On Thu, Jun 20, 2024 at 06:23:02PM GMT, Arnd Bergmann wrote:
From: Arnd Bergmann arnd@arndb.de
The old ftruncate() syscall, using the 32-bit off_t misses a sign extension when called in compat mode on 64-bit architectures. As a result, passing a negative length accidentally succeeds in truncating to file size between 2GiB and 4GiB.
Changing the type of the compat syscall to the signed compat_off_t changes the behavior so it instead returns -EINVAL.
The native entry point, the truncate() syscall and the corresponding loff_t based variants are all correct already and do not suffer from this mistake.
Fixes: 3f6d078d4acc ("fix compat truncate/ftruncate") Cc: stable@vger.kernel.org Signed-off-by: Arnd Bergmann arnd@arndb.de
Looks good to me, Reviewed-by: Christian Brauner brauner@kernel.org