RNDIS

Last updated

The Remote Network Driver Interface Specification (RNDIS) is a Microsoft proprietary protocol used mostly on top of USB. [1] It provides a virtual Ethernet link to most versions of the Windows, Linux, and FreeBSD operating systems. Multiple revisions of a partial RNDIS specification are available from Microsoft, but Windows implementations have been observed to issue requests not included in that specification, and to have undocumented constraints. [2]

Contents

The protocol is tightly coupled to Microsoft's programming interfaces and models, most notably the Network Driver Interface Specification (NDIS), which are alien to operating systems other than Windows. This complicates implementing RNDIS on non-Microsoft operating systems,[ citation needed ] but Linux, [3] FreeBSD, [4] NetBSD [5] and OpenBSD [6] implement RNDIS natively.

The USB Implementers Forum (USB-IF) defines at least three non-proprietary USB communications device class (USB CDC) protocols with comparable "virtual Ethernet" functionality; one of them (CDC-ECM) predates RNDIS and is widely used for interoperability with non-Microsoft operating systems, but does not work with Windows.

Most versions of Android include RNDIS USB functionality. For example, Samsung smartphones have the capability and use RNDIS over USB to operate as a virtual Ethernet card that will connect the host PC to the mobile or Wi-Fi network in use by the phone, effectively working as a mobile broadband modem or a wireless card, for mobile hotspot tethering. [7]

Controversy

In 2022 it was suggested that support for RNDIS should be removed from Linux, claiming that is inherently and uncorrectably insecure in the presence of untrusted USB devices. [8] Although the claims said that Android have removed RNDIS "for years", most if not all Android devices released before 2024, with the exception of Google Pixel 6 and newer, are still using RNDIS in order to keep the driver-free experience with older systems such as Windows 7. [9] [10]

See also

Related Research Articles

DECnet is a suite of network protocols created by Digital Equipment Corporation. Originally released in 1975 in order to connect two PDP-11 minicomputers, it evolved into one of the first peer-to-peer network architectures, thus transforming DEC into a networking powerhouse in the 1980s. Initially built with three layers, it later (1982) evolved into a seven-layer OSI-compliant networking protocol.

<span class="mw-page-title-main">UEFI</span> Technical specification for firmware architecture

Unified Extensible Firmware Interface is a specification for the firmware architecture of a computing platform. When a computer is powered on, the UEFI-implementation is typically the first that runs, before starting the operating system. Examples include AMI Aptio, Phoenix SecureCore, TianoCore EDK II, InsydeH2O.

Filesystem in Userspace (FUSE) is a software interface for Unix and Unix-like computer operating systems that lets non-privileged users create their own file systems without editing kernel code. This is achieved by running file system code in user space while the FUSE module provides only a bridge to the actual kernel interfaces.

<span class="mw-page-title-main">USB mass storage device class</span> USB device class for drives

The USB mass storage device class is a set of computing communications protocols, specifically a USB Device Class, defined by the USB Implementers Forum that makes a USB device accessible to a host computing device and enables file transfers between the host and the USB device. To a host, the USB device acts as an external hard drive; the protocol set interfaces with a number of storage devices.

USB communications device class is a composite Universal Serial Bus device class.

<span class="mw-page-title-main">Linux kernel interfaces</span> An overview and comparison of the Linux kernel API and ABI.

The Linux kernel provides multiple interfaces to user-space and kernel-mode code that are used for varying purposes and that have varying properties by design. There are two types of application programming interface (API) in the Linux kernel:

  1. the "kernel–user space" API; and
  2. the "kernel internal" API.
<span class="mw-page-title-main">Free and open-source graphics device driver</span> Software that controls computer-graphics hardware

A free and open-source graphics device driver is a software stack which controls computer-graphics hardware and supports graphics-rendering application programming interfaces (APIs) and is released under a free and open-source software license. Graphics device drivers are written for specific hardware to work within a specific operating system kernel and to support a range of APIs used by applications to access the graphics hardware. They may also control output to the display if the display driver is part of the graphics hardware. Most free and open-source graphics device drivers are developed by the Mesa project. The driver is made up of a compiler, a rendering API, and software which manages access to the graphics hardware.

Advanced Configuration and Power Interface (ACPI) is an open standard that operating systems can use to discover and configure computer hardware components, to perform power management, auto configuration, and status monitoring. It was first released in December 1996. ACPI aims to replace Advanced Power Management (APM), the MultiProcessor Specification, and the Plug and Play BIOS (PnP) Specification. ACPI brings power management under the control of the operating system, as opposed to the previous BIOS-centric system that relied on platform-specific firmware to determine power management and configuration policies. The specification is central to the Operating System-directed configuration and Power Management (OSPM) system. ACPI defines hardware abstraction interfaces between the device's firmware, the computer hardware components, and the operating systems.

<span class="mw-page-title-main">NDISwrapper</span> Driver wrapper for Windows devices used on Linux

NDISwrapper is a free software driver wrapper that enables the use of Windows XP network device drivers on Linux operating systems. NDISwrapper works by implementing the Windows kernel and NDIS APIs and dynamically linking Windows network drivers to this implementation. As a result, it only works on systems based on the instruction set architectures supported by Windows, namely IA-32 and x86-64.

Monitor mode, or RFMON mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received on a wireless channel. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first. Monitor mode only applies to wireless networks, while promiscuous mode can be used on both wired and wireless networks. Monitor mode is one of the eight modes that 802.11 wireless adapter can operate in: Master, Managed, Ad hoc, Repeater, Mesh, Wi-Fi Direct, TDLS and Monitor mode.

In the context of free and open-source software, proprietary software only available as a binary executable is referred to as a blob or binary blob. The term usually refers to a device driver module loaded into the kernel of an open-source operating system, and is sometimes also applied to code running outside the kernel, such as system firmware images, microcode updates, or userland programs. The term blob was first used in database management systems to describe a collection of binary data stored as a single entity.

Ethernet over USB is the use of a USB link as a part of an Ethernet network, resulting in an Ethernet connection over USB.

exFAT is a file system introduced by Microsoft in 2006 and optimized for flash memory such as USB flash drives and SD cards. exFAT was proprietary until 28 August 2019, when Microsoft published its specification. Microsoft owns patents on several elements of its design.

A Bluetooth stack is software that is an implementation of the Bluetooth protocol stack.

The USB video device class is a USB device class that describes devices capable of streaming video like webcams, digital camcorders, transcoders, analog video converters and still-image cameras.

Operating system Wi-Fi support is defined as the facilities an operating system may include for Wi-Fi networking. It usually consists of two pieces of software: device drivers, and applications for configuration and management.

<span class="mw-page-title-main">Network block device</span> Network storage protocol

On Linux, network block device (NBD) is a network protocol that can be used to forward a block device from one machine to a second machine. As an example, a local machine can access a hard disk drive that is attached to another computer.

<span class="mw-page-title-main">IEEE 1394</span> Serial bus interface standard, also known as Firewire

IEEE 1394 is an interface standard for a serial bus for high-speed communications and isochronous real-time data transfer. It was developed in the late 1980s and early 1990s by Apple in cooperation with a number of companies, primarily Sony and Panasonic. It is most commonly known by the name FireWire (Apple), though other brand names exist such as i.LINK (Sony), and Lynx.

<span class="mw-page-title-main">USB Attached SCSI</span> Computer protocol for running the SCSI command set over USB for storage drives

USB Attached SCSI (UAS) or USB Attached SCSI Protocol (UASP) is a computer protocol used to move data to and from USB storage devices such as hard drives (HDDs), solid-state drives (SSDs), and thumb drives. UAS depends on the USB protocol, and uses the standard SCSI command set. Use of UAS generally provides faster transfers compared to the older USB Mass Storage Bulk-Only Transport (BOT) drivers.

NVM Express (NVMe) or Non-Volatile Memory Host Controller Interface Specification (NVMHCIS) is an open, logical-device interface specification for accessing a computer's non-volatile storage media usually attached via the PCI Express bus. The initial NVM stands for non-volatile memory, which is often NAND flash memory that comes in several physical form factors, including solid-state drives (SSDs), PCIe add-in cards, and M.2 cards, the successor to mSATA cards. NVM Express, as a logical-device interface, has been designed to capitalize on the low latency and internal parallelism of solid-state storage devices.

References

  1. "MS-RNDIS Remote Network Driver Interface Specification (RNDIS) Protocol, revision 5.0" (PDF). Microsoft Corporation. May 1, 2014. Retrieved March 11, 2022.
  2. See, for example, comments in the host-side Linux implementation
  3. "kernel/git/torvalds/linux.git - Linux kernel source tree". git.kernel.org.
  4. "[base] Revision 261541". svnweb.freebsd.org.
  5. "'CVS commit: src/sys/dev/usb' - MARC". marc.info.
  6. "'CVS: cvs.openbsd.org: src' - MARC". marc.info.
  7. "Galaxy S9 Tactical Edition support RNDIS protocol" (PDF).
  8. "USB: disable all RNDIS protocol drivers".
  9. "Linux Still Working To Disable RNDIS Drivers In 2024 - Phoronix Forums Page 2". 19 February 2024.
  10. "Linux Preparing To Disable Drivers For Microsoft's RNDIS Protocol - Phoronix Forums". 10 January 2023.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.