refer to shims as fallback code to simplify
This commit is contained in:
parent
3d6f9ef0ce
commit
c9dbcca1ab
@ -682,11 +682,11 @@
|
||||
services), com.google.android.gsf (Google Services Framework) as regular sandboxed
|
||||
apps in a specific profile. These receive no special privileges and the OS itself
|
||||
doesn't use them for anything. They run as unprivileged, sandboxed apps like any
|
||||
others. GrapheneOS simply provides shims teaching them how to run without any of
|
||||
the special privileged permissions and SELinux policy they depend on having. Even
|
||||
within the same profile, apps not explicitly choosing to use Google services won't
|
||||
use them because the OS doesn't integrate support for it or use it as the backend
|
||||
for APIs in the OS like the stock OS.</p>
|
||||
others. GrapheneOS simply provides fallback code teaching them how to run without
|
||||
any of the special privileged permissions and SELinux policy they depend on
|
||||
having. Even within the same profile, apps not explicitly choosing to use Google
|
||||
services won't use them because the OS doesn't integrate support for it or use it
|
||||
as the backend for APIs in the OS like the stock OS.</p>
|
||||
|
||||
<p>You should install all 3 apps including the Play Store rather than only Play
|
||||
services or there will be missing functionality. Play Store is not simply a user
|
||||
@ -714,24 +714,23 @@
|
||||
|
||||
<p>The Play Store app cannot install and update apps as it normally would since it
|
||||
depends entirely on privileged permissions for unattended app installation,
|
||||
updates and removal. GrapheneOS currently includes partial shims to make this
|
||||
partially work. It's currently unclear if we'll flesh this out and include it in
|
||||
the production version of this feature or whether we'll drop it and simply have
|
||||
people use Aurora Store with the Play Store only installed to provide APIs used by
|
||||
apps using Play services.</p>
|
||||
updates and removal. GrapheneOS includes a partial implementation of fallback code
|
||||
to get this working. It currently isn't fully wired up and leads to the Play Store
|
||||
stalling and needing to be force stopped. For the time being, it's easier to use
|
||||
the alternative Aurora Store frontend to the Play Store.</p>
|
||||
|
||||
<p>The core functionality and APIs are almost entirely supported already since
|
||||
GrapheneOS largely only has to coerce these apps into continuing to run without
|
||||
being able to use any of the usual invasive OS integration. Certain functionality
|
||||
is not yet supported. Play Store feature delivery and Play services functionality
|
||||
delivered via dynamite modules are not supported yet. Shims will be required to
|
||||
make this work without depending on weakening SELinux MAC and MLS policies to
|
||||
permit it like the stock OS. The current generation Maps API is a common example
|
||||
of functionality depending on a dynamite module.</p>
|
||||
delivered via dynamite modules are not supported yet. Fallback code will be
|
||||
required to make this work without depending on weakening SELinux MAC and MLS
|
||||
policies to permit it like the stock OS. The current generation Maps API is a
|
||||
common example of functionality depending on a dynamite module.</p>
|
||||
|
||||
<p>Since there's no OS integration beyond shims to make it function without any
|
||||
special privileges, there isn't a way to launch the settings activity. We'll need
|
||||
to make a tiny app providing a way to launch it.</p>
|
||||
<p>Since there's no OS integration beyond fallback code to make it function
|
||||
without any special privileges, there isn't a way to launch the settings activity.
|
||||
We'll need to make a tiny app providing a way to launch it.</p>
|
||||
</section>
|
||||
</main>
|
||||
<footer>
|
||||
|
Loading…
x
Reference in New Issue
Block a user