chromium/components/device_signals/core/common/mojom/system_signals.mojom

// Copyright 2022 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

module device_signals.mojom;

import "sandbox/policy/mojom/context.mojom";
import "sandbox/policy/mojom/sandbox.mojom";
import "mojo/public/mojom/base/byte_string.mojom";
import "mojo/public/mojom/base/file_path.mojom";

enum PresenceValue {
  // Was unable to determine whether the signal source exists or not. This
  // typically indicates that a failure occurred before even trying to assess
  // its presence.
  kUnspecified,

  // Unable to determine the signal source's existence due to insufficient user
  // permissions.
  kAccessDenied,

  // The signal's source does not exist.
  kNotFound,

  // The signal's source was found.
  kFound
};

struct ExecutableMetadata {
  bool is_running;
  array<mojo_base.mojom.ByteString>? public_keys_hashes;
  string? product_name;
  string? version;
  bool is_os_verified;
  string? subject_name;
};

struct FileSystemItem {
  mojo_base.mojom.FilePath file_path;
  PresenceValue presence;
  mojo_base.mojom.ByteString? sha256_hash;
  ExecutableMetadata? executable_metadata;
};

struct FileSystemItemRequest {
  mojo_base.mojom.FilePath file_path;
  bool compute_sha256;
  bool compute_executable_metadata;
};

[EnableIf=is_win]
enum AntiVirusProductState {
  // The security product software is turned on and protecting the user.
  kOn,
  // The security product software is turned off and protection is disabled.
  kOff,
  // The security product software is in the snoozed state, temporarily off,
  // and not actively protecting the computer.
  kSnoozed,
  // The security product software is expired and does not have the latest
  // updates.
  kExpired
};

[EnableIf=is_win]
struct AntiVirusSignal {
  string display_name;
  string product_id;
  AntiVirusProductState state;
};

[EnableIf=is_win]
struct HotfixSignal {
  string hotfix_id;
};

// Service in charge of collecting a specific set of device signals. The source
// of these signals is platform-specific and, in some cases (i.e. Windows), may
// need to be run a separate process.
// This service can be accessed from the browser process.
[ServiceSandbox=sandbox.mojom.Sandbox.kNoSandbox,
 RequireContext=sandbox.mojom.Context.kBrowser]
interface SystemSignalsService {
  // Collects signals about a set of file system items specified by `requests`.
  // Returns the collected information in `items`.
  GetFileSystemSignals(array<FileSystemItemRequest> requests)
    => (array<FileSystemItem> items);

  // Collects information about AntiVirus software installed on the current
  // device. Returns that information via `av_signals`.
  [EnableIf=is_win]
  GetAntiVirusSignals() => (array<AntiVirusSignal> av_signals);

  // Collects information about hotfixes that were installed on the device.
  // Returns that information via `hotfix_signals`.
  [EnableIf=is_win]
  GetHotfixSignals() => (array<HotfixSignal> hotfix_signals);
};