1*bb4ee6a4SAndroid Build Coastguard Worker# Introduction 2*bb4ee6a4SAndroid Build Coastguard Worker 3*bb4ee6a4SAndroid Build Coastguard WorkerThe crosvm project is a hosted (a.k.a. 4*bb4ee6a4SAndroid Build Coastguard Worker[type-2](https://en.wikipedia.org/wiki/Hypervisor#Classification)) virtual machine monitor similar 5*bb4ee6a4SAndroid Build Coastguard Workerto QEMU-KVM or VirtualBox. 6*bb4ee6a4SAndroid Build Coastguard Worker 7*bb4ee6a4SAndroid Build Coastguard WorkerIt is a VMM that can run untrusted operating systems in a sandboxed environment. crosvm focuses on 8*bb4ee6a4SAndroid Build Coastguard Workersafety first and foremost, both in its language of choice (Rust) and through its 9*bb4ee6a4SAndroid Build Coastguard Worker[runtime sandbox](appendix/sandboxing.md) system. Each virtual device (disk, network, etc) is by 10*bb4ee6a4SAndroid Build Coastguard Workerdefault executed inside a [minijail](appendix/minijail.md) sandbox, isolated from the rest. In case 11*bb4ee6a4SAndroid Build Coastguard Workerof an exploit or vulnerability, this sandbox prevents an attacker from escaping and doing harmful 12*bb4ee6a4SAndroid Build Coastguard Workerthings to the host operating system. On top of that, crosvm also relies on a 13*bb4ee6a4SAndroid Build Coastguard Worker[syscall security policy](appendix/seccomp.md) that prevents unwanted system calls from being 14*bb4ee6a4SAndroid Build Coastguard Workerexecuted by a compromised device. 15*bb4ee6a4SAndroid Build Coastguard Worker 16*bb4ee6a4SAndroid Build Coastguard WorkerInitially it was intended to be used with KVM and Linux, but it now also supports 17*bb4ee6a4SAndroid Build Coastguard Worker[other types of platforms](https://github.com/google/crosvm/tree/main/hypervisor/src). 18*bb4ee6a4SAndroid Build Coastguard Worker 19*bb4ee6a4SAndroid Build Coastguard WorkerTo run crosvm all that is needed is an operating system image (a root file system plus a kernel) and 20*bb4ee6a4SAndroid Build Coastguard Workercrosvm will run it through the platform's hypervisor. See the 21*bb4ee6a4SAndroid Build Coastguard Worker[example usage](running_crosvm/example_usage.md) page to get started or visit the 22*bb4ee6a4SAndroid Build Coastguard Worker[building crosvm](building_crosvm/index.md) section to compile your own from source. 23*bb4ee6a4SAndroid Build Coastguard Worker 24*bb4ee6a4SAndroid Build Coastguard Worker- [Announcements](https://groups.google.com/a/chromium.org/g/crosvm-announce) 25*bb4ee6a4SAndroid Build Coastguard Worker- [Developer Mailing List](https://groups.google.com/a/chromium.org/g/crosvm-dev) 26*bb4ee6a4SAndroid Build Coastguard Worker- [#crosvm on matrix.org](https://matrix.to/#/#crosvm:matrix.org) 27*bb4ee6a4SAndroid Build Coastguard Worker- [Source code](https://chromium.googlesource.com/crosvm/crosvm/) 28*bb4ee6a4SAndroid Build Coastguard Worker - [GitHub mirror](https://github.com/google/crosvm) 29*bb4ee6a4SAndroid Build Coastguard Worker - [API documentation](https://crosvm.dev/doc/crosvm/), useful for searching API. 30*bb4ee6a4SAndroid Build Coastguard Worker - Files for this book are under 31*bb4ee6a4SAndroid Build Coastguard Worker [/docs/](https://chromium.googlesource.com/crosvm/crosvm/+/HEAD/docs/). 32*bb4ee6a4SAndroid Build Coastguard Worker- [Public issue tracker](https://issuetracker.google.com/issues?q=status:open%20componentid:1161302) 33*bb4ee6a4SAndroid Build Coastguard Worker - For Googlers: See [go/crosvm#filing-bugs](https://goto.google.com/crosvm#filing-bugs). 34*bb4ee6a4SAndroid Build Coastguard Worker 35*bb4ee6a4SAndroid Build Coastguard Worker 36
