|
|
Log in / Subscribe / Register

ELCE11: Sandboxing for automotive Linux

ELCE11: Sandboxing for automotive Linux

Posted Nov 3, 2011 18:15 UTC (Thu) by jimparis (guest, #38647)
Parent article: ELCE11: Sandboxing for automotive Linux

That's a strange approach to virtualization. Trying to blend the Android and host kernels into one that has the features that Android needs, but still provides the isolation the host needs, sounds tricky, and prone to bugs and security problems. If done right, hardware-level virtualization (ie KVM) should have only minor performance implications, especially on a platform where things like network and file I/O are already quite slow and shouldn't be affected by a small CPU overhead.

Power management seems like a minor concern. Cars have orders of magnitude more energy available -- a typical car battery holds something like 500 W-h, whereas the Nexus One battery is about 5 W-h. Your overhead dome lamp draws more power than your phone.

Is the assumption that all car IVI systems will have some form of always-on network connection? Android certainly doesn't seem designed for an offline use case. I don't know how things like a store would even work in that case, and many applications and games are supported by ads.

to post comments

ELCE11: Sandboxing for automotive Linux

Posted Nov 3, 2011 23:00 UTC (Thu) by martinfick (subscriber, #4455) [Link] (1 responses)

> If done right, hardware-level virtualization (ie KVM) should have only minor performance implications, especially on a platform where things like network and file I/O are already quite slow and shouldn't be affected by a small CPU overhead.

I think that is dreaming. OS level virtualization can handle 1000s of guests, do you think KVM "done right" could even handle 100?

ELCE11: Sandboxing for automotive Linux

Posted Nov 4, 2011 19:59 UTC (Fri) by jimparis (guest, #38647) [Link]

When you start talking about 100 or 1000 guests, the limiting factors to full virtualization quickly become I/O bandwidth, scheduler pressure, RAM, etc. Virtualizing exactly 1 guest is an entirely different problem, especially if the primary goals are security and trying to mix two dissimilar systems. So yeah, I do think that "KVM done right" is far better for isolating a single Android instance than trying to modify both the host and guest to coexist. That's not to say that OS level virtualization doesn't have its uses.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds