面向SGX2代新型可信执行环境的内存优化系统  被引量：4

作　　者：李明煜 夏虞斌[1] 陈海波[1] LI Ming-Yu;XIA Yu-Bin;CHEN Hai-Bo(Institute of Parallel and Distributed Systems,School of Software,Shanghai Jiaotong University,Shanghai 200240,China)

机构地区：[1]上海交通大学软件学院并行与分布式系统研究所,上海200240

出　　处：《软件学报》2022年第6期2012-2029,共18页Journal of Software

基　　金：国家杰出青年科学基金(61925206);上海市“科技创新行动计划”(21511101502)。

摘　　要：可信执行环境(trusted execution environment, TEE)是一种应用于隐私计算保护场景的体系结构方案,能为涉及隐私相关的数据和代码提供机密性和完整性的保护,近年来成为机器学习隐私保护、加密数据库、区块链安全等场景的研究热点.主要讨论在新型可信硬件保护下的系统的性能问题:首先对新型可信硬件(IntelSGX2代)进行性能剖析,发现在配置大安全内存的前提下, Intel SGX1代旧有的换页开销不再成为主要矛盾.配置大容量安全内存引起了两个新的问题:首先,普通内存的可用范围被压缩,导致普通应用,尤其是大数据应用的换页开销加剧;其次,安全内存通常处于未被用满阶段,导致整体物理内存的利用率不高.针对以上问题,提出一种全新的轻量级代码迁移方案,将普通应用的代码动态迁入安全内存中,而数据保留在原地不动.迁移后的代码可使用安全内存,避免因磁盘换页导致的剧烈性能下降.实验结果表明:该方法可将普通应用因为磁盘换页导致的性能开销降低73.2%-98.7%,同时不影响安全应用的安全隔离和正常使用.Trusted execution environment(TEE) is an architectural solution for secure computing that requires confidentiality and integrity for private data and code. In recent years, TEE has become the research hotspot for machine learning privacy protection,encrypted database, blockchain security, etc. This study addresses the performance problem of the system under this new trusted hardware.The performance of the new trusted hardware, i.e., Intel SGX2, is analyzed. It is found that the paging overhead in SGX1 is no longer the main issue in SGX2 under the premise of configuring large secure memory. However, the setup of large secure memory leads to two new problems. First, the available range of normal memory is narrowed down, which increases the memory pressure of normal applications,especially big data applications. Second, secure memory is usually underutilized, resulting in low overall physical memory utilization. To solve the above issues, this study proposes a new lightweight code migration approach, which dynamically migrates the code of normal applications into secure memory, while leaving the data in place. The migrated code can use secure memory and avoid the drastic performance degradation caused by disk paging. Experimental results show that the proposed approach can reduce the runtime overhead of normal applications by 73.2% to 98.7% without affecting the isolation and the use of secure applications.

关 键 词：机密计算 可信执行环境 系统安全 性能优化 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]