On 2019-10-16 11:57, Jin-oh Kang wrote:
Sorry I might be out of touch, but can't you just install Android directly on your HVM without a container? Anbox is meant to run Android *without* a hypervisor like Xen which is the whole point of using Qubes. Anbox does allow you to run Android under PV/PVH but that sounds just as absurd. Plus if the Android system you're trying to emulate is ARM-based there's no advantage over running a plain Android emulator on QEMU.
There is an issue, at least with the Andoroid-x86 distribution when used under Xen, in that the Android installer can't even see the Qubes disk space as to partition and install the android system. This is due to the specific Xen driver support not being recognized by the Android installer, so the fix required is not within Qubes. Likewise qemu isn't going to work to resolve a missing system disk. As I see it, one can can either recompile Xen to provide a different disk type, or recompile the Android-x86/installer to recognize a new disk type. The funny thing is they used to work together before Xen changed how they did this particular driver. I actually had one running under Qubes 3.0 but lost it around the R3.1 time frame.
Anbox looks like it might be worth a shot if someone really wants to work with android apps, and having a disassembler/debugger within the same AppVM would be possible as well. At one point I was wanting to do some security analysis of a few specific android apps in my free time, but figuring out how to get Android to install again took too way too much of my time, and it just was not worth it.
At least with Anbox you are starting from a bootable system and simply adding executables to it, so that is a much more reasonable approach rather than perhaps recompiling Xen and causing all kinds of potential issues with Qubes general security model. Since the Qube that Anbox runs in is confined to just that AppVM its still isolated from the rest of the Qubes system and doesn't break that security model. I may just dust off that old project and take another stab at it using Anbox when I find some 'extra' time on my hands.
-- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/95e97e1b-6035-7157-6273-860d4aec103e%40jhuapl.edu.
