Selecting LGUEST should turn on Guest support, as in 2.6.23.

[linux-2.6] / net / ipv6 / esp6.c

diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index f8bb136d37110aeee662f1af304ef835ac8a81b6..44405325467626a5ca473ef647872ec8cdb14753 100644 (file)
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -110,7 +110,10 @@ static int esp6_output(struct xfrm_state *x, struct sk_buff *skb)
                                goto unlock;
                }
                sg_init_table(sg, nfrags);
-               skb_to_sgvec(skb, sg, esph->enc_data+esp->conf.ivlen-skb->data, clen);
+               skb_to_sgvec(skb, sg,
+                            esph->enc_data +
+                            esp->conf.ivlen -
+                            skb->data, clen);
                err = crypto_blkcipher_encrypt(&desc, sg, sg, clen);
                if (unlikely(sg != &esp->sgbuf[0]))
                        kfree(sg);
@@ -207,7 +210,9 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
                        }
                }
                sg_init_table(sg, nfrags);
-               skb_to_sgvec(skb, sg, sizeof(*esph) + esp->conf.ivlen, elen);
+               skb_to_sgvec(skb, sg,
+                            sizeof(*esph) + esp->conf.ivlen,
+                            elen);
                ret = crypto_blkcipher_decrypt(&desc, sg, sg, elen);
                if (unlikely(sg != &esp->sgbuf[0]))
                        kfree(sg);
@@ -225,6 +230,12 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
                }
                /* ... check padding bits here. Silly. :-) */
 
+               /* RFC4303: Drop dummy packets without any error */
+               if (nexthdr[1] == IPPROTO_NONE) {
+                       ret = -EINVAL;
+                       goto out;
+               }
+
                pskb_trim(skb, skb->len - alen - padlen - 2);
                ret = nexthdr[1];
        }