1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2000-2001 Qualcomm Incorporated 4 5 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com> 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License version 2 as 9 published by the Free Software Foundation; 10 11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 12 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 14 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 15 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 16 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 20 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 21 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 22 SOFTWARE IS DISCLAIMED. 23 */ 24 25 /* Bluetooth HCI connection handling. */ 26 27 #include <linux/module.h> 28 29 #include <linux/types.h> 30 #include <linux/errno.h> 31 #include <linux/kernel.h> 32 #include <linux/slab.h> 33 #include <linux/poll.h> 34 #include <linux/fcntl.h> 35 #include <linux/init.h> 36 #include <linux/skbuff.h> 37 #include <linux/interrupt.h> 38 #include <linux/notifier.h> 39 #include <net/sock.h> 40 41 #include <asm/system.h> 42 #include <asm/uaccess.h> 43 #include <asm/unaligned.h> 44 45 #include <net/bluetooth/bluetooth.h> 46 #include <net/bluetooth/hci_core.h> 47 48 void hci_acl_connect(struct hci_conn *conn) 49 { 50 struct hci_dev *hdev = conn->hdev; 51 struct inquiry_entry *ie; 52 struct hci_cp_create_conn cp; 53 54 BT_DBG("%p", conn); 55 56 conn->state = BT_CONNECT; 57 conn->out = 1; 58 59 conn->link_mode = HCI_LM_MASTER; 60 61 conn->attempt++; 62 63 conn->link_policy = hdev->link_policy; 64 65 memset(&cp, 0, sizeof(cp)); 66 bacpy(&cp.bdaddr, &conn->dst); 67 cp.pscan_rep_mode = 0x02; 68 69 if ((ie = hci_inquiry_cache_lookup(hdev, &conn->dst))) { 70 if (inquiry_entry_age(ie) <= INQUIRY_ENTRY_AGE_MAX) { 71 cp.pscan_rep_mode = ie->data.pscan_rep_mode; 72 cp.pscan_mode = ie->data.pscan_mode; 73 cp.clock_offset = ie->data.clock_offset | 74 cpu_to_le16(0x8000); 75 } 76 77 memcpy(conn->dev_class, ie->data.dev_class, 3); 78 conn->ssp_mode = ie->data.ssp_mode; 79 } 80 81 cp.pkt_type = cpu_to_le16(conn->pkt_type); 82 if (lmp_rswitch_capable(hdev) && !(hdev->link_mode & HCI_LM_MASTER)) 83 cp.role_switch = 0x01; 84 else 85 cp.role_switch = 0x00; 86 87 hci_send_cmd(hdev, HCI_OP_CREATE_CONN, sizeof(cp), &cp); 88 } 89 90 static void hci_acl_connect_cancel(struct hci_conn *conn) 91 { 92 struct hci_cp_create_conn_cancel cp; 93 94 BT_DBG("%p", conn); 95 96 if (conn->hdev->hci_ver < 2) 97 return; 98 99 bacpy(&cp.bdaddr, &conn->dst); 100 hci_send_cmd(conn->hdev, HCI_OP_CREATE_CONN_CANCEL, sizeof(cp), &cp); 101 } 102 103 void hci_acl_disconn(struct hci_conn *conn, __u8 reason) 104 { 105 struct hci_cp_disconnect cp; 106 107 BT_DBG("%p", conn); 108 109 conn->state = BT_DISCONN; 110 111 cp.handle = cpu_to_le16(conn->handle); 112 cp.reason = reason; 113 hci_send_cmd(conn->hdev, HCI_OP_DISCONNECT, sizeof(cp), &cp); 114 } 115 116 void hci_add_sco(struct hci_conn *conn, __u16 handle) 117 { 118 struct hci_dev *hdev = conn->hdev; 119 struct hci_cp_add_sco cp; 120 121 BT_DBG("%p", conn); 122 123 conn->state = BT_CONNECT; 124 conn->out = 1; 125 126 conn->attempt++; 127 128 cp.handle = cpu_to_le16(handle); 129 cp.pkt_type = cpu_to_le16(conn->pkt_type); 130 131 hci_send_cmd(hdev, HCI_OP_ADD_SCO, sizeof(cp), &cp); 132 } 133 134 void hci_setup_sync(struct hci_conn *conn, __u16 handle) 135 { 136 struct hci_dev *hdev = conn->hdev; 137 struct hci_cp_setup_sync_conn cp; 138 139 BT_DBG("%p", conn); 140 141 conn->state = BT_CONNECT; 142 conn->out = 1; 143 144 conn->attempt++; 145 146 cp.handle = cpu_to_le16(handle); 147 cp.pkt_type = cpu_to_le16(conn->pkt_type); 148 149 cp.tx_bandwidth = cpu_to_le32(0x00001f40); 150 cp.rx_bandwidth = cpu_to_le32(0x00001f40); 151 cp.max_latency = cpu_to_le16(0xffff); 152 cp.voice_setting = cpu_to_le16(hdev->voice_setting); 153 cp.retrans_effort = 0xff; 154 155 hci_send_cmd(hdev, HCI_OP_SETUP_SYNC_CONN, sizeof(cp), &cp); 156 } 157 158 static void hci_conn_timeout(unsigned long arg) 159 { 160 struct hci_conn *conn = (void *) arg; 161 struct hci_dev *hdev = conn->hdev; 162 __u8 reason; 163 164 BT_DBG("conn %p state %d", conn, conn->state); 165 166 if (atomic_read(&conn->refcnt)) 167 return; 168 169 hci_dev_lock(hdev); 170 171 switch (conn->state) { 172 case BT_CONNECT: 173 case BT_CONNECT2: 174 if (conn->type == ACL_LINK && conn->out) 175 hci_acl_connect_cancel(conn); 176 break; 177 case BT_CONFIG: 178 case BT_CONNECTED: 179 reason = hci_proto_disconn_ind(conn); 180 hci_acl_disconn(conn, reason); 181 break; 182 default: 183 conn->state = BT_CLOSED; 184 break; 185 } 186 187 hci_dev_unlock(hdev); 188 } 189 190 static void hci_conn_idle(unsigned long arg) 191 { 192 struct hci_conn *conn = (void *) arg; 193 194 BT_DBG("conn %p mode %d", conn, conn->mode); 195 196 hci_conn_enter_sniff_mode(conn); 197 } 198 199 struct hci_conn *hci_conn_add(struct hci_dev *hdev, int type, bdaddr_t *dst) 200 { 201 struct hci_conn *conn; 202 203 BT_DBG("%s dst %s", hdev->name, batostr(dst)); 204 205 conn = kzalloc(sizeof(struct hci_conn), GFP_ATOMIC); 206 if (!conn) 207 return NULL; 208 209 bacpy(&conn->dst, dst); 210 conn->hdev = hdev; 211 conn->type = type; 212 conn->mode = HCI_CM_ACTIVE; 213 conn->state = BT_OPEN; 214 conn->auth_type = HCI_AT_GENERAL_BONDING; 215 216 conn->power_save = 1; 217 conn->disc_timeout = HCI_DISCONN_TIMEOUT; 218 219 switch (type) { 220 case ACL_LINK: 221 conn->pkt_type = hdev->pkt_type & ACL_PTYPE_MASK; 222 break; 223 case SCO_LINK: 224 if (lmp_esco_capable(hdev)) 225 conn->pkt_type = (hdev->esco_type & SCO_ESCO_MASK) | 226 (hdev->esco_type & EDR_ESCO_MASK); 227 else 228 conn->pkt_type = hdev->pkt_type & SCO_PTYPE_MASK; 229 break; 230 case ESCO_LINK: 231 conn->pkt_type = hdev->esco_type & ~EDR_ESCO_MASK; 232 break; 233 } 234 235 skb_queue_head_init(&conn->data_q); 236 237 setup_timer(&conn->disc_timer, hci_conn_timeout, (unsigned long)conn); 238 setup_timer(&conn->idle_timer, hci_conn_idle, (unsigned long)conn); 239 240 atomic_set(&conn->refcnt, 0); 241 242 hci_dev_hold(hdev); 243 244 tasklet_disable(&hdev->tx_task); 245 246 hci_conn_hash_add(hdev, conn); 247 if (hdev->notify) 248 hdev->notify(hdev, HCI_NOTIFY_CONN_ADD); 249 250 atomic_set(&conn->devref, 0); 251 252 hci_conn_init_sysfs(conn); 253 254 tasklet_enable(&hdev->tx_task); 255 256 return conn; 257 } 258 259 int hci_conn_del(struct hci_conn *conn) 260 { 261 struct hci_dev *hdev = conn->hdev; 262 263 BT_DBG("%s conn %p handle %d", hdev->name, conn, conn->handle); 264 265 del_timer(&conn->idle_timer); 266 267 del_timer(&conn->disc_timer); 268 269 if (conn->type == ACL_LINK) { 270 struct hci_conn *sco = conn->link; 271 if (sco) 272 sco->link = NULL; 273 274 /* Unacked frames */ 275 hdev->acl_cnt += conn->sent; 276 } else { 277 struct hci_conn *acl = conn->link; 278 if (acl) { 279 acl->link = NULL; 280 hci_conn_put(acl); 281 } 282 } 283 284 tasklet_disable(&hdev->tx_task); 285 286 hci_conn_hash_del(hdev, conn); 287 if (hdev->notify) 288 hdev->notify(hdev, HCI_NOTIFY_CONN_DEL); 289 290 tasklet_enable(&hdev->tx_task); 291 292 skb_queue_purge(&conn->data_q); 293 294 hci_conn_put_device(conn); 295 296 hci_dev_put(hdev); 297 298 return 0; 299 } 300 301 struct hci_dev *hci_get_route(bdaddr_t *dst, bdaddr_t *src) 302 { 303 int use_src = bacmp(src, BDADDR_ANY); 304 struct hci_dev *hdev = NULL; 305 struct list_head *p; 306 307 BT_DBG("%s -> %s", batostr(src), batostr(dst)); 308 309 read_lock_bh(&hci_dev_list_lock); 310 311 list_for_each(p, &hci_dev_list) { 312 struct hci_dev *d = list_entry(p, struct hci_dev, list); 313 314 if (!test_bit(HCI_UP, &d->flags) || test_bit(HCI_RAW, &d->flags)) 315 continue; 316 317 /* Simple routing: 318 * No source address - find interface with bdaddr != dst 319 * Source address - find interface with bdaddr == src 320 */ 321 322 if (use_src) { 323 if (!bacmp(&d->bdaddr, src)) { 324 hdev = d; break; 325 } 326 } else { 327 if (bacmp(&d->bdaddr, dst)) { 328 hdev = d; break; 329 } 330 } 331 } 332 333 if (hdev) 334 hdev = hci_dev_hold(hdev); 335 336 read_unlock_bh(&hci_dev_list_lock); 337 return hdev; 338 } 339 EXPORT_SYMBOL(hci_get_route); 340 341 /* Create SCO or ACL connection. 342 * Device _must_ be locked */ 343 struct hci_conn *hci_connect(struct hci_dev *hdev, int type, bdaddr_t *dst, __u8 sec_level, __u8 auth_type) 344 { 345 struct hci_conn *acl; 346 struct hci_conn *sco; 347 348 BT_DBG("%s dst %s", hdev->name, batostr(dst)); 349 350 if (!(acl = hci_conn_hash_lookup_ba(hdev, ACL_LINK, dst))) { 351 if (!(acl = hci_conn_add(hdev, ACL_LINK, dst))) 352 return NULL; 353 } 354 355 hci_conn_hold(acl); 356 357 if (acl->state == BT_OPEN || acl->state == BT_CLOSED) { 358 acl->sec_level = sec_level; 359 acl->auth_type = auth_type; 360 hci_acl_connect(acl); 361 } 362 363 if (type == ACL_LINK) 364 return acl; 365 366 if (!(sco = hci_conn_hash_lookup_ba(hdev, type, dst))) { 367 if (!(sco = hci_conn_add(hdev, type, dst))) { 368 hci_conn_put(acl); 369 return NULL; 370 } 371 } 372 373 acl->link = sco; 374 sco->link = acl; 375 376 hci_conn_hold(sco); 377 378 if (acl->state == BT_CONNECTED && 379 (sco->state == BT_OPEN || sco->state == BT_CLOSED)) { 380 if (lmp_esco_capable(hdev)) 381 hci_setup_sync(sco, acl->handle); 382 else 383 hci_add_sco(sco, acl->handle); 384 } 385 386 return sco; 387 } 388 EXPORT_SYMBOL(hci_connect); 389 390 /* Check link security requirement */ 391 int hci_conn_check_link_mode(struct hci_conn *conn) 392 { 393 BT_DBG("conn %p", conn); 394 395 if (conn->ssp_mode > 0 && conn->hdev->ssp_mode > 0 && 396 !(conn->link_mode & HCI_LM_ENCRYPT)) 397 return 0; 398 399 return 1; 400 } 401 EXPORT_SYMBOL(hci_conn_check_link_mode); 402 403 /* Authenticate remote device */ 404 static int hci_conn_auth(struct hci_conn *conn, __u8 sec_level, __u8 auth_type) 405 { 406 BT_DBG("conn %p", conn); 407 408 if (sec_level > conn->sec_level) 409 conn->sec_level = sec_level; 410 else if (conn->link_mode & HCI_LM_AUTH) 411 return 1; 412 413 conn->auth_type = auth_type; 414 415 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { 416 struct hci_cp_auth_requested cp; 417 cp.handle = cpu_to_le16(conn->handle); 418 hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED, 419 sizeof(cp), &cp); 420 } 421 422 return 0; 423 } 424 425 /* Enable security */ 426 int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type) 427 { 428 BT_DBG("conn %p", conn); 429 430 if (sec_level == BT_SECURITY_SDP) 431 return 1; 432 433 if (sec_level == BT_SECURITY_LOW && 434 (!conn->ssp_mode || !conn->hdev->ssp_mode)) 435 return 1; 436 437 if (conn->link_mode & HCI_LM_ENCRYPT) 438 return hci_conn_auth(conn, sec_level, auth_type); 439 440 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend)) 441 return 0; 442 443 if (hci_conn_auth(conn, sec_level, auth_type)) { 444 struct hci_cp_set_conn_encrypt cp; 445 cp.handle = cpu_to_le16(conn->handle); 446 cp.encrypt = 1; 447 hci_send_cmd(conn->hdev, HCI_OP_SET_CONN_ENCRYPT, 448 sizeof(cp), &cp); 449 } 450 451 return 0; 452 } 453 EXPORT_SYMBOL(hci_conn_security); 454 455 /* Change link key */ 456 int hci_conn_change_link_key(struct hci_conn *conn) 457 { 458 BT_DBG("conn %p", conn); 459 460 if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) { 461 struct hci_cp_change_conn_link_key cp; 462 cp.handle = cpu_to_le16(conn->handle); 463 hci_send_cmd(conn->hdev, HCI_OP_CHANGE_CONN_LINK_KEY, 464 sizeof(cp), &cp); 465 } 466 467 return 0; 468 } 469 EXPORT_SYMBOL(hci_conn_change_link_key); 470 471 /* Switch role */ 472 int hci_conn_switch_role(struct hci_conn *conn, __u8 role) 473 { 474 BT_DBG("conn %p", conn); 475 476 if (!role && conn->link_mode & HCI_LM_MASTER) 477 return 1; 478 479 if (!test_and_set_bit(HCI_CONN_RSWITCH_PEND, &conn->pend)) { 480 struct hci_cp_switch_role cp; 481 bacpy(&cp.bdaddr, &conn->dst); 482 cp.role = role; 483 hci_send_cmd(conn->hdev, HCI_OP_SWITCH_ROLE, sizeof(cp), &cp); 484 } 485 486 return 0; 487 } 488 EXPORT_SYMBOL(hci_conn_switch_role); 489 490 /* Enter active mode */ 491 void hci_conn_enter_active_mode(struct hci_conn *conn) 492 { 493 struct hci_dev *hdev = conn->hdev; 494 495 BT_DBG("conn %p mode %d", conn, conn->mode); 496 497 if (test_bit(HCI_RAW, &hdev->flags)) 498 return; 499 500 if (conn->mode != HCI_CM_SNIFF || !conn->power_save) 501 goto timer; 502 503 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) { 504 struct hci_cp_exit_sniff_mode cp; 505 cp.handle = cpu_to_le16(conn->handle); 506 hci_send_cmd(hdev, HCI_OP_EXIT_SNIFF_MODE, sizeof(cp), &cp); 507 } 508 509 timer: 510 if (hdev->idle_timeout > 0) 511 mod_timer(&conn->idle_timer, 512 jiffies + msecs_to_jiffies(hdev->idle_timeout)); 513 } 514 515 /* Enter sniff mode */ 516 void hci_conn_enter_sniff_mode(struct hci_conn *conn) 517 { 518 struct hci_dev *hdev = conn->hdev; 519 520 BT_DBG("conn %p mode %d", conn, conn->mode); 521 522 if (test_bit(HCI_RAW, &hdev->flags)) 523 return; 524 525 if (!lmp_sniff_capable(hdev) || !lmp_sniff_capable(conn)) 526 return; 527 528 if (conn->mode != HCI_CM_ACTIVE || !(conn->link_policy & HCI_LP_SNIFF)) 529 return; 530 531 if (lmp_sniffsubr_capable(hdev) && lmp_sniffsubr_capable(conn)) { 532 struct hci_cp_sniff_subrate cp; 533 cp.handle = cpu_to_le16(conn->handle); 534 cp.max_latency = cpu_to_le16(0); 535 cp.min_remote_timeout = cpu_to_le16(0); 536 cp.min_local_timeout = cpu_to_le16(0); 537 hci_send_cmd(hdev, HCI_OP_SNIFF_SUBRATE, sizeof(cp), &cp); 538 } 539 540 if (!test_and_set_bit(HCI_CONN_MODE_CHANGE_PEND, &conn->pend)) { 541 struct hci_cp_sniff_mode cp; 542 cp.handle = cpu_to_le16(conn->handle); 543 cp.max_interval = cpu_to_le16(hdev->sniff_max_interval); 544 cp.min_interval = cpu_to_le16(hdev->sniff_min_interval); 545 cp.attempt = cpu_to_le16(4); 546 cp.timeout = cpu_to_le16(1); 547 hci_send_cmd(hdev, HCI_OP_SNIFF_MODE, sizeof(cp), &cp); 548 } 549 } 550 551 /* Drop all connection on the device */ 552 void hci_conn_hash_flush(struct hci_dev *hdev) 553 { 554 struct hci_conn_hash *h = &hdev->conn_hash; 555 struct list_head *p; 556 557 BT_DBG("hdev %s", hdev->name); 558 559 p = h->list.next; 560 while (p != &h->list) { 561 struct hci_conn *c; 562 563 c = list_entry(p, struct hci_conn, list); 564 p = p->next; 565 566 c->state = BT_CLOSED; 567 568 hci_proto_disconn_cfm(c, 0x16); 569 hci_conn_del(c); 570 } 571 } 572 573 /* Check pending connect attempts */ 574 void hci_conn_check_pending(struct hci_dev *hdev) 575 { 576 struct hci_conn *conn; 577 578 BT_DBG("hdev %s", hdev->name); 579 580 hci_dev_lock(hdev); 581 582 conn = hci_conn_hash_lookup_state(hdev, ACL_LINK, BT_CONNECT2); 583 if (conn) 584 hci_acl_connect(conn); 585 586 hci_dev_unlock(hdev); 587 } 588 589 void hci_conn_hold_device(struct hci_conn *conn) 590 { 591 atomic_inc(&conn->devref); 592 } 593 EXPORT_SYMBOL(hci_conn_hold_device); 594 595 void hci_conn_put_device(struct hci_conn *conn) 596 { 597 if (atomic_dec_and_test(&conn->devref)) 598 hci_conn_del_sysfs(conn); 599 } 600 EXPORT_SYMBOL(hci_conn_put_device); 601 602 int hci_get_conn_list(void __user *arg) 603 { 604 struct hci_conn_list_req req, *cl; 605 struct hci_conn_info *ci; 606 struct hci_dev *hdev; 607 struct list_head *p; 608 int n = 0, size, err; 609 610 if (copy_from_user(&req, arg, sizeof(req))) 611 return -EFAULT; 612 613 if (!req.conn_num || req.conn_num > (PAGE_SIZE * 2) / sizeof(*ci)) 614 return -EINVAL; 615 616 size = sizeof(req) + req.conn_num * sizeof(*ci); 617 618 if (!(cl = kmalloc(size, GFP_KERNEL))) 619 return -ENOMEM; 620 621 if (!(hdev = hci_dev_get(req.dev_id))) { 622 kfree(cl); 623 return -ENODEV; 624 } 625 626 ci = cl->conn_info; 627 628 hci_dev_lock_bh(hdev); 629 list_for_each(p, &hdev->conn_hash.list) { 630 register struct hci_conn *c; 631 c = list_entry(p, struct hci_conn, list); 632 633 bacpy(&(ci + n)->bdaddr, &c->dst); 634 (ci + n)->handle = c->handle; 635 (ci + n)->type = c->type; 636 (ci + n)->out = c->out; 637 (ci + n)->state = c->state; 638 (ci + n)->link_mode = c->link_mode; 639 if (++n >= req.conn_num) 640 break; 641 } 642 hci_dev_unlock_bh(hdev); 643 644 cl->dev_id = hdev->id; 645 cl->conn_num = n; 646 size = sizeof(req) + n * sizeof(*ci); 647 648 hci_dev_put(hdev); 649 650 err = copy_to_user(arg, cl, size); 651 kfree(cl); 652 653 return err ? -EFAULT : 0; 654 } 655 656 int hci_get_conn_info(struct hci_dev *hdev, void __user *arg) 657 { 658 struct hci_conn_info_req req; 659 struct hci_conn_info ci; 660 struct hci_conn *conn; 661 char __user *ptr = arg + sizeof(req); 662 663 if (copy_from_user(&req, arg, sizeof(req))) 664 return -EFAULT; 665 666 hci_dev_lock_bh(hdev); 667 conn = hci_conn_hash_lookup_ba(hdev, req.type, &req.bdaddr); 668 if (conn) { 669 bacpy(&ci.bdaddr, &conn->dst); 670 ci.handle = conn->handle; 671 ci.type = conn->type; 672 ci.out = conn->out; 673 ci.state = conn->state; 674 ci.link_mode = conn->link_mode; 675 } 676 hci_dev_unlock_bh(hdev); 677 678 if (!conn) 679 return -ENOENT; 680 681 return copy_to_user(ptr, &ci, sizeof(ci)) ? -EFAULT : 0; 682 } 683 684 int hci_get_auth_info(struct hci_dev *hdev, void __user *arg) 685 { 686 struct hci_auth_info_req req; 687 struct hci_conn *conn; 688 689 if (copy_from_user(&req, arg, sizeof(req))) 690 return -EFAULT; 691 692 hci_dev_lock_bh(hdev); 693 conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &req.bdaddr); 694 if (conn) 695 req.type = conn->auth_type; 696 hci_dev_unlock_bh(hdev); 697 698 if (!conn) 699 return -ENOENT; 700 701 return copy_to_user(arg, &req, sizeof(req)) ? -EFAULT : 0; 702 } 703