diff options
| author | Christian Brauner <brauner@kernel.org> | 2026-03-11 23:01:17 +0100 |
|---|---|---|
| committer | Christian Brauner <brauner@kernel.org> | 2026-03-12 13:33:55 +0100 |
| commit | 4e9f7592b6f5fe4929b2d755785788acba123db5 (patch) | |
| tree | 233eab3a77f5350fd79f93b625f30b861203850b /rust/kernel/ptr/git@git.tavy.me:linux.git | |
| parent | 0209e31659d6908c6d0788c8a495b43d0a1f6f6c (diff) | |
| parent | 5b8ffd63fbd94fe71f1baf50a55e31be54a97ca9 (diff) | |
Merge patch series "namespace: allow creating empty mount namespaces"
Christian Brauner <brauner@kernel.org> says:
Currently, creating a new mount namespace always copies the entire mount
tree from the caller's namespace. For containers and sandboxes that
intend to build their mount table from scratch this is wasteful: they
inherit a potentially large mount tree only to immediately tear it down.
This series adds support for creating a mount namespace that contains
only a clone of the root mount, with none of the child mounts. Two new
flags are introduced:
- CLONE_EMPTY_MNTNS (0x400000000) for clone3(), using the 64-bit flag
space.
- UNSHARE_EMPTY_MNTNS (0x00100000) for unshare(), reusing the
CLONE_PARENT_SETTID bit which has no meaning for unshare.
Both flags imply CLONE_NEWNS. The resulting namespace contains a single
nullfs root mount with an immutable empty directory. The intended
workflow is to then mount a real filesystem (e.g., tmpfs) over the root
and build the mount table from there.
* patches from https://patch.msgid.link/20260306-work-empty-mntns-consolidated-v1-0-6eb30529bbb0@kernel.org:
selftests/filesystems: add clone3 tests for empty mount namespaces
selftests/filesystems: add tests for empty mount namespaces
namespace: allow creating empty mount namespaces
Link: https://patch.msgid.link/20260306-work-empty-mntns-consolidated-v1-0-6eb30529bbb0@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
Diffstat (limited to 'rust/kernel/ptr/git@git.tavy.me:linux.git')
0 files changed, 0 insertions, 0 deletions