38e52973d2
This patch changes tunnel mode security policies to use the actual tunnel's local and remote addresses to select the SA. This prevents the kernel from calling xfrm_get_saddr(), which does a route lookup, potentially resolving an incorrect saddr. Bug: 79384676 Test: CTS, IpSecService* tests passing Change-Id: I8223225e2363a79591a0bb0040aa8619cf84c184