Hi Alison, Thank you very much for giving a good instruction! On Fri, Mar 9, 2012 at 3:58 PM, Alison Chaiken <[email protected]> wrote:
> Hui Zhang asks: > > One big target of our project is TV vendors, and they strongly wish Mer > can support android apps. > > I had a contract to work on the graphics stack of an Android > virtualization product for a startup this fall, so I have thought a > lot about how to solve this problem. The most impressive solution > I've seen is the one that MontaVista presented at ELC-E last fall: > https://lwn.net/Articles/465316/ > > MontaVista's lxc- and cgroups-based approach is potentially fast, > secure and stable. They already demonstrated running sandboxed > Android apps that way. The big advantage of the newer lxc over the > ancient chroot that so many of us in the MeeGo community used is that > it allows quite granular permissions and resource allocation via the > cgroups, so any tendency of malicious or just poorly written apps to > bring down the host is minimized. Use of a container rather than > a full VM means that exposing the hardware capabilities of the system > to the guest processes should be considerably simpler. > > The video of Lappalainen's talk is also posted: > > http://free-electrons.com/pub/video/2011/elce/elce-2011-lappalainen-secure-virtualization-automotive.webm > The author sent me his slides, so request them from him if you want > to see them. > > I had nothing to do with MontaVista's implementation, but am just > impressed by it. I'm not sure if there is anything special about > their particular approach, as lxc and cgroups are part of Linux, and > anyone could implement an Android virtualization solution that way. > > Hope this helps, > Alison > > -- > Alison Chaiken > (650) 279-5600 (cell) > http://www.exerciseforthereader.org/ > "Laws only declare rights; they do not deliver them." Happy Birthday, Dr. > King. >
