Eleos increased I/O and memory intensive SGX program execution performance with In-enclave system calls and user-managed virtual memory.

Why

  • Running I/O-intensive, memory-demanding server applications in en-claves leads to significant performance degradation.
  • Main reason for the application slowdown with SGX is substantial load on the in-enclave system call and secure paging mechanisms.
  • Other reason for slowdown:
    • Thousands-of-cycles long SGX management instructions.
    • Enclave exits cost too high due to associated TLB flushes and processor state pollution.

How

  • Reduced cache pollution due to system calls -> Limiting the LLC space available to the RPC thread using the Cache Allocation Technology.
  • Application-managed paging -> User-level library SUVM: per-enclave page table and page cache in EPC along with a secure backing store in host memory.
  • Low-overhead software address translation -> Memory accesses via spointers resolve to the SUVM page cache or trigger a software page fault to a page in evicted pages.
  • Graceful handling of multiple enclaves -> All enclaves share the same PRM, so SUVM coordinates the size of its page cache with the SGX driver to avoid thrashing when new enclave invocation.
  • Optimized eviction and memory access policies -> Exposing SUVM management to the application.
    • preventing write back of clean pages to the backing store.
    • providing direct access to the backing store at sub-page granularity.

What

Eleos enabling exit-less system calls and exit-less paging in enclaves to tackle performance issues in SGX applications.

Some Details

  • Analyze the operational overhead of the various components of the system before system design
  • Evaluate end-to-end by two real server applications: memcached and face verification (Modify origin code).
  • Evaluate the RPC and SUVM mechanisms on several microbenchmarks (Cost in different usage scenarios).

Note: Eleos: ExitLess OS Services for SGX Enclaves的更多相关文章

  1. Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves

    PANOPLY provides middleware for SGX and Linux operating systems. What PANOPLY provides middleware fo ...

  2. Note: EnclaveDB: A Secure Database using SGX

    EnclaveDB uses SGX security properties to secure database operations. Why The cloud database is cont ...

  3. Note: ENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution

    ENDBOX enable secure networking by client-Side trusted execution. What ENDBOX is a scalable middlebo ...

  4. [EXP]Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)

    ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://gith ...

  5. MPU/SoC/Application Processor/Embedded OS

    Everything has its principles and mechanisms which are designed by its creator and followed by its u ...

  6. 10.python内置模块之os模块

    os模块的作用:os 模块提供了非常丰富的方法用来处理文件和目录(管理和维护目录以及文件). os.path模块的作用:主要用于获取文件的属性(管理路径的(物理地址)). 小生总结了一些平时常用到的属 ...

  7. oracle_hc.sql

    select event,count(1) from gv$session group by event order by 2;exec dbms_workload_repository.create ...

  8. [转]The NTLM Authentication Protocol and Security Support Provider

    本文转自:http://davenport.sourceforge.net/ntlm.html#ntlmHttpAuthentication The NTLM Authentication Proto ...

  9. at91 uart driver for vxworks

    /* at91UART.c - AT91RM9200 serial driver */ /* Copyright 2003-2004 Coordinate Co., Ltd. */ /* Copyri ...

随机推荐

  1. node 渲染html模板配置

    node 渲染html模板配置 安装swig模块 npm install swig--save - dev 加载swig模块 var swig = require('swig'); 模板配置 //第一 ...

  2. Tomcat_总结_02_单机多实例

    一.tomcat下载及环境变量配置 1.tomcat下载 下载地址:tomcat官网 2.环境变量配置 只用配置一个CATALINA_HOME就可以了 二.CATALINA_HOME 与 CATALI ...

  3. jquery 整理笔记(一)

    this:表示当前的上下文对象是一个html对象,可以调用html对象所拥有的属性,方法 $(this),代表的上下文对象是一个jquery的上下文对象,可以调用jquery的方法和属性值. each ...

  4. 将jsp页面内容保存到excel(转)

    在此,强调一下搜索时关键词的重要性,这样一下子可以定位到文章,否则处于盲人摸象,毫无目的尴尬境地.本篇就是通过export jsp to excel找到的. 原文地址:How to Export We ...

  5. 嵌套list的实例化

    在LeetCode上遇到这样返回值 public class Solution { public List<List<Integer>> levelOrder(TreeNode ...

  6. torch7 安装中Missing dependencies for nn:moses >= 1错误解决办法

    Torch7.0安装步骤(默认安装路径是在home下): git clone https://github.com/torch/distro.git ~/torch --recursive cd ~/ ...

  7. Convolutional Neural Networks for Visual Recognition 2

    Linear Classification 在上一讲里,我们介绍了图像分类问题以及一个简单的分类模型K-NN模型,我们已经知道K-NN的模型有几个严重的缺陷,第一就是要保存训练集里的所有样本,这个比较 ...

  8. 动作基类 CCAction

    CCAction动作基类关系 class CC_DLL CCAction : public CCObject { public: CCAction(void); virtual ~CCAction(v ...

  9. 洛谷【P1090】合并果子&&洛谷【P1334】瑞瑞的木板

    浅谈堆:https://www.cnblogs.com/AKMer/p/10284629.html 合并果子题目传送门:https://www.luogu.org/problemnew/show/P1 ...

  10. Poj 2136 Vertical Histogram(打印垂直直方图)

    一.Description Write a program to read four lines of upper case (i.e., all CAPITAL LETTERS) text inpu ...