Le développement des solutions embarquées et IoT grand public met en évidence un choix de systèmes d’exploitation dérivés de GNU/Linux (utilisant Yocto, Buildroot ou plus rarement des distributions classiques type Debian en utilisant des outils comme ELBE). Le système d’exploitation Android de Google (également basé sur un noyau Linux) est très présent sur ces domaines (décodeurs TV, multimédia, bornes interactives, applications d’infotainment dans l’automobile - Android Auto et Android Automotive OS). Durant cette conférence nous décrirons les avantages et les inconvénients de chaque solution (GNU/Linux ou Android) en fonction du projet envisagé et ce sur plusieurs critères :
- domaines d’application
- architecture et difficultés techniques
- outils de développement disponibles
- prise en compte de la sécurité
- gestion des licences
- contraintes commerciales (coût, certification/compatibilité)
- écosystème
- pérennité et tendances
A l'issue de la conférence nous tenterons de fournir un comparatif synthétique afin d'aider l'auditeur dans son choix.
GNU/Linux ou Android comme système d'exploitation embarqué ?
1. GNU/Linux vs Android as an embedded OS
Pierre Ficheux, Smile ECS
pierre.ficheux@smile.fr
November 2021
2. Agenda
● Android / Linux comparison on several criterion
○ Application domains
○ Licensing
○ Architecture
○ Security !
○ Sources and “build system”
○ Development tools
○ Commercial issues
○ Ecosystem / community
○ Trends and market
○ General conclusion
○ Synthesis
● Questions !
2
3. $ whoami
● CTO for Smile ECS (Embedded and Connected Systems)
● Teacher and trainer (Yocto, Linux drivers, Linux RT, Android/AOSP)
● Writer (books, whitepapers and articles about open source technology -
Embedded Linux)
3
4. Why GNU/Linux vs Android ?
● Similar functionalities but Android is NOT à new “GNU/Linux distribution”
● Both are Linux kernel based
● Both are “open source” (considering AOSP - Android Open Source Project)
● BSP available from most HW (SoC) vendors
● Embedded Android was introduced by Google as the best “Linux
replacement” for some markets
○ TV
○ Automotive (Android Automotive OS)
● Android approach looks “simpler” (and more profitable) because of application
model
○ Easier development (thanks to Android Studio)
○ Application store (Google Play)
4
5. Application domains
● GNU/Linux is a “multipurpose” OS (for industrial market)
○ Desktop
○ Server
○ Embedded systems with medium footprint
○ Standard distributions eat lots of GB but smallest Yocto image is only 7MB !
○ Smart enough with CLI
○ Needs add-on for GUI (X11, Wayland, then Qt - licensing issue)
○ RT support (PREEMPT_RT or Xenomai)
● Android is focused on multimedia and “consumer electronics”
○ Nice GUI
○ Multicore CPU
○ High performance GPU
○ High footprint (1GB flash, basic system image is 2GB)
○ High memory usage (4GB RAM)
○ Automotive, TV
5
6. Application domains, conclusion
● Android is a better choice for a GUI based project (consumer)
● GNU/Linux is a good choice as a (free) RT-OS for industry
● GNU/Linux is the only way for a general purpose (with CLI) project
6
8. Architecture, focus on HAL
8
device (HW) dependent
implementation
Android framework
device independent
“driver”
9. Architecture, conclusion
● The main difference between GNU/Linux and Android is HAL
● Android is designed to use “user space drivers” (shared libraries)
● Most of the time, very few kernel development for an Android project
9
10. Licensing
● Licensing is VERY important for industrial project !
● GNU/Linux uses several licenses in user space (GPL, LGPL, BSD,
proprietary, etc.)
● Android uses Apache 2 license for Google framework
● Lots of proprietary components aka “driver binaries”
● Google avoids using GPL if possible (BusyBox replaced by ToyBox) !
● Both uses GPL in kernel space !
● Android architecture was designed to avoid licensing issues (HAL)
● Licensing could lead to legal issues in GNU/Linux (LGPLv3 for Qt)
10
12. Security
● Security is a key issue these days with connected devices (IoT)
● Linux ecosystem includes several major projects regarding security
○ SELinux
○ Smack
○ dm-verity (block integrity)
○ etc.
● Activating that functionalities in Android is mandatory !
● Android needs secure boot (AVB = Android Verified Boot)
● A standard Android application runs in a “sandbox”
12
13. Security, SELinux with Android
● Each process and object labeled with a security context
● Each file belongs to a SELinux “domain”
● Each executable runs in a SELinux domain
● Definition of access rules from one domain to another
● Each access (such as device node) is verified by the Linux kernel !
○ # assign tty_device label to /dev/temper0 (a device driver)
○ /dev/temper0 u:object_r: tty_device:s0
○ # Untrusted Java app can read a tty_device type (.te)
○ allow untrusted_app_25 tty_device:chr_file { r_file_perms };
● Access fails if no rule allowing it is set (default lock)
● Zygote creates VM instances (ART) to run Android applications
● Zygote chooses the SELinux context for application
● SELinux can be disabled with “setenforce” command (if using “eng” build)
13
14. Security, conclusion
● Very high security level with Android !
● Mostly based on Linux tools !
● Could be the same with GNU/Linux but not configured by default
14
15. Sources and “build system”
● Build system is dedicated to OS image production
○ Bootloader
○ Linux kernel
○ Root filesystem
● Linux ecosystem provides several tools such as Yocto and Buildroot
● They don’t provide sources, only “recipes”
● Both are real collaborative projects (fully open source)
● Yocto is an official project from Linux foundation (used by most of the HW
makers)
● Android/AOSP build system was created by Google (not collaborative)
○ configuration/customization is “tricky” (designed for building a phone “ROM”)
○ includes sources and binaries (compilers, etc.)
○ no package management for the system part
● AOSP sources are huge, tens of GB for recent versions (80 Gb for 11)
15
16. Sources and build system
● Not possible to manage AOSP sources in a single Git repository
● You should use “repo” to manage hundreds of trees (800 for 11) !
● Android versions are “fragmented”, very difficult to get a “mainline” platform
(except for Google devices)
16
17. Sources and build system, conclusion
● GNU/Linux world is much better for this point !
17
18. Development tools
● Android and its tools are developed by Google “behind the doors”
○ A kind of proprietary approach (“the cathedral and the bazaar”) !
○ Tools are clearly identified, well documented
○ Android Studio (for building apps) is complex but very powerful !
○ Android/AOSP sources and internals are poorly documented :-(
● GNU/Linux is “the bazaar”
○ Loooots of tools (too many ?)
○ Several IDE (Eclipse, Qt Creator, etc.)
○ One can use CLI tools (such as toolchain) with different GUI
○ Much better documentation for major projects (Yocto)
18
19. Development tools, conclusion
● Proprietary world “aficionados” would prefer Android tools !
● Huge, opaque but easy to install and works fine
● GNU/Linux tools needs knowledge and tuning :-)
19
20. Commercial/product issues
● Licensing (and patents) can be issues in the GNU/Linux world
○ Be careful about the software architecture
● Android world is much more difficult
○ Android based device should be certified to use the “Android” trademark and GMS (store)
○ Long and costly procedure
○ Many requirements in Android Compatibility Definition Document (CDD)
○ Lots of automatic or manual tests (CTS, VTS, etc.)
○ All tests should be replayed by an external company approved by Google
○ Last but not the least, Google will approve, or not (for any reason)
○ Google will NOT approve an old Android version
20
21. Commercial issues, conclusion
● Building an Android certified device is a a hard work !
● You can use AOSP without certification
○ Don’t use Android branding !
○ No access to GMS
21
22. Ecosystem / community
● Android ecosystem is huge regarding
○ end users (billions of devices → hardware makers, STB/Google TV, automotive)
○ applications (most of them are proprietary)
○ developers
● Google does not accept external contribution → no community
● GNU/Linux has a rich ecosystem of contributors, providers, users, hardware
makers
● Communities are the 💙 of GNU/Linux world
● GNU/Linux is supported by foundations in the open source world
○ Linux
○ Apache
○ Eclipse
● Lots of major projects around GNU/Linux, such as Yocto, PREEMPT_RT, etc.
22
23. Ecosystem / community, conclusion
● Android has no real community (except apps developers), only customers
(such as Windows)
● Working with GNU/Linux outside communities is not possible
23
24. Trends and market
● Android is still a leader in smartphone market (72%) but iOS is still 28% (was
18% in 2016)
● Android (AAOS) more present in automotive world (2021 +)
○ IoT growing market
○ Android GUI is fine for the end user
○ Automotive world is not really open source friendly !
○ Partnership with GM, PSA, Renault, Volvo
○ GENIVI (now COVESA) focuses on AAOS (“AAOS special interest group”)
○ Concurrency from AGL (Linux) and QNX (proprietary)
● Android did not kill GNU/Linux in industrial world
○ Fragmentation in BSP (Android version)
○ Certification, licensing
○ Footprint and CPU usage
○ No real-time support
○ GAFAM syndrom ?
24
25. Trends and market, conclusion
● GNU/Linux is still a leader for industrial projects
● Android will get more shares for multimedia/consumer projects
25
26. General conclusion
● Android is not really an open OS (developed “behind the doors”)
● Android is very difficult to adapt
○ Very few AOSP documentation
○ Very few experts :-(
○ Costly certification
● Be careful about legal issues for GNU/Linux
● Very high (and native) security level for Android
● GUI approach is better and simpler for Android
● Any Android project is very costly (to be estimated a long time before) !
● Marketing (everybody has a smartphone, including your boss !)
26