diff options
| author | markus@chromium.org <markus@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-25 20:17:23 +0000 |
|---|---|---|
| committer | markus@chromium.org <markus@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-25 20:17:23 +0000 |
| commit | 5e3e622c221b530be9a9902f9060656848a2a7b0 (patch) | |
| tree | 42f922bec9f3ee406eae8ce787dc7e43d56e3c07 /chrome/tools/chrome-process-identifier.sh | |
| parent | 81bddb46199153e3cac53888aff46991eeafcfb8 (diff) | |
| download | chromium_src-5e3e622c221b530be9a9902f9060656848a2a7b0.zip chromium_src-5e3e622c221b530be9a9902f9060656848a2a7b0.tar.gz chromium_src-5e3e622c221b530be9a9902f9060656848a2a7b0.tar.bz2 | |
Renamed script so that it won't be reported by checkperms.
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/3203007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@57374 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/tools/chrome-process-identifier.sh')
| -rwxr-xr-x | chrome/tools/chrome-process-identifier.sh | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/chrome/tools/chrome-process-identifier.sh b/chrome/tools/chrome-process-identifier.sh new file mode 100755 index 0000000..770529b --- /dev/null +++ b/chrome/tools/chrome-process-identifier.sh @@ -0,0 +1,109 @@ +#!/bin/bash + +# Copyright (c) 2010 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# This utility finds the different processes in a running instance of Chrome. +# It then attempts to identify their types (e.g. browser, extension, plugin, +# zygote, renderer). It also prints out information on whether a sandbox is +# active and what type of sandbox has been identified. + +# This script is likely to only work on Linux or systems that closely mimick +# Linux's /proc filesystem. +[ -d /proc ] || { + echo "This script cannot be run on your system" >&2 + exit 1 +} + +# Find the browser's process id. If there are multiple active instances of +# Chrome, the caller can provide a pid on the command line. Otherwise, the +# script will randomly pick one of the instances. +if [ $# -eq 0 ]; then + pid=$(ls -l /proc/*/exe 2>/dev/null | + sed '/\/chrome$/s,.*/proc/\([^/]*\)/exe.*,\1,;t1;d;:1;q') +else + pid="$1" +fi +ls -l "/proc/$pid/exe" 2>/dev/null|egrep -q '/chrome$' || { + echo "Cannot find any running instance of Chrome" >&2; exit 1; } +while :; do + ppid="$(ps h --format ppid --pid "$pid" 2>/dev/null)" + [ -n "$ppid" ] || { + echo "Cannot find any running instance of Chrome" >&2; exit 1; } + ls "/proc/$ppid/exe" 2>/dev/null|egrep -q '/chrome$' && pid="$ppid" || break +done + +# Iterate over child processes and try to identify them +identify() { + local child cmd foundzygote plugin seccomp type + foundzygote=0 + for child in $(ps h --format pid --ppid $1); do + cmd="$(xargs -0 </proc/$child/cmdline|sed 's/ -/\n-/g')" 2>/dev/null + case "$(echo "$cmd" | sed 's/--type=//;t1;d;:1;q')" in + '') + echo "Process $child is part of the browser" + identify "$child" + ;; + extension) + echo "Process $child is an extension" + ;; + plugin) + plugin="$(echo "$cmd" | + sed 's/--plugin-path=//;t1;d;:1 + s,.*/lib,,;s,.*/npwrapper[.]lib,,;s,^np,,;s,[.]so$,,;q')" + echo "Process $child is a \"$plugin\" plugin" + identify "$child" + ;; + renderer) + # The seccomp sandbox has exactly one child process that has no other + # threads. This is the trusted helper process. + seccomp="$(ps h --format pid --ppid $child)" + if [ $(echo "$seccomp" | wc -w) -eq 1 ] && + [ $(ls /proc/$seccomp/task 2>/dev/null | wc -w) -eq 1 ] && + ls -l /proc/$seccomp/exe 2>/dev/null | egrep -q '/chrome$'; then + echo -n "Process $child is a renderer inside of the seccomp sandbox" + [ -d /proc/$child/cwd/. ] || echo -n "; setuid sandbox is active" + echo + else + echo -n "Process $child is a renderer" + [ -d /proc/$child/cwd/. ] || echo -n "; setuid sandbox is active" + echo + identify "$child" + fi + ;; + zygote) + foundzygote=1 + echo "Process $child is the zygote" + identify "$child" + ;; + *) + type="$(echo "$cmd" | sed 's/--type=//;t1;d;:1;q')" + echo "Process $child is of unknown type \"$type\"" + identify "$child" + ;; + esac + done + return $foundzygote +} + + +echo "The browser's main pid is: $pid" +if identify "$pid"; then + # The zygote can make it difficult to locate renderers, as the setuid + # sandbox causes it to be reparented to "init". When this happens, we can + # no longer associate it with the browser with 100% certainty. We make a + # best effort by comparing command line strings. + cmdline="$(xargs -0 </proc/$pid/cmdline | + sed 's,\(/chrome \),\1--type=zygote ,;t + s,\(/chrome\)$,\1 --type=zygote,;t;d')" 2>/dev/null + [ -n "$cmdline" ] && + for i in $(ps h --format pid --ppid 1); do + if [ "$cmdline" = "$(xargs -0 </proc/$i/cmdline)" ]; then + echo -n "Process $i is the zygote" + [ -d /proc/$i/cwd/. ] || echo -n "; setuid sandbox is active" + echo + identify "$i" + fi + done +fi |