Re: [PATCH v3 05/70] nsfs: raise SB_I_NODEV and SB_I_NOEXEC
From: Jeff Layton <jlayton@kernel.org>
Date: 2025-10-27 13:13:24
Also in:
bpf, cgroups, linux-fsdevel, lkml
On Fri, 2025-10-24 at 12:52 +0200, Christian Brauner wrote:
quoted hunk ↗ jump to hunk
There's zero need for nsfs to allow device nodes or execution. Signed-off-by: Christian Brauner <brauner@kernel.org> --- fs/nsfs.c | 2 ++ 1 file changed, 2 insertions(+)diff --git a/fs/nsfs.c b/fs/nsfs.c index 0e3fe8fda5bf..363be226e357 100644 --- a/fs/nsfs.c +++ b/fs/nsfs.c@@ -589,6 +589,8 @@ static int nsfs_init_fs_context(struct fs_context *fc) struct pseudo_fs_context *ctx = init_pseudo(fc, NSFS_MAGIC); if (!ctx) return -ENOMEM; + fc->s_iflags |= SB_I_NOEXEC; + fc->s_iflags |= SB_I_NODEV;
nit: why not do this in one? fc->s_iflags |= SB_I_NOEXEC | SB_I_NODEV;
ctx->s_d_flags |= DCACHE_DONTCACHE; ctx->ops = &nsfs_ops; ctx->eops = &nsfs_export_operations;
-- Jeff Layton [off-list ref]