OS virtualization and emulation on Android
Android devices have the ability to run virtual machines or emulate other operating systems. It does this either via desktop virtualization, platform virtualization, or emulation via compatibility layer.
Desktop virtualization
Desktop virtualization apps are the least resource and space intensive compared to other virtualization types, since the Operating System that is being displayed on the Android device is actually located on another computer on the local network or elsewhere like on the internet.[1] Depending upon how the desktop virtualization app works, they use RDP or can use another protocol of their own. Most business oriented desktop virtualization apps require specific types of equipment or services in order for the app to fully function. For example, VMware Horizon Client requires specific VMware equipment for the app to work.[2]
A major downside that desktop virtualization apps have compared to other types of virtualization or emulation technologies is that they require a network connection to the server as stated previously above.
Platform virtualization
Platform virtualization allows more leverage to the developer as anything that relates to the guest operating system only affects the guest operating system, and not the host operating system. Due to this it is possible for the guest operating system to be rooted, where as the host operating system remains unrooted.[3][4] Due to the nature of platform virtualization and the fact that it can virtualize a rooted guest OS, it has a greater advantage over emulators as it can run applications or utilize packages that require access to the underlying system itself.
As with all platform virtualization software and applications, they take up a lot of resources of the host in order to do the virtualization.[4]
Emulation
Emulation of other operating systems
Emulation of other operating systems on Android require the usage of some form of compatibility layer, where the compatibility layer must utilize some form of technologies or APIs to run the OS inside of the app container. This does come with limitations as some emulators utilize PRoot which is a chroot like environment.[5][6] Unlike terminal emulators that emulate the internal OS with/without any extension package support, it can install actual (for example) Ubuntu packages, as it does not rely too much on the Android system limitations. However, not all packages and applications can run.
Terminal emulation of internal operating system
Terminal emulation of the Android device itself is done via either an actual local loopback to the device, or an emulation that seems to be a local loopback. Most of these terminal emulations of the device itself utilize the native terminal Toybox toolchain's library and functions that come with every android device.[7][8] However due to the fact that the majority of the functions that are readily available without utilizing a compatibility layer, means that Toybox functions can only be utilized.[9] In order for a user to add any other functions or libraries would require the user to root their own device and add the functions or libraries manually. Some of these terminal emulators allow users to enter Toybox commands implicitly, where those that don't require the usage of "toybox COMMAND".
With enhancements via semi-emulation
Some terminal emulators like Termux allow users to add packages. This is done via semi-emulating a different environment via the usage of PRoot and/or Toybox in the back-end.[8] With the semi-emulating, some predefined ported packages can be used and installed without the need of rooting the device, as they do not utilize Android system files, and reside and run in the apps' own data containers and directories.[10] Because Toybox is used mostly in the back-end, it depends on how the app was developed, for Toybox to be accessed from the semi-emulated enhanced terminal.
Limitations
The majority of limitations are seen in emulation-based apps rather than the platform virtualization based apps, as the emulation apps must utilize a compatibility layer. Thus for libraries and packages to work as expected like in a real OS, the compatibility layer must work properly and must be able to provide accurate information. However, this requires that the compatibility layer or any predefined software it uses (ex. Docker) to have access to many types of system- and device-related information. This can either be done via Toybox or programing language libraries that Android apps can be made from (e.g., Java, C#). However, starting with Android 8, many new security restrictions have been placed on apps; due to these restrictions, some API libraries/classes are no longer available or have been replaced by more restrictive API libraries/classes.[13]
One of the known limitations that was implemented is that apps can only natively access only their own sandbox root directory or sub-directories on an SD card. Apps wanting to access files or folders outside that on the SD card, are required to use Android's own system file selector.[14] Due to this limitation, guest OSes running on, emulation, platform virtualization, or compatibility apps are no longer allowed to access files outside of their own SD card Sandbox.
The majority of these limitations can be bypassed by rooting the Android device. However, utilizing Linux via utilizing an emulator or virtualization app would be redundant at that point as one could turn the device itself into a Linux environment.[15]
OS internal security enhancements
More modern versions of Android have been seen having more internal system security enhancements, such that some system folders and files are no longer accessible or even viewable for that directory's existence. Versions of Android before 9 allowed terminal apps to view Android's root "/" directory (although not allowing modifications or execution). [16][17]
SELinux
Android utilizes SELinux; due to this, all system configuration files are not editable and some are not even readable.[18] Thus, apps can only utilize Android API's to learn about the device's or system's configuration or settings. However, not all information is available to apps; due to this, many OS compatibility layers or emulation apps are not able to run every package or application.
Here are some known applications and packages that are unable to run:
- Udisks2 requires udev which does not work well in most compatibility layer environments, as stated in the sub-sub-section below.[19][20]
- Snort
- Open vSwitch
- mininet (requires open vSwitch to run)
Here are some commands that do not work, due to SELinux:
- ip link show [21]
ADB, PRoot, $HOME and $PREFIX usage
Because all Android apps run in a non-privileged container space, the virtualization or emulation apps must utilize their own app space to do the virtualization or emulation.[22] This can be done either by ADB, PRroot, or the usage of $HOME and $PREFIX, however majority of these three are utilized by emulation apps as platform virtualization apps usually use different methods. Each of these is used for a different purpose. ADB is used for the emulation of a terminal-like environment for the entire Android system, but usually as an unprivileged user. $HOME and $PREFIX can be using $HOME as "~" and $PREFIX for ".". However, $HOME can not be set outside of the "/data/apps data space" directory on the Android file system, nor can $PREFIX be moved to another place like the SD Card.[23]
For emulators or compatibility layers to emulate or virtualize a Linux-based OS on Android, PRoot must be used.[5] However, when PRoot is used, the environment inside of Proot can act like a Chroot environment, and/or a separate mounted environment.[24][25] In this scenario (especially in the case of compatibility layer and emulator for Guest OSes), there are packages and applications that can not run as they were never designed to run inside a chroot like environment.[6] Some of these are well known, prominent packages, applications, or commands, including the following:
- Systemd
- Libudev (Works along side with Systemd).[26]
- Init
- Mutter (software) relies upon systemd
Alternatives
Due to the issue of SeLinux and PRoot, alternatives must be used and not all of the unusable packages or applications have alternatives. Being an alternative, they don't necessarily have all the functions of the original packages or applications. Some of these alternatives include:
Android itself being a modified Linux kernel
Because Android is a modified Linux kernel, not all configuration or system files exist or are the same in Android.[27][28] Because of this, emulation apps either need to provide either their own version of the configuration or system files in the application's data space, use a pre-modified distribution of ported Linux libraries that do not require the usage of the missing configuration or system files, or not support the usage of those packages. Some well known configuration and system files that are not in Android include:
- /etc/resolv.conf[23]
References
- Evans, Jonny (2019-01-28). "How to run Windows 10 on an iPad Pro or on Android". Computerworld. Retrieved 2019-11-20.
- "Published Apps | Horizon Apps". VMware. Retrieved 2019-11-20.
- site, A. Word From Our Sponsors 308 posts see posts > XDA thanks its sponsors for supporting the (2019-08-08). "VMOS Lets You Run a Virtual Android Machine on your Phone". xda-developers. Retrieved 2019-11-20.
- Doffman, Zak. "Huawei Mate 30: New Google Play Option Is Here". Forbes. Retrieved 2019-11-20.
- "AnLinux : Run Linux On Android Without Root Access - Apps on Google Play". play.google.com. Retrieved 2019-11-21.
- Farmer, Braden (2017-01-28). "Guide: Installing and Running a GNU/Linux Environment on Any Android Device". xda-developers. Retrieved 2019-11-21.
- "Standalone Toolchains | Android NDK". Android Developers. Retrieved 2019-11-20.
- "README - platform/external/toybox - Git at Google". android.googlesource.com. Retrieved 2019-11-20.
- "README - platform/external/toybox - Git at Google". android.googlesource.com. Retrieved 2019-11-20.
- comments, 15 May 2018 Paul Bailey Feed 178up 5. "Termux turns Android into a Linux development environment". Opensource.com. Retrieved 2019-11-21.
- "UserLAnd, a Turnkey Linux in Your Pocket | Linux Journal". www.linuxjournal.com. Retrieved 2019-11-20.
- To, Mayank Sharma How. "How to install Linux on an Android phone". TechRadar. Retrieved 2019-11-20.
- "Android 9 Release Notes". Android Open Source Project. Retrieved 2019-11-20.
- "Android 10 Release Notes". Android Open Source Project. Retrieved 2019-11-20.
- "Installing Linux on an Android Phone". Red Hat Developer. 2017-03-16. Retrieved 2019-11-20.
- "Partition Layout". Android Open Source Project. Retrieved 2019-11-20.
- "Android 9 Release Notes". Android Open Source Project. Retrieved 2019-11-20.
- "Security-Enhanced Linux in Android". Android Open Source Project. Retrieved 2019-11-20.
- "Apt-Get Install failing - Udisks2 Permission Denied error leads to lots of DPKG error · Issue #992 · CypherpunkArmory/UserLAnd". GitHub. Retrieved 2019-11-20.
- "[Full Tutorial💻] Install Parrot OS On Android". AndroPalac.com. 2019-10-09. Retrieved 2019-11-20.
- "How can I change MAC address on Android devices without Root?". ResearchGate. Retrieved 2019-11-20.
- "Android 9 Release Notes". Android Open Source Project. Retrieved 2019-11-20.
- "Differences from Linux - Termux Wiki". wiki.termux.com. Retrieved 2019-11-20.
- "Ubuntu Manpage: PRoot - chroot, mount --bind, and binfmt_misc without privilege/setup". manpages.ubuntu.com. Retrieved 2019-11-20.
- "Debian -- Details of package proot in sid". packages.debian.org. Retrieved 2019-11-20.
- "udev - ArchWiki". wiki.archlinux.org. Retrieved 2019-11-20.
- "System and kernel security". Android Open Source Project. Retrieved 2019-11-21.
- "Does Android really use the same kernel as Linux?". Unix & Linux Stack Exchange. Retrieved 2019-11-21.