Confidential Virtual Machines (CVMs) are increasingly adopted to protect sensitive workloads from privileged adversaries such as the hypervisor. While they provide strong isolation guarantees, existing CVM architectures lack first-class mechanisms for inter-CVM data sharing due to their disjoint memory model, making inter-CVM data exchange a performance bottleneck in compartmentalized or collaborative multi-CVM systems. Under this model, a CVM's accessible memory is either shared with the hypervisor or protected from both the hypervisor and all other CVMs. This design simplifies reasoning about memory ownership; however, it fundamentally precludes plaintext data sharing between CVMs because all inter-CVM communication must pass through hypervisor-accessible memory, requiring costly encryption and decryption to preserve confidentiality and integrity. In this paper, we introduce CAEC, a system that enables protected memory sharing between CVMs. CAEC builds on Arm Confidential Compute Architecture (CCA) and extends its firmware to support Confidential Shared Memory (CSM), a memory region securely shared between multiple CVMs while remaining inaccessible to the hypervisor and all non-participating CVMs. CAEC's design is fully compatible with CCA hardware and introduces only a modest increase (4%) in CCA firmware code size. CAEC delivers substantial performance benefits across a range of workloads. For instance, inter-CVM communication over CAEC achieves up to 209$\times$ reduction in CPU cycles compared to encryption-based mechanisms over hypervisor-accessible shared memory. By combining high performance, strong isolation guarantees, and attestable sharing semantics, CAEC provides a practical and scalable foundation for the next generation of trusted multi-CVM services across both edge and cloud environments.

翻译：机密虚拟机（CVM）正日益广泛地用于保护敏感工作负载免受虚拟机监控器等特权攻击者的侵害。尽管CVM提供了强大的隔离保证，但由于其分离式内存模型，现有CVM架构缺乏一流的跨CVM数据共享机制，使得跨CVM数据交换在分区化或协作式多CVM系统中成为性能瓶颈。在该模型下，CVM可访问的内存要么与虚拟机监控器共享，要么同时受到保护而禁止虚拟机监控器及所有其他CVM访问。这种设计简化了内存所有权的推理；然而，它从根本上排除了CVM之间的明文数据共享，因为所有跨CVM通信都必须经过虚拟机监控器可访问的内存，需要昂贵的加密和解密操作以保持机密性和完整性。本文提出CAEC系统，该系统实现了CVM之间的受保护内存共享。CAEC基于Arm机密计算架构（CCA）构建，并扩展其固件以支持机密共享内存（CSM）——一种在多个CVM之间安全共享的内存区域，同时保持对虚拟机监控器及所有非参与CVM的不可访问性。CAEC的设计与CCA硬件完全兼容，仅使CCA固件代码规模适度增加（4%）。CAEC在一系列工作负载中带来了显著的性能优势。例如，与基于虚拟机监控器可访问共享内存的加密机制相比，通过CAEC进行的跨CVM通信实现了高达209倍的CPU周期减少。通过结合高性能、强隔离保证和可验证的共享语义，CAEC为跨边缘和云环境的下一代可信多CVM服务提供了实用且可扩展的基础。