On Thu, Jun 20, 2024 at 06:23:02PM GMT, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@xxxxxxxx>
>
> The old ftruncate() syscall, using the 32-bit off_t misses a sign
> extension when called in compat mode on 64-bit architectures. As a
> result, passing a negative length accidentally succeeds in truncating
> to file size between 2GiB and 4GiB.
>
> Changing the type of the compat syscall to the signed compat_off_t
> changes the behavior so it instead returns -EINVAL.
>
> The native entry point, the truncate() syscall and the corresponding
> loff_t based variants are all correct already and do not suffer
> from this mistake.
>
> Fixes: 3f6d078d4acc ("fix compat truncate/ftruncate")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
> ---
Looks good to me,
Reviewed-by: Christian Brauner <brauner@xxxxxxxxxx>
