Google has announced a significant extension of support for Linux kernel versions used in Android devices, a move that underscores its commitment to enhancing device security. The Linux kernel, an open-source core integral to Android, relies heavily on Long-Term Support (LTS) releases for regular updates, bug fixes, and security patches. Although LTS support was initially extended from two years to six years in 2017, this was later reversed. Now, Google has committed to supporting its own LTS kernel releases for four years, ensuring continued security for Android devices.
The Role of Google’s Android Common Kernel (ACK)
Android devices typically utilize a Linux kernel derived from Google’s Android Common Kernel (ACK) branches. These branches originate from the Android mainline kernel branch whenever a new LTS release is declared. For instance, the android15-6.6 ACK branch was established following the declaration of version 6.6 as the latest LTS version. The “android15” in its name indicates its association with the Android 15 release.
Google maintains its own fork of each Linux kernel LTS release for three primary reasons:
1. Backports and Upstream Functionality: Google’s forks can include backports and cherry-picks of upstream features necessary for Android.
2. Pre-release Features: They can deploy features ready for Android devices, even if still under development upstream.
3. Vendor-Specific Features: They may include vendor or OEM features beneficial for Android partners.
Continuous Updates and Security
After creation, ACK branches receive continuous updates from Google, incorporating bug fixes specific to Android as well as merges from upstream kernel branches. Security vulnerabilities disclosed in the monthly Android Security Bulletin, such as those in the July 2024 bulletin, are addressed through these updates.
Identifying security fixes can be challenging, as patches meant for bug fixes might also close undisclosed security holes. Google endeavors to identify such instances but acknowledges that not all can be caught. This has led to instances where fixes appear in upstream Linux months before they reach Android devices. Therefore, Google urges Android OEMs to perform regular LTS updates to avoid sudden security vulnerabilities.
Importance of Extended LTS Support
LTS releases of the Linux kernel are crucial for the security of Android devices, enabling Google and OEMs to address both known and unknown vulnerabilities. Extended support lifetimes allow Google and OEMs to keep devices updated with security fixes for longer periods.
However, extended LTS support places a significant burden on Linux kernel developers and maintainers, many of whom are unpaid volunteers. The Linux maintainers decided that the six-year support lifetimes were unsustainable, reverting to a two-year window in early 2023. This decision prompted speculation about its impact on the Android ecosystem, with some expecting OEMs to perform major kernel version upgrades and others anticipating extended LTS support from Google or silicon vendors.
Google’s Commitment to Extended Support
Google has opted to extend LTS support itself. According to their developer page for the ACK, starting with kernel 6.6, stable kernels will have a support lifetime of four years. This extension surpasses the corresponding upstream stable kernel support at kernel.org, with Google providing extended support until the end-of-life (EOL) date.
The previous six-year LTS lifecycle allowed Android OEMs to launch devices up to three years into the lifecycle, still benefiting from several years of upstream support. With Google’s new four-year support policy, OEMs must adapt. Starting with Android 15, devices can only launch with either android14-6.1 or android15-6.6, the two most recent kernel versions. These will be supported until July 2029 and July 2028, respectively, ensuring three to five years of support before requiring a kernel upgrade.
Related topics:
Can AI Find You the Cheapest Plane Tickets: Google VS Skyscanner
Google Faces 48% Emissions Surge Amid AI Expansion
Google Maps Misguides Students into Odisha Forest, Prompting 11-Hour Rescue Operation