Bug 214103

Summary: HCI_CHANNEL_USER sockets leave device running after exit
Product: Drivers Reporter: Peter Bigot (pab)
Component: BluetoothAssignee: linux-bluetooth (linux-bluetooth)
Status: NEW ---    
Severity: normal CC: tedd.an
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 5.11.0-7620-generic Subsystem:
Regression: No Bisected commit-id:
Attachments: code to reproduce behavior

Description Peter Bigot 2021-08-18 17:45:07 UTC 
Created attachment 298353 [details]
code to reproduce behavior

HCI_CHANNEL_USER is documented[1] as providing an exclusive (?[2]) Bluetooth socket channel for application use given CAP_NET_ADMIN. This channel type requires that the device be down when the socket is bound.  The device transitions to UP RUNNING as a side-effect of a successful binding.

When the socket is closed and the application exits, the device remains up and running.  It's unclear whether this is a bug or a feature; in any case it is not what somebody might expect, as it prevents the application from starting again without external action to bring the device back down.

Reproducing example attached, and command sequence below.

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.12&id=23500189d7e03a071f0746f43f2cce875a62c91c

[2]: https://bugzilla.kernel.org/show_bug.cgi?id=135431


tirzah[1050]$ sudo hciconfig hci0 down
tirzah[1051]$ hciconfig hci0
hci0:	Type: Primary  Bus: USB
	BD Address: A4:C3:F0:F2:23:E3  ACL MTU: 1021:4  SCO MTU: 96:6
	DOWN 
	RX bytes:64500 acl:0 sco:0 events:4125 errors:0
	TX bytes:650824 acl:0 sco:0 commands:3992 errors:0

tirzah[1052]$ gcc repro.c
tirzah[1053]$ sudo setcap cap_net_raw,cap_net_admin=ep ./a.out
tirzah[1054]$ getcap ./a.out
./a.out = cap_net_admin,cap_net_raw+ep
tirzah[1055]$ ./a.out 
opening device 0
dd=3; binding to user channel
bound to user channel; closing
closed
tirzah[1056]$ hciconfig hci0
hci0:	Type: Primary  Bus: USB
	BD Address: A4:C3:F0:F2:23:E3  ACL MTU: 1021:4  SCO MTU: 96:6
	UP RUNNING 
	RX bytes:65256 acl:0 sco:0 events:4180 errors:0
	TX bytes:653053 acl:0 sco:0 commands:4047 errors:0

tirzah[1057]$
Comment 1 Tedd An 2021-08-23 20:35:55 UTC 
If the Bluetooth daemon is running, try it after stop/disable the daemon.

If the bluetoothd is required, there is a "AutoEnable" option in /etc/bluetooth/main.conf. Change the value to false, and restart the daemon.

It will prevent the HCI interface from enabling after socket close.

Regards,
Tedd
Comment 2 Peter Bigot 2021-08-23 20:39:34 UTC 
Looks like that explains it.  Oddly /etc/bluetooth/main.conf has AutoEnable set true; must be something Ubuntu does since that's not the default.

Thanks.  This can be closed unless there's a documentation update that would clarify the behavior.