Relation between Android version and Linux kernel versio

by loic » Mon, 27 Sep 2010 20:04:50 GMT


Sponsored Links
 Hi,

I am looking at Android security at the moment and particularly at the
possibility to prevent the exploit of Linux kernel bugs.
I am wondering how the software update process (and particularly the
kernel updates) works on the phones.
There are several versions of Android (1.5, 1.6, ..., 2.2) and several
version of the Linux kernel (2.6.27,..., 2.6.32)

- Is there any link (for all constructors) between the Android version
number and the Linux kernel version number ?
- Once a flaw is detected in the Linux kernel and a patch for that
flaw is integrated in the Linux kernel, how is this patch sent to the
phones (if it is at all) ?
- Is the end user notified that he should install this new update ?
- Are the software updates signed in any way to protect the user
against "false" updates ?
- Is this update process the same for all phone vendors
(HTC,Samsung,...)?

That is a lot of questions but I couldn't find any good documentation
on these points on the Internet.

Any help or suggestion is very welcome !

--



Relation between Android version and Linux kernel versio

by Jan Niggemann » Tue, 28 Sep 2010 15:39:41 GMT


 Hi Loic,

you partly address my concerns.

2010/9/27 loic <loic.habermac...@gmail.com>

This IMHO highly depends on manufacturer, carrier and android version.
As for the distribution: AFAIK some android versions can be updated OTA.
Are phones patched at all? No, if manufacturers don't release updated
firmwares, security issues are likely to remain unfixed.

- Is the end user notified that he should install this new update ?
That would be really cool, but no. There is no notification mechanism,
because manufacturers more or less "cook" their own firmwares with their own
changes. This is called "fragmentation", it leads to the undesireable
problem that there are many different versions of android in the wild.
And that's not all, because the end-user has no means of even knowing there
is an issue to be addressed. May I refer to my earlier thread "Not a single
security 
announcement?"<


Sponsored Links


Relation between Android version and Linux kernel versio

by Chris Palmer » Thu, 30 Sep 2010 22:38:13 GMT


 The kernel is updated periodically, and released when new Android
releases are published. Additionally, patches make it into OTA
updates. Google only knows about and can update Google Experience
Devices; Google has no knowledge of or ability to update non-GEDs.

There is no necessary link between Android version and kernel version,
other than that both increase monotonically.

Yes, users are notified of updates. GED users with Froyo are getting
their 2.2.1 update now, in fact. Updates are signed.

Non-GED OEMs and carriers can ship updates however they like, or not
at all. Frequency of updates could be one factor that informed buyers
use to decide.

--



Relation between Android version and Linux kernel versio

by jan » Fri, 01 Oct 2010 04:52:27 GMT


 

The Samsung Galaxy S "with Google" I own is one of those.
Until now, it was never updated OTA (can you uptade Eclair OTA?).
Today it still does not have Froyo, let alone 2.2.1 that contains a
fix for the information disclosure bug in the browser.

Not true. They share big portions of code and the bugs therein.
And that's the reason I'd like Google to write release notes with
every update.
How am I supposed to know which bug in the vanilla Linux kernel made
it into the Android kernel?

True, but read above. That's one of the reasons I bought a Samsung
Galaxy S, but perhaps Google does not put enough pressure on Samsung
to release a new firmware.

But there should be release notes and security advisories regardless
of the device, as these issues are OS related and not device related.

--



Relation between Android version and Linux kernel versio

by loic » Fri, 01 Oct 2010 07:10:38 GMT


 Thanks for your answers. It is a bit more clear to me know.


That information is quite hard to get and to understand for the
average buyer

--



Relation between Android version and Linux kernel versio

by Disconnect » Fri, 01 Oct 2010 13:08:43 GMT


 





Just FYI, if you think back to the g1, OTA updates have been a part of
android since the very first device. (In fact, if it hadn't been a
requirement, the g1's crippling storage problems wouldn't be nearly as bad.
Literally half of the flash is unavailable, much of it to facilitate OTA
updating.) I believe as of 1.6 or so the majority of the code made it into
the open source project, although before that a few of us took the partial
code apart (mostly JF iirc) and worked out how to interface to it.

--



Relation between Android version and Linux kernel versio

by Dianne Hackborn » Fri, 01 Oct 2010 18:40:54 GMT


 



30% of the storage is used by the cache partition.  The cache partition is
also used for other things such as downloading media and apps.  (It is the
main storage for the download manager that is visible in the browser, which
performs downloads and manages the storage to expunge old downloads as it
becomes full.  Though the UI is in the browser, it is a separate facility
and also used for example by Market to download apps.)

-- 
Dianne Hackborn
Android framework engineer
hack...@android.com

Note: please don't send private questions to me, as I don't have time to
provide private support, and so won't reply to such e-mails.  All such
questions should be posted on public forums, where I and others can see and
answer them.

--



Relation between Android version and Linux kernel versio

by Disconnect » Fri, 01 Oct 2010 19:33:24 GMT


 30% is "much of" 50% :) Also, looking way way back at
 http://andblogs.net/fastboot/ :
*userdata*: 76 megs, Holds all the user applications and data. Reset the
phone to factory by erasing it. (Sometimes referred to as ata
*cache*: 70 megs, supposed to be temporary storage (/cache) but actually
never used except by T-mobile OTA updates.

So as far as the user is concerned, it is half of the available storage.
(And yah, if that page still mattered I'd update it to reflect the fact that
newer OS loads did more with it.)

To properly rephrase:
Literally 1/3 of the onboard flash was reserved purely for OTAs, although
later OS versions used it as scratch space for downloads and such. (Nearly
the same amount as was available to the user to begin with.)






>



Relation between Android version and Linux kernel versio

by Dianne Hackborn » Fri, 01 Oct 2010 22:01:07 GMT


 



Ah, okay, I misread you as blaming the cache for taking 50% of the space.
 Sorry about that.

To properly rephrase:

Cache has *always* been used for other things.  It's not like the browser
and Market had some other magical place to put their downloads.

Anyway, this is a silly discussion.

-- 
Dianne Hackborn
Android framework engineer
hack...@android.com

Note: please don't send private questions to me, as I don't have time to
provide private support, and so won't reply to such e-mails.  All such
questions should be posted on public forums, where I and others can see and
answer them.

--



Relation between Android version and Linux kernel versio

by jan » Sat, 02 Oct 2010 07:01:01 GMT


 

I hope you do not mean this whole thread and just disqualify the cache
issue on the G1?

--



Other Threads

1. Please explain View.addFocusables

I'm creating a custom component.  The child components are not acting
as expected in regard to my custom components re-acting with its
siblings.

On investigations to solve this I came across View.addFocusables and
View.addTouchables.  These may help me, but I'm not really sure how
they're intended to be used.  Can anyone provide a better description,
or example, of how these are intended to be used?  A dig around on
Google revealed nothing :-(...

Any explanation - or links to pages I couldn't find - much
appreciated.

Cheers - Nigel
--~--~---------~--~----~------------~-------~--~----~

2. How to make a RotateDrawable actually rotate?

Hi,

I've been struggling to find out how Android's animation framework
works, as it's basically undocumented. What I want to do is create a
custom rotating spinner graphic (similar to an ajax loader).

Now, I looked at how the framework uses RotateDrawable, and basically
copied the XML used to define such a drawable.

But, when I set this drawable as an image resource or background, it
remains static rather that performing the rotation. So how to I
trigger the rotation? There is a class called RotateAnimation, but it
asks the same things off me (e.g. rotation degrees, pivot) that I
already defined in the RotateDrawable... that can't be right I guess?

So how do I trigger the rotation of a RotateDrawable?

Thanks in advance,
Matthias
--~--~---------~--~----~------------~-------~--~----~

3. Dialog cannot fill whole screen

4. How do I delete an app from 'All Android Market listings'?

5. ListView and onItemSelected

6. We can't add the resources in framework???

7. Android on HTC shift