Comment 21 for bug 1991975

initramfs-tools also mounts /dev with nosuid, without noexec

> mount -t devtmpfs -o nosuid,mode=0755 udev /dev

I believe all of these should be the same, thus kernel can mount /dev with nosuid, but should not mount it with noexec.