Handling confidential information has become an increasingly important concern among many areas of society. However, current computing environments have been still vulnerable to various threats, and we should think they are untrusted.
Trusted Execution Environments (TEEs) have attracted attention because they can execute a program in a trusted environment constructed on an untrusted platform.
Particularly, the RISC-V Keystone is one of the interesting TEEs since it is a flexibly customizable and fully open-source platform. On the other hand, as same as other TEEs, it must also delegate I/O processing, such as file accesses, to a host OS, resulting in the expensive overhead. For this problem, we thought utilizing byte-addressable non-volatile memory (NVM) modules is a useful solution to handle persistent data objects for TEEs.
In this paper, we introduce a prototype implementation of NVM support for the Keystone. Additionally, we evaluate it on the Freedom U500 built on a VC707 FPGA dev kit.
https://ken.ieice.org/ken/paper/20210720TC4K/
Report
Share
Report
Share
1 of 24
Download to read offline
More Related Content
Similar to Prototype Implementation of Non-Volatile Memory Support for RISC-V Keystone Enclave
Host Data Plane Acceleration: SmartNIC Deployment ModelsNetronome
SIGCOMM 2018: This tutorial introduces multiple models for host data plane acceleration with SmartNICs, provides a detailed understanding of SmartNIC deployment models at hyperscale cloud vendors and telecom service providers, and introduces various open source resources available for research and product development in this space.
Presenter Bio
Simon focuses on upstream open source activities at Netronome. He is working on allowing offload of OVS offload on the Agilio platform as well as the broader question of how best to enable programming hardware offload in the Linux kernel and other upstream open source projects.
Netflix Open Source Meetup Season 4 Episode 2aspyker
In this episode, we will take a close look at 2 different approaches to high-throughput/low-latency data stores, developed by Netflix.
The first, EVCache, is a battle-tested distributed memcached-backed data store, optimized for the cloud. You will also hear about the road ahead for EVCache it evolves into an L1/L2 cache over RAM and SSDs.
The second, Dynomite, is a framework to make any non-distributed data-store, distributed. Netflix's first implementation of Dynomite is based on Redis.
Come learn about the products' features and hear from Thomson and Reuters, Diego Pacheco from Ilegra and other third party speakers, internal and external to Netflix, on how these products fit in their stack and roadmap.
This document summarizes recent advancements in netmap and VALE (mSwitch).
Netmap is a fast packet I/O mechanism that removes unnecessary metadata and reduces data copies between the NIC and user-space. VALE (mSwitch) is a netmap-based software switch that can achieve line-rate packet forwarding using a minimal packet representation and efficient forwarding algorithms. Evaluation shows the bare mSwitch can saturate 10Gbps links with low CPU usage and scales well with number of ports. The document outlines the key techniques that enable high performance, including netmap, list-based forwarding, and separating packet processing from the switching fabric.
CETH for XDP [Linux Meetup Santa Clara | July 2016] IO Visor Project
This document discusses CETH (Common Ethernet Driver Framework), which aims to improve kernel networking performance for virtualization. CETH simplifies NIC drivers by consolidating common functions. It supports various NICs and accelerators. CETH features efficient memory and buffer management, flexible TX/RX scheduling, and a customizable metadata structure. It is being simplified to work with XDP for even higher performance network I/O processing in the kernel. Next steps include further optimizations and measuring performance gains when using CETH with XDP and virtualized environments.
This document discusses network topology offloading using intelligent network interface cards (NICs). It proposes using a programmable network processor like the Netronome NFP3200 to implement complex network topologies in software and offload the data and control planes for network functions like switching, firewalls, and load balancing. Example topologies are presented to demonstrate how virtual machines could be connected using common network elements like switches implemented entirely in the network processor.
This document provides an overview of OpenMP, including its basic architecture, programming model, syntax, directives, clauses, and examples. OpenMP is an application programming interface used for multi-threaded programming on shared memory systems. It supports parallel programming on platforms from single CPUs to multi-core/multi-processor systems. The document covers OpenMP versions, execution model, constructs like parallel regions and work sharing, data environment clauses, and synchronization methods. It also discusses limitations and references for further reading.
This document provides an overview of OpenMP, including its basic architecture, programming model, syntax, directives, clauses, and examples. OpenMP is an application programming interface used to write multi-threaded programs for shared memory multiprocessing. It utilizes compiler directives, library routines and environment variables to define parallel regions of code, distribute loops, and manage data in memory. The document discusses OpenMP's parallel execution model, work sharing constructs, data environment, synchronization methods, and best practices for utilizing its features to efficiently parallelize code.
XPDS13: Performance Evaluation of Live Migration based on Xen ARM PVH - Jaeyo...The Linux Foundation
Electricity charge for operating data centers is reaching approximately 27% of total operation cost. For this reason, ARM servers have been getting more attention for future energy-efficient data centers and the performance of ARM processors keeps increasing (i.e., almost 3GHz). For efficiently utilizing ARM cores, ARM PVH has been introduced in Xen 4.3, and based on this, we have implemented live migration feature and evaluated on top of dualcore ARM board. More specifically, we choose multimedia streaming workload, measure the maximum concurrent clients, and calculate clients per watt (CPW) as the performance metric. From this, we have found out that even dualcore ARM processor (with virtualization) gives higher CPW (7 CPW) over x86 case (6 CPW). In addition we could reduce the energy consumption around 70% (4-to-1 consolidation for low-loaded servers) by using server consolidation.
Kvm performance optimization for ubuntuSim Janghoon
This document discusses various techniques for optimizing KVM performance on Linux systems. It covers CPU and memory optimization through techniques like vCPU pinning, NUMA affinity, transparent huge pages, KSM, and virtio_balloon. For networking, it discusses vhost-net, interrupt handling using MSI/MSI-X, and NAPI. It also covers block device optimization through I/O scheduling, cache mode, and asynchronous I/O. The goal is to provide guidance on configuring these techniques for workloads running in KVM virtual machines.
NetBackup provides concise training on its version 6.x software. The document outlines several key sections:
1. NetBackup essentials such as architecture, terminology, and backup components like the master server, media server, and Enterprise Media Manager.
2. Daemons and processes that run on the master and media servers.
3. NetBackup management including reports, policies, media and device management, restores, and troubleshooting.
4. The backup flow and how clients interact with the master server and media server during backups.
UKUUG presentation about µCLinux on Pluto 6edlangley
Slides from a <a>talk</a> given at the UKUUG 2006 conference derived from my final year project on the UWE CRTS degree which involved porting uCLinux to the Pluto 6 gaming control board.
1. Application caching is used heavily at Netflix to improve performance for many microservices and user experiences like the home page, video playback, and personalization.
2. EVCache is Netflix's custom key-value cache that is distributed, replicated across AWS regions and optimized for their use cases. It handles trillions of operations per day across thousands of servers.
3. Moneta is the next generation of EVCache, using SSD storage in addition to RAM to reduce costs by 70% while maintaining performance. It intelligently manages hot and cold data between storage types.
In this talk, Vladi looks at the new Volume encryption option (due in CloudStack 4.18). He presents the new ability to use encrypted root and data volumes on different storage types, the benefits and the current limitations of the implementation.
Vladimir Petrov is a QA engineer with more than 20 years of experience in the IT field. He is using and testing Apache CloudStack for almost 3 years now. Currently working as a QA Engineer in ShapeBlue.
-----------------------------------------
CloudStack Collaboration Conference 2022 took place on 14th-16th November in Sofia, Bulgaria and virtually. The day saw a hybrid get-together of the global CloudStack community hosting 370 attendees. The event hosted 43 sessions from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.
Distributed implementation of a lstm on spark and tensorflowEmanuel Di Nardo
Academic project based on developing a LSTM distributing it on Spark and using Tensorflow for numerical operations.
Source code: https://github.com/EmanuelOverflow/LSTM-TensorSpark
Tempest provides scenario tests that test integration between multiple OpenStack services by executing sequences of operations. Current scenario tests cover operations like boot instances, attach volumes, manage snapshots and check network connectivity. Running scenario tests helps operators validate their cloud and developers check for regressions. While useful, scenario tests have issues like needing more test coverage, complex configuration, and difficulty analyzing failures. The future includes making scenario tests easier to use without command line skills and more flexible in specifying test environments.
EVCache: Lowering Costs for a Low Latency Cache with RocksDBScott Mansfield
EVCache is a distributed, sharded, replicated key-value store optimized for Netflix's use cases on AWS. It is based on Memcached but uses RocksDB for persistent storage, lowering costs compared to storing all data in memory. Moneta is the next generation EVCache server, using Rend and Mnemonic libraries to intelligently manage data placement in RAM and SSD. This provides high performance for both volatile and batch workloads while reducing costs by 70% compared to the original Memcached-based design.
This document provides an overview of a tutorial on building an SRv6-enabled fabric with P4 and ONOS. The tutorial consists of 4 exercises: 1) enabling packet I/O between the switch and control plane, 2) adding Ethernet bridging, 3) adding IPv6 routing, and 4) adding Segment Routing (SRv6). It introduces the software tools used, including P4Runtime for runtime control of P4 switches, Stratum as a P4Runtime server, and ONOS as the control plane. The goal is to learn how to program P4 switches and build full-stack network applications from a P4 program to an end-to-end solution.
QNIBTerminal: Understand your datacenter by overlaying multiple information l...QNIB Solutions
Today's data center managers are burdened by a lack of aligned information of multiple layers. Work-flow events like 'job starts' aligned with performance metrics and events extracted from log facilities are low-hanging fruit that is on the edge to become use-able due to open-source software like Graphite, StatsD, logstash and alike.
This talk aims to show off the benefits of merging multiple layers of information within an InfiniBand cluster by using use-cases for level 1/2/3 personnel.
Similar to Prototype Implementation of Non-Volatile Memory Support for RISC-V Keystone Enclave (20)
This an presentation about electrostatic force. This topic is from class 8 Force and Pressure lesson from ncert . I think this might be helpful for you. In this presentation there are 4 content they are Introduction, types, examples and demonstration. The demonstration should be done by yourself
SCIENTIFIC INVESTIGATIONS – THE IMPORTANCE OF FAIR TESTING.pptxJoanaBanasen1
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
Search for Dark Matter Ionization on the Night Side of Jupiter with CassiniSérgio Sacani
We present a new search for dark matter (DM) using planetary atmospheres. We point out that
annihilating DM in planets can produce ionizing radiation, which can lead to excess production of
ionospheric Hþ
3 . We apply this search strategy to the night side of Jupiter near the equator. The night side
has zero solar irradiation, and low latitudes are sufficiently far from ionizing auroras, leading to a lowbackground search. We use Cassini data on ionospheric Hþ
3 emission collected three hours either side of
Jovian midnight, during its flyby in 2000, and set novel constraints on the DM-nucleon scattering cross
section down to about 10−38 cm2. We also highlight that DM atmospheric ionization may be detected in
Jovian exoplanets using future high-precision measurements of planetary spectra.
Collaborative Team Recommendation for Skilled Users: Objectives, Techniques, ...Hossein Fani
Collaborative team recommendation involves selecting users with certain skills to form a team who will, more likely than not, accomplish a complex task successfully. To automate the traditionally tedious and error-prone manual process of team formation, researchers from several scientific spheres have proposed methods to tackle the problem. In this tutorial, while providing a taxonomy of team recommendation works based on their algorithmic approaches to model skilled users in collaborative teams, we perform a comprehensive and hands-on study of the graph-based approaches that comprise the mainstream in this field, then cover the neural team recommenders as the cutting-edge class of approaches. Further, we provide unifying definitions, formulations, and evaluation schema. Last, we introduce details of training strategies, benchmarking datasets, and open-source tools, along with directions for future works.
Possible Anthropogenic Contributions to the LAMP-observed Surficial Icy Regol...Sérgio Sacani
This work assesses the potential of midsized and large human landing systems to deliver water from their exhaust
plumes to cold traps within lunar polar craters. It has been estimated that a total of between 2 and 60 T of surficial
water was sensed by the Lunar Reconnaissance Orbiter Lyman Alpha Mapping Project on the floors of the larger
permanently shadowed south polar craters. This intrinsic surficial water sensed in the far-ultraviolet is thought to be
in the form of a 0.3%–2% icy regolith in the top few hundred nanometers of the surface. We find that the six past
Apollo Lunar Module midlatitude landings could contribute no more than 0.36 T of water mass to this existing,
intrinsic surficial water in permanently shadowed regions (PSRs). However, we find that the Starship landing
plume has the potential, in some cases, to deliver over 10 T of water to the PSRs, which is a substantial fraction
(possibly >20%) of the existing intrinsic surficial water mass. This anthropogenic contribution could possibly
overlay and mix with the naturally occurring icy regolith at the uppermost surface. A possible consequence is that
the origin of the intrinsic surficial icy regolith, which is still undetermined, could be lost as it mixes with the
extrinsic anthropogenic contribution. We suggest that existing and future orbital and landed assets be used to
examine the effect of polar landers on the cold traps within PSRs
Keys of Identification for Indian Wood: A Seminar ReportGurjant Singh
Identifying Indian wood involves recognizing key characteristics such as grain patterns, color, texture, hardness, and specific anatomical features. These identification keys include observing the wood's pores, growth rings, and resin canals, as well as its scent and weight. Understanding these features is essential for accurate wood identification, which is crucial for various applications in carpentry, furniture making, and conservation.
Additionally, the application of Convolutional Neural Networks (CNN) in wood identification has revolutionized this field. CNNs can analyze images of wood samples to identify species with high accuracy by learning and recognizing intricate patterns and features. This technological advancement not only enhances the precision of wood identification but also accelerates the process, making it more efficient for industry professionals and researchers alike.
Molecular biology of abiotic stress tolerence in plantsrushitahakik1
### Molecular Biology of Abiotic Stress Tolerance in Plants
Abiotic stress refers to the non-living environmental factors that can cause significant harm to plants, including drought, salinity, extreme temperatures, heavy metals, and oxidative stress. Understanding the molecular biology underlying abiotic stress tolerance is crucial for developing crops that can withstand these conditions, ensuring food security in the face of climate change and environmental degradation. Here, we explore the key molecular mechanisms, pathways, and genetic strategies plants use to cope with abiotic stress.
#### 1. Signal Perception and Transduction
**1.1. Signal Perception:**
Plants possess various sensors and receptors to detect abiotic stress signals. For instance, membrane-bound receptors such as receptor-like kinases (RLKs) and ion channels play critical roles in sensing changes in environmental conditions.
**1.2. Signal Transduction Pathways:**
Upon sensing abiotic stress, plants activate complex signal transduction pathways that involve:
- **Calcium Signaling:** Changes in cytosolic calcium levels act as secondary messengers. Calcium-binding proteins, such as calmodulins (CaMs) and calcineurin B-like proteins (CBLs), decode these signals and activate downstream responses.
- **Reactive Oxygen Species (ROS) Signaling:** ROS are produced under stress and function as signaling molecules. Controlled ROS production is crucial for activating defense mechanisms, while excessive ROS can cause cellular damage.
- **Mitogen-Activated Protein Kinase (MAPK) Cascades:** These cascades amplify the stress signal and regulate the expression of stress-responsive genes.
#### 2. Transcriptional Regulation
**2.1. Transcription Factors (TFs):**
TFs are pivotal in regulating the expression of genes involved in stress responses. Key TF families include:
- **AP2/ERF (APETALA2/ETHYLENE RESPONSE FACTOR):** Involved in drought and salinity tolerance.
- **NAC (NAM, ATAF, and CUC):** Play roles in responding to dehydration and high salinity.
- **bZIP (Basic Leucine Zipper):** Associated with responses to various stresses, including drought and oxidative stress.
- **WRKY:** Participate in the regulation of genes involved in stress responses and pathogen defense.
**2.2. Epigenetic Regulation:**
Epigenetic modifications, such as DNA methylation, histone modifications, and chromatin remodeling, influence gene expression without altering the DNA sequence. These modifications can lead to the activation or repression of stress-responsive genes.
#### 3. Stress-Responsive Genes and Proteins
**3.1. Osmoprotectants:**
Plants accumulate osmoprotectants like proline, glycine betaine, and sugars (e.g., trehalose) to maintain cellular osmotic balance under stress conditions.
**3.2. Antioxidant Defense:**
To mitigate oxidative stress, plants enhance the production of antioxidants, such as superoxide dismutase (SOD), catalase (CAT), and peroxidases, which scavenge harmful ROS.
Transmission Spectroscopy of the Habitable Zone Exoplanet LHS 1140 b with JWS...Sérgio Sacani
LHS 1140 b is the second-closest temperate transiting planet to the Earth with an equilibrium temperature low enough to support surface liquid water. At 1.730±0.025 R⊕, LHS 1140 b falls within
the radius valley separating H2-rich mini-Neptunes from rocky super-Earths. Recent mass and radius
revisions indicate a bulk density significantly lower than expected for an Earth-like rocky interior,
suggesting that LHS 1140 b could either be a mini-Neptune with a small envelope of hydrogen (∼0.1%
by mass) or a water world (9–19% water by mass). Atmospheric characterization through transmission
spectroscopy can readily discern between these two scenarios. Here, we present two JWST/NIRISS
transit observations of LHS 1140 b, one of which captures a serendipitous transit of LHS 1140 c. The
combined transmission spectrum of LHS 1140 b shows a telltale spectral signature of unocculted faculae (5.8 σ), covering ∼20% of the visible stellar surface. Besides faculae, our spectral retrieval analysis
reveals tentative evidence of residual spectral features, best-fit by Rayleigh scattering from an N2-
dominated atmosphere (2.3 σ), irrespective of the consideration of atmospheric hazes. We also show
through Global Climate Models (GCM) that H2-rich atmospheres of various compositions (100×, 300×,
1000×solar metallicity) are ruled out to >10 σ. The GCM calculations predict that water clouds form
below the transit photosphere, limiting their impact on transmission data. Our observations suggest
that LHS 1140 b is either airless or, more likely, surrounded by an atmosphere with a high mean molecular weight. Our tentative evidence of an N2-rich atmosphere provides strong motivation for future
transmission spectroscopy observations of LHS 1140 b.
Prototype Implementation of Non-Volatile Memory Support for RISC-V Keystone Enclave
1. Prototype Implementation of
Non-Volatile Memory Support
for RISC-V Keystone Enclave
Lena Yu, Yu Omori, Keiji Kimura
Waseda University
Presented by Lena Yu
SWoPP CPSY 2021
2021/7/20 SWoPP 2021 1
2. Introduction
p Modern systems are still vulnerable to various threats
n Untrusted environments should not handle confidential data
p Secure computing technologies exist
n Homomorphic Encryption
p Computationally expensive
n Trusted Execution Environment (TEE)
p Low performance overhead
n TEE enables secure computing on variety of platforms
p However TEEs have limitations on I/O operations
2021/7/20 SWoPP 2021 2
Utilize byte-addressable non-volatile memory (NVM) modules
to handle persistent data objects for TEEs
3. Goal of this research
2021/7/20 SWoPP 2021 3
Utilize byte-addressable non-volatile memory (NVM) modules
to handle persistent data objects for TEEs
Enable NVMM accesses from an enclave application in Keystone TEE
Make modifications to the Keystone Runtime to add page table management for the NVMM
Use two different free lists to distinguish between DRAM and NVMM free memory
As a tentative design, File Descriptor (fd) is used to distinguish mmap and munmap between
DRAM and NVMM
fd = -1 for DRAM
fd = -2 for NVMM
As a first step in achieving this goal
4. What is a TEE?
p TEE generally divides system into separate regions
n Untrusted area
n Trusted area
p Contains the TEE, code and data inside is relatively secure compared to the untrusted
p Sometimes referred to as an Enclave
p There exist multiple TEE implementations
n Intel SGX
n ARM TrustZone
n RISC-V Keystone
2021/7/20 SWoPP 2021 4
5. Limitations of a TEE
p Delegates I/O operations to the untrusted OS
n Enclave program unable to handle I/O operations
p Including file system accesses
n Causes additional overhead
n Poses a security risk
p Untrusted OS can momentarily access sensitive data
2021/7/20 SWoPP 2021 5
Introduce byte-accessible non-volatile memory as a main
memory (NVMM) in TEE to overcome these limitations
6. How might a NVMM overcome the limitations?
p CPU can store persistent data objects
n Only requires ordinary load and store instructions
n No need to use complicated runtime software in a TEE for management
p Host kernel does not intervene during I/O operation
n Ensures only the TEE can touch sensitive data
n As long as the page table for NVMM is prepared
2021/7/20 SWoPP 2021 6
7. Keystone TEE
p Open-source project for building customizable TEE based on RISC-V
n Provides building blocks for creating a custom TEE
n TEEs can be created with only the required functionality
p Reduces Trusted Computing Base (TCB)
→ Fully open-source, can be modified to allow NVMM usage
2021/7/20 SWoPP 2021 7
8. Layered Keystone Architecture
p U-Mode
n Enclave Application (Eapp)
n Host Application
p S-Mode
n Enclave Runtime
p Modified for the implementation
n Host OS
p M-Mode
n Security Monitor (SM)
p Trusted Hardware
n RISC-V Core
n Optional Hardware features
n Root of Trust
2021/7/20 SWoPP 2021 8
High Privilege
Low Privilege
9. Security Monitor (SM)
p SM responsible for most security guarantees of Keystone TEE
p RISC-V primitive Physical Memory Protection (PMP)
n Used to enforce memory isolation by SM
n PMP can grant/revoke access permissions
n S-Mode and U-Mode have no permissions by default
n M-Mode have full permissions by default
p PMP entries prioritized by index
n Highest priority PMP[0] used for SM
p SM responsible for managing PMP
n Next highest priority PMP[1] used for enclave
n Lowest priority PMP[N-1] used for shared memory
2021/7/20 SWoPP 2021 9
10. Runtime (RT)
p Each enclave has its own RT, acts like the enclaveʼs kernel
n Manages enclave memory
p Memory isolated by PMP
p OS cannot access enclave memory
n Implements enclave functionality
p Customizable enclave functionality provided in the form of plugins
n Free memory
n Edge call interface
2021/7/20 SWoPP 2021 10
11. Free memory (Freemem)
p Freemem is reserved physical memory area by enclave
n This memory does not have to be mapped at time of creation
p Allows RT to perform page table changes
p Mmap from Eapp utilizes Free pages in Freemem
→ Required for DRAM and NVMM page table management
2021/7/20 SWoPP 2021 11
Enclave memory before
modification
Enclave memory after
modification
12. Edge Calls and System calls
p Interface that allows function calls to cross in or out of enclaves
p Outbound Call (ocall)
n Function call that crosses out of the enclave into host
p Eapp can invoke a function inside host
n Shared memory used for copying between host and enclave
p System calls
n Some syscalls (mmap, munmap, brk) are handled in Enclave RT
n Some syscalls forwarded from Enclave to host OS through ocall
2021/7/20 SWoPP 2021 12
13. Enclave Lifecycle
p Three distinct phases in Enclave lifecycle
2021/7/20 SWoPP 2021 13
Invalid Allocated
Fresh
Running
Stopped
Destroying
CREATE
CREATE EXECUTE
EXIT/STOP
DESTROY
DESTROY
DESTROY
Create
• Host allocates contiguous range of physical memory for enclave
• Enclave page tables, RT, Eapp initialized
• PMP entry set for enclave memory, status propagated through cores
Execute
• SM releases PMP permission to core containing enclave, and enters enclave
• Includes RT boot
• Page table management is done in Running state
Destroy
• Clears enclave memory
• Releases PMP entry
• Returns memory to host
• SM cleans and frees all enclave resources, PMP entries, enclave metadata
Benchmark these to measure initialization, preparation and clearing overhead of NVMM
page table and Freemem
14. Original RT Memory Management
p Sv39 addressing mode used
p 3-level page table
n Root Page Table, Kernel L2, L3, DRAM L2, L3
p Memory is prepared during RT boot
n Creation of Page Table entries
p Create root page table entry, Kernel L2 entries, and Kernel L3 entries
p Create root page table entry, DRAM L2 entries, and DRAM L3 entries
n Freemem initialization
p All free pages of DRAM put inside free list
p Simple Page Allocator (SPA) stores pages based on linked list
2021/7/20 SWoPP 2021 14
15. Prototype RT Memory Management
for NVMM support
p Modified to allow mapping to the NVMM
p NVMM L2, L3 page tables added
n Initialized and managed similarly to DRAM L2, L3
n Create root page table entry, NVMM L2 entries, and NVMM L3 entries
p DRAM and NVMM free lists are used
p Memory composition for testing
n Entirety of NVMM region given to NVMM Freemem
n DRAM and NVMM regions are contiguous
2021/7/20 SWoPP 2021 15
16. Mapping from the Eapp
p Mmap from Eapp
n RT only supports anonymous mapping
n RT checks performed
p Checks continuous virtual address space that fits required size
p Checks DRAM/NVMM free list for number of pages available
v fd = -1 for DRAM
v fd = -2 for NVMM (tentative design for implementation)
p Maps from DRAM/NVMM Freemem
n Walks page table to find page table entry
p Mapping is created if non-existent
p Munmap from Eapp
n Pages are freed and put back into DRAM/NVMM free list
2021/7/20 SWoPP 2021 16
17. Testing the implementation
p First tested if modified Keystone works
n Confirmed write/read works for the DRAM and NVMM mmap regions
p Benchmarks
n Ocall overhead
n Mmap 5 pages from DRAM
n Mmap 5 pages from NVMM
n Munmap 5 pages from DRAM
n Munmap 5 pages from NVMM
n Enclave creation and destruction
n RT boot time
2021/7/20 SWoPP 2021 17
18. FPGA used for Experimental Evaluation
p Test executed on a Freedom U500 VC707 FPGA Dev Kit
2021/7/20 SWoPP 2021 18
19. Test Eapp
p Clock function in the host used to measure Clock Cycles
n Eapp uses Ocall to start/stop clock function
2021/7/20 SWoPP 2021 19
Prints string in host
Fd to distinguish between DRAM and NVMM mmap
Shared
Memory
Eapp
ocall_measure_clock(x)
Enclave
Untrusted
Trusted
OS ocall_print_string(xxxx)
Output
Runtime
Clock Cycles is XXX
Enclave said: “mmap into DRAM region successful”
Clock Cycles is XXX
Enclave said: “mmap into NVM region successful”
print_string()
clock_start()
clock_stop()
mmap_dram()
mmap_nvm()
20. Results
p The test app was executed 10 times on the board, and average is taken
2021/7/20 SWoPP 2021 20
21. Discussion
p NVM emulator uses part of DRAM region
n Timing parameters of NVM region set to same as DRAM
n Test overhead due to RT modification
p Clock Cycle increase in operations after modifying the RT
n Ocall had 1.66% increase
n mmap had 0.274% increase
n munmap had 0.585% increase
n RT boot had 0.822% increase
p Additional page table
p Initialization of NVMM Freemem alongside DRAM Freemem
n Enclave creation had 1.04% increase
n Enclave destruction had 0.0894% increase
p No significant increase in Clock Cycles due to RT modifications
2021/7/20 SWoPP 2021 21
22. Limitations
p Ocall overhead is large
n Multiple context switching between Enclave and host
n Shared memory copy operations
n Difficult to make precise measurements
p NVMM region set to be contiguous with DRAM region
n Unrealistic for them to be contiguous
n Keystoneʼs only support contiguous enclave memory
2021/7/20 SWoPP 2021 22
23. Related Works
p Trusted I/O path in a TEE
n Secure execution environment in TEE not enough
n Allow secure communication between TEE and peripherals
p Generic trusted path architecture in Intel SGX
n Intel SGX does not support secure I/O and syscall
n Allow trusted paths to generic I/O devices
p Secure Storage models for TrustZone
n Secure storage of private files using encryption
2021/7/20 SWoPP 2021 23
24. Conclusion
p Implemented a prototype NVMM support for RISC-V Keystone
n Modified RT to mmap into DRAM and NVMM regions
n Modified RT did not have a significant impact on the operations
p Future work
n Test implementation on NVMM emulator with appropriate latencies
n Design persistent data management on the NVMM and OS
n Investigate overhead associated with multi-core PMP synchronization
2021/7/20 SWoPP 2021 24