For the past few years, it’s been possible on many Chromebooks to install the Play Store and run Android apps. This opened the door for Chromebooks to become more than just glorified web browsers. Now, Google is looking to make some major under-the-hood changes to Chrome OS’s Android apps support, which may allow for a long-requested feature.
History of Android on Chrome OS
About four years ago, Google created a way for the Chrome browser to run Android apps, called Android Runtime for Chrome (ARC). This was designed with Chrome OS in mind, but developers quickly learned that it could be used to run Android apps in Chrome on any desktop platform.
While this worked well enough, Google wanted something more useful and Chrome OS specific. Thus, they began developing the next generation of ARC, “ARC++” to fit with classic developer naming scheme. ARC++ integrated the Android Runtime deeply with Chrome OS, allowing for things like the Play Store. This is how Android apps run on Chromebooks today.
ARC++ was possible partly because Chrome OS, like Android, is based on the Linux kernel. To increase security, ARC++ actually runs in a “container,” which is a way of isolating the Android parts from the rest of Chrome OS. While these efforts definitely help, the Chrome team has admitted that there’s room for improvement and potential for exploits.
We try to isolate them quite a bit (using namespaces, seccomp, alt syscall, SELinux, etc…), but at the end of the day, they have direct access to many syscalls and kernel interfaces, so a bug in there is reachable via code compiled with Android’s NDK.
To learn a bit more about ARC++, there’s a great explainer of how it connects graphically to Chrome OS, on LWN, from David Reveman who was once a member of the Chrome team and has since moved on to Fuchsia.
Linux on Chrome OS is different
Last year, Google launched an incredible effort on Chrome OS to make Linux apps available to install and use (often called Crostini). This was much easier said than done though. Sure, if you think about it, Chrome OS is Linux-based, which means it should be relatively easy to just run Linux apps on it.
Instead though, the Chrome team decided to create a virtual machine (or VM) to run Debian (a Linux distribution) and integrate that VM with the Chrome OS “host.” While they could have used existing virtual machine tech from the likes of QEMU or VirtualBox, they thought it better to create specialized tools from scratch, called “crosvm” and “Termina.”
There were quite a few reasons for using a virtual machine, but the biggest one was security. Having direct access to Chrome OS’s Linux kernel would create more opportunities for malicious code or possibly even viruses.
For Android, Google controls the app ecosystem via the Play Store, which generally means the apps there can be trusted. And if you want to sideload Android apps, you need to put your device into Developer Mode which allows you to do potentially unsafe things like that.
On Linux, where Google doesn’t have that level of control, there was no way to limit to just trusted apps. Using a virtual machine solves this problem, as if you install a malicious application, you can simply shut down the VM, wipe it, and start over, without affecting Chrome OS overall.
Getting the virtual machine integrated with Chrome OS, such that Linux apps feel “at home” on Chromebooks, has not been without its difficulties. For example, a significant amount of recent work has gone into creating GPU support to allow more graphically intense Linux applications (and potentially games).
Officially, Google has “no plans” to make any changes to the status quo of Android apps on Chrome OS. Under the surface, however, the Chromium team has been making an effort to make Chrome OS’s Android apps support more like their Linux apps support.
The effort, aptly named ARCVM (short for ARC Virtual Machine), from the bits of evidence available, seems poised to take advantage of the work done on the Crostini project by running Android through the same Termina VM. By moving to a virtual machine, Chrome OS’s Android support will be able to take advantage of the same security features, and the ability to easily reset should anything go wrong.
Making Android apps properly isolated from Chrome OS as a whole creates potential for Google to allow sideloading Android apps without entering Developer Mode. Being able to sideload apps has been a long-requested feature by Chrome OS users as many apps labeled “incompatible” with Chromebooks in fact actually work just fine when sideloaded. It would also make third-party app stores like Aptoide accessible on Chrome OS.
Beyond this, Android app developers would be able to install Android Studio on a Chromebook, develop their app, and test it on-device without being in Developer Mode. Given Google’s recent push for “secure development” via Chromebooks, this seems like the most likely driving force behind the ARCVM effort.
However, like other work-in-progress projects discovered in Chromium, there’s potential that this ARCVM project could be scrapped altogether, just like the Campfire project. Once a working prototype has been made, they’ll need to weigh pros and cons, to see if the increased security and potential to sideload apps outweighs the impact it may potentially have on performance on lower-end Chromebooks.
As development of ARCVM is still ongoing and it’s not in any way a confirmed project, there’s no telling when, if ever, we’ll see it live on our devices. My personal guess would be either late this year or near the launch of Android Q on Chrome OS.