It's not speculation.

In order to build a custom Rom, you need three things: the kernel tree, the device tree, and the binary blobs.

The binary blobs can be extracted from a running phone.

The kernel tree is GPL-licensed, so almost all phones have kernel trees releases, and if they don't you can ask the manufacturer for it.

The device tree on the other hand, is created from scratch for each phone. As such, there is no pre-existing license, and therefore no legal obligation to release device tree sources, so almost no manufacturer does. The only notable exception is Google with their Nexus and Pixel phones. (But this has stopped since with the Android 16 release)

We can safely assume that the manufacturers that don't release the device trees, wouldn't have released kernel trees if they weren't obliged to.

To go into more details:

The device trees are relatively easy to make. So, their absence doesn't represent a big hurdle. See for example https://xdaforums.com/t/guide-how-to-make-a-device-tree-for-...

But adding support for a device to the Linux Kernel requires _huge_ reverse-engineering efforts. This is why there's still no fully functional Android build for iPhones.

> In order to build a custom Rom, you need three things: the kernel tree, the device tree, and the binary blobs.

And a license to use the binary blobs for that purpose. Is it a given that doing that is allowed?

IANAL; but - jurisdiction dependent.

Some have "interoperability exceptions" - so if you have been granted a license to something, you can reuse it in different context (so for instance you could run Microsoft Office on WINE even if Microsoft's license forbids it).

Some have restrictions on redistribution (but the builds just using the blobs from the old filesystem are fine).

A lot of that is in the gray area, and for that very reason many builds don't actually redistribute blobs - they extract and reuse them live.

Not at all. We have a lot of experience with this with such licenses and other software. BSD as just one example. Not only do we have a pile of emperical evidence, it's also a priori obvious: they're not going to expend any effort or take any risk if its not neccessary. They can just benefit without paying.

Easy see the upstream contributions from any commercial vendor that has integrated BSD into their UNIX flavours, or the alternatives that exist nowadays for embedded FOSS operating systems, none of them GPL.

I can get the source of the kernel, including all drivers, running on my android phone with a few clicks and build a custom ROM.

Where can I get the source of the exact kernel running on iOS devices, including all drivers?

How about the Playstation 4 or 5? Where can I get the source of their FreeBSD fork?

> I can get the source of the kernel, including all drivers, running on my android phone with a few clicks and build a custom ROM.

No, most drivers are closed source and you can just extract binary blobs for them. They run as daemons that communicate through the binder ipc - Android basically turned the Linux kernel into a microkernel.

Indeed, since Android 8 all drivers are in userspace and use Android IPC to talk to the Linux kernel.

Traditional Linux drivers are considered legacy in Android.

https://source.android.com/docs/core/architecture/hal

Yep, my Pixel 5 with stock OS and Pixel 6 with Graphene are hacked via WiFi blobs, which are not updated and cannot be patched.

"If i stop eating, ill die" is also speculative. Do we have validate everything like we were born yesterday?