Note: Eleos: ExitLess OS Services for SGX Enclaves
Eleos increased I/O and memory intensive SGX program execution performance with In-enclave system calls and user-managed virtual memory.
Why
- Running I/O-intensive, memory-demanding server applications in en-claves leads to significant performance degradation.
- Main reason for the application slowdown with SGX is substantial load on the in-enclave system call and secure paging mechanisms.
- Other reason for slowdown:
- Thousands-of-cycles long SGX management instructions.
- Enclave exits cost too high due to associated TLB flushes and processor state pollution.
How
- Reduced cache pollution due to system calls -> Limiting the LLC space available to the RPC thread using the Cache Allocation Technology.
- Application-managed paging -> User-level library SUVM: per-enclave page table and page cache in EPC along with a secure backing store in host memory.
- Low-overhead software address translation -> Memory accesses via spointers resolve to the SUVM page cache or trigger a software page fault to a page in evicted pages.
- Graceful handling of multiple enclaves -> All enclaves share the same PRM, so SUVM coordinates the size of its page cache with the SGX driver to avoid thrashing when new enclave invocation.
- Optimized eviction and memory access policies -> Exposing SUVM management to the application.
- preventing write back of clean pages to the backing store.
- providing direct access to the backing store at sub-page granularity.
What
Eleos enabling exit-less system calls and exit-less paging in enclaves to tackle performance issues in SGX applications.
Some Details
- Analyze the operational overhead of the various components of the system before system design
- Evaluate end-to-end by two real server applications: memcached and face verification (Modify origin code).
- Evaluate the RPC and SUVM mechanisms on several microbenchmarks (Cost in different usage scenarios).
Note: Eleos: ExitLess OS Services for SGX Enclaves的更多相关文章
- Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves
PANOPLY provides middleware for SGX and Linux operating systems. What PANOPLY provides middleware fo ...
- Note: EnclaveDB: A Secure Database using SGX
EnclaveDB uses SGX security properties to secure database operations. Why The cloud database is cont ...
- Note: ENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution
ENDBOX enable secure networking by client-Side trusted execution. What ENDBOX is a scalable middlebo ...
- [EXP]Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://gith ...
- MPU/SoC/Application Processor/Embedded OS
Everything has its principles and mechanisms which are designed by its creator and followed by its u ...
- 10.python内置模块之os模块
os模块的作用:os 模块提供了非常丰富的方法用来处理文件和目录(管理和维护目录以及文件). os.path模块的作用:主要用于获取文件的属性(管理路径的(物理地址)). 小生总结了一些平时常用到的属 ...
- oracle_hc.sql
select event,count(1) from gv$session group by event order by 2;exec dbms_workload_repository.create ...
- [转]The NTLM Authentication Protocol and Security Support Provider
本文转自:http://davenport.sourceforge.net/ntlm.html#ntlmHttpAuthentication The NTLM Authentication Proto ...
- at91 uart driver for vxworks
/* at91UART.c - AT91RM9200 serial driver */ /* Copyright 2003-2004 Coordinate Co., Ltd. */ /* Copyri ...
随机推荐
- java读取pdf文档
import java.io.*;import org.pdfbox.pdmodel.PDDocument;import org.pdfbox.pdfparser.PDFParser;import o ...
- ajax经典案例--省市联动
ajax的省市联动案例 如果我们的代码比较复杂,可以通过file_put_contents来输出信息到某个日志. 在一个元素中添加另一个元素使用的方法是:appendChild(). 函数append ...
- django1.8.3搭建博客——1
系统:elementary os python 2.7.6 django 1.8.3 1.安装django 先安装pip sudo apt-get install python3-pip 安装dj ...
- C++(二)— STL容器的基本用法
1.vector基本操作 关于vector简单的讲就是一个动态增长的数组,里面有一个指针指向一片连续的内存空间,当空间装不下的时候会自动申请一片更大的空间(空间配置器)将原来的数据拷贝到新的空间,然后 ...
- PL/SQL学习笔记_02_游标
在 PL/SQL 程序中,对于处理多行记录的事务经常使用游标来实现. 为了处理 SQL 语句, ORACLE 必须分配一片叫上下文( context area )的区域来处理所必需的信息,其中包括要处 ...
- bzoj1059ZJOI2017矩阵游戏
小Q是一个非常聪明的孩子,除了国际象棋,他还很喜欢玩一个电脑益智游戏——矩阵游戏.矩阵游戏在一个N *N黑白方阵进行(如同国际象棋一般,只是颜色是随意的).每次可以对该矩阵进行两种操作:行交换操作:选 ...
- C++ STL, next_permutation用法。
next_permutation 将按字母表顺序生成给定序列的下一个较大的序列,直到整个序列为 #include"iostream" #include"algorithm ...
- APIO2017 游记
参加了APIO的同学肯定知道我为什么只写标题不写内容. QAQ
- 51nod 1486 大大走格子——容斥
题目:http://www.51nod.com/onlineJudge/questionCode.html#!problemId=1486 已知起点到某个障碍点左上角的所有点的不经过障碍的方案数,枚举 ...
- DSP基础
CCS V5的使用 CCS安装与设置