Confidential Virtual Machines (CVMs) are increasingly adopted to protect sensitive workloads from privileged adversaries such as the hypervisor. While they provide strong isolation guarantees, existing CVM architectures lack first-class mechanisms for inter-CVM data sharing due to their disjoint memory model, making inter-CVM data exchange a performance bottleneck in compartmentalized or collaborative multi-CVM systems. Under this model, a CVM's accessible memory is either shared with the hypervisor or protected from both the hypervisor and all other CVMs. This design simplifies reasoning about memory ownership; however, it fundamentally precludes plaintext data sharing between CVMs because all inter-CVM communication must pass through hypervisor-accessible memory, requiring costly encryption and decryption to preserve confidentiality and integrity. In this paper, we introduce CAEC, a system that enables protected memory sharing between CVMs. CAEC builds on Arm Confidential Compute Architecture (CCA) and extends its firmware to support Confidential Shared Memory (CSM), a memory region securely shared between multiple CVMs while remaining inaccessible to the hypervisor and all non-participating CVMs. CAEC's design is fully compatible with CCA hardware and introduces only a modest increase (4%) in CCA firmware code size. CAEC delivers substantial performance benefits across a range of workloads. For instance, inter-CVM communication over CAEC achieves up to 209$\times$ reduction in CPU cycles compared to encryption-based mechanisms over hypervisor-accessible shared memory. By combining high performance, strong isolation guarantees, and attestable sharing semantics, CAEC provides a practical and scalable foundation for the next generation of trusted multi-CVM services across both edge and cloud environments.

翻译：机密虚拟机（CVM）被日益广泛地用于保护敏感工作负载免受虚拟机监控器等特权敌手的攻击。尽管CVM架构提供了强大的隔离保证，但由于其不相交的内存模型，现有CVM缺乏虚拟机间数据共享的一等机制，这使得在分域化或多CVM协作系统中，虚拟机间数据交换成为性能瓶颈。在此模型下，CVM可访问的内存要么与虚拟机监控器共享，要么既免受虚拟机监控器又免受所有其他CVM的访问。这种设计简化了内存所有权的推理，但根本上禁止了CVM间的明文数据共享，因为所有虚拟机间通信必须经过虚拟机监控器可访问的内存，从而需要昂贵的加密和解密来保证机密性和完整性。本文提出CAEC，一种支持CVM间受保护内存共享的系统。CAEC基于Arm机密计算架构（CCA）构建，并扩展其固件以支持机密共享内存（CSM），该内存区域可在多个CVM间安全共享，同时对虚拟机监控器和所有非参与CVM保持不可访问。CAEC的设计与CCA硬件完全兼容，仅使CCA固件代码大小增加4%。CAEC在多种工作负载上带来了显著的性能提升。例如，与基于加密的虚拟机监控器可访问共享内存机制相比，通过CAEC实现的虚拟机间通信CPU周期最多可减少209倍。通过结合高性能、强隔离保证和可证明的共享语义，CAEC为边缘和云环境中下一代可信多CVM服务提供了实用且可扩展的基础。