On 06/23/2015 03:23 PM, David Howells wrote:
> Jan Olszak <j.olszak@samsung.com> wrote:
>
>> Why not just say: "rename causes copy" and leave everything as it is now.
> That's another option - but your whole proposal was that we specifically don't
> copy up these files IIRC.
Yes, so let's modify the proposal:

Overlayfs checks xattr "trusted.overlay.cow" to switch COW off whenever 
it's possible.

 1. This would be an optimization/convenience option, not a sercurity
    option.
 2. By default overlayfs uses COW like it does now
 3. trusted.overlay.cow=="n" means:
     1. Unlink, open, setattr etc. use the original inode from lowerdir
     2. Unmodifying operations also use inode from lowerdir
     3. Other operations (rename) may copy the file if it's required by
        the implementation of overlayfs


Thanks,
Jan