From: Florin Coras Date: Tue, 30 Sep 2025 05:24:02 +0000 (-0400) Subject: session: app socket api as default instead of bapi X-Git-Url: https://gerrit.fd.io/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F94%2F43794%2F4;p=vpp.git session: app socket api as default instead of bapi Default to using app socket api instead of binary api for external application attachment. It is more secure as the binary api socket no longer needs to be exposed to apps to be able to attach. Moved all python tests to app socket api and added a new one for basic testing of bapi. Type: improvement Change-Id: Ib8c71e648871cd56492cb7bfb28997ebd117e009 Signed-off-by: Florin Coras --- diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c index eca877d6974..211cb8f80bf 100644 --- a/src/vnet/session/session.c +++ b/src/vnet/session/session.c @@ -2141,6 +2141,9 @@ session_main_init (vlib_main_t * vm) smm->port_allocator_min_src_port = 1024; smm->port_allocator_max_src_port = 65535; + /* default enable app socket api */ + (void) appns_sapi_enable_disable (1 /* is_enable */); + return 0; } @@ -2262,8 +2265,6 @@ session_config_fn (vlib_main_t * vm, unformat_input_t * input) smm->rt_engine_type = RT_BACKEND_ENGINE_NONE; smm->session_enable_asap = 1; } - else if (unformat (input, "use-app-socket-api")) - (void) appns_sapi_enable_disable (1 /* is_enable */); else if (unformat (input, "poll-main")) smm->poll_main = 1; else if (unformat (input, "use-private-rx-mqs")) @@ -2280,6 +2281,15 @@ session_config_fn (vlib_main_t * vm, unformat_input_t * input) /* * Deprecated but maintained for compatibility */ + else if (unformat (input, "use-app-socket-api")) + ; + else if (unformat (input, "use-bapi-socket-api")) + { + clib_warning ( + "App attachment using binary-api is deprecated in favor " + "of socket api. Support for bapi may be removed in the future."); + (void) appns_sapi_enable_disable (0 /* is_enable */); + } else if (unformat (input, "evt_qs_memfd_seg")) ; else if (unformat (input, "segment-baseva 0x%lx", &tmp)) diff --git a/test/asf/test_vcl.py b/test/asf/test_vcl.py index 76a368f28d2..4cf6fb635ba 100644 --- a/test/asf/test_vcl.py +++ b/test/asf/test_vcl.py @@ -61,7 +61,7 @@ class VCLAppWorker(Worker): class VCLTestCase(VppAsfTestCase): """VCL Test Class""" - session_startup = ["poll-main"] + session_startup = ["poll-main", "use-app-socket-api"] @classmethod def setUpClass(cls): @@ -85,8 +85,8 @@ class VCLTestCase(VppAsfTestCase): self.echo_phrase = "Hello, world! Jenny is a friend of mine." self.pre_test_sleep = 0.3 self.post_test_sleep = 1 - self.sapi_client_sock = "" - self.sapi_server_sock = "" + self.sapi_client_sock = "default" + self.sapi_server_sock = "default" if os.path.isfile("/tmp/ldp_server_af_unix_socket"): os.remove("/tmp/ldp_server_af_unix_socket") @@ -187,6 +187,8 @@ class VCLTestCase(VppAsfTestCase): ip_t01.add_vpp_config() ip_t10.add_vpp_config() self.logger.debug(self.vapi.cli("show ip fib")) + self.sapi_server_sock = "1" + self.sapi_client_sock = "2" def thru_host_stack_tear_down(self): self.vapi.app_namespace_add_del_v4( @@ -244,6 +246,8 @@ class VCLTestCase(VppAsfTestCase): ip_t10.add_vpp_config() self.logger.debug(self.vapi.cli("show interface addr")) self.logger.debug(self.vapi.cli("show ip6 fib")) + self.sapi_server_sock = "1" + self.sapi_client_sock = "2" def thru_host_stack_ipv6_tear_down(self): self.vapi.app_namespace_add_del_v4( @@ -316,7 +320,6 @@ class LDPCutThruTestCase(VCLTestCase): @classmethod def setUpClass(cls): - cls.session_startup = ["poll-main", "use-app-socket-api"] super(LDPCutThruTestCase, cls).setUpClass() @classmethod @@ -569,7 +572,6 @@ class VCLThruHostStackCLUDPEcho(VCLTestCase): @classmethod def setUpClass(cls): - cls.session_startup = ["poll-main", "use-app-socket-api"] super(VCLThruHostStackCLUDPEcho, cls).setUpClass() @classmethod @@ -625,7 +627,6 @@ class VCLThruHostStackCLUDPBinds(VCLTestCase): @classmethod def setUpClass(cls): - cls.session_startup = ["poll-main", "use-app-socket-api"] super(VCLThruHostStackCLUDPBinds, cls).setUpClass() @classmethod @@ -707,7 +708,6 @@ class VCLThruHostStackTLS(VCLTestCase): @classmethod def setUpClass(cls): - cls.session_startup = ["poll-main", "use-app-socket-api"] super(VCLThruHostStackTLS, cls).setUpClass() @classmethod @@ -1499,5 +1499,52 @@ class VCLIpv6ThruHostStackEcho(VCLTestCase): ) +@unittest.skipIf( + "hs_apps" in config.excluded_plugins, "Exclude tests requiring hs_apps plugin" +) +class VCLCutThruTestCaseBAPI(VCLTestCase): + """VCL Cut Thru BAPI Test""" + + @classmethod + def setUpClass(cls): + cls.session_startup = ["poll-main", "use-bapi-socket-api"] + super(VCLCutThruTestCaseBAPI, cls).setUpClass() + + @classmethod + def tearDownClass(cls): + super(VCLCutThruTestCaseBAPI, cls).tearDownClass() + + def setUp(self): + super(VCLCutThruTestCaseBAPI, self).setUp() + + self.cut_thru_setup() + self.client_uni_dir_test_args = [ + "-N", + "1000", + self.server_addr, + self.server_port, + ] + self.sapi_client_sock = "" + self.sapi_server_sock = "" + + def tearDown(self): + super(VCLCutThruTestCaseBAPI, self).tearDown() + + def show_commands_at_teardown(self): + self.logger.debug(self.vapi.cli("show session verbose 2")) + self.logger.debug(self.vapi.cli("show app mq")) + + def test_vcl_cut_thru_tcp_bapi(self): + """run VCL cut thru tcp test bapi""" + + # Single binary api test after switching to app socket api as default + self.cut_thru_test( + "vcl_test_server", + self.server_args, + "vcl_test_client", + self.client_uni_dir_test_args, + ) + + if __name__ == "__main__": unittest.main(testRunner=VppTestRunner)