Fix policy leak by deleting forwarding security policies

Fix the policy leak by deleting forwarding policies when deleting
the IPsec tunnel interface.

Bug: 254566085
Test: atest IpSecServiceParameterizedTest (new tests added)
Change-Id: I29dd4810abb978fe886776b2fbacdfc74325436d

service-t/src/com/android/server/IpSecService.java

@@ -859,6 +859,13 @@ public class IpSecService extends IIpSecService.Stub {
                             mIkey,
                             0xffffffff,
                             mIfId);
+                    mNetd.ipSecDeleteSecurityPolicy(
+                            mUid,
+                            selAddrFamily,
+                            IpSecManager.DIRECTION_FWD,
+                            mIkey,
+                            0xffffffff,
+                            mIfId);
                 }
             } catch (ServiceSpecificException | RemoteException e) {
                 Log.e(

tests/unit/java/com/android/server/IpSecServiceParameterizedTest.java

@@ -748,6 +748,13 @@ public class IpSecServiceParameterizedTest {
         // Verify quota and RefcountedResource objects cleaned up
         assertEquals(0, userRecord.mTunnelQuotaTracker.mCurrent);
         verify(mMockNetd).ipSecRemoveTunnelInterface(eq(createTunnelResp.interfaceName));
+
+        for (int direction : new int[] {DIRECTION_OUT, DIRECTION_IN, DIRECTION_FWD}) {
+            verify(mMockNetd, times(ADDRESS_FAMILIES.length))
+                    .ipSecDeleteSecurityPolicy(
+                            anyInt(), anyInt(), eq(direction), anyInt(), anyInt(), anyInt());
+        }
+
         try {
             userRecord.mTunnelInterfaceRecords.getRefcountedResourceOrThrow(
                     createTunnelResp.resourceId);