Confidential Virtual Machines (CVMs) are increasingly adopted to protect sensitive workloads from privileged adversaries such as the hypervisor. While they provide strong isolation guarantees, existing CVM architectures lack first-class mechanisms for inter-CVM data sharing due to their disjoint memory model, making inter-CVM data exchange a performance bottleneck in compartmentalized or collaborative multi-CVM systems. Under this model, a CVM's accessible memory is either shared with the hypervisor or protected from both the hypervisor and all other CVMs. This design simplifies reasoning about memory ownership; however, it fundamentally precludes plaintext data sharing between CVMs because all inter-CVM communication must pass through hypervisor-accessible memory, requiring costly encryption and decryption to preserve confidentiality and integrity. In this paper, we introduce CAEC, a system that enables protected memory sharing between CVMs. CAEC builds on Arm Confidential Compute Architecture (CCA) and extends its firmware to support Confidential Shared Memory (CSM), a memory region securely shared between multiple CVMs while remaining inaccessible to the hypervisor and all non-participating CVMs. CAEC's design is fully compatible with CCA hardware and introduces only a modest increase (6%) in CCA firmware code size. CAEC delivers substantial performance benefits across a range of workloads. For instance, inter-CVM communication over CAEC achieves up to 209x reduction in CPU cycles compared to encryption-based mechanisms over hypervisor-accessible shared memory. By combining high performance, strong isolation guarantees, and attestable sharing semantics, CAEC provides a practical and scalable foundation for the next generation of trusted multi-CVM services across both edge and cloud environments.

翻译：机密虚拟机（CVM）正被广泛采用，以保护敏感工作负载免受虚拟机监控器等特权攻击者的侵害。尽管CVM提供了强大的隔离保证，但其现有架构因采用独立内存模型而缺乏一流的虚拟机间数据共享机制，这使得在多CVM分区或协作系统中，虚拟机间数据交换成为性能瓶颈。在该模型下，CVM的可访问内存要么与虚拟机监控器共享，要么对虚拟机监控器及其他所有CVM均受保护。这种设计简化了内存所有权的推理，但根本上阻止了CVM间的明文数据共享，因为所有CVM间通信必须经过虚拟机监控器可访问内存，需通过高开销的加密和解密来维护机密性与完整性。本文提出CAEC系统，支持CVM间的受保护内存共享。CAEC基于Arm机密计算架构（CCA），并扩展其固件以支持机密共享内存（CSM），该内存区域可在多个CVM间安全共享，同时对虚拟机监控器及所有非参与CVM不可访问。CAEC的设计与CCA硬件完全兼容，仅使CCA固件代码量适度增加6%。CAEC在多种工作负载下展现出显著性能优势。例如，与基于加密的虚拟机监控器可访问共享内存机制相比，CAEC实现的虚拟机间通信可降低高达209倍的CPU周期数。通过融合高性能、强隔离保证与可证明的共享语义，CAEC为边缘和云环境下的新一代可信多CVM服务提供了实用且可扩展的基础。