1# BSD Sockets compatible API
2
3# Copyright (c) 2017 Linaro Limited.
4# SPDX-License-Identifier: Apache-2.0
5
6menuconfig NET_SOCKETS
7	bool "BSD Sockets compatible API"
8	select ZVFS
9	select ZVFS_POLL
10	select ZVFS_SELECT
11	help
12	  Provide BSD Sockets like API on top of native Zephyr networking API.
13
14if NET_SOCKETS
15
16config NET_SOCKETS_PRIORITY_DEFAULT
17	int "Default processing priority for sockets"
18	default 50
19	help
20	  Default processing priority for socket implementations. This defines
21	  the order of processing of particular socket implementations when
22	  creating a new socket, lower value indicate earlier processing. This
23	  allows to for instance prioritize offloaded socket processing during
24	  socket creation over the native one, or vice versa.
25
26config NET_SOCKETS_POLL_MAX
27	int "Max number of supported poll() entries [DEPRECATED]"
28	default 0
29	help
30	  This option is deprecated.
31	  Please use CONFIG_ZVFS_POLL_MAX instead.
32
33config NET_SOCKETS_CONNECT_TIMEOUT
34	int "Timeout value in milliseconds to CONNECT"
35	default 3000
36	range 0 60000
37	help
38	  This variable specifies time in milliseconds after connect()
39	  API call will timeout if we have not received SYN-ACK from
40	  peer.
41
42config NET_SOCKETS_DNS_TIMEOUT
43	int "Timeout value in milliseconds for DNS queries"
44	default 2000
45	range 1000 300000 if !NET_TEST
46	depends on DNS_RESOLVER
47	help
48	  This variable specifies time in milliseconds after which DNS
49	  query is considered timeout. Minimum timeout is 1 second and
50	  maximum timeout is 5 min. If the value is higher than
51	  CONFIG_NET_SOCKETS_DNS_BACKOFF_INTERVAL, then we try multiple
52	  times with exponential backoff until the timeout is reached.
53
54config NET_SOCKETS_DNS_BACKOFF_INTERVAL
55	int "Backoff interval for the DNS timeout"
56	default 5000
57	range 1000 300000
58	depends on DNS_RESOLVER
59	help
60	  This variable is related to the DNS timeout. If the DNS timeout is
61	  smaller than this value, then this value is ignored. If the timeout
62	  is larger, then this variable specifies time in milliseconds after
63	  which DNS query is re-tried. If there is no reply, the backoff
64	  interval is doubled and query is retried.
65	  Example:
66	     The CONFIG_NET_SOCKETS_DNS_TIMEOUT is set to 17000 (17 secs).
67	     This value is 5000 (5 sec). If there is no reply from DNS server
68	     within 5 secs, a 2nd query is done with timeout set to 10 sec (5 * 2).
69	     If no reply is received, a 3rd query is done after 15 sec (5 + 5 * 2),
70	     and the timeout is set to 2 sec so that the total timeout is 17 seconds.
71
72config HEAP_MEM_POOL_ADD_SIZE_GETADDRINFO
73	# Defaults to heap memory needed for a single getaddrinfo() call in
74	# a default configuration on 64-bit platform
75	int
76	default 280
77	depends on DNS_RESOLVER
78
79config NET_SOCKET_MAX_SEND_WAIT
80	int "Max time in milliseconds waiting for a send command"
81	default 10000
82	help
83	  The maximum time a socket is waiting for a blocked connection before
84	  returning an ENOBUFS error.
85
86config NET_SOCKETS_SERVICE
87	bool "Socket service support"
88	select ZVFS
89	select ZVFS_EVENTFD
90	help
91	  The socket service can monitor multiple sockets and save memory
92	  by only having one thread listening socket data. If data is received
93	  in the monitored socket, a user supplied work is called.
94	  Note that you need to set CONFIG_ZVFS_POLL_MAX high enough
95	  so that enough sockets entries can be serviced. This depends on
96	  system needs as multiple services can be activated at the same time
97	  depending on network configuration.
98
99config ZVFS_OPEN_ADD_SIZE_SOCKETS_SERVICE
100	int "Socket service file descriptor requirements"
101	default 1
102	help
103	  The socket service opens a permanent zvfs_eventfd, which consumes a file
104	  descriptor.
105
106config NET_SOCKETS_SERVICE_THREAD_PRIO
107	int "Priority of the socket service dispatcher thread"
108	default NUM_PREEMPT_PRIORITIES
109	depends on NET_SOCKETS_SERVICE
110	help
111	  Set the priority of the socket service dispatcher thread. This handler
112	  polls the sockets and calls the user supplied callback directly.
113
114	  Note that >= 0 value means preemptive thread priority, the lowest
115	  value is NUM_PREEMPT_PRIORITIES.
116	  Highest preemptive thread priority is 0.
117	  Lowest cooperative thread priority is -1.
118	  Highest cooperative thread priority is -NUM_COOP_PRIORITIES.
119
120config NET_SOCKETS_SERVICE_STACK_SIZE
121	int "Stack size for the thread handling socket services"
122	default 2400 if NET_DHCPV4_SERVER
123	default 1400 if MDNS_RESPONDER
124	default 1200
125	depends on NET_SOCKETS_SERVICE
126	help
127	  Set the internal stack size for the thread that polls sockets.
128
129config NET_SOCKETS_SOCKOPT_TLS
130	bool "TCP TLS socket option support"
131	imply TLS_CREDENTIALS
132	select MBEDTLS if NET_NATIVE
133	imply MBEDTLS_SSL_PROTO_TLS1_2 if !NET_L2_OPENTHREAD
134	imply MBEDTLS_MD_C if !NET_L2_OPENTHREAD
135	imply MBEDTLS_RSA_C if !NET_L2_OPENTHREAD
136	imply MBEDTLS_PKCS1_V15 if !NET_L2_OPENTHREAD
137	imply MBEDTLS_PKCS1_V21 if !NET_L2_OPENTHREAD
138	imply MBEDTLS_KEY_EXCHANGE_RSA_ENABLED if !NET_L2_OPENTHREAD
139	imply MBEDTLS_CIPHER_AES_ENABLED if !NET_L2_OPENTHREAD
140	imply PSA_WANT_KEY_TYPE_AES if !NET_L2_OPENTHREAD && PSA_CRYPTO_CLIENT
141	imply PSA_WANT_ALG_CBC_NO_PADDING if !NET_L2_OPENTHREAD && PSA_CRYPTO_CLIENT
142	help
143	  Enable TLS socket option support which automatically establishes
144	  a TLS connection to the remote host.
145
146config NET_SOCKETS_TLS_CONNECT_TIMEOUT
147	int "Timeout value in milliseconds for TLS handshake"
148	depends on NET_SOCKETS_SOCKOPT_TLS
149	default 10000
150	range 0 60000
151	help
152	  This variable specifies the maximum time in milliseconds that a TLS
153	  handshake can take on a secure socket, before reporting a timeout.
154
155config NET_SOCKETS_TLS_PRIORITY
156	int "Default processing priority for TLS sockets"
157	default 45
158	help
159	  Processing priority for TLS sockets. Should be lower than
160	  NET_SOCKETS_PRIORITY_DEFAULT in order to be processed correctly.
161
162config NET_SOCKETS_TLS_SET_MAX_FRAGMENT_LENGTH
163	bool "Set Maximum Fragment Length (MFL)"
164	default y
165	help
166	  Call mbedtls_ssl_conf_max_frag_len() on created TLS context
167	  configuration, so that Maximum Fragment Length (MFL) will be sent to
168	  peer using RFC 6066 max_fragment_length extension.
169
170	  Maximum Fragment Length (MFL) value is automatically chosen based on
171	  MBEDTLS_SSL_OUT_CONTENT_LEN and MBEDTLS_SSL_IN_CONTENT_LEN mbed TLS
172	  macros (which are configured by CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN in
173	  case of default mbed TLS config). With DTLS, MFL value may be further
174	  limited with NET_SOCKETS_DTLS_MAX_FRAGMENT_LENGTH.
175
176	  This is mostly useful for TLS client side to tell TLS server what is
177	  the maximum supported receive record length.
178
179config NET_SOCKETS_ENABLE_DTLS
180	bool "DTLS socket support"
181	depends on NET_SOCKETS_SOCKOPT_TLS
182	select MBEDTLS_SSL_PROTO_DTLS if NET_NATIVE
183	help
184	  Enable DTLS socket support. By default only TLS over TCP is supported.
185
186config NET_SOCKETS_DTLS_TIMEOUT
187	int "Timeout value in milliseconds for DTLS connection"
188	default 5000
189	depends on NET_SOCKETS_ENABLE_DTLS
190	help
191	  This variable specifies time in milliseconds after which DTLS
192	  connection is considered dead by TLS server and DTLS resources are
193	  freed. This is needed to prevent situation when DTLS client shuts down
194	  without closing connection gracefully, which can prevent other peers
195	  from connecting. Value of 0 indicates no timeout - resources will be
196	  freed only when connection is gracefully closed by peer sending TLS
197	  notification or socket is closed.
198
199config NET_SOCKETS_DTLS_MAX_FRAGMENT_LENGTH
200	int "Maximum DTLS fragment size in bytes"
201	default 1024
202	range 512 4096
203	depends on NET_SOCKETS_ENABLE_DTLS
204	depends on NET_SOCKETS_TLS_SET_MAX_FRAGMENT_LENGTH
205	help
206	  This variable specifies the Maximum Fragment Length (MFL) value to
207	  be used with DTLS connection when MBEDTLS_SSL_OUT_CONTENT_LEN and
208	  MBEDTLS_SSL_IN_CONTENT_LEN are set to larger values (for TLS).
209
210	  With DTLS the MFL should be kept under the network MTU, to avoid
211	  IP fragmentation.
212
213config NET_SOCKETS_DTLS_SENDMSG_BUF_SIZE
214	int "Intermediate buffer size for DTLS sendmsg()"
215	depends on NET_SOCKETS_ENABLE_DTLS
216	range 0 $(UINT16_MAX)
217	default 0
218	help
219	  Size of the intermediate buffer for DTLS sendmsg() function. The
220	  intermediate buffer is needed, as sendmsg() for DGRAM is expected to
221	  send all of the data in a single datagram, therefore all data provided
222	  in msghdr structure need to be linearized before passing to mbed TLS.
223	  The buffer size can be set to 0, in that case data linearizing for
224	  DTLS sockets is disabled. In result, sendmsg() will only accept msghdr
225	  with a single non-empty iov buffer.
226
227config NET_SOCKETS_TLS_MAX_CONTEXTS
228	int "Maximum number of TLS/DTLS contexts"
229	default 1
230	depends on NET_SOCKETS_SOCKOPT_TLS
231	help
232	  "This variable specifies maximum number of TLS/DTLS contexts that can
233	   be allocated at the same time."
234
235config ZVFS_OPEN_ADD_SIZE_TLS
236	int "Number of TLS network sockets to allocate"
237	default NET_SOCKETS_TLS_MAX_CONTEXTS if NET_SOCKETS_SOCKOPT_TLS
238	default 0
239
240config NET_SOCKETS_TLS_MAX_CREDENTIALS
241	int "Maximum number of TLS/DTLS credentials per socket"
242	default 4
243	depends on NET_SOCKETS_SOCKOPT_TLS
244	help
245	  This variable sets maximum number of TLS/DTLS credentials that can be
246	  used with a specific socket.
247
248config NET_SOCKETS_TLS_MAX_CIPHERSUITES
249	int "Maximum number of TLS/DTLS ciphersuites per socket"
250	default 4
251	depends on NET_SOCKETS_SOCKOPT_TLS
252	help
253	  This variable sets maximum number of TLS/DTLS ciphersuites that can
254	  be used with specific socket, if set explicitly by socket option.
255	  By default, all ciphersuites that are available in the system are
256	  available to the socket.
257
258config NET_SOCKETS_TLS_MAX_APP_PROTOCOLS
259	int "Maximum number of supported application layer protocols"
260	default 2
261	depends on NET_SOCKETS_SOCKOPT_TLS && MBEDTLS_SSL_ALPN
262	help
263	  This variable sets maximum number of supported application layer
264	  protocols over TLS/DTLS that can be set explicitly by a socket option.
265	  By default, no supported application layer protocol is set.
266
267config NET_SOCKETS_TLS_MAX_CLIENT_SESSION_COUNT
268	int "Maximum number of stored client TLS/DTLS sessions"
269	default 1
270	depends on NET_SOCKETS_SOCKOPT_TLS
271	help
272	  This variable specifies maximum number of stored TLS/DTLS sessions,
273	  used for TLS/DTLS session resumption.
274
275config NET_SOCKETS_TLS_CERT_VERIFY_CALLBACK
276	bool "TLS certificate verification callback support"
277	depends on NET_SOCKETS_SOCKOPT_TLS
278	help
279	  This option controls whether TLS_CERT_VERIFY_CALLBACK TLS socket option
280	  is available to use. It allows to register a certificate verification
281	  callback, which is called by the TLS backend during the TLS handshake.
282
283config NET_SOCKETS_OFFLOAD
284	bool "Offload Socket APIs"
285	help
286	  Enables direct offloading of socket operations to dedicated TCP/IP
287	  hardware.
288	  This feature is intended to save resources by bypassing the Zephyr
289	  TCP/IP stack in the case where there is only one network interface
290	  required in the system, providing full BSD socket offload capability.
291	  As a result, it bypasses any potential IP routing that Zephyr might
292	  provide between multiple network interfaces.
293	  See NET_OFFLOAD for a more deeply integrated approach which offloads
294	  from the net_context() API within the Zephyr IP stack.
295
296config NET_SOCKETS_OFFLOAD_PRIORITY
297	int "Default processing priority for offloaded sockets"
298	default 40
299	help
300	  Processing priority for offloaded sockets.
301
302	  If native TLS is enabled, lower value than NET_SOCKETS_TLS_PRIORITY
303	  means that TLS will be offloaded as well (if supported by offloaded
304	  socket implementation). Higher value than NET_SOCKETS_TLS_PRIORITY
305	  means that native TLS will be used.
306
307config NET_SOCKETS_OFFLOAD_DISPATCHER
308	bool "Intermediate socket offloading layer"
309	depends on NET_SOCKETS_OFFLOAD
310	help
311	  If enabled, an intermediate socket offloading layer is included
312	  (called socket dispatcher), allowing to select an offloaded network
313	  interface and thus socket implementation with SO_BINDTODEVICE socket
314	  option. This can be useful, when multiple offloaded sockets
315	  implementations are available in the system, allowing to easily bind
316	  a socket to a particular implementation.
317
318config NET_SOCKETS_OFFLOAD_DISPATCHER_CONTEXT_MAX
319	int "Maximum number of dispatcher sockets created"
320	default 4
321	depends on NET_SOCKETS_OFFLOAD_DISPATCHER
322	help
323	  Maximum number of dispatcher sockets created at a time. Note, that
324	  only sockets that has not been dispatched yet count into the limit.
325	  After a proper socket has been created for a given file descriptor,
326	  the dispatcher context is released and can be reused.
327
328config NET_SOCKETS_PACKET
329	bool "Packet socket support"
330	select NET_CONNECTION_SOCKETS
331	help
332	  This is an initial version of packet socket support (special type
333	  raw socket). Packets are passed to and from the device driver
334	  without any changes in the packet headers. It's API caller
335	  responsibility to provide all the headers (e.g L2, L3 and so on)
336	  while sending. While receiving, packets (including all the headers)
337	  will be fed to sockets unchanged as provided by the driver.
338
339config NET_SOCKETS_PACKET_DGRAM
340	bool "Packet socket SOCK_DGRAM support"
341	depends on NET_SOCKETS_PACKET
342	default y
343	help
344	  For AF_PACKET sockets with SOCK_DGRAM type, the L2 header
345	  is removed before the packet is passed to the user.  Packets sent
346	  through a SOCK_DGRAM packet socket get a suitable L2 header based
347	  on the information in the net_sockaddr_ll destination address before
348	  they are queued.
349
350config NET_SOCKETS_INET_RAW
351	bool "AF_INET/AF_INET6 and SOCK_RAW sockets support"
352	depends on NET_NATIVE_IP
353	help
354	  Support SOCK_RAW socket type for AF_INET/AF_INET6 sockets. This allows
355	  to receive raw IP datagrams before further processing takes place.
356
357config NET_SOCKETS_CAN
358	bool "Socket CAN support [EXPERIMENTAL]"
359	select NET_L2_CANBUS_RAW
360	select NET_CONNECTION_SOCKETS
361	select EXPERIMENTAL
362	help
363	  The value depends on your network needs.
364
365config NET_SOCKETS_CAN_RECEIVERS
366	int "How many simultaneous SocketCAN receivers are allowed"
367	default 1
368	depends on NET_SOCKETS_CAN
369	help
370	  The value tells how many sockets can receive data from same
371	  Socket-CAN interface.
372
373config NET_SOCKETPAIR
374	bool "Support for socketpair"
375	help
376	  Communicate over a pair of connected, unnamed UNIX domain sockets.
377
378if NET_SOCKETPAIR
379
380config NET_SOCKETPAIR_BUFFER_SIZE
381	int "Size of the intermediate buffer, in bytes"
382	default 64
383	range 1 4096
384	help
385	  Buffer size for socketpair(2)
386
387choice NET_SOCKETPAIR_ALLOCATION_STRATEGY
388	prompt "Memory management for socketpair"
389	default NET_SOCKETPAIR_HEAP if KERNEL_MEM_POOL
390
391config NET_SOCKETPAIR_STATIC
392	bool "Pre-allocate memory statically"
393
394config NET_SOCKETPAIR_HEAP
395	bool "Use heap for allocating socketpairs"
396
397endchoice
398
399if NET_SOCKETPAIR_STATIC
400
401config NET_SOCKETPAIR_MAX
402	int "How many socketpairs to pre-allocate"
403	default 1
404
405endif # NET_SOCKETPAIR_STATIC
406
407if NET_SOCKETPAIR_HEAP
408
409config HEAP_MEM_POOL_ADD_SIZE_SOCKETPAIR
410	int
411	default 296
412
413endif # NET_SOCKETPAIR_HEAP
414
415endif # NET_SOCKETPAIR
416
417config NET_SOCKETS_NET_MGMT
418	bool "Network management socket support [EXPERIMENTAL]"
419	depends on NET_MGMT_EVENT
420	select NET_MGMT_EVENT_INFO
421	select EXPERIMENTAL
422	help
423	  Select this if you want to use socket API to get network
424	  managements events to your application.
425	  Note, that the thread using net_mgmt sockets should have at least
426	  the same priority as the thread processing network events (see
427	  CONFIG_NET_MGMT_EVENT_WORKER), otherwise in case of event bursts some
428	  events may be lost.
429
430config NET_SOCKETS_NET_MGMT_MAX_LISTENERS
431	int "Max number of sockets to listen"
432	default 1
433	depends on NET_SOCKETS_NET_MGMT
434	help
435	  This sets the maximum number of net_mgmt sockets that can
436	  be set by the socket interface. So if you have two separate
437	  sockets that are used for listening events, you need to set
438	  this to two.
439
440module = NET_SOCKETS
441module-dep = NET_LOG
442module-str = Log level for BSD sockets compatible API calls
443module-help = Enables logging for sockets code.
444source "subsys/net/Kconfig.template.log_config.net"
445
446config NET_SOCKETS_OBJ_CORE
447	bool "Object core socket support [EXPERIMENTAL]"
448	depends on OBJ_CORE
449	select OBJ_CORE_STATS
450	select EXPERIMENTAL
451	help
452	  Select this if you want to use object core with socket API to get
453	  network socket information and statistics via object core.
454	  The net-shell "net sockets" command will use this functionality
455	  to show the socket information.
456
457endif # NET_SOCKETS
458