Linux To Try Again To Disable All RNDIS Protocol Drivers

Written by Michael Larabel in Hardware on 1 October 2023 at 02:52 PM EDT. 43 Comments
HARDWARE
Several months back was work to disable all Microsoft Remote Network Driver Interface Specification (RNDIS) drivers in the Linux kernel on the basis of being insecure and other factors. That plan of disabling the RNDIS drivers was faced by opposition around concerns of potentially disrupting USB tethering support and the like. It's been months since hearing anything about updated plans for disabling or dropping the RNDIS drivers but the Git branch was updated today for disabling this class of drivers.

Remote Network Driver Interface Specification is the Microsoft specification built atop USB for providing a virtual Ethernet link on Windows and has been used by Linux and Android as well as other platforms too.

USB RNDIS removal patch updated


Greg Kroah-Hartman this morning updated the USB.git's rndis-removal Git branch. The lone new patch in the rndis-removal branch is for disabling all of these drivers. The patch makes all of these RNDIS drivers depend on "BROKEN" so it becomes clear to the user or the one building the Linux kernel that the drivers are broken and won't build. This is stopping short of immediately flushing out the driver source code from the Linux kernel tree. But if this patch is in the mainline Linux kernel for a cycle or two and no serious objections are raised, it's possible at that point the change would come of actually removing all of the driver sources from the kernel tree. Otherwise it's just as easy to revert this patch with the "BROKEN" disabling.

The patch continues to summarize the reasoning for disabling all the RNDIS drivers as:
"The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all rndis drivers to prevent anyone from using them again.

Windows only needed this for XP and newer systems, Windows systems older than that can use the normal USB class protocols instead, which do not have these problems.

Android has had this disabled for many years so there should not be any real systems that still need this."

We'll see if Greg KH ends up submitting this as part of the USB changes for the Linux 6.7 kernel merge window.
43 Comments
Related News
Polychromatic 0.9 OpenRazer GUI Frontend Released With Port To PyQt6
Framework Raises $18M In New Funding, More Collaborations Coming With Cooler Master
Reverse Engineered MSI WMI Platform Driver Being Worked On For Linux
udev-hid-bpf To Help Enable HID-BPF Use Rather Than Kernel Drivers To Fix HID Hardware
Rockchip NPU Open-Source Driver Taking Shape, Will Aim For Upstream Accel Driver
TUXEDO Computers Launches First Linux Laptop With AMD Ryzen 7 8845HS
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
Godot's Vulkan Backend Seeing Better Performance, 10~20% Reduction In Frame Times
GNOME Working To Make Key Rack A Viable Password Manager, Better Printing For Flatpaks
Systemd 256-rc1 Brings A Huge Number Of New Features