From 88409e983c463b6d9c8085e7fdbe7ff45b3c5184 Mon Sep 17 00:00:00 2001
From: Andrei Vagin <avagin@google.com>
Date: Thu, 4 Apr 2019 17:42:51 -0700
Subject: gvisor: Add support for the MS_NOEXEC mount option

https://github.com/google/gvisor/issues/145

PiperOrigin-RevId: 242044115
Change-Id: I8f140fe05e32ecd438b6be218e224e4b7fe05878
---
 pkg/sentry/fs/proc/mounts.go | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'pkg/sentry/fs/proc')

diff --git a/pkg/sentry/fs/proc/mounts.go b/pkg/sentry/fs/proc/mounts.go
index 7111e5c0f..1e62af8c6 100644
--- a/pkg/sentry/fs/proc/mounts.go
+++ b/pkg/sentry/fs/proc/mounts.go
@@ -129,6 +129,9 @@ func (mif *mountInfoFile) ReadSeqFileData(ctx context.Context, handle seqfile.Se
 		if m.Flags.NoAtime {
 			opts += ",noatime"
 		}
+		if m.Flags.NoExec {
+			opts += ",noexec"
+		}
 		fmt.Fprintf(&buf, "%s ", opts)
 
 		// (7) Optional fields: zero or more fields of the form "tag[:value]".
-- 
cgit v1.2.3