BoringSSL TLS interface multi-threaded performance

[Ahmed Awad]

Hello.

I have benchmarked a multi-threaded enclave that invokes BoringSSL's TLS interfaces inside an SGX enclave. I have found that the performance is not very good. I have traced the problem to the pthread_* interface. 

As far as I can tell, BoringSSL TLS implementation has many short critical sections. As a result, it calls pthread_* synchronization functions many times during execution. This isn't great for performance because most of Asylo's pthread_* functions call out to the untrusted host and that costs a context switch. 

Does Asylo already have a solution for this problem? 

One solution I can think of is a BoringSSL thread synchronization implementation that relies on spinlocks for Asylo to eliminate context switches for synchronization. 

Thanks!