This allows to create overlayfs mounts by unprivileged containers (i.e.
in user and mount namespace). It's super-useful for containers.
The patch is trivial as I understand from the patch description it's
does not have security implications (on top of what user namespaces
already have). And it's enabled in ubuntu long time ago. Here is a proof:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1357025
