ELCE11: Sandboxing for automotive Linux

When you start talking about 100 or 1000 guests, the limiting factors to full virtualization quickly become I/O bandwidth, scheduler pressure, RAM, etc. Virtualizing exactly 1 guest is an entirely different problem, especially if the primary goals are security and trying to mix two dissimilar systems. So yeah, I do think that "KVM done right" is far better for isolating a single Android instance than trying to modify both the host and guest to coexist. That's not to say that OS level virtualization doesn't have its uses.