Received: by 2002:a05:6358:e9c4:b0:b2:91dc:71ab with SMTP id hc4csp5207615rwb; Mon, 8 Aug 2022 14:20:05 -0700 (PDT) X-Google-Smtp-Source: AA6agR7TjbkwbuZW0a3w3G4ciVRIPOyXVD6/om7TX+tKabjtg6oG8vmGvHxc9oEM6lCxbtmYLw66 X-Received: by 2002:a17:906:847c:b0:730:b6a0:e0d with SMTP id hx28-20020a170906847c00b00730b6a00e0dmr14922286ejc.126.1659993605472; Mon, 08 Aug 2022 14:20:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1659993605; cv=none; d=google.com; s=arc-20160816; b=KK4MFj1/ENE86+gBfzghJaFiWLfIIuvGSSEtml/KD30CbML/K2B9CcHCG5DjntvhqU b4Ke28Mn9O5vrcrjfxEnBAv8Y2Myx0CjDqj0C95qumechMK1x/asP0SdVwYSHbYCLAiA joFFLQaOCXoNkUT+Ng+t60QmBRQlQUo0cas7LZVR89dO9uFUNfNG0Pr1H8V//PAJw/AB ViPLzhO9OUTTBUi44UA9hBIXG7Bvae15f9BCx/RyQpGdB20qjakAjFcAlXjUn9eCZbHs 4WVsAzKOD//2x6hV0eVPUjLzIimzsKwaU6UmYAQ92m5JpnjB0jvm4Aotky6zWiB43UuJ s19g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=VWKYbqcm/zkrBcBzoLS3ZTYJbY0tUU+EcrNkjCdj7S0=; b=z52/+nNhbzd28bRM8yVwxcgDXklTtaNd7RVDClkNlBzpgdoNYTA2mJh+ehXL06Fh5C YfrsxC48ZSBS46CLwXT4An1pRfXphBJ7DG8Tw7By2X5uDF3Nie8kFiYqCNS9cFSrq8yf NjL4InCO+IS/rvy4mvdaIEsriAlH8HODoNTykms8KBiv6KlV7Ez5Gw0s4rMparE/Q2r0 wlvoyffmihK+bdOf3eD3VV6XX/llOQNu+cWIuK6X6gzUN8VmXjBUyZ48ReD27vWAX9hY Z4InRoG4f/ZQoU4AcxGoHqVxgklHlJZXUyrbnY7w495lnMt+pZBHwO2iOZfGEd8vGxv5 S/3w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=nGmDOiCn; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dt12-20020a170906b78c00b00730881cddb4si487821ejb.454.2022.08.08.14.19.25; Mon, 08 Aug 2022 14:20:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=nGmDOiCn; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244194AbiHHVPe (ORCPT + 99 others); Mon, 8 Aug 2022 17:15:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238401AbiHHVPd (ORCPT ); Mon, 8 Aug 2022 17:15:33 -0400 Received: from mail-qt1-x82d.google.com (mail-qt1-x82d.google.com [IPv6:2607:f8b0:4864:20::82d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4F8C318B08 for ; Mon, 8 Aug 2022 14:15:31 -0700 (PDT) Received: by mail-qt1-x82d.google.com with SMTP id l5so1044459qtv.4 for ; Mon, 08 Aug 2022 14:15:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=VWKYbqcm/zkrBcBzoLS3ZTYJbY0tUU+EcrNkjCdj7S0=; b=nGmDOiCn314TP/pVmtD+j8Y5FoAnmN4zBDQEpRs8YX5r/QVGn4HP2B+1LR+VyvxONJ TOr5lOBgRXsybaArJDbacDDtsfiSAw+TE4YhFcLgUp5zroer9zcXfyiINiAwkWLUmyPL 1AwWAFp6tf+RsQxqegsRmhbTEgcxE12zyjK0w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=VWKYbqcm/zkrBcBzoLS3ZTYJbY0tUU+EcrNkjCdj7S0=; b=SY9315px7BwXtzD6XsEyQzwkzZ4ye/+1NttF5T6EK+hEkYrR3PZl2ON2isvOLxwRoE 2yOLGpmMxXBGMt1B70UUTHzuW1dIG4VY6yYEdh0ybx9wZ/DV0NRuZepXzS4p9DR+8car 3kr1NVG6SYoV3qC+M8TW4q2C7zJ3K5q71BG/GJRasXFVnCqSHbDj6REb4SQmQmhRvV4r E9XxzzThPCpUcOVD6Gw7BTS5ZS2xf7pMrle2H12tyJYOnN3PMqb9T1NVkCZ4JMsHTcaS IuNwj00JJymFSzxOyR6I9ythOBGswPIRsxMrFVFqqyyWkfJQBDzUP0Rf7ZEJf6WUy7Zb ZvlQ== X-Gm-Message-State: ACgBeo1/7WnddBikTVYxXMB5cvl9bcULoMhc04pK1pj2kTHn2KxsgFSM 1rakVraPB9iOnAvWbsPzAFFD/zp3lU14elMgGDZMBb1a36Y= X-Received: by 2002:a05:622a:190a:b0:342:f8d9:b1dc with SMTP id w10-20020a05622a190a00b00342f8d9b1dcmr5914468qtc.656.1659993330432; Mon, 08 Aug 2022 14:15:30 -0700 (PDT) MIME-Version: 1.0 References: <20220808110315.1.I5a39052e33f6f3c7406f53b0304a32ccf9f340fa@changeid> In-Reply-To: From: Abhishek Pandit-Subedi Date: Mon, 8 Aug 2022 14:15:19 -0700 Message-ID: Subject: Re: [PATCH] Bluetooth: Ignore cmd_timeout with HCI_USER_CHANNEL To: Luiz Augusto von Dentz Cc: Abhishek Pandit-Subedi , "linux-bluetooth@vger.kernel.org" , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Johan Hedberg , Marcel Holtmann , Paolo Abeni , Linux Kernel Mailing List , "open list:NETWORKING [GENERAL]" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org On Mon, Aug 8, 2022 at 1:31 PM Luiz Augusto von Dentz wrote: > > Hi Abhishek, > > On Mon, Aug 8, 2022 at 11:04 AM Abhishek Pandit-Subedi > wrote: > > > > From: Abhishek Pandit-Subedi > > > > When using HCI_USER_CHANNEL, hci traffic is expected to be handled by > > userspace entirely. However, it is still possible (and sometimes > > desirable) to be able to send commands to the controller directly. In > > such cases, the kernel command timeout shouldn't do any error handling. > > > > Signed-off-by: Abhishek Pandit-Subedi > > --- > > This was tested by running a userchannel stack and sending commands via > > hcitool cmd on an Intel AX200 controller. Without this change, each > > command sent via hcitool would result in hci_cmd_timeout being called > > and after 5 commands, the controller would reset. > > > > Hcitool continues working here because it marks the socket as > > promiscuous and gets a copy of all traffic while the socket is open (and > > does filtering in userspace). > > There is something not quite right here, if you have a controller > using user_channel (addr.hci_channel = HCI_CHANNEL_USER) it probably > shouldn't even accept to be opened again by the likes of hcitool which > uses HCI_CHANNEL_RAW as it can cause conflicts. If you really need a > test tool that does send the command while in HCI_CHANNEL_USER then it > must be send on that mode but I wouldn't do it with hcitool anyway as > that is deprecated and this exercise seem to revolve to a entire stack > on top of HCI_USER_CHANNEL then you shall use tools of that stack and > mix with BlueZ userspace tools. Our goal is eventually consistent with that aim (not having multiple users to the socket when using HCI_CHANNEL_USER). In the interim however, we have existing tooling that expects to be able to write raw hci to the controller, get responses and not expect any crashes (Intel Wireless Reporting Tools for example). hcitool is just an easy test tool here and the real behavior being tested is RAW channel injections not triggering the cmd timeout. > > > Tested on Chromebook with 5.4 kernel with patch (and applied cleanly on > > bluetooth-next). > > > > net/bluetooth/hci_core.c | 26 +++++++++++++++++--------- > > 1 file changed, 17 insertions(+), 9 deletions(-) > > > > diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c > > index b3a5a3cc9372..c9a15f6633f7 100644 > > --- a/net/bluetooth/hci_core.c > > +++ b/net/bluetooth/hci_core.c > > @@ -1481,17 +1481,25 @@ static void hci_cmd_timeout(struct work_struct *work) > > struct hci_dev *hdev = container_of(work, struct hci_dev, > > cmd_timer.work); > > > > - if (hdev->sent_cmd) { > > - struct hci_command_hdr *sent = (void *) hdev->sent_cmd->data; > > - u16 opcode = __le16_to_cpu(sent->opcode); > > + /* Don't trigger the timeout behavior if it happens while we're in > > + * userchannel mode. Userspace is responsible for handling any command > > + * timeouts. > > + */ > > + if (!(hci_dev_test_flag(hdev, HCI_USER_CHANNEL) && > > + test_bit(HCI_UP, &hdev->flags))) { > > + if (hdev->sent_cmd) { > > + struct hci_command_hdr *sent = > > + (void *)hdev->sent_cmd->data; > > + u16 opcode = __le16_to_cpu(sent->opcode); > > > > - bt_dev_err(hdev, "command 0x%4.4x tx timeout", opcode); > > - } else { > > - bt_dev_err(hdev, "command tx timeout"); > > - } > > + bt_dev_err(hdev, "command 0x%4.4x tx timeout", opcode); > > + } else { > > + bt_dev_err(hdev, "command tx timeout"); > > + } > > > > - if (hdev->cmd_timeout) > > - hdev->cmd_timeout(hdev); > > + if (hdev->cmd_timeout) > > + hdev->cmd_timeout(hdev); > > + } > > I wonder why hci_cmd_timeout is even active if the controller is in > HCI_USER_CHANNEL mode, that sounds like a bug already. This gets scheduled in hci_cmd_work. I tried not scheduling hci_cmd_timeout in the first place but that caused the event stream to hang (I think because subsequent tx work wasn't being scheduled). I didn't dive very deep here and fix looked complex for a scenario that we will migrate away from. > > > atomic_set(&hdev->cmd_cnt, 1); > > queue_work(hdev->workqueue, &hdev->cmd_work); > > -- > > 2.37.1.559.g78731f0fdb-goog > > > > > -- > Luiz Augusto von Dentz