| // Copyright 2018 The Chromium OS Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| syntax = "proto3"; |
| |
| package usb_bouncer; |
| |
| import "google/protobuf/timestamp.proto"; |
| |
| message RuleEntry { |
| // Records the last time a USB device was added and used to determine if a |
| // rule is old enough to remove. |
| google.protobuf.Timestamp last_used = 1; |
| |
| // Contains a list of usbguard rules. Typically only one will be present, but |
| // more than one are allowed to handle the mode switching case. The format |
| // is described in: |
| // https://usbguard.github.io/documentation/rule-language.html |
| repeated string rules = 2; |
| } |
| |
| // For the global_db: |
| // The keys for each map is the `usb_bouncer::Hash` of the devpath. |
| // |
| // `RuleEntry`s are added to entries when USB devices are connected. Either |
| // when they are removed or when they mode switch the particular entry is |
| // moved from entries to trash, until they expire. This allows for aggregating |
| // rules across the different modes a device may go through before it reaches |
| // its final state. |
| // |
| // For the user_db: |
| // Only `entries` is used and its key is the `usb_bouncer::Hash` of the rules |
| // joined by '\n' characters. |
| message RuleDB{ |
| map<string, RuleEntry> entries = 1; |
| |
| // Used by the global_db only. These are for entries that might be treated as |
| // rules for a mode switching device. `RuleEntry`s are moved from `entries` to |
| // `trash` for a brief time. If a mode switch occurs rules will be prepended |
| // to the new RuleEntry added to entries. Once sufficient time has passed to |
| // determine there was no mode-switch these entries expire and are removed on |
| // the next call to `usb_bouncer::EntryManager::GarbageCollect`. |
| map<string, RuleEntry> trash = 2; |
| } |