Is this only for //net/dns or do we want to do it for //net overall? I'm actually quite supportive of more restrictive views of //net overall, but didn't want to glom on if it's the wrong bug :)

This bug is specific to net/dns.  Let's leave this bug specific to dns, and create a blocking relationship if a similar overall //net bug gets created.

I would also be supportive of making similar changes for //net overall part of the overall servicification plan (or just as a general cleanup), but I have not yet shopped around for buy-in on that so no such plan or bug currently exists that I know of.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/24feb5bfd766a5067305ef30da9f23f8eca61e22

commit 24feb5bfd766a5067305ef30da9f23f8eca61e22
Author: Eric Orth <ericorth@chromium.org>
Date: Fri May 25 19:42:46 2018

Reorganize //net/dns BUILD rules.

Split everything in the net/dns directory off into its own BUILD.gn
file in that directory with separate source_sets depended on by the
main //net target.

Control access external to the network stack using public/private
headers with whitelisted access via friend lists.  The main
HostResolver API is public, and everything else is whitelisted to
just network (and network service) code and current external usage.
This will block most external code from adding new includes of anything
except HostResolver.  Note: There are some parts of chromium where the
restrictions are not enforced (eg //third_party/* and some large parts
of //chrome/*), but I checked that there are no current violations (by
enabling enforcement in src/.gn for everything and searching the
results for "net/dns").

Circular dependencies between //net and //net/dns were too ingrained to
be resolved.  Configured to allow such dependencies and locked the dns
build rules (via visibility) to only allow direct dependency through
the //net target.  Very reasonable since dns code should still live in
the net.dll component.

Bug: 846454
TBR: allenvic@chromium.org,thestig@chromium.org
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I0b6eb60741a7910013b0f7897127c5153cff3f15
Reviewed-on: https://chromium-review.googlesource.com/1060304
Commit-Queue: Eric Orth <ericorth@chromium.org>
Reviewed-by: Helen Li <xunjieli@chromium.org>
Cr-Commit-Position: refs/heads/master@{#561976}
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/chrome/browser/BUILD.gn
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/chrome/browser/chromeos/smb_client/discovery/mdns_host_locator.cc
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/chrome/browser/intranet_redirect_detector.h
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/components/certificate_transparency/tree_state_tracker.cc
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/content/test/BUILD.gn
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/net/BUILD.gn
[add] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/net/dns/BUILD.gn
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/services/network/BUILD.gn
[modify] https://crrev.com/24feb5bfd766a5067305ef30da9f23f8eca61e22/services/proxy_resolver/BUILD.gn

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/168a7e5b1972a780f6502b147084d9cc4342e4a0

commit 168a7e5b1972a780f6502b147084d9cc4342e4a0
Author: Eric Orth <ericorth@chromium.org>
Date: Mon Aug 27 19:11:32 2018

Whitelist access to HostResolver headers.

Convert the //net/dns:public source_set into :host_resolver and move all
public headers to source.  Access to these previously-public headers
will now only be allowed for BUILD.gn rules listed in the friend list.

Added friend entries with explanation comments for all remaining usage.
Some with TODOs to remove, eg because they'll be migrated to network
service.  Confirmed that there are no other remaining usage in code
where private headers are or are not enforced (checking unenforced by
searching for "net/dns" in the error output).

Removed a couple includes that were no longer needed.

TBR=jochen@chromium.org

Bug: 846454
Change-Id: I7bb633088689dc896f9fc27e1dec87ae699410db
Reviewed-on: https://chromium-review.googlesource.com/1183981
Commit-Queue: Eric Orth <ericorth@chromium.org>
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#586362}
[modify] https://crrev.com/168a7e5b1972a780f6502b147084d9cc4342e4a0/chrome/service/net/service_url_request_context_getter.h
[modify] https://crrev.com/168a7e5b1972a780f6502b147084d9cc4342e4a0/content/browser/renderer_host/pepper/pepper_tcp_socket_message_filter.h
[modify] https://crrev.com/168a7e5b1972a780f6502b147084d9cc4342e4a0/extensions/browser/api/dns/dns_api.h
[modify] https://crrev.com/168a7e5b1972a780f6502b147084d9cc4342e4a0/extensions/browser/api/socket/socket_api.h
[modify] https://crrev.com/168a7e5b1972a780f6502b147084d9cc4342e4a0/net/BUILD.gn
[modify] https://crrev.com/168a7e5b1972a780f6502b147084d9cc4342e4a0/net/dns/BUILD.gn

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8afaf15c355c4242a5f744e448d92fb090388e52

commit 8afaf15c355c4242a5f744e448d92fb090388e52
Author: Eric Orth <ericorth@chromium.org>
Date: Wed Nov 07 21:01:26 2018

Create new //net/dns/public directory/target

This will hold all the simple host resolution code intended long-term
(post-servicification) for direct non-test access outside the network
stack and service.  For now, moving over dns_protocol.h and
dns_util::IsValidDoHTemplate(), two items currently used externally
that do not make sense to servicify. Will likely move over more in
subsequent CLs.

Similar to when //net/dns targets were split off from //net, no attempt
was made to detangle circular dependencies with //net.

Bug: 846454
Change-Id: I7cc209240f1c6f5ae2789c56faefb20662366230
Reviewed-on: https://chromium-review.googlesource.com/c/1320516
Reviewed-by: Bailey Berro <baileyberro@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: Eric Orth <ericorth@chromium.org>
Cr-Commit-Position: refs/heads/master@{#606155}
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/chromeos/smb_client/discovery/mdns_host_locator.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/local_discovery/service_discovery_client_impl.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/local_discovery/service_discovery_client_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/net/dns_probe_runner.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/net/dns_probe_service.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/net/dns_probe_test_util.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/net/system_network_context_manager.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/chrome/browser/printing/cloud_print/privet_traffic_detector.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/components/certificate_transparency/log_dns_client.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/components/certificate_transparency/log_dns_client_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/components/certificate_transparency/mock_log_dns_traffic.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/BUILD.gn
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/android/network_library.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/BUILD.gn
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_config_service_posix.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_config_service_posix_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_config_service_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_config_service_win.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_config_service_win_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_query.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_query_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_response.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_response_fuzzer.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_response_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_session_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_test_util.h
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_transaction.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_transaction_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_util.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/dns_util_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/host_resolver_impl.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/host_resolver_mdns_task.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/mdns_cache.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/mdns_client.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/mdns_client_impl.cc
[add] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/public/BUILD.gn
[add] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/public/README.md
[rename] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/public/dns_protocol.h
[add] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/public/util.cc
[add] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/public/util.h
[add] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/public/util_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/record_parsed_unittest.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/record_rdata.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/dns/record_rdata.h
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/net/tools/dns_fuzz_stub/dns_fuzz_stub.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/services/network/mdns_responder.cc
[modify] https://crrev.com/8afaf15c355c4242a5f744e448d92fb090388e52/services/network/mdns_responder_unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1556c38fc8dc7d6dd9d2da4762e9458a106753e0

commit 1556c38fc8dc7d6dd9d2da4762e9458a106753e0
Author: Eric Orth <ericorth@chromium.org>
Date: Thu Nov 08 06:05:02 2018

Cleanup/whitelist remaining //net/dns usage

Removed a bunch of whitelist entries that were no longer needed, mostly
due to completed servicification migrations.  Some usage was
no-longer-needed includes that I removed, and all of UrlInfo appeared
to be no longer used or present in build files so I removed the whole
class and tests.

Some usage of MDnsClient was just accessing the Get...Endpoint()
methods that could easily be moved to net/dns/public and thus no longer
require whitelisting.

Ensured all remaining whitelist entries were commented with why usage
is appropriate or with a TODO and bug for anything still requiring
servicification migration.

Bug: 846454
Change-Id: I39aeeaa437bd8fe2899e78189ca7ef0adbffd1f6
Reviewed-on: https://chromium-review.googlesource.com/c/1320511
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#606365}
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/chrome/browser/devtools/device/tcp_device_provider.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/chrome/browser/local_discovery/service_discovery_client_mdns.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/chrome/browser/net/system_network_context_manager.cc
[delete] https://crrev.com/cd52a866ba1007824b4afa95eaf266e6b5a8eb94/chrome/browser/net/url_info.cc
[delete] https://crrev.com/cd52a866ba1007824b4afa95eaf266e6b5a8eb94/chrome/browser/net/url_info.h
[delete] https://crrev.com/cd52a866ba1007824b4afa95eaf266e6b5a8eb94/chrome/browser/net/url_info_unittest.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/chrome/browser/net_benchmarking.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/chrome/browser/printing/cloud_print/privet_traffic_detector.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/BUILD.gn
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/dns_util.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/dns_util.h
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/mdns_client.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/mdns_client_impl.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/mock_mdns_socket_factory.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/public/dns_protocol.h
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/public/util.cc
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/net/dns/public/util.h
[modify] https://crrev.com/1556c38fc8dc7d6dd9d2da4762e9458a106753e0/services/network/mdns_responder.cc