The Android Virtualization Framework (AVF) is expanding in Android 14 to include select devices. AVF, which was first introduced in Android 13 on Pixel devices, allows platform developers to work on privileged applications. The framework supports virtualization, which is widely used to isolate workloads and operating systems from each other. AVF treats virtual machines as a core part of the Android operating system, giving developers the ability to choose the level of isolation. Isolated virtual machines provide a two-way barrier between the host (Android) and the VM, offering enhanced security for sensitive data. AVF offers benefits such as portability, performance, and extensibility. By using isolated VMs, developers have an alternative to Trustzone for cases that require isolation without escalated privileges. AVF also has applications in biometrics and DRM. APIs are available to query device capabilities and set up secure communication channels with virtual machines. AVF consists of the framework APIs, the hypervisor (pKVM), the Virtual Machine Manager (crosvm), isolated virtual machines, Microdroid, the Virtualization Service, and RpcBinder. Android 14 introduces new features and improvements for AVF, including an Android System API, a Hypervisor DevEx toolkit, Hyp
https://android-developers.googleblog.com/2023/12/virtual-machines-as-core-android-primitive.html