A new VFS feature called FSMOUNT_NAMESPACE is set to land in Linux 7.1, allowing developers to create file systems and mount namespaces in a single operation.
Among the new VFS features expected to land for the upcoming Linux 7.1 merge window is FSMOUNT_NAMESPACE. FSMOUNT_NAMESPACE is a new feature developed by Christian Brauner. Using the FSMOUNT_NAMESPACE flag with fsmount() allows creating a new mount namespace with the newly-created file-system attached to a copy of the real root file-system. A namespace file descriptor is returned rather than the O_PATH mount file descriptor. The intent with FSMOUNT_NAMESPACE is for creating a new file-system and immediately placing it into a new mount namespace via a single operation. This should benefit container runtimes and other namespace-based isolation techniques, rather than having to go via OPEN_TREE_NAMESPACE, such as using an actual file-system for a container rootfs. The FSMOUNT_NAMESPACE support is part of the VFS Git branch and thus should be part of the upcoming Linux 7.1 merge window barring any objections from Linus Torvalds or any other last minute issues.
Comments
Please log in or register to join the discussion