Eleos: Exit-Less OS Services for SGX Enclaves
|
|
- Brent Roberts
- 6 years ago
- Views:
Transcription
1 Eleos: Exit-Less OS Services for SGX Enclaves Meni Orenbach Marina Minkin Pavel Lifshits Mark Silberstein Accelerated Computing Systems Lab Haifa, Israel
2 What do we do? Improve performance: I/O intensive & memory demanding SGX enclaves Why? Cost of SGX execution for these applications is high How? In-enclave System Calls & User Managed Virtual Memory 2x Results Eleos vs vanilla SGX Throughput: memcached & face verification servers Even for 5x available enclave memory Available for Linux, Windows* (*) Without Eleos, these applications crash in Windows enclaves Meni Orenbach, Technion 2
3 Background Motivation Overhead analysis Eleos design Evaluation Meni Orenbach, Technion 3
4 SGX enclaves are already here! Secured execution environment Reversed sandbox Small TCB Application Enclave Enclave Private code & data Confidentiality Integrity Operating system Freshness Only CPU is trusted Meni Orenbach, Technion 4
5 SGX enclaves are already here! Secured execution environment Reversed sandbox Small TCB Application Enclave Enclave Private code & data Confidentiality Integrity Operating system Freshness Only CPU is trusted Meni Orenbach, Technion 5
6 SGX enclaves are already here! Secured execution environment Reversed sandbox Small TCB Application Enclave Enclave Private code & data Confidentiality Integrity Operating system Freshness Only CPU is trusted Meni Orenbach, Technion 6
7 SGX enclaves are already here! Secured execution environment Reversed sandbox Small TCB Application Enclave Enclave Private code & data Confidentiality Integrity Operating system Freshness Only CPU is trusted Meni Orenbach, Technion 7
8 SGX enclaves are already here! Secured execution environment Reversed sandbox Small TCB Application Enclave Enclave Private code & data Confidentiality Integrity Operating system Freshness Only CPU is trusted Meni Orenbach, Technion 8
9 SGX enclaves are already here! Secured execution environment Reversed sandbox Small TCB Application Enclave Enclave Private code & data Confidentiality Integrity Operating system Freshness Lets look at How to secure server applications with enclaves Only CPU is trusted Meni Orenbach, Technion 9
10 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) 22 May@Systor' 2017 Meni Orenbach, Technion 10
11 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Untrusted memory Unsecured access 22 May@Systor' 2017 Meni Orenbach, Technion 11
12 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Untrusted memory Unsecured access Dedicated SGX mem Limited to: 128 MB Secured access 22 May@Systor' 2017 Meni Orenbach, Technion 12
13 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host app Wait for network requests 22 May@Systor' 2017 Meni Orenbach, Technion 13
14 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host app Wait for network requests 22 May@Systor' 2017 Meni Orenbach, Technion 14
15 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host app Wait for network requests Enter enclave Decrypt requests 22 May@Systor' 2017 Meni Orenbach, Technion 15
16 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host app Wait for network requests Enter enclave Decrypt requests Process requests 22 May@Systor' 2017 Meni Orenbach, Technion 16
17 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host app Wait for network requests Enter enclave Decrypt requests Process requests Encrypt responses 22 May@Systor' 2017 Meni Orenbach, Technion 17
18 Background: Lifetime of a secured server Untrusted (Host & OS) Trusted (Enclave) Host app Wait for network requests Enter enclave Decrypt requests Process requests Send responses Exit enclave Encrypt responses 22 May@Systor' 2017 Meni Orenbach, Technion 18
19 SGX enclaves should be fast ISA extensions Implemented in HW & Firmware Same CPU HW In-cache execution suffers no overheads Meni Orenbach, Technion 19
20 SGX enclaves should be fast ISA extensions Implemented in HW & Firmware Same CPU HW In-cache execution suffers no overheads However Meni Orenbach, Technion 20
21 Executing a Key-Value Store in enclave is slower 22 May@Systor' 2017 Meni Orenbach, Technion 21
22 Executing a Key-Value Store in enclave is slower Throughput: Slowdown factor 34X 11X MB 512 MB 22 May@Systor' 2017 Meni Orenbach, Technion 22 Memory footprint
23 Executing a Key-Value Store in enclave is slower Throughput: Slowdown factor 11X Crashes in Windows 64 MB 512 MB 22 May@Systor' 2017 Meni Orenbach, Technion 23 Memory footprint 34X
24 Background Motivation Overhead analysis Eleos design Evaluation Meni Orenbach, Technion 24
25 Overhead analysis Host app Untrusted (Host & OS) Wait for network requests Enter enclave Trusted (Enclave) Decrypt requests 150 cycles/32b Process requests *100 cycles/32b Send responses Exit enclave Encrypt responses *150 cycles/32b Meni Orenbach, Technion 25
26 Overhead analysis Host app Untrusted (Host & OS) Wait for network requests Enter ~3,300 enclave cycles Trusted (Enclave) Decrypt requests 150 cycles/32b Process requests *100 cycles/32b Exit enclave Send responses Encrypt responses *150 cycles/32b Meni Orenbach, Technion 26
27 Overhead analysis Host app Untrusted (Host & OS) Wait for network requests Enter ~3,300 enclave cycles Trusted (Enclave) Decrypt requests 150 cycles/32b Process requests *100 cycles/32b Send responses Exit enclave ~3,800 cycles Encrypt responses *150 cycles/32b Meni Orenbach, Technion 27
28 Overhead analysis Host app Untrusted (Host & OS) Wait for network requests Enter ~3,300 enclave cycles Trusted (Enclave) Decrypt requests 150 cycles/32b Exits causes indirect costs: 1.5X 5X slower execution FlexSC [OSDI'10] syscall analysis Send responses Exit enclave ~3,800 cycles Process requests *100 cycles/32b Encrypt responses *150 cycles/32b Meni Orenbach, Technion 28
29 Overhead analysis Host app Untrusted (Host & OS) Wait for network requests Enter ~3,300 enclave cycles Trusted (Enclave) Decrypt requests 150 cycles/32b Exits causes indirect costs: 1.5X 5X slower execution FlexSC [OSDI'10] syscall analysis Send responses Exit enclave ~3,800 cycles Process requests *100 cycles/32b Encrypt responses *150 cycles/32b Meni Orenbach, Technion 29
30 Eleos does better! Throughput: Slowdown factor SGX Eleos 5x 3.5x 0 64 MB 512 MB 22 May@Systor' 2017 Meni Orenbach, Technion 30 Memory footprint
31 Eleos does better! Throughput: Slowdown factor SGX Eleos 5x 3.5x 64 MB 512 MB How does Eleos achieve this? 22 May@Systor' 2017 Meni Orenbach, Technion 31 Memory footprint
32 Eleos: Exit-less services Exit-less system calls with RPC infrastructure Exit-less SGX paging Meni Orenbach, Technion 32
33 Eleos: Exit-less services Exit-less system calls with RPC infrastructure Exit-less SGX paging Meni Orenbach, Technion 33
34 Background: SGX paging System mem SGX mem Dedicated memory Enclave code & data Limited to 128 MB Meni Orenbach, Technion 34
35 Background: SGX paging Enclave Trusted System mem secret_foo():... *p = 1; SGX mem Untrusted 22 May@Systor' 2017 Meni Orenbach, Technion 35
36 Background: SGX paging Enclave Trusted System mem secret_foo():... *p = 1; SGX mem Hardware Address translation Untrusted 22 May@Systor' 2017 Meni Orenbach, Technion 36
37 Background: SGX paging Enclave Trusted secret_foo():... *p = 1; Hardware Address translation System mem SGX mem Page table Untrusted Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 37
38 Background: SGX paging Enclave Trusted secret_foo():... *p = 1; Hardware Address translation System mem SGX mem Page table Encrypted Untrusted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 38
39 Background: SGX paging Enclave Trusted secret_foo():... *p = 1; Hardware Address translation System mem SGX mem Page table SGX-driver Untrusted Fault handler Encrypted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 39
40 Background: SGX paging Enclave Trusted secret_foo():... *p = 1; Hardware Address translation System mem SGX mem Decrypted Page table Integrity validation SGX-driver Untrusted Fault handler Encrypted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 40
41 Background: SGX paging Enclave Trusted secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Decrypted Page table SGX driver Untrusted Fault handler Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 41
42 Background: SGX paging Enclave Trusted secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Decrypted Fast path Page table SGX driver Untrusted Fault handler Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 42
43 Background: SGX paging Enclave Trusted Fast path secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation Page table System mem SGX mem Decrypted SGX driver Untrusted Fault handler Encrypted Since SGX memory is small paging is not as rare as in native applications What are the overheads? 22 May@Systor' 2017 Meni Orenbach, Technion 43
44 Background: SGX paging Enclave Trusted secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Decrypted Page table SGX driver Untrusted Fault handler Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 44
45 SGX paging overheads Enclave Trusted secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Decrypted Enclave exit SGX driver Untrusted Page table Fault handler Enclave resume Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 45
46 SGX paging overheads Enclave Trusted Indirect costs secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Decrypted Enclave exit SGX driver Untrusted Page table Fault handler Enclave resume Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 46
47 SGX paging overheads Enclave Trusted Indirect costs secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Decrypted Enclave exit Page table Fault handler SGX driver Untrusted Overaheads: Untrusted software manages enclave memory Enclave resume Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 47
48 SGX paging overheads Enclave Trusted Indirect costs secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Decrypted Enclave exit Page table Fault handler SGX driver Untrusted Overaheads: Untrusted software manages enclave memory Enclave resume Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 48
49 Wanted: In-enclave virtual memory management No more exits! Meni Orenbach, Technion 49
50 Ideal in-enclave VM management Enclave Trusted secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Page table SGX driver Untrusted Fault handler 22 May@Systor' 2017 Meni Orenbach, Technion 50
51 Ideal in-enclave VM management Enclave Trusted secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation System mem SGX mem Page table Fault handler 22 May@Systor' 2017 Meni Orenbach, Technion 51
52 Ideal in-enclave VM management Enclave Trusted No available hardware secret_foo():... *p = 1; *(++p) = 2; Hardware Address translation Page table System mem SGX mem Fault handler 22 May@Systor' 2017 Meni Orenbach, Technion 52
53 Ideal in-enclave VM management Enclave Trusted secret_foo():... *p = 1; *(++p) = 2; Hardware Software Address translation System mem SGX mem Page table Fault handler 22 May@Systor' 2017 Meni Orenbach, Technion 53
54 SUVM: Secured user-space VM Enclave Trusted secret_foo(): s_ptr<int> p = System mem suvm_malloc(1024);... *p = 1; SGX mem Software Address translation Page table Fault handler 22 May@Systor' 2017 Meni Orenbach, Technion 54
55 SUVM: Secured user-space VM Enclave Trusted secret_foo(): s_ptr<int> p = System mem suvm_malloc(1024);... *p = 1; SGX mem Software Address translation Template class: SecuredPointer. Page table Fault handler 22 May@Systor' 2017 Meni Orenbach, Technion 55
56 SUVM: Secured user-space VM Enclave Trusted Template class: SecuredPointer. secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; Software Address translation Page table System mem SGX mem Fault handler Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 56
57 SUVM: Secured user-space VM Enclave Trusted Template class: SecuredPointer. secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; Software Address translation Page table System mem SGX mem Fault handler Encrypted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 57
58 SUVM: Secured user-space VM Enclave Trusted Template class: SecuredPointer. secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; Software Address translation Page table System mem SGX mem Fault handler Encrypted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 58
59 SUVM: Secured user-space VM Enclave Trusted secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; Software Address translation System mem SGX mem Decrypted Template class: SecuredPointer. Page table Integrity validation Fault handler Encrypted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 59
60 SUVM: Secured user-space VM Enclave Trusted secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; Software Address translation System mem SGX mem Decrypted Template class: SecuredPointer. Page table Integrity validation Control path in-enclave Fault handler Encrypted Swapped-out 22 May@Systor' 2017 Meni Orenbach, Technion 60
61 SUVM: Secured user-space VM Enclave Trusted secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; *(++p) = 2; Software Address translation System mem SGX mem Decrypted Page table Fault handler Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 61
62 SUVM: Secured user-space VM Enclave Trusted secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; *(++p) = 2; Software Address translation System mem SGX mem Decrypted Page table Fault handler Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 62
63 SUVM: Secured user-space VM Enclave Trusted secret_foo(): s_ptr<int> p = suvm_malloc(1024);... *p = 1; *(++p) = 2; Software Address translation System mem SGX mem Decrypted Fast path No page table Lookup! Page table Fault handler Encrypted 22 May@Systor' 2017 Meni Orenbach, Technion 63
64 Wait...Software based VM management? Based on software address translation on GPUs, ActivePointers [ISCA'2016] Meni Orenbach, Technion 64
65 SUVM key contributions Multi-threaded Compared to SGX: Fast path: up to 20% overheads Slow path: Eliminates costs of exits 1 Thread 4 Threads READ 5.5x 7x WRITE 3.5x 5.9x Throughput speedup 22 May@Systor' 2017 Meni Orenbach, Technion 65
66 Software address translation offers new optimizations Customized page size Customized eviction policy Multi-enclave memory coordination Write-back only dirty pages Sub-page direct access to backing store Meni Orenbach, Technion 66
67 Software address translation offers new optimizations Customized page size Customized eviction policy Virtual Machine ballooning Multi-enclave memory coordination Write-back only dirty pages Sub-page direct access to backing store Meni Orenbach, Technion 67
68 Software address translation offers new optimizations Customized page size Customized eviction policy Virtual Machine ballooning Multi-enclave memory coordination Write-back only dirty pages Sub-page direct access to backing store Meni Orenbach, Technion 68
69 Background Motivation Overhead analysis Eleos design Evaluation Meni Orenbach, Technion 69
70 Biometric Identity checking server Workload generator Face verification server + ID 10Gb NIC 22 May@Systor' 2017 Meni Orenbach, Technion 70? = 450MB DB (5X SGX mem)
71 Biometric Identity validating server Speedup compared to vanilla SGX Eleos Native May@Systor' 2017 Meni Orenbach, Technion 71 Server threads
72 Biometric Identity validating server Speedup compared to vanilla SGX Eleos Native May@Systor' 2017 Meni Orenbach, Technion 72 Server threads
73 Biometric Identity validating server Speedup compared to vanilla SGX Eleos Native Eleos scales better than vanilla-sgx: Saves inter-processor-interrupts May@Systor' 2017 Meni Orenbach, Technion 73 Server threads
74 Biometric Identity validating server Speedup compared to vanilla SGX Eleos Native Eleos scales better than vanilla-sgx: Saves inter-processor-interrupts May@Systor' 2017 Meni Orenbach, Technion 74 Server threads Saturate 10Gb network
75 Memcached Workload Generator (memaslap) Memcached Graphene LibOS [Eurosys'2014] 10Gb NIC GET( ) ~75 LOC modification for SUVM 500MB DB (5.5X SGX mem) 22 May@Systor' 2017 Meni Orenbach, Technion 75
76 Memcached 3 Speedup compared to vanilla SGX (500 MB) Eleos (500MB DB) vanilla SGX (20MB DB) No SGX Faults No SGX Faults 0 1 Thread 4 Threads 22 May@Systor' 2017 Meni Orenbach, Technion 76 Server threads
77 Memcached 3 Speedup compared to vanilla SGX (500 MB) Eleos (500MB DB) vanilla SGX (20MB DB) No SGX Faults No SGX Faults 0 1 Thread 4 Threads Disclaimer: Eleos+Graphene is 3x slower than native Server threads 22 May@Systor' 2017 Meni Orenbach, Technion 77
78 Take aways Eleos eliminates enclave exits costs Eleos available for Windows and Linux Makes memory demanding applications available on Windows today Eleos takes a modularize approach Memory demanding app? Link to SUVM I/O intensive app? Link to RPC Maintaining small TCB 22 May@Systor' 2017 Meni Orenbach, Technion 78
79 Traditional SGX: Host-centric OS services Enclave Operating System Meni Orenbach, Technion 79
80 Traditional SGX: Host-centric OS services Enclave Get data Operating System Meni Orenbach, Technion 80
81 Traditional SGX: Host-centric OS services Enclave Get data Data Unavailable Operating System Meni Orenbach, Technion 81
82 Traditional SGX: Host-centric OS services Enclave Get data Data Unavailable Fetch data Operating System Meni Orenbach, Technion 82
83 Traditional SGX: Host-centric OS services Enclave Get data Data Unavailable Fetch data Operating System Meni Orenbach, Technion 83
84 Eleos Insight: Enclave-centric OS services Enclave Get data Fetch data In-enclave Services Meni Orenbach, Technion 84
85 Take aways (2) Eleos adapts 'accelerator-centric management' System calls: GPUfs [ASPLOS'13], GPUnet [OSDI'14] Virtual memory: ActivePointers [ISCA'16] We can do more! Asynchronous DMA host copies Non-blocking enclave launches More information at: SGX Enclaves as Accelerators" [Systex'16] Meni Orenbach, Technion 85
86 Thank you Code is available at: Meni Orenbach, Technion 86
87 Backup slides Meni Orenbach, Technion 87
Graphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij
Graphene-SGX A Practical Library OS for Unmodified Applications on SGX Chia-Che Tsai Donald E. Porter Mona Vij Intel SGX: Trusted Execution on Untrusted Hosts Processing Sensitive Data (Ex: Medical Records)
More informationSCONE: Secure Linux Container Environments with Intel SGX
SCONE: Secure Linux Container Environments with Intel SGX S. Arnautov, B. Trach, F. Gregor, Thomas Knauth, and A. Martin, Technische Universität Dresden; C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe,
More informationKomodo: Using Verification to Disentangle Secure-Enclave Hardware from Software
Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, Bryan Parno* Microsoft Research, Cornell University, Carnegie Mellon
More informationAccelerator-centric operating systems
Accelerator-centric operating systems Rethinking the role of s in modern computers Mark Silberstein EE, Technion System design challenge: Programmability and Performance 2 System design challenge: Programmability
More informationA Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
More informationGeneric System Calls for GPUs
Generic System Calls for GPUs Ján Veselý*, Arkaprava Basu, Abhishek Bhattacharjee*, Gabriel H. Loh, Mark Oskin, Steven K. Reinhardt *Rutgers University, Indian Institute of Science, Advanced Micro Devices
More informationIntroduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017
Introduction to SGX (Software Guard Extensions) and SGX Virtualization Kai Huang, Jun Nakajima (Speaker) July 12, 2017 1 INTEL RESTRICTED SECRET Agenda SGX Introduction Xen SGX Virtualization Support Backup
More informationGPUfs: Integrating a file system with GPUs
ASPLOS 2013 GPUfs: Integrating a file system with GPUs Mark Silberstein (UT Austin/Technion) Bryan Ford (Yale), Idit Keidar (Technion) Emmett Witchel (UT Austin) 1 Traditional System Architecture Applications
More informationreferences Virtualization services Topics Virtualization
references Virtualization services Virtual machines Intel Virtualization technology IEEE xplorer, May 2005 Comparison of software and hardware techniques for x86 virtualization ASPLOS 2006 Memory resource
More informationObliviate: A Data Oblivious File System for Intel SGX. Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee
Obliviate: A Data Oblivious File System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1 Clouds? The Ultimate Dream? User Clouds 2 Clouds? The Ultimate Dream? User Clouds
More informationThe Performance of µ-kernel-based Systems
Liedtke et al. presented by: Ryan O Connor October 7 th, 2009 Motivation By this time (1997) the OS research community had virtually abandoned research on pure µ-kernels. due primarily
More informationCSE 120 Principles of Operating Systems
CSE 120 Principles of Operating Systems Spring 2018 Lecture 10: Paging Geoffrey M. Voelker Lecture Overview Today we ll cover more paging mechanisms: Optimizations Managing page tables (space) Efficient
More informationGPUfs: Integrating a file system with GPUs
GPUfs: Integrating a file system with GPUs Mark Silberstein (UT Austin/Technion) Bryan Ford (Yale), Idit Keidar (Technion) Emmett Witchel (UT Austin) 1 Traditional System Architecture Applications OS CPU
More informationVirtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. November 15, MIT Fall 2018 L20-1
Virtual Memory Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. L20-1 Reminder: Operating Systems Goals of OS: Protection and privacy: Processes cannot access each other s data Abstraction:
More informationCS 318 Principles of Operating Systems
CS 318 Principles of Operating Systems Fall 2018 Lecture 10: Virtual Memory II Ryan Huang Slides adapted from Geoff Voelker s lectures Administrivia Next Tuesday project hacking day No class My office
More informationCSE 120 Principles of Operating Systems Spring 2017
CSE 120 Principles of Operating Systems Spring 2017 Lecture 12: Paging Lecture Overview Today we ll cover more paging mechanisms: Optimizations Managing page tables (space) Efficient translations (TLBs)
More informationINTERFERENCE FROM GPU SYSTEM SERVICE REQUESTS
INTERFERENCE FROM GPU SYSTEM SERVICE REQUESTS ARKAPRAVA BASU, JOSEPH L. GREATHOUSE, GURU VENKATARAMANI, JÁN VESELÝ AMD RESEARCH, ADVANCED MICRO DEVICES, INC. MODERN SYSTEMS ARE POWERED BY HETEROGENEITY
More informationFlexSC. Flexible System Call Scheduling with Exception-Less System Calls. Livio Soares and Michael Stumm. University of Toronto
FlexSC Flexible System Call Scheduling with Exception-Less System Calls Livio Soares and Michael Stumm University of Toronto Motivation The synchronous system call interface is a legacy from the single
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ slide 1 X. Chen, T, Garfinkel, E. Lewis, P. Subrahmanyam, C. Waldspurger, D. Boneh, J. Dwoskin,
More informationVirtual Memory. Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. April 12, 2018 L16-1
Virtual Memory Daniel Sanchez Computer Science & Artificial Intelligence Lab M.I.T. L16-1 Reminder: Operating Systems Goals of OS: Protection and privacy: Processes cannot access each other s data Abstraction:
More informationRISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas
RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS
More informationA Few Problems with Physical Addressing. Virtual Memory Process Abstraction, Part 2: Private Address Space
Process Abstraction, Part : Private Motivation: why not direct physical memory access? Address translation with pages Optimizing translation: translation lookaside buffer Extra benefits: sharing and protection
More informationWORKLOAD CHARACTERIZATION OF INTERACTIVE CLOUD SERVICES BIG AND SMALL SERVER PLATFORMS
WORKLOAD CHARACTERIZATION OF INTERACTIVE CLOUD SERVICES ON BIG AND SMALL SERVER PLATFORMS Shuang Chen*, Shay Galon**, Christina Delimitrou*, Srilatha Manne**, and José Martínez* *Cornell University **Cavium
More informationCS 31: Intro to Systems Virtual Memory. Kevin Webb Swarthmore College November 15, 2018
CS 31: Intro to Systems Virtual Memory Kevin Webb Swarthmore College November 15, 2018 Reading Quiz Memory Abstraction goal: make every process think it has the same memory layout. MUCH simpler for compiler
More informationCSE 560 Computer Systems Architecture
This Unit: CSE 560 Computer Systems Architecture App App App System software Mem I/O The operating system () A super-application Hardware support for an Page tables and address translation s and hierarchy
More informationCIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
More informationVirtual Memory. Patterson & Hennessey Chapter 5 ELEC 5200/6200 1
Virtual Memory Patterson & Hennessey Chapter 5 ELEC 5200/6200 1 Virtual Memory Use main memory as a cache for secondary (disk) storage Managed jointly by CPU hardware and the operating system (OS) Programs
More informationIsoStack Highly Efficient Network Processing on Dedicated Cores
IsoStack Highly Efficient Network Processing on Dedicated Cores Leah Shalev Eran Borovik, Julian Satran, Muli Ben-Yehuda Outline Motivation IsoStack architecture Prototype TCP/IP over 10GE on a single
More informationVirtual Memory. Lecture for CPSC 5155 Edward Bosworth, Ph.D. Computer Science Department Columbus State University
Virtual Memory Lecture for CPSC 5155 Edward Bosworth, Ph.D. Computer Science Department Columbus State University Precise Definition of Virtual Memory Virtual memory is a mechanism for translating logical
More informationOS Agnostic Sandboxing Using Virtual CPUs
Berlin Institute of Technology FG Security in Telecommunications OS Agnostic Sandboxing Using Virtual CPUs Spring 6 - SIDAR Graduierten-Workshop über Reaktive Sicherheit Weiss Matthias Lange, March 21st,
More informationPractical Near-Data Processing for In-Memory Analytics Frameworks
Practical Near-Data Processing for In-Memory Analytics Frameworks Mingyu Gao, Grant Ayers, Christos Kozyrakis Stanford University http://mast.stanford.edu PACT Oct 19, 2015 Motivating Trends End of Dennard
More informationSGXBounds Memory Safety for Shielded Execution
SGXBounds Memory Safety for Shielded Execution Dmitrii Kuvaiskii, Oleksii Oleksenko, Sergei Arnautov, Bohdan Trach, Pramod Bhatotia *, Pascal Felber, Christof Fetzer TU Dresden, * The University of Edinburgh,
More informationVIRTUAL MEMORY II. Jo, Heeseung
VIRTUAL MEMORY II Jo, Heeseung TODAY'S TOPICS How to reduce the size of page tables? How to reduce the time for address translation? 2 PAGE TABLES Space overhead of page tables The size of the page table
More information14 May 2012 Virtual Memory. Definition: A process is an instance of a running program
Virtual Memory (VM) Overview and motivation VM as tool for caching VM as tool for memory management VM as tool for memory protection Address translation 4 May 22 Virtual Memory Processes Definition: A
More informationLITE Kernel RDMA. Support for Datacenter Applications. Shin-Yeh Tsai, Yiying Zhang
LITE Kernel RDMA Support for Datacenter Applications Shin-Yeh Tsai, Yiying Zhang Time 2 Berkeley Socket Userspace Kernel Hardware Time 1983 2 Berkeley Socket TCP Offload engine Arrakis & mtcp IX Userspace
More informationLast 2 Classes: Introduction to Operating Systems & C++ tutorial. Today: OS and Computer Architecture
Last 2 Classes: Introduction to Operating Systems & C++ tutorial User apps OS Virtual machine interface hardware physical machine interface An operating system is the interface between the user and the
More informationM 3 Microkernel-based System for Heterogeneous Manycores
M 3 Microkernel-based System for Heterogeneous Manycores Nils Asmussen MKC, 06/29/2017 1 / 48 Overall System Design Prototype Platforms Capabilities OS Services Context Switching Evaluation Heterogeneous
More informationAdvanced Systems Security: Virtual Machine Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationTradeoffs in Transactional Memory Virtualization
Tradeoffs in Transactional Memory Virtualization JaeWoong Chung Chi Cao Minh, Austen McDonald, Travis Skare, Hassan Chafi,, Brian D. Carlstrom, Christos Kozyrakis, Kunle Olukotun Computer Systems Lab Stanford
More informationRacing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. CS 563 Young Li 10/31/18
Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races CS 563 Young Li 10/31/18 Intel Software Guard extensions (SGX) and Hyper-Threading What is Intel SGX? Set of
More informationSugar: Secure GPU Acceleration in Web Browsers
Sugar: Secure GPU Acceleration in Web Browsers Zhihao Yao, Zongheng Ma, Yingtong Liu, Ardalan Amiri Sani, Aparna Chandramowlishwaran Trustworthy Systems Lab, UC Irvine 1 WebGL was released in 2011 2 Source:
More informationCSE 120 Principles of Operating Systems
CSE 120 Principles of Operating Systems Spring 2018 Lecture 16: Virtual Machine Monitors Geoffrey M. Voelker Virtual Machine Monitors 2 Virtual Machine Monitors Virtual Machine Monitors (VMMs) are a hot
More informationIX: A Protected Dataplane Operating System for High Throughput and Low Latency
IX: A Protected Dataplane Operating System for High Throughput and Low Latency Belay, A. et al. Proc. of the 11th USENIX Symp. on OSDI, pp. 49-65, 2014. Reviewed by Chun-Yu and Xinghao Li Summary In this
More informationException-Less System Calls for Event-Driven Servers
Exception-Less System Calls for Event-Driven Servers Livio Soares and Michael Stumm University of Toronto Talk overview At OSDI'10: exception-less system calls Technique targeted at highly threaded servers
More informationTolerating Malicious Drivers in Linux. Silas Boyd-Wickizer and Nickolai Zeldovich
XXX Tolerating Malicious Drivers in Linux Silas Boyd-Wickizer and Nickolai Zeldovich How could a device driver be malicious? Today's device drivers are highly privileged Write kernel memory, allocate memory,...
More informationTopic 18: Virtual Memory
Topic 18: Virtual Memory COS / ELE 375 Computer Architecture and Organization Princeton University Fall 2015 Prof. David August 1 Virtual Memory Any time you see virtual, think using a level of indirection
More informationOperating Systems CMPSCI 377 Spring Mark Corner University of Massachusetts Amherst
Operating Systems CMPSCI 377 Spring 2017 Mark Corner University of Massachusetts Amherst Last Class: Intro to OS An operating system is the interface between the user and the architecture. User-level Applications
More informationInitial Evaluation of a User-Level Device Driver Framework
Initial Evaluation of a User-Level Device Driver Framework Stefan Götz Karlsruhe University Germany sgoetz@ira.uka.de Kevin Elphinstone National ICT Australia University of New South Wales kevine@cse.unsw.edu.au
More informationComputer Architecture. Lecture 8: Virtual Memory
Computer Architecture Lecture 8: Virtual Memory Dr. Ahmed Sallam Suez Canal University Spring 2015 Based on original slides by Prof. Onur Mutlu Memory (Programmer s View) 2 Ideal Memory Zero access time
More informationFlicker: An Execution Infrastructure for TCB Minimization
Flicker: An Execution Infrastructure for TCB Minimization Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Hiroshi Isozaki (EuroSys 08) Presented by: Tianyuan Liu Oct 31, 2017 Outline Motivation
More informationPAC094 Performance Tips for New Features in Workstation 5. Anne Holler Irfan Ahmad Aravind Pavuluri
PAC094 Performance Tips for New Features in Workstation 5 Anne Holler Irfan Ahmad Aravind Pavuluri Overview of Talk Virtual machine teams 64-bit guests SMP guests e1000 NIC support Fast snapshots Virtual
More informationCS 153 Design of Operating Systems Winter 2016
CS 153 Design of Operating Systems Winter 2016 Lecture 16: Memory Management and Paging Announcement Homework 2 is out To be posted on ilearn today Due in a week (the end of Feb 19 th ). 2 Recap: Fixed
More informationCOMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy
COMPUTER ARCHITECTURE Virtualization and Memory Hierarchy 2 Contents Virtual memory. Policies and strategies. Page tables. Virtual machines. Requirements of virtual machines and ISA support. Virtual machines:
More informationI/O Systems. Amir H. Payberah. Amirkabir University of Technology (Tehran Polytechnic)
I/O Systems Amir H. Payberah amir@sics.se Amirkabir University of Technology (Tehran Polytechnic) Amir H. Payberah (Tehran Polytechnic) I/O Systems 1393/9/15 1 / 57 Motivation Amir H. Payberah (Tehran
More informationSanctum: Minimal HW Extensions for Strong SW Isolation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7a Sanctum: Minimal HW Extensions for Strong SW Isolation Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical &
More informationCS533 Concepts of Operating Systems. Jonathan Walpole
CS533 Concepts of Operating Systems Jonathan Walpole Improving IPC by Kernel Design & The Performance of Micro- Kernel Based Systems The IPC Dilemma IPC is very import in µ-kernel design - Increases modularity,
More informationCIS Operating Systems Memory Management Cache and Demand Paging. Professor Qiang Zeng Spring 2018
CIS 3207 - Operating Systems Memory Management Cache and Demand Paging Professor Qiang Zeng Spring 2018 Process switch Upon process switch what is updated in order to assist address translation? Contiguous
More informationMegaPipe: A New Programming Interface for Scalable Network I/O
MegaPipe: A New Programming Interface for Scalable Network I/O Sangjin Han in collabora=on with Sco? Marshall Byung- Gon Chun Sylvia Ratnasamy University of California, Berkeley Yahoo! Research tl;dr?
More informationAccelerating Pointer Chasing in 3D-Stacked Memory: Challenges, Mechanisms, Evaluation Kevin Hsieh
Accelerating Pointer Chasing in 3D-Stacked : Challenges, Mechanisms, Evaluation Kevin Hsieh Samira Khan, Nandita Vijaykumar, Kevin K. Chang, Amirali Boroumand, Saugata Ghose, Onur Mutlu Executive Summary
More informationECE 550D Fundamentals of Computer Systems and Engineering. Fall 2017
ECE 550D Fundamentals of Computer Systems and Engineering Fall 2017 The Operating System (OS) Prof. John Board Duke University Slides are derived from work by Profs. Tyler Bletsch and Andrew Hilton (Duke)
More informationIntel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
More informationSolros: A Data-Centric Operating System Architecture for Heterogeneous Computing
Solros: A Data-Centric Operating System Architecture for Heterogeneous Computing Changwoo Min, Woonhak Kang, Mohan Kumar, Sanidhya Kashyap, Steffen Maass, Heeseung Jo, Taesoo Kim Virginia Tech, ebay, Georgia
More informationRyoan: A Distributed Sandbox for Untrusted Computation on Secret Data
Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data Tyler Hunt, Zhiting Zhu, Yuanzhong Xu, Simon Peter, and Emmett Witchel University of Texas at Austin OSDI 2016 Presented by John Alsop
More informationGPUfs: Integrating a file system with GPUs
GPUfs: Integrating a file system with GPUs Mark Silberstein (UT Austin/Technion) Bryan Ford (Yale), Idit Keidar (Technion) Emmett Witchel (UT Austin) 1 Building systems with GPUs is hard. Why? 2 Goal of
More informationKVM CPU MODEL IN SYSCALL EMULATION MODE ALEXANDRU DUTU, JOHN SLICE JUNE 14, 2015
KVM CPU MODEL IN SYSCALL EMULATION MODE ALEXANDRU DUTU, JOHN SLICE JUNE 14, 2015 AGENDA Background & Motivation Challenges Native Page Tables Emulating the OS Kernel 2 KVM CPU MODEL IN SYSCALL EMULATION
More informationCIS Operating Systems Memory Management Cache. Professor Qiang Zeng Fall 2017
CIS 5512 - Operating Systems Memory Management Cache Professor Qiang Zeng Fall 2017 Previous class What is logical address? Who use it? Describes a location in the logical memory address space Compiler
More informationCSE 120 Principles of Operating Systems
CSE 120 Principles of Operating Systems Spring 2018 Lecture 15: Multicore Geoffrey M. Voelker Multicore Operating Systems We have generally discussed operating systems concepts independent of the number
More informationvirtual memory. March 23, Levels in Memory Hierarchy. DRAM vs. SRAM as a Cache. Page 1. Motivation #1: DRAM a Cache for Disk
5-23 March 23, 2 Topics Motivations for VM Address translation Accelerating address translation with TLBs Pentium II/III system Motivation #: DRAM a Cache for The full address space is quite large: 32-bit
More informationVirtual Machine Monitors (VMMs) are a hot topic in
CSE 120 Principles of Operating Systems Winter 2007 Lecture 16: Virtual Machine Monitors Keith Marzullo and Geoffrey M. Voelker Virtual Machine Monitors Virtual Machine Monitors (VMMs) are a hot topic
More informationVirtual Memory Oct. 29, 2002
5-23 The course that gives CMU its Zip! Virtual Memory Oct. 29, 22 Topics Motivations for VM Address translation Accelerating translation with TLBs class9.ppt Motivations for Virtual Memory Use Physical
More informationLeaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX W. Wang, G. Chen, X, Pan, Y. Zhang, XF. Wang, V. Bindschaedler, H. Tang, C. Gunter. September 19, 2017 Motivation Intel
More informationSWAP: EFFECTIVE FINE-GRAIN MANAGEMENT
: EFFECTIVE FINE-GRAIN MANAGEMENT OF SHARED LAST-LEVEL CACHES WITH MINIMUM HARDWARE SUPPORT Xiaodong Wang, Shuang Chen, Jeff Setter, and José F. Martínez Computer Systems Lab Cornell University Page 1
More informationOperating System: Chap13 I/O Systems. National Tsing-Hua University 2016, Fall Semester
Operating System: Chap13 I/O Systems National Tsing-Hua University 2016, Fall Semester Outline Overview I/O Hardware I/O Methods Kernel I/O Subsystem Performance Application Interface Operating System
More informationEFFICIENTLY ENABLING CONVENTIONAL BLOCK SIZES FOR VERY LARGE DIE- STACKED DRAM CACHES
EFFICIENTLY ENABLING CONVENTIONAL BLOCK SIZES FOR VERY LARGE DIE- STACKED DRAM CACHES MICRO 2011 @ Porte Alegre, Brazil Gabriel H. Loh [1] and Mark D. Hill [2][1] December 2011 [1] AMD Research [2] University
More informationCSE 451: Operating Systems Winter Page Table Management, TLBs and Other Pragmatics. Gary Kimura
CSE 451: Operating Systems Winter 2013 Page Table Management, TLBs and Other Pragmatics Gary Kimura Moving now from Hardware to how the OS manages memory Two main areas to discuss Page table management,
More informationAdvanced Systems Security: Virtual Machine Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationCS370 Operating Systems
CS370 Operating Systems Colorado State University Yashwant K Malaiya Spring 2018 Lecture 2 Slides based on Text by Silberschatz, Galvin, Gagne Various sources 1 1 2 What is an Operating System? What is
More informationVirtual Memory: From Address Translation to Demand Paging
Constructive Computer Architecture Virtual Memory: From Address Translation to Demand Paging Arvind Computer Science & Artificial Intelligence Lab. Massachusetts Institute of Technology November 9, 2015
More informationChapter 5 B. Large and Fast: Exploiting Memory Hierarchy
Chapter 5 B Large and Fast: Exploiting Memory Hierarchy Dependability 5.5 Dependable Memory Hierarchy Chapter 6 Storage and Other I/O Topics 2 Dependability Service accomplishment Service delivered as
More informationPAGE REPLACEMENT. Operating Systems 2015 Spring by Euiseong Seo
PAGE REPLACEMENT Operating Systems 2015 Spring by Euiseong Seo Today s Topics What if the physical memory becomes full? Page replacement algorithms How to manage memory among competing processes? Advanced
More informationMemory - Paging. Copyright : University of Illinois CS 241 Staff 1
Memory - Paging Copyright : University of Illinois CS 241 Staff 1 Physical Frame Allocation How do we allocate physical memory across multiple processes? What if Process A needs to evict a page from Process
More informationWhat s New in VMware vsphere 4.1 Performance. VMware vsphere 4.1
What s New in VMware vsphere 4.1 Performance VMware vsphere 4.1 T E C H N I C A L W H I T E P A P E R Table of Contents Scalability enhancements....................................................................
More informationVarys. Protecting SGX Enclaves From Practical Side-Channel Attacks. Oleksii Oleksenko, Bohdan Trach. Mark Silberstein
Varys Protecting SGX Enclaves From Practical Side-Channel Attacks Oleksii Oleksenko, Bohdan Trach Robert Krahn, Andre Martin, Christof Fetzer Mark Silberstein Key issue of the cloud: We cannot trust it
More informationFast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names
Fast access ===> use map to find object HW == SW ===> map is in HW or SW or combo Extend range ===> longer, hierarchical names How is map embodied: --- L1? --- Memory? The Environment ---- Long Latency
More informationComputer Architecture Background
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 2b Computer Architecture Background Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical & Computer Engineering
More informationIntel SGX Virtualization
Sean Christopherson Intel Intel SGX Virtualization KVM Forum 2018 Traditional VM Landscape App s secrets accessible by any privileged entity, e.g. VMM and OS App App App or a malicious app that has exploited
More informationAscend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM)
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7b Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM) Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen
More informationAnother View of the Memory Hierarchy. Lecture #25 Virtual Memory I Memory Hierarchy Requirements. Memory Hierarchy Requirements
CS61C L25 Virtual I (1) inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture #25 Virtual I 27-8-7 Scott Beamer, Instructor Another View of the Hierarchy Thus far{ Next: Virtual { Regs Instr.
More informationVirtual Memory. Motivations for VM Address translation Accelerating translation with TLBs
Virtual Memory Today Motivations for VM Address translation Accelerating translation with TLBs Fabián Chris E. Bustamante, Riesbeck, Fall Spring 2007 2007 A system with physical memory only Addresses generated
More informationHardware Support for NVM Programming
Hardware Support for NVM Programming 1 Outline Ordering Transactions Write endurance 2 Volatile Memory Ordering Write-back caching Improves performance Reorders writes to DRAM STORE A STORE B CPU CPU B
More informationIntel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron
Real World Cryptography Conference 2016 6-8 January 2016, Stanford, CA, USA Intel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron Intel Corp., Intel Development Center,
More informationLooking ahead with IBM i. 10+ year roadmap
Looking ahead with IBM i 10+ year roadmap 1 Enterprises Trust IBM Power 80 of Fortune 100 have IBM Power Systems The top 10 banking firms have IBM Power Systems 9 of top 10 insurance companies have IBM
More informationPreserving I/O Prioritization in Virtualized OSes
Preserving I/O Prioritization in Virtualized OSes Kun Suo 1, Yong Zhao 1, Jia Rao 1, Luwei Cheng 2, Xiaobo Zhou 3, Francis C. M. Lau 4 The University of Texas at Arlington 1, Facebook 2, University of
More informationAddress Translation. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University
Address Translation Jinkyu Jeong (jinkyu@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Today s Topics How to reduce the size of page tables? How to reduce the time for
More informationCISC 360. Virtual Memory Dec. 4, 2008
CISC 36 Virtual Dec. 4, 28 Topics Motivations for VM Address translation Accelerating translation with TLBs Motivations for Virtual Use Physical DRAM as a Cache for the Disk Address space of a process
More informationEECS 470. Lecture 16 Virtual Memory. Fall 2018 Jon Beaumont
Lecture 16 Virtual Memory Fall 2018 Jon Beaumont http://www.eecs.umich.edu/courses/eecs470 Slides developed in part by Profs. Austin, Brehob, Falsafi, Hill, Hoe, Lipasti, Shen, Smith, Sohi, Tyson, and
More informationPageVault: Securing Off-Chip Memory Using Page-Based Authen?ca?on. Blaise-Pascal Tine Sudhakar Yalamanchili
PageVault: Securing Off-Chip Memory Using Page-Based Authen?ca?on Blaise-Pascal Tine Sudhakar Yalamanchili Outline Background: Memory Security Motivation Proposed Solution Implementation Evaluation Conclusion
More informationInfiniswap. Efficient Memory Disaggregation. Mosharaf Chowdhury. with Juncheng Gu, Youngmoon Lee, Yiwen Zhang, and Kang G. Shin
Infiniswap Efficient Memory Disaggregation Mosharaf Chowdhury with Juncheng Gu, Youngmoon Lee, Yiwen Zhang, and Kang G. Shin Rack-Scale Computing Datacenter-Scale Computing Geo-Distributed Computing Coflow
More informationSGX memory oversubscription
SGX memory oversubscription Somnath Chakrabarti, Rebekah Leslie-Hurd, Mona Vij, Frank McKeen, Carlos Rozas, Dror Caspi, llya Alexandrovich, Ittai Anati {somnath.chakrabarti, rebekah.leslie-hurd, mona.vij,
More informationSilent Shredder: Zero-Cost Shredding For Secure Non-Volatile Main Memory Controllers
Silent Shredder: Zero-Cost Shredding For Secure Non-Volatile Main Memory Controllers 1 ASPLOS 2016 2-6 th April Amro Awad (NC State University) Pratyusa Manadhata (Hewlett Packard Labs) Yan Solihin (NC
More information