1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
|
/*
* Copyright (C) 2019 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package android.net;
enum EventType {
EVENT_UNKNOWN = 0;
EVENT_GETADDRINFO = 1;
EVENT_GETHOSTBYNAME = 2;
EVENT_GETHOSTBYADDR = 3;
EVENT_RES_NSEND = 4;
}
// The return value of the DNS resolver for each DNS lookups.
// bionic/libc/include/netdb.h
// system/netd/resolv/include/netd_resolv/resolv.h
enum ReturnCode {
RC_EAI_NO_ERROR = 0;
RC_EAI_ADDRFAMILY = 1;
RC_EAI_AGAIN = 2;
RC_EAI_BADFLAGS = 3;
RC_EAI_FAIL = 4;
RC_EAI_FAMILY = 5;
RC_EAI_MEMORY = 6;
RC_EAI_NODATA = 7;
RC_EAI_NONAME = 8;
RC_EAI_SERVICE = 9;
RC_EAI_SOCKTYPE = 10;
RC_EAI_SYSTEM = 11;
RC_EAI_BADHINTS = 12;
RC_EAI_PROTOCOL = 13;
RC_EAI_OVERFLOW = 14;
RC_RESOLV_INTERNAL_ERROR = 254;
RC_RESOLV_TIMEOUT = 255;
RC_EAI_MAX = 256;
}
enum NsRcode {
NS_R_NO_ERROR = 0; // No error occurred.
NS_R_FORMERR = 1; // Format error.
NS_R_SERVFAIL = 2; // Server failure.
NS_R_NXDOMAIN = 3; // Name error.
NS_R_NOTIMPL = 4; // Unimplemented.
NS_R_REFUSED = 5; // Operation refused.
// these are for BIND_UPDATE
NS_R_YXDOMAIN = 6; // Name exists
NS_R_YXRRSET = 7; // RRset exists
NS_R_NXRRSET = 8; // RRset does not exist
NS_R_NOTAUTH = 9; // Not authoritative for zone
NS_R_NOTZONE = 10; // Zone of record different from zone section
NS_R_MAX = 11;
// Define rcode=12~15(UNASSIGNED) in rcode enum type.
// Some DNS Servers might return undefined code to devices.
// Without the enum definition, that would be noise for our dashboard.
NS_R_UNASSIGNED12 = 12; // Unassigned
NS_R_UNASSIGNED13 = 13; // Unassigned
NS_R_UNASSIGNED14 = 14; // Unassigned
NS_R_UNASSIGNED15 = 15; // Unassigned
// The following are EDNS extended rcodes
NS_R_BADVERS = 16;
// The following are TSIG errors
// NS_R_BADSIG = 16,
NS_R_BADKEY = 17;
NS_R_BADTIME = 18;
NS_R_INTERNAL_ERROR = 254;
NS_R_TIMEOUT = 255;
}
// Currently defined type values for resources and queries.
enum NsType {
NS_T_INVALID = 0; // Cookie.
NS_T_A = 1; // Host address.
NS_T_NS = 2; // Authoritative server.
NS_T_MD = 3; // Mail destination.
NS_T_MF = 4; // Mail forwarder.
NS_T_CNAME = 5; // Canonical name.
NS_T_SOA = 6; // Start of authority zone.
NS_T_MB = 7; // Mailbox domain name.
NS_T_MG = 8; // Mail group member.
NS_T_MR = 9; // Mail rename name.
NS_T_NULL = 10; // Null resource record.
NS_T_WKS = 11; // Well known service.
NS_T_PTR = 12; // Domain name pointer.
NS_T_HINFO = 13; // Host information.
NS_T_MINFO = 14; // Mailbox information.
NS_T_MX = 15; // Mail routing information.
NS_T_TXT = 16; // Text strings.
NS_T_RP = 17; // Responsible person.
NS_T_AFSDB = 18; // AFS cell database.
NS_T_X25 = 19; // X_25 calling address.
NS_T_ISDN = 20; // ISDN calling address.
NS_T_RT = 21; // Router.
NS_T_NSAP = 22; // NSAP address.
NS_T_NSAP_PTR = 23; // Reverse NSAP lookup (deprecated).
NS_T_SIG = 24; // Security signature.
NS_T_KEY = 25; // Security key.
NS_T_PX = 26; // X.400 mail mapping.
NS_T_GPOS = 27; // Geographical position (withdrawn).
NS_T_AAAA = 28; // IPv6 Address.
NS_T_LOC = 29; // Location Information.
NS_T_NXT = 30; // Next domain (security).
NS_T_EID = 31; // Endpoint identifier.
NS_T_NIMLOC = 32; // Nimrod Locator.
NS_T_SRV = 33; // Server Selection.
NS_T_ATMA = 34; // ATM Address
NS_T_NAPTR = 35; // Naming Authority PoinTeR
NS_T_KX = 36; // Key Exchange
NS_T_CERT = 37; // Certification record
NS_T_A6 = 38; // IPv6 address (experimental)
NS_T_DNAME = 39; // Non-terminal DNAME
NS_T_SINK = 40; // Kitchen sink (experimentatl)
NS_T_OPT = 41; // EDNS0 option (meta-RR)
NS_T_APL = 42; // Address prefix list (RFC 3123)
NS_T_DS = 43; // Delegation Signer
NS_T_SSHFP = 44; // SSH Fingerprint
NS_T_IPSECKEY = 45; // IPSEC Key
NS_T_RRSIG = 46; // RRset Signature
NS_T_NSEC = 47; // Negative security
NS_T_DNSKEY = 48; // DNS Key
NS_T_DHCID = 49; // Dynamic host configuratin identifier
NS_T_NSEC3 = 50; // Negative security type 3
NS_T_NSEC3PARAM = 51; // Negative security type 3 parameters
NS_T_HIP = 55; // Host Identity Protocol
NS_T_SPF = 99; // Sender Policy Framework
NS_T_TKEY = 249; // Transaction key
NS_T_TSIG = 250; // Transaction signature.
NS_T_IXFR = 251; // Incremental zone transfer.
NS_T_AXFR = 252; // Transfer zone of authority.
NS_T_MAILB = 253; // Transfer mailbox records.
NS_T_MAILA = 254; // Transfer mail agent records.
NS_T_ANY = 255; // Wildcard match.
NS_T_ZXFR = 256; // BIND-specific, nonstandard.
NS_T_DLV = 32769; // DNSSEC look-aside validatation.
NS_T_MAX = 65536;
}
enum IpVersion {
IV_UNKNOWN = 0;
IV_IPV4 = 1;
IV_IPV6 = 2;
}
enum Protocol {
PROTO_UNKNOWN = 0;
PROTO_UDP = 1;
PROTO_TCP = 2;
PROTO_DOT = 3;
PROTO_DOH = 4;
PROTO_MDNS = 5;
}
enum PrivateDnsModes {
PDM_UNKNOWN = 0;
PDM_OFF = 1;
PDM_OPPORTUNISTIC = 2;
PDM_STRICT = 3;
}
enum NetworkType {
NT_UNKNOWN = 0;
// Indicates this network uses a Cellular transport.
NT_CELLULAR = 1;
// Indicates this network uses a Wi-Fi transport.
NT_WIFI = 2;
// Indicates this network uses a Bluetooth transport.
NT_BLUETOOTH = 3;
// Indicates this network uses an Ethernet transport.
NT_ETHERNET = 4;
// Indicates this network uses a VPN transport.
NT_VPN = 5;
// Indicates this network uses a Wi-Fi Aware transport.
NT_WIFI_AWARE = 6;
// Indicates this network uses a LoWPAN transport.
NT_LOWPAN = 7;
// Indicates this network uses a Cellular+VPN transport.
NT_CELLULAR_VPN = 8;
// Indicates this network uses a Wi-Fi+VPN transport.
NT_WIFI_VPN = 9;
// Indicates this network uses a Bluetooth+VPN transport.
NT_BLUETOOTH_VPN = 10;
// Indicates this network uses an Ethernet+VPN transport.
NT_ETHERNET_VPN = 11;
// Indicates this network uses a Wi-Fi+Cellular+VPN transport.
NT_WIFI_CELLULAR_VPN = 12;
}
enum CacheStatus{
// the cache can't handle that kind of queries.
// or the answer buffer is too small.
CS_UNSUPPORTED = 0;
// the cache doesn't know about this query.
CS_NOTFOUND = 1;
// the cache found the answer.
CS_FOUND = 2;
// Don't do anything on cache.
CS_SKIP = 3;
}
// The enum LinuxErrno is defined in the following 2 files.
// 1. bionic/libc/kernel/uapi/asm-generic/errno-base.h
// 2. bionic/libc/kernel/uapi/asm-generic/errno.h
enum LinuxErrno {
SYS_NO_ERROR = 0;
SYS_EPERM = 1; // Not super-user
SYS_ENOENT = 2; // No such file or directory
SYS_ESRCH = 3; // No such process
SYS_EINTR = 4; // Interrupted system call
SYS_EIO = 5; // I/O error
SYS_ENXIO = 6; // No such device or address
SYS_E2BIG = 7; // Arg list too long
SYS_ENOEXEC = 8; // Exec format error
SYS_EBADF = 9; // Bad file number
SYS_ECHILD = 10; // No children
SYS_EAGAIN = 11; // No more processes
SYS_ENOMEM = 12; // Not enough core
SYS_EACCES = 13; // Permission denied
SYS_EFAULT = 14; // Bad address
SYS_ENOTBLK = 15; // Block device required
SYS_EBUSY = 16; // Mount device busy
SYS_EEXIST = 17; // File exists
SYS_EXDEV = 18; // Cross-device link
SYS_ENODEV = 19; // No such device
SYS_ENOTDIR = 20; // Not a directory
SYS_EISDIR = 21; // Is a directory
SYS_EINVAL = 22; // Invalid argument
SYS_ENFILE = 23; // Too many open files in system
SYS_EMFILE = 24; // Too many open files
SYS_ENOTTY = 25; // Not a typewriter
SYS_ETXTBSY = 26; // Text file busy
SYS_EFBIG = 27; // File too large
SYS_ENOSPC = 28; // No space left on device
SYS_ESPIPE = 29; // Illegal seek
SYS_EROFS = 30; // Read only file system
SYS_EMLINK = 31; // Too many links
SYS_EPIPE = 32; // Broken pipe
SYS_EDOM = 33; // Math arg out of domain of func
SYS_ERANGE = 34; // Math result not representable
SYS_EDEADLOCK = 35; // File locking deadlock error
SYS_ENAMETOOLONG = 36; // File or path name too long
SYS_ENOLCK = 37; // No record locks available
SYS_ENOSYS = 38; // Function not implemented
SYS_ENOTEMPTY = 39; // Directory not empty
SYS_ELOOP = 40; // Too many symbolic links
SYS_ENOMSG = 42; // No message of desired type
SYS_EIDRM = 43; // Identifier removed
SYS_ECHRNG = 44; // Channel number out of range
SYS_EL2NSYNC = 45; // Level 2 not synchronized
SYS_EL3HLT = 46; // Level 3 halted
SYS_EL3RST = 47; // Level 3 reset
SYS_ELNRNG = 48; // Link number out of range
SYS_EUNATCH = 49; // rotocol driver not attached
SYS_ENOCSI = 50; // No CSI structure available
SYS_EL2HLT = 51; // Level 2 halted
SYS_EBADE = 52; // Invalid exchange
SYS_EBADR = 53; // Invalid request descriptor
SYS_EXFULL = 54; // Exchange full
SYS_ENOANO = 55; // No anode
SYS_EBADRQC = 56; // Invalid request code
SYS_EBADSLT = 57; // Invalid slot
SYS_EBFONT = 59; // Bad font file fmt
SYS_ENOSTR = 60; // Device not a stream
SYS_ENODATA = 61; // No data (for no delay io)
SYS_ETIME = 62; // Timer expired
SYS_ENOSR = 63; // Out of streams resources
SYS_ENONET = 64; // Machine is not on the network
SYS_ENOPKG = 65; // Package not installed
SYS_EREMOTE = 66; // The object is remote
SYS_ENOLINK = 67; // The link has been severed
SYS_EADV = 68; // Advertise error
SYS_ESRMNT = 69; // Srmount error
SYS_ECOMM = 70; // Communication error on send
SYS_EPROTO = 71; // Protocol error
SYS_EMULTIHOP = 72; // Multihop attempted
SYS_EDOTDOT = 73; // Cross mount point (not really error)
SYS_EBADMSG = 74; // Trying to read unreadable message
SYS_EOVERFLOW = 75; // Value too large for defined data type
SYS_ENOTUNIQ = 76; // Given log. name not unique
SYS_EBADFD = 77; // f.d. invalid for this operation
SYS_EREMCHG = 78; // Remote address changed
SYS_ELIBACC = 79; // Can't access a needed shared lib
SYS_ELIBBAD = 80; // Accessing a corrupted shared lib
SYS_ELIBSCN = 81; // .lib section in a.out corrupted
SYS_ELIBMAX = 82; // Attempting to link in too many libs
SYS_ELIBEXEC = 83; // Attempting to exec a shared library
SYS_EILSEQ = 84;
SYS_ERESTART = 85;
SYS_ESTRPIPE = 86;
SYS_EUSERS = 87;
SYS_ENOTSOCK = 88; // Socket operation on non-socket
SYS_EDESTADDRREQ = 89; // Destination address required
SYS_EMSGSIZE = 90; // Message too long
SYS_EPROTOTYPE = 91; // Protocol wrong type for socket
SYS_ENOPROTOOPT = 92; // Protocol not available
SYS_EPROTONOSUPPORT = 93; // Unknown protocol
SYS_ESOCKTNOSUPPORT = 94; // Socket type not supported
SYS_EOPNOTSUPP = 95; // Operation not supported on transport endpoint
SYS_EPFNOSUPPORT = 96; // Protocol family not supported
SYS_EAFNOSUPPORT = 97; // Address family not supported by protocol family
SYS_EADDRINUSE = 98; // Address already in use
SYS_EADDRNOTAVAIL = 99; // Address not available
SYS_ENETDOWN = 100; // Network interface is not configured
SYS_ENETUNREACH = 101; // Network is unreachable
SYS_ENETRESET = 102;
SYS_ECONNABORTED = 103; // Connection aborted
SYS_ECONNRESET = 104; // Connection reset by peer
SYS_ENOBUFS = 105; // No buffer space available
SYS_EISCONN = 106; // Socket is already connected
SYS_ENOTCONN = 107; // Socket is not connected
SYS_ESHUTDOWN = 108; // Can't send after socket shutdown
SYS_ETOOMANYREFS = 109;
SYS_ETIMEDOUT = 110; // Connection timed out
SYS_ECONNREFUSED = 111; // Connection refused
SYS_EHOSTDOWN = 112; // Host is down
SYS_EHOSTUNREACH = 113; // Host is unreachable
SYS_EALREADY = 114; // Socket already connected
SYS_EINPROGRESS = 115; // Connection already in progress
SYS_ESTALE = 116;
SYS_EUCLEAN = 117;
SYS_ENOTNAM = 118;
SYS_ENAVAIL = 119;
SYS_EISNAM = 120;
SYS_EREMOTEIO = 121;
SYS_EDQUOT = 122;
SYS_ENOMEDIUM = 123; // No medium (in tape drive)
SYS_EMEDIUMTYPE = 124;
SYS_ECANCELED = 125;
SYS_ENOKEY = 126;
SYS_EKEYEXPIRED = 127;
SYS_EKEYREVOKED = 128;
SYS_EKEYREJECTED = 129;
SYS_EOWNERDEAD = 130;
SYS_ENOTRECOVERABLE = 131;
SYS_ERFKILL = 132;
SYS_EHWPOISON = 133;
}
message DnsQueryEvent {
optional NsRcode rcode = 1;
optional NsType type = 2;
optional CacheStatus cache_hit = 3;
optional IpVersion ip_version = 4;
optional Protocol protocol = 5;
// Number of DNS query retry times
optional int32 retry_times = 6;
// Ordinal number of name server.
optional int32 dns_server_index = 7;
// Used only by TCP and DOT. True for new connections.
optional bool connected = 8;
optional int32 latency_micros = 9;
optional LinuxErrno linux_errno = 10;
}
message DnsQueryEvents {
repeated DnsQueryEvent dns_query_event = 1;
}
/**
* Logs a DNS lookup operation initiated by the system resolver on behalf of an application
* invoking native APIs such as getaddrinfo() or Java APIs such as Network#getAllByName().
*
* The NetworkDnsEventReported message represents the entire lookup operation, which may
* result one or more queries to the recursive DNS resolvers. Those are individually logged
* in DnsQueryEvents to enable computing error rates and network latency and timeouts
* broken up by query type, transport, network interface, etc.
*/
message NetworkDnsEventReported {
optional EventType event_type = 1;
optional ReturnCode return_code = 2;
// The latency in microseconds of the entire DNS lookup operation.
optional int32 latency_micros = 3;
// Only valid for event_type = EVENT_GETADDRINFO.
optional int32 hints_ai_flags = 4;
// Flags passed to android_res_nsend() defined in multinetwork.h
// Only valid for event_type = EVENT_RESNSEND.
optional int32 res_nsend_flags = 5;
optional NetworkType network_type = 6;
// The DNS over TLS mode on a specific netId.
optional PrivateDnsModes private_dns_modes = 7;
// Additional pass-through fields opaque to statsd.
// The DNS resolver Mainline module can add new fields here without requiring an OS update.
optional DnsQueryEvents dns_query_events = 8;
// The sample rate of DNS stats (to statsd) is 1/sampling_rate_denom.
optional int32 sampling_rate_denom = 9;
// UID sends the DNS query.
optional int32 uid = 10;
}
enum HandshakeResult {
HR_UNKNOWN = 0;
HR_SUCCESS = 1;
HR_TIMEOUT = 2;
HR_TLS_FAIL = 3;
HR_SERVER_UNREACHABLE = 4;
}
enum HandshakeCause {
HC_UNKNOWN = 0;
HC_SERVER_PROBE = 1;
HC_RECONNECT_AFTER_IDLE = 2;
HC_RETRY_AFTER_ERROR = 3;
}
/**
* The NetworkDnsHandshakeReported message describes a DoT or DoH handshake operation along with
* its result, cause, network latency, TLS version, etc.
*
*/
message NetworkDnsHandshakeReported {
optional Protocol protocol = 1;
optional HandshakeResult result = 2;
optional HandshakeCause cause = 3;
optional NetworkType network_type = 4;
optional PrivateDnsModes private_dns_mode = 5;
// The latency in microseconds of the entire handshake operation.
optional int32 latency_micros = 6;
// Number of bytes sent in a handshake.
optional int32 bytes_sent = 7;
// Number of bytes received in a handshake.
optional int32 bytes_received = 8;
// Number of round-trips.
optional int32 round_trips = 9;
// True if TLS session cache hit.
optional bool tls_session_cache_hit = 10;
// 2 = TLS 1.2, 3 = TLS 1.3
optional int32 tls_version = 11;
// True if the handshake requires verifying the private DNS provider hostname.
optional bool hostname_verification = 12;
// Only present when protocol = PROTO_DOH.
optional int32 quic_version = 13;
optional int32 server_index = 14;
// The sampling-rate of this event is 1/sampling_rate_denom.
optional int32 sampling_rate_denom = 15;
}
/**
* logs the number of DNS servers supported by the protocol
*/
message NetworkDnsServerSupportReported {
// The network type of the network
optional NetworkType network_type = 1;
// The private DNS mode of the network
optional PrivateDnsModes private_dns_modes = 2;
// Stores the state of all DNS servers for this network
optional Servers servers = 3;
}
message Servers {
repeated Server server = 1;
}
message Server {
optional Protocol protocol = 1;
// The order of the dns server in the network
optional int32 index = 2;
// The validation status of the DNS server in the network
optional bool validated = 3;
}
|
