Among the new VFS features expected to land for the upcoming Linux 7.1 merge window is FSMOUNT_NAMESPACE.
FSMOUNT_NAMESPACE is a new feature developed by Christian Brauner. Using the FSMOUNT_NAMESPACE flag with fsmount() allows creating a new mount namespace with the newly-created file-system attached to a copy of the real root file-system. A namespace file descriptor is returned rather than the O_PATH mount file descriptor.
The intent with FSMOUNT_NAMESPACE is for creating a new file-system and immediately placing it into a new mount namespace via a single operation. This should benefit container runtimes and other namespace-based isolation techniques, rather than having to go via OPEN_TREE_NAMESPACE, such as using an actual file-system for a container rootfs.
The FSMOUNT_NAMESPACE support is part of the VFS Git branch and thus should be part of the upcoming Linux 7.1 merge window barring any objections from Linus Torvalds or any other last minute issues.
