xref: /openbmc/linux/net/bluetooth/hci_conn.c (revision 8c1b235594fbab9a13240a1dac12ea9fd99b6440)
1 /*
2    BlueZ - Bluetooth protocol stack for Linux
3    Copyright (C) 2000-2001 Qualcomm Incorporated
4 
5    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6 
7    This program is free software; you can redistribute it and/or modify
8    it under the terms of the GNU General Public License version 2 as
9    published by the Free Software Foundation;
10 
11    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 
20    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22    SOFTWARE IS DISCLAIMED.
23 */
24 
25 /* Bluetooth HCI connection handling. */
26 
27 #include <linux/module.h>
28 
29 #include <linux/types.h>
30 #include <linux/errno.h>
31 #include <linux/kernel.h>
32 #include <linux/slab.h>
33 #include <linux/poll.h>
34 #include <linux/fcntl.h>
35 #include <linux/init.h>
36 #include <linux/skbuff.h>
37 #include <linux/interrupt.h>
38 #include <linux/notifier.h>
39 #include <net/sock.h>
40 
41 #include <asm/system.h>
42 #include <asm/uaccess.h>
43 #include <asm/unaligned.h>
44 
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
47 
48 void hci_acl_connect(struct hci_conn *conn)
49 {
50 	struct hci_dev *hdev = conn->hdev;
51 	struct inquiry_entry *ie;
52 	struct hci_cp_create_conn cp;
53 
54 	BT_DBG("%p", conn);
55 
56 	conn->state = BT_CONNECT;
57 	conn->out = 1;
58 
59 	conn->link_mode = HCI_LM_MASTER;
60 
61 	conn->attempt++;
62 
63 	conn->link_policy = hdev->link_policy;
64 
65 	memset(&cp, 0, sizeof(cp));
66 	bacpy(&cp.bdaddr, &conn->dst);
67 	cp.pscan_rep_mode = 0x02;
68 
69 	if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) {
70 		if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) {
71 			cp.pscan_rep_mode = ie->data.pscan_rep_mode;
72 			cp.pscan_mode     = ie->data.pscan_mode;
73 			cp.clock_offset   = ie->data.clock_offset |
74 							cpu_to_le16(0x8000);
75 		}
76 
77 		memcpy(conn->dev_class, ie->data.dev_class, 3);
78 		conn->ssp_mode = ie->data.ssp_mode;
79 	}
80 
81 	cp.pkt_type = cpu_to_le16(conn->pkt_type);
82 	if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER))
83 		cp.role_switch = 0x01;
84 	else
85 		cp.role_switch = 0x00;
86 
87 	hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp);
88 }
89 
90 static void hci_acl_connect_cancel(struct hci_conn *conn)
91 {
92 	struct hci_cp_create_conn_cancel cp;
93 
94 	BT_DBG("%p", conn);
95 
96 	if (conn->hdev->hci_ver < 2)
97 		return;
98 
99 	bacpy(&cp.bdaddr, &conn->dst);
100 	hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp);
101 }
102 
103 void hci_acl_disconn(struct hci_conn *conn, __u8 reason)
104 {
105 	struct hci_cp_disconnect cp;
106 
107 	BT_DBG("%p", conn);
108 
109 	conn->state = BT_DISCONN;
110 
111 	cp.handle = cpu_to_le16(conn->handle);
112 	cp.reason = reason;
113 	hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp);
114 }
115 
116 void hci_add_sco(struct hci_conn *conn, __u16 handle)
117 {
118 	struct hci_dev *hdev = conn->hdev;
119 	struct hci_cp_add_sco cp;
120 
121 	BT_DBG("%p", conn);
122 
123 	conn->state = BT_CONNECT;
124 	conn->out = 1;
125 
126 	cp.handle   = cpu_to_le16(handle);
127 	cp.pkt_type = cpu_to_le16(conn->pkt_type);
128 
129 	hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp);
130 }
131 
132 void hci_setup_sync(struct hci_conn *conn, __u16 handle)
133 {
134 	struct hci_dev *hdev = conn->hdev;
135 	struct hci_cp_setup_sync_conn cp;
136 
137 	BT_DBG("%p", conn);
138 
139 	conn->state = BT_CONNECT;
140 	conn->out = 1;
141 
142 	cp.handle   = cpu_to_le16(handle);
143 	cp.pkt_type = cpu_to_le16(conn->pkt_type);
144 
145 	cp.tx_bandwidth   = cpu_to_le32(0x00001f40);
146 	cp.rx_bandwidth   = cpu_to_le32(0x00001f40);
147 	cp.max_latency    = cpu_to_le16(0xffff);
148 	cp.voice_setting  = cpu_to_le16(hdev->voice_setting);
149 	cp.retrans_effort = 0xff;
150 
151 	hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp);
152 }
153 
154 static void hci_conn_timeout(unsigned long arg)
155 {
156 	struct hci_conn *conn = (void *) arg;
157 	struct hci_dev *hdev = conn->hdev;
158 
159 	BT_DBG("conn %p state %d", conn, conn->state);
160 
161 	if (atomic_read(&conn->refcnt))
162 		return;
163 
164 	hci_dev_lock(hdev);
165 
166 	switch (conn->state) {
167 	case BT_CONNECT:
168 	case BT_CONNECT2:
169 		if (conn->type == ACL_LINK)
170 			hci_acl_connect_cancel(conn);
171 		else
172 			hci_acl_disconn(conn, 0x13);
173 		break;
174 	case BT_CONFIG:
175 	case BT_CONNECTED:
176 		hci_acl_disconn(conn, 0x13);
177 		break;
178 	default:
179 		conn->state = BT_CLOSED;
180 		break;
181 	}
182 
183 	hci_dev_unlock(hdev);
184 }
185 
186 static void hci_conn_idle(unsigned long arg)
187 {
188 	struct hci_conn *conn = (void *) arg;
189 
190 	BT_DBG("conn %p mode %d", conn, conn->mode);
191 
192 	hci_conn_enter_sniff_mode(conn);
193 }
194 
195 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst)
196 {
197 	struct hci_conn *conn;
198 
199 	BT_DBG("%s dst %s", hdev->name, batostr(dst));
200 
201 	conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC);
202 	if (!conn)
203 		return NULL;
204 
205 	bacpy(&conn->dst, dst);
206 	conn->hdev  = hdev;
207 	conn->type  = type;
208 	conn->mode  = HCI_CM_ACTIVE;
209 	conn->state = BT_OPEN;
210 
211 	conn->power_save = 1;
212 
213 	switch (type) {
214 	case ACL_LINK:
215 		conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK;
216 		break;
217 	case SCO_LINK:
218 		if (lmp_esco_capable(hdev))
219 			conn->pkt_type = hdev->esco_type & SCO_ESCO_MASK;
220 		else
221 			conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK;
222 		break;
223 	case ESCO_LINK:
224 		conn->pkt_type = hdev->esco_type;
225 		break;
226 	}
227 
228 	skb_queue_head_init(&conn->data_q);
229 
230 	setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn);
231 	setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn);
232 
233 	atomic_set(&conn->refcnt, 0);
234 
235 	hci_dev_hold(hdev);
236 
237 	tasklet_disable(&hdev->tx_task);
238 
239 	hci_conn_hash_add(hdev, conn);
240 	if (hdev->notify)
241 		hdev->notify(hdev, HCI_NOTIFY_CONN_ADD);
242 
243 	tasklet_enable(&hdev->tx_task);
244 
245 	return conn;
246 }
247 
248 int hci_conn_del(struct hci_conn *conn)
249 {
250 	struct hci_dev *hdev = conn->hdev;
251 
252 	BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle);
253 
254 	del_timer(&conn->idle_timer);
255 
256 	del_timer(&conn->disc_timer);
257 
258 	if (conn->type == ACL_LINK) {
259 		struct hci_conn *sco = conn->link;
260 		if (sco)
261 			sco->link = NULL;
262 
263 		/* Unacked frames */
264 		hdev->acl_cnt += conn->sent;
265 	} else {
266 		struct hci_conn *acl = conn->link;
267 		if (acl) {
268 			acl->link = NULL;
269 			hci_conn_put(acl);
270 		}
271 	}
272 
273 	tasklet_disable(&hdev->tx_task);
274 
275 	hci_conn_hash_del(hdev, conn);
276 	if (hdev->notify)
277 		hdev->notify(hdev, HCI_NOTIFY_CONN_DEL);
278 
279 	tasklet_enable(&hdev->tx_task);
280 
281 	skb_queue_purge(&conn->data_q);
282 
283 	return 0;
284 }
285 
286 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src)
287 {
288 	int use_src = bacmp(src, BDADDR_ANY);
289 	struct hci_dev *hdev = NULL;
290 	struct list_head *p;
291 
292 	BT_DBG("%s -> %s", batostr(src), batostr(dst));
293 
294 	read_lock_bh(&hci_dev_list_lock);
295 
296 	list_for_each(p, &hci_dev_list) {
297 		struct hci_dev *d = list_entry(p, struct hci_dev, list);
298 
299 		if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags))
300 			continue;
301 
302 		/* Simple routing:
303 		 *   No source address - find interface with bdaddr != dst
304 		 *   Source address    - find interface with bdaddr == src
305 		 */
306 
307 		if (use_src) {
308 			if (!bacmp(&d->bdaddr, src)) {
309 				hdev = d; break;
310 			}
311 		} else {
312 			if (bacmp(&d->bdaddr, dst)) {
313 				hdev = d; break;
314 			}
315 		}
316 	}
317 
318 	if (hdev)
319 		hdev = hci_dev_hold(hdev);
320 
321 	read_unlock_bh(&hci_dev_list_lock);
322 	return hdev;
323 }
324 EXPORT_SYMBOL(hci_get_route);
325 
326 /* Create SCO or ACL connection.
327  * Device _must_ be locked */
328 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type)
329 {
330 	struct hci_conn *acl;
331 	struct hci_conn *sco;
332 
333 	BT_DBG("%s dst %s", hdev->name, batostr(dst));
334 
335 	if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) {
336 		if (!(acl = hci_conn_add(hdev, ACL_LINK, dst)))
337 			return NULL;
338 	}
339 
340 	hci_conn_hold(acl);
341 
342 	if (acl->state == BT_OPEN || acl->state == BT_CLOSED) {
343 		acl->sec_level = sec_level;
344 		acl->auth_type = auth_type;
345 		hci_acl_connect(acl);
346 	}
347 
348 	if (type == ACL_LINK)
349 		return acl;
350 
351 	if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) {
352 		if (!(sco = hci_conn_add(hdev, type, dst))) {
353 			hci_conn_put(acl);
354 			return NULL;
355 		}
356 	}
357 
358 	acl->link = sco;
359 	sco->link = acl;
360 
361 	hci_conn_hold(sco);
362 
363 	if (acl->state == BT_CONNECTED &&
364 			(sco->state == BT_OPEN || sco->state == BT_CLOSED)) {
365 		if (lmp_esco_capable(hdev))
366 			hci_setup_sync(sco, acl->handle);
367 		else
368 			hci_add_sco(sco, acl->handle);
369 	}
370 
371 	return sco;
372 }
373 EXPORT_SYMBOL(hci_connect);
374 
375 /* Check link security requirement */
376 int hci_conn_check_link_mode(struct hci_conn *conn)
377 {
378 	BT_DBG("conn %p", conn);
379 
380 	if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 &&
381 					!(conn->link_mode & HCI_LM_ENCRYPT))
382 		return 0;
383 
384 	return 1;
385 }
386 EXPORT_SYMBOL(hci_conn_check_link_mode);
387 
388 /* Authenticate remote device */
389 static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level)
390 {
391 	BT_DBG("conn %p", conn);
392 
393 	if (sec_level > conn->sec_level)
394 		conn->link_mode &= ~HCI_LM_AUTH;
395 
396 	conn->sec_level = sec_level;
397 
398 	if (sec_level == BT_SECURITY_HIGH)
399 		conn->auth_type |= 0x01;
400 
401 	if (conn->link_mode & HCI_LM_AUTH)
402 		return 1;
403 
404 	if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
405 		struct hci_cp_auth_requested cp;
406 		cp.handle = cpu_to_le16(conn->handle);
407 		hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
408 							sizeof(cp), &cp);
409 	}
410 
411 	return 0;
412 }
413 
414 /* Enable security */
415 int hci_conn_security(struct hci_conn *conn, __u8 sec_level)
416 {
417 	BT_DBG("conn %p", conn);
418 
419 	if (sec_level == BT_SECURITY_SDP)
420 		return 1;
421 
422 	if (sec_level == BT_SECURITY_LOW) {
423 		if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0)
424 			return hci_conn_auth(conn, sec_level);
425 		else
426 			return 1;
427 	}
428 
429 	if (conn->link_mode & HCI_LM_ENCRYPT)
430 		return hci_conn_auth(conn, sec_level);
431 
432 	if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend))
433 		return 0;
434 
435 	if (hci_conn_auth(conn, sec_level)) {
436 		struct hci_cp_set_conn_encrypt cp;
437 		cp.handle  = cpu_to_le16(conn->handle);
438 		cp.encrypt = 1;
439 		hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT,
440 							sizeof(cp), &cp);
441 	}
442 
443 	return 0;
444 }
445 EXPORT_SYMBOL(hci_conn_security);
446 
447 /* Change link key */
448 int hci_conn_change_link_key(struct hci_conn *conn)
449 {
450 	BT_DBG("conn %p", conn);
451 
452 	if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
453 		struct hci_cp_change_conn_link_key cp;
454 		cp.handle = cpu_to_le16(conn->handle);
455 		hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY,
456 							sizeof(cp), &cp);
457 	}
458 
459 	return 0;
460 }
461 EXPORT_SYMBOL(hci_conn_change_link_key);
462 
463 /* Switch role */
464 int hci_conn_switch_role(struct hci_conn *conn, __u8 role)
465 {
466 	BT_DBG("conn %p", conn);
467 
468 	if (!role && conn->link_mode & HCI_LM_MASTER)
469 		return 1;
470 
471 	if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) {
472 		struct hci_cp_switch_role cp;
473 		bacpy(&cp.bdaddr, &conn->dst);
474 		cp.role = role;
475 		hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp);
476 	}
477 
478 	return 0;
479 }
480 EXPORT_SYMBOL(hci_conn_switch_role);
481 
482 /* Enter active mode */
483 void hci_conn_enter_active_mode(struct hci_conn *conn)
484 {
485 	struct hci_dev *hdev = conn->hdev;
486 
487 	BT_DBG("conn %p mode %d", conn, conn->mode);
488 
489 	if (test_bit(HCI_RAW, &hdev->flags))
490 		return;
491 
492 	if (conn->mode != HCI_CM_SNIFF || !conn->power_save)
493 		goto timer;
494 
495 	if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
496 		struct hci_cp_exit_sniff_mode cp;
497 		cp.handle = cpu_to_le16(conn->handle);
498 		hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp);
499 	}
500 
501 timer:
502 	if (hdev->idle_timeout > 0)
503 		mod_timer(&conn->idle_timer,
504 			jiffies + msecs_to_jiffies(hdev->idle_timeout));
505 }
506 
507 /* Enter sniff mode */
508 void hci_conn_enter_sniff_mode(struct hci_conn *conn)
509 {
510 	struct hci_dev *hdev = conn->hdev;
511 
512 	BT_DBG("conn %p mode %d", conn, conn->mode);
513 
514 	if (test_bit(HCI_RAW, &hdev->flags))
515 		return;
516 
517 	if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn))
518 		return;
519 
520 	if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF))
521 		return;
522 
523 	if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) {
524 		struct hci_cp_sniff_subrate cp;
525 		cp.handle             = cpu_to_le16(conn->handle);
526 		cp.max_latency        = cpu_to_le16(0);
527 		cp.min_remote_timeout = cpu_to_le16(0);
528 		cp.min_local_timeout  = cpu_to_le16(0);
529 		hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp);
530 	}
531 
532 	if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) {
533 		struct hci_cp_sniff_mode cp;
534 		cp.handle       = cpu_to_le16(conn->handle);
535 		cp.max_interval = cpu_to_le16(hdev->sniff_max_interval);
536 		cp.min_interval = cpu_to_le16(hdev->sniff_min_interval);
537 		cp.attempt      = cpu_to_le16(4);
538 		cp.timeout      = cpu_to_le16(1);
539 		hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp);
540 	}
541 }
542 
543 /* Drop all connection on the device */
544 void hci_conn_hash_flush(struct hci_dev *hdev)
545 {
546 	struct hci_conn_hash *h = &hdev->conn_hash;
547 	struct list_head *p;
548 
549 	BT_DBG("hdev %s", hdev->name);
550 
551 	p = h->list.next;
552 	while (p != &h->list) {
553 		struct hci_conn *c;
554 
555 		c = list_entry(p, struct hci_conn, list);
556 		p = p->next;
557 
558 		c->state = BT_CLOSED;
559 
560 		hci_conn_del_sysfs(c);
561 
562 		hci_proto_disconn_ind(c, 0x16);
563 		hci_conn_del(c);
564 	}
565 }
566 
567 /* Check pending connect attempts */
568 void hci_conn_check_pending(struct hci_dev *hdev)
569 {
570 	struct hci_conn *conn;
571 
572 	BT_DBG("hdev %s", hdev->name);
573 
574 	hci_dev_lock(hdev);
575 
576 	conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2);
577 	if (conn)
578 		hci_acl_connect(conn);
579 
580 	hci_dev_unlock(hdev);
581 }
582 
583 int hci_get_conn_list(void __user *arg)
584 {
585 	struct hci_conn_list_req req, *cl;
586 	struct hci_conn_info *ci;
587 	struct hci_dev *hdev;
588 	struct list_head *p;
589 	int n = 0, size, err;
590 
591 	if (copy_from_user(&req, arg, sizeof(req)))
592 		return -EFAULT;
593 
594 	if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci))
595 		return -EINVAL;
596 
597 	size = sizeof(req) + req.conn_num * sizeof(*ci);
598 
599 	if (!(cl = kmalloc(size, GFP_KERNEL)))
600 		return -ENOMEM;
601 
602 	if (!(hdev = hci_dev_get(req.dev_id))) {
603 		kfree(cl);
604 		return -ENODEV;
605 	}
606 
607 	ci = cl->conn_info;
608 
609 	hci_dev_lock_bh(hdev);
610 	list_for_each(p, &hdev->conn_hash.list) {
611 		register struct hci_conn *c;
612 		c = list_entry(p, struct hci_conn, list);
613 
614 		bacpy(&(ci + n)->bdaddr, &c->dst);
615 		(ci + n)->handle = c->handle;
616 		(ci + n)->type  = c->type;
617 		(ci + n)->out   = c->out;
618 		(ci + n)->state = c->state;
619 		(ci + n)->link_mode = c->link_mode;
620 		if (++n >= req.conn_num)
621 			break;
622 	}
623 	hci_dev_unlock_bh(hdev);
624 
625 	cl->dev_id = hdev->id;
626 	cl->conn_num = n;
627 	size = sizeof(req) + n * sizeof(*ci);
628 
629 	hci_dev_put(hdev);
630 
631 	err = copy_to_user(arg, cl, size);
632 	kfree(cl);
633 
634 	return err ? -EFAULT : 0;
635 }
636 
637 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg)
638 {
639 	struct hci_conn_info_req req;
640 	struct hci_conn_info ci;
641 	struct hci_conn *conn;
642 	char __user *ptr = arg + sizeof(req);
643 
644 	if (copy_from_user(&req, arg, sizeof(req)))
645 		return -EFAULT;
646 
647 	hci_dev_lock_bh(hdev);
648 	conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr);
649 	if (conn) {
650 		bacpy(&ci.bdaddr, &conn->dst);
651 		ci.handle = conn->handle;
652 		ci.type  = conn->type;
653 		ci.out   = conn->out;
654 		ci.state = conn->state;
655 		ci.link_mode = conn->link_mode;
656 	}
657 	hci_dev_unlock_bh(hdev);
658 
659 	if (!conn)
660 		return -ENOENT;
661 
662 	return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0;
663 }
664 
665 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg)
666 {
667 	struct hci_auth_info_req req;
668 	struct hci_conn *conn;
669 
670 	if (copy_from_user(&req, arg, sizeof(req)))
671 		return -EFAULT;
672 
673 	hci_dev_lock_bh(hdev);
674 	conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr);
675 	if (conn)
676 		req.type = conn->auth_type;
677 	hci_dev_unlock_bh(hdev);
678 
679 	if (!conn)
680 		return -ENOENT;
681 
682 	return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0;
683 }
684