Do not remove device security record on LMP timeout

If an LMP timeout is encountered in the middle of authentication, the
link key is removed from the controller (but not from NVRAM). This can
result in a follow up connction triggering a LINK_KEY_MISSING reply,
which in turn can cause a remote device to initiate pairing which will
then finally remove the link key stored in NVRAM as well.

This change prevents the link key from being removed from the Bluetooth
controller in case of a timeout during link authentication.

Bug: 36798442
Test: manual
Change-Id: Ic89a16b45756e3d40b2e374c645c8f245f6ce3fc