rxrpc: Don't reserve security header in Tx DATA skbuff

	/* impose security on a packet */

	int (*secure_packet)(struct rxrpc_call *,

			     struct sk_buff *,

			     size_t,

			     void *);

	int (*secure_packet)(struct rxrpc_call *, struct sk_buff *, size_t);

	/* verify the security on a received packet */

	int (*verify_packet)(struct rxrpc_call *, struct sk_buff *,

	return 0;

}

static int none_secure_packet(struct rxrpc_call *call,

			      struct sk_buff *skb,

			      size_t data_size,

			      void *sechdr)

static int none_secure_packet(struct rxrpc_call *call, struct sk_buff *skb,

			      size_t data_size)

{

	return 0;

}

 * partially encrypt a packet (level 1 security)

 */

static int rxkad_secure_packet_auth(const struct rxrpc_call *call,

				    struct sk_buff *skb,

				    u32 data_size,

				    void *sechdr,

				    struct sk_buff *skb, u32 data_size,

				    struct skcipher_request *req)

{

	struct rxrpc_skb_priv *sp = rxrpc_skb(skb);

	data_size |= (u32)check << 16;

	hdr.data_size = htonl(data_size);

	memcpy(sechdr, &hdr, sizeof(hdr));

	memcpy(skb->head, &hdr, sizeof(hdr));

	/* start the encryption afresh */

	memset(&iv, 0, sizeof(iv));

	sg_init_one(&sg, sechdr, 8);

	sg_init_one(&sg, skb->head, 8);

	skcipher_request_set_sync_tfm(req, call->conn->cipher);

	skcipher_request_set_callback(req, 0, NULL, NULL);

	skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);

static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,

				       struct sk_buff *skb,

				       u32 data_size,

				       void *sechdr,

				       struct skcipher_request *req)

{

	const struct rxrpc_key_token *token;

	rxkhdr.data_size = htonl(data_size | (u32)check << 16);

	rxkhdr.checksum = 0;

	memcpy(sechdr, &rxkhdr, sizeof(rxkhdr));

	memcpy(skb->head, &rxkhdr, sizeof(rxkhdr));

	/* encrypt from the session key */

	token = call->conn->params.key->payload.data[0];

	memcpy(&iv, token->kad->session_key, sizeof(iv));

	sg_init_one(&sg[0], sechdr, sizeof(rxkhdr));

	sg_init_one(&sg[0], skb->head, sizeof(rxkhdr));

	skcipher_request_set_sync_tfm(req, call->conn->cipher);

	skcipher_request_set_callback(req, 0, NULL, NULL);

	skcipher_request_set_crypt(req, &sg[0], &sg[0], sizeof(rxkhdr), iv.x);

	len &= ~(call->conn->size_align - 1);

	sg_init_table(sg, ARRAY_SIZE(sg));

	err = skb_to_sgvec(skb, sg, 0, len);

	err = skb_to_sgvec(skb, sg, 8, len);

	if (unlikely(err < 0))

		goto out;

	skcipher_request_set_crypt(req, sg, sg, len, iv.x);

 */

static int rxkad_secure_packet(struct rxrpc_call *call,

			       struct sk_buff *skb,

			       size_t data_size,

			       void *sechdr)

			       size_t data_size)

{

	struct rxrpc_skb_priv *sp;

	struct skcipher_request	*req;

		ret = 0;

		break;

	case RXRPC_SECURITY_AUTH:

		ret = rxkad_secure_packet_auth(call, skb, data_size, sechdr,

					       req);

		ret = rxkad_secure_packet_auth(call, skb, data_size, req);

		break;

	case RXRPC_SECURITY_ENCRYPT:

		ret = rxkad_secure_packet_encrypt(call, skb, data_size,

						  sechdr, req);

		ret = rxkad_secure_packet_encrypt(call, skb, data_size, req);

		break;

	default:

		ret = -EPERM;

			ASSERTCMP(skb->mark, ==, 0);

			_debug("HS: %u", call->conn->security_size);

			skb_reserve(skb, call->conn->security_size);

			skb->len += call->conn->security_size;

			__skb_put(skb, call->conn->security_size);

			sp->remain = chunk;

			if (sp->remain > skb_tailroom(skb))

				 call->tx_winsize)

				sp->hdr.flags |= RXRPC_MORE_PACKETS;

			ret = call->security->secure_packet(

				call, skb, skb->mark, skb->head);

			ret = call->security->secure_packet(call, skb, skb->mark);

			if (ret < 0)

				goto out;