diff --git a/utils/lxc/Makefile b/utils/lxc/Makefile
index eaf77efdb..3b2d1e435 100644
--- a/utils/lxc/Makefile
+++ b/utils/lxc/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=lxc
-PKG_VERSION:=1.1.0
+PKG_VERSION:=1.1.1
 PKG_RELEASE:=1
 
 PKG_LICENSE:=LGPL-2.1+ BSD-2-Clause GPL-2.0
@@ -16,7 +16,7 @@ PKG_MAINTAINER:=Luka Perkov <luka@openwrt.org>
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://linuxcontainers.org/downloads/lxc/
-PKG_MD5SUM:=ab1cbabf859abc15165050c854979c5c
+PKG_MD5SUM:=d80cb08f0edf36f0887e32c96aec8c13
 
 PKG_BUILD_DEPENDS:=lua
 PKG_BUILD_PARALLEL:=1
diff --git a/utils/lxc/patches/030-lxc-download.patch b/utils/lxc/patches/030-lxc-download.patch
new file mode 100644
index 000000000..295bae0aa
--- /dev/null
+++ b/utils/lxc/patches/030-lxc-download.patch
@@ -0,0 +1,43 @@
+--- a/templates/lxc-download.in
++++ b/templates/lxc-download.in
+@@ -39,7 +39,7 @@ DOWNLOAD_LIST_IMAGES="false"
+ DOWNLOAD_MODE="system"
+ DOWNLOAD_READY_GPG="false"
+ DOWNLOAD_RELEASE=
+-DOWNLOAD_SERVER="images.linuxcontainers.org"
++DOWNLOAD_SERVER="virtualwrt.org/containers/"
+ DOWNLOAD_SHOW_GPG_WARNING="true"
+ DOWNLOAD_SHOW_HTTP_WARNING="true"
+ DOWNLOAD_TARGET="system"
+@@ -257,14 +257,6 @@ for bin in tar xz wget; do
+     fi
+ done
+ 
+-# Check for GPG
+-if [ "$DOWNLOAD_VALIDATE" = "true" ]; then
+-    if ! type gpg >/dev/null 2>&1; then
+-        echo "ERROR: Missing recommended tool: gpg" 1>&2
+-        echo "You can workaround this by using --no-validate." 1>&2
+-        exit 1
+-    fi
+-fi
+ 
+ # Check that we have all variables we need
+ if [ -z "$LXC_NAME" ] || [ -z "$LXC_PATH" ] || [ -z "$LXC_ROOTFS" ]; then
+@@ -456,16 +448,9 @@ if [ "$DOWNLOAD_USE_CACHE" = "false" ];
+         echo "Downloading the rootfs"
+         download_file $DOWNLOAD_URL/rootfs.tar.xz \
+             ${DOWNLOAD_TEMP}/rootfs.tar.xz normal
+-        download_sig  $DOWNLOAD_URL/rootfs.tar.xz.asc \
+-             ${DOWNLOAD_TEMP}/rootfs.tar.xz.asc normal
+-        gpg_validate ${DOWNLOAD_TEMP}/rootfs.tar.xz.asc
+-
+         echo "Downloading the metadata"
+         download_file $DOWNLOAD_URL/meta.tar.xz \
+             ${DOWNLOAD_TEMP}/meta.tar.xz normal
+-        download_sig  $DOWNLOAD_URL/meta.tar.xz.asc \
+-            ${DOWNLOAD_TEMP}/meta.tar.xz.asc normal
+-        gpg_validate ${DOWNLOAD_TEMP}/meta.tar.xz.asc
+ 
+         if [ -d $LXC_CACHE_PATH ]; then
+             rm -Rf $LXC_CACHE_PATH
diff --git a/utils/lxc/patches/300-fix-lxc-destroy.patch b/utils/lxc/patches/300-fix-lxc-destroy.patch
deleted file mode 100644
index 241f38713..000000000
--- a/utils/lxc/patches/300-fix-lxc-destroy.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From bdeafb7bc4857e80dbca5192a751eedcf7b69abd Mon Sep 17 00:00:00 2001
-From: Luka Perkov <luka@openwrt.org>
-Date: Mon, 27 Oct 2014 21:49:46 +0100
-Subject: [PATCH] utils: remove unnecessary check of mystat.st_dev
-
-The check is not needed and it breaks lxc-destroy when container is installed
-on top of overlayfs. More information why this is a problem on overlayfs can be
-found here:
-
-https://kernel.googlesource.com/pub/scm/linux/kernel/git/mszeredi/vfs/+/overlayfs.current/Documentation/filesystems/overlayfs.txt
-
-Signed-off-by: Luka Perkov <luka@openwrt.org>
----
- src/lxc/utils.c | 10 ++++------
- 1 file changed, 4 insertions(+), 6 deletions(-)
-
---- a/src/lxc/utils.c
-+++ b/src/lxc/utils.c
-@@ -47,7 +47,7 @@
- 
- lxc_log_define(lxc_utils, lxc);
- 
--static int _recursive_rmdir_onedev(char *dirname, dev_t pdev,
-+static int _recursive_rmdir_onedev(char *dirname,
- 				   const char *exclude, int level)
- {
- 	struct dirent dirent, *direntp;
-@@ -108,10 +108,8 @@ static int _recursive_rmdir_onedev(char
- 			failed=1;
- 			continue;
- 		}
--		if (mystat.st_dev != pdev)
--			continue;
- 		if (S_ISDIR(mystat.st_mode)) {
--			if (_recursive_rmdir_onedev(pathname, pdev, exclude, level+1) < 0)
-+			if (_recursive_rmdir_onedev(pathname, exclude, level+1) < 0)
- 				failed=1;
- 		} else {
- 			if (unlink(pathname) < 0) {
-@@ -147,7 +145,7 @@ extern int lxc_rmdir_onedev(char *path,
- 		return -1;
- 	}
- 
--	return _recursive_rmdir_onedev(path, mystat.st_dev, exclude, 0);
-+	return _recursive_rmdir_onedev(path, exclude, 0);
- }
- 
- static int mount_fs(const char *source, const char *target, const char *type)
diff --git a/utils/lxc/patches/300-lxc-destroy.patch b/utils/lxc/patches/300-lxc-destroy.patch
new file mode 100644
index 000000000..a76e27a6f
--- /dev/null
+++ b/utils/lxc/patches/300-lxc-destroy.patch
@@ -0,0 +1,113 @@
+One of the 'features' of overlayfs is that depending on whether a file
+is on the upper or lower dir you get back a different device from stat.
+That breaks our lxc_rmdir_onedev.
+
+So at lxc_rmdir_ondev check the device of the directory being deleted.
+If it is overlayfs, then skip the device check.
+
+Note this is unrelated to overlayfs snapshots - in those cases when you
+delete a container, /var/lib/lxc/$container/ does not actually have an
+overlayfs under it.  Rather, to reproduce this you would
+
+sudo mkdir /opt/{lower,upper,workdir}
+sudo mount -t overlayfs -o lower=/opt/lower,upper=/opt/upper,workdir=/opt/workdir \
+	lxc /var/lib/lxc
+sudo lxc-create -t download -n c1 -- -d ubuntu -r trusty -a amd64
+sudo lxc-destroy -n c1
+
+Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
+---
+ src/lxc/utils.c | 39 ++++++++++++++++++++++++++++++++-------
+ 1 file changed, 32 insertions(+), 7 deletions(-)
+
+--- a/src/lxc/utils.c
++++ b/src/lxc/utils.c
+@@ -29,6 +29,7 @@
+ #include <stddef.h>
+ #include <string.h>
+ #include <sys/types.h>
++#include <sys/vfs.h>
+ #include <sys/stat.h>
+ #include <sys/mman.h>
+ #include <sys/param.h>
+@@ -68,8 +69,8 @@
+ 
+ lxc_log_define(lxc_utils, lxc);
+ 
+-static int _recursive_rmdir_onedev(char *dirname, dev_t pdev,
+-				   const char *exclude, int level)
++static int _recursive_rmdir(char *dirname, dev_t pdev,
++			    const char *exclude, int level, bool onedev)
+ {
+ 	struct dirent dirent, *direntp;
+ 	DIR *dir;
+@@ -106,7 +107,7 @@ static int _recursive_rmdir_onedev(char
+ 			if (ret < 0) {
+ 				switch(errno) {
+ 				case ENOTEMPTY:
+-					INFO("Not deleting snapshots");
++					INFO("Not deleting snapshot %s", pathname);
+ 					hadexclude = true;
+ 					break;
+ 				case ENOTDIR:
+@@ -129,14 +130,14 @@ static int _recursive_rmdir_onedev(char
+ 			failed=1;
+ 			continue;
+ 		}
+-		if (mystat.st_dev != pdev)
++		if (onedev && mystat.st_dev != pdev)
+ 			continue;
+ 		if (S_ISDIR(mystat.st_mode)) {
+-			if (_recursive_rmdir_onedev(pathname, pdev, exclude, level+1) < 0)
++			if (_recursive_rmdir(pathname, pdev, exclude, level+1, onedev) < 0)
+ 				failed=1;
+ 		} else {
+ 			if (unlink(pathname) < 0) {
+-				ERROR("%s: failed to delete %s", __func__, pathname);
++				SYSERROR("%s: failed to delete %s", __func__, pathname);
+ 				failed=1;
+ 			}
+ 		}
+@@ -158,17 +159,41 @@ static int _recursive_rmdir_onedev(char
+ 	return failed ? -1 : 0;
+ }
+ 
++/* we have two different magic values for overlayfs, yay */
++#define OVERLAYFS_SUPER_MAGIC 0x794c764f
++#define OVERLAY_SUPER_MAGIC 0x794c7630
++/*
++ * In overlayfs, st_dev is unreliable.  so on overlayfs we don't do
++ * the lxc_rmdir_onedev()
++ */
++static bool is_native_overlayfs(const char *path)
++{
++	struct statfs sb;
++
++	if (statfs(path, &sb) < 0)
++		return false;
++	if (sb.f_type == OVERLAYFS_SUPER_MAGIC ||
++			sb.f_type == OVERLAY_SUPER_MAGIC)
++		return true;
++	return false;
++}
++
+ /* returns 0 on success, -1 if there were any failures */
+ extern int lxc_rmdir_onedev(char *path, const char *exclude)
+ {
+ 	struct stat mystat;
++	bool onedev = true;
++
++	if (is_native_overlayfs(path)) {
++		onedev = false;
++	}
+ 
+ 	if (lstat(path, &mystat) < 0) {
+ 		ERROR("%s: failed to stat %s", __func__, path);
+ 		return -1;
+ 	}
+ 
+-	return _recursive_rmdir_onedev(path, mystat.st_dev, exclude, 0);
++	return _recursive_rmdir(path, mystat.st_dev, exclude, 0, onedev);
+ }
+ 
+ static int mount_fs(const char *source, const char *target, const char *type)