Brillo Kernel Maintenance

Session information has not yet been published for this event.


One Line Summary

Brillo's always-on-latest-LTS kernel plan


The Android ecosystem currently freezes to specific kernel versions with each different device that gets released. This would create an exponential amount of testing combinations, except most phones drop support within a year or two, so the resource pain gets avoided.

For an IoT offering, though, support must extend to 5 or 10 years, if not longer. In order to avoid the support and testing nightmare that will inevitably ensue, Brillo plans to use a common kernel with all vendor code in a single repository. At each upstream LTS, Google will help all vendors move their code forward (with the expectation that all such code is being actively upstreamed by the vendor).

This talk will cover the rationale in more detail, the testing expectations, how we’re organizing all the out-of-tree code, and how we’re helping vendors do their upstreaming.

Presentation Materials



  • Kees Cook



    Kees Cook has been working with Free Software since 1994, and has been a Debian Developer since 2007. He is currently employed by Google to work on Nexus, Brillo, and Chrome OS Security. From 2006 through 2011 he worked for Canonical as the Ubuntu Security Team’s Tech Lead, and remains on the Ubuntu Technical Board. Before that, he worked as the lead sysadmin at OSDL, before it was the Linux Foundation. He has written various utilities including GOPchop and Sendpage, and contributes randomly to other projects including fun chunks of code in OpenSSH, Inkscape, Wine, MPlayer, and Wireshark. He’s been spending most of his time lately focused on security features in the Linux Kernel.