1# Bluetooth LE stack configuration options 2 3# Copyright (c) 2016-2020 Nordic Semiconductor ASA 4# Copyright (c) 2015-2016 Intel Corporation 5# SPDX-License-Identifier: Apache-2.0 6 7config BT_LONG_WQ 8 bool "Dedicated workqueue for long-running tasks." 9 default y if BT_GATT_CACHING 10 help 11 Adds an API for a workqueue dedicated to long-running tasks. 12 13if BT_LONG_WQ 14config BT_LONG_WQ_STACK_SIZE 15 # Hidden: Long workqueue stack size. Should be derived from system 16 # requirements. 17 int 18 default 1400 if BT_ECC 19 default 1300 if BT_GATT_CACHING 20 default 1024 21 22config BT_LONG_WQ_PRIO 23 int "Long workqueue priority. Should be pre-emptible." 24 default 10 25 range 0 NUM_PREEMPT_PRIORITIES 26 27config BT_LONG_WQ_INIT_PRIO 28 int "Long workqueue init priority" 29 default 50 30 help 31 Init priority level to setup the long workqueue. 32 33endif # BT_LONG_WQ 34 35config BT_HCI_HOST 36 # Hidden option to make the conditions more intuitive 37 bool 38 default y 39 depends on !BT_HCI_RAW 40 select POLL 41 42 43config BT_HCI_TX_STACK_SIZE 44 # NOTE: This value is derived from other symbols and should only be 45 # changed if required by architecture 46 int 47 prompt "HCI Tx thread stack size" if BT_HCI_TX_STACK_SIZE_WITH_PROMPT 48 default 512 if BT_H4 49 default 512 if BT_H5 50 default 416 if BT_SPI 51 default 1280 if BT_LL_SW_SPLIT && (NO_OPTIMIZATIONS || BT_ISO_BROADCAST) 52 default 1024 if BT_LL_SW_SPLIT && BT_CENTRAL 53 default 768 if BT_LL_SW_SPLIT 54 default 512 if BT_USERCHAN 55 default 640 if BT_STM32_IPM 56 # Even if no driver is selected the following default is still 57 # needed e.g. for unit tests. This default will also server as 58 # the worst-case stack size if an out-of-tree controller is used. 59 default 1024 60 help 61 Stack size needed for executing bt_send with specified driver. 62 NOTE: This is an advanced setting and should not be changed unless 63 absolutely necessary. To change this you must first select 64 BT_HCI_TX_STACK_SIZE_WITH_PROMPT. 65 66config BT_HCI_TX_STACK_SIZE_WITH_PROMPT 67 bool "Override HCI Tx thread stack size" 68 69config BT_HCI_TX_PRIO 70 # Hidden option for Co-Operative Tx thread priority 71 int 72 default 7 73 74choice BT_RECV_CONTEXT 75 prompt "BT RX Thread Selection" 76 default BT_RECV_WORKQ_SYS if SOC_SERIES_NRF51X 77 default BT_RECV_WORKQ_BT 78 help 79 Selects in which context incoming low priority HCI packets are processed. 80 The host defines some events as high priority to avoid race conditions and deadlocks. 81 High priority events are always processed in the context of the caller of bt_recv() 82 or bt_recv_prio(). The choice will influence RAM usage and how fast incoming HCI 83 packets are processed. 84 85config BT_RECV_WORKQ_SYS 86 bool "Process low priority HCI packets in the system work queue" 87 help 88 When this option is selected, the host will process incoming low priority HCI packets 89 in the system work queue. The HCI driver shall not call bt_recv_prio(). 90 High priority HCI packets will processed in the context of the caller of bt_recv(). 91 The application needs to ensure the system workqueue stack size (SYSTEM_WORKQUEUE_STACK_SIZE) 92 is large enough, refer to BT_RX_STACK_SIZE for the recommended minimum. 93 Warning: Enabling this option will cause the latency of incoming Bluetooth events to be 94 affected by other tasks using the system work queue. When this option is active, the Host 95 will process Bluetooth events in a blocking manner. This can lead to deadlocks if the 96 application waits for the system work queue while handling Bluetooth events. This feature 97 is intended for advanced users to allow aggressive memory optimization for devices with 98 very limited memory. It is strongly advised not to use this option. 99 100config BT_RECV_WORKQ_BT 101 bool "Process low priority HCI packets in the bluetooth-specific work queue" 102 help 103 When this option is selected, the host will process incoming low priority HCI packets 104 in the bluetooth-specific work queue. The HCI driver shall not call bt_recv_prio(). 105 High priority HCI packets will processed in the context of the caller of bt_recv(). 106 The application needs to ensure the bluetooth-specific work queue size is large enough, 107 refer to BT_RX_STACK_SIZE for the recommended minimum. 108endchoice 109 110config BT_RX_STACK_SIZE 111 int "Size of the receiving thread stack" 112 default 768 if BT_HCI_RAW 113 default 3092 if BT_MESH_GATT_CLIENT 114 default 2600 if BT_MESH 115 default 2048 if BT_AUDIO 116 default 2200 if BT_SETTINGS 117 default 1200 118 help 119 Size of the receiving thread stack. This is the context from 120 which all event callbacks to the application occur. The 121 default value is sufficient for basic operation, but if the 122 application needs to do advanced things in its callbacks that 123 require extra stack space, this value can be increased to 124 accommodate for that. 125 126config BT_RX_PRIO 127 # Hidden option for Co-Operative Rx thread priority 128 int 129 default 8 130 131config BT_DRIVER_RX_HIGH_PRIO 132 # Hidden option for Co-Operative HCI driver RX thread priority 133 int 134 default 6 135 136config BT_CONN_TX_NOTIFY_WQ 137 bool "Use a separate workqueue for connection TX notify processing [EXPERIMENTAL]" 138 depends on BT_CONN_TX 139 select EXPERIMENTAL 140 help 141 Use a separate workqueue instead of system workqueue for 142 bt_conn_tx_notify processing. The option can be used to make Bluetooth 143 stack more independent from the system workqueue. 144 145if BT_CONN_TX_NOTIFY_WQ 146 147config BT_CONN_TX_NOTIFY_WQ_STACK_SIZE 148 int "Stack size of workqueue for connection TX notify processing" 149 default SYSTEM_WORKQUEUE_STACK_SIZE 150 151config BT_CONN_TX_NOTIFY_WQ_PRIO 152 int "Cooperative priority of workqueue for connection TX notify processing" 153 default 8 154 155config BT_CONN_TX_NOTIFY_WQ_INIT_PRIORITY 156 int "Init priority of workqueue for connection TX notify processing" 157 default 50 158 help 159 The connection TX notify processing workqueue is initialized during 160 system initialization (at POST_KERNEL level). The Kconfig option 161 controls the initialization priority within level. 162 163endif # BT_CONN_TX_NOTIFY_WQ 164 165menu "Bluetooth Host" 166 167if BT_HCI_HOST 168 169rsource "../mesh/Kconfig" 170rsource "../audio/Kconfig" 171 172config BT_HOST_CRYPTO 173 bool "Use crypto functionality implemented in the Bluetooth host" 174 default y if !BT_CTLR_CRYPTO 175 select MBEDTLS if !BUILD_WITH_TFM 176 select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM 177 select PSA_WANT_KEY_TYPE_AES 178 select PSA_WANT_ALG_ECB_NO_PADDING 179 help 180 The option adds the AES encryption support using PSA Crypto API 181 library if this is not provided by the controller implementation. 182 183config BT_HOST_CRYPTO_PRNG 184 bool "Use PSA crypto API library for random number generation" 185 default y 186 select PSA_WANT_ALG_SHA_256 187 select PSA_WANT_KEY_TYPE_HMAC 188 select PSA_WANT_ALG_HMAC 189 depends on BT_HOST_CRYPTO 190 help 191 When selected, will use PSA Crypto API library for random number generation. 192 This will consume additional ram, but may speed up the generation of random 193 numbers. 194 195 Otherwise, random numbers will be generated through multiple HCI calls, 196 which will not consume additional resources, but may take a long time, 197 depending on the length of the random data. 198 This method is generally recommended within 16 bytes. 199 200config BT_SETTINGS 201 bool "Store Bluetooth state and configuration persistently" 202 depends on SETTINGS 203 select MPU_ALLOW_FLASH_WRITE if ARM_MPU 204 help 205 When selected, the Bluetooth stack will take care of storing 206 (and restoring) the Bluetooth state (e.g. pairing keys) and 207 configuration persistently in flash. 208 209 When this option has been enabled, it's important that the 210 application makes a call to settings_load() after having done 211 all necessary initialization (e.g. calling bt_enable). The 212 reason settings_load() is handled externally to the stack, is 213 that there may be other subsystems using the settings API, in 214 which case it's more efficient to load all settings in one go, 215 instead of each subsystem doing it independently. 216 217 Warning: The Bluetooth host expects a settings backend that loads 218 settings items in handle order. 219 220if BT_SETTINGS 221config BT_SETTINGS_CCC_LAZY_LOADING 222 bool "Load CCC values from settings when peer connects" 223 depends on BT_CONN 224 default y 225 help 226 Load Client Configuration Characteristic setting right after a bonded 227 device connects. 228 Disabling this option will increase memory usage as CCC values for all 229 bonded devices will be loaded when calling settings_load. 230 231config BT_SETTINGS_DELAYED_STORE 232 # Enables delayed non-volatile storage mechanism 233 bool 234 help 235 Triggers the storage of the CF and CCC right after a write. 236 This is done in the workqueue context, in order to not block the BT RX 237 thread for too long. 238 239config BT_SETTINGS_DELAYED_STORE_MS 240 int 241 default 1000 242 help 243 (Advanced) Governs the timeout after which the settings write will 244 take effect. 245 246config BT_SETTINGS_CCC_STORE_ON_WRITE 247 bool "Store CCC value immediately after it has been written" 248 depends on BT_CONN 249 select BT_SETTINGS_DELAYED_STORE 250 default y 251 help 252 Store Client Configuration Characteristic value right after it has 253 been updated. If the option is disabled, the CCC is only stored on 254 disconnection. 255 256config BT_SETTINGS_CF_STORE_ON_WRITE 257 bool "Store CF value immediately after it has been written" 258 depends on BT_CONN && BT_GATT_CACHING 259 select BT_SETTINGS_DELAYED_STORE 260 default y 261 help 262 Store Client Supported Features value right after it has been updated. 263 If the option is disabled, the CF is only stored on disconnection. 264 265config BT_SETTINGS_USE_PRINTK 266 bool "Use snprintk to encode Bluetooth settings key strings" 267 depends on SETTINGS && PRINTK 268 default y 269 help 270 When selected, Bluetooth settings will use snprintk to encode 271 key strings. 272 When not selected, Bluetooth settings will use a faster builtin 273 function to encode the key string. The drawback is that if 274 printk is enabled then the program memory footprint will be larger. 275 276config BT_SETTINGS_CCC_STORE_MAX 277 int "Max number of Client Characteristic Configuration (CCC)" 278 default 48 279 range 1 96 280 help 281 Defines the max number of Client Characteristic Configuration (CCC) 282 that the stack can handle 283 284endif # BT_SETTINGS 285 286config BT_FILTER_ACCEPT_LIST 287 bool "Filter accept list support" 288 help 289 This option enables the filter accept list API. This takes advantage of the 290 filtering feature of a Bluetooth LE controller. 291 The filter accept list is a global list and the same list is used 292 by both scanner and advertiser. The filter accept list cannot be modified while 293 it is in use. 294 295 An Advertiser can filter which peers can connect or request scan 296 response data. 297 A scanner can filter advertisers for which it will generate 298 advertising reports. 299 Connections can be established automatically for accepted peers. 300 301config BT_LIM_ADV_TIMEOUT 302 int "Timeout for limited advertising in 1s units" 303 default 30 304 range 1 180 305 depends on BT_BROADCASTER 306 help 307 After this timeout is reached, advertisement with BT_LE_AD_LIMITED flag 308 set shall be terminated. As per BT Core Spec 5.2, Vol 3, Part C, 309 Appendix A (NORMATIVE): TIMERS AND CONSTANTS it's required to be no more 310 than 180s. 311 312config BT_CONN_TX_USER_DATA_SIZE 313 int 314 default 32 if 64BIT 315 default 16 316 help 317 Necessary user_data size for stack usage. Mostly used for passing 318 callbacks around. See `struct closure` in conn_internal.h. 319 320config BT_CONN_FRAG_COUNT 321 int 322 default BT_MAX_CONN if BT_CONN 323 default BT_ISO_MAX_CHAN if BT_ISO 324 help 325 Internal kconfig that sets the maximum amount of simultaneous data 326 packets in flight. It should be equal to the number of connections. 327 328if BT_CONN 329 330config BT_CONN_TX_MAX 331 int "Maximum number of pending TX buffers with a callback" 332 default BT_BUF_ACL_TX_COUNT 333 range BT_BUF_ACL_TX_COUNT $(UINT8_MAX) 334 help 335 Maximum number of pending TX buffers that have an associated 336 callback. Normally this can be left to the default value, which 337 is equal to the number of TX buffers in the controller. 338 339config BT_CONN_PARAM_ANY 340 bool "Accept any values for connection parameters" 341 help 342 Some controllers support additional connection parameter ranges 343 beyond what is described in the specification. Enabling this option 344 allows the application to set any value to all connection parameters. 345 The Host will perform no limits nor consistency checks on any of the 346 connection parameters (conn interval min and max, latency and timeout). 347 However, the Host will still use numerical comparisons between the 348 min and max connection intervals in order to verify whether the 349 desired parameters have been established in the connection. 350 351config BT_CONN_CHECK_NULL_BEFORE_CREATE 352 bool "Check if *conn is NULL when creating a connection" 353 help 354 Enable this option to ensure that bt_conn_le_create and 355 bt_conn_le_create_synced return an error if *conn is not initialized 356 to NULL. This option is recommended to use to catch programming 357 errors where the application reuses the connection pointer of an 358 active connection object without dereferencing it. Without 359 dereferencing, the connection object stays alive which can lead to an 360 unpredictable behavior. 361 362config BT_USER_PHY_UPDATE 363 bool "User control of PHY Update Procedure" 364 depends on BT_PHY_UPDATE 365 help 366 Enable application access to initiate the PHY Update Procedure. 367 The application can also register a callback to be notified about PHY 368 changes on the connection. The current PHY info is available in the 369 connection info. 370 371config BT_AUTO_PHY_UPDATE 372 bool "Auto-initiate PHY Update Procedure" 373 depends on BT_PHY_UPDATE 374 default y if !BT_USER_PHY_UPDATE 375 help 376 Initiate PHY Update Procedure on connection establishment. 377 378 Disable this if you want the PHY Update Procedure feature supported 379 but want to rely on the remote device to initiate the procedure at its 380 discretion or want to initiate manually. 381 382config BT_USER_DATA_LEN_UPDATE 383 bool "User control of Data Length Update Procedure" 384 depends on BT_DATA_LEN_UPDATE 385 help 386 Enable application access to initiate the Data Length Update 387 Procedure. The application can also a register callback to be notified 388 about Data Length changes on the connection. The current Data Length 389 info is available in the connection info. 390 391config BT_AUTO_DATA_LEN_UPDATE 392 bool "Auto-initiate Data Length Update procedure" 393 depends on BT_DATA_LEN_UPDATE 394 default y if !BT_USER_DATA_LEN_UPDATE 395 help 396 Initiate Data Length Update Procedure on connection establishment. 397 398 Disable this if you want the Data Length Update Procedure feature 399 supported but want to rely on the remote device to initiate the 400 procedure at its discretion or want to initiate manually. 401 402config BT_REMOTE_INFO 403 bool "Application access to remote information" 404 help 405 Enable application access to the remote information available in the 406 stack. The remote information is retrieved once a connection has been 407 established and the application will be notified when this information 408 is available through the remote_info_available connection callback. 409 410config BT_SMP 411 bool "Security Manager Protocol support" 412 select BT_CRYPTO 413 select BT_RPA 414 select BT_ECC if !BT_SMP_OOB_LEGACY_PAIR_ONLY 415 help 416 This option enables support for the Security Manager Protocol 417 (SMP), making it possible to pair devices over LE. 418 419if BT_SMP 420 421config BT_SECURITY_ERR_TO_STR 422 bool "Print security error codes as strings [EXPERIMENTAL]" 423 select EXPERIMENTAL 424 help 425 This configuration enables printing of security error 426 codes represented as strings. 427 See bt_security_err_to_str() for more details. 428 429config BT_SMP_ERR_TO_STR 430 bool "Print SMP error codes as strings [EXPERIMENTAL]" 431 select EXPERIMENTAL 432 help 433 This configuration enables printing of SMP error 434 codes represented as strings. 435 See bt_smp_err_to_str() for more details. 436 437config BT_PASSKEY_KEYPRESS 438 bool "Passkey Keypress Notification support [EXPERIMENTAL]" 439 select EXPERIMENTAL 440 help 441 Enable support for receiving and sending Keypress Notifications during 442 Passkey Entry during pairing. 443 444config BT_PRIVACY 445 bool "Device privacy" 446 help 447 Enable privacy for the local device. This makes the device use Resolvable 448 Private Addresses (RPAs) by default. 449 450 Note: 451 Establishing connections as a directed advertiser, or to a directed 452 advertiser is only possible if the controller also supports privacy. 453 454config BT_PRIVACY_RANDOMIZE_IR 455 bool "Randomize identity root for fallback identities" 456 depends on BT_PRIVACY 457 select BT_SETTINGS 458 help 459 Enabling this option will cause the Host to ignore controller-provided 460 identity roots (IR). The Host will instead use bt_rand to generate 461 identity resolving keys (IRK) and store them in the settings subsystem. 462 463 Setting this config may come with a performance penalty to boot time, 464 as the hardware RNG may need time to generate entropy and will block 465 Bluetooth initialization. 466 467 This option increases privacy, as explained in the following text. 468 469 The IR determines the IRK of the identity. The IRK is used to both 470 generate and resolve (recognize) the private addresses of an identity. 471 The IRK is a shared secret, distributed to peers bonded to that 472 identity. 473 474 An attacker that has stolen or once bonded and retained the IRK can 475 forever resolve addresses from that IRK, even if that bond has been 476 deleted locally. 477 478 Deleting an identity should ideally delete the IRK as well and thereby 479 restore anonymity from previously bonded peers. But unless this config 480 is set, this does not always happen. 481 482 In particular, a factory reset function that wipes the data in the 483 settings subsystem may not affect the controller-provided IRs. If 484 those IRs are reused, this device can be tracked across factory resets. 485 486 For optimal privacy, a new IRK (i.e., identity) should be used per 487 bond. However, this naturally limits advertisements from that identity 488 to be recognizable by only that one bonded device. 489 490 A description of the exact effect of this setting follows. 491 492 If the application has not setup an identity before calling 493 settings_load()/settings_load_subtree("bt") after bt_enable(), the 494 Host will automatically try to load saved identities from the settings 495 subsystem, and if there are none, set up the default identity 496 (BT_ID_DEFAULT). 497 498 If the controller has a public address (HCI_Read_BD_ADDR), that becomes 499 the address of the default identity. The Host will by default try to 500 obtain the IR for that identity from the controller (by Zephyr HCI 501 Read_Key_Hierarchy_Roots). Setting this config randomizes the IR 502 instead. 503 504 If the controller does not have a public address, the Host will try 505 to source the default identity from the static address information 506 from controller (Zephyr HCI Read_Static_Addresses). This results in an 507 identity for each entry in Read_Static_Addresses. Setting this config 508 randomizes the IRs during this process. 509 510config BT_RPA_TIMEOUT 511 int "Resolvable Private Address timeout" 512 depends on BT_PRIVACY 513 default 900 514 range 1 $(UINT16_MAX) 515 help 516 This option defines how often resolvable private address is rotated. 517 Value is provided in seconds and defaults to 900 seconds (15 minutes). 518 519config BT_RPA_TIMEOUT_DYNAMIC 520 bool "Support setting the Resolvable Private Address timeout at runtime" 521 depends on BT_PRIVACY 522 help 523 This option allows the user to override the default value of 524 the Resolvable Private Address timeout using dedicated APIs. 525 526config BT_RPA_SHARING 527 bool "Share the Resolvable Private Address between advertising sets" 528 depends on BT_PRIVACY && BT_EXT_ADV 529 help 530 This option configures the advertising sets linked with the same 531 Bluetooth identity to use the same Resolvable Private Address in 532 a given rotation period. After the RPA timeout, the new RPA is 533 generated and shared between the advertising sets in the subsequent 534 rotation period. When this option is disabled, the generated RPAs 535 of the advertising sets differ from each other in a given rotation 536 period. 537 538config BT_SIGNING 539 bool "Data signing support" 540 help 541 This option enables data signing which is used for transferring 542 authenticated data in an unencrypted connection. 543 544config BT_SMP_APP_PAIRING_ACCEPT 545 bool "Accept or reject pairing initiative" 546 help 547 When receiving pairing request or pairing response query the 548 application whether to accept to proceed with pairing or not. This is 549 for pairing over SMP and does not affect SSP, which will continue 550 pairing without querying the application. 551 The application can return an error code, which is translated into 552 a SMP return value if the pairing is not allowed. 553 554config BT_SMP_SC_PAIR_ONLY 555 bool "Disable legacy pairing" 556 default y 557 help 558 This option disables LE legacy pairing and forces LE secure connection 559 pairing. All Security Mode 1 levels can be used with legacy pairing 560 disabled, but pairing with devices that do not support secure 561 connections pairing will not be supported. 562 To force a higher security level use "Secure Connections Only Mode" 563 564config BT_SMP_SC_ONLY 565 bool "Secure Connections Only Mode" 566 select BT_SMP_SC_PAIR_ONLY 567 help 568 This option enables support for Secure Connection Only Mode. In this 569 mode device shall only use Security Mode 1 Level 4 with exception 570 for services that only require Security Mode 1 Level 1 (no security). 571 Security Mode 1 Level 4 stands for authenticated LE Secure Connections 572 pairing with encryption. Enabling this option disables legacy pairing. 573 574config BT_SMP_OOB_LEGACY_PAIR_ONLY 575 bool "Force Out Of Band Legacy pairing" 576 depends on !(BT_SMP_SC_PAIR_ONLY || BT_SMP_SC_ONLY) 577 help 578 This option disables Legacy and LE SC pairing and forces legacy OOB. 579 580config BT_SMP_DISABLE_LEGACY_JW_PASSKEY 581 bool "Forbid usage of insecure legacy pairing methods" 582 depends on !(BT_SMP_SC_PAIR_ONLY || BT_SMP_SC_ONLY || \ 583 BT_SMP_OOB_LEGACY_PAIR_ONLY) 584 help 585 This option disables Just Works and Passkey legacy pairing methods to 586 increase security. 587 588config BT_SMP_ALLOW_UNAUTH_OVERWRITE 589 bool "Allow unauthenticated pairing for paired device" 590 help 591 This option allows all unauthenticated pairing attempts made by the 592 peer where an unauthenticated bond already exists. 593 This would enable cases where an attacker could copy the peer device 594 address to connect and start an unauthenticated pairing procedure 595 to replace the existing bond. When this option is disabled in order 596 to create a new bond the old bond has to be explicitly deleted with 597 bt_unpair. 598 599config BT_ID_UNPAIR_MATCHING_BONDS 600 bool "Delete bond with same peer with other local identity when bonding" 601 help 602 When a bond is about to complete, find any other bond with the same 603 peer address (or IRK) and `bt_unpair` that bond before the event 604 `pairing_complete`. 605 606 Important: If this option is not enabled, the current implementation 607 will automatically fail the bonding. See "RL limitation" below. 608 609 Important: If this option is not enabled, as Peripheral, it may be too 610 late to abort the bonding. The pairing is failed locally, but it may 611 still be reported as successful on the Central. When this situation 612 occurs, the Zephyr Peripheral will immediately disconnect. See "SMP 613 limitation" below. 614 615 [RL limitation]: 616 The Host implementers have considered it unlikely that applications 617 would ever want to have multiple bonds with the same peer. The 618 implementers prioritize the simplicity of the implementation over this 619 capability. 620 621 The Resolve List on a Controller is not able to accommodate multiple 622 local addresses/IRKs for a single remote address. This would prevent 623 the Host from setting up a one-to-one correspondence between the Host 624 bond database and the Controller Resolve List. The implementation 625 relies on that capability when using the Resolve List. For performance 626 reasons, there is the wish to not fallback to Host Address Resolution 627 in this case. 628 629 [SMP Limitation]: 630 The Paring Failed command of the Security Manager Protocol cannot be 631 sent outside of a Pairing Process. A Pairing Process ends when the 632 last Transport Specific Key to be distributed is acknowledged at 633 link-layer. The Host does not have control over this acknowledgment, 634 and the order of distribution is fixed by the specification. 635 636config BT_ID_ALLOW_UNAUTH_OVERWRITE 637 bool "Allow unauthenticated pairing with same peer with other local identity" 638 depends on !BT_SMP_ALLOW_UNAUTH_OVERWRITE 639 help 640 This option allows unauthenticated pairing attempts made by the 641 peer where an unauthenticated bond already exists on other local 642 identity. This configuration still blocks unauthenticated pairing 643 attempts on the same local identity. To allow the pairing procedure 644 unconditionally, please see the BT_SMP_ALLOW_UNAUTH_OVERWRITE 645 configuration. 646 647config BT_SMP_USB_HCI_CTLR_WORKAROUND 648 bool "Workaround for USB HCI controller out-of-order events" 649 depends on BT_TESTING 650 help 651 This option enables support for USB HCI controllers that sometimes 652 send out-of-order HCI events and ACL Data due to using different USB 653 endpoints. 654 Enabling this option will make the central role not require the 655 encryption-change event to be received before accepting key-distribution 656 data. 657 It opens up for a potential vulnerability as the central cannot detect 658 if the keys are distributed over an encrypted link. 659 660config BT_FIXED_PASSKEY 661 bool "Use a fixed passkey for pairing" 662 help 663 With this option enabled, the application will be able to call the 664 bt_passkey_set() API to set a fixed passkey. If set, the 665 pairing_confirm() callback will be called for all incoming pairings. 666 667config BT_USE_DEBUG_KEYS 668 bool "Security Manager Debug Mode" 669 help 670 This option places Security Manager in a Debug Mode. In this mode 671 predefined Diffie-Hellman private/public key pair is used as described 672 in Core Specification Vol. 3, Part H, 2.3.5.6.1. 673 674 WARNING: This option enables anyone to decrypt on-air traffic. 675 Use of this feature in production is strongly discouraged. 676 677config BT_BONDABLE 678 bool "Bondable Mode" 679 default y 680 help 681 This option is the default value of the bonding flag for any ACL connection. 682 If the option is true, the default bonding flag is true. Or, the default 683 bonding flag is false. 684 After a connection is established, the bonding flag of the connection 685 can also be changed by calling `bt_conn_set_bondable()` if the configuration 686 `the bonding flag per-connection` (BT_BONDABLE_PER_CONNECTION) is 687 enabled. Please see the BT_BONDABLE_PER_CONNECTION configuration. 688 689config BT_BONDING_REQUIRED 690 bool "Always require bonding" 691 depends on BT_BONDABLE 692 help 693 When this option is enabled remote devices are required to always 694 set the bondable flag in their pairing request. Any other kind of 695 requests will be rejected. 696 697config BT_BONDABLE_PER_CONNECTION 698 bool "Set/clear the bonding flag per-connection" 699 help 700 Enable support for the bt_conn_set_bondable API function that is 701 used to set/clear the bonding flag on a per-connection basis. 702 703config BT_STORE_DEBUG_KEYS 704 bool "Store Debug Mode bonds" 705 help 706 This option enables support for storing bonds where either of devices 707 is using the predefined Diffie-Hellman private/public key pair as 708 described in the Core Specification Vol 3, Part H, 2.3.5.6.1. 709 710 WARNING: This option potentially enables anyone to decrypt on-air 711 traffic. 712 Use of this feature in production is strongly discouraged. 713 714config BT_SMP_ENFORCE_MITM 715 bool "Enforce MITM protection" 716 default y 717 help 718 With this option enabled, the Security Manager will set MITM option in 719 the Authentication Requirements Flags whenever local IO Capabilities 720 allow the generated key to be authenticated. 721 722config BT_OOB_DATA_FIXED 723 bool "Use a fixed random number for LESC OOB pairing" 724 depends on BT_TESTING 725 help 726 With this option enabled, the application will be able to perform LESC 727 pairing with OOB data that consists of fixed random number and confirm 728 value. 729 730 WARNING: This option stores a hardcoded Out-of-Band value in the image. 731 Use of this feature in production is strongly discouraged. 732 733config BT_KEYS_OVERWRITE_OLDEST 734 bool "Overwrite the oldest key if key storage is full" 735 help 736 If a pairing attempt occurs and the key storage is full then the 737 oldest key from the set of not currently in use keys will be selected 738 and overwritten by the pairing device. 739 740config BT_KEYS_SAVE_AGING_COUNTER_ON_PAIRING 741 bool "Store aging counter every time a successful paring occurs" 742 depends on BT_SETTINGS && BT_KEYS_OVERWRITE_OLDEST 743 help 744 With this option enabled, aging counter will be stored in settings every 745 time a successful pairing occurs. This increases flash wear out but offers 746 a more correct finding of the oldest unused pairing info. 747 748config BT_SMP_MIN_ENC_KEY_SIZE 749 int 750 prompt "Minimum encryption key size accepted in octets" if !BT_SMP_SC_ONLY 751 range 7 16 752 default 16 753 help 754 This option sets the minimum encryption key size accepted during pairing. 755 756endif # BT_SMP 757 758rsource "Kconfig.l2cap" 759rsource "Kconfig.gatt" 760rsource "../services/Kconfig" 761 762config BT_MAX_PAIRED 763 int "Maximum number of paired devices" 764 default 0 if !BT_SMP 765 default 1 766 range 0 128 767 help 768 Maximum number of paired Bluetooth devices. The minimum (and 769 default) number is 1. 770 771config BT_CREATE_CONN_TIMEOUT 772 int "Timeout for pending LE Create Connection command in seconds" 773 default 3 774 range 1 655 775 776config BT_CONN_PARAM_UPDATE_TIMEOUT 777 int "Peripheral connection parameter update timeout in milliseconds" 778 default 5000 779 range 0 $(UINT16_MAX) 780 help 781 The value is a timeout used by peripheral device to wait until it 782 starts the first connection parameters update procedure after a 783 connection has been established. 784 The connection parameters requested will be the parameters set by the 785 application, or the peripheral preferred connection parameters if 786 configured. 787 The default value is set to 5 seconds, to comply with the Bluetooth 788 Core specification: Core 4.2 Vol 3, Part C, 9.3.12.2: 789 "The Peripheral device should not perform a Connection Parameter 790 Update procedure within 5 seconds after establishing a connection." 791 792config BT_CONN_PARAM_RETRY_COUNT 793 int "Peripheral connection parameter update retry attempts" 794 default 3 795 range 0 $(UINT8_MAX) 796 help 797 This value corresponds to number of times to retry connection 798 parameter update to attain the preferred value set in GATT 799 characteristics in the Peripheral. 800 801config BT_CONN_PARAM_RETRY_TIMEOUT 802 int "Peripheral connection parameter update retry timeout in milliseconds" 803 default 5000 804 range 0 $(UINT16_MAX) 805 help 806 The value is a timeout used by peripheral device to wait until retry 807 to attempt requesting again the preferred connection parameters. 808 809endif # BT_CONN 810 811if BT_OBSERVER 812config BT_BACKGROUND_SCAN_INTERVAL 813 int "Scan interval used for background scanning in 0.625 ms units" 814 default 2048 815 range 4 16384 816config BT_BACKGROUND_SCAN_WINDOW 817 int "Scan window used for background scanning in 0.625 ms units" 818 default 18 819 range 4 16384 820 821config BT_EXT_SCAN_BUF_SIZE 822 int "Maximum advertisement report size" 823 depends on BT_EXT_ADV 824 range 1 1650 825 default 229 826 help 827 Maximum size of an advertisement report in octets. If the advertisement 828 provided by the controller is larger than this buffer size, 829 the remaining data will be discarded. 830 831endif # BT_OBSERVER 832 833config BT_SCAN_WITH_IDENTITY 834 bool "Perform active scanning using local identity address" 835 depends on !BT_PRIVACY && (BT_CENTRAL || BT_OBSERVER) 836 help 837 Enable this if you want to perform active scanning using the local 838 identity address as the scanner address. By default the stack will 839 always use a non-resolvable private address (NRPA) in order to avoid 840 disclosing local identity information. By not scanning with the 841 identity address the scanner will receive directed advertise reports 842 for the local identity. If this use case is required, then enable 843 this option. 844 845config BT_SCAN_AND_INITIATE_IN_PARALLEL 846 bool "Allow concurrent scanning and initiating" 847 depends on (BT_CENTRAL && BT_OBSERVER) 848 select BT_EXT_ADV if BT_BROADCASTER 849 select BT_SCAN_WITH_IDENTITY if !BT_PRIVACY 850 help 851 Allow concurrent scanning and initiating. 852 This will allow the application to initiate a connection 853 to a peer device without stopping the scanner. 854 If privacy is disabled, the scanner will use its identity 855 address. 856 This feature is only available when extended advertising 857 HCI commands are used to prevent degraded performance 858 when the advertiser is used. 859 Scanning with a timeout is not supported when this 860 feature is enabled. 861 862config BT_DEVICE_NAME_DYNAMIC 863 bool "Allow to set Bluetooth device name on runtime" 864 help 865 Enabling this option allows for runtime configuration of Bluetooth 866 device name. 867 868config BT_DEVICE_NAME_MAX 869 int "Maximum size in bytes for device name" 870 depends on BT_DEVICE_NAME_DYNAMIC 871 default 28 872 range 2 248 873 help 874 Bluetooth device name storage size. Storage can be up to 248 bytes 875 long (excluding NULL termination). 876 877config BT_DEVICE_NAME 878 string "Bluetooth device name" 879 default "Zephyr" 880 help 881 Bluetooth device name. Name can be up to 248 bytes long (excluding 882 NULL termination). Can be empty string. 883 884config BT_DEVICE_APPEARANCE_DYNAMIC 885 bool "Runtime Bluetooth Appearance changing" 886 help 887 Enables use of bt_set_appearance. 888 If CONFIG_BT_SETTINGS is set, the appearance is persistently stored. 889 890config BT_DEVICE_APPEARANCE 891 int "Bluetooth device appearance" 892 range 0 $(UINT16_MAX) 893 default 0 894 help 895 Bluetooth device appearance. For the list of possible values please 896 consult the following link: 897 https://www.bluetooth.com/specifications/assigned-numbers 898 899config BT_ID_MAX 900 int "Maximum number of local identities" 901 range 1 1 if BT_SCAN_AND_INITIATE_IN_PARALLEL 902 range 1 250 903 default 1 904 help 905 Maximum number of supported local identity addresses. For most 906 products this is safe to leave as the default value (1). 907 908config BT_DF 909 bool "Direction Finding support [EXPERIMENTAL]" 910 depends on !HAS_BT_CTLR || BT_CTLR_DF_SUPPORT 911 select EXPERIMENTAL 912 help 913 Enable support for Bluetooth 5.1 Direction Finding. 914 It will allow to: get information about antennae, configure 915 Constant Tone Extension, transmit CTE and sample incoming CTE. 916 917if BT_DF 918 919config BT_DF_CONNECTIONLESS_CTE_RX 920 bool "Support for receive of CTE in connectionless mode" 921 depends on !HAS_BT_CTLR || BT_CTLR_DF_CTE_RX_SUPPORT 922 help 923 Enable support for reception and sampling of Constant Tone Extension 924 in connectionless mode. 925 926config BT_DF_CONNECTIONLESS_CTE_TX 927 bool "Support for transmission of CTE in connectionless mode" 928 depends on !HAS_BT_CTLR || BT_CTLR_DF_CTE_TX_SUPPORT 929 help 930 Enable support for transmission of Constant Tone Extension in 931 connectionless mode. 932 933config BT_DF_CONNECTION_CTE_RX 934 bool "Support for receive of CTE in connection mode" 935 depends on !HAS_BT_CTLR || BT_CTLR_DF_CTE_RX_SUPPORT 936 help 937 Enable support for reception and sampling of Constant Tone Extension 938 in connection mode. 939 940config BT_DF_CONNECTION_CTE_TX 941 bool "Support for transmission of CTE in connection mode" 942 depends on !HAS_BT_CTLR || BT_CTLR_DF_CTE_TX_SUPPORT 943 help 944 Enable support for transmission of Constant Tone Extension in 945 connection mode. 946 947config BT_DF_CONNECTION_CTE_REQ 948 bool "Support for CTE request procedure in connection mode" 949 depends on BT_DF_CONNECTION_CTE_RX 950 help 951 Enable support for request of Constant Tone Extension in connection 952 mode. 953 954config BT_DF_CONNECTION_CTE_RSP 955 bool "Support for CTE request procedure in connection mode" 956 depends on BT_DF_CONNECTION_CTE_TX 957 help 958 Enable support for request of Constant Tone Extension in connection 959 mode. 960 961config BT_DF_CTE_RX_AOA 962 bool "Antenna switching during CTE reception (AoA) feature" 963 depends on BT_DF_CONNECTIONLESS_CTE_RX || BT_DF_CONNECTION_CTE_RX 964 default y 965 help 966 Enable support for antenna switching during CTE reception. 967 Also known as Angle of Arrival mode. 968 969config BT_DF_CTE_TX_AOD 970 bool "Antenna switching during CTE transmission (AoD) feature" 971 depends on BT_DF_CONNECTIONLESS_CTE_TX || BT_DF_CONNECTION_CTE_TX 972 default y 973 help 974 Enable support for antenna switching during CTE transmission. 975 Also known as Angle of Departure mode. 976 977config BT_DF_VS_CL_IQ_REPORT_16_BITS_IQ_SAMPLES 978 bool "Use 16 bits signed integer IQ samples in connectionless IQ reports" 979 depends on BT_DF_CONNECTIONLESS_CTE_RX && BT_HCI_VS 980 help 981 Direction Finging connectionless IQ reports provide a set of IQ samples collected during 982 sampling of CTE. Bluetooth 5.3 Core Specification defines IQ samples to be 8 bits signed 983 integer, see Vol 4, Part E section 7.7.65.21. This option enables a vendor specific Host 984 extension to handle connectionless IQ reports with samples that are in 16 bit signed 985 integer format. 986 987config BT_DF_VS_CONN_IQ_REPORT_16_BITS_IQ_SAMPLES 988 bool "Use 16 bits signed integer IQ samples in connection IQ reports" 989 depends on BT_DF_CONNECTION_CTE_RX && BT_HCI_VS 990 help 991 Direction Finging connection IQ reports provide a set of IQ samples collected during 992 sampling of CTE. Bluetooth 5.3 Core Specification defines IQ samples to be 8 bits signed 993 integer, see Vol 4, Part E sections 7.7.65.22. This option enables a vendor specific Host 994 extension to handle connection IQ report with samples that are in 16 bit signed integer 995 format. 996 997endif # BT_DF 998 999config BT_ECC 1000 bool 1001 select MBEDTLS if !BUILD_WITH_TFM 1002 select MBEDTLS_PSA_CRYPTO_C if !BUILD_WITH_TFM 1003 select PSA_WANT_ALG_ECDH 1004 select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1005 select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1006 select PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1007 select PSA_WANT_ECC_SECP_R1_256 1008 imply MBEDTLS_PSA_P256M_DRIVER_ENABLED if MBEDTLS_PSA_CRYPTO_C 1009 imply BT_LONG_WQ 1010 help 1011 If this option is set, internal APIs will be available to perform ECDH operations through 1012 the long work queue (or system work queue). The operations are used e.g. by LE Secure 1013 Connections. 1014 1015endif # BT_HCI_HOST 1016 1017config BT_HOST_CCM 1018 bool "Host side AES-CCM module" 1019 help 1020 Enables the software based AES-CCM engine in the host. Will use the 1021 controller's AES encryption functions if available, or BT_HOST_CRYPTO 1022 otherwise. 1023 1024config BT_PER_ADV_SYNC_BUF_SIZE 1025 int "Maximum periodic advertising report size" 1026 depends on BT_PER_ADV_SYNC 1027 range 0 1650 1028 default 0 1029 help 1030 Maximum size of a fragmented periodic advertising report. If the periodic 1031 advertising report provided by the controller is fragmented and larger 1032 than this buffer size, then the data will be discarded. 1033 Unfragmented reports are forwarded as they are received. 1034 1035config BT_DEBUG_ISO_DATA 1036 bool "ISO channel data debug" 1037 depends on BT_ISO_LOG_LEVEL_DBG 1038 help 1039 Use this option to enable ISO channels data debug logs for the 1040 Bluetooth Audio functionality. This will enable debug logs for all 1041 ISO data received and sent. 1042 1043config BT_SMP_SELFTEST 1044 bool "Bluetooth SMP self tests executed on init" 1045 depends on BT_SMP_LOG_LEVEL_DBG 1046 help 1047 This option enables SMP self-tests executed on startup 1048 to verify security and crypto functions. 1049 1050config BT_SMP_FORCE_BREDR 1051 bool "Force Bluetooth SMP over BR/EDR" 1052 depends on BT_SMP_LOG_LEVEL_DBG 1053 help 1054 This option enables SMP over BR/EDR even if controller is not 1055 supporting BR/EDR Secure Connections. This option is solely for 1056 testing and should never be enabled on production devices. 1057 1058config BT_LOG_SNIFFER_INFO 1059 bool "Bluetooth log information for sniffer" 1060 help 1061 This option enables the Bluetooth stack to log information such as 1062 DH private key and LTK keys, which can be used by sniffers to decrypt 1063 the connection without the use of Debug keys. 1064 1065 WARNING: This option prints out private security keys such as 1066 the Long Term Key. 1067 Use of this feature in production is strongly discouraged 1068 1069config BT_TESTING 1070 bool "Bluetooth Testing" 1071 help 1072 This option enables custom Bluetooth testing interface. 1073 Shall only be used for testing purposes. 1074 1075config BT_CONN_DISABLE_SECURITY 1076 bool "Disable security" 1077 depends on BT_TESTING 1078 help 1079 This option disables security checks for incoming requests enabling 1080 to test accessing GATT attributes and L2CAP channels that would 1081 otherwise require encryption/authentication in order to be accessed. 1082 1083 WARNING: This option enables anyone to snoop on-air traffic. 1084 Use of this feature in production is strongly discouraged. 1085 1086rsource "./classic/Kconfig" 1087 1088config BT_HCI_VS_EVT_USER 1089 bool "User Vendor-Specific event handling" 1090 help 1091 Enable registering a callback for delegating to the user the handling of 1092 VS events that are not known to the stack 1093 1094endmenu 1095
