Existing confidential virtual machines (CVMs) suffer from severe performance bottlenecks in cross-CVM data sharing due to their strong isolation design, which mandates hypervisor-mediated forwarding and frequent encryption/decryption operations. This work introduces Confidential Shared Memory (CSM), the first mechanism enabling verifiable, direct, and confidential memory sharing among multiple CVMs—built upon the Arm Confidential Compute Architecture (CCA). CSM extends CCA firmware with minimal modifications (only +4% code size) to support protected shared memory regions and cross-CVM remote attestation. Crucially, CSM eliminates hypervisor involvement in plaintext data movement and avoids redundant encryption, reducing CPU overhead by up to 209×. The approach preserves end-to-end confidentiality and integrity without compromising security guarantees, thereby significantly improving efficiency and scalability of collaborative trusted computing environments. Moreover, CSM is fully compatible with existing CCA hardware.

Confidential Virtual Machines (CVMs) are increasingly adopted to protect sensitive workloads from privileged adversaries such as the hypervisor. While they provide strong isolation guarantees, existing CVM architectures lack first-class mechanisms for inter-CVM data sharing due to their disjoint memory model, making inter-CVM data exchange a performance bottleneck in compartmentalized or collaborative multi-CVM systems. Under this model, a CVM's accessible memory is either shared with the hypervisor or protected from both the hypervisor and all other CVMs. This design simplifies reasoning about memory ownership; however, it fundamentally precludes plaintext data sharing between CVMs because all inter-CVM communication must pass through hypervisor-accessible memory, requiring costly encryption and decryption to preserve confidentiality and integrity. In this paper, we introduce CAEC, a system that enables protected memory sharing between CVMs. CAEC builds on Arm Confidential Compute Architecture (CCA) and extends its firmware to support Confidential Shared Memory (CSM), a memory region securely shared between multiple CVMs while remaining inaccessible to the hypervisor and all non-participating CVMs. CAEC's design is fully compatible with CCA hardware and introduces only a modest increase (4%) in CCA firmware code size. CAEC delivers substantial performance benefits across a range of workloads. For instance, inter-CVM communication over CAEC achieves up to 209$ imes$ reduction in CPU cycles compared to encryption-based mechanisms over hypervisor-accessible shared memory. By combining high performance, strong isolation guarantees, and attestable sharing semantics, CAEC provides a practical and scalable foundation for the next generation of trusted multi-CVM services across both edge and cloud environments.