1/* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16syntax = "proto2"; 17option optimize_for = LITE_RUNTIME; 18package android.net; 19 20enum EventType { 21 EVENT_UNKNOWN = 0; 22 EVENT_GETADDRINFO = 1; 23 EVENT_GETHOSTBYNAME = 2; 24 EVENT_GETHOSTBYADDR = 3; 25 EVENT_RES_NSEND = 4; 26} 27 28// The return value of the DNS resolver for each DNS lookups. 29// bionic/libc/include/netdb.h 30// system/netd/resolv/include/netd_resolv/resolv.h 31enum ReturnCode { 32 RC_EAI_NO_ERROR = 0; 33 RC_EAI_ADDRFAMILY = 1; 34 RC_EAI_AGAIN = 2; 35 RC_EAI_BADFLAGS = 3; 36 RC_EAI_FAIL = 4; 37 RC_EAI_FAMILY = 5; 38 RC_EAI_MEMORY = 6; 39 RC_EAI_NODATA = 7; 40 RC_EAI_NONAME = 8; 41 RC_EAI_SERVICE = 9; 42 RC_EAI_SOCKTYPE = 10; 43 RC_EAI_SYSTEM = 11; 44 RC_EAI_BADHINTS = 12; 45 RC_EAI_PROTOCOL = 13; 46 RC_EAI_OVERFLOW = 14; 47 RC_RESOLV_INTERNAL_ERROR = 254; 48 RC_RESOLV_TIMEOUT = 255; 49 RC_EAI_MAX = 256; 50} 51 52enum NsRcode { 53 NS_R_NO_ERROR = 0; // No error occurred. 54 NS_R_FORMERR = 1; // Format error. 55 NS_R_SERVFAIL = 2; // Server failure. 56 NS_R_NXDOMAIN = 3; // Name error. 57 NS_R_NOTIMPL = 4; // Unimplemented. 58 NS_R_REFUSED = 5; // Operation refused. 59 // these are for BIND_UPDATE 60 NS_R_YXDOMAIN = 6; // Name exists 61 NS_R_YXRRSET = 7; // RRset exists 62 NS_R_NXRRSET = 8; // RRset does not exist 63 NS_R_NOTAUTH = 9; // Not authoritative for zone 64 NS_R_NOTZONE = 10; // Zone of record different from zone section 65 NS_R_MAX = 11; 66 // Define rcode=12~15(UNASSIGNED) in rcode enum type. 67 // Some DNS Servers might return undefined code to devices. 68 // Without the enum definition, that would be noise for our dashboard. 69 NS_R_UNASSIGNED12 = 12; // Unassigned 70 NS_R_UNASSIGNED13 = 13; // Unassigned 71 NS_R_UNASSIGNED14 = 14; // Unassigned 72 NS_R_UNASSIGNED15 = 15; // Unassigned 73 // The following are EDNS extended rcodes 74 NS_R_BADVERS = 16; 75 // The following are TSIG errors 76 // NS_R_BADSIG = 16, 77 NS_R_BADKEY = 17; 78 NS_R_BADTIME = 18; 79 NS_R_INTERNAL_ERROR = 254; 80 NS_R_TIMEOUT = 255; 81} 82 83// Currently defined type values for resources and queries. 84enum NsType { 85 NS_T_INVALID = 0; // Cookie. 86 NS_T_A = 1; // Host address. 87 NS_T_NS = 2; // Authoritative server. 88 NS_T_MD = 3; // Mail destination. 89 NS_T_MF = 4; // Mail forwarder. 90 NS_T_CNAME = 5; // Canonical name. 91 NS_T_SOA = 6; // Start of authority zone. 92 NS_T_MB = 7; // Mailbox domain name. 93 NS_T_MG = 8; // Mail group member. 94 NS_T_MR = 9; // Mail rename name. 95 NS_T_NULL = 10; // Null resource record. 96 NS_T_WKS = 11; // Well known service. 97 NS_T_PTR = 12; // Domain name pointer. 98 NS_T_HINFO = 13; // Host information. 99 NS_T_MINFO = 14; // Mailbox information. 100 NS_T_MX = 15; // Mail routing information. 101 NS_T_TXT = 16; // Text strings. 102 NS_T_RP = 17; // Responsible person. 103 NS_T_AFSDB = 18; // AFS cell database. 104 NS_T_X25 = 19; // X_25 calling address. 105 NS_T_ISDN = 20; // ISDN calling address. 106 NS_T_RT = 21; // Router. 107 NS_T_NSAP = 22; // NSAP address. 108 NS_T_NSAP_PTR = 23; // Reverse NSAP lookup (deprecated). 109 NS_T_SIG = 24; // Security signature. 110 NS_T_KEY = 25; // Security key. 111 NS_T_PX = 26; // X.400 mail mapping. 112 NS_T_GPOS = 27; // Geographical position (withdrawn). 113 NS_T_AAAA = 28; // IPv6 Address. 114 NS_T_LOC = 29; // Location Information. 115 NS_T_NXT = 30; // Next domain (security). 116 NS_T_EID = 31; // Endpoint identifier. 117 NS_T_NIMLOC = 32; // Nimrod Locator. 118 NS_T_SRV = 33; // Server Selection. 119 NS_T_ATMA = 34; // ATM Address 120 NS_T_NAPTR = 35; // Naming Authority PoinTeR 121 NS_T_KX = 36; // Key Exchange 122 NS_T_CERT = 37; // Certification record 123 NS_T_A6 = 38; // IPv6 address (experimental) 124 NS_T_DNAME = 39; // Non-terminal DNAME 125 NS_T_SINK = 40; // Kitchen sink (experimentatl) 126 NS_T_OPT = 41; // EDNS0 option (meta-RR) 127 NS_T_APL = 42; // Address prefix list (RFC 3123) 128 NS_T_DS = 43; // Delegation Signer 129 NS_T_SSHFP = 44; // SSH Fingerprint 130 NS_T_IPSECKEY = 45; // IPSEC Key 131 NS_T_RRSIG = 46; // RRset Signature 132 NS_T_NSEC = 47; // Negative security 133 NS_T_DNSKEY = 48; // DNS Key 134 NS_T_DHCID = 49; // Dynamic host configuratin identifier 135 NS_T_NSEC3 = 50; // Negative security type 3 136 NS_T_NSEC3PARAM = 51; // Negative security type 3 parameters 137 NS_T_HIP = 55; // Host Identity Protocol 138 NS_T_SPF = 99; // Sender Policy Framework 139 NS_T_TKEY = 249; // Transaction key 140 NS_T_TSIG = 250; // Transaction signature. 141 NS_T_IXFR = 251; // Incremental zone transfer. 142 NS_T_AXFR = 252; // Transfer zone of authority. 143 NS_T_MAILB = 253; // Transfer mailbox records. 144 NS_T_MAILA = 254; // Transfer mail agent records. 145 NS_T_ANY = 255; // Wildcard match. 146 NS_T_ZXFR = 256; // BIND-specific, nonstandard. 147 NS_T_DLV = 32769; // DNSSEC look-aside validatation. 148 NS_T_MAX = 65536; 149} 150 151enum IpVersion { 152 IV_UNKNOWN = 0; 153 IV_IPV4 = 1; 154 IV_IPV6 = 2; 155} 156 157enum Protocol { 158 PROTO_UNKNOWN = 0; 159 PROTO_UDP = 1; 160 PROTO_TCP = 2; 161 PROTO_DOT = 3; 162 PROTO_DOH = 4; 163 PROTO_MDNS = 5; 164} 165 166enum PrivateDnsModes { 167 PDM_UNKNOWN = 0; 168 PDM_OFF = 1; 169 PDM_OPPORTUNISTIC = 2; 170 PDM_STRICT = 3; 171} 172 173enum NetworkType { 174 NT_UNKNOWN = 0; 175 // Indicates this network uses a Cellular transport. 176 NT_CELLULAR = 1; 177 // Indicates this network uses a Wi-Fi transport. 178 NT_WIFI = 2; 179 // Indicates this network uses a Bluetooth transport. 180 NT_BLUETOOTH = 3; 181 // Indicates this network uses an Ethernet transport. 182 NT_ETHERNET = 4; 183 // Indicates this network uses a VPN transport. 184 NT_VPN = 5; 185 // Indicates this network uses a Wi-Fi Aware transport. 186 NT_WIFI_AWARE = 6; 187 // Indicates this network uses a LoWPAN transport. 188 NT_LOWPAN = 7; 189 // Indicates this network uses a Cellular+VPN transport. 190 NT_CELLULAR_VPN = 8; 191 // Indicates this network uses a Wi-Fi+VPN transport. 192 NT_WIFI_VPN = 9; 193 // Indicates this network uses a Bluetooth+VPN transport. 194 NT_BLUETOOTH_VPN = 10; 195 // Indicates this network uses an Ethernet+VPN transport. 196 NT_ETHERNET_VPN = 11; 197 // Indicates this network uses a Wi-Fi+Cellular+VPN transport. 198 NT_WIFI_CELLULAR_VPN = 12; 199 // Indicates this network uses an Satellite transport. 200 NT_SATELLITE = 13; 201} 202 203enum CacheStatus{ 204 // the cache can't handle that kind of queries. 205 // or the answer buffer is too small. 206 CS_UNSUPPORTED = 0; 207 // the cache doesn't know about this query. 208 CS_NOTFOUND = 1; 209 // the cache found the answer. 210 CS_FOUND = 2; 211 // Don't do anything on cache. 212 CS_SKIP = 3; 213} 214 215// The enum LinuxErrno is defined in the following 2 files. 216// 1. bionic/libc/kernel/uapi/asm-generic/errno-base.h 217// 2. bionic/libc/kernel/uapi/asm-generic/errno.h 218enum LinuxErrno { 219 SYS_NO_ERROR = 0; 220 SYS_EPERM = 1; // Not super-user 221 SYS_ENOENT = 2; // No such file or directory 222 SYS_ESRCH = 3; // No such process 223 SYS_EINTR = 4; // Interrupted system call 224 SYS_EIO = 5; // I/O error 225 SYS_ENXIO = 6; // No such device or address 226 SYS_E2BIG = 7; // Arg list too long 227 SYS_ENOEXEC = 8; // Exec format error 228 SYS_EBADF = 9; // Bad file number 229 SYS_ECHILD = 10; // No children 230 SYS_EAGAIN = 11; // No more processes 231 SYS_ENOMEM = 12; // Not enough core 232 SYS_EACCES = 13; // Permission denied 233 SYS_EFAULT = 14; // Bad address 234 SYS_ENOTBLK = 15; // Block device required 235 SYS_EBUSY = 16; // Mount device busy 236 SYS_EEXIST = 17; // File exists 237 SYS_EXDEV = 18; // Cross-device link 238 SYS_ENODEV = 19; // No such device 239 SYS_ENOTDIR = 20; // Not a directory 240 SYS_EISDIR = 21; // Is a directory 241 SYS_EINVAL = 22; // Invalid argument 242 SYS_ENFILE = 23; // Too many open files in system 243 SYS_EMFILE = 24; // Too many open files 244 SYS_ENOTTY = 25; // Not a typewriter 245 SYS_ETXTBSY = 26; // Text file busy 246 SYS_EFBIG = 27; // File too large 247 SYS_ENOSPC = 28; // No space left on device 248 SYS_ESPIPE = 29; // Illegal seek 249 SYS_EROFS = 30; // Read only file system 250 SYS_EMLINK = 31; // Too many links 251 SYS_EPIPE = 32; // Broken pipe 252 SYS_EDOM = 33; // Math arg out of domain of func 253 SYS_ERANGE = 34; // Math result not representable 254 SYS_EDEADLOCK = 35; // File locking deadlock error 255 SYS_ENAMETOOLONG = 36; // File or path name too long 256 SYS_ENOLCK = 37; // No record locks available 257 SYS_ENOSYS = 38; // Function not implemented 258 SYS_ENOTEMPTY = 39; // Directory not empty 259 SYS_ELOOP = 40; // Too many symbolic links 260 SYS_ENOMSG = 42; // No message of desired type 261 SYS_EIDRM = 43; // Identifier removed 262 SYS_ECHRNG = 44; // Channel number out of range 263 SYS_EL2NSYNC = 45; // Level 2 not synchronized 264 SYS_EL3HLT = 46; // Level 3 halted 265 SYS_EL3RST = 47; // Level 3 reset 266 SYS_ELNRNG = 48; // Link number out of range 267 SYS_EUNATCH = 49; // rotocol driver not attached 268 SYS_ENOCSI = 50; // No CSI structure available 269 SYS_EL2HLT = 51; // Level 2 halted 270 SYS_EBADE = 52; // Invalid exchange 271 SYS_EBADR = 53; // Invalid request descriptor 272 SYS_EXFULL = 54; // Exchange full 273 SYS_ENOANO = 55; // No anode 274 SYS_EBADRQC = 56; // Invalid request code 275 SYS_EBADSLT = 57; // Invalid slot 276 SYS_EBFONT = 59; // Bad font file fmt 277 SYS_ENOSTR = 60; // Device not a stream 278 SYS_ENODATA = 61; // No data (for no delay io) 279 SYS_ETIME = 62; // Timer expired 280 SYS_ENOSR = 63; // Out of streams resources 281 SYS_ENONET = 64; // Machine is not on the network 282 SYS_ENOPKG = 65; // Package not installed 283 SYS_EREMOTE = 66; // The object is remote 284 SYS_ENOLINK = 67; // The link has been severed 285 SYS_EADV = 68; // Advertise error 286 SYS_ESRMNT = 69; // Srmount error 287 SYS_ECOMM = 70; // Communication error on send 288 SYS_EPROTO = 71; // Protocol error 289 SYS_EMULTIHOP = 72; // Multihop attempted 290 SYS_EDOTDOT = 73; // Cross mount point (not really error) 291 SYS_EBADMSG = 74; // Trying to read unreadable message 292 SYS_EOVERFLOW = 75; // Value too large for defined data type 293 SYS_ENOTUNIQ = 76; // Given log. name not unique 294 SYS_EBADFD = 77; // f.d. invalid for this operation 295 SYS_EREMCHG = 78; // Remote address changed 296 SYS_ELIBACC = 79; // Can't access a needed shared lib 297 SYS_ELIBBAD = 80; // Accessing a corrupted shared lib 298 SYS_ELIBSCN = 81; // .lib section in a.out corrupted 299 SYS_ELIBMAX = 82; // Attempting to link in too many libs 300 SYS_ELIBEXEC = 83; // Attempting to exec a shared library 301 SYS_EILSEQ = 84; 302 SYS_ERESTART = 85; 303 SYS_ESTRPIPE = 86; 304 SYS_EUSERS = 87; 305 SYS_ENOTSOCK = 88; // Socket operation on non-socket 306 SYS_EDESTADDRREQ = 89; // Destination address required 307 SYS_EMSGSIZE = 90; // Message too long 308 SYS_EPROTOTYPE = 91; // Protocol wrong type for socket 309 SYS_ENOPROTOOPT = 92; // Protocol not available 310 SYS_EPROTONOSUPPORT = 93; // Unknown protocol 311 SYS_ESOCKTNOSUPPORT = 94; // Socket type not supported 312 SYS_EOPNOTSUPP = 95; // Operation not supported on transport endpoint 313 SYS_EPFNOSUPPORT = 96; // Protocol family not supported 314 SYS_EAFNOSUPPORT = 97; // Address family not supported by protocol family 315 SYS_EADDRINUSE = 98; // Address already in use 316 SYS_EADDRNOTAVAIL = 99; // Address not available 317 SYS_ENETDOWN = 100; // Network interface is not configured 318 SYS_ENETUNREACH = 101; // Network is unreachable 319 SYS_ENETRESET = 102; 320 SYS_ECONNABORTED = 103; // Connection aborted 321 SYS_ECONNRESET = 104; // Connection reset by peer 322 SYS_ENOBUFS = 105; // No buffer space available 323 SYS_EISCONN = 106; // Socket is already connected 324 SYS_ENOTCONN = 107; // Socket is not connected 325 SYS_ESHUTDOWN = 108; // Can't send after socket shutdown 326 SYS_ETOOMANYREFS = 109; 327 SYS_ETIMEDOUT = 110; // Connection timed out 328 SYS_ECONNREFUSED = 111; // Connection refused 329 SYS_EHOSTDOWN = 112; // Host is down 330 SYS_EHOSTUNREACH = 113; // Host is unreachable 331 SYS_EALREADY = 114; // Socket already connected 332 SYS_EINPROGRESS = 115; // Connection already in progress 333 SYS_ESTALE = 116; 334 SYS_EUCLEAN = 117; 335 SYS_ENOTNAM = 118; 336 SYS_ENAVAIL = 119; 337 SYS_EISNAM = 120; 338 SYS_EREMOTEIO = 121; 339 SYS_EDQUOT = 122; 340 SYS_ENOMEDIUM = 123; // No medium (in tape drive) 341 SYS_EMEDIUMTYPE = 124; 342 SYS_ECANCELED = 125; 343 SYS_ENOKEY = 126; 344 SYS_EKEYEXPIRED = 127; 345 SYS_EKEYREVOKED = 128; 346 SYS_EKEYREJECTED = 129; 347 SYS_EOWNERDEAD = 130; 348 SYS_ENOTRECOVERABLE = 131; 349 SYS_ERFKILL = 132; 350 SYS_EHWPOISON = 133; 351} 352 353message DnsQueryEvent { 354 optional NsRcode rcode = 1; 355 356 optional NsType type = 2; 357 358 optional CacheStatus cache_hit = 3; 359 360 optional IpVersion ip_version = 4; 361 362 optional Protocol protocol = 5; 363 364 // Number of DNS query retry times 365 optional int32 retry_times = 6; 366 367 // Ordinal number of name server. 368 optional int32 dns_server_index = 7; 369 370 // Used only by TCP and DOT. True for new connections. 371 optional bool connected = 8; 372 373 optional int32 latency_micros = 9; 374 375 optional LinuxErrno linux_errno = 10; 376} 377 378message DnsQueryEvents { 379 repeated DnsQueryEvent dns_query_event = 1; 380} 381 382/** 383 * Logs a DNS lookup operation initiated by the system resolver on behalf of an application 384 * invoking native APIs such as getaddrinfo() or Java APIs such as Network#getAllByName(). 385 * 386 * The NetworkDnsEventReported message represents the entire lookup operation, which may 387 * result one or more queries to the recursive DNS resolvers. Those are individually logged 388 * in DnsQueryEvents to enable computing error rates and network latency and timeouts 389 * broken up by query type, transport, network interface, etc. 390 */ 391message NetworkDnsEventReported { 392 optional EventType event_type = 1; 393 394 optional ReturnCode return_code = 2; 395 396 // The latency in microseconds of the entire DNS lookup operation. 397 optional int32 latency_micros = 3; 398 399 // Only valid for event_type = EVENT_GETADDRINFO. 400 optional int32 hints_ai_flags = 4; 401 402 // Flags passed to android_res_nsend() defined in multinetwork.h 403 // Only valid for event_type = EVENT_RESNSEND. 404 optional int32 res_nsend_flags = 5; 405 406 optional NetworkType network_type = 6; 407 408 // The DNS over TLS mode on a specific netId. 409 optional PrivateDnsModes private_dns_modes = 7; 410 411 // Additional pass-through fields opaque to statsd. 412 // The DNS resolver Mainline module can add new fields here without requiring an OS update. 413 optional DnsQueryEvents dns_query_events = 8; 414 415 // The sample rate of DNS stats (to statsd) is 1/sampling_rate_denom. 416 optional int32 sampling_rate_denom = 9; 417 418 // UID sends the DNS query. 419 optional int32 uid = 10; 420} 421 422enum HandshakeResult { 423 HR_UNKNOWN = 0; 424 HR_SUCCESS = 1; 425 HR_TIMEOUT = 2; 426 HR_TLS_FAIL = 3; 427 HR_SERVER_UNREACHABLE = 4; 428} 429 430enum HandshakeCause { 431 HC_UNKNOWN = 0; 432 HC_SERVER_PROBE = 1; 433 HC_RECONNECT_AFTER_IDLE = 2; 434 HC_RETRY_AFTER_ERROR = 3; 435} 436 437/** 438 * The NetworkDnsHandshakeReported message describes a DoT or DoH handshake operation along with 439 * its result, cause, network latency, TLS version, etc. 440 * 441 */ 442message NetworkDnsHandshakeReported { 443 optional Protocol protocol = 1; 444 445 optional HandshakeResult result = 2; 446 447 optional HandshakeCause cause = 3; 448 449 optional NetworkType network_type = 4; 450 451 optional PrivateDnsModes private_dns_mode = 5; 452 453 // The latency in microseconds of the entire handshake operation. 454 optional int32 latency_micros = 6; 455 456 // Number of bytes sent in a handshake. 457 optional int32 bytes_sent = 7; 458 459 // Number of bytes received in a handshake. 460 optional int32 bytes_received = 8; 461 462 // Number of round-trips. 463 optional int32 round_trips = 9; 464 465 // True if TLS session cache hit. 466 optional bool tls_session_cache_hit = 10; 467 468 // 2 = TLS 1.2, 3 = TLS 1.3 469 optional int32 tls_version = 11; 470 471 // True if the handshake requires verifying the private DNS provider hostname. 472 optional bool hostname_verification = 12; 473 474 // Only present when protocol = PROTO_DOH. 475 optional int32 quic_version = 13; 476 477 optional int32 server_index = 14; 478 479 // The sampling-rate of this event is 1/sampling_rate_denom. 480 optional int32 sampling_rate_denom = 15; 481} 482 483/** 484 * logs the number of DNS servers supported by the protocol 485 */ 486message NetworkDnsServerSupportReported { 487 // The network type of the network 488 optional NetworkType network_type = 1; 489 490 // The private DNS mode of the network 491 optional PrivateDnsModes private_dns_modes = 2; 492 493 // Stores the state of all DNS servers for this network 494 optional Servers servers = 3; 495} 496 497message Servers { 498 repeated Server server = 1; 499} 500 501message Server { 502 optional Protocol protocol = 1; 503 504 // The order of the dns server in the network 505 optional int32 index = 2; 506 507 // The validation status of the DNS server in the network 508 optional bool validated = 3; 509} 510