 Hello, I am Kumar Sukhani going to speak about LXC on Android. It is basically running two different Android simultaneously using operating system level virtualization. So what is the motivation of the project? I want to ask you what is the common point in every project motivation? What do you think? So jokes apart, my younger brother takes advantage of when I am asleep, uses my mobile to access my phone's personal data that is videos, photos and all those stuff. So what I need is a security. And the same similar thing I observed that enterprise is dealing with, like enterprise is allowing their employees to use the mobile to connect to the intranet. The employees has the emails, meeting scheduled and the discussion and all those stuff on their mobile. So any external person can get the information of the company enterprise and can use it for its own purpose. So what we need is that a secure Android environment which can reduce these things because let's consider the fact that when you are using your mobile, your mobile has everything like your mobile knows with whom you are contacting, what you are doing, what are your trips, where are you traveling, what application you use, what stuff you like and everything. And when it comes to employee companies then the company information all is also there in the mobile. So like we can lost our mobile or we can share our mobile with other people. So the enterprise don't want us to do this. So what we need is a solution in which we can isolate these both stuff like you have different environment for the personal stuff and different for your work purpose. So what I introduce is operating system level virtualization. In operating system level virtualization there is a hardware over which a Linux kernel is running and it has been installed with a host OS running LXE. LXE is nothing but a set of tools which take advantage of Linux kernel like Linux kernel provide few security features, resource sharing and resource isolation. So it takes advantage of the Linux kernel and allows us to run other operating system which might be Ubuntu or maybe Fedora as processes which share resources all with the other OS running on it and they are isolated. So it provides isolation through namespace. Namespace is a similar concept we use while naming in the like while we are doing coding like we use namespace to differentiate different things. So the isolation in LXE represents that I have PID 1, PID 2 in each OS. So the namespace will allow us to use the same PID 1, PID 1 in each container. And maybe the similar things are there. Maybe we can say that init process is there for each OS and all those stuff. And the sharing like we have to share all the resources we have limited memory. So Cgroups allows us to share the resources among them and SC Linux provide the security. So LXE is a complete conceptual operating system level virtualization which is there for desktops. And it actually supported by the mainline kernel. And as the Android kernel is a forked version of mainline kernel. So I can use it here also with few changes. So here is my architecture. I have hardware, Linux kernel and LXE. So I'm using busybox as an host OS. It can be a full-fledged complete Linux OS. It can be full-fledged Android OS also. But for now, I'm using a busybox. Like it allows me to trigger a few commands only. It does not have GUI and anything. So when I then LXE start, then the first OS boots up, which I can see Superman and second Spiderman and Batman. So I am currently running a busybox host OS and three different isolated Android OSes simultaneously. So there is a problem in this because the Android was designed in such a way that it can run only one OS at a time. So let's say the Superman triggers a refresh, then the screen of the Superman. Like it has its own buffer, screen buffer. So it gets refreshed and even the other is also refreshed. So that we don't want to do. Even if Batman refreshes its screen, then screen of both is refreshed. So what we need is a driver virtualization. Talking about with drivers like Linux is a fork, Android is a fork version of Linux kernel. So for doing optimization, it has introduced few drivers. The frame buffer driver, the screen driver, the input driver, ashmam and alarm driver and all those stuff. So this all driver needs to be virtualized so that the kernel knows that there are multiple containers running and they should know that who is sending the request and all that. So I introduce the concept like foreground OS and background OS. So the Superman is foreground and Batman is a background. So when Superman runs the refresh command, refresh like doing anything on the screen, then only the screen of Superman is refreshed and the Batman doesn't do anything. Batman is only running its own processes in the background. So when the busy box can run a command of switch to Batman, like now the Superman is at background and Batman is at the foreground. So if Batman running the refresh command, then only the Batman screen is refreshed. So like if I am running an application on Batman, then the Superman will not respond to those touch events or even it will not get refreshed. It will do its background processing and it has its own retained memory which is in background. Like you will not get it in display, but the kernel has its own memory allocated to it. So now going to demo. I have started the busy box on the emulator. One second. If anyone knows deep inside the Android OS, then you can see these are the only kernel processes which are running, nothing else. And ADBD is running. ADBD is running to communicate with my laptop. So these are the only and these are the shell, I am running and bash. So I can start first OS by running this script file. Start Jelly Bean. So the Jelly Bean is booting in the background. So the command I run is remounting all the blocks for read write permissions and setting my path of busy box and LXC and running LXC start. This LXC start, I have to give two parameters. One is the name of the container and other is a configuration file. And so in the configuration file, I have to mention various things like root FS file system, where is the file system kept and the C groups and the mount point of LXC and the devices LXC will be using. Like we have lots of device drivers. So we can restrict the drivers and OS can access. So you can see the dot allow is equal to C1, 1, colon three. So these are the major minor number. So what 29, 0 is for the frame buffer. This is the 29, 1. 29, 0 is for my host. 29, 1 is for my container one, like OS 1, which is Jelly Bean. And the container two will be ice cream sandwich, which I will be running next. So my Jelly Bean is booted. I will show you its version. It's 4.1. And now I can start another OS also to switch, I have written an application in which I like, I have to run this in background, like running as in service or something so that only clicking and button I can switch it. Currently it's not done, so I have to open the application, press power up to switch to another. So it will now display the Android of ICS. So you can see that here I have given LXC start, Android three and config three. And in config three, config three, I have changed the root FS to two to three and I can even set up the network that I have not done currently. And for the frame buffer, you can see I have given 29.2. So with the major miner number, the kernel identifies from where the request is coming. If it's coming from 29.1 and the container one is in the foreground, then that only or the request is served. And if it's coming from 29.2 and if it is in background, then it will discard. Like refreshing with discard, but it will do its rendering and all those stuff. And even the input is not responded. If I am clicking, then the request will be sent by only 20, like the container one. The container two will not get any interrupts related to the input, like the screen is touched or something or button is clicked. And even I can show you that the list of processes has increased. So see the init of the host has been, init is for container one, has been init for container two. So three init are simultaneously running and the PID you are seeing is actually virtual PID. If I go inside the container NFA, check the PID of slash has been slash init, then it will display as one. So ICS is putted because of emulator, it's very slow, but when it will be on phone and if all the drivers are virtualized, then it will be as fast as our single OS. I will show you the figures. So this is ICS and even I can switch back, moving to presentation again. So these are the performance figure. When I'm running only busybox, then the time to run an instruction is around 315 nanoseconds. And if I run a complete host, then it's around 450. And if I'm running a busybox and a container, then it's 470 something. And if I'm running a busybox with two complete OS, which I'm currently doing, it's around 485. So the headache is not much because it's like two X processes running, not a two isolated OS are there, but conceptually if you see, the kernel is only one, the driver set is only one, and the two OS are controlled by only one kernel. So the overall virtualization, like the middleware which comes is very lightweight, and it will not increase the timing of running an instruction over it. So the use case may be running, having an personal phone and a business phone simultaneously, and you can switch off or on any of the OS at any time you want. And the business OS can be kept as encrypted totally, and it can be restricted. And even we can do things like the business OS is only like a thin client kind of stuff because we don't want anything to be stored on phone because once it's lost, then all the information can be accessed by the third person. So because of that, the business container can be kept modified as per requirement of the industry. And even I can run multiple OS, like Ubuntu touch is there, and Firefox OS is also coming, any of the Linux OS and Android is always there. That this thing I can do because all of them are running the same kernel and everything supports LXE. And LXE is growing. Like other LXE communities working on it. So the more and more LXE develops, the more useful this stuff will become. Any questions? Hello, my name is Vijay Anand. And I wanted to know, what is the impact on the battery performance? Like say you have it on device. Battery performance will not like the second OS, which is running, it is running in background. So it's not actually doing much of the processes. Even if things develop, I can do things that the background processes, even I can switch off. Because the container is not doing anything that so the battery performance will not give any issue. It will be the same as the Android gives currently. I think so there will be an impact, right? Because display, even though you are refreshed with the example which you mentioned, it's only the last moment which is right into the display, you are blocking it. So that means there is some processing happening in the background, even which shows by the instruction when you are running busybox with the two containers. No, there is a delay, right? So there is a battery impact also, right? Like the performance figure speaks that the performance is not, the performance seems very much similar to running a container and running two containers. So the background OS which is running, it's only, it is taking the CPU processing, it is not taking other resources. The screen is the one which takes most of the battery of the OS and even the external device like Wi-Fi, Bluetooth or GPS. And these devices takes most of the battery. And if you sleep the OS, then it will not take much of the CPU. And even the CPU, the battery used by the CPU is very much less compared to these other four devices like mobile, the sensors we can say. So when you switch across, so the OS will be going to sleep mode or external? Currently, it is not done that much efficient that the OS is currently going to its sleep mode, it's similar optimization which Google does. Like when a process goes in background, same thing my OS is going in background and it will only do processing which, like you open few application, those application will do those processing and not complete OS is doing anything. Like it's limited to similar two X processes which I want to say. It's, you don't, for the kernel, it's not like two complete OS. It's like two different, like here is the init, there is the init. So two init are running for the kernel. So it's kind of two X processes, consider that thing. My name is Srinivas, I have a question. You have to run the processes on the same kernel, right? If you have two OS or different versions of kernel, you may not be able to do that, right? What? You may not be able to port two different OS if they are using two different versions of kernel. Actually, I don't really know how they are working. Like I have seen that when Samsung or any other mobile manufacturer upgrades the phone, it even upgrades the kernel also. So I don't really think that whether the ICS, like Jelly Bean will not work on the older, like it should support because the system calls required for everyone is similar. So it really doesn't matter, according to me it will matter only to optimization which Linux developers are doing. Like currently if you see you can even run and Ubuntu on 3.0 and Ubuntu on 3.10 also. So same is the case with the Android. It's nothing different. It's like another flavor of Linux. Okay, you haven't tested this on a real device, have you? No, I have not worked on the devices. Currently I am using 2.6 kernel for Jelly Bean also and for ICS also and even I can run Gingerbread also. So I really don't think it will matter because the stock OS is same and the difference is totally related to optimizations only. Yeah, that's the case for Android but say you want to run Android and Firefox OS or Android and Ubuntu. I think so they will continue support of the main line. If we talk about the Linux main line OS and Android OS then the Android OS is extended version having the same kind of features with few extra drivers which are totally optimized for having it on mobile. So I think so you can do this stuff like even you can get some applications like I have done it on my mobile. There are a few Linux on Android. There are a few such projects in which you can run Ubuntu directly on your phone. It's like it's using CHroot which is similar to LXC not similar but kind of similar to LXC. So if CHroot can run Ubuntu on my phone then I can run Ubuntu through LXC also. Hi, Shreyas and I think what you've done is extremely cool. So give your hands for that. So what I wanted to ask you was how soon do you see this being adopted and let's say whatever example you gave with the enterprise and in that kind of. Actually the big issue in this is like changing. The first thing I want to want is having a unified kernel for everything like having support of this in the main line. Currently it's not there. I have done it. So the main line should accept it and the Android kernel is not in the main line. So this is the major hurdle in this. If that is done then easily you can do it yourself also copying the stuff like copying the root FS and running the stuff. But current trend is like you have to give me your mobile. I have to check the latest kernel available and I have to make changes and I have to port it. So I have seen the development in the open source. It's like before Alexi there was open VZ. So the open VZ proved that operating system level virtualization is very much useful. After that the Linux developers they started supporting Alexi which was rewritten according to the kernel. So the first thing you have to do is you have to prove that what are you saying is correct and people will use it. And if you do that then only the people will start supporting you. And if you cannot do this then like it will be not used by anyone. So I started this to show that this is useful stuff and this is required in the future. Not now maybe in next one or two years. So and everything you see in the market the every company is trying to introduce something different so that they get advantage or focus on themselves. So I started this because this is a future I think so. And if it doesn't fit in some use case maybe in another use case we can use but virtualization on Android is like a new stuff which we needed. And I think so the Android is developed so much in the future. The embedded devices will directly have the Android itself like I have seen the projects like JRuby, Jpython, most of the JVMs and other stuff are being ported on Android. And these are like for them it's like an embedded device only. So future embedded device will have this. So I wish you all the best and if you could share the details on how to collaborate or something maybe then it could take a while. I have few slides to say about this. Next. Hello. Hi, this is Rajat. I've got three questions for you. One is about the process management it's in. Say for example you're running a music layer on one voice on one voice and you switch to the other voice. What happens? Currently the sound driver is not virtualized. So for doing that stuff I need a sound driver's virtualization done. So whatever like currently I have done only two devices input and display driver that only. If you talk about the other device like if you speak about Wi-Fi, if you speak about GPS then it will not work. Maybe the zygote will not respond properly or maybe both will try to access the same device and some different stuff will happen. Maybe the OS will crash. The second question is actually related to that. Say for example you enable GPS on one OS and you switch to the next OS. What happens then? Actually I now ported this on my phone and the GPS on the emulator is useless using it. So I don't know. The last question is about memory management it's in. You have just talked about performance based on CPU right now. What happens say for example you're running two OSes and there is a lack of memory in one OS because it's in the background and what happens? I really don't have the figures currently but like I was checking through the console then there was not more than 1.5% increase in memory requirements. Like I am running two OS but it will not increase because the few stuffs are in kernel. So that stuff will manage the containers itself. I think so like I have not done that much. Like this was my BE project in my final year. So like I am not working on this full time so most of the question I cannot answer you. I can just give you overview what might be the case. Thank you. So for development... I have two questions for you. How many OSes do you think is it compatible with it? How many OSes can you... Until all the containers use up your whole RAM. Like currently I have tested only two because it's an emulator but as per the LXC standard like you can run unlimited OSes until you have that much memory to run it like. And if you have too many processes running in your background wouldn't it make the phone slower, the OS slower? Obviously because the newer processes which want memory will not be there. So there will be a like swiping and swipe out of the pages and all those stuffs. So that thing is to be taken care and the like if it is an complete product then the product will guide you how much OS it will support or something like that. Thank you. So for development of this I want like investors or collaborate with companies which are working on similar things like mobile security or mobile mobility management or something or even a few developers if they want like if they feel this is cool then they can contribute to this. So you can contact me on my email ID, my Github account I have a YouTube channel also or you can actually search Alexei on Android you can get my channel's name or maybe my contact number also. I have a Facebook page also. Thank you.