diff options
| author | markus@chromium.org <markus@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-25 18:34:49 +0000 |
|---|---|---|
| committer | markus@chromium.org <markus@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-25 18:34:49 +0000 |
| commit | e6ad36b02ff877693e4ae59929a825886023ebe2 (patch) | |
| tree | 0d0c68318727c0c51fc8fc8fdb6a1f238b616235 /chrome/tools | |
| parent | 60e99a38d1126b17d25108ca446e4f0d0a0efd2b (diff) | |
| download | chromium_src-e6ad36b02ff877693e4ae59929a825886023ebe2.zip chromium_src-e6ad36b02ff877693e4ae59929a825886023ebe2.tar.gz chromium_src-e6ad36b02ff877693e4ae59929a825886023ebe2.tar.bz2 | |
A shell script that identifies the different Chrome processes. This script
finds all the processes that belong to a given instance of Chrome and
attempts to identify their types (e.g. browser, extension, plugin, zygote,
renderer). It also prints out information on whether a sandbox is active
and what type of sandbox has been identified.
This script is likely to only work on Linux or systems that closely mimick
Linux's /proc filesystem.
TEST=start Chrome, invoke script, verify that it shows different process types
BUG=none
Review URL: http://codereview.chromium.org/3158033
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@57354 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/tools')
| -rwxr-xr-x | chrome/tools/chrome-process-identifier | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/chrome/tools/chrome-process-identifier b/chrome/tools/chrome-process-identifier new file mode 100755 index 0000000..ece1669 --- /dev/null +++ b/chrome/tools/chrome-process-identifier @@ -0,0 +1,108 @@ +#!/bin/bash + +# Copyright (c) 2010 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# This utility finds the different processes in a running instance of Chrome. +# It then attempts to identify their types (e.g. browser, extension, plugin, +# zygote, renderer). It also prints out information on whether a sandbox is +# active and what type of sandbox has been identified. + +# This script is likely to only work on Linux or systems that closely mimick +# Linux's /proc filesystem. +[ -d /proc ] || { + echo "This script cannot be run on your system" >&2 + exit 1 +} + +# Find the browser's process id. If there are multiple active instances of +# Chrome, the caller can provide a pid on the command line. Otherwise, the +# script will randomly pick one of the instances. +if [ $# -eq 0 ]; then + pid=$(ls -l /proc/*/exe 2>/dev/null | + sed '/\/chrome$/s,.*/proc/\([^/]*\)/exe.*,\1,;t1;d;:1;q') +else + pid="$1" +fi +ls -l "/proc/$pid/exe" 2>/dev/null|egrep -q '/chrome$' || { + echo "Cannot find any running instance of Chrome" >&2; exit 1; } +while :; do + ppid=$(sed 's/PPid:[^0-9]*//;t1;d;:1;q' /proc/$pid/status 2>/dev/null) + [ -n "$ppid" ] || { + echo "Cannot find any running instance of Chrome" >&2; exit 1; } + ls "/proc/$ppid/exe" 2>/dev/null|egrep -q '/chrome$' && pid="$ppid" || break +done + +# Iterate over child processes and try to identify them +identify() { + foundzygote=0 + for child in $(ps h --format pid --ppid $1); do + cmd="$(xargs -0 </proc/$child/cmdline|sed 's/ -/\n-/g')" 2>/dev/null + case "$(echo "$cmd" | sed 's/--type=//;t1;d;:1;q')" in + '') + echo "Process $child is part of the browser" + identify "$child" + ;; + extension) + echo "Process $child is an extension" + ;; + plugin) + plugin="$(echo "$cmd" | + sed 's/--plugin-path=//;t1;d;:1 + s,.*/lib,,;s,.*/npwrapper[.]lib,,;s,^np,,;s,[.]so$,,;q')" + echo "Process $child is a \"$plugin\" plugin" + identify "$child" + ;; + renderer) + # The seccomp sandbox has exactly one child process that has no other + # threads. This is the trusted helper process. + seccomp="$(ps h --format pid --ppid $child)" + if [ $(echo "$seccomp" | wc -w) -eq 1 ] && + [ $(ls /proc/$seccomp/task 2>/dev/null | wc -w) -eq 1 ] && + ls -l /proc/$seccomp/exe 2>/dev/null | egrep -q '/chrome$'; then + echo -n "Process $child is a renderer inside of the seccomp sandbox" + [ -d /proc/$child/cwd/. ] || echo -n "; setuid sandbox is active" + echo + else + echo -n "Process $child is a renderer" + [ -d /proc/$child/cwd/. ] || echo -n "; setuid sandbox is active" + echo + identify "$child" + fi + ;; + zygote) + foundzygote=1 + echo "Process $child is the zygote" + identify "$child" + ;; + *) + type="$(echo "$cmd" | sed 's/--type=//;t1;d;:1;q')" + echo "Process $child is of unknown type \"$type\"" + identify "$child" + ;; + esac + done + return $foundzygote +} + + +echo "The browser's main pid is: $pid" +if identify "$pid"; then + # The zygote can make it difficult to locate renderers, as the setuid + # sandbox causes it to be reparented to "init". When this happens, we can + # no longer associate it with the browser with 100% certainty. We make a + # best effort by comparing command line strings. + cmdline="$(xargs -0 </proc/$pid/cmdline | + sed 's,\(/chrome \),\1--type=zygote ,;t + s,\(/chrome\)$,\1 --type=zygote,;t;d')" 2>/dev/null + [ -n "$cmdline" ] && + for i in $(ps h --format pid --ppid 1); do + if [ "$cmdline" = "$(xargs -0 </proc/$i/cmdline)" ]; then + echo -n "Process $i is the zygote" + [ -d /proc/$i/cwd/. ] || echo -n "; setuid sandbox is active" + echo + identify "$i" + fi + done +fi |