How are security updates applied?

They seem too small and consistent in size to just be bundles of system apps that got security fixes the past month. Are they like differential patches or something? How are they applied? And what happens while the ‘finishing system update’ notification is shown? (as far as I can tell the phone remains unlocked while updating, so why do they need it to be booted to finish the update? Is it just to turn on the phone faster?)

Web search returns ‘what is an update’ articles so I’m asking here.

Markaos,

They seem too small and consistent in size to just be bundles of system apps that got security fixes

Correct, just one note here: system apps (both APK apps and APEX system modules) are updated through Google Play like all other apps, the monthly security patches are a layer below that - it updates the base OS files like firmware and kernel modules. More info about APEX

Are they like differential patches or something?

Yes, that’s exactly what they are. Small differential patches (often called delta patches / delta updates) to the files.

Btw apps are also getting delta updates through Google Play for at least a few years now (5-ish?)

And what happens while the ‘finishing system update’ notification is shown?

Android Runtime (ART) works by compiling the Java bytecode in apps to native code before running them - it’s called “ahead of time compilation”. This compiled native code is specific to the device, OS and system modules, and some of the modules probably changed during an update - that means the OS has to recompile all the native code against the new updated modules, and that takes some time to do for all installed apps. There can also be updates to the ART module itself that improve the way ART compiles code, and that also requires recompilation to have effect.

as far as I can tell the phone remains unlocked while updating, so why do they need it to be booted to finish the update? Is it just to turn on the phone faster?

There’s a mechanism called A/B partitioning where there are actually two copies of the OS installed. To update, you copy the current OS into the other slot, then apply all the updates to it and finally mark it as the active slot. When you boot your phone, the bootloader looks up the active slot and boots it (and switches the primary slot back if it fails to boot a few times in a row).

The OS can be updated during a reboot and that’s how some vendors still do it, but the downside is that the phone cannot be used during updating. With A/B partitioning and background updates, you can use your phone like usual and then reboot as quickly as any other reboot to apply the updates.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • android@lemmy.ml
  • kavyap
  • mdbf
  • tacticalgear
  • osvaldo12
  • InstantRegret
  • DreamBathrooms
  • cubers
  • magazineikmin
  • thenastyranch
  • khanakhh
  • Youngstown
  • slotface
  • rosin
  • ethstaker
  • JUstTest
  • tester
  • GTA5RPClips
  • Durango
  • modclub
  • Leos
  • ngwrru68w68
  • everett
  • anitta
  • cisconetworking
  • provamag3
  • normalnudes
  • megavids
  • lostlight
  • All magazines
    •