• General
  • I understand nothing... "Replace Linux" and "Phasing out Linux"

  • Edited

Hi

Android Open Source Project (AOSP) is based on Linux?

I think I am missing background infos

Quote from https://github.com/iAnonymous3000/awesome-grapheneos-guide

  • Hypervisor integration: Deploy and integrate a hypervisor like Xen to leverage it for reinforcing existing security boundaries. Linux would run inside virtual machines at this stage.

  • Sandbox reinforcement: Replace Linux inside the sandboxes with a compatibility layer like gVisor, which would need to be ported to arm64 and given a new backend alongside the existing KVM backend.

  • Phasing out Linux: Over the long term (many years), Linux can be phased out completely, along with the usage of virtualization.

are you asking if aosp (and thus gos) is linux-based? yes it is.

are you asking if graphene is phasing out linux? i don't speak for the project but that seems counterintuitive and the source you've posted seems unreliable.

  • Edited

https://grapheneos.org/faq#roadmap

What is the roadmap for GrapheneOS?
To get an idea of the near term roadmap, check out the issue trackers. The vast majority of the issues filed in the trackers are planned enhancements, with care taken to make sure all of the issues open in the tracker are concrete and actionable.

In the long term, GrapheneOS aims to move beyond a hardened fork of the Android Open Source Project. Achieving the goals requires moving away from relying on the Linux kernel as the core of the OS and foundation of the security model. It needs to move towards a microkernel-based model with a Linux compatibility layer, with many stepping stones leading towards that goal including adopting virtualization-based isolation.

The initial phase for the long-term roadmap of moving away from the current foundation will be to deploy and integrate a hypervisor like Xen to leverage it for reinforcing existing security boundaries. Linux would be running inside the virtual machines at this point, inside and outside of the sandboxes being reinforced. In the longer term, Linux inside the sandboxes can be replaced with a compatibility layer like gVisor, which would need to be ported to arm64 and given a new backend alongside the existing KVM backend. Over the longer term, i.e. many years from now, Linux can fade away completely and so can the usage of virtualization. The anticipation is that many other projects are going to be interested in this kind of migration, so it's not going to be solely a GrapheneOS project, as demonstrated by the current existence of the gVisor project and various other projects working on virtualization deployments for mobile. Having a hypervisor with verified boot still intact will also provide a way to achieve some of the goals based on extensions to Trusted Execution Environment (TEE) functionality even without having GrapheneOS hardware.

Hardware and firmware security are core parts of the project, but it's currently limited to research and submitting suggestions and bug reports upstream. In the long term, the project will need to move into the hardware space.

The information is good: GrapheneOS wants to leave Linux in the long term.

    Manna i was in error. thank you for correcting me

      itsjpb

      If I'm not mistaken, GrapheneOS has reviewed its guide before it was released, but has indicated that they don't agree with everything. I often see his posts on twitter.

      Anyway, it's always best to refer to the official website and social networks for the right info.
      There's a lot of misinterpretation out there about GrapheneOS work.

      Manna The information is good: GrapheneOS wants to leave Linux in the long term.

      Amen to that.

        AlanZ

        I don't know if there are any other credible projects right now, but one of the best known, fuschiaOS/Zircon, seems a little compromised.