Linux Preparing To Disable Drivers For Microsoft's RNDIS Protocol

With the next Linux kernel cycle we could see upstream disable their driver support for Microsoft's Remote Network Driver Interface Specification (RNDIS) protocol due to security concerns.

RNDIS is the proprietary protocol used atop USB for virtual Ethernet functionality. The support for RNDIS outside of Microsoft Windows has been mixed

See the Microsoft documentation if wanting to learn more about the RNDIS protocol.

RNDIS isn't widely used today in cross-platform environments and due to security concerns the upstream Linux kernel is looking to move the RNDIS kernel drivers behind the "BROKEN" Kconfig option so they effectively become disabled in future kernel builds.

Ultimately once marked as "BROKEN" for a while, the drivers will likely be eventually removed from the upstream source tree.

Greg Kroah-Hartman on Monday created the usb.git rndis-removal branch where he is disabling all the RNDIS protocol drivers.

The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all rndis drivers to prevent anyone from using them again.

Windows only needed this for XP and newer systems, Windows systems older than that can use the normal USB class protocols instead, which do not have these problems.

Android has had this disabled for many years so there should not be any real systems that still need this.

So it looks like Microsoft RNDIS support will be on the way out of the Linux kernel once that patch is submitted.