commit | 564e2aa81ea2de3d10977ad661bbbd9884a2ac0f | [log] [tgz] |
---|---|---|
author | Benedict Wong <benedictwong@google.com> | Mon May 07 20:06:44 2018 -0700 |
committer | Benedict Wong <benedictwong@google.com> | Thu Aug 30 10:55:02 2018 -0700 |
tree | 4fb8cefd0b1b3cd26b3d1afacbc5ee2a6d338d60 | |
parent | 9137ecafbd77f1ddeb613a6bc58a872bb04785ac [diff] |
Use tunnel local/remote addresses in security policies This patch changes tunnel mode security policies to use the actual tunnel's local and remote addresses to select the SA. This prevents the kernel from calling xfrm_get_saddr(), which does a route lookup, potentially resolving an incorrect saddr. Bug: 79384676 Test: CTS, IpSecService* tests passing Change-Id: I8223225e2363a79591a0bb0040aa8619cf84c184