Hacker News new | past | comments | ask | show | jobs | submit login

Linux on Android doesn't multiplex or protect software principals from each other. It did for a brief time, but that led to massive vulnerablilities. Because Linux view of hardware (nice symmetric system with homogeneous cores running single OS with shared memory address space) was different from what was the actual state.

For that reason hardware was abstracted away from Linux and it's only used to run Linux programs. It's not containerized. It's isolated to an enclave where damage it can do is minimal.

Android OS is essentially a ball of propietary firmware mud. With Linux programs and Dalvik JVM.

For more: https://youtu.be/36myc8wQhLo




>Linux on Android doesn't multiplex or protect software principals from each other.

What? Linux is the only part of the system that directly talks to the hardware and multiplexes it between other applications on top. It enforces security between different apps on the system from interfering with each other.

>Because Linux view of hardware (nice symmetric system with homogeneous cores running single OS with shared memory address space) was different from what was the actual state.

Linux does not assume homogeneous cores.

>For that reason hardware was abstracted away from Linux

It's not. Drivers for interfacing with the hardware have to be built into Linux / a Linux kernel module.

>and it's only used to run Linux programs.

All running processes on the system are running on Linux.

>It's not containerized.

It uses the Linux kernel to enforce security boundaries which is what containers do.

>Android OS is essentially a ball of propietary firmware mud. With Linux programs and Dalvik JVM.

You can run Android without any proprietary firmware. Dalvik is not a JVM.


> What? Linux is the only part of the system that directly talks to the hardware and multiplexes it between other applications on top.

Not really. Linux talks to the software written for SoC and it pretends Linux is in control. Again look at the linked talk.

Does Linux control power? No. Bluetooth managment? SoC. USB? Nah. It's done by a chip in SoC.

At that point what is the difference between Linux and JVM?

> All running processes on the system are running on Linux.

And all JVM processes run on JVM. It still won't make it an OS.

There are firmware blobs running god knows what on actual hardware. Linux does not control these processes. But it assumes it does. And those processes abstract away hardware resources, pretending to be dumb peripherals, while running their own processes regardless of Linux.

> Linux does not assume homogeneous cores.

Granted this might have changed between 2021 and now, but it's view of hardware probably assumes one central chip with address space and Linux as only OS in control. Something like a PC.

Design of mobile phones is about as different as you can get from that model.

> You can run Android without any proprietary firmware. Dalvik is not a JVM.

Perhaps I should rephrase it. Android's OS is the firmware on the device, not Linux. Because Linux isn't doing the job of the OS. The firmware is.

Dalvik might not exactly be JVM but it behaved a lot like one. It's also not hugely relevant to my point.


>Not really. Linux talks to the software written for SoC and it pretends Linux is in control.

Which is how any other Linux distribution works. I'm not sure what your point is here. Hardware exposes an API for the kernel to use it with and that's how it's always worked.

>Android's OS is the firmware on the device

Okay, and no computer's OS is Linux by this standard. This is just a pedantic argument.


Not really. I mean the point is that SoC and modern mobile/server architecture abstract away hardware which makes it so the OS is slowly getting enclaved and isolated from the hardware.

It didn't use to be this way, and pretending everything is the same is doing no one a service.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: