Existing secure containers face a fundamental trade-off between isolation and performance, particularly under nested cloud environments and agent-based workloads, suffering from high user-kernel transition overhead and coarse-grained memory management. This work proposes a hardware-assisted lightweight runtime system that leverages Memory Protection Keys (MPK) to implement XGates, enabling efficient address space isolation between user and kernel modes within containers. Additionally, it introduces a Pager mechanism that proactively manages memory mappings based on allocation intent and processes batches of guest physical address (GPA) to host physical address (HPA) translations, thereby eliminating shadow page table overhead. Experimental results demonstrate that, compared to PVM and RunV, the proposed approach reduces latency by up to 79% on bare metal and 88% in nested virtualization settings, while achieving up to 35.6% lower memory footprint than HyperAlloc under agent workloads.

Secure containers isolate each container with its own kernel, mitigating shared-kernel attacks prevalent in traditional container systems. However, existing designs still face a fundamental isolation--performance trade-off. Nested-cloud deployments amplify the cost of VM exits and page-table management, while emerging agentic workloads expose bursty memory demand that requires fine-grained elasticity. We attribute this trade-off to two root causes. First, existing designs lack lightweight intra-container isolation primitives for frequent container user--kernel transitions. Second, the host treats container memory management as opaque, forcing reactive secondary faults and coarse-grained huge page mappings to amortize their cost. This paper presents ParaCell, a paravirtualized secure container runtime built on two insights. First, intra-address-space hardware protection primitives can provide lightweight intra-container isolation. ParaCell uses MPK-based XGates to isolate the container user and container kernel within a single address space, turning frequent user--kernel transitions into direct domain switches. Second, container kernel allocators already encode memory-management intent. ParaCell introduces Pager to interpose on allocation and free events, batch proactive GPA to HPA bindings and unbindings, and avoid reactive shadow page-table faults while preserving fine-grained memory elasticity. ParaCell is implemented as a drop-in replacement for RunV. Our experiments demonstrate that, across traditional cloud and emerging agent applications, ParaCell reduces latency by up to 57% and 79% over PVM, and by up to 33% and 88% over RunV, in bare-metal and nested setups, respectively. On agent workloads, ParaCell saves up to 35.6% memory compared with the state-of-the-art VM memory reclamation technique, HyperAlloc.