Intel SGX2’s Enclave Dynamic Memory Management (EDMM) reduces enclave launch time but incurs substantial execution overhead due to frequent page-table operations. This work identifies, for the first time, a previously overlooked performance bottleneck—costly page-table updates under the mutually untrusted OS–enclave model. We propose an adaptive memory management mechanism tailored for TEEs, implemented in Gramine LibOS, that jointly optimizes low-overhead page-mapping updates and strong security isolation. Key contributions include: (i) fine-grained mapping caching, (ii) delayed commit with batched TLB invalidation validation, and (iii) security-boundary-aware memory allocation. Experimental evaluation shows our mechanism eliminates up to 58% of EDMM’s execution-time overhead while preserving 28–93% of its launch-time speedup. Consequently, it significantly improves end-to-end performance and deployment flexibility in dynamic enclave scenarios.

The second version of Intel Software Guard Extensions (Intel SGX), or SGX2, adds dynamic management of enclave memory and threads. The first version required the address space and thread counts to be fixed before execution. The Enclave Dynamic Memory Management (EDMM) feature of SGX2 has the potential to lower launch times and overall execution time. Despite reducing the enclave loading time by 28--93%, straightforward EDMM adoption strategies actually slow execution time down by as much as 58%. Using the Gramine library OS as a representative enclave runtime environment, this paper shows how to recover EDMM performance. The paper explains how implementing mutual distrust between the OS and enclave increases the cost of modifying page mappings. The paper then describes and evaluates a series of optimizations on application benchmarks, showing that these optimizations effectively eliminate the overheads of EDMM while retaining EDMM's performance and flexibility gains.