Android 13 Virtualization Hack Runs Windows (and Doom) in an Android Virtual Machine
Here’s a fun new feature in Android 13: working virtualization support. Google builds virtualization into Android for its own reasons, but Android developer kdrag0n appropriated the feature for Windows 11 ARM boot and desktop Linux. The developer even ran a Windows version of Doom on a Pixel 6 virtual machine.
kdrag0n says that Android 13 has “full KVM functionality”with “almost native performance”. You need root to enable features that don’t support GPU acceleration. The functionality also doesn’t support nested virtualization, so while you can now run Android on Windows and Windows on Android, creating an infinitely nested OS is out of the question.
This makes a neat demo not at all what Google wants to do with upcoming support for Android virtual machines. Esper’s Mishaal Rahman has been closely monitoring the progress of Android virtualization for some time now, and the obvious plan is to someday (perhaps in Android 13) use virtual machines as a security and privacy sandbox for various features. Imagine that instead of handling sensitive data at the app’s normal permission level, data could be handled in a separate OS, so attackers would have to break the app’s security model, then Android, then the hypervisor, and then that other, private OS.
The first part of Google’s work on virtualization is the standardization of the Linux kernel that comes with an Android device. Today, the Android kernel is a common Android story of fragmentation, with each individual phone model shipping with a special version of the Linux kernel loaded with certain changes and disks. The kernels are basically never updated and it’s very difficult to roll out any OS-level virtualization features when there are literally 10,000+ different Android kernels. Google’s plan to standardize the Linux kernel is called “GKI”or “Generic Kernel Image”.
The Generic Kernel is the Android kernel with minimal changes, and any manufacturer changes or hardware support is handled through the module system. The main kernel is now standardized and has a known feature set. One day the kernel may even be upgradeable. GKI comes first on the Pixel 6, so the Pixel 6 is the first (and so far only) Android phone that can do this.
Google implements Linux kernel KVM and Chrome OS virtual machine manager, crosvm. The company is also building a stripped-down, headless version of Android to run in a virtual machine.
This tiny OS was previously thought to go by the name “Microdroid,”but that moniker appears to be just a shortcut in Google’s VM software. A more accurate name seems to be “CompOS”, as in an OS designed to perform isolated compilation. All of this code will eventually be delivered to every Android phone via the new “virt”Mainline module.
Google assumes that the main Android distribution and the secure VM run on the device’s hypervisor, making the VM data a whole extra layer of privacy and protection against even the most restrictive Android settings. First, Google wants to use it as a replacement for ARM’s TrustZone (running things like DRM) and crypto work. Google wants to get rid of TrustZone because TrustZone is full of privileged 3rd party proprietary code and because TrustZone is slow. With a faster, more secure work environment, Google can start running more time-critical tasks like voice recognition on one of these private virtual machines. So far the company seems to be making progress!
Leave a Reply