Hardware extensions for confidential computing establish a strict trust boundary between a virtual machine and the host hypervisor. From the guest’s perspective, any interaction crossing this boundary must be treated as untrusted and potentially malicious. This places significant hardening demands on guest operating systems, especially around firmware interfaces, device drivers, and boot components.

This talk explores how COCONUT-SVSM can act as a trusted proxy between the hypervisor and the Linux guest, restoring trust in key firmware and memory-integrity interfaces. By offloading sensitive interactions to the SVSM, we can simplify guest OS hardening and provide a more secure boot process for confidential VMs.