[PATCH] smb: client: set SB_I_NODEV to prevent device node injection

From: Bjoern Doebel

Date: Thu Jul 09 2026 - 12:05:55 EST


From: Norbert Manthey <nmanthey@xxxxxxxxx>

Set SB_I_NODEV on the superblock by default for CIFS mounts. This is
consistent with how other filesystems handle untrusted remote content
and prevents the server side from injecting device nodes on the client.

Fixes: 2e4564b31b645 ("smb3: add support for stat of WSL reparse points for special file types")
Signed-off-by: Norbert Manthey <nmanthey@xxxxxxxxx>
Assisted-by: Kiro:claude-opus-4.6
Cc: stable@xxxxxxxxxxxxxxx
---
fs/smb/client/cifsfs.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/fs/smb/client/cifsfs.c b/fs/smb/client/cifsfs.c
index ea4fc0fa68cac..35eee2f9899d5 100644
--- a/fs/smb/client/cifsfs.c
+++ b/fs/smb/client/cifsfs.c
@@ -208,6 +208,9 @@ cifs_read_super(struct super_block *sb)
if (sbflags & CIFS_MOUNT_POSIXACL)
sb->s_flags |= SB_POSIXACL;

+ /* Prevent device node opens from remote filesystem by default */
+ sb->s_iflags |= SB_I_NODEV;
+
if (tcon->snapshot_time)
sb->s_flags |= SB_RDONLY;

--
2.50.1