Linux 2.6.27 contains one-line bug which disallows IPsec policy loading. Attempt to load a policy via setkey tools produces error: setkey: invalid keymsg length Also racoon daemon is affected. It loops indefinitely and consumes CPU cycles uselessly. Reproducible: Always Steps to Reproduce: Fix has been accepted by David Miller. See the URL link.
Created attachment 170600 [details, diff] Fix from David Miller's net-2.6 tree Copy of http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=920da6923cf03c8a78fbaffa408f8ab37f6abfc1
Patch included in gentoo-sources-2.6.27-r3 which is now in portage.