![12Copyright 2016 ITRI 工業技術研究院
Virtual Devices and their Drivers
Device Namespaces : namespace aware device driver (inspired by
Cells proj. @ Columbia University)
Stateful/Stateless device driver, stateful devices, like alarm device, the
state of different namespaces must be maintained
AlarmManagerService
alarm-dev driver has been removed in Android Nougat, the functionality
provided by the Android alarm-dev driver should now be present in the
timerfd interface
com_android_server_AlarmManagerService.cpp
static const clockid_t android_alarm_to_clockid[N_ANDROID_TIMERFDS]
• CLOCK_REALTIME_ALARM (since Linux 3.11)
• CLOCK_REALTIME
• CLOCK_BOOTTIME_ALARM (since Linux 3.11)
• CLOCK_BOOTTIME (since Linux 3.15)
• CLOCK_MONOTONIC
• CLOCK_REALTIME
Linux Kernel + LXC + Drivers
Virtual Devices alarm- dev
Android 1 Android n
State 1 State n](https://image.slidesharecdn.com/androidcontainerization-171209093834/85/Android-containerization-in-brief-13-320.jpg)
Android containerization in brief
- 1. Copyright 2016 ITRI 工業技術研究院 0 Container-based Android (Android Containerization) TC Wu, Victor Hsu, Sting Cheng @ ICL/ITRI Sponsored by Department of Industrial Technology, Ministry of Economic Affair
- 2. 1Copyright 2016 ITRI 工業技術研究院 Outline Preliminaries Containerizing Android Isolate/share services among Android instances Linux Kernel, Drivers and Android Binder Window System and Graphics Performance Benchmark To Be Continued Open Source Release Schedule
- 3. 2Copyright 2016 ITRI 工業技術研究院 Preliminaries Android Platforms Nexus 7 with Android 6.X/Kernel 3.4.0 Pixel XL with Android 7.1.X/Kernel 3.18.31 LXC and Other Tools Built with Android NDK: android-toolchain-arm_64-4.9-android-24 libcap (https://github.com/abstrakraft/lxc-android-libcap) • Only libcap is required, built in static (libcap.a) • libcap.a is statically linked into lxc SELinux • Using essential Android code base: external/selinux – libselinux: external/selinux/libselinux » NOT external/libselinux which is a small port of libselinux for Android framework – libsepol: external/selinux/libsepol – setfiles: external/selinux/policycoreutils/setfiles LXC
- 4. 3Copyright 2016 ITRI 工業技術研究院 Preliminaries - LXC Configuring & building LXC Packaging LXC and tools /odm ├── bin │ ├── .... │ ├── lxc-start │ ├── lxc-stop │ ├── .... │ ├── setfilecon │ ├── setfiles │ └── ... ├── lib │ ├── liblxc.la │ ├── liblxc.so ├── libexec │ └── lxc │ ├── hooks │ │ └── unmount-namespace │ ├── lxc-apparmor-load │ ├── lxc-containers │ ├── lxc-monitord │ ├── lxc-net │ └── lxc-user-nic export CBA_HOME=/odm export PREFIX=$CBA_HOME export PIXEL_LIBS=/home/sting/cba/lxc/pixel-libs/usr CFLAGS="--sysroot=$SYSROOT -I$PIXEL_LIBS/include -fPIE" CPPFLAGS="$CPPFLAGS $CFLAGS" LDFLAGS="$LDFLAGS -fPIE -pie -L$PIXEL_LIBS/lib" ./configure --host=aarch64-linux-android --enable-shared=yes --enable-static=yes --disable-api-docs --enable-selinux --enable-capabilities --disable-examples --disable-lua --disable-python --disable-bash --enable-configpath-log --prefix=$PREFIX --with-systemdsystemunitdir=$PREFIX/lib/systemd/system --with-config-path=$CBA_HOME/containers --with-global-conf=$CBA_HOME/.config --with-runtime-path=/cache
- 5. 4Copyright 2016 ITRI 工業技術研究院 Containerizing Android
- 6. 5Copyright 2016 ITRI 工業技術研究院 Android Containerization Overview Android was essentially designed for single instance architecture In order to better containerized Android, we need to Refactor essential Android key services architecture design to make it namespace- aware and sharable among Android containers Extend the current LXC to support namespace-aware device model and namespace- aware deriver development Extend Android virtual devices and drivers to support namespace-awareness Unified Linux Kernel & Drivers LXC Container (Cgroups, Namespace) SELinux Virtual Device Drivers Host Android Shared Framework Services Service Manager Surface Flinger Camera LXCTools Virtual Devices binder RIL alarm …. Netfilter, Virtual Ethernet Bridging iptables Power Mgmt. …. Android 1 Android 2 Audio Sensors
- 7. 6Copyright 2016 ITRI 工業技術研究院 Android Containerization Overview (2) Linux Kernel + LXC Surface Flinger buffer Host Android Shared Framework Services Surface Flinger Window Manager Android n Window Manager namespace-aware binder Unshared service invocation Shared service invocation Virtual Devices alarm- dev State 1 State n Before After Power Mgmt. Activity Manager Activity Manager Sharing or Isolating critical and resource-constrained services among Android containers Namespace-aware IPC binder (Android service invocation is through IPC binder) Virtual devices and their namespace-aware drivers State-ful/Stateless device driver, state-ful devices, like alarm device, the state of different namespaces must be maintained Preventing performance lose with limited container interception overhead Service Manager Camera Audio Sensors
- 8. 7Copyright 2016 ITRI 工業技術研究院 Linux Kernel, Drivers and Android Binder
- 9. 8Copyright 2016 ITRI 工業技術研究院 Isolate/Share Services among Android Containers Refactoring essential Android binder architecture design to enable isolate/share services among Android instances Namespace-aware IPC binder (Inspired by Container Virtualization Adapted to Android @浙江大学计算机系统结构实验室) Reduce the total # of Linux process Can be configured which services to be shared Caller is aware of the container ID of callee Linux Kernel + LXC + Drivers Virtual Devicesbinder 1 binder n Linux Kernel + LXC + Drivers Virtual Devices namespace-aware binder Shared service invocation Unshared service invocation Before After
- 10. 9Copyright 2016 ITRI 工業技術研究院 Android Service Registration & Discovery ServiceManagerService App 1. addService(name, service) 2. getService(name) 3. Binder IPC Transactions service
- 11. 10Copyright 2016 ITRI 工業技術研究院 Virtual Binder Driver Lei Xu, Wenzhi Chen, Zonghui Wang, Guoxi Li, Chuan Li, Weijie Sun, Condroid: A Container-Based Virtualization Solution Adapted for Android Devices , Proceedings of IEEE International Conference on Mobile Cloud Computing, Services, and Engineering, 2015 Real binder driver Host Service Manager SHARED
- 12. 11Copyright 2016 ITRI 工業技術研究院 Android Virtual Binder Architecture Service Manager Service App Host Service App Container1 Service App Container2 /dev/binder /dev/virtualbinder1 /dev/virtualbinder2 Virtual Binder Driver Real Binder Deriver Linux Kernel
- 13. 12Copyright 2016 ITRI 工業技術研究院 Virtual Devices and their Drivers Device Namespaces : namespace aware device driver (inspired by Cells proj. @ Columbia University) Stateful/Stateless device driver, stateful devices, like alarm device, the state of different namespaces must be maintained AlarmManagerService alarm-dev driver has been removed in Android Nougat, the functionality provided by the Android alarm-dev driver should now be present in the timerfd interface com_android_server_AlarmManagerService.cpp static const clockid_t android_alarm_to_clockid[N_ANDROID_TIMERFDS] • CLOCK_REALTIME_ALARM (since Linux 3.11) • CLOCK_REALTIME • CLOCK_BOOTTIME_ALARM (since Linux 3.11) • CLOCK_BOOTTIME (since Linux 3.15) • CLOCK_MONOTONIC • CLOCK_REALTIME Linux Kernel + LXC + Drivers Virtual Devices alarm- dev Android 1 Android n State 1 State n
- 14. 13Copyright 2016 ITRI 工業技術研究院 Window System and Graphics
- 15. 14Copyright 2016 ITRI 工業技術研究院 Share or Not to Share SurfaceFlinger/WindowManager 浙江大学计算机系统结构实验室 Share both SurfaceFlinger and Window Manager Maintains different z-order range for different containers Linux Kernel + LXC + Drivers Surface Flinger buffer Host Android Shared Framework Services Surface Flinger Window Manager
- 16. 15Copyright 2016 ITRI 工業技術研究院 Share or Not to Share SurfaceFlinger/WindowManager (2) ICL Approach Window Manager in each container Single SurfaceFlinger instance on host • Maintains list of Layers of different Android containers • Groups Layers according to their container ID Linux Kernel + LXC + Drivers Surface Flinger buffer Host Android Shared Framework Services Surface Flinger Window Manager Android n Window Manager
- 17. 16Copyright 2016 ITRI 工業技術研究院 Display Switching between Containers • Layers of different Android containers in SurfaceFlinger • SurfaceFlinger groups layers according to their container ID Assign layers of host container to layersSortedByZ of primary display primary display compose Assign layers of container 1 to layersSortedByZ of primary display primary display compose
- 18. 17Copyright 2016 ITRI 工業技術研究院 Benchmark
- 19. 18Copyright 2016 ITRI 工業技術研究院 Benchmark on Nexus 7 Host Container Host + Container Host Container Score 11227 11024 5976 5356 FPS (avg) 41.24 40.68 21.17 19.39 GPU Benchmark 3D Host Container Host + Container Host Container Score 2560 2527 1588 1579 3DRating for OpenGL ES 2.0 Host Container Host + Container Host Container OpenGL Cube 58.35 fps 58.27 fps 57.56 fps 57.60 fps OpenGL Blending 61.35 fps 61.24 fps 59.91 fps 59.62 fps OpenGL Fog 61.37 fps 61.34 fps 60.50 fps 60.08 fps Flying Teapot 55.54 fps 55.40 fps 32.54 fps 32.53 fps 0xbench
- 20. 19Copyright 2016 ITRI 工業技術研究院 To Be Continued
- 21. 20Copyright 2016 ITRI 工業技術研究院 To Be Continued Power Management To share or not to share PowerManagerService Activity Manager Service SELinux To further isolate host and containers SEE (Secure Execution Environment) Integration vold and Qualcomm SEE issues DRM
- 22. 21Copyright 2016 ITRI 工業技術研究院 Open Source Release Schedule ICL/ITRI is going to release the code as an open source project on GitHub Sept, 2017 Q1, 2018 Q2, 2018 •Mid-September –Nexus 7 ROM image with Android 6.X/Kernel 3.4.0 –Pixel XL ROM Image with Android 7.1.X/Kernel 3.18.31 •End of September –Source code for Nexus 7 with Android 6.X/Kernel 3.4.0 Mid-Q2 Source code and ROM image for Pixel 2 with Android 8.X Mid-Q1 Source code for Pixel XL with Android 7.1.X/Kernel 3.18.31