Bluetooth: Restrict access to management interface

The management interface on the HCI control channel should be restricted
to applications with CAP_NET_ADMIN permission.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>

net/bluetooth/hci_sock.c

@@ -656,6 +656,11 @@ static int hci_sock_bind(struct socket *sock, struct sockaddr *addr, int addr_le
 			goto done;
 		}
 
+		if (!capable(CAP_NET_ADMIN)) {
+			err = -EPERM;
+			goto done;
+		}
+
 		set_bit(HCI_PI_MGMT_INIT, &hci_pi(sk)->flags);
 		break;