Create third-party conflicts module whitelist/blacklist protobuf definitions.

chrome/browser/conflicts/proto/module_list.proto

+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+syntax = "proto2";

[Patrick Monette, 2017/07/06 20:05:53]

Nit: Space between syntax and option, from what I can tell from the majority of
proto files in Chrome.

+option optimize_for = LITE_RUNTIME;
+
+package conflicts;
+
+// Describes a version tuple. Versions are matched exactly, so missing fields
+// will not match zero value fields. For example, "4" will not match "4.0" or
+// "4.0.0.0".
+message ModuleVersion {
+  required uint32 major = 1;
+  optional uint32 minor = 2;
+  // Can only be specified if |minor| is specified.
+  optional uint32 patch = 3;
+  // Can only be specified if |patch| is specified.
+  optional uint32 revision = 4;
+}
+
+// Describes a module. A module is valid only if at least one of |basename| or
+// |code_id| is specified, although both may be specified. A module must exactly
+// match all specified fields in order to be considered a match.
+message Module {
+  // The basename of the module. This is case insensitive. If this is not
+  // specified then |code_id| must be specified.
+  optional string basename = 1;
+
+  // Code ID. This is equivalent to the string generated by formatting
+  // the FileHeader.TimeDateStamp and OptionalHeader.SizeOfImage with the
+  // formatting string %08X%x. Comparison is case insensitive. If this is not
+  // specified then |basename| must be specified.
+  optional string code_id = 2;
+
+  // Version matching. Specifying both a minimum and a maximum provides an
+  // exact matching mechanism. Both versions are inclusive.
+  optional ModuleVersion version_min = 3;
+  optional ModuleVersion version_max = 4;
+}
+
+// A module group is a collection of one or more modules with shared publisher
+// and/or installation directory information.
+message ModuleGroup {
+  // Publisher information. If specified then the modules in this group will
+  // only match if they are signed by the specified publisher. This corresponds
+  // to the OU specified in the signature.

[Patrick Monette, 2017/07/06 20:05:53]

What's OU?

+  optional string publisher = 1;
+
+  // The directory in which the modules are found. This may use environment
+  // variables such as %LOCALAPPDATA%, %SYSTEMROOT%, etc. This is case
+  // insensitive. If not specified then any path will be accepted.
+  optional string directory = 2;
+
+  // A list of modules.
+  repeated Module modules = 3;
+}
+
+// Describes a whitelist of modules that will always be allowed to load, and for
+// which there is no associated user messaging.
+message ModuleWhitelist {
+  // A collection of modules, grouped by publisher/installation path
+  // information.
+  repeated ModuleGroup module_groups = 1;
+}
+
+// The user message to display when a blacklisted module is matched at runtime.
+enum BlacklistMessageType {
+  // The user will be presented with a message to uninstall the software. This
+  // message will only be displayed if a mathing software entry with

[Patrick Monette, 2017/07/06 20:05:54]

s/mathing/matching

+  // uninstallation registry entries can be found. This is the default action
+  // that is applied to all modules that are not specifically whitelisted.
+  // It's presence in this list allows a module to remain blacklisted, but be
+  // allowed to load. If this is specified then |message_url| should be empty
+  // and is otherwise ignored.
+  UNINSTALL = 0;
+  // The user will be presented with a message about the incompatibility of
+  // the related software, and provided with a link to follow for further
+  // information. The URL is specified via |message_url| in an associated
+  // BlacklistAction.
+  FURTHER_INFORMATION = 1;
+  // The user will be presented with a message about the incompatiblity of
+  // the related software, and provided with a link to follow in order to
+  // upgrade the software to a compatible version. The URL is specified via
+  // |message_url| in an associated BlacklistAction.
+  SUGGEST_UPGRADE = 2;
+};
+
+// The actions to take when a blacklisted module is encountered.
+message BlacklistAction {
+  // Indicates whether or not this module should be allowed to load. This can be
+  // used to explicitly allow modules to load that when blocked cause problems,
+  // but otherwise to allow messaging to encourage users to remove them.
+  required bool allow_load = 1;
+
+  // The URL associated with the user message. See BlacklistMessageType for full
+  // details.
+  required BlacklistMessageType message_type = 2;
+  optional string message_url = 3;
+}
+
+// Describes a group in the module blacklist. Modules not whitelisted are
+// blacklisted by default, but fine-grained control over the user messaging is
+// possible using an explicit blacklist entry.
+message BlacklistModuleGroup {
+  // The action to take when modules in this group are encountered.
+  required BlacklistAction action = 1;
+
+  // The group of modules itself.
+  required ModuleGroup modules;
+}
+
+// Describes a blacklist of modules that are to be handled specially when
+// encountered.
+message ModuleBlacklist {
+  repeated BlacklistModuleGroup modules_groups = 1;
+}
+
+// The entire module list itself consists of a whitelist and a blacklist.
+message ModuleList {
+  // The whitelisted modules.
+  required ModuleWhitelist whitelist;
+
+  // The blacklisted modules, and the associated actions to take upon
+  // encountering them.
+  required ModuleBlacklist blacklist;
+}