Index | Thread | Search

From:
Tom Smyth <tom.smyth@wirelessconnect.eu>
Subject:
Re: bgpd: properly discard pfkey error messages
To:
tech@openbsd.org
Date:
Sun, 14 Sep 2025 09:02:25 +0100

Download raw body.

Thread 
sorry, just to clarify my last mail,

I tried the fix on OpenBSD7.7 stable  running on amd64  architecture

Thanks


On Sun, 14 Sept 2025 at 02:25, Tom Smyth <tom.smyth@wirelessconnect.eu> wrote:
>
> Folks
>
> Just to confirm I tested the diff  on OPENBSD_7_7 branch and applied
> the path and it worked as advertised,
>
> mind you I had to do a kill -9  to stop the bgpd process ,
>
> I have installed this on all my affected BGP / nsh boxes and they seem
> to be working well
>
> Thanks  again
>
> Tom Smyth
>
> On Fri, 12 Sept 2025 at 13:00, Tom Smyth <tom.smyth@wirelessconnect.eu> wrote:
> >
> > Hi Theo, Claudio
> > Thanks for fix diff and the review.
> >
> > Much obliged,
> > Tom Smyth
> >
> >
> > On Fri, 12 Sept 2025 at 12:44, Theo Buehler <tb@theobuehler.org> wrote:
> > >
> > > On Fri, Sep 12, 2025 at 01:34:34PM +0200, Claudio Jeker wrote:
> > > > pfkey_reply() needs to discard any error message (including those for
> > > > ESRCH). The fix I did in 1.64 was not quite right since for the ESRCH
> > > > case the message remained in the socket and that results into a busy
> > > > loop in the bgpd main event loop since a ESRCH message is newer flushed
> > > > from the socket.
> > > >
> > > > This is a fix for the busy loop Tom Smyth reported on bugs@.
> > > > Thanks to Tom for providing me with a ktrace of bgpd that made me find the
> > > > bug in less than 5min.
> > >
> > > Fortunately the diff is as easy to review as it was to find the fix.
> > > Definitely looks like something a diligent reviewer might've caught...
> > >
> > > ok tb
> > >
> > > > --
> > > > :wq Claudio
> > > >
> > > > Index: pfkey.c
> > > > ===================================================================
> > > > RCS file: /cvs/src/usr.sbin/bgpd/pfkey.c,v
> > > > diff -u -p -r1.72 pfkey.c
> > > > --- pfkey.c   27 Feb 2025 14:03:32 -0000      1.72
> > > > +++ pfkey.c   12 Sep 2025 11:27:44 -0000
> > > > @@ -453,13 +453,15 @@ pfkey_reply(int sd, uint32_t *spi)
> > > >
> > > >       if (hdr.sadb_msg_errno != 0) {
> > > >               errno = hdr.sadb_msg_errno;
> > > > +
> > > > +             /* discard error message */
> > > > +             if (read(sd, &hdr, sizeof(hdr)) == -1)
> > > > +                     log_warn("pfkey read");
> > > > +
> > > >               if (errno == ESRCH)
> > > >                       return (0);
> > > >               else {
> > > >                       log_warn("pfkey");
> > > > -                     /* discard error message */
> > > > -                     if (read(sd, &hdr, sizeof(hdr)) == -1)
> > > > -                             log_warn("pfkey read");
> > > >                       return (-1);
> > > >               }
> > > >       }
> > > >
> > >
> >
> >
> > --
> > Kindest regards,
> > Tom Smyth.
>
>
>
> --
> Kindest regards,
> Tom Smyth.



--
Kindest regards,
Tom Smyth.