Fix policy leak by deleting forwarding security policies

Fix the policy leak by deleting forwarding policies when deleting the IPsec tunnel interface. Bug: 254566085 Test: atest IpSecServiceParameterizedTest (new tests added) Change-Id: I29dd4810abb978fe886776b2fbacdfc74325436d
2022-10-31 20:41:13 +00:00
parent fb63db00c4
commit f4eceba0a9
2 changed files with 14 additions and 0 deletions
--- a/service-t/src/com/android/server/IpSecService.java
+++ b/service-t/src/com/android/server/IpSecService.java
@@ -859,6 +859,13 @@ public class IpSecService extends IIpSecService.Stub {
                            mIkey,
                            0xffffffff,
                            mIfId);
+                    mNetd.ipSecDeleteSecurityPolicy(
+                            mUid,
+                            selAddrFamily,
+                            IpSecManager.DIRECTION_FWD,
+                            mIkey,
+                            0xffffffff,
+                            mIfId);
                }
            } catch (ServiceSpecificException | RemoteException e) {
                Log.e(