[PATCH v4 05/72] nsfs: raise SB_I_NODEV and SB_I_NOEXEC

There's zero need for nsfs to allow device nodes or execution.

Signed-off-by: Christian Brauner <brauner@kernel.org>
---
 fs/nsfs.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/fs/nsfs.c b/fs/nsfs.c
index 0e3fe8fda5bf..6889922d8175 100644
--- a/fs/nsfs.c
+++ b/fs/nsfs.c
@@ -589,6 +589,7 @@ static int nsfs_init_fs_context(struct fs_context *fc)
 	struct pseudo_fs_context *ctx = init_pseudo(fc, NSFS_MAGIC);
 	if (!ctx)
 		return -ENOMEM;
+	fc->s_iflags |= SB_I_NOEXEC | SB_I_NODEV;
 	ctx->s_d_flags |= DCACHE_DONTCACHE;
 	ctx->ops = &nsfs_ops;
 	ctx->eops = &nsfs_export_operations;

-- 
2.47.3

• [PATCH v4 01/72] libfs: allow to specify s_d_flags
• [PATCH v4 02/72] nsfs: use inode_just_drop()
• [PATCH v4 03/72] nsfs: raise DCACHE_DONTCACHE explicitly
• [PATCH v4 04/72] pidfs: raise DCACHE_DONTCACHE explicitly
• [PATCH v4 05/72] nsfs: raise SB_I_NODEV and SB_I_NOEXEC
• [PATCH v4 06/72] cgroup: add cgroup namespace to tree after owner is set
• [PATCH v4 07/72] nstree: simplify return
• [PATCH v4 08/72] ns: initialize ns_list_node for initial namespaces
• [PATCH v4 09/72] ns: add __ns_ref_read()
• [PATCH v4 10/72] ns: rename to exit_nsproxy_namespaces()
• [PATCH v4 11/72] ns: add active reference count
• [PATCH v4 12/72] ns: use anonymous struct to group list member
• [PATCH v4 13/72] nstree: introduce a unified tree
• [PATCH v4 14/72] nstree: allow lookup solely based on inode
• [PATCH v4 15/72] nstree: assign fixed ids to the initial namespaces
• [PATCH v4 16/72] nstree: maintain list of owned namespaces
• [PATCH v4 17/72] nstree: simplify rbtree comparison helpers
• [PATCH v4 18/72] nstree: add unified namespace list
• [PATCH v4 19/72] nstree: add listns()
• [PATCH v4 20/72] arch: hookup listns() system call
• [PATCH v4 21/72] nsfs: update tools header
• [PATCH v4 22/72] selftests/filesystems: remove CLONE_NEWPIDNS from setup_userns() helper
• [PATCH v4 23/72] selftests/namespaces: first active reference count tests
• [PATCH v4 24/72] selftests/namespaces: second active reference count tests
• [PATCH v4 25/72] selftests/namespaces: third active reference count tests
• [PATCH v4 26/72] selftests/namespaces: fourth active reference count tests
• [PATCH v4 27/72] selftests/namespaces: fifth active reference count tests
• [PATCH v4 28/72] selftests/namespaces: sixth active reference count tests
• [PATCH v4 29/72] selftests/namespaces: seventh active reference count tests
• [PATCH v4 30/72] selftests/namespaces: eigth active reference count tests
• [PATCH v4 31/72] selftests/namespaces: ninth active reference count tests
• [PATCH v4 32/72] selftests/namespaces: tenth active reference count tests
• [PATCH v4 33/72] selftests/namespaces: eleventh active reference count tests
• [PATCH v4 34/72] selftests/namespaces: twelth active reference count tests
• [PATCH v4 35/72] selftests/namespaces: thirteenth active reference count tests
• [PATCH v4 36/72] selftests/namespaces: fourteenth active reference count tests
• [PATCH v4 37/72] selftests/namespaces: fifteenth active reference count tests
• [PATCH v4 38/72] selftests/namespaces: add listns() wrapper
• [PATCH v4 39/72] selftests/namespaces: first listns() test
• [PATCH v4 40/72] selftests/namespaces: second listns() test
• [PATCH v4 41/72] selftests/namespaces: third listns() test
• [PATCH v4 42/72] selftests/namespaces: fourth listns() test
• [PATCH v4 43/72] selftests/namespaces: fifth listns() test
• [PATCH v4 44/72] selftests/namespaces: sixth listns() test
• [PATCH v4 45/72] selftests/namespaces: seventh listns() test
• [PATCH v4 46/72] selftests/namespaces: eigth listns() test
• [PATCH v4 47/72] selftests/namespaces: ninth listns() test
• [PATCH v4 48/72] selftests/namespaces: first listns() permission test
• [PATCH v4 49/72] selftests/namespaces: second listns() permission test
• [PATCH v4 50/72] selftests/namespaces: third listns() permission test
• [PATCH v4 51/72] selftests/namespaces: fourth listns() permission test
• [PATCH v4 52/72] selftests/namespaces: fifth listns() permission test
• [PATCH v4 53/72] selftests/namespaces: sixth listns() permission test
• [PATCH v4 54/72] selftests/namespaces: seventh listns() permission test
• [PATCH v4 55/72] selftests/namespaces: first inactive namespace resurrection test
• [PATCH v4 56/72] selftests/namespaces: second inactive namespace resurrection test
• [PATCH v4 57/72] selftests/namespaces: third inactive namespace resurrection test
• [PATCH v4 58/72] selftests/namespaces: fourth inactive namespace resurrection test
• [PATCH v4 59/72] selftests/namespaces: fifth inactive namespace resurrection test
• [PATCH v4 60/72] selftests/namespaces: sixth inactive namespace resurrection test
• [PATCH v4 61/72] selftests/namespaces: seventh inactive namespace resurrection test
• [PATCH v4 62/72] selftests/namespaces: eigth inactive namespace resurrection test
• [PATCH v4 63/72] selftests/namespaces: ninth inactive namespace resurrection test
• [PATCH v4 64/72] selftests/namespaces: tenth inactive namespace resurrection test
• [PATCH v4 65/72] selftests/namespaces: eleventh inactive namespace resurrection test
• [PATCH v4 66/72] selftests/namespaces: twelth inactive namespace resurrection test
• [PATCH v4 67/72] selftests/namespace: first threaded active reference count test
• [PATCH v4 68/72] selftests/namespace: second threaded active reference count test
• [PATCH v4 69/72] selftests/namespace: third threaded active reference count test
• [PATCH v4 70/72] selftests/namespace: commit_creds() active reference tests
• [PATCH v4 71/72] selftests/namespace: add stress test
• [PATCH v4 72/72] selftests/namespace: test listns() pagination