diff options
| author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-11-23 13:40:35 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-03-25 14:05:10 +0100 |
| commit | c97ce1438f9aed84551eac5a4519112b2edd06c6 (patch) | |
| tree | cad23d029599bcbe95b11998f4ad76984bec75d3 | |
| parent | 4cece764965020c22cff7665b18a012006359095 (diff) | |
| download | usb-rndis-removal.tar.gz | |
USB: disable all RNDIS protocol driversrndis-removal
The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on
any system that uses it with untrusted hosts or devices. Because the
protocol is impossible to make secure, just disable all rndis drivers to
prevent anyone from using them again.
Windows only needed this for XP and newer systems, Windows systems older
than that can use the normal USB class protocols instead, which do not
have these problems.
Android has had this disabled for many years so there should not be any
real systems that still need this.
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Kalle Valo <kvalo@kernel.org>
Cc: Oleksij Rempel <linux@rempel-privat.de>
Cc: "Maciej Żenczykowski" <maze@google.com>
Cc: Neil Armstrong <neil.armstrong@linaro.org>
Cc: Mauro Carvalho Chehab <mchehab@kernel.org>
Cc: Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>
Cc: Jacopo Mondi <jacopo@jmondi.org>
Cc: "Łukasz Stelmach" <l.stelmach@samsung.com>
Cc: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Cc: linux-usb@vger.kernel.org
Cc: netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: linux-wireless@vger.kernel.org
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reported-by: Joseph Tartaro <joseph.tartaro@ioactive.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | drivers/net/usb/Kconfig | 1 | ||||
| -rw-r--r-- | drivers/usb/gadget/Kconfig | 4 | ||||
| -rw-r--r-- | drivers/usb/gadget/legacy/Kconfig | 3 |
3 files changed, 5 insertions, 3 deletions
diff --git a/drivers/net/usb/Kconfig b/drivers/net/usb/Kconfig index 3c360d4f06352e..110f37ee69d04c 100644 --- a/drivers/net/usb/Kconfig +++ b/drivers/net/usb/Kconfig @@ -402,6 +402,7 @@ config USB_NET_MCS7830 config USB_NET_RNDIS_HOST tristate "Host for RNDIS and ActiveSync devices" depends on USB_USBNET + depends on BROKEN select USB_NET_CDCETHER help This option enables hosting "Remote NDIS" USB networking links, diff --git a/drivers/usb/gadget/Kconfig b/drivers/usb/gadget/Kconfig index 566ff0b1282a82..a1d14fb7c2bb0b 100644 --- a/drivers/usb/gadget/Kconfig +++ b/drivers/usb/gadget/Kconfig @@ -183,9 +183,6 @@ config USB_F_EEM config USB_F_SUBSET tristate -config USB_F_RNDIS - tristate - config USB_F_MASS_STORAGE tristate @@ -302,6 +299,7 @@ config USB_CONFIGFS_RNDIS bool "RNDIS" depends on USB_CONFIGFS depends on NET + depends on BROKEN select USB_U_ETHER select USB_F_RNDIS help diff --git a/drivers/usb/gadget/legacy/Kconfig b/drivers/usb/gadget/legacy/Kconfig index 0a7b382fbe27c9..03d6da63edf795 100644 --- a/drivers/usb/gadget/legacy/Kconfig +++ b/drivers/usb/gadget/legacy/Kconfig @@ -153,6 +153,7 @@ config USB_ETH config USB_ETH_RNDIS bool "RNDIS support" depends on USB_ETH + depends on BROKEN select USB_LIBCOMPOSITE select USB_F_RNDIS default y @@ -247,6 +248,7 @@ config USB_FUNCTIONFS_ETH config USB_FUNCTIONFS_RNDIS bool "Include configuration with RNDIS (Ethernet)" depends on USB_FUNCTIONFS && NET + depends on BROKEN select USB_U_ETHER select USB_F_RNDIS help @@ -427,6 +429,7 @@ config USB_G_MULTI config USB_G_MULTI_RNDIS bool "RNDIS + CDC Serial + Storage configuration" depends on USB_G_MULTI + depends on BROKEN select USB_F_RNDIS default y help |