| CPC G06F 21/53 (2013.01) [G06F 2221/033 (2013.01)] | 20 Claims |
|
1. A method, implemented by a priority filter, for providing quality of service for secure workspaces having copy-on-write layers, the method comprising:
loading the priority filter in an I/O subsystem above an isolation filter such that I/O requests passed down the I/O subsystem are received by the priority filter before the isolation filter, wherein the isolation filter is configured to enforce a quota that is defined for a portion of physical storage resources that are allocated to one or more copy-on-write layers corresponding to one or more secure workspaces;
receiving, at the priority filter, a first write that targets a first copy-on-write layer of the one or more copy-on-write layers, the first write originating from the one or more workspaces;
determining that the first write targets the first copy-on-write layer and is associated with a first priority;
based on the determination that the first write targets the first copy-on-write layer and is associated with the first priority, allowing the first write to be serviced immediately by the isolation filter;
receiving a second write that targets a second copy-on-write layer of the one or more copy-on-write layers, the second write originating from the one or more workspaces;
determining that the second write targets the second copy-on-write layer and is associated with a second priority; and
based on the determination that the second write targets the second copy-on-write layer and is associated with the second priority, preventing the second write from being serviced immediately by the isolation filter.
|