A Linux-based partitioning hypervisor that runs bare-metal applications or adapted operating systems alongside Linux in isolated cells.
Jailhouse is a Linux-based partitioning hypervisor that enables running bare-metal applications or adapted operating systems alongside Linux on the same hardware. It creates isolated domains called "cells" by configuring CPU and device virtualization features, ensuring they cannot interfere with each other. Unlike traditional hypervisors, it focuses on simplicity and deterministic resource allocation rather than overcommitment.
System developers and embedded engineers working on mixed-criticality systems, real-time applications, or security-sensitive environments requiring hardware-level isolation between components.
Developers choose Jailhouse for its simplicity, deterministic behavior, and ability to run bare-metal applications alongside Linux without the complexity of full-featured hypervisors. Its Linux-managed interface makes it easier to deploy than traditional bare-metal hypervisors.
Linux-based partitioning hypervisor
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
Configures CPU and device virtualization features to create isolated cells, ensuring they cannot interfere with each other, which is critical for security and real-time applications.
Optimized for simplicity over feature richness, avoiding software virtualization where possible, leading to fewer points of failure and easier auditing.
Loaded and configured by a normal Linux system, leveraging Linux infrastructure for management, making deployment more accessible than bare-metal hypervisors.
Does not overcommit CPUs, RAM, or devices, ensuring predictable behavior essential for real-time and embedded systems.
Especially on ARM, requires writing configs manually from examples and hardware datasheets, as there is no config generator, increasing setup time and error risk.
Lacks support for overcommitment or scheduling, limiting hardware utilization in dynamic environments where resources need to be shared or scaled.
Requires specific CPU features (e.g., EPT on Intel, NPT on AMD), IOMMU support, and Linux kernel versions, reducing portability and increasing compatibility hurdles.