diff options
Diffstat (limited to 'chromium/chrome/browser/resources/sandbox_internals/sandbox_internals_win.js')
-rw-r--r-- | chromium/chrome/browser/resources/sandbox_internals/sandbox_internals_win.js | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/chromium/chrome/browser/resources/sandbox_internals/sandbox_internals_win.js b/chromium/chrome/browser/resources/sandbox_internals/sandbox_internals_win.js new file mode 100644 index 00000000000..100b04e20f6 --- /dev/null +++ b/chromium/chrome/browser/resources/sandbox_internals/sandbox_internals_win.js @@ -0,0 +1,108 @@ +// Copyright 2019 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +/** + * @typedef {{ + * processId: number, + * processType: string, + * name: string, + * metricsName: string + * }} + */ +let BrowserHostProcess; + +/** + * @typedef {{ + * processId: number + * }} + */ +let RendererHostProcess; + +/** + * This may have additional fields displayed in the JSON output. + * See //sandbox/win/src/sandbox_constants.cc for keys in policy. + * @typedef {{ + * processIds: !Array<number>, + * lockdownLevel: string, + * desiredIntegrityLevel: string, + * platformMitigations: string + * }} + */ +let PolicyDiagnostic; + +/** + * @typedef {{ + * browser: !Array<!BrowserHostProcess>, + * renderer: !Array<!RendererHostProcess>, + * policies: !Array<!PolicyDiagnostic> + * }} + */ +let SandboxDiagnostics; + +/** + * Adds a row to the sandbox-status table. + * @param {!Array<string>} args + */ +function addRow(args) { + const row = document.createElement('tr'); + for (const text of args) { + const col = row.appendChild(document.createElement('td')); + col.textContent = text; + } + $('sandbox-status').appendChild(row); +} + +/** + * Adds policy information for a process to the sandbox-status table. + * @param {number} pid + * @param {string} type + * @param {string} name + * @param {PolicyDiagnostic} policy + */ +function addRowForProcess(pid, type, name, policy) { + if (policy) { + addRow([ + pid, type, name, policy.lockdownLevel, policy.desiredIntegrityLevel, + policy.platformMitigations + ]); + } else { + addRow([pid, type, name, 'Not Sandboxed', '', '']); + } +} + +/** @param {!SandboxDiagnostics} results */ +function onGetSandboxDiagnostics(results) { + // Make it easy to look up policies. + /** @type {!Map<number,!PolicyDiagnostic>} */ + const policies = new Map(); + for (const policy of results.policies) { + // At present only one process per TargetPolicy object. + const pid = policy.processIds[0]; + policies.set(pid, policy); + } + + // Titles. + addRow(['Process', 'Type', 'Name', 'Sandbox', 'Intregity', 'Mitigations']); + + // Browser Processes. + for (const process of results.browser) { + const pid = process.processId; + const name = process.name || process.metricsName; + addRowForProcess(pid, process.processType, name, policies.get(pid)); + } + + // Renderer Processes. + for (const process of results.renderer) { + const pid = process.processId; + addRowForProcess(pid, 'Renderer', '', policies.get(pid)); + } + + // Raw Diagnostics. + $('raw-info').textContent = + 'policies: ' + JSON.stringify(results.policies, null, 2); +} + +document.addEventListener('DOMContentLoaded', () => { + cr.sendWithPromise('requestSandboxDiagnostics').then(onGetSandboxDiagnostics); +}); |