Qualcomm SOCs

When Replicant was started, the HTC Dream was the only available Android phone, and it had a Qualcomm SOC. We then also added support for other very similar devices.

When alternatives were available, we switched focus away from devices with such SOC because they had several issues:
  • the GSM modem/baseband (which runs only non-free software) handled things that were too much privacy sensitive, such as the audio CODEC, which, as I understand, makes it possible, hardware wise, for the modem to enable the microphone without the Application Processor (which ran Replicant) being involved.
  • the CPU of the GSM modem inside the SOC, and RAM chips are/were shared between both. This was also the case for some of the supported devices that had a Samsung Exynos SOC.
  • more recent devices seemed to require more work than before due to the increasing amount of proprietary libraries.

The fact that privacy sensitive hardware such as the CODEC is controlled by proprietary software (trough the modem), along with the perceived amount of work (due to the big number of proprietary libraries and their nature) explains why devices with Qualcomm SOCs are not a priority for Replicant.

Despite that we still accepted contributions for devices with such System On a Chip, and several people worked to add support for devices with them but didn't have enough time to complete their work.

Still, it might be possible to make sure that the modem cannot physically access and modify the Application Processor's RAM content, for instance by using the SOC IOMMU, if there is one, and if it is only controlled by the Application Processor and that we can have enough assurance that the software and hardware does their job correctly. This would require Qualcomm to publish enough documentation on the hardware, and to be able to use a mainline kernel1 on the devices.

Some tablets use Qualcomm SOCs that have no modems. Assuming that the most important privacy sensitive hardware is under the control of the Application Processor, such tablets might be interesting, assuming that the amount of proprietary libraries (and work) is low enough to be worth it.