214103 – HCI_CHANNEL_USER sockets leave device running after exit

Bug 214103 - HCI_CHANNEL_USER sockets leave device running after exit

Summary: HCI_CHANNEL_USER sockets leave device running after exit

Status:	NEW

Alias:	None

Product:	Drivers
Classification:	Unclassified
Component:	Bluetooth (show other bugs)
Hardware:	All Linux

Importance:	P1 normal
Assignee:	linux-bluetooth@vger.kernel.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-08-18 17:45 UTC by Peter Bigot
Modified:	2021-08-23 20:39 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:	5.11.0-7620-generic
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
code to reproduce behavior (1.33 KB, text/x-csrc) 2021-08-18 17:45 UTC, Peter Bigot	Details
Add an attachment (proposed patch, testcase, etc.)

Description Peter Bigot 2021-08-18 17:45:07 UTC

Created attachment 298353 [details]
code to reproduce behavior

HCI_CHANNEL_USER is documented[1] as providing an exclusive (?[2]) Bluetooth socket channel for application use given CAP_NET_ADMIN. This channel type requires that the device be down when the socket is bound.  The device transitions to UP RUNNING as a side-effect of a successful binding.

When the socket is closed and the application exits, the device remains up and running.  It's unclear whether this is a bug or a feature; in any case it is not what somebody might expect, as it prevents the application from starting again without external action to bring the device back down.

Reproducing example attached, and command sequence below.

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.13.12&id=23500189d7e03a071f0746f43f2cce875a62c91c

[2]: https://bugzilla.kernel.org/show_bug.cgi?id=135431


tirzah[1050]$ sudo hciconfig hci0 down
tirzah[1051]$ hciconfig hci0
hci0:	Type: Primary  Bus: USB
	BD Address: A4:C3:F0:F2:23:E3  ACL MTU: 1021:4  SCO MTU: 96:6
	DOWN 
	RX bytes:64500 acl:0 sco:0 events:4125 errors:0
	TX bytes:650824 acl:0 sco:0 commands:3992 errors:0

tirzah[1052]$ gcc repro.c
tirzah[1053]$ sudo setcap cap_net_raw,cap_net_admin=ep ./a.out
tirzah[1054]$ getcap ./a.out
./a.out = cap_net_admin,cap_net_raw+ep
tirzah[1055]$ ./a.out 
opening device 0
dd=3; binding to user channel
bound to user channel; closing
closed
tirzah[1056]$ hciconfig hci0
hci0:	Type: Primary  Bus: USB
	BD Address: A4:C3:F0:F2:23:E3  ACL MTU: 1021:4  SCO MTU: 96:6
	UP RUNNING 
	RX bytes:65256 acl:0 sco:0 events:4180 errors:0
	TX bytes:653053 acl:0 sco:0 commands:4047 errors:0

tirzah[1057]$

Comment 1 Tedd An 2021-08-23 20:35:55 UTC

If the Bluetooth daemon is running, try it after stop/disable the daemon.

If the bluetoothd is required, there is a "AutoEnable" option in /etc/bluetooth/main.conf. Change the value to false, and restart the daemon.

It will prevent the HCI interface from enabling after socket close.

Regards,
Tedd

Comment 2 Peter Bigot 2021-08-23 20:39:34 UTC

Looks like that explains it.  Oddly /etc/bluetooth/main.conf has AutoEnable set true; must be something Ubuntu does since that's not the default.

Thanks.  This can be closed unless there's a documentation update that would clarify the behavior.

Note You need to log in before you can comment on or make changes to this bug.