{"id":50418784,"url":"https://github.com/asterinas/mlsdisk","last_synced_at":"2026-05-31T07:05:32.768Z","repository":{"id":225094897,"uuid":"649532504","full_name":"asterinas/mlsdisk","owner":"asterinas","description":"Multilayered, Log-structured Secure Disk (MlsDisk) protects the disk I/O for TEEs","archived":false,"fork":false,"pushed_at":"2024-05-07T06:19:29.000Z","size":216,"stargazers_count":12,"open_issues_count":4,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-05-07T07:25:40.392Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/asterinas.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE-GPL","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-06-05T04:54:05.000Z","updated_at":"2024-05-07T07:25:41.355Z","dependencies_parsed_at":"2024-02-29T08:29:19.331Z","dependency_job_id":"255823c0-6fbe-4f80-a498-b89c16b15cf4","html_url":"https://github.com/asterinas/mlsdisk","commit_stats":null,"previous_names":["asterinas/mlsdisk"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/asterinas/mlsdisk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asterinas%2Fmlsdisk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asterinas%2Fmlsdisk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asterinas%2Fmlsdisk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asterinas%2Fmlsdisk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/asterinas","download_url":"https://codeload.github.com/asterinas/mlsdisk/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asterinas%2Fmlsdisk/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33722199,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-31T02:00:06.040Z","response_time":95,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-05-31T07:05:32.076Z","updated_at":"2026-05-31T07:05:32.758Z","avatar_url":"https://github.com/asterinas.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MlsDisk\n\n## Introduction\n\nMlsDisk is a **multilayered log-structured secure virtual disk for TEEs**,\nwhich has the following key features:\n\n* **Transparent protection.** As a virtual disk, MlsDisk can _transparently_ protect any file system (e.g., Ext4) that\nis stacked upon it and runs inside a Trusted Execution Environment (TEE) from a strong adversary\noutside the TEE.\n\n* **Strong security.** MlsDisk promises six security properties:\n_confidentiality_, _integrity_, _freshness_, _consistency_, _atomicity_, and _irreversibility_.\nFor more information, see the section [Security Guarantees](#security-guarantees) below.\n\n* **High performance.** Thanks to its unique multilayered log-structured design,\nMlsDisk can deliver an excellent I/O performance that\nis close to the theoretically optimal level.\n\n## Overview\n\nMlsDisk targets a typical setting of TEE usage, where applications\nare ported into the TEE with no (or few) modifications\nthanks to a TEE-aware runtime. For enclave TEEs (e.g., Intel SGX),\none popular choice for such a runtime is library OSes (e.g., [Occlum](https://github.com/occlum/occlum)).\nFor VM TEEs (e.g., AMD SEV), one can choose off-the-shelf OS kernels like Linux.\n\n![The threat model of MlsDisk.](./docs/figures/mlsdisk-threat-model.svg)\n\nAs shown in the image above, the TEE runtime is integrated with MlsDisk,\nwhich serves as a secure block device that supports three standard block I/O commands\nincluding `read()`, `write()`, and `sync()`. From the perspective of MlsDisk's users (e.g., file systems),\nall data written to or read from MlsDisk is in plaintext.\nTo serve these I/O requests securely, MlsDisk takes some extra security measures,\nincluding but not limited to encrypting/decrypting the data\ntransferred to/from the host block device properly.\n\n## Security Guarantees\n\nMlsDisk promises to provide six security guarantees\nto its users (e.g., file systems), outlined as follows:\n\n* **Confidentiality** guarantees that the user data submitted by any write\nis not leaked and thus prevents tampering attacks.\n* **Integrity** promises that the user data returned from any read\nare genuinely generated by the user and\nthus prevents snooping attacks.\n* **Freshness** ensures that the user data returned from any read\nare up-to-date and thus prevents rollback attacks.\n* **Consistency** ensures that all the security guarantees are held\ndespite any accidental crashes or crashing attacks.\n* **Atomicity** promises that all writes before a sync operation\nare persisted in an all-or-nothing manner.\n* **Irreversibility** promises the sync operation is irreversible\nregardless whether TEE is online or not.\n\nPrior disk I/O protection solutions only provide a subset of MlsDisk's security guarantees.\nFor example, Linux's [dm-crypt](https://docs.kernel.org/admin-guide/device-mapper/dm-crypt.html) and [dm-integrity](https://docs.kernel.org/admin-guide/device-mapper/dm-crypt.html) only protect confidentiality and integrity, respectively.\nAlthough Linux's [dm-verity](https://docs.kernel.org/admin-guide/device-mapper/verity.html) ensures both integrity and freshness, it is read-only.\nAs another example, [Intel SGX Protected File System Library](https://www.intel.com/content/www/us/en/developer/articles/technical/overview-of-intel-protected-file-system-library-using-software-guard-extensions.html) protects confidentiality, integrity, freshness, and consistency,\nbut falls short of atomicity and irreversibility.\n\n## Implementation\n\nMlsDisk is written in Rust.\nThe core of MlsDisk's design resides in [`core/layers`](core/layers),\nshowcasing its multilayered log-structured approach.\n\nMlsDisk is also engineered to be portable across different OSes and TEEs,\nwith platform-specific implementations found in [`core/os`](core/os) and\nnotably [`linux`](linux/) for Linux integration.\nAs of this moment, MlsDisk has been integrated into two OSes.\n\n* Integrated into Linux based on [Rust-for-Linux](https://github.com/Rust-for-Linux),\nwhich is for use in VM TEEs like [AMD SEV](https://developer.amd.com/sev/) and [Intel TDX](https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html).\n* Integrated into Occlum, a Rust library OS,\nwhich is for use in [Intel SGX](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html) enclaves.\n\nWe plan to release a research paper that\ndescribes the design and implementation\nof MlsDisk in the near future.\n\n## Performance\n\nMlsDisk achieves superior performance compared to the state-of-the-art solutions,\nthanks to its advanced multilayered log-structured design,\nwith minimal I/O amplification.\nThe comparative results under the [Fio](https://github.com/axboe/fio) benchmark\nagainst two other virtual disks are presented below.\n\n| 100GiB data\u003cbr /\u003e(MiB/s)              | seq-write | rnd-write-4K | **rnd-write-32K** | **rnd-write-256K** | **seq-read** | **rnd-read-4K** | **rnd-read-32K** | **rnd-read-256K** |\n| ------------------------------------- | --------- | ------------ | ----------------- | ------------------ | ------------ | --------------- | ---------------- | ----------------- |\n| **MlsDisk**                           | 960       | 605          | 842               | 928                | 1128         | 140             | 446              | 992               |\n| **CryptDisk** (encrypt-only baseline) | 982       | 45.5         | 271               | 860                | 1203         | 165             | 489              | 1057              |\n| **PfsDisk** (based on SGX-Pfs)        | 103       | 19.2         | 57.8              | 86.1               | 340          | 84.7            | 245              | 321               |\n\nFor more comprehensive performance evaluation,\nplease look forward to our upcoming paper.\n\n## License\n\nExcept where noted otherwise, the individual files within this package\nare licensed as MPL v2.0 license. However, when linked together to form a Linux kernel module,\nthe resulting Linux kernel module is dual licensed as MPLv2/GPLv2.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasterinas%2Fmlsdisk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fasterinas%2Fmlsdisk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasterinas%2Fmlsdisk/lists"}