El martes, 12 de mayo de 2015, 17:36:12 (UTC+2), [email protected] escribió: > On Tuesday, May 12, 2015 at 9:15:45 AM UTC-4, Mark B wrote: > > ####### > > # 4.1 # Let the browser become an app > > ####### > > If the browser would be an app, with its own Gecko-Engine, it would be a > > lot easier to apply updates because the whole OS can stay unchanged and > > just the app needs to be updated over the marketplace. > > So the device manufacturer has to do nothing and updates can be applied > > by Mozilla as fast as possible. > > But I could imagine that there is not enough RAM left on the devices to > > load another full version of Gecko but maybe I am wrong. > > While this is technically possible it's not easy to do, because the browser > "app" would still need to communicate with the gecko engine running the OS. > Right now that's not so bad because the two gecko engines are always the same > version and so cross-process communication is easy. If they are different > versions then we have to make sure that all the cross-process communication > protocols are versioned and that they can be used across different versions > of Gecko. This is currently not the case, and not trivial to do. > > > > ####### > > # 4.2 # Gecko security updates from Mozilla > > ####### > > Mozilla already integrated a update routine that can just patch Gecko > > and Gaia in Firefox OS ist is called 'Gecko/Gaia OTA updates': > > > > https://developer.mozilla.org/en-US/Firefox_OS/Building_and_installing_Firefox_OS/Firefox_OS_update_packages#Gecko.2FGaia_OTA_updates_2 > > This is interesting because this means that it is possible to update > > Gecko and leave Gonk unchanged. > > Leaving Gonk unchanged is interesting because Gonk is the hardware > > nearest part of Firefox OS. > > So if nothing is changed in the Gonk part, the device manufacturer may > > not needs to be involved. > > > > Gecko actually can be updated without reboot and in the background. > > The only 'problem' is that sometimes Gecko can not be updated without > > Gonk beeing updated. > > In this case a complete new firmware is necessary, which has to be done > > by the device manufacturer. > > But maybe Gonk does not need to be updated often if just vulnerabilitys > > are fixed. > > Updating the on-device Gecko generally requires recertification by the device > manufacturer and/or the carrier which is a lengthy process. The reason for > this is because gecko determines how the user interface (implemented in the > gaia layer) actually behaves. There may be bugs in future versions of gecko > that break parts of the UI, and the carriers/manufacturers understandably > don't want to just push these updates without verifying them first. > > I concur with you that having old versions of Gecko out there is bad because > of the security implications and we have been exploring solutions along both > of these options but I don't know if anything concrete has come out of it > yet. I'm not personally working on this problem so maybe other people can > provide more info.
I also agree this is a huge and awful issue. It's a pity that FirefoxOS is the only platform where Gecko is not always up-to-date. As you point out, the current problem is that the system updates include everything in one package (low level drivers, Rendering Engine, UI...) and that obviously requires some kind of certification. We have been pushing Mozilla and vendors to look for a solution for this, and after some initial discussions, it seems the best way forward would be: - Create an architecture that cleanly separates Gecko from vendor specific items - Implement a Gecko-only update mechanism - Let Mozilla manage those updates provided there are some guarantees critical functionality is not broken. Those conversations are still in a very early stage, so any input would be extremely welcome. Cheers _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
