blob: f90ab2c0b8833c0e521264740f50a92f0b5f9397 [file] [log] [blame]
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +05301# WPA Supplicant configuration options
2#
3# Copyright (c) 2023 Nordic Semiconductor
4#
5# SPDX-License-Identifier: Apache-2.0
6#
7
Jukka Rissanen57b4ff12024-02-28 11:33:51 +02008config WIFI_NM_WPA_SUPPLICANT
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +05309 bool "WPA Suplicant from hostap project [EXPERIMENTAL]"
Chris Friedt4a5c4e52024-05-20 12:23:58 -040010 select POSIX_TIMERS
Chris Friedt3f29b172024-05-23 12:52:03 -040011 select POSIX_SIGNALS
Chaitanya Tatae2f47112023-09-18 15:48:45 +053012 select POSIX_API
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +053013 select NET_SOCKETS
14 select NET_SOCKETS_PACKET
15 select NET_SOCKETPAIR
16 select NET_L2_WIFI_MGMT
17 select WIFI_NM
18 select EXPERIMENTAL
Chaitanya Tata2f29c102024-02-08 23:02:54 +053019 select COMMON_LIBC_MALLOC
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +053020 help
21 WPA supplicant as a network management backend for WIFI_NM.
22
Jukka Rissanen57b4ff12024-02-28 11:33:51 +020023if WIFI_NM_WPA_SUPPLICANT
24
Chaitanya Tata2f29c102024-02-08 23:02:54 +053025config COMMON_LIBC_MALLOC_ARENA_SIZE
Chaitanya Tata86c3e0a2024-02-19 01:45:48 +053026 default 40000 if WIFI_NM_WPA_SUPPLICANT_AP
Chaitanya Tataa62f85c2024-03-05 01:51:53 +053027 # 8192 for MbedTLS heap
28 default 21808 if MBEDTLS_ENABLE_HEAP
Chaitanya Tata2f29c102024-02-08 23:02:54 +053029 # 30K is mandatory, but might need more for long duration use cases
30 default 30000
31
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +053032config WIFI_NM_WPA_SUPPLICANT_THREAD_STACK_SIZE
33 int "Stack size for wpa_supplicant thread"
34 default 8192
35
Chaitanya Tatae2f47112023-09-18 15:48:45 +053036config WIFI_NM_WPA_SUPPLICANT_WQ_STACK_SIZE
37 int "Stack size for wpa_supplicant iface workqueue"
38 default 4096
39
Jukka Rissanen1f79c112023-10-31 15:14:41 +020040config WIFI_NM_WPA_SUPPLICANT_WQ_PRIO
41 int "Thread priority of wpa_supplicant iface workqueue"
42 default 7
43
Chris Friedtbc4374b2024-05-21 22:45:15 -040044# Currently we default ZVFS_OPEN_MAX to 16 in lib/posix/Kconfig
Jukka Rissanen83c875a2023-10-20 15:36:56 +030045# l2_packet - 1
46# ctrl_iface - 2 * socketpairs = 4(local and global)
47# z_wpa_event_sock - 1 socketpair = 2
48# Remaining left for the applications running in default configuration
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +053049
50# Supplicant API is stack heavy (buffers + snprintfs) and control interface
51# uses socketpair which pushes the stack usage causing overflow for 2048 bytes.
Jukka Rissanen83c875a2023-10-20 15:36:56 +030052# So we set SYSTEM_WORKQUEUE_STACK_SIZE default to 2560 in kernel/Kconfig
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +053053
54module = WIFI_NM_WPA_SUPPLICANT
55module-str = WPA supplicant
56source "subsys/logging/Kconfig.template.log_config"
57
58config WIFI_NM_WPA_SUPPLICANT_DEBUG_LEVEL
59 int "Min compiled-in debug message level for WPA supplicant"
60 default 0 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_DBG # MSG_EXCESSIVE
61 default 3 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_INF # MSG_INFO
62 default 4 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_WRN # MSG_WARNING
63 default 5 if WIFI_NM_WPA_SUPPLICANT_LOG_LEVEL_ERR # MSG_ERROR
64 default 6
65 help
66 Minimum priority level of a debug message emitted by WPA supplicant that
67 is compiled-in the firmware. See wpa_debug.h file of the supplicant for
68 available levels and functions for emitting the messages. Note that
69 runtime filtering can also be configured in addition to the compile-time
70 filtering.
71
Chaitanya Tatac1a0ac82023-10-11 20:19:36 +053072# Memory optimizations
73config WIFI_NM_WPA_SUPPLICANT_ADVANCED_FEATURES
74 bool "Advanced features"
75 default y
76
77if WIFI_NM_WPA_SUPPLICANT_ADVANCED_FEATURES
78
79config WIFI_NM_WPA_SUPPLICANT_ROBUST_AV
80 bool "Robust Audio Video streaming support"
81 default y
82
Chaitanya Tata786fee72023-11-23 21:24:19 +053083# Hidden as these are mandatory for WFA certification
Chaitanya Tatac1a0ac82023-10-11 20:19:36 +053084config WIFI_NM_WPA_SUPPLICANT_WMM_AC
Chaitanya Tata786fee72023-11-23 21:24:19 +053085 bool
Chaitanya Tatac1a0ac82023-10-11 20:19:36 +053086 default y
87
88config WIFI_NM_WPA_SUPPLICANT_MBO
Chaitanya Tata786fee72023-11-23 21:24:19 +053089 bool
Chaitanya Tatac1a0ac82023-10-11 20:19:36 +053090 default y
91
92config WIFI_NM_WPA_SUPPLICANT_WNM
93 bool "Wireless Network Management support"
94 default y
95
96config WIFI_NM_WPA_SUPPLICANT_RRM
97 bool "Radio Resource Management support"
98 default y
99endif
100
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530101config WIFI_NM_WPA_SUPPLICANT_WEP
102 bool "WEP (Legacy crypto) support"
103
104choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND
105 prompt "WPA supplicant crypto implementation"
Jukka Rissanend5dd3a02024-02-28 11:36:12 +0200106 default WIFI_NM_WPA_SUPPLICANT_CRYPTO
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530107 help
108 Select the crypto implementation to use for WPA supplicant.
Fengming Ye6f0c8362024-05-29 17:59:17 +0900109 WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT support enterprise
110 and DPP. And use Mbedtls PSA apis for HW acceleration.
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530111
Jukka Rissanend5dd3a02024-02-28 11:36:12 +0200112config WIFI_NM_WPA_SUPPLICANT_CRYPTO
113 bool "Crypto support for WiFi"
Krishna Tc99aac02023-03-29 15:40:26 +0530114 select MBEDTLS
Chaitanya Tata99e472b2023-11-02 22:21:13 +0530115 select MBEDTLS_CIPHER_MODE_CTR_ENABLED
116 select MBEDTLS_CIPHER_MODE_CBC_ENABLED
Chaitanya Tata99e472b2023-11-02 22:21:13 +0530117 select MBEDTLS_ECP_C
118 select MBEDTLS_ECP_ALL_ENABLED
Tomi Fontanilles3efdbe62024-05-24 15:09:02 +0300119 select MBEDTLS_CMAC
Jukka Rissanenb03cb042024-04-22 17:29:12 +0300120 select MBEDTLS_PKCS5_C
121 select MBEDTLS_PK_WRITE_C
122 select MBEDTLS_ECDH_C
123 select MBEDTLS_ECDSA_C
124 select MBEDTLS_ECJPAKE_C
125 select MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
126 select MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
127 select MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
128 select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530129
Fengming Ye6f0c8362024-05-29 17:59:17 +0900130config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT
131 bool "Crypto Mbedtls alt support for WiFi"
132 select MBEDTLS
133 select MBEDTLS_CIPHER_MODE_CTR_ENABLED
134 select MBEDTLS_CIPHER_MODE_CBC_ENABLED
135 select MBEDTLS_ECP_C
136 select MBEDTLS_ECP_ALL_ENABLED
137 select MBEDTLS_CMAC
138 select MBEDTLS_PKCS5_C
139 select MBEDTLS_PK_WRITE_C
140 select MBEDTLS_ECDH_C
141 select MBEDTLS_ECDSA_C
142 select MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
143 select MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
144 select MBEDTLS_NIST_KW_C
145 select MBEDTLS_DHM_C
146 select MBEDTLS_HKDF_C
147 select MBEDTLS_SERVER_NAME_INDICATION
148 select MBEDTLS_X509_CRL_PARSE_C
149
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530150config WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
151 bool "No Crypto support for WiFi"
152
153endchoice
154
Fengming Yed3b3aa12024-05-29 18:09:41 +0900155config WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA
156 bool "Crypto Platform Secure Architecture support for WiFi"
157 default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT
158 help
159 Support Mbedtls 3.x to use PSA apis instead of legacy apis.
160
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530161config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
162 bool "Enterprise Crypto support for WiFi"
163 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
164
165config WIFI_NM_WPA_SUPPLICANT_WPA3
166 bool "WPA3 support"
167 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
168 default y
169
170config WIFI_NM_WPA_SUPPLICANT_AP
171 bool "AP mode support"
172
173config WIFI_NM_WPA_SUPPLICANT_WPS
174 bool "WPS support"
175 depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
176
177config WIFI_NM_WPA_SUPPLICANT_P2P
178 bool "P2P mode support"
179 select WIFI_NM_WPA_SUPPLICANT_AP
180 select WIFI_NM_WPA_SUPPLICANT_WPS
181
182config WIFI_NM_WPA_SUPPLICANT_EAPOL
Jukka Rissanen0e519132024-01-11 15:23:10 +0200183 bool "EAPoL supplicant"
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530184
185config WIFI_NM_WPA_SUPPLICANT_CLI
186 bool "CLI support for wpa_supplicant"
187 default n
188
189config WIFI_NM_WPA_SUPPLICANT_BSS_MAX_IDLE_TIME
190 int "BSS max idle timeout in seconds"
191 range 0 64000
192 default 300
193 help
194 BSS max idle timeout is the period for which AP may keep a client
195 in associated state while there is no traffic from that particular
196 client. Set 0 to disable inclusion of BSS max idle time tag in
197 association request. If a non-zero value is set, STA can suggest a
198 timeout by including BSS max idle period in the association request.
199 AP may choose to consider or ignore the STA's preferred value.
200 Ref: Sec 11.21.13 of IEEE Std 802.11â„¢-2020
201
202config WIFI_NM_WPA_SUPPLICANT_NO_DEBUG
203 bool "Disable printing of debug messages, saves code size significantly"
204
Fengming Ye271d7082024-05-29 18:13:18 +0900205
206config WIFI_NM_WPA_SUPPLICANT_DPP
207 bool "WFA Easy Connect DPP"
208 select DPP
209 select DPP2
210 select DPP3
211 select GAS
212 select GAS_SERVER
213 select OFFCHANNEL
214 select MBEDTLS_X509_CSR_WRITE_C
215 select MBEDTLS_X509_CSR_PARSE_C
216
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +0530217# Create hidden config options that are used in hostap. This way we do not need
218# to mark them as allowed for CI checks, and also someone else cannot use the
219# same name options.
220
221config SME
222 bool
223 default y
224
225config NO_CONFIG_WRITE
226 bool
227 default y
228
229config NO_CONFIG_BLOBS
230 bool
Fengming Yebdb07682024-05-29 18:18:01 +0900231 default y if !WIFI_NM_WPA_SUPPLICANT_DPP && !WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +0530232
233config CTRL_IFACE
234 bool
235 default y
236
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530237config CTRL_IFACE_ZEPHYR
238 bool
239 default y
240
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +0530241config NO_RANDOM_POOL
242 bool
243 default y
244
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530245config WNM
246 bool
247
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +0530248config NO_WPA
249 bool
Chaitanya Tatae2f47112023-09-18 15:48:45 +0530250 default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +0530251
252config NO_PBKDF2
253 bool
Fengming Yebdb07682024-05-29 18:18:01 +0900254 default y if WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +0530255
Jukka Rissanen1f79c112023-10-31 15:14:41 +0200256config SAE_PK
257 bool
258
259config FST
260 bool
261
262config TESTING_OPTIONS
263 bool
264
Jukka Rissanen0e519132024-01-11 15:23:10 +0200265config AP
266 bool
Jukka Rissanene648f0c2024-02-19 16:35:39 +0200267 depends on WIFI_NM_WPA_SUPPLICANT_AP
268 default y if WIFI_NM_WPA_SUPPLICANT_AP
Jukka Rissanen0e519132024-01-11 15:23:10 +0200269
270config NO_RADIUS
271 bool
272
273config NO_VLAN
274 bool
275
276config NO_ACCOUNTING
277 bool
278
279config NEED_AP_MLME
280 bool
281
282config IEEE80211AX
283 bool
284
285config EAP_SERVER
286 bool
287
288config EAP_SERVER_IDENTITY
289 bool
290
291config P2P
292 bool
293
294config GAS
295 bool
296
Fengming Ye271d7082024-05-29 18:13:18 +0900297config GAS_SERVER
298 bool
299
Jukka Rissanen0e519132024-01-11 15:23:10 +0200300config OFFCHANNEL
301 bool
302
303config WPS
304 bool
305
306config WSC
307 bool
308
309config EAP_TLS
310 bool
311
312config IEEE8021X_EAPOL
313 bool
314
315config EAP_PEAP
316 bool
317
318config EAP_TTLS
319 bool
320
321config EAP_MD5
322 bool
323
324config EAP_MSCHAPv2
325 bool
326
327config EAP_LEAP
328 bool
329
330config EAP_PSK
331 bool
332
333config EAP_FAST
334 bool
335
336config EAP_PAX
337 bool
338
339config EAP_SAKE
340 bool
341
342config EAP_GPSK
343 bool
344
345config EAP_PWD
346 bool
347
348config EAP_EKE
349 bool
350
351config EAP_IKEv2
352 bool
353
354config IEEE8021X_EAPOL
355 bool
356
357config CRYPTO_INTERNAL
358 bool
359
360config ECC
361 bool
362
363config MBO
364 bool
365
366config NO_STDOUT_DEBUG
367 bool
368
369config SAE
370 bool
371
372config SHA256
373 bool
374
375config SUITEB192
376 bool
377
378config WEP
379 bool
380 default y if WIFI_NM_WPA_SUPPLICANT_WEP
381
382config WPA_CLI
383 bool
384
385config WPA_CRYPTO
386 bool
387
388config WPA_SUPP_CRYPTO
389 bool
390
Jukka Rissanen5af390c2024-02-16 17:15:41 +0200391config ROBUST_AV
392 bool
393 default y
394 depends on WIFI_NM_WPA_SUPPLICANT_ROBUST_AV
395
396config RRM
397 bool
398 default y
399 depends on WIFI_NM_WPA_SUPPLICANT_RRM
400
401config WMM_AC
402 bool
403
Fengming Ye271d7082024-05-29 18:13:18 +0900404config DPP
405 bool
406
407config DPP2
408 bool
409
410config DPP3
411 bool
412
Chaitanya Tata873106f2024-03-20 02:18:18 +0530413config NW_SEL_RELIABILITY
414 bool
415 default y
416 depends on WIFI_NM_WPA_SUPPLICANT_NW_SEL_RELIABILITY
417
418choice WIFI_NM_WPA_SUPPLICANT_NW_SEL
419 prompt "WPA supplicant Network selection criterion"
420 default WIFI_NM_WPA_SUPPLICANT_NW_SEL_THROUGHPUT
421 help
422 Select the network selection method for the supplicant.
423
424config WIFI_NM_WPA_SUPPLICANT_NW_SEL_THROUGHPUT
425 bool "Throughput based network selection"
426 help
427 Select the network based on throughput.
428
429config WIFI_NM_WPA_SUPPLICANT_NW_SEL_RELIABILITY
430 bool "Reliability based network selection"
431 help
432 Select the network based on reliability.
433
434endchoice
435
Sridhar Nuvusettyab5821a2022-07-07 12:36:27 +0530436endif # WIFI_NM_WPA_SUPPLICANT