Note: Eleos: ExitLess OS Services for SGX Enclaves
Eleos increased I/O and memory intensive SGX program execution performance with In-enclave system calls and user-managed virtual memory.
Why
- Running I/O-intensive, memory-demanding server applications in en-claves leads to significant performance degradation.
- Main reason for the application slowdown with SGX is substantial load on the in-enclave system call and secure paging mechanisms.
- Other reason for slowdown:
- Thousands-of-cycles long SGX management instructions.
- Enclave exits cost too high due to associated TLB flushes and processor state pollution.
How
- Reduced cache pollution due to system calls -> Limiting the LLC space available to the RPC thread using the Cache Allocation Technology.
- Application-managed paging -> User-level library SUVM: per-enclave page table and page cache in EPC along with a secure backing store in host memory.
- Low-overhead software address translation -> Memory accesses via spointers resolve to the SUVM page cache or trigger a software page fault to a page in evicted pages.
- Graceful handling of multiple enclaves -> All enclaves share the same PRM, so SUVM coordinates the size of its page cache with the SGX driver to avoid thrashing when new enclave invocation.
- Optimized eviction and memory access policies -> Exposing SUVM management to the application.
- preventing write back of clean pages to the backing store.
- providing direct access to the backing store at sub-page granularity.
What
Eleos enabling exit-less system calls and exit-less paging in enclaves to tackle performance issues in SGX applications.
Some Details
- Analyze the operational overhead of the various components of the system before system design
- Evaluate end-to-end by two real server applications: memcached and face verification (Modify origin code).
- Evaluate the RPC and SUVM mechanisms on several microbenchmarks (Cost in different usage scenarios).
Note: Eleos: ExitLess OS Services for SGX Enclaves的更多相关文章
- Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves
PANOPLY provides middleware for SGX and Linux operating systems. What PANOPLY provides middleware fo ...
- Note: EnclaveDB: A Secure Database using SGX
EnclaveDB uses SGX security properties to secure database operations. Why The cloud database is cont ...
- Note: ENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution
ENDBOX enable secure networking by client-Side trusted execution. What ENDBOX is a scalable middlebo ...
- [EXP]Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://gith ...
- MPU/SoC/Application Processor/Embedded OS
Everything has its principles and mechanisms which are designed by its creator and followed by its u ...
- 10.python内置模块之os模块
os模块的作用:os 模块提供了非常丰富的方法用来处理文件和目录(管理和维护目录以及文件). os.path模块的作用:主要用于获取文件的属性(管理路径的(物理地址)). 小生总结了一些平时常用到的属 ...
- oracle_hc.sql
select event,count(1) from gv$session group by event order by 2;exec dbms_workload_repository.create ...
- [转]The NTLM Authentication Protocol and Security Support Provider
本文转自:http://davenport.sourceforge.net/ntlm.html#ntlmHttpAuthentication The NTLM Authentication Proto ...
- at91 uart driver for vxworks
/* at91UART.c - AT91RM9200 serial driver */ /* Copyright 2003-2004 Coordinate Co., Ltd. */ /* Copyri ...
随机推荐
- 转战github了
现在已经改在github写博客了,地址为http://connorzhangxu.github.io/ 博客园用了几年,总体感觉不错,但是对公式的支持整体不是很好,所以后来自己搭建了github博客, ...
- .net Core 相关问题
1.Vs中注释生成xml文档文件 项目->属性->生成->输出->勾选“XML文档文件”->保存 就完成. 保存后出现没有勾选情况,直接用txt打开.csproj文件加 ...
- ES doc_values的来源,field data——就是doc->terms的正向索引啊,不过它是在查询阶段通过读取倒排索引loading segments放在内存而得到的?
Support in the Wild: My Biggest Elasticsearch Problem at Scale Java Heap Pressure Elasticsearch has ...
- 用JavaScript实现表单按回车自动提交
JavaScript实现表单form1按回车自动提交代码如下: <script type="text/javascript"> function submitMe() ...
- POJ2774Long Long Message (后缀数组&后缀自动机)
问题: The little cat is majoring in physics in the capital of Byterland. A piece of sad news comes to ...
- C#实现读写文本文件中的数据
[1]首先我们定义一段假数据,这里以一个string为例字 static void Main(string[] args) { string data = &quo ...
- Aravis 库编译方法
Aravis 库编译方法 March 21, 2015 9:40 PM 首先下载 aravis 库的源代码:aravis 库下载地址 这里我们使用的是 aravis_0_2_0,比较老的一个版本. 首 ...
- 标准模板库(STL)学习指南之List链表
本文转载自天极网,原文地址:http://www.yesky.com/255/1910755.shtml.转载请注明 什么是STL呢?STL就是Standard Template Library,标准 ...
- UML Design Via Visual Studio-Class Diagram
用过几个建模设计工具,小的有staruml,大的有rational rose,EA.最后发现还是Visual Studio建模比较舒服(个人观点,不要争论). 打算对自己经常用的几个建模图做一个介绍, ...
- BZOJ1150:[CTSC2007]数据备份
浅谈堆:https://www.cnblogs.com/AKMer/p/10284629.html 题目传送门:https://lydsy.com/JudgeOnline/problem.php?id ...