eleos exit less os services for sgx enclaves
play

Eleos: Exit-Less OS Services for SGX Enclaves Meni Orenbach Marina - PowerPoint PPT Presentation

Eleos: Exit-Less OS Services for SGX Enclaves Meni Orenbach Marina Minkin Pavel Lifshits Mark Silberstein Accelerated Computing Systems Lab Haifa, Israel What do we do? Improve performance: I/O intensive & memory demanding SGX enclaves


  1. Eleos: Exit-Less OS Services for SGX Enclaves Meni Orenbach Marina Minkin Pavel Lifshits Mark Silberstein Accelerated Computing Systems Lab Haifa, Israel

  2. What do we do? Improve performance: I/O intensive & memory demanding SGX enclaves Why? Cost of SGX execution for these applications is high How? In-enclave System Calls & User Managed Virtual Memory Results Eleos vs vanilla SGX 2x Throughput: memcached & face verification servers Even for 5x available enclave memory Available for Linux, Windows* (*) Without Eleos, these applications crash in Windows enclaves 22 May@Systor' 2017 Meni Orenbach, Technion 2

  3. ● Background ● Motivation ● Overhead analysis ● Eleos design ● Evaluation 22 May@Systor' 2017 Meni Orenbach, Technion 3

  4. SGX enclaves are already here! ● Secured execution environment ● Reversed sandbox Application Enclave Enclave ● Small TCB ● Private code & data – Confidentiality Operating system – Integrity – Freshness ● Only CPU is trusted 22 May@Systor' 2017 Meni Orenbach, Technion 4

  5. SGX enclaves are already here! ● Secured execution environment ● Reversed sandbox Application Enclave Enclave ● Small TCB ● Private code & data – Confidentiality Operating system – Integrity – Freshness ● Only CPU is trusted 22 May@Systor' 2017 Meni Orenbach, Technion 5

  6. SGX enclaves are already here! ● Secured execution environment ● Reversed sandbox Application Enclave Enclave ● Small TCB ● Private code & data – Confidentiality Operating system – Integrity – Freshness ● Only CPU is trusted 22 May@Systor' 2017 Meni Orenbach, Technion 6

  7. SGX enclaves are already here! ● Secured execution environment ● Reversed sandbox Application Enclave Enclave ● Small TCB ● Private code & data – Confidentiality Operating system – Integrity – Freshness ● Only CPU is trusted 22 May@Systor' 2017 Meni Orenbach, Technion 7

  8. SGX enclaves are already here! ● Secured execution environment ● Reversed sandbox Application Enclave Enclave ● Small TCB ● Private code & data – Confidentiality Operating system – Integrity – Freshness ● Only CPU is trusted 22 May@Systor' 2017 Meni Orenbach, Technion 8

  9. SGX enclaves are already here! ● Secured execution environment ● Reversed sandbox Application Enclave Enclave ● Small TCB ● Private code & data – Confidentiality Operating system – Integrity – Freshness ● Only CPU is trusted Lets look at How to secure server applications with enclaves 22 May@Systor' 2017 Meni Orenbach, Technion 9

  10. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) 22 May@Systor' 2017 Meni Orenbach, Technion 10

  11. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Untrusted memory Unsecured access 22 May@Systor' 2017 Meni Orenbach, Technion 11

  12. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Untrusted memory Unsecured access Dedicated SGX mem Limited to: 128 MB Secured access 22 May@Systor' 2017 Meni Orenbach, Technion 12

  13. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host Wait for network app requests 22 May@Systor' 2017 Meni Orenbach, Technion 13

  14. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host Wait for network app requests 22 May@Systor' 2017 Meni Orenbach, Technion 14

  15. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host Enter Wait for network app enclave Decrypt requests requests 22 May@Systor' 2017 Meni Orenbach, Technion 15

  16. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host Enter Wait for network app enclave Decrypt requests requests Process requests 22 May@Systor' 2017 Meni Orenbach, Technion 16

  17. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host Enter Wait for network app enclave Decrypt requests requests Process requests Encrypt responses 22 May@Systor' 2017 Meni Orenbach, Technion 17

  18. Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host Enter Wait for network app enclave Decrypt requests requests Process requests Exit enclave Encrypt responses Send responses 22 May@Systor' 2017 Meni Orenbach, Technion 18

  19. SGX enclaves should be fast ● ISA extensions ● Implemented in HW & Firmware ● Same CPU HW ● In-cache execution suffers no overheads 22 May@Systor' 2017 Meni Orenbach, Technion 19

  20. SGX enclaves should be fast ● ISA extensions ● Implemented in HW & Firmware ● Same CPU HW ● In-cache execution suffers no overheads However... 22 May@Systor' 2017 Meni Orenbach, Technion 20

  21. Executing a Key-Value Store in enclave is slower 22 May@Systor' 2017 Meni Orenbach, Technion 21

  22. Executing a Key-Value Store in enclave is slower Throughput: Slowdown factor 40 35 34X 30 25 20 15 11X 10 5 0 64 MB 512 MB 22 May@Systor' 2017 Meni Orenbach, Technion 22 Memory footprint

  23. Executing a Key-Value Store in enclave is slower Throughput: Slowdown factor 40 35 34X Crashes 30 in Windows 25 20 15 11X 10 5 0 64 MB 512 MB 22 May@Systor' 2017 Meni Orenbach, Technion 23 Memory footprint

  24. ● Background ● Motivation ● Overhead analysis ● Eleos design ● Evaluation 22 May@Systor' 2017 Meni Orenbach, Technion 24

  25. Overhead analysis Untrusted (Host & OS) Trusted (Enclave) Host Enter app enclave Wait for network Decrypt requests requests 150 cycles/32B Process requests *100 cycles/32B Exit enclave Encrypt responses Send responses *150 cycles/32B 22 May@Systor' 2017 Meni Orenbach, Technion 25

  26. Overhead analysis Untrusted (Host & OS) Trusted (Enclave) Host Host Enter Enter app app enclave enclave Wait for network Decrypt requests ~3,300 requests 150 cycles/32B cycles Process requests *100 cycles/32B Exit Exit enclave enclave Encrypt responses Send responses *150 cycles/32B 22 May@Systor' 2017 Meni Orenbach, Technion 26

  27. Overhead analysis Untrusted (Host & OS) Trusted (Enclave) Host Host Enter Enter app app enclave enclave Wait for network Decrypt requests ~3,300 requests 150 cycles/32B cycles Process requests *100 cycles/32B Exit Exit enclave enclave Encrypt responses Send responses ~3,800 *150 cycles/32B cycles 22 May@Systor' 2017 Meni Orenbach, Technion 27

  28. Overhead analysis Untrusted (Host & OS) Trusted (Enclave) Host Host Enter Enter app app enclave enclave Wait for network Decrypt requests ~3,300 requests 150 cycles/32B cycles Exits causes indirect costs: Process requests 1.5X – 5X slower execution *100 cycles/32B FlexSC [OSDI'10] syscall analysis Exit Exit enclave enclave Encrypt responses Send responses ~3,800 *150 cycles/32B cycles 22 May@Systor' 2017 Meni Orenbach, Technion 28

  29. Overhead analysis Untrusted (Host & OS) Trusted (Enclave) Host Host Enter Enter app app enclave enclave Wait for network Decrypt requests ~3,300 requests 150 cycles/32B cycles Exits causes indirect costs: Process requests 1.5X – 5X slower execution *100 cycles/32B FlexSC [OSDI'10] syscall analysis Exit Exit enclave enclave Encrypt responses Send responses ~3,800 *150 cycles/32B cycles 22 May@Systor' 2017 Meni Orenbach, Technion 29

  30. Eleos does better! Throughput: Slowdown factor 40 SGX Eleos 35 30 25 20 5x 15 10 3.5x 5 0 64 MB 512 MB 22 May@Systor' 2017 Meni Orenbach, Technion 30 Memory footprint

  31. Eleos does better! Throughput: Slowdown factor 40 SGX Eleos 35 30 25 20 5x 15 10 3.5x 5 0 64 MB 512 MB How does Eleos achieve this? 22 May@Systor' 2017 Meni Orenbach, Technion 31 Memory footprint

  32. Eleos: Exit-less services Exit-less system calls with RPC infrastructure Exit-less SGX paging 22 May@Systor' 2017 Meni Orenbach, Technion 32

  33. Eleos: Exit-less services Exit-less system calls with RPC infrastructure Exit-less SGX paging 22 May@Systor' 2017 Meni Orenbach, Technion 33

  34. Background: SGX paging System mem SGX mem Dedicated memory Enclave code & data Limited to 128 MB 22 May@Systor' 2017 Meni Orenbach, Technion 34

  35. Background: SGX paging Enclave System mem Trusted secret_foo(): ... *p = 1; SGX mem Untrusted 22 May@Systor' 2017 Meni Orenbach, Technion 35

  36. Background: SGX paging Enclave System mem Trusted secret_foo(): ... *p = 1; SGX mem Hardware Address translation Untrusted 22 May@Systor' 2017 Meni Orenbach, Technion 36

  37. Background: SGX paging Enclave System mem Trusted secret_foo(): ... *p = 1; SGX mem Hardware Address translation Page table Encrypted Untrusted 22 May@Systor' 2017 Meni Orenbach, Technion 37

  38. Background: SGX paging Enclave System mem Trusted secret_foo(): ... *p = 1; SGX mem Hardware Address translation Page table Encrypted Untrusted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 38

  39. Background: SGX paging Enclave System mem Trusted secret_foo(): ... *p = 1; SGX mem Hardware Address translation Page table Fault Encrypted SGX-driver handler Untrusted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 39

Recommend


More recommend