1# WPA Supplicant configuration options 2# 3# Copyright (c) 2023 Nordic Semiconductor 4# 5# SPDX-License-Identifier: Apache-2.0 6# 7 8config WIFI_NM_WPA_SUPPLICANT 9 bool "WPA Suplicant from hostap project [EXPERIMENTAL]" 10 select POSIX_TIMERS 11 select POSIX_SIGNALS 12 select POSIX_API 13 select XSI_SINGLE_PROCESS 14 select NET_SOCKETS 15 select NET_SOCKETS_PACKET 16 select NET_L2_WIFI_MGMT 17 select WIFI_NM 18 select EXPERIMENTAL 19 select COMMON_LIBC_MALLOC 20 select ZVFS 21 select ZVFS_EVENTFD 22 help 23 WPA supplicant as a network management backend for WIFI_NM. 24 25if WIFI_NM_WPA_SUPPLICANT 26 27config ZVFS_OPEN_ADD_SIZE_WIFI_NM_WPA_SUPPLICANT 28 int "Number of socket descriptors needed by hostap" 29 default 12 30 31config WIFI_NM_WPA_SUPPLICANT_GLOBAL_HEAP 32 bool "Use Zephyr kernel heap for Wi-Fi driver" 33 default y 34 help 35 Enable this option to use K_HEAP for memory allocations in supplicant. 36 37if !WIFI_NM_WPA_SUPPLICANT_GLOBAL_HEAP 38config WIFI_NM_WPA_SUPPLICANT_HEAP 39 int "Dedicated memory pool for wpa_supplicant" 40 def_int 66560 if WIFI_NM_HOSTAPD_AP 41 def_int 60000 if WIFI_USAGE_MODE_STA_AP 42 def_int 55000 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE && WIFI_CREDENTIALS 43 def_int 48000 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 44 def_int 41808 if WIFI_NM_WPA_SUPPLICANT_AP 45 def_int 40000 if WIFI_NM_MAX_MANAGED_INTERFACES=2 46 # 30K is mandatory, but might need more for long duration use cases 47 def_int 30000 48endif # !WIFI_NM_WPA_SUPPLICANT_GLOBAL_HEAP 49 50if WIFI_NM_WPA_SUPPLICANT_GLOBAL_HEAP 51config HEAP_MEM_POOL_ADD_SIZE_HOSTAP 52 def_int 66560 if WIFI_NM_HOSTAPD_AP 53 def_int 60000 if WIFI_USAGE_MODE_STA_AP 54 def_int 55000 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE && WIFI_CREDENTIALS 55 def_int 48000 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 56 def_int 41808 if WIFI_NM_WPA_SUPPLICANT_AP 57 # 30K is mandatory, but might need more for long duration use cases 58 def_int 30000 59endif # WIFI_NM_WPA_SUPPLICANT_GLOBAL_HEAP 60 61 62config WIFI_NM_WPA_SUPPLICANT_THREAD_STACK_SIZE 63 int "Stack size for wpa_supplicant thread" 64 # TODO: Providing higher stack size for Enterprise mode to fix stack 65 # overflow issues. Need to identify the cause for higher stack usage. 66 default 8192 if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE || WIFI_USAGE_MODE_STA_AP 67 # This is needed to handle stack overflow issues on nRF Wi-Fi drivers. 68 default 5900 if WIFI_NM_WPA_SUPPLICANT_AP 69 default 5800 70 71config WIFI_NM_WPA_SUPPLICANT_WQ_STACK_SIZE 72 int "Stack size for wpa_supplicant iface workqueue" 73 default 4400 74 75config WIFI_NM_WPA_SUPPLICANT_WQ_PRIO 76 int "Thread priority of wpa_supplicant iface workqueue" 77 default 7 78 79config WIFI_NM_WPA_SUPPLICANT_PRIO 80 int "Thread priority of wpa_supplicant" 81 default 0 82 83# Currently we default ZVFS_OPEN_MAX to 16 in lib/posix/Kconfig 84# l2_packet - 1 85# ctrl_iface - 2 * socketpairs = 4(local and global) 86# z_wpa_event_sock - 1 socketpair = 2 87# Remaining left for the applications running in default configuration 88 89# Supplicant API is stack heavy (buffers + snprintfs) and control interface 90# uses socketpair which pushes the stack usage causing overflow for 2048 bytes. 91# So we set SYSTEM_WORKQUEUE_STACK_SIZE default to 2560 in kernel/Kconfig 92 93module = WIFI_NM_WPA_SUPPLICANT 94module-str = WPA supplicant 95source "subsys/logging/Kconfig.template.log_config" 96 97config WIFI_NM_WPA_SUPPLICANT_DEBUG_LEVEL 98 int "Min compiled-in debug message level for WPA supplicant" 99 default 0 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_DBG # MSG_EXCESSIVE 100 default 3 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_INF # MSG_INFO 101 default 4 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_WRN # MSG_WARNING 102 default 5 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_ERR # MSG_ERROR 103 default 5 104 help 105 Minimum priority level of a debug message emitted by WPA supplicant that 106 is compiled-in the firmware. See wpa_debug.h file of the supplicant for 107 available levels and functions for emitting the messages. Note that 108 runtime filtering can also be configured in addition to the compile-time 109 filtering. 110 111config WIFI_NM_WPA_SUPPLICANT_DEBUG_SHOW_KEYS 112 bool "Include key material in debug output" 113 help 114 This option enables inclusion of key material (passwords, encryption keys, 115 etc.) in debug output. This is equivalent to the -K command line flag 116 in wpa_supplicant. 117 118 WARNING: This is a security risk and should only be enabled during 119 development or debugging. Key material should never be logged in production 120 systems as it can compromise network security. 121 122if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_DBG 123# hostap debug is very verbose and despite large log buffer sizes 124# log messages can be lost. So, we set the log mode to immediate 125# to avoid losing any debug messages. 126choice LOG_MODE 127 default LOG_MODE_IMMEDIATE 128endchoice 129endif # WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_DBG 130 131# Memory optimizations 132config WIFI_NM_WPA_SUPPLICANT_ADVANCED_FEATURES 133 bool "Advanced features" 134 default y if !SOC_FAMILY_NORDIC_NRF 135 136if WIFI_NM_WPA_SUPPLICANT_ADVANCED_FEATURES 137 138config WIFI_NM_WPA_SUPPLICANT_ROBUST_AV 139 bool "Robust Audio Video streaming support" 140 default y 141 142# Hidden as these are mandatory for WFA certification 143config WIFI_NM_WPA_SUPPLICANT_WMM_AC 144 bool 145 default y 146 147config WIFI_NM_WPA_SUPPLICANT_MBO 148 bool 149 default y 150 151config WIFI_NM_WPA_SUPPLICANT_WNM 152 bool "Wireless Network Management support" 153 default y 154 155config WIFI_NM_WPA_SUPPLICANT_RRM 156 bool "Radio Resource Management support" 157 default y 158endif 159 160config WIFI_NM_WPA_SUPPLICANT_WEP 161 bool "WEP (Legacy crypto) support" 162 163choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND 164 prompt "WPA supplicant crypto implementation" 165 default WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT 166 help 167 Select the crypto implementation to use for WPA supplicant. 168 WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT supports enterprise mode 169 and DPP. 170 171config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT 172 bool "Crypto Mbedtls alt support for WiFi" 173 select MBEDTLS 174 select MBEDTLS_CIPHER_MODE_CTR_ENABLED 175 select MBEDTLS_CIPHER_MODE_CBC_ENABLED 176 select MBEDTLS_CIPHER_AES_ENABLED 177 select MBEDTLS_CIPHER_DES_ENABLED 178 select MBEDTLS_MD5 179 select MBEDTLS_SHA1 180 select MBEDTLS_SHA384 181 select MBEDTLS_ENTROPY_C 182 select MBEDTLS_CIPHER 183 select MBEDTLS_ECP_C 184 select MBEDTLS_ECP_ALL_ENABLED 185 select MBEDTLS_CMAC 186 select MBEDTLS_PKCS5_C 187 select MBEDTLS_PK_WRITE_C 188 select MBEDTLS_ECDH_C 189 select MBEDTLS_ECDSA_C 190 select MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED 191 select MBEDTLS_RSA_C 192 select MBEDTLS_PKCS1_V15 193 select MBEDTLS_PKCS1_V21 194 select MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 195 select MBEDTLS_NIST_KW_C 196 select MBEDTLS_DHM_C 197 select MBEDTLS_HKDF_C 198 199config WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 200 bool "No Crypto support for WiFi" 201 202config WIFI_NM_WPA_SUPPLICANT_CRYPTO_EXT 203 bool "External Crypto support for hostap" 204 help 205 Use external crypto implementation for hostp, this is useful for 206 platforms where the crypto implementation is provided by the platform 207 and not by Zephyr. The external crypto implementation should provide 208 the required APIs and any other dependencies required by hostap. 209 210endchoice 211 212config WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA 213 bool "Crypto Platform Secure Architecture support for WiFi" 214 select PSA_CRYPTO 215 select MBEDTLS_USE_PSA_CRYPTO 216 select PSA_WANT_ALG_ECDH 217 select PSA_WANT_ALG_HMAC 218 select PSA_WANT_ALG_CCM 219 select PSA_WANT_ALG_CTR 220 select PSA_WANT_ALG_MD5 221 select PSA_WANT_ALG_SHA_1 222 select PSA_WANT_ALG_SHA_256 223 select PSA_WANT_ALG_SHA_224 224 select PSA_WANT_ALG_SHA_384 225 select PSA_WANT_ALG_SHA_512 226 select PSA_WANT_ALG_PBKDF2_HMAC 227 select PSA_WANT_ALG_CMAC 228 select PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 229 select PSA_WANT_KEY_TYPE_AES 230 select PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 231 select PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 232 help 233 Support Mbedtls 3.x to use PSA apis instead of legacy apis. 234 235config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 236 bool "Enterprise Crypto support for WiFi" 237 select MBEDTLS_PEM_CERTIFICATE_FORMAT if MBEDTLS_BUILTIN 238 select MBEDTLS_SERVER_NAME_INDICATION if MBEDTLS_BUILTIN 239 select MBEDTLS_X509_CRL_PARSE_C 240 select MBEDTLS_SSL_PROTO_TLS1_2 241 select MBEDTLS_SSL_KEYING_MATERIAL_EXPORT 242 select NOT_SECURE 243 select WIFI_CERTIFICATE_LIB 244 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 245 help 246 Enable Enterprise Crypto support for WiFi. This feature 247 is considered NOT SECURE due the lack of certificate 248 validation. 249 250if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 251config EAP_TLS 252 bool "EAP-TLS support" 253 254config EAP_TTLS 255 bool "EAP-TTLS support" 256 257config EAP_PEAP 258 bool "EAP-PEAP support" 259 260config EAP_MD5 261 bool "EAP-MD5 support" 262 263config EAP_GTC 264 bool "EAP-GTC support" 265 266config EAP_MSCHAPV2 267 bool "EAP-MSCHAPv2 support" 268 269config EAP_LEAP 270 bool "EAP-LEAP support" 271 272config EAP_PSK 273 bool "EAP-PSK support" 274 275config EAP_PAX 276 bool "EAP-PAX support" 277 278config EAP_SAKE 279 bool "EAP-SAKE support" 280 281config EAP_GPSK 282 bool "EAP-GPSK support" 283 284config EAP_PWD 285 bool "EAP-PWD support" 286 287config EAP_EKE 288 bool "EAP-EKE support" 289 290config EAP_IKEV2 291 bool "EAP-IKEv2 support" 292 293config EAP_SIM 294 bool "EAP-SIM support" 295 296config EAP_AKA 297 bool "EAP-AKA support" 298 299config EAP_FAST 300 bool "EAP-FAST support" 301 302config EAP_ALL 303 bool "All EAP methods support" 304 select EAP_TLS 305 select EAP_PEAP 306 select EAP_GTC 307 select EAP_TTLS 308 select EAP_MSCHAPV2 309 default y 310 311config EAP_TLSV1_3 312 bool "EAP TLSv1.3 support" 313 select MBEDTLS_SSL_PROTO_TLS1_3 314 select MBEDTLS_SSL_SESSION_TICKETS 315 select MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 316 select MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 317 select MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 318endif # WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 319 320config WIFI_NM_WPA_SUPPLICANT_WPA3 321 bool "WPA3 support" 322 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 323 default y 324 325config WIFI_NM_WPA_SUPPLICANT_AP 326 bool "SoftAP mode support based on WPA supplicant" 327 default y if WIFI_USAGE_MODE_AP || WIFI_USAGE_MODE_STA_AP 328 329config WIFI_NM_WPA_SUPPLICANT_WPS 330 bool "WPS support" 331 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 332 333config WIFI_NM_HOSTAPD_WPS 334 bool "WPS hostapd support" 335 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 336 depends on WIFI_NM_HOSTAPD_AP 337 338config WIFI_NM_WPA_SUPPLICANT_P2P 339 bool "P2P mode support" 340 select WIFI_NM_WPA_SUPPLICANT_AP 341 select WIFI_NM_WPA_SUPPLICANT_WPS 342 select WIFI_NM_WPA_SUPPLICANT_EAPOL 343 344config WIFI_NM_WPA_SUPPLICANT_EAPOL 345 bool "EAPoL supplicant" 346 default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 347 348config WIFI_NM_WPA_SUPPLICANT_CLI 349 bool "CLI support for wpa_supplicant" 350 351config WIFI_NM_WPA_SUPPLICANT_INF_MON 352 bool "Monitor the net mgmt event to add/del interface" 353 default y 354 355config WIFI_NM_HOSTAPD_AP 356 bool "FullAP mode support based on Hostapd" 357 depends on !WIFI_NM_WPA_SUPPLICANT_INF_MON 358 359config WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE 360 bool "Hostapd crypto enterprise support" 361 select WIFI_CERTIFICATE_LIB 362 depends on WIFI_NM_HOSTAPD_AP 363 364if WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE 365config EAP_SERVER_TLS 366 bool "EAP-TLS server support" 367 368config EAP_SERVER_IDENTITY 369 bool "EAP-IDENTITY server support" 370 371config EAP_SERVER_MD5 372 bool "EAP-MD5 server support" 373 374config EAP_SERVER_MSCHAPV2 375 bool "EAP-MSCHAPV2 server support" 376 377config EAP_SERVER_PEAP 378 bool "EAP-PEAP server support" 379 380config EAP_SERVER_GTC 381 bool "EAP-GTC server support" 382 383config EAP_SERVER_TTLS 384 bool "EAP-TTLS server support" 385 386config EAP_SERVER_ALL 387 bool "All EAP methods support" 388 select EAP_SERVER_TLS 389 select EAP_SERVER_MSCHAPV2 390 select EAP_SERVER_PEAP 391 select EAP_SERVER_GTC 392 select EAP_SERVER_TTLS 393 default y 394 395endif # WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE 396 397config WIFI_NM_WPA_SUPPLICANT_BSS_MAX_IDLE_TIME 398 int "BSS max idle timeout in seconds" 399 range 0 64000 400 default 300 401 help 402 BSS max idle timeout is the period for which AP may keep a client 403 in associated state while there is no traffic from that particular 404 client. Set 0 to disable inclusion of BSS max idle time tag in 405 association request. If a non-zero value is set, STA can suggest a 406 timeout by including BSS max idle period in the association request. 407 AP may choose to consider or ignore the STA's preferred value. 408 Ref: Sec 11.21.13 of IEEE Std 802.11™-2020 409 410config WIFI_NM_WPA_SUPPLICANT_NO_DEBUG 411 bool "Disable printing of debug messages, saves code size significantly" 412 413 414config WIFI_NM_WPA_SUPPLICANT_DPP 415 bool "WFA Easy Connect DPP" 416 select DPP 417 select DPP2 418 select DPP3 419 select GAS 420 select GAS_SERVER 421 select OFFCHANNEL 422 select MBEDTLS_X509_CSR_WRITE_C 423 select MBEDTLS_X509_CSR_PARSE_C 424 425config WIFI_NM_WPA_SUPPLICANT_11AC 426 bool "IEEE 802.11ac VHT support" 427 depends on WIFI_NM_WPA_SUPPLICANT_AP || WIFI_NM_HOSTAPD_AP 428 default y 429 430config WIFI_NM_WPA_SUPPLICANT_11AX 431 bool "IEEE 802.11ax HE support" 432 depends on WIFI_NM_WPA_SUPPLICANT_AP || WIFI_NM_HOSTAPD_AP 433 default y 434 435config WPA_CLI 436 bool "WPA CLI support" 437 default y if WIFI_NM_WPA_SUPPLICANT_CLI 438 help 439 Enable WPA CLI support for wpa_supplicant. 440 441if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 442 config MBEDTLS_SSL_MAX_CONTENT_LEN 443 default 16384 444endif 445 446config WIFI_NM_WPA_SUPPLICANT_ROAMING 447 bool "Roaming support" 448 imply IEEE80211R 449 help 450 Enable roaming support with wpa_supplicant. When current BSS RSSI drops, 451 STA will try to find an AP with better RSSI. If found, STA will reassociate 452 to the new AP automatically without losing connection. 453 454config WIFI_NM_WPA_SUPPLICANT_SKIP_DHCP_ON_ROAMING 455 bool "Skip DHCP after roaming to new AP" 456 help 457 For L2 roaming, the original AP and new AP are in the same subnet, client 458 can use same IP address and skip DHCP. Enable this to skip DHCP. 459 For L3 roaming, the original AP and new AP are in different subnet, client 460 needs to get new IP address after roaming to new AP. Disable this to keep 461 DHCP after roaming. 462 463config WIFI_NM_WPA_SUPPLICANT_BGSCAN 464 bool "Background scanning (for legacy roaming), recommended if 802.11r is not supported" 465 depends on WIFI_NM_WPA_SUPPLICANT_WNM 466 depends on !WIFI_NM_WPA_SUPPLICANT_ROAMING 467 468if WIFI_NM_WPA_SUPPLICANT_BGSCAN 469 470config WIFI_NM_WPA_SUPPLICANT_BGSCAN_SIMPLE 471 bool "Simple background scanning" 472 default y 473 help 474 Periodic background scans based on signal strength. 475 476config WIFI_NM_WPA_SUPPLICANT_BGSCAN_LEARN 477 bool "Learning" 478 help 479 Learn channels used by the network and try to avoid 480 background scans on other channels (experimental). 481 482endif # WIFI_NM_WPA_SUPPLICANT_BGSCAN 483 484# Create hidden config options that are used in hostap. This way we do not need 485# to mark them as allowed for CI checks, and also someone else cannot use the 486# same name options. 487 488config SME 489 bool 490 default y 491 492config NO_CONFIG_WRITE 493 bool 494 default y 495 496config NO_CONFIG_BLOBS 497 bool 498 default y if !WIFI_NM_WPA_SUPPLICANT_DPP && !WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE 499 500config CTRL_IFACE 501 bool 502 default y 503 504config CTRL_IFACE_ZEPHYR 505 bool 506 default y 507 508config NO_RANDOM_POOL 509 bool 510 default y 511 512config WNM 513 bool 514 515config BGSCAN 516 bool 517 518config BGSCAN_SIMPLE 519 bool 520 521config BGSCAN_LEARN 522 bool 523 524config NO_WPA 525 bool 526 default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 527 528config NO_PBKDF2 529 bool 530 default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 531 532config SAE_PK 533 bool 534 535config FST 536 bool 537 538config TESTING_OPTIONS 539 bool 540 541config AP 542 bool 543 depends on WIFI_NM_WPA_SUPPLICANT_AP || WIFI_NM_HOSTAPD_AP 544 default y if WIFI_NM_WPA_SUPPLICANT_AP || WIFI_NM_HOSTAPD_AP 545 546config NO_RADIUS 547 bool 548 549config NO_VLAN 550 bool 551 552config NO_ACCOUNTING 553 bool 554 555config NEED_AP_MLME 556 bool 557 558config IEEE80211AX 559 bool 560 561config EAP_SERVER 562 bool 563 564config EAP_SERVER_IDENTITY 565 bool 566 567config P2P 568 bool 569 570config GAS 571 bool 572 573config GAS_SERVER 574 bool 575 576config OFFCHANNEL 577 bool 578 579config WPS 580 bool 581 582config WSC 583 bool 584 585config IEEE8021X_EAPOL 586 bool 587 588config CRYPTO_INTERNAL 589 bool 590 591config ECC 592 bool 593 594config MBO 595 bool 596 597config NO_STDOUT_DEBUG 598 bool 599 600config SAE 601 bool 602 603config SHA256 604 bool 605 606config SHA384 607 bool 608 609config SHA512 610 bool 611 612config SUITEB192 613 bool 614 615config SUITEB 616 bool 617 618config WEP 619 bool 620 default y if WIFI_NM_WPA_SUPPLICANT_WEP 621 622config WPA_CRYPTO 623 bool 624 625config WPA_SUPP_CRYPTO 626 bool 627 628config NO_ROBUST_AV 629 bool 630 631config NO_RRM 632 bool 633 634config NO_WMM_AC 635 bool 636 637config DPP 638 bool 639 640config DPP2 641 bool 642 643config DPP3 644 bool 645 646config ACS 647 bool 648 649config IEEE80211AC 650 bool 651 652config HS20 653 bool 654 655config IEEE80211R 656 bool 657 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE 658 659config NW_SEL_RELIABILITY 660 bool 661 default y 662 depends on WIFI_NM_WPA_SUPPLICANT_NW_SEL_RELIABILITY 663 664choice WIFI_NM_WPA_SUPPLICANT_NW_SEL 665 prompt "WPA supplicant Network selection criterion" 666 default WIFI_NM_WPA_SUPPLICANT_NW_SEL_THROUGHPUT 667 help 668 Select the network selection method for the supplicant. 669 670config WIFI_NM_WPA_SUPPLICANT_NW_SEL_THROUGHPUT 671 bool "Throughput based network selection" 672 help 673 Select the network based on throughput. 674 675config WIFI_NM_WPA_SUPPLICANT_NW_SEL_RELIABILITY 676 bool "Reliability based network selection" 677 help 678 Select the network based on reliability. 679 680endchoice 681 682config SAE_PWE_EARLY_EXIT 683 bool "Exit early if PWE if found" 684 help 685 In order to mitigate side channel attacks, even if the PWE is found the WPA 686 supplicant goes through full iterations, but in some low-resource systems 687 this can be intensive, so, add an option to exit early. 688 Note that this is highly insecure and shouldn't be used in production 689 690config WIFI_NM_WPA_SUPPLICANT_CRYPTO_TEST 691 bool 692 depends on WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA 693 694config WIFI_NM_WPA_CTRL_RESP_TIMEOUT_S 695 int "WPA supplicant control interface response timeout in seconds" 696 default 15 697 help 698 Timeout for the control interface commands to get a response from the 699 supplicant. 700 701config WIFI_NM_HOSTAPD_REGULATORY_REGION 702 string "Select Wi-Fi Regulatory Domain" 703 default "00" 704 depends on WIFI_NM_HOSTAPD_AP 705 help 706 Region/Country code (ISO/IEC 3166-1).Used to set regulatory domain. 707 Set as needed to indicate country in which device is operating. 708 This can limit available channels and transmit power. 709 These two octets are used as the first two octets of the Country String 710 (dot11CountryString). "00" stands for World Wide mode. 711 712config WIFI_NM_HOSTAPD_REGULATORY_ENV 713 int "Select Wi-Fi Regulatory Environment" 714 default 32 715 depends on WIFI_NM_HOSTAPD_AP 716 help 717 The third octet of the Country String (dot11CountryString) 718 This parameter is used to set the third octet of the country string. 719 All supported environments of current region can be used with 720 default value of 0x20 or 32. 721 722config WIFI_NM_WPA_SUPPLICANT_BTM_PRE_SCAN_CHECK 723 bool "Pre-scan check for BTM" 724 default y if !SOC_FAMILY_NORDIC_NRF 725 help 726 This option is used to enable the pre-scan check for BTM. 727 When no candidate is found, a new scan is performed. 728 Disable this if the chip takes too long to perform a scan causing 729 disassociations in WFA QT tests. 730 731endif # WIFI_NM_WPA_SUPPLICANT 732
