Decoupling Confidential VMs from the Hypervisor via Secure Domain Resource Management

The Confidential Virtual Machine (CVM) provides an isolation framework that enables cloud tenants to securely access cloud services, even when the hypervisor is untrusted or potentially compromised. However, the hypervisor can introduce attack primitives such as interrupt injection or abuse of address-space identifiers (ASID), since runtime resources remain under its control.

In this paper, we present a CVM framework that relocates runtime resource management into CVM domains. Specifically, each CVM is encapsulated within a secure domain with isolated resources and paired with a dedicated domain-visor, which manages the CVM’s resources and handles vmexit events. This approach enables fully independent runtime resource management, eliminating reliance on the hypervisor. To facilitate the domain management, we introduce a hardware Domain Switch Table to minimize the potential attack surface and performance overhead. We also design a CVM-aware interrupt controller to ensure that interrupts are isolated and directed to the appropriate CVM, preventing any cross-domain interference. We implement the prototype on an open-source RISC-V processor, and our evaluation shows that it runs the Linux kernel with only approximately 4% overhead compared to KVM, while mitigating eight known attack primitives against CVMs.