Windows 11 on your Mac — without the middleman.

BridgeVM is a native desktop app that treats Windows 11 ARM like infrastructure you own: bundled EDK2 firmware, TPM via swtpm, a multi-step install wizard, and a QEMU command line tuned for HVF, display scanout, and NVMe — not a rented hypervisor SKU. The heavy lifting is Rust (async VM lifecycle, disk bundles, firmware, TPM orchestration); the shell is React + Tauri 2.

Source on GitHub More code @seanwirkus

Tauri 2 Rust backend React UI thiserror · serde Tokio · tracing virtio guest agent sock

Reality check: Windows is not bundled — you bring a legal ARM64 ISO. BridgeVM orchestrates QEMU, qcow2 images, virtio-serial guest-agent sockets under /tmp/bvm-… (short paths for macOS sockaddr_un), and per-VM NVRAM vars. Firmware can be overridden with BRIDGEVM_FIRMWARE_* env vars for dev escape hatches.

Performance contract

Stacked QEMU optimizations

The backend builds a single auditable command: Apple Hypervisor.framework for arm64 guests, GICv3, virtio-gpu with blob scanout and tuned host framebuffer memory, EDID-driven resolutions, NVMe multi-queue, qcow2 L2 cache hints, and ioeventfd on virtio queues — each layer documented in code so you can see why the VM feels responsive.

01 HVF acceleration — privileged guest code runs on the hypervisor, not soft-emulated.
02 GICv3 — lowers IRQ exit latency versus emulated GICv2 on Apple Silicon hosts.
03 virtio-gpu + blob + max_hostmem — fewer framebuffer copies; smoother UI inside Windows.
04 NVMe num_queues=4 — parallel submission paths from multiple vCPUs.
05 virtio + ioeventfd — kicks off the QEMU main loop hot path where possible.

Product

What ships in the app

Create VMs from ISO with presets (light / recommended / pro), adjust cores RAM and disk, enforce license acknowledgment, reset NVRAM vars, stream logs, and dependencies checks (QEMU, swtpm) — the boring ops made explicit.

Positioning

Why it exists

Subscription desktop virtualization is a tax on cross-platform developers. BridgeVM is the opposite posture: a local, inspectable stack — Rust for correctness around process and disk lifecycle, React for a fast control surface, Tauri for a real macOS .app.

Crate graph

What the Rust side is made of

Pulled straight from src-tauri/Cargo.toml and modules under src-tauri/src/ — this is the kind of systems surface I build when product meets bare metal.

Async & I/O: tokio for spawning QEMU/swtpm, waiting on process lifelines, and async file work.
Desktop IPC: Tauri 2 commands with explicit rename_all = "camelCase" so JS ↔ Rust contracts stay honest.
Model & errors: serde / serde_json for VM records; thiserror for structured BridgeVmError paths.
Identity & time: uuid VM ids; chrono for created / started timestamps in config.
Host integration: which to resolve qemu-system-aarch64, qemu-img, swtpm; nix to SIGKILL orphan swtpm after crashes; trash to delete bundles via Finder semantics.
Observability: tracing + tracing-subscriber with env filters — production-friendly logs from the harness, not println! noise.

Modules

Layout in the repo

Engineering breadth beyond “call qemu”: firmware discovery with OnceLock resource dir, secure-boot vs non-secure EDK2 pairs, VM registry, validation of ISO path and resource presets, and TPM state directories inside each bundle.

Notable Rust modules: qemu_command (full argv builder + perf commentary), qemu_process, vm_bundle, vm_registry, vm_config, firmware, tpm (lockfile / orphan reaping), guest_agent, disk, logs, validation, tauri_commands.

Contrast

Generic script vs BridgeVM

Copy-paste QEMU
One long terminal command, easy to drift, no firmware lifecycle, no TPM guardrails.

BridgeVM
Versioned command builder, bundled EDK2, swtpm-aware Windows 11 path, React library + logs + settings.