Linux 2.6.27 contains one-line bug which disallows IPsec policy loading.
Attempt to load a policy via setkey tools produces error:
setkey: invalid keymsg length
Also racoon daemon is affected. It loops indefinitely and consumes CPU cycles uselessly.
Steps to Reproduce:
Fix has been accepted by David Miller. See the URL link.
Created attachment 170600 [details, diff]
Fix from David Miller's net-2.6 tree
Copy of http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=920da6923cf03c8a78fbaffa408f8ab37f6abfc1
Patch included in gentoo-sources-2.6.27-r3 which is now in portage.