| blob | a137824fe4ab9a45bafec5beea628a66876c02b5 |
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef MOJO_SYSTEM_DISPATCHER_H_
6 #define MOJO_SYSTEM_DISPATCHER_H_
8 #include <stddef.h>
9 #include <stdint.h>
11 #include <vector>
43 // Test helper. We need to declare it here so we can friend it.
49 // A |Dispatcher| implements Mojo primitives that are "attached" to a particular
50 // handle. This includes most (all?) primitives except for |MojoWait...()|. This
51 // object is thread-safe, with its state being protected by a single lock
52 // |lock_|, which is also made available to implementation subclasses (via the
53 // |lock()| method).
59 kTypeMessagePipe,
60 kTypeDataPipeProducer,
61 kTypeDataPipeConsumer,
62 kTypeSharedBuffer,
64 // "Private" types (not exposed via the public interface):
66 };
69 // These methods implement the various primitives named |Mojo...()|. These
70 // take |lock_| and handle races with |Close()|. Then they call out to
71 // subclasses' |...ImplNoLock()| methods (still under |lock_|), which actually
72 // implement the primitives.
73 // NOTE(vtl): This puts a big lock around each dispatcher (i.e., handle), and
74 // prevents the various |...ImplNoLock()|s from releasing the lock as soon as
75 // possible. If this becomes an issue, we can rethink this.
78 // |transports| may be non-null if and only if there are handles to be
79 // written; not that |this| must not be in |transports|. On success, all the
80 // dispatchers in |transports| must have been moved to a closed state; on
81 // failure, they should remain in their original state.
85 MojoWriteMessageFlags flags);
86 // |dispatchers| must be non-null but empty, if |num_dispatchers| is non-null
87 // and nonzero. On success, it will be set to the dispatchers to be received
88 // (and assigned handles) as part of the message.
93 MojoReadMessageFlags flags);
96 MojoWriteDataFlags flags);
99 MojoWriteDataFlags flags);
103 MojoReadDataFlags flags);
106 MojoReadDataFlags flags);
108 // |options| may be null. |new_dispatcher| must not be null, but
109 // |*new_dispatcher| should be null (and will contain the dispatcher for the
110 // new handle on success).
116 MojoMapBufferFlags flags,
119 // Adds a waiter to this dispatcher. The waiter will be woken up when this
120 // object changes state to satisfy |flags| with result |wake_result| (which
121 // must be >= 0, i.e., a success status). It will also be woken up when it
122 // becomes impossible for the object to ever satisfy |flags| with a suitable
123 // error status.
124 //
125 // Returns:
126 // - |MOJO_RESULT_OK| if the waiter was added;
127 // - |MOJO_RESULT_ALREADY_EXISTS| if |flags| is already satisfied;
128 // - |MOJO_RESULT_INVALID_ARGUMENT| if the dispatcher has been closed; and
129 // - |MOJO_RESULT_FAILED_PRECONDITION| if it is not (or no longer) possible
130 // that |flags| will ever be satisfied.
132 MojoWaitFlags flags,
133 MojoResult wake_result);
136 // A dispatcher must be put into a special state in order to be sent across a
137 // message pipe. Outside of tests, only |HandleTableAccess| is allowed to do
138 // this, since there are requirements on the handle table (see below).
139 //
140 // In this special state, only a restricted set of operations is allowed.
141 // These are the ones available as |DispatcherTransport| methods. Other
142 // |Dispatcher| methods must not be called until |DispatcherTransport::End()|
143 // has been called.
148 // Tests also need this, to avoid needing |Core|.
151 // This must be called under the handle table lock and only if the handle
152 // table entry is not marked busy. The caller must maintain a reference to
153 // |dispatcher| until |DispatcherTransport::End()| is called.
155 };
157 // A |TransportData| may serialize dispatchers that are given to it (and which
158 // were previously attached to the |MessageInTransit| that is creating it) to
159 // a given |Channel| and then (probably in a different process) deserialize.
160 // Note that the |MessageInTransit| "owns" (i.e., has the only ref to) these
161 // dispatchers, so there are no locking issues. (There's no lock ordering
162 // issue, and in fact no need to take dispatcher locks at all.)
163 // TODO(vtl): Consider making another wrapper similar to |DispatcherTransport|
164 // (but with an owning, unique reference), and having
165 // |CreateEquivalentDispatcherAndCloseImplNoLock()| return that wrapper (and
166 // |MessageInTransit|, etc. only holding on to such wrappers).
171 // Serialization API. These functions may only be called on such
172 // dispatchers. (|channel| is the |Channel| to which the dispatcher is to be
173 // serialized.) See the |Dispatcher| methods of the same names for more
174 // details.
186 // Deserialization API.
187 // Note: This "clears" (i.e., reset to the invalid handle) any platform
188 // handles that it takes ownership of.
195 };
203 // These are to be overridden by subclasses (if necessary). They are called
204 // exactly once -- first |CancelAllWaitersNoLock()|, then |CloseImplNoLock()|,
205 // when the dispatcher is being closed. They are called under |lock_|.
211 // These are to be overridden by subclasses (if necessary). They are never
212 // called after the dispatcher has been closed. They are called under |lock_|.
213 // See the descriptions of the methods without the "ImplNoLock" for more
214 // information.
219 MojoWriteMessageFlags flags);
224 MojoReadMessageFlags flags);
227 MojoWriteDataFlags flags);
230 MojoWriteDataFlags flags);
234 MojoReadDataFlags flags);
237 MojoReadDataFlags flags);
245 MojoMapBufferFlags flags,
248 MojoWaitFlags flags,
249 MojoResult wake_result);
252 // These implement the API used to serialize dispatchers to a |Channel|
253 // (described below). They will only be called on a dispatcher that's attached
254 // to and "owned" by a |MessageInTransit|. See the non-"impl" versions for
255 // more information.
256 //
257 // Note: |StartSerializeImplNoLock()| is actually called with |lock_| NOT
258 // held, since the dispatcher should only be accessible to the calling thread.
259 // On Debug builds, |EndSerializeAndCloseImplNoLock()| is called with |lock_|
260 // held, to satisfy any |lock_.AssertAcquired()| (e.g., in |CloseImplNoLock()|
261 // -- and anything it calls); disentangling those assertions is
262 // difficult/fragile, and would weaken our general checking of invariants.
263 //
264 // TODO(vtl): Consider making these pure virtual once most things support
265 // being passed over a message pipe.
275 // Available to subclasses. (Note: Returns a non-const reference, just like
276 // |base::AutoLock|'s constructor takes a non-const reference.)
282 // This should be overridden to return true if/when there's an ongoing
283 // operation (e.g., two-phase read/writes on data pipes) that should prevent a
284 // handle from being sent over a message pipe (with status "busy").
287 // Closes the dispatcher. This must be done under lock, and unlike |Close()|,
288 // the dispatcher must not be closed already. (This is the "equivalent" of
289 // |CreateEquivalentDispatcherAndCloseNoLock()|, for situations where the
290 // dispatcher must be disposed of instead of "transferred".)
293 // Creates an equivalent dispatcher -- representing the same resource as this
294 // dispatcher -- and close (i.e., disable) this dispatcher. I.e., this
295 // dispatcher will look as though it was closed, but the resource it
296 // represents will be assigned to the new dispatcher. This must be called
297 // under the dispatcher's lock.
300 // API to serialize dispatchers to a |Channel|, exposed to only
301 // |TransportData| (via |TransportData|). They may only be called on a
302 // dispatcher attached to a |MessageInTransit| (and in particular not in
303 // |CoreImpl|'s handle table).
304 //
305 // Starts the serialization. Returns (via the two "out" parameters) the
306 // maximum amount of space that may be needed to serialize this dispatcher to
307 // the given |Channel| (no more than
308 // |TransportData::kMaxSerializedDispatcherSize|) and the maximum number of
309 // |PlatformHandle|s that may need to be attached (no more than
310 // |TransportData::kMaxSerializedDispatcherPlatformHandles|). If this
311 // dispatcher cannot be serialized to the given |Channel|, |*max_size| and
312 // |*max_platform_handles| should be set to zero. A call to this method will
313 // ALWAYS be followed by a call to |EndSerializeAndClose()| (even if this
314 // dispatcher cannot be serialized to the given |Channel|).
318 // Completes the serialization of this dispatcher to the given |Channel| and
319 // closes it. (This call will always follow an earlier call to
320 // |StartSerialize()|, with the same |Channel|.) This does so by writing to
321 // |destination| and appending any |PlatformHandle|s needed to
322 // |platform_handles| (which may be null if no platform handles were indicated
323 // to be required to |StartSerialize()|). This may write no more than the
324 // amount indicated by |StartSerialize()|. (WARNING: Beware of races, e.g., if
325 // something can be mutated between the two calls!) Returns true on success,
326 // in which case |*actual_size| is set to the amount it actually wrote to
327 // |destination|. On failure, |*actual_size| should not be modified; however,
328 // the dispatcher will still be closed.
334 // This protects the following members as well as any state added by
335 // subclasses.
340 };
342 // Wrapper around a |Dispatcher| pointer, while it's being processed to be
343 // passed in a message pipe. See the comment about
344 // |Dispatcher::HandleTableAccess| for more details.
345 //
346 // Note: This class is deliberately "thin" -- no more expensive than a
347 // |Dispatcher*|.
359 }
374 // Copy and assign allowed.
375 };