| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef MOJO_EDK_SYSTEM_CHANNEL_ENDPOINT_H_ | |
| 6 #define MOJO_EDK_SYSTEM_CHANNEL_ENDPOINT_H_ | |
| 7 | |
| 8 #include "base/macros.h" | |
| 9 #include "base/memory/ref_counted.h" | |
| 10 #include "base/memory/scoped_ptr.h" | |
| 11 #include "base/synchronization/lock.h" | |
| 12 #include "mojo/edk/system/channel_endpoint_id.h" | |
| 13 #include "mojo/edk/system/message_in_transit_queue.h" | |
| 14 #include "mojo/edk/system/system_impl_export.h" | |
| 15 | |
| 16 namespace mojo { | |
| 17 namespace system { | |
| 18 | |
| 19 class Channel; | |
| 20 class ChannelEndpointClient; | |
| 21 class MessageInTransit; | |
| 22 | |
| 23 // TODO(vtl): The plan: | |
| 24 // - (Done.) Move |Channel::Endpoint| to |ChannelEndpoint|. Make it | |
| 25 // refcounted, and not copyable. Make |Channel| a friend. Make things work. | |
| 26 // - (Done.) Give |ChannelEndpoint| a lock. The lock order (in order of | |
| 27 // allowable acquisition) is: |MessagePipe|, |ChannelEndpoint|, |Channel|. | |
| 28 // - (Done) Stop having |Channel| as a friend. | |
| 29 // - (Done) Move logic from |ProxyMessagePipeEndpoint| into |ChannelEndpoint|. | |
| 30 // Right now, we have to go through lots of contortions to manipulate state | |
| 31 // owned by |ProxyMessagePipeEndpoint| (in particular, |Channel::Endpoint| | |
| 32 // doesn't know about the remote ID; the local ID is duplicated in two | |
| 33 // places). Hollow out |ProxyMessagePipeEndpoint|, and have it just own a | |
| 34 // reference to |ChannelEndpoint| (hence the refcounting). | |
| 35 // - In essence, |ChannelEndpoint| becomes the thing that knows about | |
| 36 // channel-specific aspects of an endpoint (notably local and remote IDs, | |
| 37 // and knowledge about handshaking), and mediates between the |Channel| and | |
| 38 // the |MessagePipe|. | |
| 39 // - In the end state, |Channel| should no longer need to know about | |
| 40 // |MessagePipe| and ports (but only |ChannelEndpoint|) and | |
| 41 // |ProxyMessagePipeEndpoint| should no longer need to know about |Channel| | |
| 42 // (ditto). | |
| 43 // | |
| 44 // Things as they are now, before I change everything (TODO(vtl): update this | |
| 45 // comment appropriately): | |
| 46 // | |
| 47 // Terminology: | |
| 48 // - "Message pipe endpoint": In the implementation, a |MessagePipe| owns | |
| 49 // two |MessagePipeEndpoint| objects, one for each port. The | |
| 50 // |MessagePipeEndpoint| objects are only accessed via the |MessagePipe| | |
| 51 // (which has the lock), with the additional information of the port | |
| 52 // number. So as far as the channel is concerned, a message pipe endpoint | |
| 53 // is a pointer to a |MessagePipe| together with the port number. | |
| 54 // - The value of |port| in |EndpointInfo| refers to the | |
| 55 // |ProxyMessagePipeEndpoint| (i.e., the endpoint that is logically on | |
| 56 // the other side). Messages received by a channel for a message pipe | |
| 57 // are thus written to the *peer* of this port. | |
| 58 // - "Attached"/"detached": A message pipe endpoint is attached to a channel | |
| 59 // if it has a pointer to it. It must be detached before the channel gives | |
| 60 // up its pointer to it in order to break a reference cycle. (This cycle | |
| 61 // is needed to allow a channel to be shut down cleanly, without shutting | |
| 62 // down everything else first.) | |
| 63 // - "Running" (message pipe endpoint): A message pipe endpoint is running | |
| 64 // if messages written to it (via some |MessagePipeDispatcher|, to which | |
| 65 // some |MojoHandle| is assigned) are being transmitted through the | |
| 66 // channel. | |
| 67 // - Before a message pipe endpoint is run, it will queue messages. | |
| 68 // - When a message pipe endpoint is detached from a channel, it is also | |
| 69 // taken out of the running state. After that point, messages should | |
| 70 // no longer be written to it. | |
| 71 // - "Normal" message pipe endpoint (state): The channel itself does not | |
| 72 // have knowledge of whether a message pipe endpoint has started running | |
| 73 // yet. It will *receive* messages for a message pipe in either state (but | |
| 74 // the message pipe endpoint won't *send* messages to the channel if it | |
| 75 // has not started running). | |
| 76 // - "Zombie" message pipe endpoint (state): A message pipe endpoint is a | |
| 77 // zombie if it is still in |local_id_to_endpoint_info_map_|, but the | |
| 78 // channel is no longer forwarding messages to it (even if it may still be | |
| 79 // receiving messages for it). | |
| 80 // - There are various types of zombies, depending on the reason the | |
| 81 // message pipe endpoint cannot yet be removed. | |
| 82 // - If the remote side is closed, it will send a "remove" control | |
| 83 // message. After the channel receives that message (to which it | |
| 84 // responds with a "remove ack" control message), it knows that it | |
| 85 // shouldn't receive any more messages for that message pipe endpoint | |
| 86 // (local ID), but it must wait for the endpoint to detach. (It can't | |
| 87 // do so without a race, since it can't call into the message pipe | |
| 88 // under |lock_|.) [TODO(vtl): When I add remotely-allocated IDs, | |
| 89 // we'll have to remove the |EndpointInfo| from | |
| 90 // |local_id_to_endpoint_info_map_| -- i.e., remove the local ID, | |
| 91 // since it's no longer valid and may be reused by the remote side -- | |
| 92 // and keep the |EndpointInfo| alive in some other way.] | |
| 93 // - If the local side is closed and the message pipe endpoint was | |
| 94 // already running (so there are no queued messages left to send), it | |
| 95 // will detach the endpoint, and send a "remove" control message. | |
| 96 // However, the channel may still receive messages for that endpoint | |
| 97 // until it receives a "remove ack" control message. | |
| 98 // - If the local side is closed but the message pipe endpoint was not | |
| 99 // yet running , the detaching is delayed until after it is run and | |
| 100 // all the queued messages are sent to the channel. On being detached, | |
| 101 // things proceed as in one of the above cases. The endpoint is *not* | |
| 102 // a zombie until it is detached (or a "remove" message is received). | |
| 103 // [TODO(vtl): Maybe we can get rid of this case? It'd only not yet be | |
| 104 // running since under the current scheme it wouldn't have a remote ID | |
| 105 // yet.] | |
| 106 // - Note that even if the local side is closed, it may still receive a | |
| 107 // "remove" message from the other side (if the other side is closed | |
| 108 // simultaneously, and both sides send "remove" messages). In that | |
| 109 // case, it must still remain alive until it receives the "remove | |
| 110 // ack" (and it must ack the "remove" message that it received). | |
| 111 class MOJO_SYSTEM_IMPL_EXPORT ChannelEndpoint | |
| 112 : public base::RefCountedThreadSafe<ChannelEndpoint> { | |
| 113 public: | |
| 114 // Constructor for a |ChannelEndpoint| with the given client (specified by | |
| 115 // |client| and |client_port|). Optionally takes messages from | |
| 116 // |*message_queue| if |message_queue| is non-null. | |
| 117 // | |
| 118 // |client| may be null if this endpoint will never need to receive messages, | |
| 119 // in which case |message_queue| should not be null. In that case, this | |
| 120 // endpoint will simply send queued messages upon being attached to a | |
| 121 // |Channel| and immediately detach itself. | |
| 122 ChannelEndpoint(ChannelEndpointClient* client, | |
| 123 unsigned client_port, | |
| 124 MessageInTransitQueue* message_queue = nullptr); | |
| 125 | |
| 126 // Methods called by |ChannelEndpointClient|: | |
| 127 | |
| 128 // Called to enqueue an outbound message. (If |AttachAndRun()| has not yet | |
| 129 // been called, the message will be enqueued and sent when |AttachAndRun()| is | |
| 130 // called.) | |
| 131 bool EnqueueMessage(scoped_ptr<MessageInTransit> message); | |
| 132 | |
| 133 // Called to *replace* current client with a new client (which must differ | |
| 134 // from the existing client). This must not be called after | |
| 135 // |DetachFromClient()| has been called. | |
| 136 // | |
| 137 // This returns true in the typical case, and false if this endpoint has been | |
| 138 // detached from the channel, in which case the caller should probably call | |
| 139 // its (new) client's |OnDetachFromChannel()|. | |
| 140 bool ReplaceClient(ChannelEndpointClient* client, unsigned client_port); | |
| 141 | |
| 142 // Called before the |ChannelEndpointClient| gives up its reference to this | |
| 143 // object. | |
| 144 void DetachFromClient(); | |
| 145 | |
| 146 // Methods called by |Channel|: | |
| 147 | |
| 148 // Called when the |Channel| takes a reference to this object. This will send | |
| 149 // all queue messages (in |channel_message_queue_|). | |
| 150 // TODO(vtl): Maybe rename this "OnAttach"? | |
| 151 void AttachAndRun(Channel* channel, | |
| 152 ChannelEndpointId local_id, | |
| 153 ChannelEndpointId remote_id); | |
| 154 | |
| 155 // Called when the |Channel| receives a message for the |ChannelEndpoint|. | |
| 156 void OnReadMessage(scoped_ptr<MessageInTransit> message); | |
| 157 | |
| 158 // Called before the |Channel| gives up its reference to this object. | |
| 159 void DetachFromChannel(); | |
| 160 | |
| 161 private: | |
| 162 friend class base::RefCountedThreadSafe<ChannelEndpoint>; | |
| 163 ~ChannelEndpoint(); | |
| 164 | |
| 165 // Must be called with |lock_| held. | |
| 166 bool WriteMessageNoLock(scoped_ptr<MessageInTransit> message); | |
| 167 | |
| 168 // Resets |channel_| to null (and sets |is_detached_from_channel_|). This may | |
| 169 // only be called if |channel_| is non-null. Must be called with |lock_| held. | |
| 170 void ResetChannelNoLock(); | |
| 171 | |
| 172 // Protects the members below. | |
| 173 base::Lock lock_; | |
| 174 | |
| 175 // |client_| must be valid whenever it is non-null. Before |*client_| gives up | |
| 176 // its reference to this object, it must call |DetachFromClient()|. | |
| 177 // NOTE: This is a |scoped_refptr<>|, rather than a raw pointer, since the | |
| 178 // |Channel| needs to keep the |MessagePipe| alive for the "proxy-proxy" case. | |
| 179 // Possibly we'll be able to eliminate that case when we have full | |
| 180 // multiprocess support. | |
| 181 // WARNING: |ChannelEndpointClient| methods must not be called under |lock_|. | |
| 182 // Thus to make such a call, a reference must first be taken under |lock_| and | |
| 183 // the lock released. | |
| 184 // WARNING: Beware of interactions with |ReplaceClient()|. By the time the | |
| 185 // call is made, the client may have changed. This must be detected and dealt | |
| 186 // with. | |
| 187 scoped_refptr<ChannelEndpointClient> client_; | |
| 188 unsigned client_port_; | |
| 189 | |
| 190 // |channel_| must be valid whenever it is non-null. Before |*channel_| gives | |
| 191 // up its reference to this object, it must call |DetachFromChannel()|. | |
| 192 // |local_id_| and |remote_id_| are valid if and only |channel_| is non-null. | |
| 193 Channel* channel_; | |
| 194 ChannelEndpointId local_id_; | |
| 195 ChannelEndpointId remote_id_; | |
| 196 // This distinguishes the two cases of |channel| being null: not yet attached | |
| 197 // versus detached. | |
| 198 bool is_detached_from_channel_; | |
| 199 | |
| 200 // This queue is used before we're running on a channel and ready to send | |
| 201 // messages to the channel. | |
| 202 MessageInTransitQueue channel_message_queue_; | |
| 203 | |
| 204 DISALLOW_COPY_AND_ASSIGN(ChannelEndpoint); | |
| 205 }; | |
| 206 | |
| 207 } // namespace system | |
| 208 } // namespace mojo | |
| 209 | |
| 210 #endif // MOJO_EDK_SYSTEM_CHANNEL_ENDPOINT_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 814543006:
Move //mojo/{public, edk} underneath //third_party (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master