search

gramineproject / gramine

A library OS for Linux multi-process applications, with Intel SGX support
GNU Lesser General Public License v3.0
598 stars 200 forks source link

Improve protected files performance #1599

Open yao-ji opened 1 year ago

yao-ji commented 1 year ago

Description of the feature

Current implementation of protected file is slow, especially for large files. At least the following 2 improvements can be applied.

  1. Use file map to replace read/write a single node from/to disk.
  2. Remove the encrypted part inside the file_node_t structure. The encrypted content can be directly retrieved from disk. The encryption/decryption functions can use the file mapped addresses instead so we can save the cache memory as well as the time used to copy it to/from disk.

Why Gramine should implement it?

Performance test on SGX SDK shows that applying these two changes can make reading 2 times fasters and writing 7 times faster.

dimakuv commented 1 year ago

Looks like reasonable optimizations.

dimakuv commented 1 year ago

@yao-ji Is this something that you want to work on?

yao-ji commented 1 year ago

@yao-ji Is this something that you want to work on?

Yes. And I have collected some data about time can be saved after applying the changes.

Since there is no need to call g_cb_read and g_cb_write in reading/writing each node, we calculate how much time these two call backs used inside each read/write syscall. Note that the write syscall performs both ipf_write and ipf_internal_flush, so we will add the time used of these two together. The test code can be found here.

<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40">

File size | 8KB | 32KB | 128KB | 512KB | 2MB | 8MB | 32MB -- | -- | -- | -- | -- | -- | -- | -- write time used (ns) | 3453 | 8765 | 29800 | 118334 | 497853 | 1942698 | 8032618 write time saved (ns) | 536 | 1307 | 4208 | 17014 | 70953 | 279094 | 1109268 saved percentage | 15.5227% | 14.9116% | 14.1208% | 14.3779% | 14.2518% | 14.3663% | 13.8095%   |   |   |   |   |   |   |   read time used (ns) | 1627 | 5958 | 25457 | 95566 | 417476 | 1591918 | 6287079 read time saved (ns) | 160 | 257 | 681 | 2408 | 9459 | 36452 | 151601 saved percentage | 9.8341% | 4.3135% | 2.6751% | 2.5197% | 2.2658% | 2.2898% | 2.4113%