FS#57931 - [ndiswrapper][ndiswrapper-dkms] It's dead, please drop from the repos

Attached to Project: Community Packages
Opened by loqs (loqs) - Friday, 23 March 2018, 21:10 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:00 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Felix Yan (felixonmars)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
ndiswrapper includes assembler using an indirect call. The retpoline security feature of the kernel can be compromised by such calls.
As noted https://bbs.archlinux.org/viewtopic.php?pid=1774623#p1774623 by Rookie the driver ndiswrapper invokes could also do the same
or introduce other security issues.

Steps to reproduce:
build the ndiswrapper driver using a kernel containing https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=40693bd709b5f13365047a9b56f3adda690bc774
which include 4.14.27, 4.15.10+ and 4.16-rc4+

./tools/objtool/objtool orc generate --module --no-fp --retpoline "/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o";
/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o: warning: objtool: lin2win0()+0x8: indirect call found in RETPOLINE build
/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o: warning: objtool: lin2win1()+0xb: indirect call found in RETPOLINE build
/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o: warning: objtool: lin2win2()+0xb: indirect call found in RETPOLINE build
/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o: warning: objtool: lin2win3()+0xe: indirect call found in RETPOLINE build
/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o: warning: objtool: lin2win4()+0x11: indirect call found in RETPOLINE build
/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o: warning: objtool: lin2win5()+0x16: indirect call found in RETPOLINE build
/tmp/community/trunk/src/ndiswrapper-1.61/ndiswrapper/driver/lin2win.o: warning: objtool: lin2win6()+0x20: indirect call found in RETPOLINE build
it is detected seven times as the macro is expanded to seven functions
lin2win lin2win0, 0
lin2win lin2win1, 1
lin2win lin2win2, 2
lin2win lin2win3, 3
lin2win lin2win4, 4
lin2win lin2win5, 5
lin2win lin2win6, 6

Earlier kernels lack the detection pass but would still be vulnerable.
This task depends upon

Closed by  Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:00 GMT
Reason for closing:  Moved
Additional comments about closing:  https://gitlab.archlinux.org/archlinux/p ackaging/packages/ndiswrapper/issues/1
Comment by Toolybird (Toolybird) - Saturday, 15 April 2023, 02:06 GMT
Hey @loqs, is this still a thing? Does anyone still use ndiswrapper? Using Windows drivers just feels mighty unclean...yuck. No activity for 5 years so I'm inclined to close this due to lack of interest.
Comment by loqs (loqs) - Saturday, 15 April 2023, 02:41 GMT
@Toolybird the module no longer even builds with the current kernels. [1] is from a failed build using 6.2.11-arch1-1 and [2] using 6.1.24-1-lts from those outputs it has probably been broken since 5.15 which removed PCI_DMA_TODEVICE without anyone noticing. Fedora has already removed ndiswrapper and Debian is in the process of doing so.
Or would you rather I open a separate report to suggest ndiswrapper be dropped in the spring clean?

[1] make.log.1
[2] make.log.2
   make.log.1 (23.5 KiB)
   make.log.2 (23.5 KiB)
Comment by Toolybird (Toolybird) - Sunday, 16 April 2023, 00:13 GMT
Thank you @loqs. Let's just repurpose this ticket to propose it for the chop. It's clearly no longer useful and upstream is dead.
Comment by Buggy McBugFace (bugbot) - Tuesday, 08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2 years. Please reply if you still experience this bug otherwise this issue will be closed after 1 month.
Comment by loqs (loqs) - Wednesday, 09 August 2023, 13:50 GMT
Discussed issues are still present.

Loading...