1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "content/renderer/pepper/pepper_in_process_router.h" 6 7 #include "base/bind.h" 8 #include "base/message_loop/message_loop.h" 9 #include "content/public/renderer/render_thread.h" 10 #include "content/renderer/pepper/renderer_ppapi_host_impl.h" 11 #include "content/renderer/render_frame_impl.h" 12 #include "ipc/ipc_message.h" 13 #include "ipc/ipc_sender.h" 14 #include "ppapi/proxy/ppapi_messages.h" 15 #include "ppapi/shared_impl/ppapi_globals.h" 16 #include "ppapi/shared_impl/resource_tracker.h" 17 18 using ppapi::UnpackMessage; 19 20 namespace content { 21 22 class PepperInProcessRouter::Channel : public IPC::Sender { 23 public: 24 Channel(const base::Callback<bool(IPC::Message*)>& callback) 25 : callback_(callback) {} 26 27 virtual ~Channel() {} 28 29 virtual bool Send(IPC::Message* message) OVERRIDE { 30 return callback_.Run(message); 31 } 32 33 private: 34 base::Callback<bool(IPC::Message*)> callback_; 35 }; 36 37 PepperInProcessRouter::PepperInProcessRouter(RendererPpapiHostImpl* host_impl) 38 : host_impl_(host_impl), 39 pending_message_id_(0), 40 reply_result_(false), 41 weak_factory_(this) { 42 browser_channel_.reset(new Channel(base::Bind( 43 &PepperInProcessRouter::SendToBrowser, base::Unretained(this)))); 44 host_to_plugin_router_.reset(new Channel(base::Bind( 45 &PepperInProcessRouter::SendToPlugin, base::Unretained(this)))); 46 plugin_to_host_router_.reset(new Channel( 47 base::Bind(&PepperInProcessRouter::SendToHost, base::Unretained(this)))); 48 } 49 50 PepperInProcessRouter::~PepperInProcessRouter() {} 51 52 IPC::Sender* PepperInProcessRouter::GetPluginToRendererSender() { 53 return plugin_to_host_router_.get(); 54 } 55 56 IPC::Sender* PepperInProcessRouter::GetRendererToPluginSender() { 57 return host_to_plugin_router_.get(); 58 } 59 60 ppapi::proxy::Connection PepperInProcessRouter::GetPluginConnection( 61 PP_Instance instance) { 62 int routing_id = 0; 63 RenderFrame* frame = host_impl_->GetRenderFrameForInstance(instance); 64 if (frame) 65 routing_id = frame->GetRoutingID(); 66 return ppapi::proxy::Connection( 67 browser_channel_.get(), plugin_to_host_router_.get(), routing_id); 68 } 69 70 // static 71 bool PepperInProcessRouter::OnPluginMsgReceived(const IPC::Message& msg) { 72 // Emulate the proxy by dispatching the relevant message here. 73 ppapi::proxy::ResourceMessageReplyParams reply_params; 74 IPC::Message nested_msg; 75 76 if (msg.type() == PpapiPluginMsg_ResourceReply::ID) { 77 // Resource reply from the renderer (no routing id). 78 if (!UnpackMessage<PpapiPluginMsg_ResourceReply>( 79 msg, &reply_params, &nested_msg)) { 80 NOTREACHED(); 81 return false; 82 } 83 } else if (msg.type() == PpapiHostMsg_InProcessResourceReply::ID) { 84 // Resource reply from the browser (has a routing id). 85 if (!UnpackMessage<PpapiHostMsg_InProcessResourceReply>( 86 msg, &reply_params, &nested_msg)) { 87 NOTREACHED(); 88 return false; 89 } 90 } else { 91 return false; 92 } 93 ppapi::Resource* resource = 94 ppapi::PpapiGlobals::Get()->GetResourceTracker()->GetResource( 95 reply_params.pp_resource()); 96 // If the resource doesn't exist, it may have been destroyed so just ignore 97 // the message. 98 if (resource) 99 resource->OnReplyReceived(reply_params, nested_msg); 100 return true; 101 } 102 103 bool PepperInProcessRouter::SendToHost(IPC::Message* msg) { 104 scoped_ptr<IPC::Message> message(msg); 105 106 if (!message->is_sync()) { 107 // If this is a resource destroyed message, post a task to dispatch it. 108 // Dispatching it synchronously can cause the host to re-enter the proxy 109 // code while we're still in the resource destructor, leading to a crash. 110 // http://crbug.com/276368. 111 // This won't cause message reordering problems because the resource 112 // destroyed message is always the last one sent for a resource. 113 if (message->type() == PpapiHostMsg_ResourceDestroyed::ID) { 114 base::MessageLoop::current()->PostTask( 115 FROM_HERE, 116 base::Bind(&PepperInProcessRouter::DispatchHostMsg, 117 weak_factory_.GetWeakPtr(), 118 base::Owned(message.release()))); 119 return true; 120 } else { 121 bool result = host_impl_->GetPpapiHost()->OnMessageReceived(*message); 122 DCHECK(result) << "The message was not handled by the host."; 123 return true; 124 } 125 } 126 127 pending_message_id_ = IPC::SyncMessage::GetMessageId(*message); 128 reply_deserializer_.reset( 129 static_cast<IPC::SyncMessage*>(message.get())->GetReplyDeserializer()); 130 reply_result_ = false; 131 132 bool result = host_impl_->GetPpapiHost()->OnMessageReceived(*message); 133 DCHECK(result) << "The message was not handled by the host."; 134 135 pending_message_id_ = 0; 136 reply_deserializer_.reset(NULL); 137 return reply_result_; 138 } 139 140 bool PepperInProcessRouter::SendToPlugin(IPC::Message* msg) { 141 scoped_ptr<IPC::Message> message(msg); 142 CHECK(!msg->is_sync()); 143 if (IPC::SyncMessage::IsMessageReplyTo(*message, pending_message_id_)) { 144 if (!msg->is_reply_error()) 145 reply_result_ = reply_deserializer_->SerializeOutputParameters(*message); 146 } else { 147 CHECK(!pending_message_id_); 148 // Dispatch plugin messages from the message loop. 149 base::MessageLoop::current()->PostTask( 150 FROM_HERE, 151 base::Bind(&PepperInProcessRouter::DispatchPluginMsg, 152 weak_factory_.GetWeakPtr(), 153 base::Owned(message.release()))); 154 } 155 return true; 156 } 157 158 void PepperInProcessRouter::DispatchHostMsg(IPC::Message* msg) { 159 bool handled = host_impl_->GetPpapiHost()->OnMessageReceived(*msg); 160 DCHECK(handled); 161 } 162 163 void PepperInProcessRouter::DispatchPluginMsg(IPC::Message* msg) { 164 bool handled = OnPluginMsgReceived(*msg); 165 DCHECK(handled); 166 } 167 168 bool PepperInProcessRouter::SendToBrowser(IPC::Message* msg) { 169 return RenderThread::Get()->Send(msg); 170 } 171 172 } // namespace content 173
