/* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ syntax = "proto2"; option optimize_for = LITE_RUNTIME; package android.net; enum EventType { EVENT_UNKNOWN = 0; EVENT_GETADDRINFO = 1; EVENT_GETHOSTBYNAME = 2; EVENT_GETHOSTBYADDR = 3; EVENT_RES_NSEND = 4; } // The return value of the DNS resolver for each DNS lookups. // bionic/libc/include/netdb.h // system/netd/resolv/include/netd_resolv/resolv.h enum ReturnCode { RC_EAI_NO_ERROR = 0; RC_EAI_ADDRFAMILY = 1; RC_EAI_AGAIN = 2; RC_EAI_BADFLAGS = 3; RC_EAI_FAIL = 4; RC_EAI_FAMILY = 5; RC_EAI_MEMORY = 6; RC_EAI_NODATA = 7; RC_EAI_NONAME = 8; RC_EAI_SERVICE = 9; RC_EAI_SOCKTYPE = 10; RC_EAI_SYSTEM = 11; RC_EAI_BADHINTS = 12; RC_EAI_PROTOCOL = 13; RC_EAI_OVERFLOW = 14; RC_RESOLV_INTERNAL_ERROR = 254; RC_RESOLV_TIMEOUT = 255; RC_EAI_MAX = 256; } enum NsRcode { NS_R_NO_ERROR = 0; // No error occurred. NS_R_FORMERR = 1; // Format error. NS_R_SERVFAIL = 2; // Server failure. NS_R_NXDOMAIN = 3; // Name error. NS_R_NOTIMPL = 4; // Unimplemented. NS_R_REFUSED = 5; // Operation refused. // these are for BIND_UPDATE NS_R_YXDOMAIN = 6; // Name exists NS_R_YXRRSET = 7; // RRset exists NS_R_NXRRSET = 8; // RRset does not exist NS_R_NOTAUTH = 9; // Not authoritative for zone NS_R_NOTZONE = 10; // Zone of record different from zone section NS_R_MAX = 11; // Define rcode=12~15(UNASSIGNED) in rcode enum type. // Some DNS Servers might return undefined code to devices. // Without the enum definition, that would be noise for our dashboard. NS_R_UNASSIGNED12 = 12; // Unassigned NS_R_UNASSIGNED13 = 13; // Unassigned NS_R_UNASSIGNED14 = 14; // Unassigned NS_R_UNASSIGNED15 = 15; // Unassigned // The following are EDNS extended rcodes NS_R_BADVERS = 16; // The following are TSIG errors // NS_R_BADSIG = 16, NS_R_BADKEY = 17; NS_R_BADTIME = 18; NS_R_INTERNAL_ERROR = 254; NS_R_TIMEOUT = 255; } // Currently defined type values for resources and queries. enum NsType { NS_T_INVALID = 0; // Cookie. NS_T_A = 1; // Host address. NS_T_NS = 2; // Authoritative server. NS_T_MD = 3; // Mail destination. NS_T_MF = 4; // Mail forwarder. NS_T_CNAME = 5; // Canonical name. NS_T_SOA = 6; // Start of authority zone. NS_T_MB = 7; // Mailbox domain name. NS_T_MG = 8; // Mail group member. NS_T_MR = 9; // Mail rename name. NS_T_NULL = 10; // Null resource record. NS_T_WKS = 11; // Well known service. NS_T_PTR = 12; // Domain name pointer. NS_T_HINFO = 13; // Host information. NS_T_MINFO = 14; // Mailbox information. NS_T_MX = 15; // Mail routing information. NS_T_TXT = 16; // Text strings. NS_T_RP = 17; // Responsible person. NS_T_AFSDB = 18; // AFS cell database. NS_T_X25 = 19; // X_25 calling address. NS_T_ISDN = 20; // ISDN calling address. NS_T_RT = 21; // Router. NS_T_NSAP = 22; // NSAP address. NS_T_NSAP_PTR = 23; // Reverse NSAP lookup (deprecated). NS_T_SIG = 24; // Security signature. NS_T_KEY = 25; // Security key. NS_T_PX = 26; // X.400 mail mapping. NS_T_GPOS = 27; // Geographical position (withdrawn). NS_T_AAAA = 28; // IPv6 Address. NS_T_LOC = 29; // Location Information. NS_T_NXT = 30; // Next domain (security). NS_T_EID = 31; // Endpoint identifier. NS_T_NIMLOC = 32; // Nimrod Locator. NS_T_SRV = 33; // Server Selection. NS_T_ATMA = 34; // ATM Address NS_T_NAPTR = 35; // Naming Authority PoinTeR NS_T_KX = 36; // Key Exchange NS_T_CERT = 37; // Certification record NS_T_A6 = 38; // IPv6 address (experimental) NS_T_DNAME = 39; // Non-terminal DNAME NS_T_SINK = 40; // Kitchen sink (experimentatl) NS_T_OPT = 41; // EDNS0 option (meta-RR) NS_T_APL = 42; // Address prefix list (RFC 3123) NS_T_DS = 43; // Delegation Signer NS_T_SSHFP = 44; // SSH Fingerprint NS_T_IPSECKEY = 45; // IPSEC Key NS_T_RRSIG = 46; // RRset Signature NS_T_NSEC = 47; // Negative security NS_T_DNSKEY = 48; // DNS Key NS_T_DHCID = 49; // Dynamic host configuratin identifier NS_T_NSEC3 = 50; // Negative security type 3 NS_T_NSEC3PARAM = 51; // Negative security type 3 parameters NS_T_HIP = 55; // Host Identity Protocol NS_T_SPF = 99; // Sender Policy Framework NS_T_TKEY = 249; // Transaction key NS_T_TSIG = 250; // Transaction signature. NS_T_IXFR = 251; // Incremental zone transfer. NS_T_AXFR = 252; // Transfer zone of authority. NS_T_MAILB = 253; // Transfer mailbox records. NS_T_MAILA = 254; // Transfer mail agent records. NS_T_ANY = 255; // Wildcard match. NS_T_ZXFR = 256; // BIND-specific, nonstandard. NS_T_DLV = 32769; // DNSSEC look-aside validatation. NS_T_MAX = 65536; } enum IpVersion { IV_UNKNOWN = 0; IV_IPV4 = 1; IV_IPV6 = 2; } enum Protocol { PROTO_UNKNOWN = 0; PROTO_UDP = 1; PROTO_TCP = 2; PROTO_DOT = 3; PROTO_DOH = 4; PROTO_MDNS = 5; } enum PrivateDnsModes { PDM_UNKNOWN = 0; PDM_OFF = 1; PDM_OPPORTUNISTIC = 2; PDM_STRICT = 3; } enum NetworkType { NT_UNKNOWN = 0; // Indicates this network uses a Cellular transport. NT_CELLULAR = 1; // Indicates this network uses a Wi-Fi transport. NT_WIFI = 2; // Indicates this network uses a Bluetooth transport. NT_BLUETOOTH = 3; // Indicates this network uses an Ethernet transport. NT_ETHERNET = 4; // Indicates this network uses a VPN transport. NT_VPN = 5; // Indicates this network uses a Wi-Fi Aware transport. NT_WIFI_AWARE = 6; // Indicates this network uses a LoWPAN transport. NT_LOWPAN = 7; // Indicates this network uses a Cellular+VPN transport. NT_CELLULAR_VPN = 8; // Indicates this network uses a Wi-Fi+VPN transport. NT_WIFI_VPN = 9; // Indicates this network uses a Bluetooth+VPN transport. NT_BLUETOOTH_VPN = 10; // Indicates this network uses an Ethernet+VPN transport. NT_ETHERNET_VPN = 11; // Indicates this network uses a Wi-Fi+Cellular+VPN transport. NT_WIFI_CELLULAR_VPN = 12; // Indicates this network uses an Satellite transport. NT_SATELLITE = 13; } enum CacheStatus{ // the cache can't handle that kind of queries. // or the answer buffer is too small. CS_UNSUPPORTED = 0; // the cache doesn't know about this query. CS_NOTFOUND = 1; // the cache found the answer. CS_FOUND = 2; // Don't do anything on cache. CS_SKIP = 3; } // The enum LinuxErrno is defined in the following 2 files. // 1. bionic/libc/kernel/uapi/asm-generic/errno-base.h // 2. bionic/libc/kernel/uapi/asm-generic/errno.h enum LinuxErrno { SYS_NO_ERROR = 0; SYS_EPERM = 1; // Not super-user SYS_ENOENT = 2; // No such file or directory SYS_ESRCH = 3; // No such process SYS_EINTR = 4; // Interrupted system call SYS_EIO = 5; // I/O error SYS_ENXIO = 6; // No such device or address SYS_E2BIG = 7; // Arg list too long SYS_ENOEXEC = 8; // Exec format error SYS_EBADF = 9; // Bad file number SYS_ECHILD = 10; // No children SYS_EAGAIN = 11; // No more processes SYS_ENOMEM = 12; // Not enough core SYS_EACCES = 13; // Permission denied SYS_EFAULT = 14; // Bad address SYS_ENOTBLK = 15; // Block device required SYS_EBUSY = 16; // Mount device busy SYS_EEXIST = 17; // File exists SYS_EXDEV = 18; // Cross-device link SYS_ENODEV = 19; // No such device SYS_ENOTDIR = 20; // Not a directory SYS_EISDIR = 21; // Is a directory SYS_EINVAL = 22; // Invalid argument SYS_ENFILE = 23; // Too many open files in system SYS_EMFILE = 24; // Too many open files SYS_ENOTTY = 25; // Not a typewriter SYS_ETXTBSY = 26; // Text file busy SYS_EFBIG = 27; // File too large SYS_ENOSPC = 28; // No space left on device SYS_ESPIPE = 29; // Illegal seek SYS_EROFS = 30; // Read only file system SYS_EMLINK = 31; // Too many links SYS_EPIPE = 32; // Broken pipe SYS_EDOM = 33; // Math arg out of domain of func SYS_ERANGE = 34; // Math result not representable SYS_EDEADLOCK = 35; // File locking deadlock error SYS_ENAMETOOLONG = 36; // File or path name too long SYS_ENOLCK = 37; // No record locks available SYS_ENOSYS = 38; // Function not implemented SYS_ENOTEMPTY = 39; // Directory not empty SYS_ELOOP = 40; // Too many symbolic links SYS_ENOMSG = 42; // No message of desired type SYS_EIDRM = 43; // Identifier removed SYS_ECHRNG = 44; // Channel number out of range SYS_EL2NSYNC = 45; // Level 2 not synchronized SYS_EL3HLT = 46; // Level 3 halted SYS_EL3RST = 47; // Level 3 reset SYS_ELNRNG = 48; // Link number out of range SYS_EUNATCH = 49; // rotocol driver not attached SYS_ENOCSI = 50; // No CSI structure available SYS_EL2HLT = 51; // Level 2 halted SYS_EBADE = 52; // Invalid exchange SYS_EBADR = 53; // Invalid request descriptor SYS_EXFULL = 54; // Exchange full SYS_ENOANO = 55; // No anode SYS_EBADRQC = 56; // Invalid request code SYS_EBADSLT = 57; // Invalid slot SYS_EBFONT = 59; // Bad font file fmt SYS_ENOSTR = 60; // Device not a stream SYS_ENODATA = 61; // No data (for no delay io) SYS_ETIME = 62; // Timer expired SYS_ENOSR = 63; // Out of streams resources SYS_ENONET = 64; // Machine is not on the network SYS_ENOPKG = 65; // Package not installed SYS_EREMOTE = 66; // The object is remote SYS_ENOLINK = 67; // The link has been severed SYS_EADV = 68; // Advertise error SYS_ESRMNT = 69; // Srmount error SYS_ECOMM = 70; // Communication error on send SYS_EPROTO = 71; // Protocol error SYS_EMULTIHOP = 72; // Multihop attempted SYS_EDOTDOT = 73; // Cross mount point (not really error) SYS_EBADMSG = 74; // Trying to read unreadable message SYS_EOVERFLOW = 75; // Value too large for defined data type SYS_ENOTUNIQ = 76; // Given log. name not unique SYS_EBADFD = 77; // f.d. invalid for this operation SYS_EREMCHG = 78; // Remote address changed SYS_ELIBACC = 79; // Can't access a needed shared lib SYS_ELIBBAD = 80; // Accessing a corrupted shared lib SYS_ELIBSCN = 81; // .lib section in a.out corrupted SYS_ELIBMAX = 82; // Attempting to link in too many libs SYS_ELIBEXEC = 83; // Attempting to exec a shared library SYS_EILSEQ = 84; SYS_ERESTART = 85; SYS_ESTRPIPE = 86; SYS_EUSERS = 87; SYS_ENOTSOCK = 88; // Socket operation on non-socket SYS_EDESTADDRREQ = 89; // Destination address required SYS_EMSGSIZE = 90; // Message too long SYS_EPROTOTYPE = 91; // Protocol wrong type for socket SYS_ENOPROTOOPT = 92; // Protocol not available SYS_EPROTONOSUPPORT = 93; // Unknown protocol SYS_ESOCKTNOSUPPORT = 94; // Socket type not supported SYS_EOPNOTSUPP = 95; // Operation not supported on transport endpoint SYS_EPFNOSUPPORT = 96; // Protocol family not supported SYS_EAFNOSUPPORT = 97; // Address family not supported by protocol family SYS_EADDRINUSE = 98; // Address already in use SYS_EADDRNOTAVAIL = 99; // Address not available SYS_ENETDOWN = 100; // Network interface is not configured SYS_ENETUNREACH = 101; // Network is unreachable SYS_ENETRESET = 102; SYS_ECONNABORTED = 103; // Connection aborted SYS_ECONNRESET = 104; // Connection reset by peer SYS_ENOBUFS = 105; // No buffer space available SYS_EISCONN = 106; // Socket is already connected SYS_ENOTCONN = 107; // Socket is not connected SYS_ESHUTDOWN = 108; // Can't send after socket shutdown SYS_ETOOMANYREFS = 109; SYS_ETIMEDOUT = 110; // Connection timed out SYS_ECONNREFUSED = 111; // Connection refused SYS_EHOSTDOWN = 112; // Host is down SYS_EHOSTUNREACH = 113; // Host is unreachable SYS_EALREADY = 114; // Socket already connected SYS_EINPROGRESS = 115; // Connection already in progress SYS_ESTALE = 116; SYS_EUCLEAN = 117; SYS_ENOTNAM = 118; SYS_ENAVAIL = 119; SYS_EISNAM = 120; SYS_EREMOTEIO = 121; SYS_EDQUOT = 122; SYS_ENOMEDIUM = 123; // No medium (in tape drive) SYS_EMEDIUMTYPE = 124; SYS_ECANCELED = 125; SYS_ENOKEY = 126; SYS_EKEYEXPIRED = 127; SYS_EKEYREVOKED = 128; SYS_EKEYREJECTED = 129; SYS_EOWNERDEAD = 130; SYS_ENOTRECOVERABLE = 131; SYS_ERFKILL = 132; SYS_EHWPOISON = 133; } message DnsQueryEvent { optional NsRcode rcode = 1; optional NsType type = 2; optional CacheStatus cache_hit = 3; optional IpVersion ip_version = 4; optional Protocol protocol = 5; // Number of DNS query retry times optional int32 retry_times = 6; // Ordinal number of name server. optional int32 dns_server_index = 7; // Used only by TCP and DOT. True for new connections. optional bool connected = 8; optional int32 latency_micros = 9; optional LinuxErrno linux_errno = 10; } message DnsQueryEvents { repeated DnsQueryEvent dns_query_event = 1; } /** * Logs a DNS lookup operation initiated by the system resolver on behalf of an application * invoking native APIs such as getaddrinfo() or Java APIs such as Network#getAllByName(). * * The NetworkDnsEventReported message represents the entire lookup operation, which may * result one or more queries to the recursive DNS resolvers. Those are individually logged * in DnsQueryEvents to enable computing error rates and network latency and timeouts * broken up by query type, transport, network interface, etc. */ message NetworkDnsEventReported { optional EventType event_type = 1; optional ReturnCode return_code = 2; // The latency in microseconds of the entire DNS lookup operation. optional int32 latency_micros = 3; // Only valid for event_type = EVENT_GETADDRINFO. optional int32 hints_ai_flags = 4; // Flags passed to android_res_nsend() defined in multinetwork.h // Only valid for event_type = EVENT_RESNSEND. optional int32 res_nsend_flags = 5; optional NetworkType network_type = 6; // The DNS over TLS mode on a specific netId. optional PrivateDnsModes private_dns_modes = 7; // Additional pass-through fields opaque to statsd. // The DNS resolver Mainline module can add new fields here without requiring an OS update. optional DnsQueryEvents dns_query_events = 8; // The sample rate of DNS stats (to statsd) is 1/sampling_rate_denom. optional int32 sampling_rate_denom = 9; // UID sends the DNS query. optional int32 uid = 10; } enum HandshakeResult { HR_UNKNOWN = 0; HR_SUCCESS = 1; HR_TIMEOUT = 2; HR_TLS_FAIL = 3; HR_SERVER_UNREACHABLE = 4; } enum HandshakeCause { HC_UNKNOWN = 0; HC_SERVER_PROBE = 1; HC_RECONNECT_AFTER_IDLE = 2; HC_RETRY_AFTER_ERROR = 3; } /** * The NetworkDnsHandshakeReported message describes a DoT or DoH handshake operation along with * its result, cause, network latency, TLS version, etc. * */ message NetworkDnsHandshakeReported { optional Protocol protocol = 1; optional HandshakeResult result = 2; optional HandshakeCause cause = 3; optional NetworkType network_type = 4; optional PrivateDnsModes private_dns_mode = 5; // The latency in microseconds of the entire handshake operation. optional int32 latency_micros = 6; // Number of bytes sent in a handshake. optional int32 bytes_sent = 7; // Number of bytes received in a handshake. optional int32 bytes_received = 8; // Number of round-trips. optional int32 round_trips = 9; // True if TLS session cache hit. optional bool tls_session_cache_hit = 10; // 2 = TLS 1.2, 3 = TLS 1.3 optional int32 tls_version = 11; // True if the handshake requires verifying the private DNS provider hostname. optional bool hostname_verification = 12; // Only present when protocol = PROTO_DOH. optional int32 quic_version = 13; optional int32 server_index = 14; // The sampling-rate of this event is 1/sampling_rate_denom. optional int32 sampling_rate_denom = 15; } /** * logs the number of DNS servers supported by the protocol */ message NetworkDnsServerSupportReported { // The network type of the network optional NetworkType network_type = 1; // The private DNS mode of the network optional PrivateDnsModes private_dns_modes = 2; // Stores the state of all DNS servers for this network optional Servers servers = 3; } message Servers { repeated Server server = 1; } message Server { optional Protocol protocol = 1; // The order of the dns server in the network optional int32 index = 2; // The validation status of the DNS server in the network optional bool validated = 3; }