1 // Copyright 2017 The Fuchsia Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef ZIRCON_FIDL_H_ 6 #define ZIRCON_FIDL_H_ 7 8 #include <assert.h> 9 #include <stdalign.h> 10 #include <stdint.h> 11 12 #include <zircon/compiler.h> 13 #include <zircon/types.h> 14 15 __BEGIN_CDECLS 16 17 // Fidl data types have a representation in a wire format. This wire 18 // format is shared by all language bindings, including C11 and C++14. 19 // 20 // The C bindings also define a representation of fidl data types. For 21 // a given type, the size and alignment of all parts of the type agree 22 // with the wire format's representation. The C representation differs 23 // in the representation of pointers to out-of-line allocations. On 24 // the wire, allocations are encoded as either present or not. In C, 25 // they are actual pointers. The C representation also places any 26 // transferred handle types (including requests) inline. The wire 27 // format tracks handles separately, just like the underlying channel 28 // transport does. 29 // 30 // Turning the wire format into the C format is called decoding. 31 // 32 // Turning the C format into the wire format is called encoding. 33 // 34 // The formats are designed to allow for in-place coding, assuming all 35 // out-of-line allocations placed are in traversal order (defined 36 // below) with natural alignment. 37 38 // Bounds. 39 40 // Various fidl types, such as strings and vectors, may be bounded. If 41 // no explicit bound is given, then FIDL_MAX_SIZE is implied. 42 43 #define FIDL_MAX_SIZE UINT32_MAX 44 45 // Out of line allocations. 46 47 // The fidl wire format represents potential out-of-line allocations 48 // (corresponding to actual pointer types in the C format) as 49 // uintptr_t. For allocations that are actually present and that will 50 // be patched up with pointers during decoding, the FIDL_ALLOC_PRESENT 51 // value is used. For non-present nullable allocations, the 52 // FIDL_ALLOC_ABSENT value is used. 53 54 #define FIDL_ALLOC_PRESENT ((uintptr_t)UINTPTR_MAX) 55 #define FIDL_ALLOC_ABSENT ((uintptr_t)0) 56 57 // Out of line allocations are all 8 byte aligned. 58 #define FIDL_ALIGNMENT ((size_t)8) 59 #define FIDL_ALIGN(a) (((a) + 7) & ~7) 60 #define FIDL_ALIGNDECL alignas(FIDL_ALIGNMENT) 61 62 // An opaque struct representing the encoding of a particular fidl 63 // type. 64 typedef struct fidl_type fidl_type_t; 65 66 // Primitive types. 67 68 // Both on the wire and once deserialized, primitive fidl types 69 // correspond directly to C types. There is no intermediate layer of 70 // typedefs. For instance, fidl's float64 is generated as double. 71 72 // All primitive types are non-nullable. 73 74 // All primitive types are naturally sized and aligned on the wire. 75 76 // fidl C Meaning. 77 // --------------------------------------------- 78 // bool bool A boolean. 79 // int8 int8_t An 8 bit signed integer. 80 // int16 int16_t A 16 bit signed integer. 81 // int32 int32_t A 32 bit signed integer. 82 // int64 int64_t A 64 bit signed integer. 83 // uint8 uint8_t An 8 bit unsigned integer. 84 // uint16 uint16_t A 16 bit unsigned integer. 85 // uint32 uint32_t A 32 bit unsigned integer. 86 // uint64 uint64_t A 64 bit unsigned integer. 87 // float32 float A 32 bit IEEE-754 float. 88 // float64 double A 64 bit IEEE-754 float. 89 90 // Enums. 91 92 // Fidl enums have an undering integer type (one of int8, int16, 93 // int32, int64, uint8, uint16, uint32, or uint64). The wire format of 94 // an enum and the C format of an enum are the same as the 95 // corresponding primitive type. 96 97 // String types. 98 99 // Fidl strings are variable-length UTF-8 strings. Strings can be 100 // nullable (string?) or nonnullable (string); if nullable, the null 101 // string is distinct from the empty string. Strings can be bounded to 102 // a fixed byte length (e.g. string:40? is a nullable string of at 103 // most 40 bytes). 104 105 // Strings are not guaranteed to be nul terminated. Strings can 106 // contain embedded nuls throughout their length. 107 108 // The fidl wire format dictates that strings are valid UTF-8. It is 109 // up to clients to provide well-formed UTF-8 and servers to check for 110 // it. Message encoding and decoding can, but does not by default, 111 // perform this check. 112 113 // All deserialized string types are represented by the fidl_string_t 114 // structure. This structure consists of a size (in bytes) and a 115 // pointer to an out-of-line allocation of uint8_t, guaranteed to be 116 // at least as long as the length. 117 118 // The bound on a string type is not present in the serialized format, 119 // but is checked as part of validation. 120 121 typedef struct fidl_string { 122 // Number of UTF-8 code units (bytes), must be 0 if |data| is null. 123 uint64_t size; 124 125 // Pointer to UTF-8 code units (bytes) or null 126 char* data; 127 } fidl_string_t; 128 129 // When encoded, an absent nullable string is represented as a 130 // fidl_string_t with size 0 and FIDL_ALLOC_ABSENT data, with no 131 // out-of-line allocation associated with it. A present string 132 // (nullable or not) is represented as a fidl_string_t with some size 133 // and with data equal to FIDL_ALLOC_PRESENT, which the decoding 134 // process replaces with an actual pointer to the next out-of-line 135 // allocation. 136 137 // All string types: 138 139 // fidl C Meaning 140 // ----------------------------------------------------------------- 141 // string fidl_string_t A string of arbitrary length. 142 // string? fidl_string_t An optional string of arbitrary length. 143 // string:N fidl_string_t A string up to N bytes long. 144 // string:N? fidl_string_t An optional string up to N bytes long. 145 146 // Arrays. 147 148 // On the wire, an array of N objects of type T (array<T, N>) is 149 // represented the same as N contiguous Ts. Equivalently, it is 150 // represented the same as a nonnullable struct containing N fields 151 // all of type T. 152 153 // In C, this is just represented as a C array of the corresponding C 154 // type. 155 156 // Vector types. 157 158 // Fidl vectors are variable-length arrays of a given type T. Vectors 159 // can be nullable (vector<T>?) or nonnullable (vector<T>); if 160 // nullable, the null vector is distinct from the empty 161 // vector. Vectors can be bounded to a fixed element length 162 // (e.g. vector<T>:40? is a nullable vector of at most 40 Ts). 163 164 // All deserialized vector types are represented by the fidl_vector_t 165 // structure. This structure consists of a count and a pointer to the 166 // bytes. 167 168 // The bound on a vector type is not present in the serialized format, 169 // but is checked as part of validation. 170 171 typedef struct fidl_vector { 172 // Number of elements, must be 0 if |data| is null. 173 uint64_t count; 174 175 // Pointer to element data or null. 176 void* data; 177 } fidl_vector_t; 178 179 // When encoded, an absent nullable vector is represented as a 180 // fidl_vector_t with size 0 and FIDL_ALLOC_ABSENT data, with no 181 // out-of-line allocation associated with it. A present vector 182 // (nullable or not) is represented as a fidl_vector_t with some size 183 // and with data equal to FIDL_ALLOC_PRESENT, which the decoding 184 // process replaces with an actual pointer to the next out-of-line 185 // allocation. 186 187 // All vector types: 188 189 // fidl C Meaning 190 // -------------------------------------------------------------------------- 191 // vector<T> fidl_vector_t A vector of T, of arbitrary length. 192 // vector<T>? fidl_vector_t An optional vector of T, of arbitrary length. 193 // vector<T>:N fidl_vector_t A vector of T, up to N elements. 194 // vector<T>:N? fidl_vector_t An optional vector of T, up to N elements. 195 196 // Handle types. 197 198 // Handle types are encoded directly. Just like primitive types, there 199 // is no fidl-specific handle type. Generated fidl structures simply 200 // mention zx_handle_t. 201 202 // Handle types are either nullable (handle?), or not (handle); and 203 // either explicitly typed (e.g. handle<Channel> or handle<Job>), or 204 // not. 205 206 // All fidl handle types, regardless of subtype, are represented as 207 // zx_handle_t. The encoding tables do know the handle subtypes, 208 // however, for clients which wish to perform explicit checking. 209 210 // The following are the possible handle subtypes. 211 212 // process 213 // thread 214 // vmo 215 // channel 216 // event 217 // port 218 // interrupt 219 // iomap 220 // pci 221 // log 222 // socket 223 // resource 224 // eventpair 225 // job 226 // vmar 227 // fifo 228 // hypervisor 229 // guest 230 // timer 231 232 // All handle types are 4 byte sized and aligned on the wire. 233 234 // When encoded, absent nullable handles are represented as 235 // FIDL_HANDLE_ABSENT. Present handles, whether nullable or not, are 236 // represented as FIDL_HANDLE_PRESENT, which the decoding process will 237 // overwrite with the next handle value in the channel message. 238 239 #define FIDL_HANDLE_ABSENT ((zx_handle_t)ZX_HANDLE_INVALID) 240 #define FIDL_HANDLE_PRESENT ((zx_handle_t)UINT32_MAX) 241 242 // fidl C Meaning 243 // ------------------------------------------------------------------ 244 // handle zx_handle_t Any valid handle. 245 // handle? zx_handle_t Any valid handle, or ZX_HANDLE_INVALID. 246 // handle<T> zx_handle_t Any valid T handle. 247 // handle<T>? zx_handle_t Any valid T handle, or ZX_HANDLE_INVALID. 248 249 // Unions. 250 251 // Fidl unions are a tagged sum type. The tag is a 4 bytes. For every 252 // union type, the fidl compiler generates an enum representing the 253 // different variants of the enum. This is followed, in C and on the 254 // wire, by large enough and aligned enough storage for all members of 255 // the union. 256 257 // Unions may be nullable. Nullable unions are represented as a 258 // pointer to an out of line allocation of tag-and-member. As with 259 // other out-of-line allocations, ones present on the wire take the 260 // value FIDL_ALLOC_PRESENT and those that are not are represented by 261 // FIDL_ALLOC_NULL. Nonnullable unions are represented inline as a 262 // tag-and-member. 263 264 // For each fidl union type, a corresponding C type is generated. They 265 // are all structs consisting of a fidl_union_tag_t discriminant, 266 // followed by an anonymous union of all the union members. 267 268 typedef uint32_t fidl_union_tag_t; 269 270 // fidl C Meaning 271 // -------------------------------------------------------------------- 272 // union foo {...} struct union_foo { An inline union. 273 // fidl_union_tag_t tag; 274 // union {...}; 275 // } 276 // 277 // union foo {...}? struct union_foo* A pointer to a 278 // union_foo, or else 279 // FIDL_ALLOC_ABSENT. 280 281 // Messages. 282 283 // All fidl messages share a common 16 byte header. 284 285 typedef struct fidl_message_header { 286 zx_txid_t txid; 287 // This reserved word is used by Epitaphs to represent an error value. 288 uint32_t reserved0; 289 uint32_t flags; 290 uint32_t ordinal; 291 } fidl_message_header_t; 292 293 // Messages which do not have a response use zero as a special 294 // transaction id. 295 296 #define FIDL_TXID_NO_RESPONSE 0ul 297 298 // The system reserves the high half of the ordinal space. 299 300 #define FIDL_ORD_SYSTEM_MASK 0x80000000ul 301 302 // A FIDL message. 303 typedef struct fidl_msg { 304 // The bytes of the message. 305 // 306 // The bytes of the message might be in the encoded or decoded form. 307 // Functions that take a |fidl_msg_t| as an argument should document whether 308 // the expect encoded or decoded messages. 309 // 310 // See |num_bytes| for the number of bytes in the message. 311 void* bytes; 312 313 // The handles of the message. 314 // 315 // See |num_bytes| for the number of bytes in the message. 316 zx_handle_t* handles; 317 318 // The number of bytes in |bytes|. 319 uint32_t num_bytes; 320 321 // The number of handles in |handles|. 322 uint32_t num_handles; 323 } fidl_msg_t; 324 325 // An outstanding FIDL transaction. 326 typedef struct fidl_txn fidl_txn_t; 327 struct fidl_txn { 328 // Replies to the outstanding request and complete the FIDL transaction. 329 // 330 // Pass the |fidl_txn_t| object itself as the first parameter. The |msg| 331 // should already be encoded. This function always consumes any handles 332 // present in |msg|. 333 // 334 // Call |reply| only once for each |txn| object. After |reply| returns, the 335 // |txn| object is considered invalid and might have been freed or reused 336 // for another purpose. 337 zx_status_t (*reply)(fidl_txn_t* txn, const fidl_msg_t* msg); 338 }; 339 340 // An epitaph is a message that a server sends just prior to closing the 341 // connection. It provides an indication of why the connection is being closed. 342 // Epitaphs are defined in the FIDL wire format specification. Once sent down 343 // the wire, the channel should be closed. 344 typedef struct fidl_epitaph { 345 FIDL_ALIGNDECL 346 347 // The error associated with this epitaph is stored in the reserved word of 348 // the message header. System errors must be constants of type zx_status_t, 349 // which are all negative. Positive numbers should be used for application 350 // errors. A value of ZX_OK indicates no error. 351 fidl_message_header_t hdr; 352 } fidl_epitaph_t; 353 354 // This ordinal value is reserved for Epitaphs. 355 #define FIDL_EPITAPH_ORDINAL 0xFFFFFFFF 356 357 // Assumptions. 358 359 // Ensure that FIDL_ALIGNMENT is sufficient. 360 static_assert(alignof(bool) <= FIDL_ALIGNMENT, ""); 361 static_assert(alignof(int8_t) <= FIDL_ALIGNMENT, ""); 362 static_assert(alignof(int16_t) <= FIDL_ALIGNMENT, ""); 363 static_assert(alignof(int32_t) <= FIDL_ALIGNMENT, ""); 364 static_assert(alignof(int64_t) <= FIDL_ALIGNMENT, ""); 365 static_assert(alignof(uint8_t) <= FIDL_ALIGNMENT, ""); 366 static_assert(alignof(uint16_t) <= FIDL_ALIGNMENT, ""); 367 static_assert(alignof(uint32_t) <= FIDL_ALIGNMENT, ""); 368 static_assert(alignof(uint64_t) <= FIDL_ALIGNMENT, ""); 369 static_assert(alignof(float) <= FIDL_ALIGNMENT, ""); 370 static_assert(alignof(double) <= FIDL_ALIGNMENT, ""); 371 static_assert(alignof(void*) <= FIDL_ALIGNMENT, ""); 372 static_assert(alignof(fidl_union_tag_t) <= FIDL_ALIGNMENT, ""); 373 static_assert(alignof(fidl_message_header_t) <= FIDL_ALIGNMENT, ""); 374 375 __END_CDECLS 376 377 #endif // ZIRCON_FIDL_H_ 378