From e5c1a03e52dc23e194510a9f16d8739b40257290 Mon Sep 17 00:00:00 2001
From: Rahul Tank <rahul.tank@espressif.com>
Date: Tue, 14 May 2024 15:58:17 +0530
Subject: [PATCH] fix(nimble): Fixed BLE security vulnerability when using
 fixed IRK

---
 components/bt/host/nimble/Kconfig.in                   | 10 ++++++++++
 components/bt/host/nimble/nimble                       |  2 +-
 .../bt/host/nimble/port/include/esp_nimble_cfg.h       |  8 ++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/components/bt/host/nimble/Kconfig.in b/components/bt/host/nimble/Kconfig.in
index d02293a87a38..5bb08e5ac705 100644
--- a/components/bt/host/nimble/Kconfig.in
+++ b/components/bt/host/nimble/Kconfig.in
@@ -164,6 +164,16 @@ config BT_NIMBLE_NVS_PERSIST
     help
             Enable this flag to make bonding persistent across device reboots
 
+config BT_NIMBLE_SMP_ID_RESET
+    bool "Reset device identity when all bonding records are deleted"
+    default n
+    help
+        There are tracking risks associated with using a fixed or static IRK.
+        If enabled this option, Bluedroid will assign a new randomly-generated IRK
+        when all pairing and bonding records are deleted. This would decrease the ability
+        of a previously paired peer to be used to determine whether a device
+        with which it previously shared an IRK is within range.
+
 menuconfig BT_NIMBLE_SECURITY_ENABLE
     bool "Enable BLE SM feature"
     depends on BT_NIMBLE_ENABLED
diff --git a/components/bt/host/nimble/nimble b/components/bt/host/nimble/nimble
index ec9f21253ae5..46ae5865554f 160000
--- a/components/bt/host/nimble/nimble
+++ b/components/bt/host/nimble/nimble
@@ -1 +1 @@
-Subproject commit ec9f21253ae539b44855fed223bee52979a9d251
+Subproject commit 46ae5865554f2fd7df829b6b9b5ca24522b9ad76
diff --git a/components/bt/host/nimble/port/include/esp_nimble_cfg.h b/components/bt/host/nimble/port/include/esp_nimble_cfg.h
index d2fa3338866f..fc77f592f98a 100644
--- a/components/bt/host/nimble/port/include/esp_nimble_cfg.h
+++ b/components/bt/host/nimble/port/include/esp_nimble_cfg.h
@@ -892,6 +892,14 @@
 #define MYNEWT_VAL_BLE_SM_THEIR_KEY_DIST (0)
 #endif
 
+#ifndef MYNEWT_VAL_BLE_SMP_ID_RESET
+#ifdef CONFIG_BT_NIMBLE_SMP_ID_RESET
+#define MYNEWT_VAL_BLE_SMP_ID_RESET CONFIG_BT_NIMBLE_SMP_ID_RESET
+#else
+#define MYNEWT_VAL_BLE_SMP_ID_RESET (0)
+#endif
+#endif
+
 #ifndef MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS
 #define MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS (CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS)
 #endif