VirtualBox

Browse Source

Changeset 75798 in vbox

Timestamp:

Nov 28, 2018 11:47:11 PM (6 years ago)

Author:

vboxsync

Message:

VBoxGuestControl: Optimizing message handling - part 1. bugref:9313

Location:

Files:

: 10 edited

include/VBox/HostServices/GuestControlSvc.h (modified) (9 diffs)
include/VBox/VBoxGuestLib.h (modified) (1 diff)
src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibGuestCtrl.cpp (modified) (3 diffs)
src/VBox/Additions/common/VBoxService/VBoxServiceControl.cpp (modified) (1 diff)
src/VBox/Additions/common/VBoxService/VBoxServiceControlSession.cpp (modified) (2 diffs)
src/VBox/HostServices/GuestControl/service.cpp (modified) (43 diffs)
src/VBox/Main/include/GuestSessionImpl.h (modified) (1 diff)
src/VBox/Main/src-client/GuestCtrlPrivate.cpp (modified) (2 diffs)
src/VBox/Main/src-client/GuestSessionImpl.cpp (modified) (4 diffs)
src/VBox/Main/src-client/HGCMThread.cpp (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/include/VBox/HostServices/GuestControlSvc.h

-              r75757
+              r75798
 } VBOXGUESTCTRLHOSTCALLBACK, *PVBOXGUESTCTRLHOSTCALLBACK;
+/** @name Host message destiation flags.
+ *
+ * This is ORed into the context ID parameter Main after extending it to 64-bit.
+ *
+ * @internal Host internal.
+ * @{ */
+#define VBOX_GUESTCTRL_DST_ROOT_SVC     RT_BIT_64(63)
+#define VBOX_GUESTCTRL_DST_SESSION      RT_BIT_64(62)
+#define VBOX_GUESTCTRL_DST_BOTH         ( VBOX_GUESTCTRL_DST_ROOT_SVC | VBOX_GUESTCTRL_DST_SESSION )
+/** @} */
 /**
  * The service functions which are callable by host.
 …
 };
+/**
+ * Translates a guest control host function function enum to at string.
+ * @returns Enum string name.
+ * @param   enmFunction     The function name to translate.
+ */
+DECLINLINE(const char *) GstCtrlHostFnName(enum eHostFn enmFunction)
+{
+    switch (enmFunction)
+    {
+        RT_CASE_RET_STR(HOST_CANCEL_PENDING_WAITS);
+        RT_CASE_RET_STR(HOST_SESSION_CREATE);
+        RT_CASE_RET_STR(HOST_SESSION_CLOSE);
+        RT_CASE_RET_STR(HOST_EXEC_CMD);
+        RT_CASE_RET_STR(HOST_EXEC_SET_INPUT);
+        RT_CASE_RET_STR(HOST_EXEC_GET_OUTPUT);
+        RT_CASE_RET_STR(HOST_EXEC_TERMINATE);
+        RT_CASE_RET_STR(HOST_EXEC_WAIT_FOR);
+        RT_CASE_RET_STR(HOST_FILE_OPEN);
+        RT_CASE_RET_STR(HOST_FILE_CLOSE);
+        RT_CASE_RET_STR(HOST_FILE_READ);
+        RT_CASE_RET_STR(HOST_FILE_READ_AT);
+        RT_CASE_RET_STR(HOST_FILE_WRITE);
+        RT_CASE_RET_STR(HOST_FILE_WRITE_AT);
+        RT_CASE_RET_STR(HOST_FILE_SEEK);
+        RT_CASE_RET_STR(HOST_FILE_TELL);
+        RT_CASE_RET_STR(HOST_DIR_REMOVE);
+        RT_CASE_RET_STR(HOST_PATH_RENAME);
+        RT_CASE_RET_STR(HOST_PATH_USER_DOCUMENTS);
+        RT_CASE_RET_STR(HOST_PATH_USER_HOME);
+    }
+    return "Unknown";
+}
 /**
  * The service functions which are called by guest. The numbers may not change,
 …
 enum eGuestFn
+{
+    /**
+     * Guest waits for a new message the host wants to process on the guest side.
+    /** Guest waits for a new message the host wants to process on the guest side.
      * This is a blocking call and can be deferred.
+     *
 …
      */
     GUEST_MSG_WAIT = 1,
+    /**
+     * Guest asks the host to cancel all pending waits the guest itself waits on.
+     * This becomes necessary when the guest wants to quit but still waits for
+     * commands from the host.
+     */
+    GUEST_CANCEL_PENDING_WAITS = 2,
+    /**
+     * Guest disconnected (terminated normally or due to a crash HGCM
+    /** Cancels pending calls for this client session.
+     *
+     * This should be used if a GUEST_MSG_PEEK_WAIT or GUEST_MSG_WAIT call gets
+     * interrupted on the client end, so as to prevent being rebuffed with
+     * VERR_RESOURCE_BUSY when restarting the call.
+     *
+     * @retval  VINF_SUCCESS if cancelled any calls.
+     * @retval  VWRN_NOT_FOUND if no callers.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @since   6.0
+     */
+    GUEST_MSG_CANCEL = 2,
+    /** Guest disconnected (terminated normally or due to a crash HGCM
      * detected when calling service::clientDisconnect().
+     *
+     * @note This is a host side notification message that has no business in this
+     *       enum.  The guest cannot use this function number, host will reject it.
      */
     GUEST_DISCONNECTED = 3,
+    /**
+     * Sets a message filter to only get messages which have a certain
+    /** Sets a message filter to only get messages which have a certain
      * context ID scheme (that is, a specific session, object etc).
      * Since VBox 4.3+.
+     * @deprecated  Replaced by GUEST_SESSION_ACCEPT.
      */
     GUEST_MSG_FILTER_SET = 4,
+    /**
+     * Unsets (and resets) a previously set message filter.
+    /** Unsets (and resets) a previously set message filter.
+     * @retval  VERR_NOT_IMPLEMENTED since 6.0.
+     * @deprecated  Never needed or used,
      */
     GUEST_MSG_FILTER_UNSET = 5,
-    /**
-     * Skips the current assigned message returned by GUEST_MSG_WAIT.
-     * Needed for telling the host service to not keep stale
-     * host commands in the queue.
-     */
-    GUEST_MSG_SKIP = 10,
-    /**
-     * General reply to a host message. Only contains basic data
-     * along with a simple payload.
-     */
-    GUEST_MSG_REPLY = 11,
-    /**
-     * General message for updating a pending progress for
-     * a long task.
-     */
-    GUEST_MSG_PROGRESS_UPDATE = 12,
     /** Peeks at the next message, returning immediately.
+     *
 …
      * @retval  VINF_SUCCESS if a message was pending and is being returned.
      * @retval  VERR_TRY_AGAIN if no message pending.
+     * @retval  VERR_INVALID_HANDLE if invalid client ID.
+     * @retval  VERR_INVALID_PARAMETER if incorrect parameter count or types.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @retval  VERR_WRONG_PARAMETER_TYPE
      * @since   6.0
      */
     GUEST_MSG_PEEK_NOWAIT,
+    GUEST_MSG_PEEK_NOWAIT = 6,
     /** Peeks at the next message, waiting for one to arrive.
+     *
 …
      * @retval  VINF_SUCCESS if info about an pending message is being returned.
      * @retval  VINF_TRY_AGAIN and message set to HOST_CANCEL_PENDING_WAITS if
      *          cancelled by GUEST_MSG_CANCEL or GUEST_CANCEL_PENDING_WAITS.
+     *          cancelled by GUEST_MSG_CANCEL.
      * @retval  VERR_RESOURCE_BUSY if another thread already made a waiting call.
+     * @retval  VERR_INVALID_HANDLE if invalid client ID.
+     * @retval  VERR_INVALID_PARAMETER if incorrect parameter count or types.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @retval  VERR_WRONG_PARAMETER_TYPE
      * @note    This replaces GUEST_MSG_WAIT.
      * @since   6.0
      */
     GUEST_MSG_PEEK_WAIT,
+    GUEST_MSG_PEEK_WAIT = 7,
     /** Gets the next message, returning immediately.
+     *
 …
      * @retval  VERR_TRY_AGAIN if no message pending.
      * @retval  VERR_MISMATCH if the incoming message ID does not match the pending.
-     * @retval  VERR_OUT_OF_RANGE if the wrong parameter count.
-     * @retval  VERR_WRONG_TYPE if a parameter has the wrong type.
      * @retval  VERR_BUFFER_OVERFLOW if a parmeter buffer is too small.  The buffer
      *          size was updated to reflect the required size.
+     * @retval  VERR_INVALID_HANDLE if invalid client ID.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @retval  VERR_WRONG_PARAMETER_TYPE
      * @note    This replaces GUEST_MSG_WAIT.
      * @since   6.0
      */
+    GUEST_MSG_GET,
+    /** Cancels pending calls for this client session.
+     *
+     * This should be used if a GUEST_MSG_PEEK_WAIT or GUEST_MSG_WAIT call gets
+     * interrupted on the client end, so as to prevent being rebuffed with
+     * VERR_RESOURCE_BUSY when restarting the call.
+     *
+     * @retval  VINF_SUCCESS if cancelled any calls.
+     * @retval  VWRN_NOT_FOUND if no callers.
+     * @retval  VERR_INVALID_PARAMETER if any parameters specified (expects zero).
+     * @retval  VERR_INVALID_HANDLE if invalid client ID.
+    GUEST_MSG_GET = 8,
+    /** Skip message.
+     *
+     * This skips the current message, replying to the sender with
+     * VERR_NOT_SUPPORTED if appropriate.  No parameters.
+     *
+     * @retval  VINF_SUCCESS on success.
+     * @retval  VERR_NOT_FOUND if no message pending.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
      * @since   6.0
      */
+    GUEST_MSG_CANCEL,
+    GUEST_MSG_SKIP = 9,
+    /**
+     * Skips the current assigned message returned by GUEST_MSG_WAIT.
+     * Needed for telling the host service to not keep stale
+     * host commands in the queue.
+     * @deprecated  Replaced by GUEST_MSG_SKIP.
+     */
+    GUEST_MSG_SKIP_OLD = 10,
+    /** General reply to a host message.
+     * Only contains basic data along with a simple payload.
+     * @todo proper docs.
+     */
+    GUEST_MSG_REPLY = 11,
+    /** General message for updating a pending progress for a long task.
+     * @todo proper docs.
+     */
+    GUEST_MSG_PROGRESS_UPDATE = 12,
+    /** Sets the caller as the master.
+     *
+     * Called by the root VBoxService to explicitly tell the host that's the master
+     * service.  Required to use main VBoxGuest device node.  No parameters.
+     *
+     * @retval  VINF_SUCCESS on success.
+     * @retval  VERR_ACCESS_DENIED if not using main VBoxGuest device not
+     * @retval  VERR_RESOURCE_BUSY if there is already a master.
+     * @retval  VERR_VERSION_MISMATCH if VBoxGuest didn't supply requestor info.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @since   6.0
+     */
+    GUEST_MAKE_ME_MASTER = 13,
+    /** Prepares the starting of a session.
+     *
+     * VBoxService makes this call before spawning a session process (must be
+     * master). The first parameter is the session ID and the second is a one time
+     * key for identifying the right session process.  First parameter is a 32-bit
+     * session ID with a value between 1 and 0xfff0.  The second parameter is a byte
+     * buffer containing a key that GUEST_SESSION_ACCEPT checks against, minimum
+     * length is 64 bytes, maximum 16384 bytes.
+     *
+     * @retval  VINF_SUCCESS on success.
+     * @retval  VERR_OUT_OF_RESOURCES if too many pending sessions hanging around.
+     * @retval  VERR_OUT_OF_RANGE if the session ID outside the allowed range.
+     * @retval  VERR_BUFFER_OVERFLOW if key too large.
+     * @retval  VERR_BUFFER_UNDERFLOW if key too small.
+     * @retval  VERR_ACCESS_DENIED if not master or in legacy mode.
+     * @retval  VERR_DUPLICATE if the session ID has been prepared already.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @retval  VERR_WRONG_PARAMETER_TYPE
+     * @since   6.0
+     */
+    GUEST_SESSION_PREPARE = 14,
+    /** Cancels a prepared session.
+     *
+     * VBoxService makes this call to clean up after spawning a session process
+     * failed.  One parameter, 32-bit session ID.  If UINT32_MAX is passed, all
+     * prepared sessions are cancelled.
+     *
+     * @retval  VINF_SUCCESS on success.
+     * @retval  VWRN_NOT_FOUND if no session with the specified ID.
+     * @retval  VERR_ACCESS_DENIED if not master or in legacy mode.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @retval  VERR_WRONG_PARAMETER_TYPE
+     * @since   6.0
+     */
+    GUEST_SESSION_CANCEL_PREPARED = 15,
+    /** Accepts a prepared session.
+     *
+     * The session processes makes this call to accept a prepared session.  The
+     * session ID is then uniquely associated with the HGCM client ID of the caller.
+     * The parameters must be identical to the matching GUEST_SESSION_PREPARE call.
+     *
+     * @retval  VINF_SUCCESS on success.
+     * @retval  VERR_NOT_FOUND if the specified session ID wasn't found.
+     * @retval  VERR_OUT_OF_RANGE if the session ID outside the allowed range.
+     * @retval  VERR_BUFFER_OVERFLOW if key too large.
+     * @retval  VERR_BUFFER_UNDERFLOW if key too small.
+     * @retval  VERR_ACCESS_DENIED if we're in legacy mode or is master.
+     * @retval  VERR_RESOURCE_BUSY if the client is already associated with a session.
+     * @retval  VERR_MISMATCH if the key didn't match.
+     * @retval  VERR_INVALID_CLIENT_ID
+     * @retval  VERR_WRONG_PARAMETER_COUNT
+     * @retval  VERR_WRONG_PARAMETER_TYPE
+     * @since   6.0
+     */
+    GUEST_SESSION_ACCEPT = 16,
     /**
      * Guest reports back a guest session status.
+     * @todo proper docs.
      */
     GUEST_SESSION_NOTIFY = 20,
     /**
      * Guest wants to close a specific guest session.
+     * @todo proper docs.
      */
     GUEST_SESSION_CLOSE = 21,
 …
     /**
      * Guests sends output from an executed process.
+     * @todo proper docs.
      */
     GUEST_EXEC_OUTPUT = 100,
     /**
      * Guest sends a status update of an executed process to the host.
+     * @todo proper docs.
      */
     GUEST_EXEC_STATUS = 101,
     /**
      * Guests sends an input status notification to the host.
+     * @todo proper docs.
      */
     GUEST_EXEC_INPUT_STATUS = 102,
 …
      * how many data is available / can be sent without actually
      * transmitting the data.
+     * @todo proper docs.
      */
     GUEST_EXEC_IO_NOTIFY = 210,
     /**
      * Guest notifies the host about some directory event.
+     * @todo proper docs.
      */
     GUEST_DIR_NOTIFY = 230,
     /**
      * Guest notifies the host about some file event.
+     * @todo proper docs.
      */
     GUEST_FILE_NOTIFY = 240
 };
+/**
+ * Translates a guest control host function function enum to at string.
+ * @returns Enum string name.
+ * @param   enmFunction     The function name to translate.
+ */
+DECLINLINE(const char *) GstCtrlGuestFnName(enum eGuestFn enmFunction)
+{
+    switch (enmFunction)
+    {
+        RT_CASE_RET_STR(GUEST_MSG_WAIT);
+        RT_CASE_RET_STR(GUEST_MSG_CANCEL);
+        RT_CASE_RET_STR(GUEST_DISCONNECTED);
+        RT_CASE_RET_STR(GUEST_MSG_FILTER_SET);
+        RT_CASE_RET_STR(GUEST_MSG_FILTER_UNSET);
+        RT_CASE_RET_STR(GUEST_MSG_PEEK_NOWAIT);
+        RT_CASE_RET_STR(GUEST_MSG_PEEK_WAIT);
+        RT_CASE_RET_STR(GUEST_MSG_GET);
+        RT_CASE_RET_STR(GUEST_MSG_SKIP_OLD);
+        RT_CASE_RET_STR(GUEST_MSG_REPLY);
+        RT_CASE_RET_STR(GUEST_MSG_PROGRESS_UPDATE);
+        RT_CASE_RET_STR(GUEST_MSG_SKIP);
+        RT_CASE_RET_STR(GUEST_MAKE_ME_MASTER);
+        RT_CASE_RET_STR(GUEST_SESSION_PREPARE);
+        RT_CASE_RET_STR(GUEST_SESSION_CANCEL_PREPARED);
+        RT_CASE_RET_STR(GUEST_SESSION_ACCEPT);
+        RT_CASE_RET_STR(GUEST_SESSION_NOTIFY);
+        RT_CASE_RET_STR(GUEST_SESSION_CLOSE);
+        RT_CASE_RET_STR(GUEST_EXEC_OUTPUT);
+        RT_CASE_RET_STR(GUEST_EXEC_STATUS);
+        RT_CASE_RET_STR(GUEST_EXEC_INPUT_STATUS);
+        RT_CASE_RET_STR(GUEST_EXEC_IO_NOTIFY);
+        RT_CASE_RET_STR(GUEST_DIR_NOTIFY);
+        RT_CASE_RET_STR(GUEST_FILE_NOTIFY);
+    }
+    return "Unknown";
+}
 /**

trunk/include/VBox/VBoxGuestLib.h

-              r75758
+              r75798
 VBGLR3DECL(int) VbglR3GuestCtrlDisconnect(uint32_t idClient);
 VBGLR3DECL(int) VbglR3GuestCtrlMsgFilterSet(uint32_t uClientId, uint32_t uValue, uint32_t uMaskAdd, uint32_t uMaskRemove);
-VBGLR3DECL(int) VbglR3GuestCtrlMsgFilterUnset(uint32_t uClientId);
 VBGLR3DECL(int) VbglR3GuestCtrlMsgReply(PVBGLR3GUESTCTRLCMDCTX pCtx, int rc);
 VBGLR3DECL(int) VbglR3GuestCtrlMsgReplyEx(PVBGLR3GUESTCTRLCMDCTX pCtx, int rc, uint32_t uType,
                                           void *pvPayload, uint32_t cbPayload);
 VBGLR3DECL(int) VbglR3GuestCtrlMsgSkip(uint32_t uClientId);
+VBGLR3DECL(int) VbglR3GuestCtrlMsgSkipOld(uint32_t uClientId);
 VBGLR3DECL(int) VbglR3GuestCtrlMsgPeekWait(uint32_t idClient, uint32_t *pidMsg, uint32_t *pcParameters);
 VBGLR3DECL(int) VbglR3GuestCtrlCancelPendingWaits(HGCMCLIENTID idClient);

trunk/src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibGuestCtrl.cpp

-              r75758
+              r75798
-/**
- * Disables a previously set message filter.
+ *
- * @return  IPRT status code.
- * @param   uClientId       The client ID returned by VbglR3GuestCtrlConnect().
- */
-VBGLR3DECL(int) VbglR3GuestCtrlMsgFilterUnset(uint32_t uClientId)
+{
-    /* Tell the host we want to unset the filter. */
-    HGCMMsgCmdFilterUnset Msg;
-    VBGL_HGCM_HDR_INIT(&Msg.hdr, uClientId, GUEST_MSG_FILTER_UNSET, 1);
-    VbglHGCMParmUInt32Set(&Msg.flags, 0 /* Flags, unused */);
-    return VbglR3HGCMCall(&Msg.hdr, sizeof(Msg));
+}
 VBGLR3DECL(int) VbglR3GuestCtrlMsgReply(PVBGLR3GUESTCTRLCMDCTX pCtx,
                                         int rc)
 …
  * @param   uClientId       The client ID returned by VbglR3GuestCtrlConnect().
  */
 VBGLR3DECL(int) VbglR3GuestCtrlMsgSkip(uint32_t uClientId)
+VBGLR3DECL(int) VbglR3GuestCtrlMsgSkipOld(uint32_t uClientId)
+{
     HGCMMsgCmdSkip Msg;
     /* Tell the host we want to skip the current assigned command. */
     VBGL_HGCM_HDR_INIT(&Msg.hdr, uClientId, GUEST_MSG_SKIP, 1);
+    VBGL_HGCM_HDR_INIT(&Msg.hdr, uClientId, GUEST_MSG_SKIP_OLD, 1);
     VbglHGCMParmUInt32Set(&Msg.flags, 0 /* Flags, unused */);
     return VbglR3HGCMCall(&Msg.hdr, sizeof(Msg));
 …
+{
     HGCMMsgCancelPendingWaits Msg;
     VBGL_HGCM_HDR_INIT(&Msg.hdr, uClientId, GUEST_CANCEL_PENDING_WAITS, 0);
+    VBGL_HGCM_HDR_INIT(&Msg.hdr, uClientId, GUEST_MSG_CANCEL, 0);
     return VbglR3HGCMCall(&Msg.hdr, sizeof(Msg));
+}

trunk/src/VBox/Additions/common/VBoxService/VBoxServiceControl.cpp

r75758	r75798
361	361	* skip all not wanted messages here.
362	362	*/
363		rc = VbglR3GuestCtrlMsgSkip(g_uControlSvcClientID);
	363	rc = VbglR3GuestCtrlMsgSkipOld(g_uControlSvcClientID);
364	364	VGSvcVerbose(3, "Skipping uMsg=%RU32, cParms=%RU32, rc=%Rrc\n", uMsg, cParms, rc);
365	365	}

trunk/src/VBox/Additions/common/VBoxService/VBoxServiceControlSession.cpp

-              r75758
+              r75798
         VGSvcVerbose(3, "Unsupported message (uMsg=%RU32, cParms=%RU32) from host, skipping\n", uMsg, pHostCtx->uNumParms);
-        /** @todo r=bird: Why on earth couldn't you make GUEST_MSG_SKIP do this hacky stuff?!?
-         * You don't even know if you're replying to a message ment for you (see masking race further down).  */
         /*
          * !!! HACK ALERT BEGIN !!!
 …
         /* Tell the host service to skip the message. */
         VbglR3GuestCtrlMsgSkip(pHostCtx->uClientID);
+        VbglR3GuestCtrlMsgSkipOld(pHostCtx->uClientID);
         rc = VINF_SUCCESS;

trunk/src/VBox/HostServices/GuestControl/service.cpp

-              r75773
+              r75798
 *   Header Files                                                                                                                 *
 *********************************************************************************************************************************/
-#ifdef LOG_GROUP
- #undef LOG_GROUP
-#endif
 #define LOG_GROUP LOG_GROUP_GUEST_CONTROL
 #include <VBox/HostServices/GuestControlSvc.h>
 …
 #include <VBox/log.h>
 #include <VBox/AssertGuest.h>
+#include <VBox/VMMDev.h>
 #include <iprt/assert.h>
 #include <iprt/cpp/autores.h>
 …
 #include <map>
 #include <memory>  /* for auto_ptr */
+#include <new>      /* for std::nothrow*/
 #include <string>
 #include <list>
+namespace guestControl {
+/** Flag for indicating that the client only is interested in
+ *  messages of specific context IDs. */
+#define CLIENTSTATE_FLAG_CONTEXTFILTER      RT_BIT(0)
+using namespace guestControl;
 /**
 …
 typedef struct HostCommand
+{
+    RTLISTNODE Node;
+    uint32_t AddRef(void)
+    {
+#ifdef DEBUG_andy
+        LogFlowThisFunc(("[Cmd %RU32] Adding reference, new refCount=%RU32\n", mMsgType, mRefCount + 1));
+#endif
+        return ++mRefCount;
+    }
+    uint32_t Release(void)
+    {
+#ifdef DEBUG_andy
+        LogFlowThisFunc(("[Cmd %RU32] Releasing reference, new refCount=%RU32\n", mMsgType, mRefCount - 1));
+#endif
+        /* Release reference for current command. */
+        Assert(mRefCount);
+        if (--mRefCount == 0)
+            Free();
+        return mRefCount;
+    /** Entry on the GstCtrlService::mHostCmdList list. */
+    RTLISTNODE m_ListEntry;
+    /** Reference counter for facilitating sending to both session and root. */
+    uint32_t m_cRefs;
+    union
+    {
+        /** The top two twomost bits are exploited for message destination.
+         * See VBOX_GUESTCTRL_DST_XXX.  */
+        uint64_t m_idContextAndDst;
+        /** The context ID this command belongs to (extracted from the first parameter). */
+        uint32_t m_idContext;
+    };
+    /** Dynamic structure for holding the HGCM parms */
+    uint32_t mMsgType;
+    /** Number of HGCM parameters. */
+    uint32_t mParmCount;
+    /** Array of HGCM parameters. */
+    PVBOXHGCMSVCPARM mpParms;
+    HostCommand()
+        : m_cRefs(1)
+        , m_idContextAndDst(0)
+        , mMsgType(UINT32_MAX)
+        , mParmCount(0)
+        , mpParms(NULL)
+    {
+        RTListInit(&m_ListEntry);
+    }
     /**
+     * Allocates the command with an HGCM request - or put more accurately, it
+     * duplicates the given HGCM reguest (it does not allocate a HostCommand).
+     * Retains a reference to the command.
+     */
+    uint32_t Retain(void)
+    {
+        uint32_t cRefs = ++m_cRefs;
+        Log4(("[Cmd %RU32 (%s)] Adding reference, new m_cRefs=%u\n", mMsgType, GstCtrlHostFnName((eHostFn)mMsgType), cRefs));
+        Assert(cRefs < 4);
+        return cRefs;
+    }
+    /**
+     * Releases the host command, properly deleting it if no further references.
+     */
+    uint32_t SaneRelease(void)
+    {
+        uint32_t cRefs = --m_cRefs;
+        Log4(("[Cmd %RU32] sane release - cRefs=%u\n", mMsgType, cRefs));
+        Assert(cRefs < 4);
+        if (!cRefs)
+        {
+            LogFlowThisFunc(("[Cmd %RU32 (%s)] destroying\n", mMsgType, GstCtrlHostFnName((eHostFn)mMsgType)));
+            RTListNodeRemove(&m_ListEntry);
+            if (mpParms)
+            {
+                for (uint32_t i = 0; i < mParmCount; i++)
+                    if (mpParms[i].type == VBOX_HGCM_SVC_PARM_PTR)
+                    {
+                        RTMemFree(mpParms[i].u.pointer.addr);
+                        mpParms[i].u.pointer.addr = NULL;
+                    }
+                RTMemFree(mpParms);
+                mpParms = NULL;
+            }
+            mParmCount = 0;
+            delete this;
+        }
+        return cRefs;
+    }
+    /**
+     * Initializes the command.
+     *
+     * Needs to be freed using Free().
+     * The specified parameters are copied and any buffers referenced by it
+     * duplicated as well.
+     *
      * @return  IPRT status code.
+     * @param   uMsg                    Message type.
+     * @param   cParms                  Number of parameters of HGCM request.
+     * @param   paParms                 Array of parameters of HGCM request.
+     */
+    int Allocate(uint32_t uMsg, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+    {
+        LogFlowThisFunc(("[Cmd %RU32] Allocating cParms=%RU32, paParms=%p\n", uMsg, cParms, paParms));
+        if (!cParms) /* At least one parameter (context ID) must be present. */
+            return VERR_INVALID_PARAMETER;
+     * @param   idFunction  The host function (message) number, eHostFn.
+     * @param   cParms      Number of parameters in the HGCM request.
+     * @param   paParms     Array of parameters.
+     */
+    int Init(uint32_t idFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+    {
+        LogFlowThisFunc(("[Cmd %RU32 (%s)] Allocating cParms=%RU32, paParms=%p\n",
+                         idFunction, GstCtrlHostFnName((eHostFn)idFunction), cParms, paParms));
+        Assert(mpParms == NULL);
+        Assert(mParmCount == 0);
+        Assert(m_cRefs == 1);
+        /*
+         * Fend of bad stuff.
+         */
+        AssertReturn(cParms > 0, VERR_WRONG_PARAMETER_COUNT); /* At least one parameter (context ID) must be present. */
+        AssertReturn(cParms < VMMDEV_MAX_HGCM_PARMS, VERR_WRONG_PARAMETER_COUNT);
         AssertPtrReturn(paParms, VERR_INVALID_POINTER);
-        /* Paranoia. */
-        if (cParms > 256)
-            cParms = 256;
-        int rc = VINF_SUCCESS;
         /*
+         * Don't verify anything here (yet), because this function only buffers
+         * the HGCM data into an internal structure and reaches it back to the guest (client)
+         * in an unmodified state.
+         * The first parameter is the context ID and the command destiation mask.
          */
+        mMsgType = uMsg;
+        if (paParms[0].type == VBOX_HGCM_SVC_PARM_64BIT)
+        {
+            m_idContextAndDst = paParms[0].u.uint64;
+            AssertReturn(m_idContextAndDst & VBOX_GUESTCTRL_DST_BOTH, VERR_INTERNAL_ERROR_3);
+        }
+        else if (paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT)
+        {
+            AssertMsgFailed(("idFunction=%u %s - caller must set dst!\n", idFunction, GstCtrlHostFnName((eHostFn)idFunction)));
+            m_idContextAndDst = paParms[0].u.uint32 | VBOX_GUESTCTRL_DST_BOTH;
+        }
+        else
+            AssertFailedReturn(VERR_WRONG_PARAMETER_TYPE);
+        /*
+         * Just make a copy of the parameters and any buffers.
+         */
+        mMsgType   = idFunction;
         mParmCount = cParms;
+        if (mParmCount)
+        {
+            mpParms = (VBOXHGCMSVCPARM *)RTMemAllocZ(sizeof(VBOXHGCMSVCPARM) * mParmCount);
+            if (NULL == mpParms)
+                rc = VERR_NO_MEMORY;
+        }
+        if (RT_SUCCESS(rc))
+        {
+            for (uint32_t i = 0; i < mParmCount; i++)
+        mpParms    = (VBOXHGCMSVCPARM *)RTMemAllocZ(sizeof(VBOXHGCMSVCPARM) * mParmCount);
+        AssertReturn(mpParms, VERR_NO_MEMORY);
+        for (uint32_t i = 0; i < cParms; i++)
+        {
+            mpParms[i].type = paParms[i].type;
+            switch (paParms[i].type)
+            {
+                mpParms[i].type = paParms[i].type;
+                switch (paParms[i].type)
+                {
+                    case VBOX_HGCM_SVC_PARM_32BIT:
+                        mpParms[i].u.uint32 = paParms[i].u.uint32;
+                        break;
+                    case VBOX_HGCM_SVC_PARM_64BIT:
+                        mpParms[i].u.uint64 = paParms[i].u.uint64;
+                        break;
+                    case VBOX_HGCM_SVC_PARM_PTR:
+                        mpParms[i].u.pointer.size = paParms[i].u.pointer.size;
+                        if (mpParms[i].u.pointer.size > 0)
+                        {
+                            mpParms[i].u.pointer.addr = RTMemAlloc(mpParms[i].u.pointer.size);
+                            if (mpParms[i].u.pointer.addr != NULL)
+                                memcpy(mpParms[i].u.pointer.addr,
+                                       paParms[i].u.pointer.addr,
+                                       mpParms[i].u.pointer.size);
+                            else
+                                rc = VERR_NO_MEMORY;
+                        }
+                        else
+                        {
+                            /* Size is 0 -- make sure we don't have any pointer. */
+                            mpParms[i].u.pointer.addr = NULL;
+                        }
+                        break;
+                    default:
+                        break;
+                }
+                if (RT_FAILURE(rc))
+                case VBOX_HGCM_SVC_PARM_32BIT:
+                    mpParms[i].u.uint32 = paParms[i].u.uint32;
                     break;
+                case VBOX_HGCM_SVC_PARM_64BIT:
+                    mpParms[i].u.uint64 = paParms[i].u.uint64;
+                    break;
+                case VBOX_HGCM_SVC_PARM_PTR:
+                    mpParms[i].u.pointer.size = paParms[i].u.pointer.size;
+                    if (mpParms[i].u.pointer.size > 0)
+                    {
+                        mpParms[i].u.pointer.addr = RTMemDup(paParms[i].u.pointer.addr, mpParms[i].u.pointer.size);
+                        AssertReturn(mpParms[i].u.pointer.addr, VERR_NO_MEMORY);
+                    }
+                    /* else: structure is zeroed by allocator. */
+                    break;
+                default:
+                    AssertMsgFailedReturn(("idFunction=%u (%s) parameter #%u: type=%u\n",
+                                           idFunction, GstCtrlHostFnName((eHostFn)idFunction), i, paParms[i].type),
+                                          VERR_WRONG_PARAMETER_TYPE);
+            }
+        }
+        if (RT_SUCCESS(rc))
+        {
+            /*
+             * Assume that the context ID *always* is the first parameter,
+             * assign the context ID to the command.
+             */
+            rc = HGCMSvcGetU32(&mpParms[0], &mContextID);
+            /* Set timestamp so that clients can distinguish between already
+             * processed commands and new ones. */
+            mTimestamp = RTTimeNanoTS();
+        }
+        LogFlowFunc(("Returned with rc=%Rrc\n", rc));
+        return rc;
+    }
+    /**
+     * Frees the buffered HGCM request (not the HostCommand structure itself).
+     */
+    void Free(void)
+    {
+        AssertMsg(mRefCount == 0, ("uMsg=%RU32, CID=%RU32 still being used by a client (%RU32 refs), cannot free yet\n",
+                                   mMsgType, mContextID, mRefCount));
+        LogFlowThisFunc(("[Cmd %RU32] Freeing\n", mMsgType));
+        for (uint32_t i = 0; i < mParmCount; i++)
+        {
+            switch (mpParms[i].type)
+            {
+                case VBOX_HGCM_SVC_PARM_PTR:
+                    if (mpParms[i].u.pointer.size > 0)
+                        RTMemFree(mpParms[i].u.pointer.addr);
+                    break;
+                default:
+                    break;
+            }
+        }
+        if (mpParms)
+        {
+            RTMemFree(mpParms);
+            mpParms = NULL;
+        }
+        mParmCount = 0;
+        /* Removes the command from its list */
+        RTListNodeRemove(&Node);
+    }
+        /*
+         * Morph the first parameter back to 32-bit.
+         */
+        mpParms[0].type     = VBOX_HGCM_SVC_PARM_32BIT;
+        mpParms[0].u.uint32 = (uint32_t)paParms[0].u.uint64;
+        return VINF_SUCCESS;
+    }
     /**
 …
     int CopyTo(VBOXHGCMSVCPARM paDstParms[], uint32_t cDstParms) const
+    {
         LogFlowThisFunc(("[Cmd %RU32] mParmCount=%RU32, mContextID=%RU32 (Session %RU32)\n",
                          mMsgType, mParmCount, mContextID, VBOX_GUESTCTRL_CONTEXTID_GET_SESSION(mContextID)));
+        LogFlowThisFunc(("[Cmd %RU32] mParmCount=%RU32, m_idContext=%RU32 (Session %RU32)\n",
+                         mMsgType, mParmCount, m_idContext, VBOX_GUESTCTRL_CONTEXTID_GET_SESSION(m_idContext)));
         int rc = VINF_SUCCESS;
 …
         return VERR_TOO_MUCH_DATA;
+    }
-    /** Reference count for keeping track how many connected
-     *  clients still need to process this command until it can
-     *  be removed. */
-    uint32_t mRefCount;
-    /** The context ID this command belongs to. Will be extracted
-     *  *always* from HGCM parameter [0]. */
-    uint32_t mContextID;
-    /** Dynamic structure for holding the HGCM parms */
-    uint32_t mMsgType;
-    /** Number of HGCM parameters. */
-    uint32_t mParmCount;
-    /** Array of HGCM parameters. */
-    PVBOXHGCMSVCPARM mpParms;
-    /** Incoming timestamp (nanoseconds). */
-    uint64_t mTimestamp;
 } HostCommand;
 typedef std::list< HostCommand *> HostCmdList;
 …
+{
     ClientState(void)
         : mSvcHelpers(NULL),
           mID(0),
           mFlags(0),
           mFilterMask(0), mFilterValue(0),
           mHostCmdRc(VINF_SUCCESS), mHostCmdTries(0),
           mHostCmdTS(0),
           mIsPending((guestControl::eGuestFn)0),
           mPeekCount(0)
+        : mSvcHelpers(NULL)
+        , mID(0)
+        , mIsPending((guestControl::eGuestFn)0)
+        , m_fIsMaster(false)
+        , m_idSession(UINT32_MAX)
+        , mHostCmdRc(VINF_SUCCESS)
+        , mHostCmdTries(0)
+        , mPeekCount(0)
     { }
     ClientState(PVBOXHGCMSVCHELPERS pSvcHelpers, uint32_t uClientID)
         : mSvcHelpers(pSvcHelpers),
           mID(uClientID),
           mFlags(0),
           mFilterMask(0), mFilterValue(0),
           mHostCmdRc(VINF_SUCCESS), mHostCmdTries(0),
           mHostCmdTS(0),
           mIsPending((guestControl::eGuestFn)0),
           mPeekCount(0)
+    ClientState(PVBOXHGCMSVCHELPERS pSvcHelpers, uint32_t idClient)
+        : mSvcHelpers(pSvcHelpers)
+        , mID(idClient)
+        , mIsPending((guestControl::eGuestFn)0)
+        , m_fIsMaster(false)
+        , m_idSession(UINT32_MAX)
+        , mHostCmdRc(VINF_SUCCESS)
+        , mHostCmdTries(0)
+        , mPeekCount(0)
     { }
+    void DequeueAll(void)
+    {
+        HostCmdListIter curItem = mHostCmdList.begin();
+        while (curItem != mHostCmdList.end())
+            curItem = Dequeue(curItem);
+    }
+    void DequeueCurrent(void)
+    {
+        HostCmdListIter curCmd = mHostCmdList.begin();
+        if (curCmd != mHostCmdList.end())
+            Dequeue(curCmd);
+    }
+    HostCmdListIter Dequeue(HostCmdListIter &curItem)
+    {
+        HostCommand *pHostCmd = *curItem;
+    /**
+     * Ditches the first host command and crazy GUEST_MSG_WAIT state.
+     */
+    void DitchFirstHostCmd()
+    {
+        Assert(!mHostCmdList.empty());
+        HostCommand *pHostCmd = *mHostCmdList.begin();
         AssertPtr(pHostCmd);
+        if (pHostCmd->Release() == 0)
+        {
+            LogFlowThisFunc(("[Client %RU32] Destroying command %RU32\n", mID, pHostCmd->mMsgType));
+            delete pHostCmd;
+            pHostCmd = NULL;
+        }
+        HostCmdListIter nextItem = mHostCmdList.erase(curItem);
+        /* Reset everything else. */
+        pHostCmd->SaneRelease();
+        mHostCmdList.pop_front();
+        /* Reset state else. */
         mHostCmdRc    = VINF_SUCCESS;
         mHostCmdTries = 0;
         mPeekCount    = 0;
-        return nextItem;
+    }
 …
         AssertPtrReturn(pHostCmd, VERR_INVALID_POINTER);
-        int rc = VINF_SUCCESS;
         try
+        {
             mHostCmdList.push_back(pHostCmd);
-            pHostCmd->AddRef();
+        }
         catch (std::bad_alloc &)
+        {
+            rc = VERR_NO_MEMORY;
+        }
+        return rc;
+    }
+#if 0 /* not used by anyone */
+    /** Returns the pointer to the current host command in a client's list.
+     *  NULL if no current command available. */
+    const HostCommand *GetCurrent(void)
+    {
+        if (mHostCmdList.empty())
+            return NULL;
+        return (*mHostCmdList.begin());
+    }
+#endif
+    bool WantsHostCommand(const HostCommand *pHostCmd) const
+    {
+        AssertPtrReturn(pHostCmd, false);
+#ifdef DEBUG_andy
+        LogFlowFunc(("mHostCmdTS=%RU64, pHostCmdTS=%RU64\n",
+                     mHostCmdTS, pHostCmd->mTimestamp));
+#endif
+        /* Only process newer commands. */
+        /** @todo r=bird: This seems extremely bogus given that I cannot see
+         *        ClientState::mHostCmdTS being set anywhere at all. */
+        if (pHostCmd->mTimestamp <= mHostCmdTS)
+            return false;
+        /*
+         * If a session filter is set, only obey those commands we're interested in
+         * by applying our context ID filter mask and compare the result with the
+         * original context ID.
+         */
+        bool fWant;
+        if (mFlags & CLIENTSTATE_FLAG_CONTEXTFILTER)
+            fWant = (pHostCmd->mContextID & mFilterMask) == mFilterValue;
+        else /* Client is interested in all commands. */
+            fWant = true;
+        LogFlowFunc(("[Client %RU32] mFlags=0x%x, mContextID=%RU32 (session %RU32), mFilterMask=0x%x, mFilterValue=%RU32, fWant=%RTbool\n",
+                     mID, mFlags, pHostCmd->mContextID,
+                     VBOX_GUESTCTRL_CONTEXTID_GET_SESSION(pHostCmd->mContextID),
+                     mFilterMask, mFilterValue, fWant));
+        return fWant;
+            return VERR_NO_MEMORY;
+        }
+        pHostCmd->Retain();
+        return VINF_SUCCESS;
+    }
 …
      * @note Only used by GUEST_MSG_WAIT scenarios.
      */
+    int OldRun(ClientConnection const *pConnection,
+               HostCommand            *pHostCmd)
+    int OldRun(ClientConnection const *pConnection, HostCommand *pHostCmd)
+    {
         AssertPtrReturn(pConnection, VERR_INVALID_POINTER);
         AssertPtrReturn(pHostCmd, VERR_INVALID_POINTER);
+        Assert(*mHostCmdList.begin() == pHostCmd);
         LogFlowFunc(("[Client %RU32] pConnection=%p, mHostCmdRc=%Rrc, mHostCmdTries=%RU32, mPeekCount=%RU32\n",
 …
         if (fRemove)
+        {
+            /** @todo Fix this (slow) lookup. Too late today. */
+            HostCmdListIter curItem = mHostCmdList.begin();
+            while (curItem != mHostCmdList.end())
+            {
+                if ((*curItem) == pHostCmd)
+                {
+                    Dequeue(curItem);
+                    break;
+                }
+                ++curItem;
+            }
+            Assert(*mHostCmdList.begin() == pHostCmd);
+            DitchFirstHostCmd();
+        }
 …
                 AssertPtrReturn(pHostCmd, VERR_INVALID_POINTER);
                 LogFlowThisFunc(("[Client %RU32] Current host command is %RU32 (CID=%RU32, cParms=%RU32, refCount=%RU32)\n",
                                  mID, pHostCmd->mMsgType, pHostCmd->mContextID, pHostCmd->mParmCount, pHostCmd->mRefCount));
+                LogFlowThisFunc(("[Client %RU32] Current host command is %RU32 (CID=%RU32, cParms=%RU32, m_cRefs=%RU32)\n",
+                                 mID, pHostCmd->mMsgType, pHostCmd->m_idContext, pHostCmd->mParmCount, pHostCmd->m_cRefs));
                 if (mIsPending == GUEST_MSG_PEEK_WAIT)
 …
     /**
      * Used by Service::call() to handle GUEST_CANCEL_PENDING_WAITS.
+     * Used by Service::call() to handle GUEST_MSG_CANCEL.
+     *
      * @note This cancels both GUEST_MSG_WAIT and GUEST_MSG_PEEK_WAIT sleepers.
 …
     int CancelWaiting()
+    {
+        LogFlowFunc(("[Client %RU32] Cancelling waiting thread, isPending=%d, pendingNumParms=%RU32, flags=%x\n",
+                     mID, mIsPending, mPendingCon.mNumParms, mFlags));
+        LogFlowFunc(("[Client %RU32] Cancelling waiting thread, isPending=%d, pendingNumParms=%RU32, m_idSession=%x\n",
+                     mID, mIsPending, mPendingCon.mNumParms, m_idSession));
+/** @todo r=bird: This must be made sticky if no pending call, i.e. next wait
+ * call must return immediately. otherwise there will be a race and
+ * occational long VBoxService shutdown times. */
         int rc;
 …
     /** The client's ID. */
     uint32_t mID;
-    /** Client flags. @sa CLIENTSTATE_FLAG_ flags. */
-    uint32_t mFlags;
-    /** The context ID filter mask, if any. */
-    uint32_t mFilterMask;
-    /** The context ID filter value, if any. */
-    uint32_t mFilterValue;
     /** Host command list to process. */
     HostCmdList mHostCmdList;
+    /** Pending client call (GUEST_MSG_PEEK_WAIT or GUEST_MSG_WAIT), zero if none pending.
+     *
+     * This means the client waits for a new host command to reply and won't return
+     * from the waiting call until a new host command is available. */
+    guestControl::eGuestFn mIsPending;
+    /** The client's pending connection. */
+    ClientConnection    mPendingCon;
+    /** Set if master. */
+    bool                m_fIsMaster;
+    /** The session ID for this client, UINT32_MAX if not set or master. */
+    uint32_t            m_idSession;
+    /** @name The GUEST_MSG_WAIT state.
+     * @note Don't try understand this, it is certificable!
+     * @{ */
     /** Last (most recent) rc after handling the host command. */
     int mHostCmdRc;
 …
      * to be able to successfully retrieve.  */
     uint32_t mHostCmdTries;
-    /** Timestamp (nanoseconds) of last host command processed.
-     * @todo r=bird: Where is this set?  */
-    uint64_t mHostCmdTS;
-    /** Pending client call (GUEST_MSG_PEEK_WAIT or GUEST_MSG_WAIT), zero if none pending.
+     *
-     * This means the client waits for a new host command to reply and won't return
-     * from the waiting call until a new host command is available.
-     */
-    guestControl::eGuestFn mIsPending;
     /** Number of times we've peeked at a pending message.
+     *
 …
      */
     uint32_t mPeekCount;
     /** The client's pending connection. */
+    ClientConnection mPendingCon;
+    /** @} */
 } ClientState;
 typedef std::map< uint32_t, ClientState > ClientStateMap;
 …
 /**
+ * Prepared session (GUEST_SESSION_PREPARE).
+ */
+typedef struct GstCtrlPreparedSession
+{
+    /** List entry. */
+    RTLISTNODE  ListEntry;
+    /** The session ID.   */
+    uint32_t    idSession;
+    /** The key size. */
+    uint32_t    cbKey;
+    /** The key bytes. */
+    uint8_t     abKey[RT_FLEXIBLE_ARRAY];
+} GstCtrlPreparedSession;
+/**
  * Class containing the shared information service functionality.
  */
 class Service : public RTCNonCopyable
+class GstCtrlService : public RTCNonCopyable
+{
 …
     /** Type definition for use in callback functions. */
     typedef Service SELF;
+    typedef GstCtrlService SELF;
     /** HGCM helper functions. */
     PVBOXHGCMSVCHELPERS mpHelpers;
+    /**
+     * Callback function supplied by the host for notification of updates
+     * to properties.
+     */
+    /** Callback function supplied by the host for notification of updates to properties. */
     PFNHGCMSVCEXT mpfnHostCallback;
     /** User data pointer to be supplied to the host callback function. */
 …
     /** List containing all buffered host commands. */
     RTLISTANCHOR mHostCmdList;
+    /** Map containing all connected clients. The primary key contains
+     *  the HGCM client ID to identify the client. */
+    ClientStateMap mClientStateMap;
+    /** Map containing all connected clients, key is HGCM client ID. */
+    ClientStateMap  mClientStateMap;
+    /** The master HGCM client ID, UINT32_MAX if none. */
+    uint32_t        m_idMasterClient;
+    /** Set if we're in legacy mode (pre 6.0). */
+    bool            m_fLegacyMode;
+    /** Number of prepared sessions. */
+    uint32_t        m_cPreparedSessions;
+    /** List of prepared session (GstCtrlPreparedSession). */
+    RTLISTANCHOR    m_PreparedSessions;
 public:
     explicit Service(PVBOXHGCMSVCHELPERS pHelpers)
+    explicit GstCtrlService(PVBOXHGCMSVCHELPERS pHelpers)
         : mpHelpers(pHelpers)
         , mpfnHostCallback(NULL)
         , mpvHostData(NULL)
+        , m_idMasterClient(UINT32_MAX)
+        , m_fLegacyMode(true)
+        , m_cPreparedSessions(0)
+    {
         RTListInit(&mHostCmdList);
+        RTListInit(&m_PreparedSessions);
+    }
     /**
      * @interface_method_impl{VBOXHGCMSVCFNTABLE,pfnUnload}
      * Simply deletes the service object
+     * Simply deletes the GstCtrlService object
      */
     static DECLCALLBACK(int) svcUnload(void *pvService)
 …
                                         uint32_t fRequestor, bool fRestoring)
+    {
         RT_NOREF(fRequestor, fRestoring);
+        RT_NOREF(fRestoring);
         AssertLogRelReturn(VALID_PTR(pvService), VERR_INVALID_PARAMETER);
         SELF *pSelf = reinterpret_cast<SELF *>(pvService);
         AssertPtrReturn(pSelf, VERR_INVALID_POINTER);
         return pSelf->clientConnect(u32ClientID, pvClient);
+        return pSelf->clientConnect(u32ClientID, pvClient, fRequestor);
+    }
 …
     int prepareExecute(uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
     int clientConnect(uint32_t u32ClientID, void *pvClient);
+    int clientConnect(uint32_t u32ClientID, void *pvClient, uint32_t fRequestor);
     int clientDisconnect(uint32_t u32ClientID, void *pvClient);
+    int clientMakeMeMaster(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms);
+    int clientMsgPeek(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[], bool fWait);
+    int clientMsgGet(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientMsgCancel(uint32_t idClient, uint32_t cParms);
+    int clientMsgSkip(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms);
+    int clientSessionPrepare(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientSessionCancelPrepared(uint32_t idClient, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientSessionAccept(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientSessionCloseOther(uint32_t idClient, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
     int clientMsgOldGet(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientMsgPeek(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[], bool fWait);
+    int clientMsgGet(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientMsgCancel(uint32_t u32ClientID, uint32_t cParms);
+    int clientMsgFilterSet(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientMsgFilterUnset(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientMsgSkip(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientMsgOldFilterSet(uint32_t u32ClientID, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    int clientMsgOldSkip(uint32_t u32ClientID, uint32_t cParms);
     int hostCallback(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
     int hostProcessCommand(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    void call(VBOXHGCMCALLHANDLE callHandle, uint32_t u32ClientID, void *pvClient, uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
+    void call(VBOXHGCMCALLHANDLE hCall, uint32_t idClient, void *pvClient, uint32_t idFunction,
+              uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
     int hostCall(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
-    int sessionClose(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[]);
     int uninit(void);
     DECLARE_CLS_COPY_CTOR_ASSIGN_NOOP(Service);
+    DECLARE_CLS_COPY_CTOR_ASSIGN_NOOP(GstCtrlService);
 };
 /**
  * Handles a client which just connected.
+ *
  * @return  IPRT status code.
  * @param   u32ClientID
+ * @param   idClient
  * @param   pvClient
+ */
+int Service::clientConnect(uint32_t u32ClientID, void *pvClient)
+ * @param   fRequestor  VMMDevRequestHeader::fRequestor value, if available.
+ */
+int GstCtrlService::clientConnect(uint32_t idClient, void *pvClient, uint32_t fRequestor)
+{
     RT_NOREF(pvClient);
+    LogFlowFunc(("[Client %RU32] Connected\n", u32ClientID));
+#ifdef VBOX_STRICT
+    ClientStateMapIterConst it = mClientStateMap.find(u32ClientID);
+    if (it != mClientStateMap.end())
+    {
+        AssertMsgFailed(("Client with ID=%RU32 already connected when it should not\n",
+                         u32ClientID));
+        return VERR_ALREADY_EXISTS;
+    }
+#endif
+    ClientState clientState(mpHelpers, u32ClientID);
+    mClientStateMap[u32ClientID] = clientState;
+    /** @todo Exception handling! */
+    LogFlowFunc(("[Client %RU32] Connected\n", idClient));
+    AssertMsg(mClientStateMap.find(idClient) == mClientStateMap.end(),
+              ("Client with ID=%RU32 already connected when it should not\n", idClient));
+    /*
+     * Create client state.
+     */
+    try
+    {
+        mClientStateMap[idClient] = ClientState(mpHelpers, idClient);
+    }
+    catch (std::bad_alloc)
+    {
+        return VERR_NO_MEMORY;
+    }
+    ClientState &rClientState = mClientStateMap[idClient];
+    /*
+     * For legacy compatibility reasons we have to pick a master client at some
+     * point, so if the /dev/vboxguest requirements checks out we pick the first
+     * one through the door.
+     */
+/** @todo make picking the master more dynamic/flexible. */
+    if (   m_fLegacyMode
+        && m_idMasterClient == UINT32_MAX)
+    {
+        if (   fRequestor == VMMDEV_REQUESTOR_LEGACY
+            || !(fRequestor & VMMDEV_REQUESTOR_USER_DEVICE))
+        {
+            LogFunc(("Picking %u as master for now.\n", idClient));
+            m_idMasterClient = idClient;
+            rClientState.m_fIsMaster = true;
+        }
+    }
     return VINF_SUCCESS;
+}
 /**
  * Handles a client which disconnected.
 …
+ *
  * @return  IPRT status code.
  * @param   u32ClientID             The client's ID of which disconnected.
  * @param   pvClient                User data, not used at the moment.
  */
 int Service::clientDisconnect(uint32_t u32ClientID, void *pvClient)
+ * @param   idClient    The client's ID of which disconnected.
+ * @param   pvClient    User data, not used at the moment.
+ */
+int GstCtrlService::clientDisconnect(uint32_t idClient, void *pvClient)
+{
     RT_NOREF(pvClient);
+    LogFlowFunc(("[Client %RU32] Disconnected (%zu clients total)\n",
+                 u32ClientID, mClientStateMap.size()));
+    AssertMsg(!mClientStateMap.empty(),
+              ("No clients in list anymore when there should (client ID=%RU32)\n", u32ClientID));
+    int rc = VINF_SUCCESS;
+    ClientStateMapIter itClientState = mClientStateMap.find(u32ClientID);
+    AssertMsg(itClientState != mClientStateMap.end(),
+              ("Client ID=%RU32 not found in client list when it should be there\n", u32ClientID));
+    if (itClientState != mClientStateMap.end())
+    {
+        itClientState->second.DequeueAll();
+        mClientStateMap.erase(itClientState);
+    }
+    bool fAllClientsDisconnected = mClientStateMap.empty();
+    if (fAllClientsDisconnected)
+    {
+        LogFlowFunc(("All clients disconnected, cancelling all host commands ...\n"));
+        /*
+         * If all clients disconnected we also need to make sure that all buffered
+         * host commands need to be notified, because Main is waiting a notification
+         * via a (multi stage) progress object.
+         */
+        /** @todo r=bird: We have RTListForEachSafe for this purpose...  Would save a
+         *        few lines and bother here. */
+        HostCommand *pCurCmd = RTListGetFirst(&mHostCmdList, HostCommand, Node);
+        while (pCurCmd)
+        {
+            HostCommand *pNext = RTListNodeGetNext(&pCurCmd->Node, HostCommand, Node);
+            bool fLast = RTListNodeIsLast(&mHostCmdList, &pCurCmd->Node);
+            uint32_t cParms = 0;
+            VBOXHGCMSVCPARM arParms[2];
+            HGCMSvcSetU32(&arParms[cParms++], pCurCmd->mContextID);
+            int rc2 = hostCallback(GUEST_DISCONNECTED, cParms, arParms);
+            if (RT_FAILURE(rc2))
+    LogFlowFunc(("[Client %RU32] Disconnected (%zu clients total)\n", idClient, mClientStateMap.size()));
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    AssertMsgReturn(ItClientState != mClientStateMap.end(),
+                    ("Client ID=%RU32 not found in client list when it should be there\n", idClient),
+                    VINF_SUCCESS);
+    /*
+     * Cancel all pending host commands, replying with GUEST_DISCONNECTED if final recipient.
+     */
+    {
+        ClientState &rClientState = ItClientState->second;
+        while (!rClientState.mHostCmdList.empty())
+        {
+            HostCommand *pHostCmd = *rClientState.mHostCmdList.begin();
+            rClientState.mHostCmdList.pop_front();
+            uint32_t idFunction = pHostCmd->mMsgType;
+            uint32_t idContext  = pHostCmd->m_idContext;
+            if (pHostCmd->SaneRelease() == 0)
+            {
+                LogFlowFunc(("Cancelling host command with CID=%u (refCount=%RU32) failed with rc=%Rrc\n",
+                             pCurCmd->mContextID, pCurCmd->mRefCount, rc2));
+                /* Keep going. */
+                VBOXHGCMSVCPARM Parm;
+                HGCMSvcSetU32(&Parm, pHostCmd->m_idContext);
+                int rc2 = hostCallback(GUEST_DISCONNECTED, 1, &Parm);
+                LogFlowFunc(("Cancelled host command %u (%s) with idContext=%#x -> %Rrc\n",
+                             idFunction, GstCtrlHostFnName((eHostFn)idFunction), idContext, rc2));
+                RT_NOREF(rc2);
+            }
+            while (pCurCmd->Release())
+                ;
+            delete pCurCmd;
+            pCurCmd = NULL;
+            if (fLast)
+                break;
+            pCurCmd = pNext;
+        }
+        Assert(RTListIsEmpty(&mHostCmdList));
+    }
+    return rc;
+        }
+    }
+    /*
+     * Delete the client state.
+     */
+    mClientStateMap.erase(ItClientState);
+    /*
+     * If it's the master disconnecting, we need to reset related globals.
+     */
+    if (idClient == m_idMasterClient)
+    {
+        m_idMasterClient = UINT32_MAX;
+        GstCtrlPreparedSession *pCur, *pNext;
+        RTListForEachSafe(&m_PreparedSessions, pCur, pNext, GstCtrlPreparedSession, ListEntry)
+        {
+            RTMemFree(pCur);
+        }
+        m_cPreparedSessions = 0;
+    }
+    if (mClientStateMap.empty())
+        m_fLegacyMode = true;
+    /*
+     * Host command sanity check.
+     */
+    Assert(RTListIsEmpty(&mHostCmdList) || !mClientStateMap.empty());
+    return VINF_SUCCESS;
+}
 /**
 …
  * @param   paParms                     Array of parameters.
  */
 int Service::clientMsgOldGet(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle,
                              uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+int GstCtrlService::clientMsgOldGet(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle,
+                                    uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
     /*
 …
+}
+/**
+ * Implements GUEST_MSG_PEEK_WAIT and GUEST_MSG_PEEK_NOWAIT.
+/**
+ * Implements GUEST_MAKE_ME_MASTER.
+ *
  * @returns VBox status code.
  * @retval  VINF_SUCCESS if a message was pending and is being returned.
  * @retval  VERR_INVALID_HANDLE if invalid client ID.
  * @retval  VERR_INVALID_PARAMETER if incorrect parameter count or types.
  * @retval  VERR_TRY_AGAIN if no message pending and not blocking.
  * @retval  VERR_RESOURCE_BUSY if another read already made a waiting call.
  * @retval  VINF_HGCM_ASYNC_EXECUTE if message wait is pending.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE on success (we complete the message here).
+ * @retval  VERR_ACCESS_DENIED if not using main VBoxGuest device not
+ * @retval  VERR_RESOURCE_BUSY if there is already a master.
+ * @retval  VERR_VERSION_MISMATCH if VBoxGuest didn't supply requestor info.
+ * @retval  VERR_INVALID_CLIENT_ID
+ * @retval  VERR_WRONG_PARAMETER_COUNT
+ *
  * @param   idClient    The client's ID.
 …
  *                      immediately.
  */
 int Service::clientMsgPeek(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[], bool fWait)
+int GstCtrlService::clientMakeMeMaster(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms)
+{
     /*
      * Validate the request.
      */
+    ASSERT_GUEST_MSG_RETURN(cParms >= 2, ("cParms=%u!\n", cParms), VERR_INVALID_PARAMETER);
+    ASSERT_GUEST_RETURN(cParms == 0, VERR_WRONG_PARAMETER_COUNT);
+    uint32_t fRequestor = mpHelpers->pfnGetRequestor(hCall);
+    ASSERT_GUEST_LOGREL_MSG_RETURN(fRequestor != VMMDEV_REQUESTOR_LEGACY,
+                                   ("Outdated VBoxGuest w/o requestor support. Please update!\n"),
+                                   VERR_VERSION_MISMATCH);
+    ASSERT_GUEST_LOGREL_MSG_RETURN(!(fRequestor & VMMDEV_REQUESTOR_USER_DEVICE), ("fRequestor=%#x\n", fRequestor),
+                                   VERR_ACCESS_DENIED);
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    /*
+     * Do the work.
+     */
+    ASSERT_GUEST_MSG_RETURN(m_idMasterClient == idClient || m_idMasterClient == UINT32_MAX,
+                            ("Already have master session %RU32, refusing %RU32.\n", m_idMasterClient, idClient),
+                            VERR_RESOURCE_BUSY);
+    int rc = mpHelpers->pfnCallComplete(hCall, VINF_SUCCESS);
+    if (RT_SUCCESS(rc))
+    {
+        m_idMasterClient = idClient;
+        m_fLegacyMode    = false;
+        rClientState.m_fIsMaster = true;
+    }
+    else
+        LogFunc(("pfnCallComplete -> %Rrc\n", rc));
+    return VINF_HGCM_ASYNC_EXECUTE;
+}
+/**
+ * Implements GUEST_MSG_PEEK_WAIT and GUEST_MSG_PEEK_NOWAIT.
+ *
+ * @returns VBox status code.
+ * @retval  VINF_SUCCESS if a message was pending and is being returned.
+ * @retval  VERR_TRY_AGAIN if no message pending and not blocking.
+ * @retval  VERR_RESOURCE_BUSY if another read already made a waiting call.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE if message wait is pending.
+ *
+ * @param   idClient    The client's ID.
+ * @param   hCall       The client's call handle.
+ * @param   cParms      Number of parameters.
+ * @param   paParms     Array of parameters.
+ * @param   fWait       Set if we should wait for a message, clear if to return
+ *                      immediately.
+ */
+int GstCtrlService::clientMsgPeek(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[], bool fWait)
+{
+    /*
+     * Validate the request.
+     */
+    ASSERT_GUEST_MSG_RETURN(cParms >= 2, ("cParms=%u!\n", cParms), VERR_WRONG_PARAMETER_COUNT);
     for (uint32_t i = 0; i < cParms; i++)
+    {
         ASSERT_GUEST_MSG_RETURN(paParms[i].type == VBOX_HGCM_SVC_PARM_32BIT, ("#%u type=%u\n", i, paParms[i].type),
                                 VERR_INVALID_PARAMETER);
+                                VERR_WRONG_PARAMETER_TYPE);
         paParms[i].u.uint32 = 0;
+    }
+    ClientStateMapIter itClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(itClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_HANDLE);
+    ClientState &rClientState = itClientState->second;
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
     /*
 …
+            }
         LogFlowFunc(("[Client %RU32] GUEST_MSG_PEEK_XXXX -> VINF_SUCCESS (idMsg=%u, cParms=%u)\n",
                      idClient, pFirstCmd->mMsgType, pFirstCmd->mParmCount));
+        LogFlowFunc(("[Client %RU32] GUEST_MSG_PEEK_XXXX -> VINF_SUCCESS (idMsg=%u (%s), cParms=%u)\n",
+                     idClient, pFirstCmd->mMsgType, GstCtrlHostFnName((eHostFn)pFirstCmd->mMsgType), pFirstCmd->mParmCount));
         return VINF_SUCCESS;
+    }
 …
  * @retval  VERR_TRY_AGAIN if no message pending.
  * @retval  VERR_BUFFER_OVERFLOW if a parmeter buffer is too small.  The buffer
+ *          size was updated to reflect the required size.
+ *          size was updated to reflect the required size, though this isn't yet
+ *          forwarded to the guest.  (The guest is better of using peek with
+ *          parameter count + 2 parameters to get the sizes.)
  * @retval  VERR_MISMATCH if the incoming message ID does not match the pending.
+ * @retval  VERR_OUT_OF_RANGE if the wrong parameter count.
+ * @retval  VERR_WRONG_TYPE if a parameter has the wrong type.
+ * @retval  VERR_INVALID_HANDLE if invalid client ID.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE if message wait is pending.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE if message was completed already.
+ *
  * @param   idClient    The client's ID.
 …
  * @param   paParms     Array of parameters.
  */
 int Service::clientMsgGet(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+int GstCtrlService::clientMsgGet(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
     /*
 …
                                  : UINT32_MAX;
     ClientStateMapIter itClientState = mClientStateMap.find(idClient);
     ASSERT_GUEST_MSG_RETURN(itClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_HANDLE);
     ClientState &rClientState = itClientState->second;
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
     /*
 …
         ASSERT_GUEST_MSG_RETURN(pFirstCmd->mMsgType == idMsgExpected || idMsgExpected == UINT32_MAX,
+                                ("idMsg=%u cParms=%u, caller expected %u and %u\n",
+                                 pFirstCmd->mMsgType, pFirstCmd->mParmCount, idMsgExpected, cParms),
+                                ("idMsg=%u (%s) cParms=%u, caller expected %u (%s) and %u\n",
+                                 pFirstCmd->mMsgType, GstCtrlHostFnName((eHostFn)pFirstCmd->mMsgType), pFirstCmd->mParmCount,
+                                 idMsgExpected, GstCtrlHostFnName((eHostFn)idMsgExpected), cParms),
                                 VERR_MISMATCH);
         ASSERT_GUEST_MSG_RETURN(pFirstCmd->mParmCount == cParms,
+                                ("idMsg=%u cParms=%u, caller expected %u and %u\n",
+                                 pFirstCmd->mMsgType, pFirstCmd->mParmCount, idMsgExpected, cParms),
+                                VERR_OUT_OF_RANGE);
+                                ("idMsg=%u (%s) cParms=%u, caller expected %u (%s) and %u\n",
+                                 pFirstCmd->mMsgType, GstCtrlHostFnName((eHostFn)pFirstCmd->mMsgType), pFirstCmd->mParmCount,
+                                 idMsgExpected, GstCtrlHostFnName((eHostFn)idMsgExpected), cParms),
+                                VERR_WRONG_PARAMETER_COUNT);
         /* Check the parameter types. */
         for (uint32_t i = 0; i < cParms; i++)
             ASSERT_GUEST_MSG_RETURN(pFirstCmd->mpParms[i].type == paParms[i].type,
+                                    ("param #%u: type %u, caller expected %u\n", i, pFirstCmd->mpParms[i].type, paParms[i].type),
+                                    VERR_WRONG_TYPE);
+                                    ("param #%u: type %u, caller expected %u (idMsg=%u %s)\n", i, pFirstCmd->mpParms[i].type,
+                                     paParms[i].type, pFirstCmd->mMsgType, GstCtrlHostFnName((eHostFn)pFirstCmd->mMsgType)),
+                                    VERR_WRONG_PARAMETER_TYPE);
         /*
 …
+            {
                 rClientState.mHostCmdList.erase(itFirstCmd);
+                if (pFirstCmd->Release() == 0)
+                {
+                    delete pFirstCmd;
+                    LogFlow(("[Client %RU32] Destroying command (idMsg=%u cParms=%u)\n", idClient, idMsgExpected, cParms));
+                }
+                pFirstCmd->SaneRelease();
+            }
+            else
+                LogFunc(("pfnCallComplete -> %Rrc\n", rc));
             return VINF_HGCM_ASYNC_EXECUTE; /* The caller must not complete it. */
+        }
 …
  * @retval  VINF_SUCCESS if cancelled any calls.
  * @retval  VWRN_NOT_FOUND if no callers.
- * @retval  VERR_INVALID_PARAMETER if any parameters specified (expects zero).
- * @retval  VERR_INVALID_HANDLE if invalid client ID.
  * @retval  VINF_HGCM_ASYNC_EXECUTE if message wait is pending.
+ *
 …
  * @param   cParms      Number of parameters.
  */
 int Service::clientMsgCancel(uint32_t idClient, uint32_t cParms)
+int GstCtrlService::clientMsgCancel(uint32_t idClient, uint32_t cParms)
+{
     /*
      * Validate the request.
      */
     ASSERT_GUEST_MSG_RETURN(cParms == 0, ("cParms=%u!\n", cParms), VERR_INVALID_PARAMETER);
     ClientStateMapIter itClientState = mClientStateMap.find(idClient);
     ASSERT_GUEST_MSG_RETURN(itClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_HANDLE);
+    ClientState &rClientState = itClientState->second;
+    ASSERT_GUEST_MSG_RETURN(cParms == 0, ("cParms=%u!\n", cParms), VERR_WRONG_PARAMETER_COUNT);
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
     if (rClientState.mIsPending != 0)
+    {
 …
 /**
+ * A client tells this service to set a message filter.
+ * That way a client only will get new messages which matches the filter.
+ *
+ * @return VBox status code.
+ * @param  u32ClientID                  The client's ID.
+ * @param  callHandle                   The client's call handle.
+ * @param  cParms                       Number of parameters.
+ * @param  paParms                      Array of parameters.
+ */
+int Service::clientMsgFilterSet(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle,
+                                uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    RT_NOREF(callHandle);
+    /*
+     * Lookup client in our list so that we can assign the context ID of
+     * a command to that client.
+     */
+    ClientStateMapIter itClientState = mClientStateMap.find(u32ClientID);
+    AssertMsg(itClientState != mClientStateMap.end(), ("Client with ID=%RU32 not found when it should be present\n",
+                                                       u32ClientID));
+    if (itClientState == mClientStateMap.end())
+        return VERR_NOT_FOUND; /* Should never happen. */
+    if (cParms != 4)
+        return VERR_INVALID_PARAMETER;
+    uint32_t uValue;
+    int rc = HGCMSvcGetU32(&paParms[0], &uValue);
+ * Implements GUEST_MSG_SKIP.
+ *
+ * @returns VBox status code.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE on success as we complete the message.
+ * @retval  VERR_NOT_FOUND if no message pending.
+ *
+ * @param   idClient    The client's ID.
+ * @param   hCall       The call handle for completing it.
+ * @param   cParms      Number of parameters.
+ */
+int GstCtrlService::clientMsgSkip(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms)
+{
+    /*
+     * Validate the call.
+     */
+    ASSERT_GUEST_RETURN(cParms == 0, VERR_WRONG_PARAMETER_COUNT);
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    /*
+     * Do the job.
+     */
+    if (!rClientState.mHostCmdList.empty())
+    {
+        int rc = mpHelpers->pfnCallComplete(hCall, VERR_NOT_FOUND);
+        if (RT_SUCCESS(rc))
+        {
+            /*
+             * Remove the command from the queue.
+             */
+            HostCommand *pFirstCmd = *rClientState.mHostCmdList.begin();
+            rClientState.mHostCmdList.pop_front();
+            /*
+             * Compose a reply to the host service.
+             */
+            VBOXHGCMSVCPARM aReplyParams[4];
+            HGCMSvcSetU32(&aReplyParams[0], pFirstCmd->m_idContext);
+            HGCMSvcSetU32(&aReplyParams[1], pFirstCmd->mMsgType);
+            HGCMSvcSetU32(&aReplyParams[2], (uint32_t)VERR_NOT_SUPPORTED);
+            HGCMSvcSetPv(&aReplyParams[3], NULL, 0);
+            GstCtrlService::hostCallback(GUEST_MSG_REPLY,  RT_ELEMENTS(aReplyParams), aReplyParams);
+            /*
+             * Free the command.
+             */
+            pFirstCmd->SaneRelease();
+        }
+        else
+            LogFunc(("pfnCallComplete -> %Rrc\n", rc));
+        return VINF_HGCM_ASYNC_EXECUTE; /* The caller must not complete it. */
+    }
+    return VERR_NOT_FOUND;
+}
+/**
+ * Implements GUEST_SESSION_PREPARE.
+ *
+ * @returns VBox status code.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE on success as we complete the message.
+ * @retval  VERR_OUT_OF_RESOURCES if too many pending sessions hanging around.
+ * @retval  VERR_OUT_OF_RANGE if the session ID outside the allowed range.
+ * @retval  VERR_BUFFER_OVERFLOW if key too large.
+ * @retval  VERR_BUFFER_UNDERFLOW if key too small.
+ * @retval  VERR_ACCESS_DENIED if not master or in legacy mode.
+ * @retval  VERR_DUPLICATE if the session ID has been prepared already.
+ *
+ * @param   idClient    The client's ID.
+ * @param   hCall       The call handle for completing it.
+ * @param   cParms      Number of parameters.
+ * @param   paParms     The parameters.
+ */
+int GstCtrlService::clientSessionPrepare(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    /*
+     * Validate parameters.
+     */
+    ASSERT_GUEST_RETURN(cParms == 2, VERR_WRONG_PARAMETER_COUNT);
+    ASSERT_GUEST_RETURN(paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t const idSession = paParms[0].u.uint32;
+    ASSERT_GUEST_RETURN(idSession >= 1, VERR_OUT_OF_RANGE);
+    ASSERT_GUEST_RETURN(idSession <= 0xfff0, VERR_OUT_OF_RANGE);
+    ASSERT_GUEST_RETURN(paParms[1].type == VBOX_HGCM_SVC_PARM_PTR, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t const cbKey = paParms[1].u.pointer.size;
+    void const    *pvKey = paParms[1].u.pointer.addr;
+    ASSERT_GUEST_RETURN(cbKey >= 64, VERR_BUFFER_UNDERFLOW);
+    ASSERT_GUEST_RETURN(cbKey <= _16K, VERR_BUFFER_OVERFLOW);
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    ASSERT_GUEST_RETURN(rClientState.m_fIsMaster, VERR_ACCESS_DENIED);
+    ASSERT_GUEST_RETURN(!m_fLegacyMode, VERR_ACCESS_DENIED);
+    Assert(m_idMasterClient == idClient);
+    /* Now that we know it's the master, we can check for session ID duplicates. */
+    GstCtrlPreparedSession *pCur;
+    RTListForEach(&m_PreparedSessions, pCur, GstCtrlPreparedSession, ListEntry)
+    {
+        ASSERT_GUEST_RETURN(pCur->idSession != idSession, VERR_DUPLICATE);
+    }
+    /*
+     * Make a copy of the session ID and key.
+     */
+    ASSERT_GUEST_RETURN(m_cPreparedSessions < 128, VERR_OUT_OF_RESOURCES);
+    GstCtrlPreparedSession *pPrepped = (GstCtrlPreparedSession *)RTMemAlloc(RT_UOFFSETOF_DYN(GstCtrlPreparedSession, abKey[cbKey]));
+    AssertReturn(pPrepped, VERR_NO_MEMORY);
+    pPrepped->idSession = idSession;
+    pPrepped->cbKey     = cbKey;
+    memcpy(pPrepped->abKey, pvKey, cbKey);
+    RTListAppend(&m_PreparedSessions, &pPrepped->ListEntry);
+    m_cPreparedSessions++;
+    /*
+     * Try complete the command.
+     */
+    int rc = mpHelpers->pfnCallComplete(hCall, VERR_NOT_FOUND);
     if (RT_SUCCESS(rc))
+    {
+        uint32_t uMaskAdd;
+        rc = HGCMSvcGetU32(&paParms[1], &uMaskAdd);
+        if (RT_SUCCESS(rc))
+        {
+            uint32_t uMaskRemove;
+            rc = HGCMSvcGetU32(&paParms[2], &uMaskRemove);
+            /** @todo paParm[3] (flags) not used yet. */
+            if (RT_SUCCESS(rc))
+        LogFlow(("Prepared %u with a %#x byte key (%u pending).\n", idSession, cbKey, m_cPreparedSessions));
+    else
+    {
+        LogFunc(("pfnCallComplete -> %Rrc\n", rc));
+        RTListNodeRemove(&pPrepped->ListEntry);
+        RTMemFree(pPrepped);
+        m_cPreparedSessions--;
+    }
+    return VINF_HGCM_ASYNC_EXECUTE; /* The caller must not complete it. */
+}
+/**
+ * Implements GUEST_SESSION_CANCEL_PREPARED.
+ *
+ * @returns VBox status code.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE on success as we complete the message.
+ * @retval  VWRN_NOT_FOUND if no session with the specified ID.
+ * @retval  VERR_ACCESS_DENIED if not master or in legacy mode.
+ *
+ * @param   idClient    The client's ID.
+ * @param   cParms      Number of parameters.
+ * @param   paParms     The parameters.
+ */
+int GstCtrlService::clientSessionCancelPrepared(uint32_t idClient, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    /*
+     * Validate parameters.
+     */
+    ASSERT_GUEST_RETURN(cParms == 1, VERR_WRONG_PARAMETER_COUNT);
+    ASSERT_GUEST_RETURN(paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t const idSession = paParms[0].u.uint32;
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    ASSERT_GUEST_RETURN(rClientState.m_fIsMaster, VERR_ACCESS_DENIED);
+    ASSERT_GUEST_RETURN(!m_fLegacyMode, VERR_ACCESS_DENIED);
+    Assert(m_idMasterClient == idClient);
+    /*
+     * Do the work.
+     */
+    int rc = VWRN_NOT_FOUND;
+    if (idSession == UINT32_MAX)
+    {
+        GstCtrlPreparedSession *pCur, *pNext;
+        RTListForEachSafe(&m_PreparedSessions, pCur, pNext, GstCtrlPreparedSession, ListEntry)
+        {
+            RTMemFree(pCur);
+            rc = VINF_SUCCESS;
+        }
+        m_cPreparedSessions = 0;
+    }
+    else
+    {
+        GstCtrlPreparedSession *pCur, *pNext;
+        RTListForEachSafe(&m_PreparedSessions, pCur, pNext, GstCtrlPreparedSession, ListEntry)
+        {
+            if (pCur->idSession == idSession)
+            {
+                ClientState &clientState = itClientState->second;
+                clientState.mFlags |= CLIENTSTATE_FLAG_CONTEXTFILTER;
+                if (uMaskAdd)
+                    clientState.mFilterMask |= uMaskAdd;
+                if (uMaskRemove)
+                    clientState.mFilterMask &= ~uMaskRemove;
+                clientState.mFilterValue = uValue;
+                LogFlowFunc(("[Client %RU32] Setting message filterMask=0x%x, filterVal=%RU32 set (flags=0x%x, maskAdd=0x%x, maskRemove=0x%x)\n",
+                             u32ClientID, clientState.mFilterMask, clientState.mFilterValue,
+                             clientState.mFlags, uMaskAdd, uMaskRemove));
+                RTMemFree(pCur);
+                m_cPreparedSessions -= 1;
+                rc = VINF_SUCCESS;
+                break;
+            }
+        }
+    }
+    return VINF_SUCCESS;
+}
+/**
+ * Implements GUEST_SESSION_ACCEPT.
+ *
+ * @returns VBox status code.
+ * @retval  VINF_HGCM_ASYNC_EXECUTE on success as we complete the message.
+ * @retval  VERR_NOT_FOUND if the specified session ID wasn't found.
+ * @retval  VERR_MISMATCH if the key didn't match.
+ * @retval  VERR_ACCESS_DENIED if we're in legacy mode or is master.
+ * @retval  VERR_RESOURCE_BUSY if the client is already associated with a
+ *          session.
+ *
+ * @param   idClient    The client's ID.
+ * @param   hCall       The call handle for completing it.
+ * @param   cParms      Number of parameters.
+ * @param   paParms     The parameters.
+ */
+int GstCtrlService::clientSessionAccept(uint32_t idClient, VBOXHGCMCALLHANDLE hCall, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    /*
+     * Validate parameters.
+     */
+    ASSERT_GUEST_RETURN(cParms == 2, VERR_WRONG_PARAMETER_COUNT);
+    ASSERT_GUEST_RETURN(paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t const idSession = paParms[0].u.uint32;
+    ASSERT_GUEST_RETURN(idSession >= 1, VERR_OUT_OF_RANGE);
+    ASSERT_GUEST_RETURN(idSession <= 0xfff0, VERR_OUT_OF_RANGE);
+    ASSERT_GUEST_RETURN(paParms[1].type == VBOX_HGCM_SVC_PARM_PTR, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t const cbKey = paParms[1].u.pointer.size;
+    void const    *pvKey = paParms[1].u.pointer.addr;
+    ASSERT_GUEST_RETURN(cbKey >= 64, VERR_BUFFER_UNDERFLOW);
+    ASSERT_GUEST_RETURN(cbKey <= _16K, VERR_BUFFER_OVERFLOW);
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    ASSERT_GUEST_RETURN(!rClientState.m_fIsMaster, VERR_ACCESS_DENIED);
+    ASSERT_GUEST_RETURN(!m_fLegacyMode, VERR_ACCESS_DENIED);
+    Assert(m_idMasterClient != idClient);
+    ASSERT_GUEST_RETURN(rClientState.m_idSession == UINT32_MAX, VERR_RESOURCE_BUSY);
+    /*
+     * Look for the specified session and match the key to it.
+     */
+    GstCtrlPreparedSession *pCur;
+    RTListForEach(&m_PreparedSessions, pCur, GstCtrlPreparedSession, ListEntry)
+    {
+        if (pCur->idSession == idSession)
+        {
+            if (   pCur->cbKey == cbKey
+                && memcmp(pCur->abKey, pvKey, cbKey) == 0)
+            {
+                /*
+                 * We've got a match. Try complete the request and
+                 */
+                int rc = mpHelpers->pfnCallComplete(hCall, VERR_NOT_FOUND);
+                if (RT_SUCCESS(rc))
+                {
+                    rClientState.m_idSession = idSession;
+                    RTMemFree(pCur);
+                    m_cPreparedSessions -= 1;
+                }
+                else
+                    LogFunc(("pfnCallComplete -> %Rrc\n", rc));
+                return VINF_HGCM_ASYNC_EXECUTE; /* The caller must not complete it. */
+            }
+            LogFunc(("Key mismatch for %u!\n", idClient));
+            return VERR_MISMATCH;
+        }
+    }
+    LogFunc(("No client prepared for %u!\n", idClient));
+    return VERR_NOT_FOUND;
+}
+/**
+ * Client asks another client (guest) session to close.
+ *
+ * @return  IPRT status code.
+ * @param   idClient        The client's ID.
+ * @param   cParms          Number of parameters.
+ * @param   paParms         Array of parameters.
+ */
+int GstCtrlService::clientSessionCloseOther(uint32_t idClient, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    /*
+     * Validate input.
+     */
+    ASSERT_GUEST_RETURN(cParms == 2, VERR_WRONG_PARAMETER_COUNT);
+    ASSERT_GUEST_RETURN(paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t const idContext = paParms[0].u.uint32;
+    ASSERT_GUEST_RETURN(paParms[1].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t const fFlags = paParms[1].u.uint32;
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    ASSERT_GUEST_RETURN(rClientState.m_fIsMaster, VERR_ACCESS_DENIED);
+    /*
+     * Forward the command to the destiation.
+     * Since we modify the first parameter, we must make a copy of the parameters.
+     */
+    VBOXHGCMSVCPARM aParms[2];
+    HGCMSvcSetU64(&aParms[0], idContext | VBOX_GUESTCTRL_DST_SESSION);
+    HGCMSvcSetU32(&aParms[1], fFlags);
+    int rc = hostProcessCommand(HOST_SESSION_CLOSE, RT_ELEMENTS(aParms), aParms);
+    LogFlowFunc(("Closing guest context ID=%RU32 (from client ID=%RU32) returned with rc=%Rrc\n", idContext, idClient, rc));
     return rc;
+}
+/**
+ * A client tells this service to unset (clear) its message filter.
+/**
+ * For compatiblity with old additions only - filtering / set session ID.
+ *
  * @return VBox status code.
+ * @param  u32ClientID                  The client's ID.
+ * @param  callHandle                   The client's call handle.
+ * @param  cParms                       Number of parameters.
+ * @param  paParms                      Array of parameters.
+ */
+int Service::clientMsgFilterUnset(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle,
+                                  uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    RT_NOREF(callHandle, paParms);
+    /*
+     * Lookup client in our list so that we can assign the context ID of
+     * a command to that client.
+     */
+    ClientStateMapIter itClientState = mClientStateMap.find(u32ClientID);
+    AssertMsg(itClientState != mClientStateMap.end(), ("Client with ID=%RU32 not found when it should be present\n",
+                                                       u32ClientID));
+    if (itClientState == mClientStateMap.end())
+        return VERR_NOT_FOUND; /* Should never happen. */
+    if (cParms != 1)
+        return VERR_INVALID_PARAMETER;
+    ClientState &clientState = itClientState->second;
+    clientState.mFlags &= ~CLIENTSTATE_FLAG_CONTEXTFILTER;
+    clientState.mFilterMask = 0;
+    clientState.mFilterValue = 0;
+    LogFlowFunc(("[Client %RU32} Unset message filter\n", u32ClientID));
+ * @param  idClient     The client's HGCM ID.
+ * @param  cParms       Number of parameters.
+ * @param  paParms      Array of parameters.
+ */
+int GstCtrlService::clientMsgOldFilterSet(uint32_t idClient, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    /*
+     * Validate input and access.
+     */
+    ASSERT_GUEST_RETURN(cParms == 4, VERR_WRONG_PARAMETER_COUNT);
+    ASSERT_GUEST_RETURN(paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t uValue = paParms[0].u.uint32;
+    ASSERT_GUEST_RETURN(paParms[1].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t fMaskAdd = paParms[1].u.uint32;
+    ASSERT_GUEST_RETURN(paParms[2].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE);
+    uint32_t fMaskRemove = paParms[2].u.uint32;
+    ASSERT_GUEST_RETURN(paParms[3].type == VBOX_HGCM_SVC_PARM_32BIT, VERR_WRONG_PARAMETER_TYPE); /* flags, unused */
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    /*
+     * We have a bunch of expectations here:
+     *  - Never called in non-legacy mode.
+     *  - Only called once per session.
+     *  - Never called by the master session.
+     *  - Clients that doesn't wish for any messages passes all zeros.
+     *  - All other calls has a unique session ID.
+     */
+    ASSERT_GUEST_LOGREL_RETURN(m_fLegacyMode, VERR_WRONG_ORDER);
+    ASSERT_GUEST_LOGREL_MSG_RETURN(rClientState.m_idSession == UINT32_MAX, ("m_idSession=%#x\n", rClientState.m_idSession),
+                                   VERR_WRONG_ORDER);
+    ASSERT_GUEST_LOGREL_RETURN(!rClientState.m_fIsMaster, VERR_WRONG_ORDER);
+    if (uValue == 0)
+    {
+        ASSERT_GUEST_LOGREL(fMaskAdd == 0);
+        ASSERT_GUEST_LOGREL(fMaskRemove == 0);
+        /* Nothing to do, already muted (UINT32_MAX). */
+    }
+    else
+    {
+        ASSERT_GUEST_LOGREL(fMaskAdd == UINT32_C(0xf8000000));
+        ASSERT_GUEST_LOGREL(fMaskRemove == 0);
+        uint32_t idSession = VBOX_GUESTCTRL_CONTEXTID_GET_SESSION(uValue);
+        ASSERT_GUEST_LOGREL_MSG_RETURN(idSession > 0, ("idSession=%u (%#x)\n", idSession, uValue), VERR_OUT_OF_RANGE);
+        for (ClientStateMapIter It = mClientStateMap.begin(); It != mClientStateMap.end(); ++It)
+            ASSERT_GUEST_LOGREL_MSG_RETURN(It->second.m_idSession != idSession,
+                                           ("idSession=%u uValue=%#x idClient=%u; conflicting with client %u\n",
+                                            idSession, uValue, idClient, It->second.mID),
+                                           VERR_DUPLICATE);
+        /* Commit it. */
+        rClientState.m_idSession = idSession;
+    }
     return VINF_SUCCESS;
+}
+/**
+ * A client tells this service that the current command can be skipped and therefore can be removed
+ * from the internal command list.
+/**
+ * For compatibility with old additions only - skip the current command w/o
+ * calling main code.
+ *
+ * Please note that we don't care if the caller cancelled the request, because
+ * old additions code didn't give damn about VERR_INTERRUPT.
+ *
  * @return VBox status code.
+ * @param  u32ClientID                  The client's ID.
+ * @param  callHandle                   The client's call handle.
+ * @param  cParms                       Number of parameters.
+ * @param  paParms                      Array of parameters.
+ */
+int Service::clientMsgSkip(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle,
+                           uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    RT_NOREF(callHandle, cParms, paParms);
+    int rc;
+    /*
+     * Lookup client in our list so that we can assign the context ID of
+     * a command to that client.
+     */
+    ClientStateMapIter itClientState = mClientStateMap.find(u32ClientID);
+    AssertMsg(itClientState != mClientStateMap.end(), ("Client ID=%RU32 not found when it should be present\n", u32ClientID));
+    if (itClientState != mClientStateMap.end())
+    {
+        itClientState->second.DequeueCurrent();
+        rc = VINF_SUCCESS;
+    }
+    else
+        rc = VERR_NOT_FOUND;
+    LogFlowFunc(("[Client %RU32] Skipped current message, rc=%Rrc\n", u32ClientID, rc));
+    return rc;
+ * @param  idClient     The client's HGCM ID.
+ * @param  cParms       Number of parameters.
+ */
+int GstCtrlService::clientMsgOldSkip(uint32_t idClient, uint32_t cParms)
+{
+    /*
+     * Validate input and access.
+     */
+    ASSERT_GUEST_RETURN(cParms == 1, VERR_WRONG_PARAMETER_COUNT);
+    ClientStateMapIter ItClientState = mClientStateMap.find(idClient);
+    ASSERT_GUEST_MSG_RETURN(ItClientState != mClientStateMap.end(), ("idClient=%RU32\n", idClient), VERR_INVALID_CLIENT_ID);
+    ClientState &rClientState = ItClientState->second;
+    /*
+     * Execute the request.
+     */
+    if (!rClientState.mHostCmdList.empty())
+        rClientState.DitchFirstHostCmd();
+    LogFlowFunc(("[Client %RU32] Skipped current message - leagcy function\n", idClient));
+    return VINF_SUCCESS;
+}
 /**
 …
  * @param   paParms                 Array of parameters.
  */
 int Service::hostCallback(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+int GstCtrlService::hostCallback(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
     LogFlowFunc(("eFunction=%ld, cParms=%ld, paParms=%p\n",
 …
+    {
         VBOXGUESTCTRLHOSTCALLBACK data(cParms, paParms);
+        rc = mpfnHostCallback(mpvHostData, eFunction, (void *)(&data), sizeof(data));
+        /** @todo Not sure if this try/catch is necessary, I pushed it down here from
+         * GstCtrlService::call where it was not needed for anything else that I
+         * could spot.  I know this might be a tough, but I expect someone writing
+         * this kind of code to know what can throw errors and handle them where it
+         * is appropriate, rather than grand catch-all-at-the-top crap like this.
+         * The reason why it is utter crap, is that you have no state cleanup code
+         * where you might need it, which is why I despise exceptions in general */
+        try
+        {
+            rc = mpfnHostCallback(mpvHostData, eFunction, (void *)(&data), sizeof(data));
+        }
+        catch (std::bad_alloc &)
+        {
+            rc = VERR_NO_MEMORY;
+        }
+    }
     else
 …
+}
 /**
  * Processes a command received from the host side and re-routes it to
 …
+ *
  * @return  IPRT status code.
  * @param   eFunction               Function code to process.
  * @param   cParms                  Number of parameters.
  * @param   paParms                 Array of parameters.
  */
 int Service::hostProcessCommand(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+ * @param   idFunction  Function code to process.
+ * @param   cParms      Number of parameters.
+ * @param   paParms     Array of parameters.
+ */
+int GstCtrlService::hostProcessCommand(uint32_t idFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
     /*
 …
      */
     if (mClientStateMap.empty())
+    {
+        LogFlow(("GstCtrlService::hostProcessCommand: VERR_NOT_FOUND!\n"));
         return VERR_NOT_FOUND;
+    int rc;
+    HostCommand *pHostCmd = NULL;
+    try
+    {
+        pHostCmd = new HostCommand();
+        rc = pHostCmd->Allocate(eFunction, cParms, paParms);
+        if (RT_SUCCESS(rc))
+            /* rc = */ RTListAppend(&mHostCmdList, &pHostCmd->Node);
+    }
+    catch (std::bad_alloc &)
+    {
+        rc = VERR_NO_MEMORY;
+    }
+    }
+    HostCommand *pHostCmd = new (std::nothrow) HostCommand();
+    AssertReturn(pHostCmd, VERR_NO_MEMORY);
+    int rc = pHostCmd->Init(idFunction, cParms, paParms);
     if (RT_SUCCESS(rc))
+    {
+        LogFlowFunc(("Handling host command CID=%RU32, eFunction=%RU32, cParms=%RU32, paParms=%p, numClients=%zu\n",
+                     pHostCmd->mContextID, eFunction, cParms, paParms, mClientStateMap.size()));
+        RTListAppend(&mHostCmdList, &pHostCmd->m_ListEntry);
+        LogFlowFunc(("Handling host command m_idContextAndDst=%#RX64, idFunction=%RU32, cParms=%RU32, paParms=%p, cClients=%zu\n",
+                     pHostCmd->m_idContextAndDst, idFunction, cParms, paParms, mClientStateMap.size()));
         /*
          * Wake up all pending clients which are interested in this
          * host command.
+         * Find the message destination and post it to the client.  If the
+         * session ID doesn't match any particular client it goes to the master.
          */
+#ifdef DEBUG
+        uint32_t uClientsWokenUp = 0;
+#endif
+        ClientStateMapIter itClientState = mClientStateMap.begin();
+        AssertMsg(itClientState != mClientStateMap.end(), ("Client state map is empty when it should not\n"));
+        while (itClientState != mClientStateMap.end())
+        {
+            ClientState &clientState = itClientState->second;
+            /* If a client indicates that it it wants the new host command,
+             * add a reference to not delete it.*/
+            if (clientState.WantsHostCommand(pHostCmd))
+        AssertMsg(!mClientStateMap.empty(), ("Client state map is empty when it should not be!\n"));
+        /* Dispatch to the session. */
+        if (pHostCmd->m_idContextAndDst & VBOX_GUESTCTRL_DST_SESSION)
+        {
+            rc = VWRN_NOT_FOUND;
+            uint32_t const idSession = VBOX_GUESTCTRL_CONTEXTID_GET_SESSION(pHostCmd->m_idContext);
+            for (ClientStateMapIter It = mClientStateMap.begin(); It != mClientStateMap.end(); ++It)
+            {
+                clientState.EnqueueCommand(pHostCmd);
+                int rc2 = clientState.Wakeup();
+                if (RT_FAILURE(rc2))
+                    LogFlowFunc(("Waking up client ID=%RU32 failed with rc=%Rrc\n",
+                                 itClientState->first, rc2));
+#ifdef DEBUG
+                uClientsWokenUp++;
+#endif
+                /** @todo r=bird: Do we need to queue commands on more than one client? */
+                ClientState &rClientState = It->second;
+                if (rClientState.m_idSession == idSession)
+                {
+                    rc = rClientState.EnqueueCommand(pHostCmd);
+                    if (RT_SUCCESS(rc))
+                    {
+                        int rc2 = rClientState.Wakeup();
+                        LogFlowFunc(("Woke up client ID=%RU32 -> rc=%Rrc\n", rClientState.mID, rc2));
+                    }
+                    break;
+                }
+            }
+            ++itClientState;
+        }
+#ifdef DEBUG
+        LogFlowFunc(("%RU32 clients have been woken up\n", uClientsWokenUp));
+#endif
+    }
+    /** @todo r=bird: If pHostCmd->Allocate fails, you leak stuff.  It's not
+     *        likely, since it'll only fail if the host gives us an incorrect
+     *        parameter list (first param isn't uint32_t) or we're out of memory.
+     *        In the latter case, of course, you're not exactly helping...  */
+        }
+        /* Does the message go to the root service? */
+        if (   (pHostCmd->m_idContextAndDst & VBOX_GUESTCTRL_DST_ROOT_SVC)
+            && RT_SUCCESS(rc))
+        {
+            ClientStateMapIter It = mClientStateMap.find(m_idMasterClient);
+            if (It != mClientStateMap.end())
+            {
+                ClientState &rClientState = It->second;
+                int rc2 = rClientState.EnqueueCommand(pHostCmd);
+                if (RT_SUCCESS(rc2))
+                {
+                    rc2 = rClientState.Wakeup();
+                    LogFlowFunc(("Woke up client ID=%RU32 (master) -> rc=%Rrc\n", rClientState.mID, rc2));
+                }
+                else
+                    rc = rc2;
+            }
+            else
+                rc = VERR_NOT_FOUND;
+        }
+    }
+    /* Drop our command reference. */
+    pHostCmd->SaneRelease();
+    if (RT_FAILURE(rc))
+        LogFunc(("Failed %Rrc (idFunction=%u, cParms=%u)\n", rc, idFunction, cParms));
     return rc;
+}
 /**
 …
  * @thread  HGCM
  */
+void Service::call(VBOXHGCMCALLHANDLE callHandle, uint32_t u32ClientID,
+                   void * /* pvClient */, uint32_t eFunction, uint32_t cParms,
+                   VBOXHGCMSVCPARM paParms[])
+{
+    int rc = VINF_SUCCESS;
+    LogFlowFunc(("[Client %RU32] eFunction=%RU32, cParms=%RU32, paParms=0x%p\n",
+                 u32ClientID, eFunction, cParms, paParms));
+    try
+    {
+void GstCtrlService::call(VBOXHGCMCALLHANDLE hCall, uint32_t idClient, void * /* pvClient */, uint32_t idFunction,
+                          uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    LogFlowFunc(("[Client %RU32] idFunction=%RU32 (%s), cParms=%RU32, paParms=0x%p\n",
+                 idClient, idFunction, GstCtrlHostFnName((eHostFn)idFunction), cParms, paParms));
+    int rc;
+    switch (idFunction)
+    {
+        case GUEST_MAKE_ME_MASTER:
+            LogFlowFunc(("[Client %RU32] GUEST_MAKE_ME_MASTER\n", idClient));
+            rc = clientMakeMeMaster(idClient, hCall, cParms);
+            break;
+        case GUEST_MSG_PEEK_NOWAIT:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_PEEK_NOWAIT\n", idClient));
+            rc = clientMsgPeek(idClient, hCall, cParms, paParms, false /*fWait*/);
+            break;
+        case GUEST_MSG_PEEK_WAIT:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_PEEK_WAIT\n", idClient));
+            rc = clientMsgPeek(idClient, hCall, cParms, paParms, true /*fWait*/);
+            break;
+        case GUEST_MSG_GET:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_GET\n", idClient));
+            rc = clientMsgGet(idClient, hCall, cParms, paParms);
+            break;
+        case GUEST_MSG_CANCEL:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_CANCEL\n", idClient));
+            rc = clientMsgCancel(idClient, cParms);
+            break;
+        case GUEST_MSG_SKIP:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_SKIP\n", idClient));
+            rc = clientMsgSkip(idClient, hCall, cParms);
+            break;
+        case GUEST_SESSION_PREPARE:
+            LogFlowFunc(("[Client %RU32] GUEST_SESSION_PREPARE\n", idClient));
+            rc = clientSessionPrepare(idClient, hCall, cParms, paParms);
+            break;
+        case GUEST_SESSION_CANCEL_PREPARED:
+            LogFlowFunc(("[Client %RU32] GUEST_SESSION_CANCEL_PREPARED\n", idClient));
+            rc = clientSessionCancelPrepared(idClient, cParms, paParms);
+            break;
+        case GUEST_SESSION_ACCEPT:
+            LogFlowFunc(("[Client %RU32] GUEST_SESSION_ACCEPT\n", idClient));
+            rc = clientSessionAccept(idClient, hCall, cParms, paParms);
+            break;
+        case GUEST_SESSION_CLOSE:
+            LogFlowFunc(("[Client %RU32] GUEST_SESSION_CLOSE\n", idClient));
+            rc = clientSessionCloseOther(idClient, cParms, paParms);
+            break;
         /*
+         * The guest asks the host for the next message to process.
+         * For all other regular commands we call our hostCallback
+         * function. If the current command does not support notifications,
+         * notifyHost will return VERR_NOT_SUPPORTED.
          */
+        if (eFunction == GUEST_MSG_WAIT)
+        {
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_WAIT\n", u32ClientID));
+            rc = clientMsgOldGet(u32ClientID, callHandle, cParms, paParms);
+        }
+        else
+        {
+            switch (eFunction)
+            {
+                /*
+                 * A client wants to shut down and asks us (this service) to cancel
+                 * all blocking/pending waits (VINF_HGCM_ASYNC_EXECUTE) so that the
+                 * client can gracefully shut down.
+                 */
+                case GUEST_CANCEL_PENDING_WAITS:
+                {
+                    LogFlowFunc(("[Client %RU32] GUEST_CANCEL_PENDING_WAITS\n", u32ClientID));
+                    ClientStateMapIter itClientState = mClientStateMap.find(u32ClientID);
+                    if (itClientState != mClientStateMap.end())
+                        rc = itClientState->second.CancelWaiting();
+                    break;
+                }
+                /*
+                 * The guest only wants certain messages set by the filter mask(s).
+                 * Since VBox 4.3+.
+                 */
+                case GUEST_MSG_FILTER_SET:
+                    LogFlowFunc(("[Client %RU32] GUEST_MSG_FILTER_SET\n", u32ClientID));
+                    rc = clientMsgFilterSet(u32ClientID, callHandle, cParms, paParms);
+                    break;
+                /*
+                 * Unsetting the message filter flag.
+                 */
+                case GUEST_MSG_FILTER_UNSET:
+                    LogFlowFunc(("[Client %RU32] GUEST_MSG_FILTER_UNSET\n", u32ClientID));
+                    rc = clientMsgFilterUnset(u32ClientID, callHandle, cParms, paParms);
+                    break;
+                /*
+                 * The guest only wants skip the currently assigned messages. Neded
+                 * for dropping its assigned reference of the current assigned host
+                 * command in queue.
+                 * Since VBox 4.3+.
+                 */
+                case GUEST_MSG_SKIP:
+                    LogFlowFunc(("[Client %RU32] GUEST_MSG_SKIP\n", u32ClientID));
+                    rc = clientMsgSkip(u32ClientID, callHandle, cParms, paParms);
+                    break;
+                /*
+                 * New message peeking and retrieval functions replacing GUEST_MSG_WAIT.
+                 */
+                case GUEST_MSG_PEEK_NOWAIT:
+                    LogFlowFunc(("[Client %RU32] GUEST_MSG_PEEK_NOWAIT\n", u32ClientID));
+                    rc = clientMsgPeek(u32ClientID, callHandle, cParms, paParms, false /*fWait*/);
+                    break;
+                case GUEST_MSG_PEEK_WAIT:
+                    LogFlowFunc(("[Client %RU32] GUEST_MSG_PEEK_WAIT\n", u32ClientID));
+                    rc = clientMsgPeek(u32ClientID, callHandle, cParms, paParms, true /*fWait*/);
+                    break;
+                case GUEST_MSG_GET:
+                    LogFlowFunc(("[Client %RU32] GUEST_MSG_GET\n", u32ClientID));
+                    rc = clientMsgGet(u32ClientID, callHandle, cParms, paParms);
+                    break;
+                case GUEST_MSG_CANCEL:
+                    LogFlowFunc(("[Client %RU32] GUEST_MSG_CANCEL\n", u32ClientID));
+                    rc = clientMsgCancel(u32ClientID, cParms);
+                    break;
+                /*
+                 * The guest wants to close specific guest session. This is handy for
+                 * shutting down dedicated guest session processes from another process.
+                 */
+                case GUEST_SESSION_CLOSE:
+                    LogFlowFunc(("[Client %RU32] GUEST_SESSION_CLOSE\n", u32ClientID));
+                    rc = sessionClose(u32ClientID, callHandle, cParms, paParms);
+                    break;
+                /*
+                 * For all other regular commands we call our hostCallback
+                 * function. If the current command does not support notifications,
+                 * notifyHost will return VERR_NOT_SUPPORTED.
+                 */
+                default:
+                    rc = hostCallback(eFunction, cParms, paParms);
+                    break;
+            }
+            if (rc != VINF_HGCM_ASYNC_EXECUTE)
+            {
+                /* Tell the client that the call is complete (unblocks waiting). */
+                AssertPtr(mpHelpers);
+                mpHelpers->pfnCallComplete(callHandle, rc);
+            }
+        }
+    }
+    catch (std::bad_alloc &)
+    {
+        rc = VERR_NO_MEMORY;
+        default:
+            rc = hostCallback(idFunction, cParms, paParms);
+            break;
+        /*
+         * The remaining commands are here for compatibility with older
+         * guest additions:
+         */
+        case GUEST_MSG_WAIT:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_WAIT\n", idClient));
+            clientMsgOldGet(idClient, hCall, cParms, paParms);
+            rc = VINF_HGCM_ASYNC_EXECUTE;
+            break;
+        case GUEST_MSG_SKIP_OLD:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_SKIP_OLD\n", idClient));
+            rc = clientMsgOldSkip(idClient, cParms);
+            break;
+        case GUEST_MSG_FILTER_SET:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_FILTER_SET\n", idClient));
+            rc = clientMsgOldFilterSet(idClient, cParms, paParms);
+            break;
+        case GUEST_MSG_FILTER_UNSET:
+            LogFlowFunc(("[Client %RU32] GUEST_MSG_FILTER_UNSET\n", idClient));
+            rc = VERR_NOT_IMPLEMENTED;
+            break;
+    }
+    if (rc != VINF_HGCM_ASYNC_EXECUTE)
+    {
+        /* Tell the client that the call is complete (unblocks waiting). */
+        LogFlowFunc(("[Client %RU32] Calling pfnCallComplete w/ rc=%Rrc\n", idClient, rc));
+        AssertPtr(mpHelpers);
+        mpHelpers->pfnCallComplete(hCall, rc);
+    }
+}
 /**
 …
  * @thread  hgcm
  */
+int Service::hostCall(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    int rc = VERR_NOT_SUPPORTED;
+    LogFlowFunc(("fn=%RU32, cParms=%RU32, paParms=0x%p\n",
+                 eFunction, cParms, paParms));
+    try
+    {
+        switch (eFunction)
+        {
+            /**
+             * Host
+             */
+            case HOST_CANCEL_PENDING_WAITS:
+int GstCtrlService::hostCall(uint32_t eFunction, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    LogFlowFunc(("fn=%RU32, cParms=%RU32, paParms=0x%p\n", eFunction, cParms, paParms));
+    switch (eFunction)
+    {
+        default:
+            return hostProcessCommand(eFunction, cParms, paParms);
+        /** @todo r=bird: Why is this here, I cannot find anyone using this in Main.
+         * I thought the HOST_CANCEL_PENDING_WAITS was only for return to the _guest_
+         * when the root VBoxService wanted to shut down. */
+        case HOST_CANCEL_PENDING_WAITS:
+        {
+            LogFlowFunc(("HOST_CANCEL_PENDING_WAITS\n"));
+            AssertFailed(); /* want to know who uses this function! */
+            ClientStateMapIter itClientState = mClientStateMap.begin();
+            while (itClientState != mClientStateMap.end())
+            {
+                LogFlowFunc(("HOST_CANCEL_PENDING_WAITS\n"));
+                ClientStateMapIter itClientState = mClientStateMap.begin();
+                while (itClientState != mClientStateMap.end())
+                {
+                    int rc2 = itClientState->second.CancelWaiting();
+                    if (RT_FAILURE(rc2))
+                        LogFlowFunc(("Cancelling waiting for client ID=%RU32 failed with rc=%Rrc",
+                                     itClientState->first, rc2));
+                    ++itClientState;
+                }
+                rc = VINF_SUCCESS;
+                break;
+                int rc2 = itClientState->second.CancelWaiting();
+                if (RT_FAILURE(rc2))
+                    LogFlowFunc(("Cancelling waiting for client ID=%RU32 failed with rc=%Rrc",
+                                 itClientState->first, rc2));
+                ++itClientState;
+            }
+            default:
+                rc = hostProcessCommand(eFunction, cParms, paParms);
+                break;
+        }
+    }
+    catch (std::bad_alloc &)
+    {
+        rc = VERR_NO_MEMORY;
+    }
+    return rc;
+            return VINF_SUCCESS;
+        }
+    }
+}
+/**
+ * Client asks another client (guest) session to close.
+ *
+ * @return  IPRT status code.
+ * @param   u32ClientID                 The client's ID.
+ * @param   callHandle                  The client's call handle.
+ * @param   cParms                      Number of parameters.
+ * @param   paParms                     Array of parameters.
+ */
+int Service::sessionClose(uint32_t u32ClientID, VBOXHGCMCALLHANDLE callHandle, uint32_t cParms, VBOXHGCMSVCPARM paParms[])
+{
+    RT_NOREF(u32ClientID, callHandle);
+    if (cParms < 2)
+        return VERR_INVALID_PARAMETER;
+    uint32_t uContextID, uFlags;
+    int rc = HGCMSvcGetU32(&paParms[0], &uContextID);
+    if (RT_SUCCESS(rc))
+        rc = HGCMSvcGetU32(&paParms[1], &uFlags);
+    uint32_t uSessionID = VBOX_GUESTCTRL_CONTEXTID_GET_SESSION(uContextID);
+    if (RT_SUCCESS(rc))
+        rc = hostProcessCommand(HOST_SESSION_CLOSE, cParms, paParms);
+    LogFlowFunc(("Closing guest session ID=%RU32 (from client ID=%RU32) returned with rc=%Rrc\n",
+                 uSessionID, u32ClientID, rc)); NOREF(uSessionID);
+    return rc;
+}
+int Service::uninit(void)
+int GstCtrlService::uninit(void)
+{
     return VINF_SUCCESS;
+}
+} /* namespace guestControl */
+using guestControl::Service;
 /**
 …
         else
+        {
             Service *pService = NULL;
+            GstCtrlService *pService = NULL;
             /* No exceptions may propagate outside. */
             try
+            {
                 pService = new Service(pTable->pHelpers);
+                pService = new GstCtrlService(pTable->pHelpers);
+            }
             catch (int rcThrown)
 …
                 /* Register functions. */
                 pTable->pfnUnload             = Service::svcUnload;
                 pTable->pfnConnect            = Service::svcConnect;
                 pTable->pfnDisconnect         = Service::svcDisconnect;
                 pTable->pfnCall               = Service::svcCall;
                 pTable->pfnHostCall           = Service::svcHostCall;
                 pTable->pfnSaveState          = NULL;  /* The service is stateless, so the normal */
+                pTable->pfnUnload             = GstCtrlService::svcUnload;
+                pTable->pfnConnect            = GstCtrlService::svcConnect;
+                pTable->pfnDisconnect         = GstCtrlService::svcDisconnect;
+                pTable->pfnCall               = GstCtrlService::svcCall;
+                pTable->pfnHostCall           = GstCtrlService::svcHostCall;
+                pTable->pfnSaveState          = NULL;  /* The GstCtrlService is stateless, so the normal */
                 pTable->pfnLoadState          = NULL;  /* construction done before restoring suffices */
                 pTable->pfnRegisterExtension  = Service::svcRegisterExtension;
+                pTable->pfnRegisterExtension  = GstCtrlService::svcRegisterExtension;
                 /* Service specific initialization. */

trunk/src/VBox/Main/include/GuestSessionImpl.h

-              r75605
+              r75798
     inline bool             i_processExists(uint32_t uProcessID, ComObjPtr<GuestProcess> *pProcess);
     inline int              i_processGetByPID(ULONG uPID, ComObjPtr<GuestProcess> *pProcess);
+    int                     i_sendCommand(uint32_t uFunction, uint32_t uParms, PVBOXHGCMSVCPARM paParms);
+    int                     i_sendCommand(uint32_t uFunction, uint32_t uParms, PVBOXHGCMSVCPARM paParms,
+                                          uint64_t fDst = VBOX_GUESTCTRL_DST_SESSION);
     static HRESULT          i_setErrorExternal(VirtualBoxBase *pInterface, int guestRc);
     int                     i_setSessionStatus(GuestSessionStatus_T sessionStatus, int sessionRc);

trunk/src/VBox/Main/src-client/GuestCtrlPrivate.cpp

-              r75737
+              r75798
+}
+int GuestObject::sendCommand(uint32_t uFunction,
+                             uint32_t cParms, PVBOXHGCMSVCPARM paParms)
+int GuestObject::sendCommand(uint32_t uFunction, uint32_t cParms, PVBOXHGCMSVCPARM paParms)
+{
 #ifndef VBOX_GUESTCTRL_TEST_CASE
 …
     if (pVMMDev)
+    {
+        /* HACK ALERT! We extend the first parameter to 64-bit and use the
+                       two topmost bits for call destination information. */
+        Assert(paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT);
+        paParms[0].type = VBOX_HGCM_SVC_PARM_64BIT;
+        paParms[0].u.uint64 = (uint64_t)paParms[0].u.uint32 | VBOX_GUESTCTRL_DST_SESSION;
+        /* Make the call. */
         LogFlowThisFunc(("uFunction=%RU32, cParms=%RU32\n", uFunction, cParms));
         vrc = pVMMDev->hgcmHostCall(HGCMSERVICE_NAME, uFunction, cParms, paParms);

trunk/src/VBox/Main/src-client/GuestSessionImpl.cpp

-              r75737
+              r75798
     alock.release(); /* Drop the write lock before waiting. */
     vrc = i_sendCommand(HOST_SESSION_CLOSE, i, paParms);
+    vrc = i_sendCommand(HOST_SESSION_CLOSE, i, paParms, VBOX_GUESTCTRL_DST_BOTH);
     if (RT_SUCCESS(vrc))
         vrc = i_waitForStatusChange(pEvent, GuestSessionWaitForFlag_Terminate, uTimeoutMS,
 …
     alock.release(); /* Drop write lock before sending. */
     vrc = i_sendCommand(HOST_SESSION_CREATE, i, paParms);
+    vrc = i_sendCommand(HOST_SESSION_CREATE, i, paParms, VBOX_GUESTCTRL_DST_ROOT_SVC);
     if (RT_SUCCESS(vrc))
+    {
 …
+}
 int GuestSession::i_sendCommand(uint32_t uFunction,
                                 uint32_t uParms, PVBOXHGCMSVCPARM paParms)
+int GuestSession::i_sendCommand(uint32_t uFunction, uint32_t uParms, PVBOXHGCMSVCPARM paParms,
+                                uint64_t fDst /*= VBOX_GUESTCTRL_DST_SESSION*/)
+{
     LogFlowThisFuncEnter();
 …
     AssertPtr(pVMMDev);
+    LogFlowThisFunc(("uFunction=%RU32, uParms=%RU32\n", uFunction, uParms));
+    LogFlowThisFunc(("uFunction=%RU32 (%s), uParms=%RU32\n", uFunction, GstCtrlHostFnName((guestControl::eHostFn)uFunction), uParms));
+    /* HACK ALERT! We extend the first parameter to 64-bit and use the
+                   two topmost bits for call destination information. */
+    Assert(fDst == VBOX_GUESTCTRL_DST_SESSION || fDst == VBOX_GUESTCTRL_DST_ROOT_SVC || fDst == VBOX_GUESTCTRL_DST_BOTH);
+    Assert(paParms[0].type == VBOX_HGCM_SVC_PARM_32BIT);
+    paParms[0].type = VBOX_HGCM_SVC_PARM_64BIT;
+    paParms[0].u.uint64 = (uint64_t)paParms[0].u.uint32 | fDst;
+    /* Make the call. */
     int vrc = pVMMDev->hgcmHostCall(HGCMSERVICE_NAME, uFunction, uParms, paParms);
     if (RT_FAILURE(vrc))

trunk/src/VBox/Main/src-client/HGCMThread.cpp

-              r75747
+              r75798
 int HGCMThread::MsgComplete(HGCMMsgCore *pMsg, int32_t result)
+{
     LogFlow(("HGCMThread::MsgComplete: thread = %p, pMsg = %p\n", this, pMsg));
+    LogFlow(("HGCMThread::MsgComplete: thread = %p, pMsg = %p, result = %Rrc (%d)\n", this, pMsg, result, result));
     AssertRelease(pMsg->m_pThread == this);
 …
+}
 int hgcmMsgComplete(HGCMMsgCore *pMsg, int32_t u32Result)
+{
     LogFlow(("MAIN::hgcmMsgComplete: pMsg = %p\n", pMsg));
+int hgcmMsgComplete(HGCMMsgCore *pMsg, int32_t rcMsg)
+{
+    LogFlow(("MAIN::hgcmMsgComplete: pMsg = %p, rcMsg = %Rrc (%d)\n", pMsg, rcMsg, rcMsg));
     int rc;
     if (pMsg)
         rc = pMsg->Thread()->MsgComplete(pMsg, u32Result);
+        rc = pMsg->Thread()->MsgComplete(pMsg, rcMsg);
     else
         rc = VINF_SUCCESS;
     LogFlow(("MAIN::hgcmMsgComplete: pMsg = %p, rc = %Rrc\n", pMsg, rc));
+    LogFlow(("MAIN::hgcmMsgComplete: pMsg = %p, rcMsg =%Rrc (%d), returns rc = %Rrc\n", pMsg, rcMsg, rcMsg, rc));
     return rc;
+}

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats:

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette