Linux To Try Again To Disable All RNDIS Protocol Drivers

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Namelesswonder
    replied
    Originally posted by Snaipersky View Post

    I would heavily suggest you put this on the making list, then.
    GKH doesn't care. Last time it came up on the mailing list any objections to this disabling hardware were either ignored or contended that there is no solution to the problem so it should be disabled anyway. Quoting my post from the last time this came up on Phoronix:

    Originally posted by Namelesswonder View Post
    This is going to prevent the use of many USB modems and tethering from the overwhelmingly vast majority of Android phones.

    As it stands, currently the only phones that don't use RNDIS and instead use CDC NCM are the Pixel 6 and 7 lines of phones.
    Android hasn't "had this disabled for many years", there are "real systems" that rely on RNDIS: it's over 99% of Android devices.
    It's still the protocol chosen by vendors as it's the lowest common denominator. The Android developers haven't made any moves to remove or revise supported configurations so devices that are launching with Android 14 can still only implement RNDIS.

    My question is still the same as when the patch first hit the mailing list, what vulnerability is there that is so catastrophic the only solution is to slowly remove support for it while the ones still implementing it are left in the dark.
    Is it not possible to add the ability to not initialize the driver and USB interface if the device has not been trusted for that session? If it's going to be drummed on about untrusted devices being a vulnerability then why does the USB subsystem automatically trust them.

    And there still has been no response to the issues or questions brought up by the sole person that NACKed the patch, the Google network developer. If it's going to be forced through anyway then why were the incorrect statements not removed or revised.

    In the end distributions are still going to be building kernels with it, as plenty of users rely on it as the sole method of internet connection.
    ​The Google network engineer correctly asserted that many Android devices still only use the RNDIS gadget and thus require the RNDIS driver on the host in order for USB tethering to function, and that Android hasn't had this disabled and it's entirely on what the SoC vendor supports. GKH continues to ignore this and assumes Android has ceased using it, which is not true.

    I don't know the currently supported protocols on recent phones like the Galaxy S23, but new Android phones are still a small drop in the bucket of billions of older Android devices.

    As I said last time we're probably going to see distributions continue to use RNDIS and just revert the patch if it does make it in, as it would be a very breaking change for users relying on RNDIS to update and then have no internet and no recourse.
    ​

    Leave a comment:


  • Snaipersky
    replied
    Originally posted by Hi-Angel View Post

    I am not sure where did he get this information from but I just tested USB-tethering on my phone and `rndis_host` module gets loaded on my laptop. And my phone ain't old, it is Ulefone Power 5 which was first released at 2018 and I personally bought it around 2020.

    So yeah, modern phones still require this support πŸ€·β€β™‚οΈ
    I would heavily suggest you put this on the making list, then.

    Leave a comment:


  • Hi-Angel
    replied
    Originally posted by Greg
    Android has had this disabled for many years so there should not be any real systems that still need this
    I am not sure where did he get this information from but I just tested USB-tethering on my phone and `rndis_host` module gets loaded on my laptop. And my phone ain't old, it is Ulefone Power 5 which was first released at 2018 and I personally bought it around 2020.

    So yeah, modern phones still require this support πŸ€·β€β™‚οΈ

    Leave a comment:


  • phoronix
    started a topic Linux To Try Again To Disable All RNDIS Protocol Drivers

    Linux To Try Again To Disable All RNDIS Protocol Drivers

    Phoronix: Linux To Try Again To Disable All RNDIS Protocol Drivers

    Several months back was work to disable all Microsoft Remote Network Driver Interface Specification (RNDIS) drivers in the Linux kernel on the basis of being insecure and other factors. That plan of disabling the RNDIS drivers was faced by opposition around concerns of potentially disrupting USB tethering support and the like. It's been months since hearing anything about updated plans for disabling or dropping the RNDIS drivers but the Git branch was updated today for disabling this class of drivers...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
Working...
X