If you aren't building AOSP for Nexus or Pixel phones, none of this is relevant and you aren't really impacted in any way by the way they handle this. If you're building AOSP for anything else you wouldn't have a use for Google's internal Pixel vendor source tree.
Conversation
There are vendors making it a lot easier to build AOSP for their devices than Pixels. It's a misconception that Pixels are the easiest devices to support. Also, the devices moving immediately to the new major release on day one makes it harder, not easier, since you have to move.
2
3
Since they stop publishing factory images and device support code for the previous major release. With your own device, you control your own destiny in that regard. AOSP supports each major release for 3 years and your vendor updates won't require a new major release of Android.
1
2
Without your own device, simply targeting ANYTHING other than a Pixel, since the OEM takes longer to migrate you have a lot more time to port your changes and get your fork of AOSP ready. Treble also allows moving to a new major release without device support code being updated.
1
1
Pixels make this hard, since they move immediately, right when the new OS you need to port your code to becomes publicly available, and they immediately drop support for the previous major release. Treble means AOSP is backwards compatible with device support code, but new device
1
2
support code isn't backwards compatible with an old version of AOSP so we can't simply continue having GrapheneOS based on Android 10 while shipping Android 11 device support code. Forced to migrate rapidly which is extremely difficult. All of this is caused by targeting Pixels.
1
2
Our long-term goal is to be targeting custom hardware in collaboration with organizations like Calyx, where hardware is produced to suit the needs of multiple projects. Would no longer have these issues regardless of how much SoC vendor code is open + can take time to migrate.
2
1
5
+ even if SoC vendor code isn't open, at least we'd still get to audit, modify and build most of it internally including a lot of the SoC firmware. Maybe there would be an SoC vendor with decent security and open source device support code at that point - right now, not really.
1
1
I mean Librem5 and Pinephone type hardware with the only chailnge being the addition of a proper TPM stack for secure boot stuff would still mean a very small number of blobs and worlds easier to maintain AOSP for than anything that exists today.
2
2
TPM is immensely flawed and would not be a substitute for having decent SoC security and actual verified boot. Also, it's hardly as if verified boot is the only thing missing from there. Way too much focus on that as if it's the only issue brought up with it. Also mixing issues.
1
You go from comparing hardware and the device support code from those vendors to comparing operating systems, etc. I don't really know what we're really having a discussion about. You seemed to be talking about putting AOSP on this hardware but then you switch to stuff like this.
If we thought there was better hardware available, we would target it. As you seem to be aware yourself, Pixels are a hassle during the yearly major version migration because temporarily using the previous release isn't a real option so there's an insane workload to migrate fast.
1
On the other hand, implementing proper AOSP support for a device not intended for it and without support from the OEM would be far more difficult than nearly any option that's available... and you're talking about hardware missing so much functionality particularly security-wise.
1
Show replies
I think first party AOSP on h/w -similar- to those (+ all the h/w required for proper verif. boot etc) would be super interesting.
Until then I think using them as-is as basically feature phones serves my threat model and time better than fighting Google to support Pixels.
1
If I had a reliable AOSP path that doesn't take hundreds of man hours to maintain and require endless blobs no one has time to audit I would use that.
Since that doesn't exist, I am trying to find the least bad hardware I can have a maintainable feature-phone OS on today.