Clone this repo:
  1. 0584fe9 Limit types that can be read from guest memory by Dylan Reid · 5 hours ago master
  2. 045c713 Add data_model with DataInit trait by Dylan Reid · 14 hours ago
  3. be4a4c9 gitignore: Remove Cargo.lock by Dylan Reid · 10 days ago factory-eve-9667.B
  4. 71501e0 sys_util: Add TempDir class by Dylan Reid · 2 weeks ago
  5. 7e33f61 crosvm: add virtio MMIO transport module by Zach Reizner · 4 weeks ago firmware-twinkie-9628.B

Chrome OS KVM

This component, known as crosvm, runs untrusted operating systems along with virtualized devices. No actual hardware is emulated. This only runs VMs through the Linux's KVM interface. What makes crosvm unique is a focus on safety within the programming language and a sandbox around the virtual devices to protect the kernel from attack in case of an exploit in the devices.


The crosvm source code is organized into crates, each with their own unit tests. These crates are:

  • kvm-sys low-level (mostly) auto-generated structures and constants for using KVM
  • kvm unsafe, low-level wrapper code for using kvm-sys
  • crosvm the top-level binary front-end for using crosvm


Currently there is no front-end, so the best you can do is run cargo test in each crate.