Virtual machines as core Android primitives

that much Android Virtualization Framework (AVF) It will be available on select Android 14 devices in the future. First introduced in Android 13 on Pixel devices, AVF brings new capabilities to platform developers working on privileged applications.

With AVF, we are providing broader support for virtualization for Android. Virtualization is widely used and deployed to isolate workloads and operating systems from each other. It enables efficient expansion of infrastructure, test environments, legacy software compatibility, virtual desktop creation, and more.

The AVF virtual machine becomes a core component of the Android operating system, similar to how Android leverages Linux processes. Developers have the flexibility to choose the isolation level for their virtual machines.

    • One-way isolation: Android (the host) can control and inspect the contents of the VM. It is most commonly used for sandboxing and isolation, allowing multiple operating systems to run on the same system/device while one operating system host (Android) controls and monitors all other operating systems.
    • Two-way isolation (isolated VM): Android (host) and virtual machines (guest) are completely isolated from each other. Developers who process or store sensitive data can benefit from isolated virtual machines. Isolated virtual machines have a two-way barrier where the host (Android) and the VM cannot access each other except through explicitly agreed upon communication channels. It has two main properties:
  1. Workloads and data inside the VM are not accessible (confidential) from the host (Android).
  2. Even if Android is compromised up to (and including) the host kernel, the isolated VM will remain intact.

Benefits of AVF


Isolated VMs now allow developers to replace Trustzone for use cases that require isolation from Android without elevation of privilege.


Virtual machines and the applications running within them are much more portable than trusted applets. For example, a Linux-based virtual machine with a Linux application payload will work on any device that supports AVF. This means developers can build their applications once and deploy them anywhere. Additionally, VMs allow for seamless and easy porting of existing Linux-based applications compared to porting to the Trustzone operating system.

See also  Top 10 travel apps on the U.S. App Store by user acquisition


AVFs are designed to be lightweight, efficient, and flexible. Virtual machines can:

    • Depending on the developer’s needs, it can be as small as a single C program or as large as an entire operating system.
    • It must be continuous or intermittent.
    • Memory increases or decreases depending on overall system health. and
    • Respect Android’s scheduler hints and low-memory warnings.


AVF was designed with developers in mind. You can customize virtual machines to meet your specific use case requirements. Developers can deploy any VM payload as long as it adheres to the specific boot and communication protocols specified by the AVF.

In addition to introducing virtualization capabilities to Android and enabling the full potential of virtual desktops and sandboxing, AVF’s use of isolated virtual machines can benefit the following common Android use cases (and more):

    • Biometrics: By deploying biometric trusted applets on isolated virtual machines, developers enjoy guaranteed isolation, access to more computing power for biometric algorithms, easy updates and more efficient deployment regardless of the Trustzone operating system.
    • DRM: Widevine supports streaming DRM on Android devices. Once deployed on an isolated virtual machine, Widevine updates across Android devices are much easier, regardless of the details of the various Trustzone operating systems deployed on those devices.

Using AVFs

AVF provides an easy-to-use API for querying the capabilities of devices that create virtual machines and their supported types, and for applications and services that create virtual machines to establish a secure communication channel with those virtual machines.

For example, to check the availability of the AVF API, an isolated regular VM:

VirtualMachineManager manager =
if (manager == null) {
    // AVF not supported
} else {
    int capabilities = manager.getCapabilities();
    if ((capabilities & CAPABILITY_PROTECTED_VM) != 0) {
        // protected VM is supported
    if ((capabilities & CAPABILITY_NON_PROTECTED_VM) != 0) {
        // non protected VM is supported

Find additional documentation about AVF and its API here.

See also  A new foundation for AI on Android

AVF component


AVF component architecture


AVF consists of a framework API, hypervisor, and Virtual Machine Manager. The hypervisor ensures that virtual machines (including Android) are isolated from each other, much like the Linux kernel does for processes. However, the AVF hypervisor (pKVM) does this using a much smaller (~50x) code base compared to the Linux kernel.

Hypervisor (pKVM)

The hypervisor focuses on open source availability, security, device allocation to VMs, and security through isolation between virtual machines. There is a small attack surface that meets higher security assurance levels. AVF APIs and features are fully supported on the Protected KVM hypervisor (pKVM).

pKVM is built on top of Linux’s industry-standard Kernel-Based Virtual Machine (KVM). This means that all existing operating systems and workloads that use KVM-based virtual machines can work seamlessly on Android devices with pKVM.

Virtual Machine Manager (crosvm)

crosvm, a Rust-based Virtual Machine Manager (VMM), serves as the bridge between the hypervisor and the AVF framework. Responsible for creating, managing, and deleting virtual machines. It also provides an abstraction layer across multiple hypervisor implementations.

Isolated virtual machine

Isolated virtual machines do not appear in Android. This means that no process running on Android can inspect, view, or tamper with the contents of these virtual machines. This guarantee is provided by the hypervisor.

virtual machine

Virtual machines are identical to isolated VMs, except that they can access Android processes with the correct permissions.


Microdroid is an Android OS package created to serve as a template for starting virtual machines (VMs). It provides developers with a familiar environment to build and run workloads on VMs. Microdroid uses familiar Android tools and libraries such as Bionic, Binder IPC, and keystore support.

See also  A faster Rust toolchain for Android

virtualization service

VirtualizationService manages all guest VMs, isolated or otherwise. This is primarily accomplished by managing instances of crosvm. It also exposes an AIDL API that system services or privileged apps can use to start, monitor, and stop VMs.

Rpc binder

Rpc binder A completely new backend developed for the Android Interface Definition Language (AIDL). RpcBinder allows you to communicate with virtual machines using the existing Binder connection protocol. This means:

  1. Developers can write interfaces to virtual machines using AIDL, a language and infrastructure they are already familiar with.
  2. Even if your Binder endpoint moves to a virtual machine, you can continue to use your existing AIDL interface.

What’s new in Android 14?

Android 14 not only makes AVF available on more devices, it also provides new toolkits that let you build more things using AVF and its components.

    • Android system API for AVF

Privileged applications can now use VMs to run sensitive workloads that require isolation.

    • Hypervisor DevEx Toolkit

Traceability has been added, debuggability has been improved, and monitoring capabilities have been improved to provide insight and support platform developers developing inside isolated VMs.

    • Hypervisor vendor module

Vendor module extensions allow partners to customize Google’s hypervisor (pKVM) to meet their specific needs and differentiate themselves.

    • Improve system health

With Android 14, MicroDroid-based VMs boot twice as fast and use half the memory compared to Android 13.

Leave a Reply

Your email address will not be published. Required fields are marked *