From: Theo Buehler <tb@theobuehler.org>
Subject: Re: bgpd: properly discard pfkey error messages
To: tech@openbsd.org
Date: Fri, 12 Sep 2025 13:39:23 +0200

On Fri, Sep 12, 2025 at 01:34:34PM +0200, Claudio Jeker wrote:
> pfkey_reply() needs to discard any error message (including those for
> ESRCH). The fix I did in 1.64 was not quite right since for the ESRCH
> case the message remained in the socket and that results into a busy
> loop in the bgpd main event loop since a ESRCH message is newer flushed
> from the socket.
> 
> This is a fix for the busy loop Tom Smyth reported on bugs@.
> Thanks to Tom for providing me with a ktrace of bgpd that made me find the
> bug in less than 5min.

Fortunately the diff is as easy to review as it was to find the fix.
Definitely looks like something a diligent reviewer might've caught...

ok tb

> -- 
> :wq Claudio
> 
> Index: pfkey.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/pfkey.c,v
> diff -u -p -r1.72 pfkey.c
> --- pfkey.c	27 Feb 2025 14:03:32 -0000	1.72
> +++ pfkey.c	12 Sep 2025 11:27:44 -0000
> @@ -453,13 +453,15 @@ pfkey_reply(int sd, uint32_t *spi)
>  
>  	if (hdr.sadb_msg_errno != 0) {
>  		errno = hdr.sadb_msg_errno;
> +
> +		/* discard error message */
> +		if (read(sd, &hdr, sizeof(hdr)) == -1)
> +			log_warn("pfkey read");
> +
>  		if (errno == ESRCH)
>  			return (0);
>  		else {
>  			log_warn("pfkey");
> -			/* discard error message */
> -			if (read(sd, &hdr, sizeof(hdr)) == -1)
> -				log_warn("pfkey read");
>  			return (-1);
>  		}
>  	}
>