nsfs: raise SB_I_NODEV and SB_I_NOEXEC

There's zero need for nsfs to allow device nodes or execution. Link: https://patch.msgid.link/20251029-work-namespace-nstree-listns-v4-5-2e6f823ebdc0@kernel.org Signed-off-by: Christian Brauner <brauner@kernel.org>
author: Christian Brauner <brauner@kernel.org> 2025-10-29 13:20:18 +0100
committer: Christian Brauner <brauner@kernel.org> 2025-10-31 10:16:24 +0100
commit: 4af033dad67e30c9a48a7ab461012a42200ee51a (patch)
tree: 69c8b446d05509e4a8644396fa71cab83892d3a2
parent: b21cba8d8719881d7a9c8b746bc932be881af4c8 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/nsfs.c b/fs/nsfs.c
index c1661feaccf0..8b53fd361177 100644
--- a/fs/nsfs.c
+++ b/fs/nsfs.c
@@ -591,6 +591,7 @@ static int nsfs_init_fs_context(struct fs_context *fc)
 	struct pseudo_fs_context *ctx = init_pseudo(fc, NSFS_MAGIC);
 	if (!ctx)
 		return -ENOMEM;
+	fc->s_iflags |= SB_I_NOEXEC | SB_I_NODEV;
 	ctx->s_d_flags |= DCACHE_DONTCACHE;
 	ctx->ops = &nsfs_ops;
 	ctx->eops = &nsfs_export_operations;
author	Christian Brauner <brauner@kernel.org>	2025-10-29 13:20:18 +0100
committer	Christian Brauner <brauner@kernel.org>	2025-10-31 10:16:24 +0100
commit	4af033dad67e30c9a48a7ab461012a42200ee51a (patch)
tree	69c8b446d05509e4a8644396fa71cab83892d3a2
parent	b21cba8d8719881d7a9c8b746bc932be881af4c8 (diff)