| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef MOJO_SYSTEM_CHANNEL_ENDPOINT_H_ | |
| 6 #define MOJO_SYSTEM_CHANNEL_ENDPOINT_H_ | |
| 7 | |
| 8 #include "base/macros.h" | |
| 9 #include "base/memory/ref_counted.h" | |
| 10 #include "base/memory/scoped_ptr.h" | |
| 11 #include "base/synchronization/lock.h" | |
| 12 #include "mojo/embedder/platform_handle_vector.h" | |
| 13 #include "mojo/system/message_in_transit.h" | |
| 14 #include "mojo/system/message_in_transit_queue.h" | |
| 15 #include "mojo/system/system_impl_export.h" | |
| 16 | |
| 17 namespace mojo { | |
| 18 namespace system { | |
| 19 | |
| 20 class Channel; | |
| 21 class MessagePipe; | |
| 22 | |
| 23 // TODO(vtl): The plan: | |
| 24 // - (Done.) Move |Channel::Endpoint| to |ChannelEndpoint|. Make it | |
| 25 // refcounted, and not copyable. Make |Channel| a friend. Make things work. | |
| 26 // - (Done.) Give |ChannelEndpoint| a lock. The lock order (in order of | |
| 27 // allowable acquisition) is: |MessagePipe|, |ChannelEndpoint|, |Channel|. | |
| 28 // - Stop having |Channel| as a friend. | |
| 29 // - Move logic from |ProxyMessagePipeEndpoint| into |ChannelEndpoint|. Right | |
| 30 // now, we have to go through lots of contortions to manipulate state owned | |
| 31 // by |ProxyMessagePipeEndpoint| (in particular, |Channel::Endpoint| doesn't | |
| 32 // know about the remote ID; the local ID is duplicated in two places). | |
| 33 // Hollow out |ProxyMessagePipeEndpoint|, and have it just own a reference | |
| 34 // to |ChannelEndpoint| (hence the refcounting). | |
| 35 // - In essence, |ChannelEndpoint| becomes the thing that knows about | |
| 36 // channel-specific aspects of an endpoint (notably local and remote IDs, | |
| 37 // and knowledge about handshaking), and mediates between the |Channel| and | |
| 38 // the |MessagePipe|. | |
| 39 // - In the end state, |Channel| should no longer need to know about | |
| 40 // |MessagePipe| and ports (but only |ChannelEndpoint|) and | |
| 41 // |ProxyMessagePipeEndpoint| should no longer need to know about |Channel| | |
| 42 // (ditto). | |
| 43 // | |
| 44 // Things as they are now, before I change everything (TODO(vtl): update this | |
| 45 // comment appropriately): | |
| 46 // | |
| 47 // Terminology: | |
| 48 // - "Message pipe endpoint": In the implementation, a |MessagePipe| owns | |
| 49 // two |MessagePipeEndpoint| objects, one for each port. The | |
| 50 // |MessagePipeEndpoint| objects are only accessed via the |MessagePipe| | |
| 51 // (which has the lock), with the additional information of the port | |
| 52 // number. So as far as the channel is concerned, a message pipe endpoint | |
| 53 // is a pointer to a |MessagePipe| together with the port number. | |
| 54 // - The value of |port| in |EndpointInfo| refers to the | |
| 55 // |ProxyMessagePipeEndpoint| (i.e., the endpoint that is logically on | |
| 56 // the other side). Messages received by a channel for a message pipe | |
| 57 // are thus written to the *peer* of this port. | |
| 58 // - "Attached"/"detached": A message pipe endpoint is attached to a channel | |
| 59 // if it has a pointer to it. It must be detached before the channel gives | |
| 60 // up its pointer to it in order to break a reference cycle. (This cycle | |
| 61 // is needed to allow a channel to be shut down cleanly, without shutting | |
| 62 // down everything else first.) | |
| 63 // - "Running" (message pipe endpoint): A message pipe endpoint is running | |
| 64 // if messages written to it (via some |MessagePipeDispatcher|, to which | |
| 65 // some |MojoHandle| is assigned) are being transmitted through the | |
| 66 // channel. | |
| 67 // - Before a message pipe endpoint is run, it will queue messages. | |
| 68 // - When a message pipe endpoint is detached from a channel, it is also | |
| 69 // taken out of the running state. After that point, messages should | |
| 70 // no longer be written to it. | |
| 71 // - "Normal" message pipe endpoint (state): The channel itself does not | |
| 72 // have knowledge of whether a message pipe endpoint has started running | |
| 73 // yet. It will *receive* messages for a message pipe in either state (but | |
| 74 // the message pipe endpoint won't *send* messages to the channel if it | |
| 75 // has not started running). | |
| 76 // - "Zombie" message pipe endpoint (state): A message pipe endpoint is a | |
| 77 // zombie if it is still in |local_id_to_endpoint_info_map_|, but the | |
| 78 // channel is no longer forwarding messages to it (even if it may still be | |
| 79 // receiving messages for it). | |
| 80 // - There are various types of zombies, depending on the reason the | |
| 81 // message pipe endpoint cannot yet be removed. | |
| 82 // - If the remote side is closed, it will send a "remove" control | |
| 83 // message. After the channel receives that message (to which it | |
| 84 // responds with a "remove ack" control message), it knows that it | |
| 85 // shouldn't receive any more messages for that message pipe endpoint | |
| 86 // (local ID), but it must wait for the endpoint to detach. (It can't | |
| 87 // do so without a race, since it can't call into the message pipe | |
| 88 // under |lock_|.) [TODO(vtl): When I add remotely-allocated IDs, | |
| 89 // we'll have to remove the |EndpointInfo| from | |
| 90 // |local_id_to_endpoint_info_map_| -- i.e., remove the local ID, | |
| 91 // since it's no longer valid and may be reused by the remote side -- | |
| 92 // and keep the |EndpointInfo| alive in some other way.] | |
| 93 // - If the local side is closed and the message pipe endpoint was | |
| 94 // already running (so there are no queued messages left to send), it | |
| 95 // will detach the endpoint, and send a "remove" control message. | |
| 96 // However, the channel may still receive messages for that endpoint | |
| 97 // until it receives a "remove ack" control message. | |
| 98 // - If the local side is closed but the message pipe endpoint was not | |
| 99 // yet running , the detaching is delayed until after it is run and | |
| 100 // all the queued messages are sent to the channel. On being detached, | |
| 101 // things proceed as in one of the above cases. The endpoint is *not* | |
| 102 // a zombie until it is detached (or a "remove" message is received). | |
| 103 // [TODO(vtl): Maybe we can get rid of this case? It'd only not yet be | |
| 104 // running since under the current scheme it wouldn't have a remote ID | |
| 105 // yet.] | |
| 106 // - Note that even if the local side is closed, it may still receive a | |
| 107 // "remove" message from the other side (if the other side is closed | |
| 108 // simultaneously, and both sides send "remove" messages). In that | |
| 109 // case, it must still remain alive until it receives the "remove | |
| 110 // ack" (and it must ack the "remove" message that it received). | |
| 111 class MOJO_SYSTEM_IMPL_EXPORT ChannelEndpoint | |
| 112 : public base::RefCountedThreadSafe<ChannelEndpoint> { | |
| 113 public: | |
| 114 // TODO(vtl): More comments.... | |
| 115 ChannelEndpoint(MessagePipe* message_pipe, unsigned port); | |
| 116 | |
| 117 // Takes messages from the given |MessageInTransitQueue|. This must be called | |
| 118 // before this object is attached to a channel, and before anyone has a chance | |
| 119 // to enqueue any messages. | |
| 120 void TakeMessages(MessageInTransitQueue* message_queue); | |
| 121 | |
| 122 // Methods called by |MessagePipe| (via |ProxyMessagePipeEndpoint|): | |
| 123 | |
| 124 // TODO(vtl): This currently only works if we're "running". We'll move the | |
| 125 // "paused message queue" here (will this be needed when we have | |
| 126 // locally-allocated remote IDs?). | |
| 127 bool EnqueueMessage(scoped_ptr<MessageInTransit> message); | |
| 128 | |
| 129 void DetachFromMessagePipe(); | |
| 130 | |
| 131 // Methods called by |Channel|: | |
| 132 | |
| 133 // Called by |Channel| when it takes a reference to this object. | |
| 134 void AttachToChannel(Channel* channel, MessageInTransit::EndpointId local_id); | |
| 135 | |
| 136 // TODO(vtl): Combine this with |AttachToChannel()|. | |
| 137 void Run(MessageInTransit::EndpointId remote_id); | |
| 138 | |
| 139 // Called by |Channel| when it receives a message for the message pipe. | |
| 140 bool OnReadMessage(const MessageInTransit::View& message_view, | |
| 141 embedder::ScopedPlatformHandleVectorPtr platform_handles); | |
| 142 | |
| 143 // Called by |Channel| to notify that it'll no longer receive messages for the | |
| 144 // message pipe (i.e., |OnReadMessage()| will no longer be called). | |
| 145 // TODO(vtl): After more simplification, we might be able to get rid of this | |
| 146 // (and merge it with |DetachFromChannel()|). | |
| 147 void OnDisconnect(); | |
| 148 | |
| 149 // Called by |Channel| before it gives up its reference to this object. | |
| 150 void DetachFromChannel(); | |
| 151 | |
| 152 private: | |
| 153 enum State { | |
| 154 // Attached, possibly running or not. | |
| 155 STATE_NORMAL, | |
| 156 // "Zombie" states: | |
| 157 // Waiting for |DetachMessagePipeEndpoint()| before removing. | |
| 158 STATE_WAIT_LOCAL_DETACH, | |
| 159 // Waiting for a |kSubtypeChannelRemoveMessagePipeEndpointAck| before | |
| 160 // removing. | |
| 161 STATE_WAIT_REMOTE_REMOVE_ACK, | |
| 162 }; | |
| 163 | |
| 164 // TODO(vtl): This is totally temporary, until this becomes a proper | |
| 165 // self-contained class. See the plan above. | |
| 166 friend class Channel; | |
| 167 | |
| 168 friend class base::RefCountedThreadSafe<ChannelEndpoint>; | |
| 169 ~ChannelEndpoint(); | |
| 170 | |
| 171 // Must be called with |lock_| held. | |
| 172 bool WriteMessageNoLock(scoped_ptr<MessageInTransit> message); | |
| 173 | |
| 174 // TODO(vtl): Move these under lock. | |
| 175 State state_; | |
| 176 | |
| 177 // TODO(vtl): Move the things above under lock. | |
| 178 // Protects the members below. | |
| 179 base::Lock lock_; | |
| 180 | |
| 181 // |message_pipe_| must be valid whenever it is non-null. Before | |
| 182 // |*message_pipe_| gives up its reference to this object, it must call | |
| 183 // |DetachFromMessagePipe()|. | |
| 184 // NOTE: This is a |scoped_refptr<>|, rather than a raw pointer, since the | |
| 185 // |Channel| needs to keep the |MessagePipe| alive for the "proxy-proxy" case. | |
| 186 // Possibly we'll be able to eliminate that case when we have full | |
| 187 // multiprocess support. | |
| 188 // WARNING: |MessagePipe| methods must not be called under |lock_|. Thus to | |
| 189 // make such a call, a reference must first be taken under |lock_| and the | |
| 190 // lock released. | |
| 191 scoped_refptr<MessagePipe> message_pipe_; | |
| 192 unsigned port_; | |
| 193 | |
| 194 // |channel_| must be valid whenever it is non-null. Before |*channel_| gives | |
| 195 // up its reference to this object, it must call |DetachFromChannel()|. | |
| 196 Channel* channel_; | |
| 197 MessageInTransit::EndpointId local_id_; | |
| 198 MessageInTransit::EndpointId remote_id_; | |
| 199 | |
| 200 // This queue is used before we're running on a channel and ready to send | |
| 201 // messages. | |
| 202 MessageInTransitQueue paused_message_queue_; | |
| 203 | |
| 204 DISALLOW_COPY_AND_ASSIGN(ChannelEndpoint); | |
| 205 }; | |
| 206 | |
| 207 } // namespace system | |
| 208 } // namespace mojo | |
| 209 | |
| 210 #endif // MOJO_SYSTEM_CHANNEL_ENDPOINT_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 621153003:
Move mojo edk into mojo/edk (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master