Confidential virtual machines come with a great promise: strong isolation, integrity, and confidentiality, even against a malicious hypervisor. AMD SEV-SNP is a flagship example of this vision, aiming to deliver these guarantees without sacrificing cloud realities such as simultaneous multithreading (SMT).

This keynote revisits AMD SEV-SNP through the lens of its microarchitectural attack surface. We begin with CacheWarp, which showed how cache-management mechanisms can be repurposed into precise, software-only fault attacks that violate SEV-SNP’s integrity guarantees, and then highlight a recent architectural issue demonstrating that even the CPU frontend is part of the attack surface, where undocumented behavior allows a sibling hyperthread to deterministically influence guest state on fully patched Zen CPUs. Together, these examples show how easily integrity can be overlooked, despite being essential for confidentiality. Broadening the view, we draw on insights from SNPeek to show that even when integrity holds, microarchitectural side channels remain powerful enough to systematically measure and exploit information leakage in real-world workloads running inside confidential VMs. Overall, the talk argues that performance optimizations repeatedly cross abstraction boundaries, reintroducing shared state and visibility that threat models quietly exclude, and does so in a way that is concrete, occasionally uncomfortable, and hopefully entertaining.