BoringSSL TLS interface multi-threaded performance

28 views
Skip to first unread message

Ahmed Awad

unread,
Jun 20, 2021, 3:45:53 PM6/20/21
to Asylo Users
Hello.

I have benchmarked a multi-threaded enclave that invokes BoringSSL's TLS interfaces inside an SGX enclave. I have found that the performance is not very good. I have traced the problem to the pthread_* interface. 

As far as I can tell, BoringSSL TLS implementation has many short critical sections. As a result, it calls pthread_* synchronization functions many times during execution. This isn't great for performance because most of Asylo's pthread_* functions call out to the untrusted host and that costs a context switch. 

Does Asylo already have a solution for this problem? 

One solution I can think of is a BoringSSL thread synchronization implementation that relies on spinlocks for Asylo to eliminate context switches for synchronization. 

Thanks!


Reply all
Reply to author
Forward
0 new messages