2023 14:38:04 +0100 (CET) Date: Wed, 11 Jan 2023 14:38:04 +0100 (CET) From: Jan Engelhardt To: Greg Kroah-Hartman cc: linux-kernel@vger.kernel.org, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Kalle Valo , Oleksij Rempel , =?UTF-8?Q?Maciej_=C5=BBenczykowski?= , Neil Armstrong , Mauro Carvalho Chehab , Andrzej Pietrasiewicz , Jacopo Mondi , =?UTF-8?Q?=C5=81ukasz_Stelmach?= , Laurent Pinchart , linux-usb@vger.kernel.org, netdev@vger.kernel.org, linux-wireless@vger.kernel.org, Ilja Van Sprundel , Joseph Tartaro Subject: Re: [PATCH] USB: disable all RNDIS protocol drivers In-Reply-To: <20221123124620.1387499-1-gregkh@linuxfoundation.org> Message-ID: References: <20221123124620.1387499-1-gregkh@linuxfoundation.org> User-Agent: Alpine 2.25 (LSU 592 2021-09-18) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org On Wednesday 2022-11-23 13:46, Greg Kroah-Hartman wrote: > >The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on >any system that uses it with untrusted hosts or devices. Because the >protocol is impossible to make secure, just disable all rndis drivers to >prevent anyone from using them again. > >Windows only needed this for XP and newer systems, Windows systems older >than that can use the normal USB class protocols instead, which do not >have these problems. In other news, someone just proposed adding "RNDIS" things to UEFI, so now the security problem is added right back into machines but at another layer?! https://edk2.groups.io/g/devel/topic/patch_1_3/95531719