With Android Oreo, Google Is Introducing Linux Kernel Requirements

Mark Wilson shares a report from BetaNews: As is easy to tell by comparing versions of Android from different handset manufacturers, developers are -- broadly speaking -- free to do whatever they want with Android, but with Oreo, one aspect of this is changing. Google is introducing a new requirement that OEMs must meet certain requirements when choosing the Linux kernel they use. Until now, as pointed out by XDA Developers, OEMs have been free to use whatever Linux kernel they wanted to create their own version of Android. Of course, their builds still had to pass Google's other tests, but the kernel number itself was not an issue. Moving forward, Android devices running Oreo must use at least kernel 3.18, but there are more specific requirements to meet as well. Google explains on the Android Source page: "Android O mandates a minimum kernel version and kernel configuration and checks them both in VTS as well as during an OTA. Android device kernels must enable the kernel .config support along with the option to read the kernel configuration at runtime through procfs."

Any experts who can elaborate on this?

If the complete kernel configuration can be read, does this mean malware authors like NSA, CIA, criminals etc. will have an easier time getting inside your phone?

Re: Any experts who can elaborate on this?

Obviously.

Re: Any experts who can elaborate on this?

[Chrisq]

If the complete kernel configuration can be read, does this mean malware authors like NSA, CIA, criminals etc. will have an easier time getting inside your phone?

Obviously.

That's why I always use a Chinese android phone..... oh wait!

Re:Any experts who can elaborate on this?

[Z00L00K]

Since you also have access to the kernel sources it would be easy to fake the interface and kernel version if you were to plan to use an unsupported kernel. Any problems would however be at your dime, not to be blamed on Android or Linus.

I can understand the minimum level requirements on the kernel and possibly also to allow the rest of Android to inspect the kernel configuration in order for the environment to be able to ensure that the platform it runs on is providing sufficient services. But these should still just be recommendations and not a final condition. Many hobbyists are able to create "bastard" solutions that works pretty well.

Re:Any experts who can elaborate on this?

[phantomfive]

If they can run code on your device (which they would need to do to read the configuration), then the phone will already be pwned. Privilege escalation exploits are a dime a dozen, even on Linux.

Re:Any experts who can elaborate on this?

[93+Escort+Wagon]

If the complete kernel configuration can be read, does this mean malware authors like NSA, CIA, criminals etc. will have an easier time getting inside your phone?

Not really. It seems to me all Google is doing is forcing Linux on these Android phones to behave closer to the way it already does on Linux servers and desktops.

Linux has never been about security through obscurity - that's just weirdness introduced by certain handset manufacturers.

Re: Any experts who can elaborate on this?

iPhone is also a Chinese Phone

Re: Any experts who can elaborate on this?

[Z80a]

Everyone use a chinese android phone.
Where do you think the SoCs come from?

Re: Any experts who can elaborate on this?

[Miamicanes]

Access to "the kernel source" is necessary, but mere availability doesn't necessarily assure the ability to build a working kernel for a particular device from scratch.

The sad fact is that many of the best Android ROMs at XDA are cut 'n paste "kitchen" ROMs that are no different from the way Windows Mobile ROMs used to be made, and plenty of others only run (limp?) with the phone's official OEM kernel.

Not even NEXUS phones are released with official build scripts capable of building the phone's complete 'stock' ROM from source.

Re: Any experts who can elaborate on this?

[DontBeAMoran]

Hardware made in China, but the firmware, OS and software are made in the U.S.A. and other not-China countries.

Re: Any experts who can elaborate on this?

[DontBeAMoran]

Where do you think the SoCs come from?

Intel fabs? Taiwan (not Chinese) fabs?

Re:Any experts who can elaborate on this?

[Rockoon]

I was thinking maybe that people should take a real close look at 3.18 to find the NSA backdoors.

Re: Any experts who can elaborate on this?

No. It won't help much, if it may save some time at best.

Re:Any experts who can elaborate on this?

It does help third party developers keep older phones updated with newer kernels. Starting with a known kernel config is a huge time saver.

Re: Any experts who can elaborate on this?

South Korea I imagine....

Re:Any experts who can elaborate on this?

[Vairon]

The Android OS is already running on your Android phone so what other code are you talking about?

This new Android Oreo requirement that the article is talking about only says that your kernel configuration must be made available via /proc/config.gz (CONFIG_IKCONFIG_PROC=y) which is readable by any user. It does not require any special script or code to read. It's a pseudo file that's a gzip compressed ASCII representation of the kernel's compile time configuration.

Re:Any experts who can elaborate on this?

[Tough+Love]

If the complete kernel configuration can be read, does this mean malware authors like NSA, CIA, criminals etc. will have an easier time getting inside your phone?

Marginally. This helps the good guys way more than the bad guys. More precisely, obfuscating the kernel configuration closes exactly zero attack vectors, but does inconvenience detecting and removing malware, not to mention normal maintenance.

Re: Any experts who can elaborate on this?

[Tough+Love]

Obviously.

To who?

Re:Any experts who can elaborate on this?

[phantomfive]

The Android OS is already running on your Android phone so what other code are you talking about?

I was answering a question. Don't expect to understand a conversation without understanding the context. Reading comprehension 101, fool.

Re: Any experts who can elaborate on this?

[Tough+Love]

Obviously.

To who?

Obviously a complete whoosh to the ass who downmodded. To make this perfectly clear: the "obviously" is flat wrong.

Re:Any experts who can elaborate on this?

[Vairon]

You didn't answer their question. You made a loosely related statement that attempted to move the goal post of the argument to something new.

Here's their question:
"If the complete kernel configuration can be read, does this mean malware authors like NSA, CIA, criminals etc. will have an easier time getting inside your phone?" - Anon

Here's an answer:
No.

Google's intention for these changes is to facilitate faster patching of bugs and security vulnerabilities.

Re: Any experts who can elaborate on this?

[HiThere]

I'm not expert, but...

Actually, I think it is obviously true. Just not significant. Easier means a trifle less work, so there is less of a look-up required. Significantly isn't true, because library calls aren't that hard.

Re:Any experts who can elaborate on this?

[phantomfive]

You didn't answer their question.

I did. I explained why it won't make it appreciably easier for the NSA/CIA/criminals to pwn your phone.

Re: Any experts who can elaborate on this?

[Tough+Love]

I'm not expert, but... Actually, I think it is obviously true. Just not significant. Easier means a trifle less work, so there is less of a look-up required. Significantly isn't true, because library calls aren't that hard.

Yes, it's clear you're not an expert. This fact is clear to all security experts: the bad guys do not give a rat's fuzzy behind how difficult an exploit is.[1] The only thing they care about is, is it possible. Essentially, the very first rule a security neophyte needs to learn is, there is no such thing as "making it harder". There is only possible and not possible.

[1] In fact, difficult exploits are preferred for a number of reasons, including bragging points.

Re: Any experts who can elaborate on this?

[mean+pun]

Essentially, the very first rule a security neophyte needs to learn is, there is no such thing as "making it harder". There is only possible and not possible.

Making a brute-force search require 10000 centuries on average is just "making it harder", but it is in practice the same as impossible.

Re: Any experts who can elaborate on this?

[infolation]

Taiwan = China. It's the Republic of China if you listen to the Taiwanese, and the People's Republic of China if you listen to mainland China. The ROC and the PRC still claim mainland China and the Taiwan Area as part of their respective territories.

Re: Any experts who can elaborate on this?

[Tough+Love]

Essentially, the very first rule a security neophyte needs to learn is, there is no such thing as "making it harder". There is only possible and not possible.

Making a brute-force search require 10000 centuries on average is just "making it harder", but it is in practice the same as impossible.

Keep in mind, the boundary of what is vulnerable to brute force keeps moving, and quicker than you think. Anyway, omitting the kernel config is no serious obstacle to a skilled cracker, trust me.

Re: Any experts who can elaborate on this?

[DontBeAMoran]

Hong Kong?

Re: Any experts who can elaborate on this?

If the hardware is compromised, nothing up the stack can be done to render it secure.

What is the difference between an iPhone and a no-name Chinese device phoning home with data it shouldn't? Not much, other than Apple being a US maker. It doesn't look good for Apple that their products are actively made in a country that directly spies on US citizens...

Re: Any experts who can elaborate on this?

[slashdotwannabe]

Every country in the world actively spies on everyone and everything they think matters, including their own citizens. According to your logic, the only solution is "don't buy a phone".

Re: Any experts who can elaborate on this?

[painandgreed]

Hardware made in China, but the firmware, OS and software are made in the U.S.A. and other not-China countries.

Is the hardware made in China now? I've seen breakdowns from when the iPad came out and the hardware was mostly made in Taiwan, Korea, and Japan and assembled in China.

systemd here we come!

[chrism238]

Whoooppeeee!

Re:systemd here we come!

Jesus H Christ! shut up! We don't need to be give people ideas like that!

Re:systemd here we come!

[Chrisq]

Whoooppeeee!

All we need now is Wayland and the Unity desktop

Re:systemd here we come!

Whoooppeeee!

All we need now is Wayland and the Unity desktop

That's it. I'm switching to BSD

Re:systemd here we come!

[nonicknameavailable]

Gnome 3 bloat with all normal functions removed (you'll add them with extensions and addons that breaks when there's a new update)

echo "3.18" > /proc/version

[phantomfive]

# echo "3.18" > /proc/version

I know it's a little more complicated than that, but I know that some of those handset devs will be tempted to try just modifying the kernel number to pass the test.

ok

[matushorvath]

So, they want you to run a kernel that is younger than two years old, and they want to be able to see which features it has enabled. Both perfectly reasonable requirements, most likely based or real engineering issues.

Re: ok

[Miamicanes]

Except that also means even older NEXUS devices might not be able to run newer versions once Google EOLs them. Remember, Linux kernel modules are specific to not only a particular VERSION of Linux, they're specific to a particular combination of build options on specific hardware (in contrast to Windows, which in many cases can be coaxed into using drivers that are literally 20 years old due to Windows' strong hardware abstraction).

AOSP might be open-source, but a real-world Android device built around a Qualcomm SoC is still 100% dependent upon Qualcomm making new binaries available (at least, if you want the radio modem, wi-fi, bluetooth, gps, camera, OpenGL ES, and everything else to work, too).

Re: ok

Which is, strangely enough, what this is all about.

Project Treble, basically a hardware abstraction layer to stop the SoC manufacturers holding up patching etc.
(https://source.android.com/devices/architecture/treble)

Re: ok

Nice FUD! This is not the case, Nexus devices will continue to use older kernels while being updated to the latest Android.

Re: ok

[_merlin]

So you're saying Google will make an exception to the kernel requirements for themselves? Great way to be open and fair with other vendors.

Re: ok

Not true, Google has already abandoned eg. Nexus 5 and there will not be any Android version updates for it.

Re: ok

[Dorianny]

In Windows and in LInux there are 2 types of drivers, kernel space and user space. The user space hook through a standardized interface which rarely changes and drivers will often work even across major kernel releases. Kernel space drivers can hook however they like even in methods never intended for that purpose and for this reason even minor kernel changes can break them badly. You try hooking a 20 year old chipset driver in Windows and tell me how that goes. Horrible drivers were a major source of instability in Windows until Microsoft started the WHQL (Windows Hardware Quality Labs testing ) program and literally started testing and approving drivers themselves. If you try to install a non WHQL approved driver in Windows you will get a scary prompt warning you that the driver might make the system unstable. The Linux community will not test drivers but they will be more than happy to maintain and update your drivers if you GPL them

Re: ok

Project Treble, basically a hardware abstraction layer to stop the SoC manufacturers holding up patching etc.
(https://source.android.com/devices/architecture/treble)

The "Treble resources" are terrible. It's like EE-written word salad, with some necktie powerpoint diagrams thrown on top. It keeps referring to the "ideal world" and "required to pass CTS," but does not make clear what's in between, so the actual facts are obscured by their passive-aggressive approach to the adversarial context. The examples are incomplete.

The big-picture is incomplete, in that it's unclear the means by which the project will achieve its goals, what code can be left alone during a dessert upgrade and what cannot, and what code runs in the kernel and what in userspace. Does it achieve, "all code linked into the kernel is open source and upstreamed, so kernel can be upgraded without manufacturer cooperation"? I'm guessing no, but can't tell. It says, "devices must pass CTS with AOSP." Does that truly mean with no proprietary bits? I don't think Qualcomm can even boot without proprietary bits, so probably not. Will there be no radio? How much is allowed to change between the token CTS-with-AOSP pass and the shipping phone, ex. can the kernel be downgraded and loaded up with blobs? I can't tell.

How can people work with this stuff? If I had to work with this API for undergrad OS class, I'd be in full panic mode right now. As /. reader concerned about PSP/FSP backdoors undermining verified boot anti-persistence on ChromeOS, I want to know how significant this is, and can't tell that, either.

At least it's all open instead of behind NDAs, and seems to have an incredible amount of attention to detail and thoughtfulness toward the "ecosystem" behind it. I take the Android devs a little more seriously now than I did before reading the Treble docs. But if it were not for the money involved I would not choose to work with these tools.

Re: ok

[Tough+Love]

Good post, except that Linux does not have user space device drivers, with a few exceptions such as X11 and FUSE. Especially where performance is an issue, kernel drivers are far superior. Many of the APIs you need to write a fully capable device driver, such as registering an interrupt handler, are simply not exported to user space. Lucky for you.

Already done

[DrYak]

Re:systemd here we come!

All we need now is Wayland

Congratulation, you've successfully described Jolla's Sailfish OS....

and the Unity desktop

...and Canonical's attempts at Ubuntu Touch.

Android?

It's shit!!!

Re:iOS?

It's shit!!!!

What does Diarrhea Green have to say about this?

Who will educate Google on the importance of including all kernel versions, not just the newer more fertile ones?

3.18?

[aglider]

With v4.13 just released!
It's a really new OS, then!

Re:3.18?

I was gonna say something snippy like 3.18 is a long term release kernel. But then I saw 3.18 is end of life.

Re:3.18?

3.18 is almost 4 years old at this point. I think GKH needs to put his foot down and say that LTS only gets 2 years max.

Re:3.18?

Sadly many SoC vendors still push 2.6.x kernels. They are often patched so badly that there is no way for the company to switch to mainline.

Re:3.18?

3.18 is end of life on kernel.org, where the Intel desktop/server kernels are maintained. Linaro, the main maintainers for ARM kernels is continuing to maintain 3.18 for a further year.

Re:3.18?

[lordlod]

From the referenced page "All SoCs productized in 2017 must launch with kernel 4.4 or newer."

So it is only somewhat old, with a transition period to reduce the pain on their downstream.

More important is the signal that it sends to the manufacturers that they need to be using a recent kernel, not the dusty 2.6 they have on the shelf. A manufacturer designing a product now for launch in 2018/19 will be penciling in something much more recent, like the future 4.15 release, to ensure that they don't get caught out as Google steps the requirements.

Re:3.18?

[nctritech]

This kernel version hold-back bullshit is entirely the fault of proprietary-only driver providers like Qualcomm. They write a driver module and provide it as binary-only which ties it to a VERY specific Linux kernel configuration. They need to provide us with source code. The biggest problem with Android in particular and SoC platforms like ARM or MIPS is that all the hardware stuff is closed off and there are no standards. ARM and MIPS do not have the things that make x86 platforms so easy to write an OS for (ACPI, PCI, etc.) and as a result every "platform" requires specific knowledge about the platform like what GPIO pin on what controller to tie to what function. All that stuff should be burned into a ROM somewhere so the kernel can configure itself for the hardware without needing complex tweaks and hard-coded configurations at the kernel level to make it all work.

Linux kernel drivers that are not open source are pure cancer. Lack of standard configuration specification and control methods are a secondary cancer. Given the state of things on non-x86 platforms, I'm surprised OpenWRT works at all. Bless those poor glorious developers at OpenWRT.

Re:3.18?

[Tough+Love]

The biggest problem with Android in particular and SoC platforms like ARM or MIPS is that all the hardware stuff is closed off and there are no standards

The ARM subsystem was refactored a few years back in view of this. There are perfectly good reasons why SoC can benefit by doing its own thing, but the general trend is in the direction of commonality, which lowers engineering costs for everyone in the long run.

Re:3.18?

Currently on kernel.org, the best kernel to use for future support kernel is 3.16. Second is 4.9, and third 3.2.

Original release date means nothing for long term support.

Re:iOS?

[aglider]

It's shit just like the other mobileOSes!!!

Name

What are all the people who don't suck Satan's co.... I mean... those who refuse to refer to it by an advert going to call it?
Android Orange-Slices?
Android O...?

Re:Name

How about Android 8, my slow, challenged friend?

The full list of requirements

All SoCs productized in 2017 must launch with kernel 4.4 or newer.
All other SoCs launching new Android devices running Android O must use kernel 3.18 or newer.
Regardless of launch date, all SoCs with device launches on Android O remain subject to kernel changes required to enable Treble.
Older Android devices released prior to Android O but that will be upgraded to Android O can continue to use their original base kernel version if desired.

Re:The full list of requirements

3.18 is OK for ARM devices tracking Linaro's LSK kernel support, but what about Intel based devices which would be better off with kernel.org LTS (which currently means they are best sticking with 3.16, which has support until 2020).

And what is the point in recommending 4.4 for newer devices? It's support ends before 3.18 support does.

Re:echo "3.18" /proc/version

Then some app comes along that needs to do something different depending on kernel version, and uses the 3.18 which fails, even though the app supports the 2.6 version that the phone is actually running.

Re:Next they are going to mandate

[Chrisq]

That you can't use the word "mandate" because it has the word "man" in it and that's a micro-aggression towards women in tech.

And "date" because its meaning either has sexual connotations or is ageist.

step in the right direction

[sad_]

some phones use really horrible outdated kernel versions, mostly because they have blobs in them that aren't updated.
this is a good step in the right direction, but google could still do more.

Re:step in the right direction

And it only took them a decade to figure out.

Re: step in the right direction

Nazis are everywhere. There's one under my bed right now!

Don't make them too carbon copy like

The ideal of standards is good for Android. But like any product you need a little customizing to sell it as unique. Kind of the boring part of a Chromebook that except for design and a couple hardware changes. I think some basic requirements is probably good to maintain a reasonable experience. We all know there are a lot of crappy Android phones out there.

Surprising...

I'm actually surprised that Android was (is, 3.18 is 2.5years old!) permitted to use old kernels with all the bugs they had (unauthorised remote access was rarely a problem... but quite a few bugs allowed privilege scalation provided physical access, and a phone is not a computer room).

Re:Surprising...

Why do you think LSK kernels have "all the bugs"?

Re:Next they are going to mandate

[DontBeAMoran]

And when you use the two words together you get a "man date", which is coercion toward women, forcing them to use their phones wether they want it or not.

Trying to kill Custom Firmwares?

[gchat]

This seems to me like a major hindrance for developers of custom firmwares. Since OEM's don't give a shit and don't release hardware blobs for their own devices, community developers had to use older kernels with new firmwares. For example my 4 year old Nexus 4 runs a bugfree custom Android 7.1.1 but the kernel is still the same as with 5.0, since Google stopped supporting the device and didn't release blobs for newer kernels. Now a kernel version of 3.18 for O seems fine, but there's no guarantee that newer firmwares won't have much higher requirements, like 4.0 for P etc. This would make many devices obsolete despite the high effort of those community developers, doing on their spare time the jobs that the OEM's should do.
If Google wanted to be serious about this they had to at least demand of OEM's to publish hardware blobs from now on for newer kernels. But it seems that this action is just another another step by big G to help the OEM's to accomplish more easily their planned obsolescence for any device which is over a year old.

Re:Trying to kill Custom Firmwares?

[DontBeAMoran]

You have two choices, here. Stop using Android or stop using smartphones.

Re:Trying to kill Custom Firmwares?

[jareth-0205]

Ars think that Project Treble will make custom builds easier, not harder https://arstechnica.com/gadget...

(I dunno I haven't used done the legwork to form an opinion)

Re:Trying to kill Custom Firmwares?

[thegarbz]

You have this backwards. The goal here is to attempt to eliminate this tying of binary blobs to a kernel in a way that prevents updating. This should make it easier to do custom builds in the future.

Re:Trying to kill Custom Firmwares?

[iamacat]

You do realize that this is only a requirement for hardware manufacturers who want to bundle Google apps with their devices right? So far these apps don't even check much if you download them from the web and sideload. But even if some of them do in future, you can still install amazon app store and runs tons of other stuff.

Re:Trying to kill Custom Firmwares?

[swillden]

This seems to me like a major hindrance for developers of custom firmwares.

(Google Android engineer here, though please note that I don't work on either the kernel, or Treble, so take my comments with a grain of salt. I do own a couple of important Android hardware abstraction layer interfaces, and the client code that uses them, so I'm a knowledgeable user of Treble.)

This kernel version requirement should have no impact on developers of custom firmware, positive or negative. Project Treble, however, should make the lives of custom firmware developers much better.

Treble forces a hard boundary between /system and /vendor + kernel[1], with a consistent, tested interface between the former and the latter two components. This means that even after an OEM stops updating the kernel and hardware blobs, you will still be able to flash new system images, either official ones or custom, because those system images will have a fixed, reliable interface to the hardware using the kernel and firmware already on the device.

This doesn't mean that we want OEMs to ignore updates to kernel and hardware blobs. Security patches to those components are crucial -- especially the kernel, since that's where all of the most severe Android vulnerabilities are found. But the idea is to break the functional interdependency between specific kernel and firmware versions and the system that sits atop them, so the system can be updated at will even if the bottom layer is never updated.

This means that if you buy a phone that launches with Oreo, and can unlock the bootloader, you should be able to flash pure AOSP Oreo onto it instead of the OEM's system. Further, you should be able to customize AOSP in whatever way you like... and you should still be able to continue doing this when P, or Q, or S, etc., lands in AOSP.

Clearly there will have to be some point at which AOSP simply drops support for old hardware abstraction layer versions, and at that point the /vendor on your device will be providing APIs that AOSP refuses to use, so it'll stop working without heavier customization.

So what is the kernel version requirement about if it's all hidden behind a strong hardware abstraction boundary anyway? Security. As I said above, the most serious vulnerabilities we see in Android today are pretty much all in the kernel. If OEMs use ancient kernel versions, that means that all kernel security bugs have to be backported to those old versions. Such backporting is tedious and error-prone, and many OEMs -- especially smaller ones -- simply don't have the expertise to do it, so they don't. Google does a lot of kernel security patch backporting, but there are limits to how far back Google's engineers can reasonably support. By forcing OEMs to get onto more-current kernel versions, Google is better able to ensure that patches are at least made available to OEMs.

Note that this still will not force OEMs or carriers to actually deliver the patches. There are other initiatives under way that focus on trying to do that, but the first step is for Google to make it easy for them to apply the patches. That's what the kernel version requirements are about, setting up a situation where Google can provide the patches so OEMs can deliver them.

[1] I assume that "Treble" is a reference to the treble/bass line distinction in music, including the punning of "bass" with "base". So the /vendor partition, with all of the firmware blobs and implementations of the hardware abstraction layer APIs, plus the kernel, is the "base/bass", on which the code from the /system partition (treble) depends. Project Treble is about defining a bass line with consistent characteristics, to allow the melodic treble line to be swapped out at will, to replace an OEM melody with an AOSP melody or even a custom melody. Yeah, the musical analogy is a bit of a stretch, but it's still useful. And it's not even that much of a stretch, since some genres of music do have common bass lines which underlie a wide variety of melodies and even melodic structures.

Re:Trying to kill Custom Firmwares?

I have an oldie 4.4 phone that needs to be replaced but I'm sure as hell I won't buy a phone till I can get one with 8 for a reasonable price.
Also, thanks for your posts!

Re:Trying to kill Custom Firmwares?

[ShakaUVM]

Wouldn't a better solution be Google requiring the bootloader code to all be free and open source, and all phones to be rootable?

The biggest problem with Android right now is how vendors lock down phones and don't give the users control over the devices they literally own.

Re:Trying to kill Custom Firmwares?

[gchat]

First of all many thanks for the extensive explanation about project tremble. It's the most clearest one I've read about this project yet. I was reluctant to mention tremble because I don't have much info about it which explains it functional-wise. When I first heard about it I had the same impression as you but later as I gathered more info, I realized that it could be just a way to allow OEM's to update their firmwares more easily without much effort on their part. It is quite obvious that almost all OEM's and hardware manufacturers have it on their business plan to not update older capable devices in order to force the users to change them frequently. If that doesn't change I'm afraid tremble won't be much of a help. I could be wrong but I guess only time will tell.
Furthermore, as ShakaUVM has mentioned absolutely correctly on his post 55139685, lockdowns from hardware manufactures needs to be stopped. Google had a big chance with the Nexus line to change this behavior and blew it. If I have to pay 1000$ for a freakin' device, I want at least to be able to customize it however I like. It's about time that those "mini-pc's" have the same characteristics as their bigger brothers.

Re:Trying to kill Custom Firmwares?

[swillden]

I realized that it could be just a way to allow OEM's to update their firmwares more easily without much effort on their part

In fact, the goal is to give OEMs the option to turn updating over to Google, making it literally zero effort (and cost!) for them. That's a pretty big step, though, so I don't think it will happen quickly, and when it does happen it will probably be second- and third-tier OEMs that do it. I hope I'm wrong on that last part.

It is quite obvious that almost all OEM's and hardware manufacturers have it on their business plan to not update older capable devices in order to force the users to change them frequently.

It may be "obvious", but it's simply not true, not that I've ever seen, and I've talked to a lot of people at a lot of OEMs.

That actual reason they're reluctant to do updates is not forced obsolescence, it's because updating is hard, which means expensive, and the vast majority of their customers do not care. Planning to do updates means including money in the business plan to pay for doing updates, and since the OEMs only do one transaction with you, that means they have to add that cost to the purchase price. The Android phone business is intensely competitive and margins for almost all of the OEMs are razor thin, so that simply won't happen unless and until customers demand it.

lockdowns from hardware manufactures needs to be stopped. Google had a big chance with the Nexus line to change this behavior and blew it.

Google did change this with the Nexus/Pixel line. All devices you buy from Google have unlockable bootloaders. This isn't something that Google can, or really even should try to, dictate to OEMs.

Look, I understand where you and ShakaUVM are coming from. I believe users should be able to fully own their devices, and so does nearly everyone else at Google. But it's not Google's job to dictate how devicemakers interact with their customers. Google's job is to make sure that Android devices are all compatible, that an app written to the standard Android APIs runs on all of them. Google has expanded that role a little with Treble, but it's still fundamentally one of compatibility, making sure that devices are compatible with future versions of Android.

Google is leading by example, and hoping that enough Android users care about unlockable bootloaders enough to vote with their wallets. So far, that hasn't worked. If you care about this, commit to refusing to buy any device without a specific commitment to vendor-provided updates, and without an unlockable bootloader, and convince everyone you know to do the same. If enough people do, OEMs will go along.

Re:Trying to kill Custom Firmwares?

[swillden]

Wouldn't a better solution be Google requiring the bootloader code to all be free and open source, and all phones to be rootable?

I won't go into detail because I'm not sure how much I can actually say, but I'll just point out that Google has to walk a very fine line. Every player in the ecosystem understands Google's role in ensuring compatibility across the ecosystem, so they're willing to accept Google's imposition of the compliance test suite (CTS). Which isn't to say they don't grumble about it and roll their eyes when they think Google is quibbling over minor details that they think don't matter, but they accept.

And I think they'll be willing to go along with the new form of compatibility demanded by Treble and the vendor test suite (VTS). CTS ensures that apps run on all Android devices. VTS aims to ensure that future versions of Android run on all Android devices (up to a point).

But there are real limits. Android is open source, and any of the big players, or a consortium of smaller ones, could fork Android and run with it. If Google steps too far out of the compatibility-enforcement role and starts trying to dictate how OEMs can do business with their customers (the carriers, mostly), the OEMs absolutely will fork Android. You think there are fragmentation problems now? And how much do you think those leading the new fork(s) will care about unlockable bootloaders?

So Google has to step lightly with mandating anything outside of compatibility. And by "step lightly" I pretty much mean "not do it". What we can do is to try to engineer things so it's easier for OEMs to do the right thing, but if they don't want to, or carriers don't want them to, we can't make them.

BTW, one note on your use of the word "rootable". That's the wrong word. Rooting is neither necessary nor sufficient to actually take control of your device. Thoroughgoing application of SELinux is actually making rooting irrelevant. Since root can't violate the SELinux restrictions, it can't really do much anymore anyway. I think we're not too far from making root just another user.

No, what you want is to be able to unlock the bootloader so you can flash custom images to it. Your custom images, of course, can eschew SELinux and make root all-powerful again, if that's what you want (though it's a bad idea, and I strongly recommend against it). But the key is that with the bootloader unlocked you can do whatever you like with the device.

Re:Trying to kill Custom Firmwares?

[ShakaUVM]

Thanks for your kind response.

All this was prompted by my phone randomly disconnecting and reconnecting when charging, which means late at night the screen turns itself on and off, waking me up. Google has apparently made no provision for a setting to turn off the screen when a charger is connected. The best you can do is download an app that will quickly turn the screen back off, but it will still flash randomly in a dark room, and this is annoying.

I want the ability to go through the source code for the kernel, find the place where it turns on the screen when a charger is connected, and disable it. Shouldn't take much time at all, but in my understanding, in the current ecosystem, it is basically impossible unless you have an unlocked device. Please correct me if I'm wrong.

Re:Trying to kill Custom Firmwares?

[swillden]

in the current ecosystem, it is basically impossible unless you have an unlocked device. Please correct me if I'm wrong.

You are correct. My recommendation is to make bootloader unlockability a must-have feature when buying your next device. Sorry I can't offer more.

Re:iOS?

It's shit just like the other OSes!!!

Safetynet enforcement plot?

I wonder how much is to simplify life for project Treble, and how much to fuck everyone with safetynet?

Right now you can defeat the safetynet checks by having the kernel not report on the bootloader lock/unlock status, but if you enforce a 4.4.x kernel as well as publishing the config, safetynet will check the bootloader status and will see from the config if the kernel is reporting it or not. If unlocked or configured to not report it, safetynet will fail the basic checks.

This will quickly kill custom ROMs, as well as any pretense to android's openness, as more and more ***hole devs use safetynet to block running their apps on rooted/modified devices.

Re:Safetynet enforcement plot?

nah. If you are building your own kernel, you can modify what's displaying in /proc/config.gz and it may not necessarily 100% match the real config. There was no compelling reason to do it before but if what you say is true, then that might be one.

Either that, or people can just patch out the reporting at the driver level.

Android O

[DontBeAMoran]

Android? Oh.

Re:Next they are going to mandate

[Rockoon]

All these air quotes you people are doing is a form of talking with your hands, which is now accepted to be a micro-aggression also.

Re:echo "3.18" /proc/version

[Rockoon]

Then some app comes along that needs to do something different depending on kernel version, and uses the 3.18 which fails

App devs are practical, however, and will figure it out and add more specific tests. If they don't, they lose sales.

Let me just insert this here

[fyngyrz]

I take offense at your use of "micro." You are impugning my manhood. My aggressions are a "good size." She told me so and that's why I know it's true.

Re:iOS?

It's shit just like everything.

best option for an Oreo kernel

[ecloud]

CONFIG_DOUBLE_STUF

cause you know more is always better...

How NSA wants it

They want ALL OSs to be subvertable. Because in theory you could run a ciphered communications app on the phone and they might have a "need" to obtain the keys.

So they simply ensure the kernel AND the hardware are hackable remotely. And in an automated fashion.

Linux had a zero day in gethostbyname() just recently. So all you need is about 10 lines of JS injected into your browsing session and they have your Linix kernel pwned. Of course that one is fixed and NSA/JCS will by now have inserted some other shit.

Re:How NSA wants it

Linux had a zero day in gethostbyname() just recently. So all you need is about 10 lines of JS injected into your browsing session and they have your Linix kernel pwned. Of course that one is fixed and NSA/JCS will by now have inserted some other shit.

The Linux kernel did not have this vulnerability. It was the GNU C Library project's libresolv library that contained this library.

Re:echo "3.18" /proc/version

[Tough+Love]

# echo "3.18" > /proc/version

bash: echo: write error: Input/output error

(because /proc/version is r/o)

Re:echo "3.18" /proc/version

[phantomfive]

Yeaeh you would have to modify the version number at compile time.

Re: poem

I like asparagus.

Re:echo "3.18" /proc/version

[HiThere]

What's weird though is that echo /proc/version yielded /proc/version even though kwrite /proc/version got the correct info.

Funny - how are they enforcing this

[MerlynEmrys67]

In every environment I have ever worked in the "version number" is simply a compiled in constant. I have the kernel source, can't I simply compile in the version of the kernel that is being tested for?

Re:Funny - how are they enforcing this

You can trivially work around whatever checks they're doing, but my guess is that if you come to Google for support because something in O is broken in your build, you will be told to kindly fuck off.

Re:Funny - how are they enforcing this

Also, they explicitly reserve the right to attach whatever legal strings they want onto GMS, so you could be in breach of contract if you have gmail on your build and you screw around with the kernel version constants.

Oh no! richard stallman was right.

so it will pay out for accepting binary firmware blob all along...
For the company.

Re: echo "3.18" /proc/version

That's because echo is for outputting text, not files (that's `cat`). `echo /proc/version` should work.

Re:Fuckle assdroid

and tax-payers supported the attempt to give you an education... what a waste.

Re:Next they are going to mandate

[Aighearach]

That's impossible, this is slashdot, everybody has Data A Live running in a loop in the "living-room" half of the basement.

No deto, no social life. You can't take that away from them. Let them have their deto.

CUPS and SANE

[tepples]

Good post, except that Linux does not have user space device drivers, with a few exceptions such as X11 and FUSE.

Technically correct, as user-space driver subsystems like CUPS (for printing) and SANE (for scanning) don't depend much on anything specific to Linux proper. They're used with GNU/Linux, but they're also used with (say) FreeBSD.

Re:CUPS and SANE

[Tough+Love]

You're right that CUPS drivers are in some sense device drivers. Of course those are stacked on top of "actual" hardware drivers that access the USB port, parallel port, etc.

Re: echo "3.18" /proc/version

[HiThere]

Thanks. I thought that /proc/version was returning a text string, though in that case one has to wonder why I even tried kwrite.