From: Christian Brauner <brauner@kernel.org>
Date: Wed, 29 Oct 2025 12:20:18 +0000 (+0100)
Subject: nsfs: raise SB_I_NODEV and SB_I_NOEXEC
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4af033dad67e30c9a48a7ab461012a42200ee51a;p=thirdparty%2Fkernel%2Flinux.git

nsfs: raise SB_I_NODEV and SB_I_NOEXEC

There's zero need for nsfs to allow device nodes or execution.

Link: https://patch.msgid.link/20251029-work-namespace-nstree-listns-v4-5-2e6f823ebdc0@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
---

diff --git a/fs/nsfs.c b/fs/nsfs.c
index c1661feaccf0f..8b53fd3611774 100644
--- a/fs/nsfs.c
+++ b/fs/nsfs.c
@@ -591,6 +591,7 @@ static int nsfs_init_fs_context(struct fs_context *fc)
 	struct pseudo_fs_context *ctx = init_pseudo(fc, NSFS_MAGIC);
 	if (!ctx)
 		return -ENOMEM;
+	fc->s_iflags |= SB_I_NOEXEC | SB_I_NODEV;
 	ctx->s_d_flags |= DCACHE_DONTCACHE;
 	ctx->ops = &nsfs_ops;
 	ctx->eops = &nsfs_export_operations;