• Performance Overhead is provided by SGX when executing enclave code. The factors that cause this performance overhead are three. The first factor is that specific instructions cannot be executed into the enclave.
Those thread should execute out of the enclave before the system calls. These transports of threads are in impact to the general performance for security reasons. A number of checks and updates need to execute and a TLB flush too. Is also necessary to copy the memory based enclave arguments between DRAM and EPC.
The second factor for the performance overhead are recordings in memory and cache misses of enclave’s code thanks to the MME which performs encryption tasks cache in lines. The third and last factor for this overhead is when applications need more memory than this which is available in EPC. To solve this problem is necessary to do switching in pages between trusted and untrusted memory. By doing this incur is caused (swapping pages in memories) because earlier need to be encryption.
For the protection virtual address from attackers there is a eviction protocol which stop all enclave threads and flushes the TLB.C. Trusted Computing Base (TCB) In order to have security in Linux Containers with by using SGX mechanism is necessary to form system support which is be placed into the enclaves to allow the security in Linux processes in a container.