[PATCH 1/2] Bluetooth: Fix index added after unregister
From: Abhishek Pandit-Subedi
Date: Thu Jun 02 2022 - 12:47:05 EST
From: Abhishek Pandit-Subedi <abhishekpandit@xxxxxxxxxxxx>
When a userchannel socket is released, we should check whether the hdev
is already unregistered before sending out an IndexAdded.
Signed-off-by: Abhishek Pandit-Subedi <abhishekpandit@xxxxxxxxxxxx>
---
This happened when the firmware crashed or the controller was lost for
some other reason.
For testing, I emualated this using:
echo 0 > $(readlink -f /sys/class/bluetooth/hci0)/../../authorized
= Close Index: F8:E4:E3:D9:9E:45 [hci0] 682.178794
@ MGMT Event: Index Removed (0x0005) plen 0 {0x0002} [hci0] 682.178809
@ MGMT Event: Index Removed (0x0005) plen 0 {0x0001} [hci0] 682.178809
= Delete Index: F8:E4:E3:D9:9E:45 [hci0] 682.178821
@ USER Close: bt_stack_manage {0x0003} [hci0] 682.397653
@ MGMT Event: Index Added (0x0004) plen 0 {0x0002} [hci0] 682.397667
@ MGMT Event: Index Added (0x0004) plen 0 {0x0001} [hci0] 682.397667
@ MGMT Close: bt_stack_manage {0x0002} 682.397793
@ MGMT Open: bt_stack_manage (privileged) version 1.14 {0x0003} 682.437223
@ MGMT Command: Read Controller Index List (0x0003) plen 0 {0x0003} 682.437230
@ MGMT Event: Command Complete (0x0001) plen 5 {0x0003} 682.437232
Read Controller Index List (0x0003) plen 2
Status: Success (0x00)
Controllers: 0
Tested on ChromeOS kernel and compiled with allmodconfig on
bluetooth-next.
net/bluetooth/hci_sock.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 189e3115c8c6..bd8358b44aa4 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -869,7 +869,8 @@ static int hci_sock_release(struct socket *sock)
hdev = hci_pi(sk)->hdev;
if (hdev) {
- if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
+ if (hci_pi(sk)->channel == HCI_CHANNEL_USER &&
+ !hci_dev_test_flag(hdev, HCI_UNREGISTER)) {
/* When releasing a user channel exclusive access,
* call hci_dev_do_close directly instead of calling
* hci_dev_close to ensure the exclusive access will
@@ -878,6 +879,11 @@ static int hci_sock_release(struct socket *sock)
* The checking of HCI_AUTO_OFF is not needed in this
* case since it will have been cleared already when
* opening the user channel.
+ *
+ * Make sure to also check that we haven't already
+ * unregistered since all the cleanup will have already
+ * been complete and hdev will get released when we put
+ * below.
*/
hci_dev_do_close(hdev);
hci_dev_clear_flag(hdev, HCI_USER_CHANNEL);
--
2.36.1.255.ge46751e96f-goog