blob: 96f8e0110307396dbc8623b0d2d609784871bc51 [file] [log] [blame]
// Copyright 2018 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
syntax = "proto3";
package usb_bouncer;
import "google/protobuf/timestamp.proto";
message RuleEntry {
// Records the last time a USB device was added and used to determine if a
// rule is old enough to remove.
google.protobuf.Timestamp last_used = 1;
// Contains a list of usbguard rules. Typically only one will be present, but
// more than one are allowed to handle the mode switching case. The format
// is described in:
repeated string rules = 2;
// For the global_db:
// The keys for each map is the `usb_bouncer::Hash` of the devpath.
// `RuleEntry`s are added to entries when USB devices are connected. Either
// when they are removed or when they mode switch the particular entry is
// moved from entries to trash, until they expire. This allows for aggregating
// rules across the different modes a device may go through before it reaches
// its final state.
// For the user_db:
// Only `entries` is used and its key is the `usb_bouncer::Hash` of the rules
// joined by '\n' characters.
message RuleDB{
map<string, RuleEntry> entries = 1;
// Used by the global_db only. These are for entries that might be treated as
// rules for a mode switching device. `RuleEntry`s are moved from `entries` to
// `trash` for a brief time. If a mode switch occurs rules will be prepended
// to the new RuleEntry added to entries. Once sufficient time has passed to
// determine there was no mode-switch these entries expire and are removed on
// the next call to `usb_bouncer::EntryManager::GarbageCollect`.
map<string, RuleEntry> trash = 2;