The project (ARC Virtual Machine) by Google for Chrome OS, a new layer option for running Android applications. The key difference from the currently proposed ARC ++ (Android Runtime for Chrome) layer is the use of a full-fledged virtual machine instead of a container. The technologies embedded in ARCVM are already being used in the subsystem to run Linux apps on Chrome OS.
Instead of a container isolating with namespaces, seccomp, alt syscall, SELinux and cgroups, ARCVM uses a virtual machine monitor to run the Android environment based on the KVM hypervisor and at the settings level system image , which includes a stripped-down kernel and a minimal system environment. Input and output to the screen is organized by running an intermediate composite server inside the virtual machine, forwarding output, input events and clipboard operations between the virtual and main environments (In ARC ++ direct access to the DRM layer via the Render Node).
Google coming soon replace the current ARC++ subsystem with ARCVM, but in the long run, ARCVM is of interest from the point of view of unification with the subsystem for running Linux applications and providing a stricter isolation of the Android environment (the container uses a common kernel with the main system and remains direct access to system calls and kernel interfaces, a vulnerability in which can be used to compromise the entire system from the container).
The use of ARCVM will also allow users to install arbitrary Android applications without being limited to linking to the Google Play catalog and without requiring the device to be put into developer mode (in normal mode installing only selected apps from Google Play). This feature is necessary for organizing the development of Android applications in Chrome OS. Currently, it is already possible to install the Android Studio environment in Chrome OS, but in order to test the applications being developed, Developer Mode must be enabled.
Source: opennet.ru