Pocket-sized virtual machines: booting small Linux payloads in Android

Android is a large and complicated system with the Linux kernel at its core, exposing dozens of potentially exploitable interfaces to untrusted code. The sheer size, complexity, fragmentation, and rate of change result in a high probability of security vulnerabilities. Exploiting the kernel compromises most of the Android system, including all applications. To address this, Android 13 added support for extending the main operating system with a hypervisor to isolate selected applications from the “host” kernel. To guarantee the integrity of a guest spawned by a potentially compromised host, the Android Virtualization Framework (AVF) relies on custom guest firmware injected in the virtual baremetal environment to verify the payload before its execution, implementing a software root-of-trust. This talk will introduce the AVF architecture before diving into the motivations behind and design of its Rust-based firmware. It will also cover how Linux-based Microdroid, the main AVF guest OS, was optimized to reduce the footprint of protected VMs.

Pierre-Clement Tosi, Google


oil painting of a robot dressed as a chef in paris with eiffel tower in the background

Pierre-Clément is a Senior Software Engineer in the Android Security team at Google in London, contributing to different components of the Android Virtualization Framework. He has experience with low-level software (baremetal software, operating systems, device drivers), high-level hardware design (CPU architecture, FPGA-based acceleration), and modern approaches to software security (e.g. Rust). Passionate about the open-source philosophy, he has contributed to many projects related to those interests. Previously, he worked as a Performance Engineer at Arm, Cambridge.