linux-wireless.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Oliver Neukum <oneukum@suse.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Johannes Berg <johannes@sipsolutions.net>
Cc: "Oliver Neukum" <oneukum@suse.com>,
	"Enrico Mioso" <mrkiko.rs@gmail.com>,
	"Jan Engelhardt" <jengelh@inai.de>,
	linux-kernel@vger.kernel.org,
	"David S. Miller" <davem@davemloft.net>,
	"Eric Dumazet" <edumazet@google.com>,
	"Jakub Kicinski" <kuba@kernel.org>,
	"Paolo Abeni" <pabeni@redhat.com>,
	"Kalle Valo" <kvalo@kernel.org>,
	"Oleksij Rempel" <linux@rempel-privat.de>,
	"Maciej Żenczykowski" <maze@google.com>,
	"Neil Armstrong" <neil.armstrong@linaro.org>,
	"Mauro Carvalho Chehab" <mchehab@kernel.org>,
	"Andrzej Pietrasiewicz" <andrzejtp2010@gmail.com>,
	"Jacopo Mondi" <jacopo@jmondi.org>,
	"Łukasz Stelmach" <l.stelmach@samsung.com>,
	"Laurent Pinchart" <laurent.pinchart@ideasonboard.com>,
	linux-usb@vger.kernel.org, netdev@vger.kernel.org,
	linux-wireless@vger.kernel.org,
	"Ilja Van Sprundel" <ivansprundel@ioactive.com>,
	"Joseph Tartaro" <joseph.tartaro@ioactive.com>
Subject: Re: [PATCH] USB: disable all RNDIS protocol drivers
Date: Thu, 13 Jul 2023 10:33:28 +0200	[thread overview]
Message-ID: <de77578f-a783-a241-3ef5-e74f49029bb5@suse.com> (raw)
In-Reply-To: <2023071333-wildly-playroom-878b@gregkh>



On 13.07.23 07:34, Greg Kroah-Hartman wrote:
> On Thu, Jul 13, 2023 at 02:28:26AM +0200, Johannes Berg wrote:
>> On Wed, 2023-07-12 at 18:39 +0200, Greg Kroah-Hartman wrote:

Hi,
  
>> All we said is that your statement of "RNDIS is fundamentally unfixable"
>> doesn't make a lot of sense. If this were the case, all USB drivers
>> would have to "trust the other side" as well, right?
> 
> No, well, yes.  See the zillion patches we have had to apply to the
> kernel over the years when someone decided that "usb devices are not to
> be trusted" that syzbot has helped find :)

Well, there are protocols that are in a sense unfixable. Like,
hypothetical example, you allow the execution of postscript code.
Hence it is kind of important to keep that distinction.

Yes, our attitude here is inconsistent. With the advent of Thunderbolt
we should have gone through all PCI drivers and audited them for things
malicious devices can do.
However, we can wait for Pandora for the purpose of this discussion.

> It's not a DMA issue here, it's a "the protocol allows for buffer
> overflows and does not seem to be able to be verified to prevent this"
> from what I remember (it's been a year since I looked at this last,
> details are hazy.)  At the time, I didn't see a way that it could be
> fixed, hence this patch.

That makes sort of sense, but still leaves us with the option of verifying
each memcopy for being within allowed buffers.

Now, by no means let me stop you from getting into your supervillain outfit
and write exploits. But just telling us the rest of the issues would do, though
not as well.

	Regards
		Oliver

  reply	other threads:[~2023-07-13  8:39 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-23 12:46 [PATCH] USB: disable all RNDIS protocol drivers Greg Kroah-Hartman
2022-11-23 14:20 ` Johannes Berg
2022-11-23 15:05   ` Greg Kroah-Hartman
2022-11-23 16:27     ` Johannes Berg
2023-01-10 22:47       ` James Hilliard
2022-11-23 15:21 ` Kalle Valo
2022-11-23 18:29 ` Jakub Kicinski
2022-11-23 20:27 ` Maciej Żenczykowski
2023-01-11 13:38 ` Jan Engelhardt
2023-01-11 14:56   ` Greg Kroah-Hartman
2023-07-03 21:11   ` Enrico Mioso
2023-07-04  6:47     ` Greg Kroah-Hartman
2023-07-12  9:22       ` Oliver Neukum
2023-07-12 13:00         ` Johannes Berg
2023-07-12 16:39           ` Greg Kroah-Hartman
2023-07-13  0:28             ` Johannes Berg
2023-07-13  5:34               ` Greg Kroah-Hartman
2023-07-13  8:33                 ` Oliver Neukum [this message]
2023-07-13  9:49                   ` Maciej Żenczykowski
2023-07-13 12:21                 ` Johannes Berg
2023-07-13  5:21       ` Mauro Carvalho Chehab
2022-11-23 15:40 Nicolas Cavallari
2022-11-23 15:55 ` Greg Kroah-Hartman
2022-11-24  0:58 ` Lars Melin
2022-11-29 22:48 ` Dan Williams

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=de77578f-a783-a241-3ef5-e74f49029bb5@suse.com \
    --to=oneukum@suse.com \
    --cc=andrzejtp2010@gmail.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=ivansprundel@ioactive.com \
    --cc=jacopo@jmondi.org \
    --cc=jengelh@inai.de \
    --cc=johannes@sipsolutions.net \
    --cc=joseph.tartaro@ioactive.com \
    --cc=kuba@kernel.org \
    --cc=kvalo@kernel.org \
    --cc=l.stelmach@samsung.com \
    --cc=laurent.pinchart@ideasonboard.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-usb@vger.kernel.org \
    --cc=linux-wireless@vger.kernel.org \
    --cc=linux@rempel-privat.de \
    --cc=maze@google.com \
    --cc=mchehab@kernel.org \
    --cc=mrkiko.rs@gmail.com \
    --cc=neil.armstrong@linaro.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).