In this paper, we revisit the library OS porting approach in a new setting---Intel SGX. We first quantitatively evaluate the performance impact of enclave transitions on SGX programs, identifying it as a performance bottleneck for any library OSes that aim to support system-intensive SGX applications. We then present the design and implementation of SGXKernel, an in-enclave library OS, with highlight on its switchless design, which obviates the needs for enclave transitions.The results show that SGXKernel significantly outperforms a state-of-the-art library OS that has been ported to SGX.
Authors: Hongliang Tian, Tsinghua University, Beijing, China and Intel; Yong Zhang, Tsinghua University, Beijing, China; Chunxiao Xing, Tsinghua University, Beijing, China and Research Institute of Information Technology, Tsinghua National Laboratory for Information Science and Technology, Tsinghua University; Shoumeng Yan, Intel Corporation
From the Computing Frontiers Conference, Siena, Italy, May 15-17, 2017