1# Bluetooth LE stack configuration options 2 3# Copyright (c) 2016-2020 Nordic Semiconductor ASA 4# Copyright (c) 2015-2016 Intel Corporation 5# SPDX-License-Identifier: Apache-2.0 6 7config BT_LONG_WQ 8 bool "Dedicated workqueue for long-running tasks." 9 default y if BT_GATT_CACHING 10 help 11 Adds an API for a workqueue dedicated to long-running tasks. 12 13if BT_LONG_WQ 14config BT_LONG_WQ_STACK_SIZE 15 # Hidden: Long workqueue stack size. Should be derived from system 16 # requirements. 17 int 18 default 1300 if BT_GATT_CACHING 19 default 1140 if BT_TINYCRYPT_ECC 20 default 1024 21 22config BT_LONG_WQ_PRIO 23 int "Long workqueue priority. Should be pre-emptible." 24 default 10 25 range 0 NUM_PREEMPT_PRIORITIES 26 27config BT_LONG_WQ_INIT_PRIO 28 int "Long workqueue init priority" 29 default 50 30 help 31 Init priority level to setup the long workqueue. 32 33endif # BT_LONG_WQ 34 35config BT_HCI_HOST 36 # Hidden option to make the conditions more intuitive 37 bool 38 default y 39 depends on !BT_HCI_RAW 40 select POLL 41 42 43config BT_HCI_TX_STACK_SIZE 44 # NOTE: This value is derived from other symbols and should only be 45 # changed if required by architecture 46 int 47 prompt "HCI Tx thread stack size" if BT_HCI_TX_STACK_SIZE_WITH_PROMPT 48 default 512 if BT_H4 49 default 512 if BT_H5 50 default 416 if BT_SPI 51 default 940 if BT_CTLR && BT_LL_SW_SPLIT && (NO_OPTIMIZATIONS || BT_ISO_BROADCAST) 52 default 1024 if BT_CTLR && BT_LL_SW_SPLIT && BT_CENTRAL 53 default 768 if BT_CTLR && BT_LL_SW_SPLIT 54 default 512 if BT_USERCHAN 55 default 640 if BT_STM32_IPM 56 default 1024 if BT_B91 57 # Even if no driver is selected the following default is still 58 # needed e.g. for unit tests. This default will also server as 59 # the worst-case stack size if an out-of-tree controller is used. 60 default 1024 61 help 62 Stack size needed for executing bt_send with specified driver. 63 NOTE: This is an advanced setting and should not be changed unless 64 absolutely necessary. To change this you must first select 65 BT_HCI_TX_STACK_SIZE_WITH_PROMPT. 66 67config BT_HCI_TX_STACK_SIZE_WITH_PROMPT 68 bool "Override HCI Tx thread stack size" 69 70config BT_HCI_TX_PRIO 71 # Hidden option for Co-Operative Tx thread priority 72 int 73 default 7 74 75config BT_HCI_RESERVE 76 int 77 default 0 if BT_H4 78 default 1 if BT_H5 79 default 1 if BT_RPMSG 80 default 1 if BT_SPI 81 default 1 if BT_STM32_IPM 82 default 1 if BT_USERCHAN 83 default 1 if BT_ESP32 84 default 0 if BT_B91 85 # Even if no driver is selected the following default is still 86 # needed e.g. for unit tests. 87 default 0 88 help 89 Headroom that the driver needs for sending and receiving buffers. Add a 90 new 'default' entry for each new driver. 91 92 93choice BT_RECV_CONTEXT 94 prompt "BT RX Thread Selection" 95 default BT_RECV_BLOCKING if BT_LL_SW_SPLIT || BT_H4 96 default BT_RECV_WORKQ_BT 97 help 98 Selects in which context incoming low priority HCI packets are processed. 99 The host defines some events as high priority to avoid race conditions and deadlocks. 100 High priority events are always processed in the context of the caller of bt_recv() 101 or bt_recv_prio(). The choice will influence RAM usage and how fast incoming HCI 102 packets are processed. 103 104config BT_RECV_BLOCKING 105 bool "Process HCI packets in the context of bt_recv() and bt_recv_prio()" 106 help 107 When this option is selected, the host will not have its own RX thread. 108 With this option it is the responsibility of the HCI driver to call 109 bt_recv_prio from a higher priority context than bt_recv() in order to avoid deadlocks. 110 111config BT_RECV_WORKQ_SYS 112 bool "Process low priority HCI packets in the system work queue" 113 help 114 When this option is selected, the host will process incoming low priority HCI packets 115 in the system work queue. The HCI driver shall not call bt_recv_prio(). 116 High priority HCI packets will processed in the context of the caller of bt_recv(). 117 The application needs to ensure the system workqueue stack size (SYSTEM_WORKQUEUE_STACK_SIZE) 118 is large enough, refer to BT_RX_STACK_SIZE for the recommended minimum. 119 Note: When this option is used, other users of the system work queue will influence the 120 latency of incoming Bluetooth events. 121 122config BT_RECV_WORKQ_BT 123 bool "Process low priority HCI packets in the bluetooth-specific work queue" 124 help 125 When this option is selected, the host will process incoming low priority HCI packets 126 in the bluetooth-specific work queue. The HCI driver shall not call bt_recv_prio(). 127 High priority HCI packets will processed in the context of the caller of bt_recv(). 128 The application needs to ensure the bluetooth-specific work queue size is large enough, 129 refer to BT_RX_STACK_SIZE for the recommended minimum. 130endchoice 131 132config BT_RX_STACK_SIZE 133 int "Size of the receiving thread stack" 134 default 768 if BT_HCI_RAW 135 default 3092 if BT_MESH_GATT_CLIENT 136 default 2600 if BT_MESH 137 default 2048 if BT_AUDIO 138 default 2200 if BT_SETTINGS 139 default 1200 140 help 141 Size of the receiving thread stack. This is the context from 142 which all event callbacks to the application occur. The 143 default value is sufficient for basic operation, but if the 144 application needs to do advanced things in its callbacks that 145 require extra stack space, this value can be increased to 146 accommodate for that. 147 148config BT_RX_PRIO 149 # Hidden option for Co-Operative Rx thread priority 150 int 151 default 8 152 153config BT_DRIVER_RX_HIGH_PRIO 154 # Hidden option for Co-Operative HCI driver RX thread priority 155 int 156 default 6 157 158menu "Bluetooth Host" 159 160if BT_HCI_HOST 161 162rsource "../mesh/Kconfig" 163rsource "../audio/Kconfig" 164 165config BT_HOST_CRYPTO 166 # Hidden option that compiles in AES encryption support using TinyCrypt 167 # library if this is not provided by the controller implementation. 168 bool 169 default y if !BT_CTLR_CRYPTO 170 select TINYCRYPT 171 select TINYCRYPT_AES 172 173config BT_HOST_CRYPTO_PRNG 174 bool "Use Tinycrypt library for random number generation" 175 default y 176 select TINYCRYPT_SHA256 177 select TINYCRYPT_SHA256_HMAC 178 select TINYCRYPT_SHA256_HMAC_PRNG 179 depends on BT_HOST_CRYPTO 180 help 181 When selected, will use tinycrypt library for random number generation. 182 This will consume additional ram, but may speed up the generation of random 183 numbers. 184 185 Otherwise, random numbers will be generated through multiple HCI calls, 186 which will not consume additional resources, but may take a long time, 187 depending on the length of the random data. 188 This method is generally recommended within 16 bytes. 189 190config BT_SETTINGS 191 bool "Store Bluetooth state and configuration persistently" 192 depends on SETTINGS 193 select MPU_ALLOW_FLASH_WRITE if ARM_MPU 194 help 195 When selected, the Bluetooth stack will take care of storing 196 (and restoring) the Bluetooth state (e.g. pairing keys) and 197 configuration persistently in flash. 198 199 When this option has been enabled, it's important that the 200 application makes a call to settings_load() after having done 201 all necessary initialization (e.g. calling bt_enable). The 202 reason settings_load() is handled externally to the stack, is 203 that there may be other subsystems using the settings API, in 204 which case it's more efficient to load all settings in one go, 205 instead of each subsystem doing it independently. 206 207 Warning: The Bluetooth host expects a settings backend that loads 208 settings items in handle order. 209 210if BT_SETTINGS 211config BT_SETTINGS_CCC_LAZY_LOADING 212 bool "Load CCC values from settings when peer connects" 213 depends on BT_CONN 214 default y 215 help 216 Load Client Configuration Characteristic setting right after a bonded 217 device connects. 218 Disabling this option will increase memory usage as CCC values for all 219 bonded devices will be loaded when calling settings_load. 220 221config BT_SETTINGS_DELAYED_STORE 222 # Enables delayed non-volatile storage mechanism 223 bool 224 help 225 Triggers the storage of the CF and CCC right after a write. 226 This is done in the workqueue context, in order to not block the BT RX 227 thread for too long. 228 229config BT_SETTINGS_DELAYED_STORE_MS 230 int 231 default 1000 232 help 233 (Advanced) Governs the timeout after which the settings write will 234 take effect. 235 236config BT_SETTINGS_CCC_STORE_ON_WRITE 237 bool "Store CCC value immediately after it has been written" 238 depends on BT_CONN 239 select BT_SETTINGS_DELAYED_STORE 240 default y 241 help 242 Store Client Configuration Characteristic value right after it has 243 been updated. If the option is disabled, the CCC is only stored on 244 disconnection. 245 246config BT_SETTINGS_CF_STORE_ON_WRITE 247 bool "Store CF value immediately after it has been written" 248 depends on BT_CONN && BT_GATT_CACHING 249 select BT_SETTINGS_DELAYED_STORE 250 default y 251 help 252 Store Client Supported Features value right after it has been updated. 253 If the option is disabled, the CF is only stored on disconnection. 254 255config BT_SETTINGS_USE_PRINTK 256 bool "Use snprintk to encode Bluetooth settings key strings" 257 depends on SETTINGS && PRINTK 258 default y 259 help 260 When selected, Bluetooth settings will use snprintk to encode 261 key strings. 262 When not selected, Bluetooth settings will use a faster builtin 263 function to encode the key string. The drawback is that if 264 printk is enabled then the program memory footprint will be larger. 265endif # BT_SETTINGS 266 267config BT_FILTER_ACCEPT_LIST 268 bool "Filter accept list support" 269 help 270 This option enables the filter accept list API. This takes advantage of the 271 filtering feature of a BLE controller. 272 The filter accept list is a global list and the same list is used 273 by both scanner and advertiser. The filter accept list cannot be modified while 274 it is in use. 275 276 An Advertiser can filter which peers can connect or request scan 277 response data. 278 A scanner can filter advertisers for which it will generate 279 advertising reports. 280 Connections can be established automatically for accepted peers. 281 282config BT_LIM_ADV_TIMEOUT 283 int "Timeout for limited advertising in 1s units" 284 default 30 285 range 1 180 286 depends on BT_BROADCASTER 287 help 288 After this timeout is reached, advertisement with BT_LE_AD_LIMITED flag 289 set shall be terminated. As per BT Core Spec 5.2, Vol 3, Part C, 290 Appendix A (NORMATIVE): TIMERS AND CONSTANTS it's required to be no more 291 than 180s. 292 293config BT_CONN_TX_USER_DATA_SIZE 294 int 295 default 16 if 64BIT 296 default 8 297 help 298 Necessary user_data size for allowing packet fragmentation when 299 sending over HCI. See `struct tx_meta` in conn.c. 300 301if BT_CONN 302 303config BT_CONN_TX_MAX 304 int "Maximum number of pending TX buffers with a callback" 305 default BT_L2CAP_TX_BUF_COUNT 306 range BT_L2CAP_TX_BUF_COUNT 255 307 help 308 Maximum number of pending TX buffers that have an associated 309 callback. Normally this can be left to the default value, which 310 is equal to the number of TX buffers in the stack-internal pool. 311 312config BT_CONN_PARAM_ANY 313 bool "Accept any values for connection parameters" 314 help 315 Some controllers support additional connection parameter ranges 316 beyond what is described in the specification. Enabling this option 317 allows the application to set any value to all connection parameters. 318 Tbe Host will perform no limits nor consistency checks on any of the 319 connection parameters (conn interval min and max, latency and timeout). 320 However, the Host will still use numerical comparisons between the 321 min and max connection intervals in order to verify whether the 322 desired parameters have been established in the connection. 323 324config BT_USER_PHY_UPDATE 325 bool "User control of PHY Update Procedure" 326 depends on BT_PHY_UPDATE 327 help 328 Enable application access to initiate the PHY Update Procedure. 329 The application can also register a callback to be notified about PHY 330 changes on the connection. The current PHY info is available in the 331 connection info. 332 333config BT_AUTO_PHY_UPDATE 334 bool "Auto-initiate PHY Update Procedure" 335 depends on BT_PHY_UPDATE 336 default y if !BT_USER_PHY_UPDATE 337 help 338 Initiate PHY Update Procedure on connection establishment. 339 340 Disable this if you want the PHY Update Procedure feature supported 341 but want to rely on the remote device to initiate the procedure at its 342 discretion or want to initiate manually. 343 344config BT_USER_DATA_LEN_UPDATE 345 bool "User control of Data Length Update Procedure" 346 depends on BT_DATA_LEN_UPDATE 347 help 348 Enable application access to initiate the Data Length Update 349 Procedure. The application can also a register callback to be notified 350 about Data Length changes on the connection. The current Data Length 351 info is available in the connection info. 352 353config BT_AUTO_DATA_LEN_UPDATE 354 bool "Auto-initiate Data Length Update procedure" 355 depends on BT_DATA_LEN_UPDATE 356 default y if !BT_USER_DATA_LEN_UPDATE 357 help 358 Initiate Data Length Update Procedure on connection establishment. 359 360 Disable this if you want the Data Length Update Procedure feature 361 supported but want to rely on the remote device to initiate the 362 procedure at its discretion or want to initiate manually. 363 364config BT_REMOTE_INFO 365 bool "Application access to remote information" 366 help 367 Enable application access to the remote information available in the 368 stack. The remote information is retrieved once a connection has been 369 established and the application will be notified when this information 370 is available through the remote_info_available connection callback. 371 372config BT_SMP 373 bool "Security Manager Protocol support" 374 select BT_CRYPTO 375 select BT_RPA 376 select BT_ECC 377 help 378 This option enables support for the Security Manager Protocol 379 (SMP), making it possible to pair devices over LE. 380 381if BT_SMP 382config BT_PASSKEY_KEYPRESS 383 bool "Passkey Keypress Notification support [EXPERIMENTAL]" 384 select EXPERIMENTAL 385 help 386 Enable support for receiving and sending Keypress Notifications during 387 Passkey Entry during pairing. 388 389config BT_PRIVACY 390 bool "Device privacy" 391 help 392 Enable privacy for the local device. This makes the device use Resolvable 393 Private Addresses (RPAs) by default. 394 395 Note: 396 Establishing connections as a directed advertiser, or to a directed 397 advertiser is only possible if the controller also supports privacy. 398 399config BT_PRIVACY_RANDOMIZE_IR 400 bool "Randomize identity root for fallback identities" 401 depends on BT_PRIVACY 402 select BT_SETTINGS 403 help 404 Enabling this option will cause the Host to ignore controller-provided 405 identity roots (IR). The Host will instead use bt_rand to generate 406 identity resolving keys (IRK) and store them in the settings subsystem. 407 408 Setting this config may come with a performance penalty to boot time, 409 as the hardware RNG may need time to generate entropy and will block 410 Bluetooth initialization. 411 412 This option increases privacy, as explained in the following text. 413 414 The IR determines the IRK of the identity. The IRK is used to both 415 generate and resolve (recognize) the private addresses of an identity. 416 The IRK is a shared secret, distributed to peers bonded to that 417 identity. 418 419 An attacker that has stolen or once bonded and retained the IRK can 420 forever resolve addresses from that IRK, even if that bond has been 421 deleted locally. 422 423 Deleting an identity should ideally delete the IRK as well and thereby 424 restore anonymity from previously bonded peers. But unless this config 425 is set, this does not always happen. 426 427 In particular, a factory reset function that wipes the data in the 428 settings subsystem may not affect the controller-provided IRs. If 429 those IRs are reused, this device can be tracked across factory resets. 430 431 For optimal privacy, a new IRK (i.e., identity) should be used per 432 bond. However, this naturally limits advertisements from that identity 433 to be recognizable by only that one bonded device. 434 435 A description of the exact effect of this setting follows. 436 437 If the application has not setup an identity before calling 438 settings_load()/settings_load_subtree("bt") after bt_enable(), the 439 Host will automatically try to load saved identities from the settings 440 subsystem, and if there are none, set up the default identity 441 (BT_ID_DEFAULT). 442 443 If the controller has a public address (HCI_Read_BD_ADDR), that becomes 444 the address of the default identity. The Host will by default try to 445 obtain the IR for that identity from the controller (by Zephyr HCI 446 Read_Key_Hierarchy_Roots). Setting this config randomizes the IR 447 instead. 448 449 If the controller does not have a public address, the Host will try 450 to source the default identity from the static address information 451 from controller (Zephyr HCI Read_Static_Addresses). This results in an 452 identity for each entry in Read_Static_Addresses. Setting this config 453 randomizes the IRs during this process. 454 455config BT_RPA_TIMEOUT 456 int "Resolvable Private Address timeout" 457 depends on BT_PRIVACY 458 default 900 459 range 1 65535 460 help 461 This option defines how often resolvable private address is rotated. 462 Value is provided in seconds and defaults to 900 seconds (15 minutes). 463 464config BT_RPA_TIMEOUT_DYNAMIC 465 bool "Support setting the Resolvable Private Address timeout at runtime" 466 depends on BT_PRIVACY 467 help 468 This option allows the user to override the default value of 469 the Resolvable Private Address timeout using dedicated APIs. 470 471config BT_SIGNING 472 bool "Data signing support" 473 help 474 This option enables data signing which is used for transferring 475 authenticated data in an unencrypted connection. 476 477config BT_SMP_APP_PAIRING_ACCEPT 478 bool "Accept or reject pairing initiative" 479 help 480 When receiving pairing request or pairing response query the 481 application whether to accept to proceed with pairing or not. This is 482 for pairing over SMP and does not affect SSP, which will continue 483 pairing without querying the application. 484 The application can return an error code, which is translated into 485 a SMP return value if the pairing is not allowed. 486 487config BT_SMP_SC_PAIR_ONLY 488 bool "Disable legacy pairing" 489 help 490 This option disables LE legacy pairing and forces LE secure connection 491 pairing. All Security Mode 1 levels can be used with legacy pairing 492 disabled, but pairing with devices that do not support secure 493 connections pairing will not be supported. 494 To force a higher security level use "Secure Connections Only Mode" 495 496config BT_SMP_SC_ONLY 497 bool "Secure Connections Only Mode" 498 select BT_SMP_SC_PAIR_ONLY 499 help 500 This option enables support for Secure Connection Only Mode. In this 501 mode device shall only use Security Mode 1 Level 4 with exception 502 for services that only require Security Mode 1 Level 1 (no security). 503 Security Mode 1 Level 4 stands for authenticated LE Secure Connections 504 pairing with encryption. Enabling this option disables legacy pairing. 505 506config BT_SMP_OOB_LEGACY_PAIR_ONLY 507 bool "Force Out Of Band Legacy pairing" 508 depends on !(BT_SMP_SC_PAIR_ONLY || BT_SMP_SC_ONLY) 509 help 510 This option disables Legacy and LE SC pairing and forces legacy OOB. 511 512config BT_SMP_DISABLE_LEGACY_JW_PASSKEY 513 bool "Forbid usage of insecure legacy pairing methods" 514 depends on !(BT_SMP_SC_PAIR_ONLY || BT_SMP_SC_ONLY || \ 515 BT_SMP_OOB_LEGACY_PAIR_ONLY) 516 help 517 This option disables Just Works and Passkey legacy pairing methods to 518 increase security. 519 520config BT_SMP_ALLOW_UNAUTH_OVERWRITE 521 bool "Allow unauthenticated pairing for paired device" 522 help 523 This option allows all unauthenticated pairing attempts made by the 524 peer where an unauthenticated bond already exists. 525 This would enable cases where an attacker could copy the peer device 526 address to connect and start an unauthenticated pairing procedure 527 to replace the existing bond. When this option is disabled in order 528 to create a new bond the old bond has to be explicitly deleted with 529 bt_unpair. 530 531config BT_ID_UNPAIR_MATCHING_BONDS 532 bool "Delete bond with same peer with other local identity when bonding" 533 help 534 When a bond is about to complete, find any other bond with the same 535 peer address (or IRK) and `bt_unpair` that bond before the event 536 `pairing_complete`. 537 538 Important: If this option is not enabled, the current implementation 539 will automatically fail the bonding. See "RL limitation" below. 540 541 Important: If this option is not enabled, as Peripheral, it may be too 542 late to abort the bonding. The pairing is failed locally, but it may 543 still be reported as successful on the Central. When this situation 544 occurs, the Zephyr Peripheral will immediately disconnect. See "SMP 545 limitation" below. 546 547 [RL limitation]: 548 The Host implementors have considered it unlikely that applications 549 would ever want to have multiple bonds with the same peer. The 550 implementors prioritize the simplicity of the implementation over this 551 capability. 552 553 The Resolve List on a Controller is not able to accommodate multiple 554 local addresses/IRKs for a single remote address. This would prevent 555 the Host from setting up a one-to-one correspondence between the Host 556 bond database and the Controller Resolve List. The implementation 557 relies on that capability when using the Resolve List. For performance 558 reasons, there is the wish to not fallback to Host Address Resolution 559 in this case. 560 561 [SMP Limitation]: 562 The Paring Failed command of the Security Manager Protocol cannot be 563 sent outside of a Pairing Process. A Pairing Process ends when the 564 last Transport Specific Key to be distributed is acknowledged at 565 link-layer. The Host does not have control over this acknowledgment, 566 and the order of distribution is fixed by the specification. 567 568config BT_ID_ALLOW_UNAUTH_OVERWRITE 569 bool "Allow unauthenticated pairing with same peer with other local identity" 570 depends on !BT_SMP_ALLOW_UNAUTH_OVERWRITE 571 help 572 This option allows unauthenticated pairing attempts made by the 573 peer where an unauthenticated bond already exists on other local 574 identity. This configuration still blocks unauthenticated pairing 575 attempts on the same local identity. To allow the pairing procedure 576 unconditionally, please see the BT_SMP_ALLOW_UNAUTH_OVERWRITE 577 configuration. 578 579config BT_SMP_USB_HCI_CTLR_WORKAROUND 580 bool "Workaround for USB HCI controller out-of-order events" 581 depends on BT_TESTING 582 help 583 This option enables support for USB HCI controllers that sometimes 584 send out-of-order HCI events and ACL Data due to using different USB 585 endpoints. 586 Enabling this option will make the central role not require the 587 encryption-change event to be received before accepting key-distribution 588 data. 589 It opens up for a potential vulnerability as the central cannot detect 590 if the keys are distributed over an encrypted link. 591 592config BT_FIXED_PASSKEY 593 bool "Use a fixed passkey for pairing" 594 help 595 With this option enabled, the application will be able to call the 596 bt_passkey_set() API to set a fixed passkey. If set, the 597 pairing_confirm() callback will be called for all incoming pairings. 598 599config BT_USE_DEBUG_KEYS 600 bool "Security Manager Debug Mode" 601 help 602 This option places Security Manager in a Debug Mode. In this mode 603 predefined Diffie-Hellman private/public key pair is used as described 604 in Core Specification Vol. 3, Part H, 2.3.5.6.1. 605 606 WARNING: This option enables anyone to decrypt on-air traffic. 607 Use of this feature in production is strongly discouraged. 608 609config BT_BONDABLE 610 bool "Bondable Mode" 611 default y 612 help 613 This option enables support for Bondable Mode. In this mode, 614 Bonding flag in AuthReq of SMP Pairing Request/Response will be set 615 indicating the support for this mode. 616 617config BT_BONDING_REQUIRED 618 bool "Always require bonding" 619 depends on BT_BONDABLE 620 help 621 When this option is enabled remote devices are required to always 622 set the bondable flag in their pairing request. Any other kind of 623 requests will be rejected. 624 625config BT_BONDABLE_PER_CONNECTION 626 bool "Set/clear the bonding flag per-connection [EXPERIMENTAL]" 627 select EXPERIMENTAL 628 help 629 Enable support for the bt_conn_set_bondable API function that is 630 used to set/clear the bonding flag on a per-connection basis. 631 632config BT_STORE_DEBUG_KEYS 633 bool "Store Debug Mode bonds" 634 help 635 This option enables support for storing bonds where either of devices 636 is using the predefined Diffie-Hellman private/public key pair as 637 described in the Core Specification Vol 3, Part H, 2.3.5.6.1. 638 639 WARNING: This option potentially enables anyone to decrypt on-air 640 traffic. 641 Use of this feature in production is strongly discouraged. 642 643config BT_SMP_ENFORCE_MITM 644 bool "Enforce MITM protection" 645 default y 646 help 647 With this option enabled, the Security Manager will set MITM option in 648 the Authentication Requirements Flags whenever local IO Capabilities 649 allow the generated key to be authenticated. 650 651config BT_OOB_DATA_FIXED 652 bool "Use a fixed random number for LESC OOB pairing" 653 depends on BT_TESTING 654 help 655 With this option enabled, the application will be able to perform LESC 656 pairing with OOB data that consists of fixed random number and confirm 657 value. 658 659 WARNING: This option stores a hardcoded Out-of-Band value in the image. 660 Use of this feature in production is strongly discouraged. 661 662config BT_KEYS_OVERWRITE_OLDEST 663 bool "Overwrite the oldest key if key storage is full" 664 help 665 If a pairing attempt occurs and the key storage is full then the 666 oldest key from the set of not currently in use keys will be selected 667 and overwritten by the pairing device. 668 669config BT_KEYS_SAVE_AGING_COUNTER_ON_PAIRING 670 bool "Store aging counter every time a successful paring occurs" 671 depends on BT_SETTINGS && BT_KEYS_OVERWRITE_OLDEST 672 help 673 With this option enabled, aging counter will be stored in settings every 674 time a successful pairing occurs. This increases flash wear out but offers 675 a more correct finding of the oldest unused pairing info. 676 677config BT_SMP_MIN_ENC_KEY_SIZE 678 int 679 prompt "Minimum encryption key size accepted in octets" if !BT_SMP_SC_ONLY 680 range 7 16 681 default 16 if BT_SMP_SC_ONLY 682 default 7 683 help 684 This option sets the minimum encryption key size accepted during pairing. 685 686endif # BT_SMP 687 688rsource "Kconfig.l2cap" 689rsource "Kconfig.gatt" 690rsource "../services/Kconfig" 691 692config BT_MAX_PAIRED 693 int "Maximum number of paired devices" 694 default 0 if !BT_SMP 695 default 1 696 range 0 128 697 help 698 Maximum number of paired Bluetooth devices. The minimum (and 699 default) number is 1. 700 701config BT_CREATE_CONN_TIMEOUT 702 int "Timeout for pending LE Create Connection command in seconds" 703 default 3 704 range 1 BT_RPA_TIMEOUT if BT_PRIVACY && (BT_RPA_TIMEOUT < 655) 705 range 1 655 706 707config BT_CONN_PARAM_UPDATE_TIMEOUT 708 int "Peripheral connection parameter update timeout in milliseconds" 709 default 5000 710 range 0 65535 711 help 712 The value is a timeout used by peripheral device to wait until it 713 starts the first connection parameters update procedure after a 714 connection has been established. 715 The connection parameters requested will be the parameters set by the 716 application, or the peripheral preferred connection parameters if 717 configured. 718 The default value is set to 5 seconds, to comply with the Bluetooth 719 Core specification: Core 4.2 Vol 3, Part C, 9.3.12.2: 720 "The Peripheral device should not perform a Connection Parameter 721 Update procedure within 5 seconds after establishing a connection." 722 723config BT_CONN_PARAM_RETRY_COUNT 724 int "Peripheral connection parameter update retry attempts" 725 default 3 726 range 0 255 727 help 728 This value corresponds to number of times to retry connection 729 parameter update to attain the preferred value set in GATT 730 characteristics in the Peripheral. 731 732config BT_CONN_PARAM_RETRY_TIMEOUT 733 int "Peripheral connection parameter update retry timeout in milliseconds" 734 default 5000 735 range 0 65535 736 help 737 The value is a timeout used by peripheral device to wait until retry 738 to attempt requesting again the preferred connection parameters. 739 740endif # BT_CONN 741 742if BT_OBSERVER 743config BT_BACKGROUND_SCAN_INTERVAL 744 int "Scan interval used for background scanning in 0.625 ms units" 745 default 2048 746 range 4 16384 747config BT_BACKGROUND_SCAN_WINDOW 748 int "Scan window used for background scanning in 0.625 ms units" 749 default 18 750 range 4 16384 751 752config BT_EXT_SCAN_BUF_SIZE 753 int "Maximum advertisement report size" 754 depends on BT_EXT_ADV 755 range 1 1650 756 default 229 757 help 758 Maximum size of an advertisement report in octets. If the advertisement 759 provided by the controller is larger than this buffer size, 760 the remaining data will be discarded. 761 762endif # BT_OBSERVER 763 764config BT_SCAN_WITH_IDENTITY 765 bool "Perform active scanning using local identity address" 766 depends on !BT_PRIVACY && (BT_CENTRAL || BT_OBSERVER) 767 help 768 Enable this if you want to perform active scanning using the local 769 identity address as the scanner address. By default the stack will 770 always use a non-resolvable private address (NRPA) in order to avoid 771 disclosing local identity information. By not scanning with the 772 identity address the scanner will receive directed advertise reports 773 for for the local identity. If this use case is required, then enable 774 this option. 775 776config BT_DEVICE_NAME_DYNAMIC 777 bool "Allow to set Bluetooth device name on runtime" 778 help 779 Enabling this option allows for runtime configuration of Bluetooth 780 device name. 781 782config BT_DEVICE_NAME_MAX 783 int "Maximum size in bytes for device name" 784 depends on BT_DEVICE_NAME_DYNAMIC 785 default 28 786 range 2 248 787 help 788 Bluetooth device name storage size. Storage can be up to 248 bytes 789 long (excluding NULL termination). 790 791config BT_DEVICE_NAME 792 string "Bluetooth device name" 793 default "Zephyr" 794 help 795 Bluetooth device name. Name can be up to 248 bytes long (excluding 796 NULL termination). Can be empty string. 797 798config BT_DEVICE_APPEARANCE_DYNAMIC 799 bool "Runtime Bluetooth Appearance changing" 800 help 801 Enables use of bt_set_appearance. 802 If CONFIG_BT_SETTINGS is set, the appearance is persistently stored. 803 804config BT_DEVICE_APPEARANCE_GATT_WRITABLE 805 bool "Allow authenticated peers to set GAP Appearance" 806 depends on BT_DEVICE_APPEARANCE_DYNAMIC 807 808config BT_DEVICE_APPEARANCE 809 int "Bluetooth device appearance" 810 range 0 65535 811 default 0 812 help 813 Bluetooth device appearance. For the list of possible values please 814 consult the following link: 815 https://www.bluetooth.com/specifications/assigned-numbers 816 817config BT_ID_MAX 818 int "Maximum number of local identities" 819 range 1 250 820 default 1 821 help 822 Maximum number of supported local identity addresses. For most 823 products this is safe to leave as the default value (1). 824 825config BT_DF 826 bool "Direction Finding support [EXPERIMENTAL]" 827 depends on !BT_CTLR || BT_CTLR_DF_SUPPORT 828 select EXPERIMENTAL 829 help 830 Enable support for Bluetooth 5.1 Direction Finding. 831 It will allow to: get information about antennae, configure 832 Constant Tone Extension, transmit CTE and sample incoming CTE. 833 834if BT_DF 835 836config BT_DF_CONNECTIONLESS_CTE_RX 837 bool "Support for receive of CTE in connectionless mode" 838 depends on !BT_CTLR || BT_CTLR_DF_CTE_RX_SUPPORT 839 help 840 Enable support for reception and sampling of Constant Tone Extension 841 in connectionless mode. 842 843config BT_DF_CONNECTIONLESS_CTE_TX 844 bool "Support for transmission of CTE in connectionless mode" 845 depends on !BT_CTLR || BT_CTLR_DF_CTE_TX_SUPPORT 846 help 847 Enable support for transmission of Constant Tone Extension in 848 connectionless mode. 849 850config BT_DF_CONNECTION_CTE_RX 851 bool "Support for receive of CTE in connection mode" 852 depends on !BT_CTLR || BT_CTLR_DF_CTE_RX_SUPPORT 853 help 854 Enable support for reception and sampling of Constant Tone Extension 855 in connection mode. 856 857config BT_DF_CONNECTION_CTE_TX 858 bool "Support for transmission of CTE in connection mode" 859 depends on !BT_CTLR || BT_CTLR_DF_CTE_TX_SUPPORT 860 help 861 Enable support for transmission of Constant Tone Extension in 862 connection mode. 863 864config BT_DF_CONNECTION_CTE_REQ 865 bool "Support for CTE request procedure in connection mode" 866 depends on BT_DF_CONNECTION_CTE_RX 867 help 868 Enable support for request of Constant Tone Extension in connection 869 mode. 870 871config BT_DF_CONNECTION_CTE_RSP 872 bool "Support for CTE request procedure in connection mode" 873 depends on BT_DF_CONNECTION_CTE_TX 874 help 875 Enable support for request of Constant Tone Extension in connection 876 mode. 877 878config BT_DF_CTE_RX_AOA 879 bool "Antenna switching during CTE reception (AoA) feature" 880 depends on BT_DF_CONNECTIONLESS_CTE_RX || BT_DF_CONNECTION_CTE_RX 881 default y 882 help 883 Enable support for antenna switching during CTE reception. 884 Also known as Angle of Arrival mode. 885 886config BT_DF_CTE_TX_AOD 887 bool "Antenna switching during CTE transmission (AoD) feature" 888 depends on BT_DF_CONNECTIONLESS_CTE_TX || BT_DF_CONNECTION_CTE_TX 889 default y 890 help 891 Enable support for antenna switching during CTE transmission. 892 Also known as Angle of Departure mode. 893 894config BT_DF_VS_CL_IQ_REPORT_16_BITS_IQ_SAMPLES 895 bool "Use 16 bits signed integer IQ samples in connectionless IQ reports" 896 depends on BT_DF_CONNECTIONLESS_CTE_RX && BT_HCI_VS_EXT 897 select BT_HCI_VS_EVT 898 help 899 Direction Finging connectionless IQ reports provide a set of IQ samples collected during 900 sampling of CTE. Bluetooth 5.3 Core Specification defines IQ samples to be 8 bits signed 901 integer, see Vol 4, Part E section 7.7.65.21. This option enables a vendor specific Host 902 extenstion to handle connectionless IQ reports with samples that are in 16 bit signed 903 integer format. 904 905config BT_DF_VS_CONN_IQ_REPORT_16_BITS_IQ_SAMPLES 906 bool "Use 16 bits signed integer IQ samples in connection IQ reports" 907 depends on BT_DF_CONNECTION_CTE_RX && BT_HCI_VS_EXT 908 select BT_HCI_VS_EVT 909 help 910 Direction Finging connection IQ reports provide a set of IQ samples collected during 911 sampling of CTE. Bluetooth 5.3 Core Specification defines IQ samples to be 8 bits signed 912 integer, see Vol 4, Part E sections 7.7.65.22. This option enables a vendor specific Host 913 extenstion to handle connection IQ report with samples that are in 16 bit signed integer 914 format. 915 916endif # BT_DF 917endif # BT_HCI_HOST 918 919config BT_ECC 920 bool "ECDH key generation support" 921 default y if BT_SMP && !BT_SMP_OOB_LEGACY_PAIR_ONLY 922 help 923 This option adds support for ECDH HCI commands. 924 925config BT_TINYCRYPT_ECC 926 bool "Emulate ECDH in the Host using TinyCrypt library" 927 select TINYCRYPT 928 select TINYCRYPT_ECC_DH 929 select BT_LONG_WQ 930 depends on BT_ECC && (BT_HCI_RAW || BT_HCI_HOST) 931 default y if BT_CTLR && !BT_CTLR_ECDH 932 help 933 If this option is set TinyCrypt library is used for emulating the 934 ECDH HCI commands and events needed by e.g. LE Secure Connections. 935 In builds including the BLE Host, if not set the controller crypto is 936 used for ECDH and if the controller doesn't support the required HCI 937 commands the LE Secure Connections support will be disabled. 938 In builds including the HCI Raw interface and the BLE Controller, this 939 option injects support for the 2 HCI commands required for LE Secure 940 Connections so that Hosts can make use of those. The option defaults 941 to enabled for a combined build with Zephyr's own controller, since it 942 does not have any special ECC support itself (at least not currently). 943 944config BT_HOST_CCM 945 bool "Host side AES-CCM module" 946 help 947 Enables the software based AES-CCM engine in the host. Will use the 948 controller's AES encryption functions if available, or BT_HOST_CRYPTO 949 otherwise. 950 951config BT_PER_ADV_SYNC_BUF_SIZE 952 int "Maximum periodic advertising report size" 953 depends on BT_PER_ADV_SYNC 954 range 0 1650 955 default 0 956 help 957 Maximum size of a fragmented periodic advertising report. If the periodic 958 advertising report provided by the controller is fragmented and larger 959 than this buffer size, then the data will be discarded. 960 Unfragmented reports are forwarded as they are received. 961 962config BT_DEBUG_ISO_DATA 963 bool "ISO channel data debug" 964 depends on BT_ISO_LOG_LEVEL_DBG 965 help 966 Use this option to enable ISO channels data debug logs for the 967 Bluetooth Audio functionality. This will enable debug logs for all 968 ISO data received and sent. 969 970config BT_SMP_SELFTEST 971 bool "Bluetooth SMP self tests executed on init" 972 depends on BT_SMP_LOG_LEVEL_DBG 973 help 974 This option enables SMP self-tests executed on startup 975 to verify security and crypto functions. 976 977config BT_SMP_FORCE_BREDR 978 bool "Force Bluetooth SMP over BR/EDR" 979 depends on BT_SMP_LOG_LEVEL_DBG 980 help 981 This option enables SMP over BR/EDR even if controller is not 982 supporting BR/EDR Secure Connections. This option is solely for 983 testing and should never be enabled on production devices. 984 985config BT_LOG_SNIFFER_INFO 986 bool "Bluetooth log information for sniffer" 987 help 988 This option enables the Bluetooth stack to log information such as 989 DH private key and LTK keys, which can be used by sniffers to decrypt 990 the connection without the use of Debug keys. 991 992 WARNING: This option prints out private security keys such as 993 the Long Term Key. 994 Use of this feature in production is strongly discouraged 995 996config BT_TESTING 997 bool "Bluetooth Testing" 998 help 999 This option enables custom Bluetooth testing interface. 1000 Shall only be used for testing purposes. 1001 1002config BT_CONN_DISABLE_SECURITY 1003 bool "Disable security" 1004 depends on BT_TESTING 1005 help 1006 This option disables security checks for incoming requests enabling 1007 to test accessing GATT attributes and L2CAP channels that would 1008 otherwise require encryption/authentication in order to be accessed. 1009 1010 WARNING: This option enables anyone to snoop on-air traffic. 1011 Use of this feature in production is strongly discouraged. 1012 1013config BT_BREDR 1014 bool "Bluetooth BR/EDR support [EXPERIMENTAL]" 1015 depends on BT_HCI_HOST 1016 select BT_PERIPHERAL 1017 select BT_CENTRAL 1018 select BT_SMP 1019 select BT_L2CAP_DYNAMIC_CHANNEL 1020 select EXPERIMENTAL 1021 help 1022 This option enables Bluetooth BR/EDR support 1023 1024if BT_BREDR 1025config BT_MAX_SCO_CONN 1026 int "Maximum number of simultaneous SCO connections" 1027 default 1 1028 range 1 3 1029 help 1030 Maximum number of simultaneous Bluetooth synchronous connections 1031 supported. The minimum (and default) number is 1. 1032 1033config BT_RFCOMM 1034 bool "Bluetooth RFCOMM protocol support [EXPERIMENTAL]" 1035 select EXPERIMENTAL 1036 help 1037 This option enables Bluetooth RFCOMM support 1038 1039config BT_RFCOMM_L2CAP_MTU 1040 int "L2CAP MTU for RFCOMM frames" 1041 depends on BT_RFCOMM 1042 # RX MTU will be truncated to account for the L2CAP PDU header. 1043 default BT_BUF_ACL_RX_SIZE 1044 range 23 32767 1045 help 1046 Maximum size of L2CAP PDU for RFCOMM frames. 1047 1048config BT_HFP_HF 1049 bool "Bluetooth Handsfree profile HF Role support [EXPERIMENTAL]" 1050 depends on PRINTK 1051 select BT_RFCOMM 1052 select EXPERIMENTAL 1053 help 1054 This option enables Bluetooth HF support 1055 1056config BT_AVDTP 1057 bool "Bluetooth AVDTP protocol support [EXPERIMENTAL]" 1058 select EXPERIMENTAL 1059 help 1060 This option enables Bluetooth AVDTP support 1061 1062config BT_A2DP 1063 bool "Bluetooth A2DP Profile [EXPERIMENTAL]" 1064 select BT_AVDTP 1065 select EXPERIMENTAL 1066 help 1067 This option enables the A2DP profile 1068 1069config BT_PAGE_TIMEOUT 1070 hex "Bluetooth Page Timeout" 1071 default 0x2000 1072 range 0x0001 0xffff 1073 help 1074 This option sets the page timeout value. Value is selected as 1075 (N * 0.625) ms. 1076 1077endif # BT_BREDR 1078 1079config BT_HCI_VS_EVT_USER 1080 bool "User Vendor-Specific event handling" 1081 help 1082 Enable registering a callback for delegating to the user the handling of 1083 VS events that are not known to the stack 1084 1085endmenu 1086
