Can some functionalities for os be passed to second kernel?
For example there could be docker or some other VM with Halium kernel to use some apps for example WiFi, camera and SIM calling?
Example can be qubesos which uses separate VM to do networking and other functions.
I’ve been wondering about this since I saw this patch get posted https://lwn.net/Articles/1038815/
If this is possible to run multiple kernels then I would think it would be the best approach postmarketos could take, yes it would be less secure because of the old outdated android kernel, but we could possibly have working phones then. Like you said, use the android kernel for hardware access and mainline linux kernel for software support. As it stands right now, fairphone 5 is close with mainline, but still doesn’t really have working cameras and volte still doesn’t work so no calling in the US.
Looks cool I wonder how it would work in action.
Extremely theoretically - yes. You could run other kernels in VMs with hardware passthru. Not docker, because that’s containerization that runs on the host kernel, but something like QEMU.
Realistically - no, there is no support for this, I don’t think it’s planned, and I don’t think it would be useful anyways. Old phone hardware which pmOS currently supports doesn’t do hardware virtualization well in the first place. Even if it did, getting all the hardware passthru working right is extremely non-trivial, and performance would probably be horrible because of constricted RAM.
Doesn’t kernel require just tens of MB?
You’d need to run a lot of duplicate services on top of that kernel for it to be any useful. Besides, the VM adds its own memory overhead too.
What are your thoughts on this patch?
First of all, AFAIR it only really works on x86 for now. Besides, I don’t see much benefit in running two kernels side-by-side like this in this situation, you would once again have to run a lot of services twice (eating up RAM) and you don’t even get any security benefits in return. The only slight benefit is better software compatibility on a newer kernel but in all likelyhood it’s easier to backport the software to the old kernel, rather than get this exceptionally weird multikernel setup running on already quirky phone hardware.
In the context of cell phones, it makes a lot of sense though, if you can pull it off. Android kernel for hardware support, mainline kernel for software support. Right now there’s very few phones that can run mainline linux and actually use the features people would expect from a phone, the rest use android kernels and hallium which gives good hardware support, but doesn’t support the software stack for gnome-mobile and all the ‘traditional’ linux software like flatpak apps, etc.
So you’re either stuck with a phone that doesn’t work to call, doesn’t have a working camera, etc, with mainline linux, or an android kernel that doesn’t a support the usual linux software stack and has to run something like ubuntu touch (ubports) which is great that it works, but because its ubuntu’s software stack and an android kernel, you can’t run things like gnome-mobile or other traditional linux software like flatpak apps like postmarketos can.
The main problem I’m finding is: ubuntu touch apps have to be specifically built for ubuntu touch, you can’t just grab a flatpak app like you can with postmarketos and a mainline kernel. So the app ecosystem is really lacking vs running a mainline kernel, but then of course your hardware won’t work like camera, volte, etc.
I just want a working linux phone that has access to the apps we’ve come to love, and I feel like running 2 kernels is the way to achieve that until we get more people mainlining hardware support for all the various cell phones.
Preemptively, one might question why someone would want traditional linux apps on a phone, but there’s a surprising amount of flatpak apps on flathub that are built with responsive design and scale fairly well to a phone screen/touch interface. So being able to use the same software you use on your desktop, on a phone is great!
Right, but my point is that the amount of effort required to just get the multikernel fully running on quirky phone hardware is quite a lot, and then you have to set up a lot of plumbing for both userspaces to communicate across kernels (i.e. you’ll have to write driver shims for a lot of things). It is probably easier to port software to ubports.
Yah, I mean, thats true. I guess I was hoping the multi kernel thing would be more of a 1-time development effort that would work across phones, so once you got it set up it would help all phones accomplish the same thing. I’m not a kernel dev though so I have no idea in reality how this stuff actually works under the hood.
But Qubes runs separate VM for diffrent functions to prevent compromised VM to do any harm for main system. For example halium kernel could have only access to camera so it won’t spread harm?
This is not about a qubes-like setup, it’s about a multikernel setup (no hypervisors, just two kernels running on the same hardware in parallel). Both kernels have full ring0 (=EL1 on aarch64) hardware access in that case.