On 25/07/2022 15:50, Nathan of Guardian wrote:
OnionShare Android also uses the tor-android library, but I believe it runs its service in a separate Android process: https://github.com/onionshare/onionshare-androidYou can see this here: https://github.com/onionshare/onionshare-android/blob/main/app/src/main/AndroidManifest.xml#L38 The main UI is in the primary process, while the OnionService that manages tor-android is in a separate process called “:tor” Torsten and the Briar team working on the app did this for various reasons, which they might chime in on here. By having the separate process in an Android Service that can be destroyed within the Android lifecycle, you ensure a clean stop/start no matter what tor does or doesn’t do.
Chipping in to say that we chose this approach because we were seeing occasional native crashes from embedded Tor when stopping and restarting it. We were advised that this might be due to static state that was initialised during the first run not being returned to its initial state at the end of the run (which is understandable, given that the code was originally written to run in its own process, so the end of the run would be the end of the process, with no need to reset static state).
We moved the Tor service to its own process so that we could exit that process after stopping Tor and get a new process, with fresh static state, the next time we started Tor. This seems to have worked for preventing native crashes.
As for overall memory management within Android, it is still a Wild West. We do know that if you bind to an Android VPN service or have a ForegroundService with a permanent notification, that your background code process generally doesn’t get killed. If your app is in the foreground, that process will not be killed.
I'd second this and add a couple of points:* Some manufacturers are more of a Wild West than others. On stock Android a foreground service will protect your process from being killed, but on some devices the user will have to take extra manual steps. See https://dontkillmyapp.com/ for some examples. If you want the app to stay connected to Tor in the background (eg to provide a hidden service) then there are other hoops you need to jump through
* If Tor is running in a separate process from the rest of your app (either Tor running in embedded mode, controlled by an Android service that runs in a dedicated process, as in OnionShare, or Tor running in non-embedded mode in its own process, as in Briar), then you can use the __OwningControllerProcess command line argument and the TAKEOWNERSHIP control port command to ensure that Tor exits automatically if your app's main process gets killed for whatever reason
Cheers, Michael
OpenPGP_0x11044FD19FC527CC.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
