Merge pull request #415 from openziti/vpn-service-avoid-getting-killed

VpnService: avoid getting killed

Author: ekoby

app/src/main/AndroidManifest.xml

@@ -7,6 +7,9 @@
     <uses-permission android:name="android.permission.INTERNET" />
     <uses-permission android:name="android.permission.VIBRATE" />
     <uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
+    <uses-permission android:name="android.permission.FOREGROUND_SERVICE"
+        tools:ignore="ForegroundServicesPolicy" />
+    <uses-permission android:name="android.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED" />
 
     <application
         android:name=".ZitiMobileEdgeApp"
@@ -27,7 +30,10 @@
             android:name=".ZitiVPNService"
             android:enabled="true"
             android:exported="true"
-            android:permission="android.permission.BIND_VPN_SERVICE">
+            android:permission="android.permission.BIND_VPN_SERVICE"
+            android:foregroundServiceType="systemExempted"
+            tools:ignore="ForegroundServicePermission,VpnServicePolicy"
+            >
             <intent-filter>
                 <action android:name="android.net.VpnService" />
             </intent-filter>

app/src/main/java/org/openziti/mobile/ZitiVPNService.kt

@@ -4,17 +4,24 @@
 
 package org.openziti.mobile
 
+import android.Manifest.permission.FOREGROUND_SERVICE_SYSTEM_EXEMPTED
+import android.app.Notification
+import android.app.NotificationChannel
+import android.app.NotificationManager
 import android.app.PendingIntent
 import android.content.Intent
+import android.content.pm.ServiceInfo
 import android.net.ConnectivityManager
 import android.net.LinkProperties
 import android.net.Network
 import android.net.NetworkCapabilities
 import android.net.NetworkRequest
 import android.net.VpnService
 import android.os.Binder
+import android.os.Build
 import android.os.IBinder
 import android.system.OsConstants
+import androidx.core.app.NotificationCompat
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Job
 import kotlinx.coroutines.SupervisorJob
@@ -140,6 +147,11 @@ class ZitiVPNService : VpnService(), CoroutineScope {
         }
     }
 
+    override fun onTimeout(startId: Int, fgsType: Int) {
+        super.onTimeout(startId, fgsType)
+        Log.i("onTimeout($startId, $fgsType)")
+    }
+
     override fun onCreate() {
         Log.i("onCreate()")
         ZitiMobileEdgeApp.vpnService = this
@@ -153,6 +165,10 @@ class ZitiVPNService : VpnService(), CoroutineScope {
         connMgr.registerNetworkCallback(netReq, networkMonitor)
         connMgr.addDefaultNetworkActiveListener(netListener)
 
+        runCatching { markForeground() }.onFailure { it
+            Log.w(it, "failed to mark service foreground")
+        }
+
         monitor = launch {
             launch {
                 Log.i("monitoring route updates")
@@ -189,13 +205,13 @@ class ZitiVPNService : VpnService(), CoroutineScope {
                 }.onSuccess {
                     Log.i("tunnel $cmd success")
                 }.onFailure {
-                    Log.w("exception during tunnel $cmd", it)
+                    Log.w(it, "exception during tunnel $cmd")
                 }
             }
         }
 
         monitor.invokeOnCompletion {
-            Log.i("monitor stopped", it)
+            Log.i(it, "monitor stopped")
         }
     }
 
@@ -216,15 +232,13 @@ class ZitiVPNService : VpnService(), CoroutineScope {
         Log.i("monitor=$monitor")
         val action = intent?.action
         when (action) {
-            SERVICE_INTERFACE,
-            START -> tunnelState.value = "start"
-
-            RESTART -> tunnelState.value = "restart"
-
-            STOP -> tunnelState.value = "stop"
-
-            else -> Log.wtf("what is your intent? $intent")
+            STOP -> {
+                tunnelState.value = STOP
+                return START_NOT_STICKY
+            }
 
+            RESTART -> tunnelState.value = RESTART
+            else -> tunnelState.value = START
         }
         return START_STICKY
     }
@@ -244,7 +258,9 @@ class ZitiVPNService : VpnService(), CoroutineScope {
             allowFamily(OsConstants.AF_INET)
             allowFamily(OsConstants.AF_INET6)
             allowBypass()
-            setMetered(metered)
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
+                setMetered(metered)
+            }
 
             val range = runBlocking { model.zitiRange.first().toRoute() }
             val size = if (range.address is Inet6Address) 128 else 32
@@ -256,7 +272,7 @@ class ZitiVPNService : VpnService(), CoroutineScope {
                 route.runCatching {
                     addRoute(route.address, route.bits)
                 }.onFailure {
-                    Log.e("invalid route[$route]", it)
+                    Log.e(it, "invalid route[$route]")
                 }
             }
             setUnderlyingNetworks(null)
@@ -302,4 +318,36 @@ class ZitiVPNService : VpnService(), CoroutineScope {
         fun isVPNActive() = tun.isActive()
         fun getUptime(): Duration = tun.getUptime().toJavaDuration()
     }
+
+    private fun markForeground() {
+        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.Q) {
+            startForeground(1, createNotification())
+        } else {
+            startForeground(1, createNotification(), ServiceInfo.FOREGROUND_SERVICE_TYPE_SYSTEM_EXEMPTED)
+        }
+    }
+
+    private fun createNotification(): Notification {
+        val channelId = "Ziti Mobile Edge"
+        val channel = NotificationChannel(
+            channelId,
+            "Firewall Status",
+            NotificationManager.IMPORTANCE_DEFAULT
+        )
+        val manager = getSystemService(NotificationManager::class.java)
+        manager.createNotificationChannel(channel)
+
+        val pendingIntent = PendingIntent.getActivity(
+            this, 0, Intent(this, ZitiMobileEdgeActivity::class.java),
+            PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
+        )
+
+        return NotificationCompat.Builder(this, channelId)
+            .setContentTitle("Ziti Mobile Edge")
+            .setContentText("Ziti is active")
+            .setSmallIcon(R.drawable.z)
+            .setContentIntent(pendingIntent)
+            .build()
+    }
+
 }

app/src/main/java/org/openziti/mobile/debug/DebugInfo.kt

@@ -5,7 +5,6 @@
 package org.openziti.mobile.debug
 
 import android.app.ActivityManager
-import android.app.ApplicationExitInfo
 import android.content.Context
 import android.content.Intent
 import android.os.Build
@@ -23,15 +22,14 @@ import java.net.URI
 import java.security.KeyStore.PrivateKeyEntry
 import java.security.KeyStore.TrustedCertificateEntry
 import java.security.cert.X509Certificate
-import java.text.SimpleDateFormat
 import java.time.Instant
 import java.time.LocalDateTime
 import java.time.format.DateTimeFormatter
 import java.util.concurrent.CompletableFuture
 import java.util.zip.ZipEntry
 import java.util.zip.ZipOutputStream
 
-sealed class DebugInfo {
+sealed class DebugInfo(val wrap: Boolean = false) {
     abstract val names: Iterable<String>
     abstract fun dump(name: String, output: Writer = StringWriter()): Writer
 
@@ -128,7 +126,31 @@ sealed class DebugInfo {
         }
     }
 
-    data object ZitiDumpInfo: DebugInfo() {
+    data object ExitInfo: DebugInfo(wrap = true) {
+        override val names = listOf("Last Exit")
+        override fun dump(name: String, output: Writer) = output.apply {
+            with(zme.getSystemService(Context.ACTIVITY_SERVICE) as ActivityManager) {
+                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+                    getHistoricalProcessExitReasons(null, 0, 1).firstOrNull()?.let {
+                        val ts = Instant.ofEpochMilli(it.timestamp)
+                        appendLine("last exit: $ts")
+                        appendLine()
+                        appendLine("pid         = ${it.pid}")
+                        appendLine("reason      = ${it.reason}")
+                        appendLine("status      = ${it.status}")
+                        appendLine("description = ${it.description}")
+                        appendLine()
+                        appendLine(it.toString())
+
+                    }
+                } else {
+                    appendLine("not supported on Android ${Build.VERSION.SDK_INT}")
+                }
+            }
+        }
+    }
+
+    data object ZitiDumpInfo: DebugInfo(wrap = true) {
         override val names: Iterable<String>
             get() =
                 zme.model.identities().value?.map{it.zitiID} ?: emptyList()
@@ -145,7 +167,6 @@ sealed class DebugInfo {
                 it.printStackTrace(PrintWriter(output))
             }
         }
-
     }
 
     companion object {
@@ -155,6 +176,7 @@ sealed class DebugInfo {
         }
         val providers = listOf(
             AppInfoProvider,
+            ExitInfo,
             MemoryInfo,
             LogCatProvider,
             KeystoreInfo,
@@ -220,7 +242,7 @@ sealed class DebugInfo {
                     getHistoricalProcessExitReasons(null, 0, 10)
                         .forEachIndexed { idx, it ->
                             val ts = Instant.ofEpochMilli(it.timestamp)
-                            val label = "crashdumps/$idx-crash-${fmt.format(ts)}"
+                            val label = "terminations/$idx-exit-${fmt.format(ts)}"
                             zip.putNextEntry(
                                 ZipEntry("$label/info").apply {
                                     time = it.timestamp

app/src/main/java/org/openziti/mobile/debug/DebugInfoFragment.kt

@@ -4,7 +4,10 @@
 
 package org.openziti.mobile.debug
 
+import android.graphics.text.LineBreaker
+import android.os.Build
 import android.os.Bundle
+import android.text.method.ScrollingMovementMethod
 import android.view.LayoutInflater
 import android.view.View
 import android.view.ViewGroup
@@ -25,13 +28,15 @@ class DebugInfoFragment : Fragment() {
     // onDestroyView.
     private val binding get() = _binding!!
 
+    private var wrap = false
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
 
         pageViewModel = ViewModelProvider(this)[PageViewModel::class.java]
         val dia = activity as DebugInfoActivity
         arguments?.getString(SECTION_ARG)?.let { name ->
             val info = dia.getSectionProvider(name)
+            wrap = info?.wrap ?: false
             pageViewModel.setText(info?.dump(name)?.toString() ?: "nothing to see")
         }
     }
@@ -45,7 +50,16 @@ class DebugInfoFragment : Fragment() {
         val root = binding.root
 
         val textView: TextView = binding.sectionLabel
-        textView.setHorizontallyScrolling(true)
+        textView.movementMethod = ScrollingMovementMethod()
+        textView.setHorizontallyScrolling(!wrap)
+        textView.scrollIndicators = View.SCROLL_INDICATOR_BOTTOM or View.SCROLL_INDICATOR_RIGHT
+        textView.setLines(100)
+        if (wrap) {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
+                textView.breakStrategy = LineBreaker.BREAK_STRATEGY_SIMPLE
+            }
+        }
+
         pageViewModel.text.observe(viewLifecycleOwner, { textView.text = it })
         return root
     }