running android in a container
play

Running Android in a Container How the play store runs on Chrome OS - PowerPoint PPT Presentation

Nov 05, 2023 •193 likes •296 views

Running Android in a Container How the play store runs on Chrome OS How Android Runs On Chrome OS Chrome Graphics Buffer (Prime FD) Android IPC IPC Chrome IPC Binder System Bridge Bridge (*/init*) Input Events network config, GL,

  1. Running Android in a Container How the play store runs on Chrome OS

  2. How Android Runs On Chrome OS Chrome Graphics Buffer (Prime FD) Android IPC IPC Chrome IPC Binder System Bridge Bridge (*/init*) Input Events network config, GL, audio buffers screen-on locks Network traffic, File I/O, Binder, etc CROS systems service (CRAS, powerd, Shill) Chrome OS Linux Kernel

  3. Android Containerization • Namespaces • Device Access • File System • Input • Audio/Video/Graphics • Network

  4. PID Namespace • Allows Android’s init to be PID 1 Chrome OS Android Container cros# pstree -ap andoid# ps init,1 USER PID PPID NAME | ... <snip> ... root 1 0 /init |-minijail0,4514 -u cras -g cras -G -- /usr/bin/cras shell 40 1 /sbin/adbd | `-cras,4865,cras keystore 37 1 /system/bin/keystore | ... <snip> ... media 35 1 /system/bin/mediaserver |-session_manager,1744 system 17 1 /system/bin/servicemanager | |-chrome,1811,chronos system 18 1 /system/bin/surfaceflinger | | |-chrome,2372 ... <snip> ... | | … <snip> ... | `-init,6057,android-root --second-stage | |-adbd,6143,657360 --root_seclabel=u:r:su:s0 | | `-{adbd},6144 | |-keystore,6140,656377 /data/misc/keystore | |-mediaserver,6138,656373 | | |-{mediaserver},6167 | | ... <snip> ... | |-servicemanager,6117,656360 | |-surfaceflinger,6118,656360 | | |-{surfaceflinger},6125 | ... <snip> ...

  5. User Namespace • Allows Android to believe it is running as root • Android actually runs as UID=655360 • Clone flag CLONE_NEWUSER • Allows mounting of certain file systems

  6. Mount Namespace • Gives Android its own view of system mounts • Pivot root to new location that Android sees as root • Really a squash FS filesystem image • Android can modify this mount namespace

  7. Net Namespace • Isolates Android network interfaces • Give Android one bridged interface “arc0” • Network configuration is handled outside the container by shill arc0 veth_android 192.168.254.2 (no IP) Android container br0 192.168.254.1 NAT iptables –j MASQUERADE wlan0 eth1 tun0 LAN wifi LAN wired VPN Chrome OS host (init.ns)

  8. cgroup Namespace cros# tree /sys/fs/cgroup/cpu/ |-- <control files, e.g. cpu.shares> |-- session_manager_containers } | |-- android | | |-- bg_non_interactive | | | |-- <control files, e.g. cpu.shares> Android owned | | | `-- tasks | | |-- <control files, e.g. cpu.shares> | | `-- tasks | |-- <control files, e.g. cpu.shares> | `-- tasks |-- tasks android# tree /dev/cpuctl |-- bg_non_interactive | |-- <control files, e.g. cpu.shares> | `-- tasks |-- <control files, e.g. cpu.shares> `-- tasks

  9. Speed Boot Time Android Startup Chrome App Performance Performance

  10. Security • Maintain Chrome OS security story • Verity, root of trust • Updates • Cgroups • Android Device Node Access • Alt-syscall • SELinux

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Running Android on the Mainline Graphics Stack Robert Foss @memcpy_io Agenda Android

Running Android on the Mainline Graphics Stack Robert Foss @memcpy_io Agenda Android

Running Android on the Mainline Graphics Stack Robert Foss @memcpy_io Agenda Android History Android on Mainline Current Status Big Picture Android History Android History Qualcomm diff with mainline, # lines 4000000

981 views • 76 slides
Lessons Learnt from Running a Container Native Cloud Xu Wang (@gnawux) CTO &amp; Cofounder,

Lessons Learnt from Running a Container Native Cloud Xu Wang (@gnawux) CTO &amp; Cofounder,

Lessons Learnt from Running a Container Native Cloud Xu Wang (@gnawux) CTO &amp; Cofounder, Hyper.sh Reinvent IaaS with Container! Agenda Hyper.sh: a Container Native Cloud Under the Hood: How We Build a Container Native Cloud

442 views • 23 slides
Android Pre-requisites 1 Android To Dos Make sure you have working

Android Pre-requisites 1 Android To Dos Make sure you have working

Android Pre-requisites 1 Android To Dos Make sure you have working install of Android Studio Make sure it works by running Hello, world App On emulator

666 views • 24 slides
Running Android on the Mainline Graphics Stack Robert Foss Senior Software Engineer

Running Android on the Mainline Graphics Stack Robert Foss Senior Software Engineer

Running Android on the Mainline Graphics Stack Robert Foss Senior Software Engineer robert.foss@collabora.com @memcpy_io Open First Agenda Android History Android on Mainline Current Status Big Picture Android History

972 views • 76 slides
BRexx: Running Rexx on Android Systems Eva Gerger 26th International Rexx Symposium 2015

BRexx: Running Rexx on Android Systems Eva Gerger 26th International Rexx Symposium 2015

BRexx: Running Rexx on Android Systems Eva Gerger 26th International Rexx Symposium 2015 Contents What is BRexx? Nutshell examples BRexx vs. Rexxoid 2 BRexx - What for? Android applications are quite complex Write &amp;

476 views • 21 slides
Positioning with Single and Dual Frequency Smartphones Running Android 7 or Later * Ren Warnant,

Positioning with Single and Dual Frequency Smartphones Running Android 7 or Later * Ren Warnant,

Positioning with Single and Dual Frequency Smartphones Running Android 7 or Later * Ren Warnant, *Laura Van De Vyvere, + Quentin Warnant * University of Liege Geodesy and GNSS + Augmenteo, Plaine Image, Lille (France) ION GNSS+ 2018, Miami, 26

460 views • 20 slides
Precise Positioning with Smartphones running Android 7 or later * Ren Warnant, * Ccile Deprez,

Precise Positioning with Smartphones running Android 7 or later * Ren Warnant, * Ccile Deprez,

Precise Positioning with Smartphones running Android 7 or later * Ren Warnant, * Ccile Deprez, + Quentin Warnant * University of Liege Geodesy and GNSS + Augmenteo, Plaine Image, Lille (France) Belgian Geography Day, Liege, 17 November 2017.

409 views • 13 slides
DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x Galley Container 1x Medical Container 1x Feed Water Container 1x Water Treatment Container 2x Generator Container 1x

569 views • 8 slides
Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and

Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and

Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and Cloud Native Computing! Google running 2B+ containers per week! Internet scale companies are running containers too: Facebook, Twitter,

1.8k views • 49 slides
Kafka in Jail Running Kafka in container orchestrated clusters Sean Glover, Lightbend @seg1o

Kafka in Jail Running Kafka in container orchestrated clusters Sean Glover, Lightbend @seg1o

Kafka in Jail Running Kafka in container orchestrated clusters Sean Glover, Lightbend @seg1o Who am I? Im Sean Glover Senior Software Engineer at Lightbend Member of the Fast Data Platform team Contributor to various projects in

788 views • 60 slides
Android Services CS 4720 Mobile Application Development Resource: developer.android.com CS

Android Services CS 4720 Mobile Application Development Resource: developer.android.com CS

Android Services CS 4720 Mobile Application Development Resource: developer.android.com CS 4720 The Android Architecture CS 4720 2 The Service A Service is a process running the background It does not have a UI A Service

264 views • 9 slides
Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2

Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2

Developers Google Maps Android API v2 Make your Android app pop with Google Maps Android API v2 Anthony Morris Jan-Felix Schmakeit Tech Lead, Android Maps API Android Developer Relations Code, Slides, Worksheet: http://goo.gl/MfY67 Welcome!

687 views • 49 slides
Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to

Introduction to Android Development What is Android? Android is the customizable, easy to use operating system that powers more than a billion devices across the globe - from phones and tablets to watches, TV, cars and more to come.

464 views • 21 slides
Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Introduction Container Library Container Tools FUSE Container File System Evaluation Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene Michael Kuhn Parallele und Verteilte Systeme Institut f ur

353 views • 22 slides
CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest &lt;manifest

CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest &lt;manifest

Project #1: Color Guess Game CS619 Android 101 BENCE CSERNA Android: Manifest example Android: Manifest &lt;manifest xmlns:android=&quot;http://schemas.android.com/apk/res/android&quot; package=&quot;net.cserna.bence.colorguess

201 views • 3 slides
Creating a new Android project CS/SE Individual Practical Stephen Gilmore October 7, 2011

Creating a new Android project CS/SE Individual Practical Stephen Gilmore October 7, 2011

Getting started Running an application Managing apps Debugging apps Designing layouts with XML Getting started Running an application Managing apps Debugging apps Designing layouts with XML Creating a new Android project CS/SE Individual

292 views • 8 slides
CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed:

CSE 154 LECTURE 26: WEB SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code,

210 views • 18 slides
Multiplicative Masking for AES in Hardware CHES 2018 Lauren De Meyer, Oscar Reparaz, Begl

Multiplicative Masking for AES in Hardware CHES 2018 Lauren De Meyer, Oscar Reparaz, Begl

Multiplicative Masking for AES in Hardware CHES 2018 Lauren De Meyer, Oscar Reparaz, Begl Bilgin P ROBLEM : SIDE - CHANNEL ANALYSIS 2 S OLUTION : M ASKING 3 E XTRA P ROBLEM : G LITCHES ! 4 B OOLEAN M ASKING ! = # $ , # &amp; , , # (

473 views • 43 slides
TDDD89 Lecture 4 - Research methods Ola Leifler 2 Literature Cohen, Paul. Empirical Methods

TDDD89 Lecture 4 - Research methods Ola Leifler 2 Literature Cohen, Paul. Empirical Methods

TDDD89 Lecture 4 - Research methods Ola Leifler 2 Literature Cohen, Paul. Empirical Methods in Artificial Intelligence Experimentation in Software Engineering Case Study Research in Software Engineering Weapons of Math

1.22k views • 39 slides
for feature selection: An approach in breast cancer diagnosis on mammography Noel Prez 1 ,

for feature selection: An approach in breast cancer diagnosis on mammography Noel Prez 1 ,

Improving the Mann-Whitney statistical test for feature selection: An approach in breast cancer diagnosis on mammography Noel Prez 1 , Miguel A. Guevara 2 , Augusto Silva 2 and Isabel Ramos 3 1 Institute of Mechanical Engineering and Industrial

825 views • 23 slides
CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed:

CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed:

CSc 337 LECTURE 24: SECURITY Our current view of security until now, we have assumed: valid user input non-malicious users nothing will ever go wrong this is unrealistic! The real world in order to write secure code, we

211 views • 18 slides
Estimating the EOS from the measurement of NS radii with 5% accuracy Magdalena Sieniawska 1 ,

Estimating the EOS from the measurement of NS radii with 5% accuracy Magdalena Sieniawska 1 ,

Estimating the EOS from the measurement of NS radii with 5% accuracy Magdalena Sieniawska 1 , Micha Bejger 1 , Brynmor Haskell 1 1 Nicolaus Copernicus Astronomical Center Polish Academy of Sciences arXiv:1803.08813 28 March 2018 Magdalena

292 views • 15 slides
WireGuard zswu Computer Center, CS, NCTU WireGuard Introduction Simple and fast VPN solution

WireGuard zswu Computer Center, CS, NCTU WireGuard Introduction Simple and fast VPN solution

WireGuard zswu Computer Center, CS, NCTU WireGuard Introduction Simple and fast VPN solution Low overhead Deep integration with Linux kernel Over UDP Peer to Peer Secure Built-in Roaming Connections keep alive even

490 views • 18 slides
#15: CS Ethics SAMS SENIOR CS TRACK Last Time Understand how efficiency changes how long a

#15: CS Ethics SAMS SENIOR CS TRACK Last Time Understand how efficiency changes how long a

#15: CS Ethics SAMS SENIOR CS TRACK Last Time Understand how efficiency changes how long a program takes to run. Recognize that some problems probably can't be solved efficiently . Recognize that other problems probably can't be solved at all!

600 views • 20 slides

More recommend