The main purpose of this patchset is allowing metadata/data-only layers to be usable in user namespaces (without super user privs). The main use case is composefs in unprivileged containers. Will post xfstests testcases shortly. v3: - consistently refuse following redirect/metacopy for upper found through index (dropped RVB's due to this change) - move redirect/metacopy check into helper - remove verity -> metacopy dependency (Amir) - stable fixes moved to git://git.kernel.org/pub/scm/linux/kernel/git/overlayfs/vfs.git#ovl-fixes v2: - drop broken hunk in param.c (Amir) - patch header improvements (Amir) --- Miklos Szeredi (3): ovl: make redirect/metacopy rejection consistent ovl: relax redirect/metacopy requirements for lower -> data redirect ovl: don't require "metacopy=on" for "verity" Documentation/filesystems/overlayfs.rst | 7 ++ fs/overlayfs/namei.c | 89 +++++++++++++++++-------- fs/overlayfs/params.c | 31 +-------- 3 files changed, 71 insertions(+), 56 deletions(-) -- 2.49.0
