[IPSEC]: Store xfrm_encap_tmpl directly in xfrm_state.

include/net/xfrm.h

@@ -118,7 +118,9 @@ struct xfrm_state
 	struct xfrm_algo	*aalg;
 	struct xfrm_algo	*ealg;
 	struct xfrm_algo	*calg;
-	struct xfrm_algo	*encap_alg;
+
+	/* Data for encapsulator */
+	struct xfrm_encap_tmpl	*encap;
 
 	/* State for replay detection */
 	struct xfrm_replay_state replay;

net/ipv4/esp.c

@@ -85,8 +85,7 @@ int esp_output(struct sk_buff *skb)
 	*(u8*)(trailer->tail + clen-skb->len - 2) = (clen - skb->len)-2;
 	pskb_put(skb, trailer, clen - skb->len);
 
-	if (x->encap_alg)
-		encap = (struct xfrm_encap_tmpl *) (x->encap_alg->alg_key);
+	encap = x->encap;
 
 	iph = skb->nh.iph;
 	if (x->props.mode) {
@@ -285,7 +284,7 @@ int esp_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_bu
 
 		/* ... check padding bits here. Silly. :-) */ 
 
-		if (x->encap_alg && decap && decap->decap_type) {
+		if (x->encap && decap && decap->decap_type) {
 			struct esp_encap_data *encap_data;
 			struct udphdr *uh = (struct udphdr *) (iph+1);
 
@@ -337,11 +336,11 @@ int esp_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_bu
 int esp_post_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
 {
   
-	if (x->encap_alg) {
+	if (x->encap) {
 		struct xfrm_encap_tmpl *encap;
 		struct esp_encap_data *decap_data;
 
-		encap = (struct xfrm_encap_tmpl *) (x->encap_alg->alg_key);
+		encap = x->encap;
 		decap_data = (struct esp_encap_data *)(decap->decap_data);
 
 		/* first, make sure that the decap type == the encap type */
@@ -517,9 +516,9 @@ int esp_init_state(struct xfrm_state *x, void *args)
 	x->props.header_len = sizeof(struct ip_esp_hdr) + esp->conf.ivlen;
 	if (x->props.mode)
 		x->props.header_len += sizeof(struct iphdr);
-	if (x->encap_alg) {
-		struct xfrm_encap_tmpl *encap = (struct xfrm_encap_tmpl *)
-			(x->encap_alg->alg_key);
+	if (x->encap) {
+		struct xfrm_encap_tmpl *encap = x->encap;
+
 		if (encap->encap_type) {
 			switch (encap->encap_type) {
 			case UDP_ENCAP_ESPINUDP:

net/key/af_key.c

@@ -646,8 +646,8 @@ static struct sk_buff * pfkey_xfrm_state2msg(struct xfrm_state *x, int add_keys,
 			size += sizeof(struct sadb_key) + encrypt_key_size;
 		}
 	}
-	if (x->encap_alg)
-		natt = (struct xfrm_encap_tmpl *) (x->encap_alg->alg_key);
+	if (x->encap)
+		natt = x->encap;
 
 	if (natt && natt->encap_type) {
 		size += sizeof(struct sadb_x_nat_t_type);
@@ -1064,14 +1064,12 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct sadb_msg *hdr,
 	if (ext_hdrs[SADB_X_EXT_NAT_T_TYPE-1]) {
 		struct sadb_x_nat_t_type* n_type;
 		struct xfrm_encap_tmpl *natt;
-		int obits = (sizeof *natt);
 
-		x->encap_alg = kmalloc(sizeof(*x->encap_alg) + obits, GFP_KERNEL);
-		if (!x->encap_alg)
+		x->encap = kmalloc(sizeof(*x->encap), GFP_KERNEL);
+		if (!x->encap)
 			goto out;
 
-		strcpy(x->encap_alg->alg_name, "NAT-T");
-		natt = (struct xfrm_encap_tmpl *) (x->encap_alg->alg_key);
+		natt = x->encap;
 		n_type = ext_hdrs[SADB_X_EXT_NAT_T_TYPE-1];
 		natt->encap_type = n_type->sadb_x_nat_t_type_type;
 
@@ -1103,8 +1101,8 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct sadb_msg *hdr,
 		kfree(x->ealg);
 	if (x->calg)
 		kfree(x->calg);
-	if (x->encap_alg)
-		kfree(x->encap_alg);
+	if (x->encap)
+		kfree(x->encap);
 	kfree(x);
 	return ERR_PTR(-ENOBUFS);
 }
@@ -2561,10 +2559,10 @@ static int pfkey_send_new_mapping(struct xfrm_state *x, xfrm_address_t *ipaddr,
 	if (!satype)
 		return -EINVAL;
 
-	if (!x->encap_alg)
+	if (!x->encap)
 		return -EINVAL;
 
-	natt = (struct xfrm_encap_tmpl *) (x->encap_alg->alg_key);
+	natt = x->encap;
 
 	/* Build an SADB_X_NAT_T_NEW_MAPPING message:
 	 *

net/xfrm/xfrm_state.c

@@ -157,8 +157,8 @@ void __xfrm_state_destroy(struct xfrm_state *x)
 		kfree(x->ealg);
 	if (x->calg)
 		kfree(x->calg);
-	if (x->encap_alg)
-		kfree(x->encap_alg);
+	if (x->encap)
+		kfree(x->encap);
 	if (x->type)
 		xfrm_put_type(x->type);
 	kfree(x);