diff --git a/README.md b/README.md
index 4e4aca4f..d58d0a46 100644
--- a/README.md
+++ b/README.md
@@ -152,7 +152,10 @@ Occlum can be configured easily via a config file named `Occlum.json`, which is
         },
         {
             "target": "/tmp",
-            "type": "ramfs"
+            "type": "sefs",
+            "options": {
+                "temporary": true
+            }
         }
     ]
 }
diff --git a/deps/sefs b/deps/sefs
index fcb81443..f06c02df 160000
--- a/deps/sefs
+++ b/deps/sefs
@@ -1 +1 @@
-Subproject commit fcb81443be49344e26fc1017534f1a6eec397d49
+Subproject commit f06c02dfc5fa91cb9be7574f1882cdab863673f1
diff --git a/etc/template/Occlum.json b/etc/template/Occlum.json
index c22a2a66..919d17d2 100644
--- a/etc/template/Occlum.json
+++ b/etc/template/Occlum.json
@@ -54,7 +54,10 @@
         },
         {
             "target": "/tmp",
-            "type": "ramfs"
+            "type": "sefs",
+            "options": {
+                "temporary": true
+            }
         }
     ]
 }
diff --git a/src/libos/src/config.rs b/src/libos/src/config.rs
index 83ecd9b4..0dd92a33 100644
--- a/src/libos/src/config.rs
+++ b/src/libos/src/config.rs
@@ -131,6 +131,7 @@ pub struct ConfigMountOptions {
     pub integrity_only: bool,
     pub mac: Option<sgx_aes_gcm_128bit_tag_t>,
     pub layers: Option<Vec<ConfigMount>>,
+    pub temporary: bool,
 }
 
 impl Config {
@@ -249,6 +250,7 @@ impl ConfigMountOptions {
             integrity_only,
             mac,
             layers,
+            temporary: input.temporary,
         })
     }
 }
@@ -385,4 +387,6 @@ struct InputConfigMountOptions {
     pub mac: Option<String>,
     #[serde(default)]
     pub layers: Option<Vec<InputConfigMount>>,
+    #[serde(default)]
+    pub temporary: bool,
 }
diff --git a/src/libos/src/fs/rootfs.rs b/src/libos/src/fs/rootfs.rs
index 0da56a99..024b2e03 100644
--- a/src/libos/src/fs/rootfs.rs
+++ b/src/libos/src/fs/rootfs.rs
@@ -111,20 +111,28 @@ fn mount_nonroot_fs_according_to(mount_config: &Vec<ConfigMount>, root: &MNode)
                     return_errno!(EINVAL, "Source is expected for SEFS");
                 }
                 let source_path = mc.source.as_ref().unwrap();
-                let sefs = {
-                    SEFS::open(
-                        Box::new(SgxStorage::new(source_path, false, None)),
-                        &time::OcclumTimeProvider,
-                        &SgxUuidProvider,
-                    )
-                }
-                .or_else(|_| {
+                let sefs = if !mc.options.temporary {
+                    {
+                        SEFS::open(
+                            Box::new(SgxStorage::new(source_path, false, None)),
+                            &time::OcclumTimeProvider,
+                            &SgxUuidProvider,
+                        )
+                    }
+                    .or_else(|_| {
+                        SEFS::create(
+                            Box::new(SgxStorage::new(source_path, false, None)),
+                            &time::OcclumTimeProvider,
+                            &SgxUuidProvider,
+                        )
+                    })?
+                } else {
                     SEFS::create(
                         Box::new(SgxStorage::new(source_path, false, None)),
                         &time::OcclumTimeProvider,
                         &SgxUuidProvider,
-                    )
-                })?;
+                    )?
+                };
                 mount_fs_at(sefs, &root, target_dirname)?;
             }
             TYPE_HOSTFS => {
diff --git a/src/libos/src/fs/sefs/sgx_storage.rs b/src/libos/src/fs/sefs/sgx_storage.rs
index c872c74f..3132cfa6 100644
--- a/src/libos/src/fs/sefs/sgx_storage.rs
+++ b/src/libos/src/fs/sefs/sgx_storage.rs
@@ -8,6 +8,7 @@ use std::io::{Read, Seek, SeekFrom, Write};
 use std::path::{Path, PathBuf};
 use std::sgxfs::{remove, OpenOptions, SgxFile};
 use std::sync::{Arc, SgxMutex as Mutex};
+use std::untrusted::fs;
 
 pub struct SgxStorage {
     path: PathBuf,
@@ -157,6 +158,17 @@ impl Storage for SgxStorage {
     fn is_integrity_only(&self) -> bool {
         self.integrity_only
     }
+
+    fn clear(&self) -> DevResult<()> {
+        for child in fs::read_dir(&self.path).expect("faild to read dir") {
+            let child = child.expect("faild to get dir entry");
+            remove(&child.path()).expect("failed to remove SgxFile");
+        }
+        // clear cache
+        let mut caches = self.file_cache.lock().unwrap();
+        caches.clear();
+        Ok(())
+    }
 }
 
 #[derive(Clone)]
diff --git a/test/Occlum.json b/test/Occlum.json
index 46f24d65..b03975f2 100644
--- a/test/Occlum.json
+++ b/test/Occlum.json
@@ -57,7 +57,10 @@
         },
         {
             "target": "/tmp",
-            "type": "ramfs"
+            "type": "sefs",
+            "options": {
+                "temporary": true
+            }
         }
     ]
 }
diff --git a/tools/occlum b/tools/occlum
index 937acfea..34d46b57 100755
--- a/tools/occlum
+++ b/tools/occlum
@@ -236,6 +236,7 @@ cmd_build() {
     fi
 
     mkdir -p "$context_dir/run/mount/__ROOT"
+    mkdir -p "$context_dir/run/mount/tmp"
 
     ln -s $occlum_dir/build/bin/occlum_exec_client $context_dir/build/bin/occlum_exec_client
     ln -s $occlum_dir/build/bin/occlum_exec_server $context_dir/build/bin/occlum_exec_server
diff --git a/tools/occlum-gen-default-occlum-json b/tools/occlum-gen-default-occlum-json
index d5f172df..6ed7800d 100755
--- a/tools/occlum-gen-default-occlum-json
+++ b/tools/occlum-gen-default-occlum-json
@@ -44,7 +44,11 @@ cat <<EOF
         },
         {
             "target": "/tmp",
-            "type": "ramfs"
+            "type": "sefs",
+            "source": "$OCCLUM_INSTANCE_DIR/run/mount/tmp",
+            "options": {
+                "temporary": true
+            }
         }
     ],
     "env": $OCCLUM_CONF_ENV,