lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <e5a92f9c-2d56-00fc-5e01-56e7df8dc1c1@suse.com>
Date: Wed, 12 Jul 2023 11:22:17 +0200
From: Oliver Neukum <oneukum@...e.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
 Enrico Mioso <mrkiko.rs@...il.com>
Cc: Jan Engelhardt <jengelh@...i.de>, linux-kernel@...r.kernel.org,
 "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
 Kalle Valo <kvalo@...nel.org>, Oleksij Rempel <linux@...pel-privat.de>,
 Maciej Żenczykowski <maze@...gle.com>,
 Neil Armstrong <neil.armstrong@...aro.org>,
 Mauro Carvalho Chehab <mchehab@...nel.org>,
 Andrzej Pietrasiewicz <andrzejtp2010@...il.com>,
 Jacopo Mondi <jacopo@...ndi.org>, Łukasz Stelmach
 <l.stelmach@...sung.com>,
 Laurent Pinchart <laurent.pinchart@...asonboard.com>,
 linux-usb@...r.kernel.org, netdev@...r.kernel.org,
 linux-wireless@...r.kernel.org, Ilja Van Sprundel
 <ivansprundel@...ctive.com>, Joseph Tartaro <joseph.tartaro@...ctive.com>
Subject: Re: [PATCH] USB: disable all RNDIS protocol drivers



On 04.07.23 08:47, Greg Kroah-Hartman wrote:
> On Mon, Jul 03, 2023 at 11:11:57PM +0200, Enrico Mioso wrote:
>> Hi all!!
>>
>> I think the rndis_host USB driver might emit a warning in the dmesg, but disabling the driver wouldn't be a good idea.
>> The TP-Link MR6400 V1 LTE modem and also some ZTE modems integrated in routers do use this protocol.
>>
>> We may also distinguish between these cases and devices you might plug in - as they pose different risk levels.
> 
> Again, you have to fully trust the other side of an RNDIS connection,
> any hints on how to have the kernel determine that?

Greg,

it is a network protocol. So this statement is kind of odd.
Are you saying that there are RNDIS messages that cannot be verified
for some reason, that still cannot be disclosed?

	Regards
		Oliver

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ