Howto Bring up USB RNDIS Network Interface?
All, I'm trying to bring up an RNDIS network interface for a milkV-duo (RaspberryPi Pico look-alike with 64M of RAM and risc processor). This is on 15.4 (yes, still there haven't had time to update). The device works fine on Win10 after installing the RNDIS driver and the network is created on 192.168.42.1. On plugging into 15.4, the RNDIS driver is built into the kernel and the board is recognized as RNDIS: Jan 04 22:02:10 wizard kernel: usb 2-1: new high-speed USB device number 8 using xhci_hcd Jan 04 22:02:10 wizard kernel: usb 2-1: New USB device found, idVendor=3346, idProduct=1009, bcdDevice= 5.10 Jan 04 22:02:10 wizard kernel: usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 Jan 04 22:02:10 wizard kernel: usb 2-1: Product: RNDIS Jan 04 22:02:10 wizard kernel: usb 2-1: Manufacturer: Cvitek Jan 04 22:02:10 wizard kernel: usb 2-1: SerialNumber: 0123456789 Jan 04 22:02:10 wizard mtp-probe[19275]: checking bus 2, device 8: "/sys/devices/pci0000:00/0000:00:1c.7/0000:26:00.0/usb2/2-1" Jan 04 22:02:10 wizard mtp-probe[19275]: bus: 2, device: 8 was not an MTP device Jan 04 22:02:11 wizard mtp-probe[19318]: checking bus 2, device 8: "/sys/devices/pci0000:00/0000:00:1c.7/0000:26:00.0/usb2/2-1" Jan 04 22:02:11 wizard mtp-probe[19318]: bus: 2, device: 8 was not an MTP device But that is where I'm stuck. Is there a howto on bringing a RNDIS network interface up somewhere? Do I need to modprobe additional drivers? Currently "ip addr" sees nothing, so there is no interface to bring up. What does "bus: 2, device: 8 was not an MTP device" mean and is that important? I've googled "milkv linux rndis" until I'm blue and haven't found a concise anything beyond RNDIS has to be enabled in the kernel -- which it looks to be. Am I'm missing something basic? -- David C. Rankin, J.D.,P.E.
Hello, In the Message; Subject : Howto Bring up USB RNDIS Network Interface? Message-ID : <3c487443-ac68-4524-8df8-a30bd3fd6bbf@suddenlinkmail.com> Date & Time: Thu, 4 Jan 2024 22:22:42 -0600 [DCR] == "David C. Rankin" <drankinatty@suddenlinkmail.com> has written: [...] DCR> I've googled "milkv linux rndis" until I'm blue and haven't DCR> found a concise anything beyond RNDIS has to be enabled in the DCR> kernel -- which it looks to be. Am I'm missing something basic? https://en.wikipedia.org/wiki/RNDIS#:~:text=In%202022%20it%20was%20suggested%20that,the%20presence%20of%20untrusted%20USB%20devices.&text=In%202022%20it%20was,of%20untrusted%20USB%20devices.&text=it%20was%20suggested%20that,the%20presence%20of%20untrusted says the following, though? In 2022 it was suggested that support for RNDIS should be removed from Linux, claiming that is inherently and uncorrectably insecure in the presence of untrusted USB devices. Kind Regards. --- ┏━━┓彡 野宮 賢 mail-to: nomiya @ lake.dti.ne.jp ┃\/彡 ┗━━┛ "Bill! You married with Computer. Not with Me!" "No....., with money."
On 05.01.2024 07:22, David C. Rankin wrote:
All,
I'm trying to bring up an RNDIS network interface for a milkV-duo (RaspberryPi Pico look-alike with 64M of RAM and risc processor). This is on 15.4 (yes, still there haven't had time to update).
The device works fine on Win10 after installing the RNDIS driver and the network is created on 192.168.42.1. On plugging into 15.4, the RNDIS driver is built into the kernel and the board is recognized as RNDIS:
Jan 04 22:02:10 wizard kernel: usb 2-1: new high-speed USB device number 8 using xhci_hcd Jan 04 22:02:10 wizard kernel: usb 2-1: New USB device found, idVendor=3346, idProduct=1009, bcdDevice= 5.10 Jan 04 22:02:10 wizard kernel: usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 Jan 04 22:02:10 wizard kernel: usb 2-1: Product: RNDIS Jan 04 22:02:10 wizard kernel: usb 2-1: Manufacturer: Cvitek Jan 04 22:02:10 wizard kernel: usb 2-1: SerialNumber: 0123456789 Jan 04 22:02:10 wizard mtp-probe[19275]: checking bus 2, device 8: "/sys/devices/pci0000:00/0000:00:1c.7/0000:26:00.0/usb2/2-1" Jan 04 22:02:10 wizard mtp-probe[19275]: bus: 2, device: 8 was not an MTP device Jan 04 22:02:11 wizard mtp-probe[19318]: checking bus 2, device 8: "/sys/devices/pci0000:00/0000:00:1c.7/0000:26:00.0/usb2/2-1" Jan 04 22:02:11 wizard mtp-probe[19318]: bus: 2, device: 8 was not an MTP device
But that is where I'm stuck. Is there a howto on bringing a RNDIS network interface up somewhere? Do I need to modprobe additional drivers? Currently "ip addr" sees nothing, so there is no interface to bring up. What does "bus: 2, device: 8 was not an MTP device" mean and is that important?
bor@leap15:~> grep -r rndis /lib/modprobe.d/ /lib/modprobe.d/50-blacklist-rndis.conf:blacklist rndis_wlan /lib/modprobe.d/50-blacklist-rndis.conf:blacklist usb_f_rndis /lib/modprobe.d/50-blacklist-rndis.conf:blacklist rndis_host bor@leap15:~>
I've googled "milkv linux rndis" until I'm blue and haven't found a concise anything beyond RNDIS has to be enabled in the kernel -- which it looks to be. Am I'm missing something basic?
On 1/5/24 09:47, Andrei Borzenkov wrote:
bor@leap15:~> grep -r rndis /lib/modprobe.d/ /lib/modprobe.d/50-blacklist-rndis.conf:blacklist rndis_wlan /lib/modprobe.d/50-blacklist-rndis.conf:blacklist usb_f_rndis /lib/modprobe.d/50-blacklist-rndis.conf:blacklist rndis_host bor@leap15:~>
Now we are getting somewhere: Jan 05 13:04:07 wizard systemd-udevd[555]: Network interface NamePolicy= disabled by default. Jan 05 13:04:07 wizard kernel: usbcore: registered new interface driver cdc_ether Jan 05 13:04:07 wizard kernel: rndis_host 2-1:1.0 usb0: register 'rndis_host' at usb-0000:26:00.0-1, RNDIS device, ae:3c:af:24:81:2a Jan 05 13:04:07 wizard kernel: usbcore: registered new interface driver rndis_host Jan 05 13:04:07 wizard (udev-worker)[32133]: Using default interface naming scheme 'sle15-sp4'. Jan 05 13:04:10 wizard ModemManager[8185]: <info> [base-manager] couldn't check support for device '/sys/devices/pci0000:00/0000:00:1c.7/0000:26:00.0/usb2/2-1': not supported by any plugin Jan 05 13:04:45 wizard kernel: usbcore: registered new interface driver rndis_wlan # ip addr show <snip> 5: usb0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 02:6e:d1:61:cf:69 brd ff:ff:ff:ff:ff:ff altname enp38s0u1 The milkv board is running dnsmasq-dhcpd and should provide an address to Leap. How do I bring that up so I can connect via ssh. The host address for the milkv is 192.168.42.1. It usually hands out 192.168.42.135 to the host and you connect via ssh 192.168.42.1. Do I need to add a route? Is this something I can check on windows (where it works fine) and get the route -- no clue on the windows side. Thanks Adnrei! -- David C. Rankin, J.D.,P.E.
On 1/5/24 13:10, David C. Rankin wrote:
# ip addr show <snip> 5: usb0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000 link/ether 02:6e:d1:61:cf:69 brd ff:ff:ff:ff:ff:ff altname enp38s0u1
The milkv board is running dnsmasq-dhcpd and should provide an address to Leap. How do I bring that up so I can connect via ssh. The host address for the milkv is 192.168.42.1. It usually hands out 192.168.42.135 to the host and you connect via ssh 192.168.42.1.
Do I need to add a route? Is this something I can check on windows (where it works fine) and get the route -- no clue on the windows side.
Okay, I got it. But I need to know what command to issue. I used YAST to set up the device via dhcpcd and it did what it was supposed to do: Jan 05 13:36:01 wizard wickedd-dhcp4[1543]: usb0: Committed DHCPv4 lease with address 192.168.42.132 (lease time 3598, renew in 1798 sec, rebind in 3148 sec) Jan 05 13:36:01 wizard avahi-daemon[954]: Joining mDNS multicast group on interface usb0.IPv4 with address 192.168.42.132. Jan 05 13:36:01 wizard avahi-daemon[954]: New relevant interface usb0.IPv4 for mDNS. Jan 05 13:36:01 wizard avahi-daemon[954]: Registering new address record for 192.168.42.132 on usb0.IPv4. Now I can ssh to the milkv board without issue: $ ssh root@192.168.42.1 The authenticity of host '192.168.42.1 (192.168.42.1)' can't be established. ECDSA key fingerprint is SHA256:g6CPVs3b/4xksBQDlSt+ALbsTwcYtfCkevA4XKCjEak. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.42.1' (ECDSA) to the list of known hosts. root@192.168.42.1's password: [00:23 milkv-duo:~] # l total 6 drwx------ 3 root root 1024 Jan 4 2024 . drwxr-xr-x 19 root root 1024 Jan 1 1970 .. -rw------- 1 root root 1968 Jan 1 00:23 .ash_history drwx------ 3 root root 1024 Jan 4 2024 .config -rw-r--r-- 1 root root 162 Jan 5 2024 .profile That's it, I'm in. The device just runs busybox and I've configured a normal user for login as well. What commands would I use from the terminal to do the same thing Yast just did when I edited the device and told it to use dhcpcd to get an address? -- David C. Rankin, J.D.,P.E.
Hello, In the Message; Subject : Re: Howto Bring up USB RNDIS Network Interface? Message-ID : <51ef4f29-ca34-4e9b-81a2-ddf1e8e8c06b@suddenlinkmail.com> Date & Time: Fri, 5 Jan 2024 13:42:36 -0600 [DCR] == "David C. Rankin" <drankinatty@suddenlinkmail.com> has written: [...] DCR> That's it, I'm in. The device just runs busybox and I've DCR> configured a normal user for login as well. DCR> What commands would I use from the terminal to do the same DCR> thing Yast just did when I edited the device and told it to use DCR> dhcpcd to get an address? David. Please have a look; https://www.phoronix.com/news/Linux-Disable-RNDIS-Drivers Best Regards. --- ┏━━┓彡 野宮 賢 mail-to: nomiya @ lake.dti.ne.jp ┃\/彡 ┗━━┛ "Companies have come to view generative AI as a kind of monster that must be fed at all costs―even if it isn’t always clear what exactly that data is needed for or what those future AI systems might end up doing." -- Generative AI Is Making Companies Even More Thirsty for Your Data --
On 1/5/24 18:09, Masaru Nomiya wrote:
David. Please have a look;
Yes, yes, thanks Masaru, I know that RNDIS is scheduled for removal due to all the insecure USB devices out there, but that begs the question... What are embedded developers supposed to do for the devices like the milkv-duo that are supposed to connect via RNDIS? Just because SOME devices may be insecure does not mean ALL devices are that way. This is a bad deal for embedded developers in this situation. It's a "works on windows" but not Linux self-inflicted wound. Now there is a $9 workaround for the milkv-duo where you can buy an ethernet/USB IO breakout that will use tcp/ip directly and avoid RNDIS, but that is a workaround. Soldering in pins for a serial connection is no substitute for being able to attach to the device over RNDIS. Were I to use the box in a public place, then disabling RNDIS would make sense, but using RNDIS for it intended purpose with the USB device I have is really the only option. -- David C. Rankin, J.D.,P.E.
Hello, In the Message; Subject : Re: Howto Bring up USB RNDIS Network Interface? Message-ID : <19cff357-ea4d-4c59-b55c-eda76c67fd62@suddenlinkmail.com> Date & Time: Fri, 5 Jan 2024 18:25:25 -0600 [DCR] == "David C. Rankin" <drankinatty@suddenlinkmail.com> has written: DCR> On 1/5/24 18:09, Masaru Nomiya wrote: MN> > David. MN> > Please have a look; MN> > MN> > https://www.phoronix.com/news/Linux-Disable-RNDIS-Drivers MN> > DCR> Yes, yes, thanks Masaru, I know that RNDIS is scheduled for DCR> removal due to all the insecure USB devices out there, but that DCR> begs the question... [...] DCR> Were I to use the box in a public place, then disabling RNDIS DCR> would make sense, but using RNDIS for it intended purpose with DCR> the USB device I have is really the only option. Oh yeah ... I've been using a USB dongle for a long time too, because I was told to use it if I didn't have a cell phone. I can understand why so many users are upset because kernel developper doesn't offer an alternative. BTW, I checked the kernel I have at hand, kernel 6.6.9, still has rndis support. Are you working with removing /usr/lib/modprobe.d/50-blacklist-rndis.conf? Kind Regards. --- ┏━━┓彡 野宮 賢 mail-to: nomiya @ lake.dti.ne.jp ┃\/彡 ┗━━┛ "Maddox hopes that empowering users to pick their own algorithms will get them to think more about what’s involved in making them. " -- Bluesky's Custom Algorithms Could Be the Future of Social Media --
On 1/5/24 19:53, Masaru Nomiya wrote:
Are you working with removing /usr/lib/modprobe.d/50-blacklist-rndis.conf?
Yes, that is what I did, and the interface showed right up as a network interface. All I did then was go into Yast and configure the interface to use dhcp to get an address from the milkV-duo board instead of trying to assign one. Presto it started working. I got the Enternet/USB IO-Board https://milkv.io/docs/duo/io-board/usb-ethernet-iob and this frees me from having to use RNDIS, once the ethernet is connected on the LAN, the milkv-board gets its IP address from the dhcp server on the local subnet. So then it's just like ssh'ing into any other box on the LAN. Running busybox, it even calls ntpd to set the RTC on the board. The only thing it doesn't do is offer its hostname during the dhcp handshake so I'll have to figure out if I can make busybox do that. But getting the IO Board is a workaround. For those developers or students that don't get the IOB, they are required to use RNDIS -- so it seems like there should be another protocol or update to the existing RNDIS code to fix it and make it more secure rather than simply "Throwing the baby out with the bathwater" so to speak... For a $6 computer and $9 IOB, this little milkV-duo is quite a board. 1GHz Risc processor, 64MB RAM, plus the camera-port and micro-SD bay plus all the low-level normal embedded protocols, UART, i2c, SPI, PWM, ADC, and on and on -- it's a fun little board. It will also run Alpine or Archlinux or a stripped down openSUSE. I've got a 32G SD card in it holding the flashed image and I can partition the rest with fdisk for /home and the rest. -- David C. Rankin, J.D.,P.E.
participants (4)
-
Andrei Borzenkov -
David C. Rankin -
David C. Rankin -
Masaru Nomiya