I want virtualisation on my iPhone, and I want it NOW
You're holding the next virtual battleground in the palm of your hand
Analysis By turning computers into software, virtualisation can increase security and free us from underlying complex hardware. Systems can be deployed in moments, and we're offered much better efficiency and flexibility.
Which are all really good things, albeit things commonly associated with PCs and servers. But virtualisation would be just as good on smartphones. So where’s our virtual mobile? And what will it look like when it turns up?
ARM has had virtualisation extensions since ARMv7, but the ARM-powered world is nothing like the realm of x86. For a very large part of that latter market, x86 means more than just a processor architecture: there is a great deal of platform standardisation based on the mutant monster offspring of the original IBM PC.
Such a broad, well-documented set of standards makes it very possible for an x86 hypervisor to host any x86-compatible guest operating system or virtualised application efficiently.
Unfortunately, there’s no such common hardware underpinning for ARM systems.
SoC it to 'em, that's part of ARM's charm
At the hardware level, different ARM platforms, even those running common operating systems, present wildly differing selections of chips, memory maps, and peripheral configurations. ARM defines the instruction set and a few basic bits and pieces, but the individual manufacturers of countless system-on-chips (SoCs) ultimately decide where all the magic control switches are hidden on their silicon.
There’s some consolidation going on, as industry economics push engineers into using truly all-in-one SoC designs such as Samsung’s Exynos series - and some SoC architects like keeping things the same across generations, as that reduces the amount of time needed to develop the software that runs on the things.
But that doesn't mean you can download a virtualisation app for your phone that can easily boot a generic "ARM-compatible" OS on top of the operating system installed on the handset.
A stock x86-64 Linux, Windows or BSD will painlessly start up in your choice of x86 hypervisor, be it VirtualBox, KVM and so on. But you won't be able to do the same on your mobile: you won't be able to find a generic ARM version of those OSes that'll Just Work™ in a generic ARM hypervisor app – because no one can decide on a common, generic platform*.
Which is not to say that there isn’t room for multiple kernels on today's ARM-driven smartphones. ARM, the company, has been pushing its TrustZone concept as the preferred way it packages virtualisation. In short, it allows a secure OS to run separately from the operating system the user fiddles with.
In practice, this puts security-conscious tasks like crypto, payment systems and anti-piracy controls in their own hardware-protected virtual Trusted Execution Environments or TEEs, from whence they can communicate safely with the main OS. Third parties like Trustronic have taken this and built development platforms for TEEs and the chunks of trusted code they run - rather cutely called trustlets.
A Galaxy S3 Android phone ... that's running Microsoft DRM
But, as ARM told The Register, “the successful virtualization solution should be invisible to the consumer”. Indeed, the first mass-market phone to use this system was the Samsung Galaxy S3, which runs a secure microkernel called Mobicore and a handful of trustlets handling stuff like Microsoft’s PlayReady DRM (yes, your Android phone has Microsoft DRM in it). And it’s most certainly invisible to the consumer - if not to security researchers.
For many useful and important tasks, like giving your IT manager his own secure playpen on your phone to run buttoned-down corporate things, this gives control freaks the warm fuzzies when trying to ride herd on BYOD. The rest of us, conditioned by long experience, know that ‘trust’ in the context of hiding things from users generally means that genuine trust is thin on the ground - you’re not trusted to follow the rules, and you can’t trust the rules won’t change.
Virtualisation in the PC world means more freedom, not less: you want to run multiple operating systems, you want to make applications work where they weren’t intended, you want to move and multiply, backup and transfer, no matter what.
And this is coming, despite the general "look away, nothing to see" approach of much of the ARM virtualisation movement to date. It has to. With ARM and friends really very keen to see the architecture move into the data centre and cloud infrastructures - the biggest hive of virtual activity on the planet - a solid, bare-metal approach to proper full-fat virtualisation can’t come soon enough.
Things are more complicated on handsets. Both Samsung and VMware have dual persona systems, Knox and Horizon Workspace, that look a bit like virtualisation but are software-managed work and play environments that don’t rely on full-blown hypervisor control. But Samsung is also working with Red Bend, a mobile software management company with TRUE, a bare-metal hypervisor-based dual persona system, but that’s not part of Knox.
Missing from all of the above is Apple, which is really not happy with people messing about below the bonnet of iOS. With iOS 7, it introduced per-app security settings for things like compulsory VPN access, remote configuration and so on, effectively wrapping sensitive corporate apps in something approaching a virtual environment. But it’s not any closer to a dual persona approach, and nowhere near bare metal. APIs or nothing is the Apple creed. It dare not go the full monty: Android can’t get there fast enough.
ARM itself will talk about bare-metal hypervisors running multiple operating systems, but only for its recently announced ARMv8-R design. That’s aimed at the embedded world of cars, industrial control and smart things in general - but as ARM itself points out, even lightweight OSes of the sort it envisions running on the ARMv8-R can be pretty functional GUI-based Linux/Android derivatives: the borders between classic embedded systems blinking lights and running motors and the sort of smarts in a modern phone are increasingly fuzzy. That there will be a lot more ARM virtualization across all its platforms is not in doubt.
There’s a major split coming in mobile virtualisation. The techniques, code and capabilities to do full-on hypervisors on Android phones and tablets are moving into reality, a movement that can only be accelerated by the promise that such a move could smooth out Android fragmentation, increase security without compromising openness, and open up such transgressive horizons as running iOS apps - even iOS itself - alongside Android on the same hardware.
Under no conceivable alignment of the planets will this happen in the Apple ecosystem, where we’ll get what we’re given when Apple wants to give it. Apple’s certainly got a plan in mind, given the way iOS 7 has evolved its enterprise chops, but any argument about the better approach between the two platforms must, perforce, be religious, at least until things mature.
What is unarguable, though, is that after years of convergence, some genuine differential capabilities will appear again between the two platforms.
God help us all. ®
* Yes, you can install, for example, Qemu on your Android mobe, emulate a Versatile dev kit, and run a flavour of Debian GNU/Linux on it, or run Microsoft Windows on an emulated x86 platform. But that's awkward, you won't find that on iOS, and it doesn't address the lack of a standardised ARM hardware system – something that's enraged Linux kernel supremo Linus Torvalds - sub-ed
Sponsored: Today’s most dangerous security threats