Modern operating systems use a monolithic kernel design, where the kernel has unrestricted access to the entire system, making it vulnerable to security threats due to bugs in software. To address this, Apple introduced the Secure Enclave in the iPhone 5s, running on a microkernel called SepOS for increased security. The Page Protection Layer in the iPhone 8 and iPhone X further enhanced security by isolating part of the kernel. The Secure Page Table Monitor introduced in the iPhone 13 improved upon this by dividing memory functions into subsystems. In 2024, Apple introduced Exclaves, isolated resources protected even if the kernel is compromised, using a Secure Kernel based on the seL4 kernel. This groundbreaking addition enhances XNU’s traditional monolithic kernel model, increasing security by isolating resources and services in unique domains.
https://randomaugustine.medium.com/on-apple-exclaves-d683a2c37194