| blob | eb262917c11d172d7b66664cee648ed92f665f6b |
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef MOJO_SYSTEM_DISPATCHER_H_
6 #define MOJO_SYSTEM_DISPATCHER_H_
8 #include <stddef.h>
9 #include <stdint.h>
11 #include <vector>
42 // Test helper. We need to declare it here so we can friend it.
48 // A |Dispatcher| implements Mojo primitives that are "attached" to a particular
49 // handle. This includes most (all?) primitives except for |MojoWait...()|. This
50 // object is thread-safe, with its state being protected by a single lock
51 // |lock_|, which is also made available to implementation subclasses (via the
52 // |lock()| method).
58 kTypeMessagePipe,
59 kTypeDataPipeProducer,
60 kTypeDataPipeConsumer,
61 kTypeSharedBuffer,
63 // "Private" types (not exposed via the public interface):
65 };
68 // These methods implement the various primitives named |Mojo...()|. These
69 // take |lock_| and handle races with |Close()|. Then they call out to
70 // subclasses' |...ImplNoLock()| methods (still under |lock_|), which actually
71 // implement the primitives.
72 // NOTE(vtl): This puts a big lock around each dispatcher (i.e., handle), and
73 // prevents the various |...ImplNoLock()|s from releasing the lock as soon as
74 // possible. If this becomes an issue, we can rethink this.
77 // |transports| may be non-null if and only if there are handles to be
78 // written; not that |this| must not be in |transports|. On success, all the
79 // dispatchers in |transports| must have been moved to a closed state; on
80 // failure, they should remain in their original state.
84 MojoWriteMessageFlags flags);
85 // |dispatchers| must be non-null but empty, if |num_dispatchers| is non-null
86 // and nonzero. On success, it will be set to the dispatchers to be received
87 // (and assigned handles) as part of the message.
92 MojoReadMessageFlags flags);
95 MojoWriteDataFlags flags);
98 MojoWriteDataFlags flags);
102 MojoReadDataFlags flags);
105 MojoReadDataFlags flags);
107 // |options| may be null. |new_dispatcher| must not be null, but
108 // |*new_dispatcher| should be null (and will contain the dispatcher for the
109 // new handle on success).
115 MojoMapBufferFlags flags,
118 // Adds a waiter to this dispatcher. The waiter will be woken up when this
119 // object changes state to satisfy |flags| with result |wake_result| (which
120 // must be >= 0, i.e., a success status). It will also be woken up when it
121 // becomes impossible for the object to ever satisfy |flags| with a suitable
122 // error status.
123 //
124 // Returns:
125 // - |MOJO_RESULT_OK| if the waiter was added;
126 // - |MOJO_RESULT_ALREADY_EXISTS| if |flags| is already satisfied;
127 // - |MOJO_RESULT_INVALID_ARGUMENT| if the dispatcher has been closed; and
128 // - |MOJO_RESULT_FAILED_PRECONDITION| if it is not (or no longer) possible
129 // that |flags| will ever be satisfied.
131 MojoWaitFlags flags,
132 MojoResult wake_result);
135 // A dispatcher must be put into a special state in order to be sent across a
136 // message pipe. Outside of tests, only |HandleTableAccess| is allowed to do
137 // this, since there are requirements on the handle table (see below).
138 //
139 // In this special state, only a restricted set of operations is allowed.
140 // These are the ones available as |DispatcherTransport| methods. Other
141 // |Dispatcher| methods must not be called until |DispatcherTransport::End()|
142 // has been called.
147 // Tests also need this, to avoid needing |Core|.
150 // This must be called under the handle table lock and only if the handle
151 // table entry is not marked busy. The caller must maintain a reference to
152 // |dispatcher| until |DispatcherTransport::End()| is called.
154 };
156 // A |TransportData| may serialize dispatchers that are given to it (and which
157 // were previously attached to the |MessageInTransit| that is creating it) to
158 // a given |Channel| and then (probably in a different process) deserialize.
159 // Note that the |MessageInTransit| "owns" (i.e., has the only ref to) these
160 // dispatchers, so there are no locking issues. (There's no lock ordering
161 // issue, and in fact no need to take dispatcher locks at all.)
162 // TODO(vtl): Consider making another wrapper similar to |DispatcherTransport|
163 // (but with an owning, unique reference), and having
164 // |CreateEquivalentDispatcherAndCloseImplNoLock()| return that wrapper (and
165 // |MessageInTransit|, etc. only holding on to such wrappers).
170 // Serialization API. These functions may only be called on such
171 // dispatchers. (|channel| is the |Channel| to which the dispatcher is to be
172 // serialized.) See the |Dispatcher| methods of the same names for more
173 // details.
185 // Deserialization API.
186 // Note: This "clears" (i.e., reset to the invalid handle) any platform
187 // handles that it takes ownership of.
194 };
202 // These are to be overridden by subclasses (if necessary). They are called
203 // exactly once -- first |CancelAllWaitersNoLock()|, then |CloseImplNoLock()|,
204 // when the dispatcher is being closed. They are called under |lock_|.
210 // These are to be overridden by subclasses (if necessary). They are never
211 // called after the dispatcher has been closed. They are called under |lock_|.
212 // See the descriptions of the methods without the "ImplNoLock" for more
213 // information.
218 MojoWriteMessageFlags flags);
223 MojoReadMessageFlags flags);
226 MojoWriteDataFlags flags);
229 MojoWriteDataFlags flags);
233 MojoReadDataFlags flags);
236 MojoReadDataFlags flags);
244 MojoMapBufferFlags flags,
247 MojoWaitFlags flags,
248 MojoResult wake_result);
251 // These implement the API used to serialize dispatchers to a |Channel|
252 // (described below). They will only be called on a dispatcher that's attached
253 // to and "owned" by a |MessageInTransit|. See the non-"impl" versions for
254 // more information.
255 //
256 // Note: |StartSerializeImplNoLock()| is actually called with |lock_| NOT
257 // held, since the dispatcher should only be accessible to the calling thread.
258 // On Debug builds, |EndSerializeAndCloseImplNoLock()| is called with |lock_|
259 // held, to satisfy any |lock_.AssertAcquired()| (e.g., in |CloseImplNoLock()|
260 // -- and anything it calls); disentangling those assertions is
261 // difficult/fragile, and would weaken our general checking of invariants.
262 //
263 // TODO(vtl): Consider making these pure virtual once most things support
264 // being passed over a message pipe.
274 // Available to subclasses. (Note: Returns a non-const reference, just like
275 // |base::AutoLock|'s constructor takes a non-const reference.)
281 // This should be overridden to return true if/when there's an ongoing
282 // operation (e.g., two-phase read/writes on data pipes) that should prevent a
283 // handle from being sent over a message pipe (with status "busy").
286 // Closes the dispatcher. This must be done under lock, and unlike |Close()|,
287 // the dispatcher must not be closed already. (This is the "equivalent" of
288 // |CreateEquivalentDispatcherAndCloseNoLock()|, for situations where the
289 // dispatcher must be disposed of instead of "transferred".)
292 // Creates an equivalent dispatcher -- representing the same resource as this
293 // dispatcher -- and close (i.e., disable) this dispatcher. I.e., this
294 // dispatcher will look as though it was closed, but the resource it
295 // represents will be assigned to the new dispatcher. This must be called
296 // under the dispatcher's lock.
299 // API to serialize dispatchers to a |Channel|, exposed to only
300 // |TransportData| (via |TransportData|). They may only be called on a
301 // dispatcher attached to a |MessageInTransit| (and in particular not in
302 // |CoreImpl|'s handle table).
303 //
304 // Starts the serialization. Returns (via the two "out" parameters) the
305 // maximum amount of space that may be needed to serialize this dispatcher to
306 // the given |Channel| (no more than
307 // |TransportData::kMaxSerializedDispatcherSize|) and the maximum number of
308 // |PlatformHandle|s that may need to be attached (no more than
309 // |TransportData::kMaxSerializedDispatcherPlatformHandles|). If this
310 // dispatcher cannot be serialized to the given |Channel|, |*max_size| and
311 // |*max_platform_handles| should be set to zero. A call to this method will
312 // ALWAYS be followed by a call to |EndSerializeAndClose()| (even if this
313 // dispatcher cannot be serialized to the given |Channel|).
317 // Completes the serialization of this dispatcher to the given |Channel| and
318 // closes it. (This call will always follow an earlier call to
319 // |StartSerialize()|, with the same |Channel|.) This does so by writing to
320 // |destination| and appending any |PlatformHandle|s needed to
321 // |platform_handles| (which may be null if no platform handles were indicated
322 // to be required to |StartSerialize()|). This may write no more than the
323 // amount indicated by |StartSerialize()|. (WARNING: Beware of races, e.g., if
324 // something can be mutated between the two calls!) Returns true on success,
325 // in which case |*actual_size| is set to the amount it actually wrote to
326 // |destination|. On failure, |*actual_size| should not be modified; however,
327 // the dispatcher will still be closed.
333 // This protects the following members as well as any state added by
334 // subclasses.
339 };
341 // Wrapper around a |Dispatcher| pointer, while it's being processed to be
342 // passed in a message pipe. See the comment about
343 // |Dispatcher::HandleTableAccess| for more details.
344 //
345 // Note: This class is deliberately "thin" -- no more expensive than a
346 // |Dispatcher*|.
358 }
373 // Copy and assign allowed.
374 };