DomainIsolation: Lightweight Intra-enclave Isolation for Confidential Virtual Machines

In recent years, there has been a rise in the use of confidential computing as a new computing paradigm that enables privacy-preserving computation on sensitive and regulated data. This approach relies heavily on hardware-based Trusted Execution Environments (TEE), which establish isolated regions for data processing within a protected CPU region. Currently, a variety of TEEs (such as p-enclave in HyperEnclave and AMD SEV) support privilege separation and running a fully-fledged operating system within the confidential Virtual Machines (VMs). However, running a fully-fledged operating system inevitably increases the trusted computing base (TCB), making it challenging to conduct security verification. To address the problem, this paper studies the cases when complex OS services (such as device drivers and networking etc.) are removed from the confidential VM, and presents DomainIsolation, a page table based lightweight and efficient isolation scheme. We show that DomainIsolation enhances both the security and performance of enclave applications through several case studies, including confinement for untrusted libraries, fine-grained data protection, and fast communication. We have integrated DomainIsolation with the Occlum library OS, Enarx and ported several real-world applications. The evaluations on common benchmarks and applications (such as NBench, Lighttpd, Redis and OpenSSL) show that DomainIsolation only introduces a low overhead (<2% in most cases).