Import from CS git

SOURCES/0667-fs-xfs-Add-bigtime-incompat-feature-support.patch

@@ -0,0 +1,156 @@
+From 631bfec4c070c220e86d2e2d8e6d6aa38c130ef1 Mon Sep 17 00:00:00 2001
+From: Carlos Maiolino <cmaiolino@redhat.com>
+Date: Mon, 24 May 2021 19:40:06 +0200
+Subject: [PATCH 667/668] fs/xfs: Add bigtime incompat feature support
+
+The XFS filesystem supports a bigtime feature to overcome y2038 problem.
+This patch makes the GRUB able to support the XFS filesystems with this
+feature enabled.
+
+The XFS counter for the bigtime enabled timestamps starts at 0, which
+translates to GRUB_INT32_MIN (Dec 31 20:45:52 UTC 1901) in the legacy
+timestamps. The conversion to Unix timestamps is made before passing the
+value to other GRUB functions.
+
+For this to work properly, GRUB requires an access to flags2 field in the
+XFS ondisk inode. So, the grub_xfs_inode structure has been updated to
+cover full ondisk inode.
+
+Signed-off-by: Carlos Maiolino <cmaiolino@redhat.com>
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ grub-core/fs/xfs.c  | 49 ++++++++++++++++++++++++++++++++++++---------
+ include/grub/time.h |  2 ++
+ 2 files changed, 42 insertions(+), 9 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index 887392c..8c23944 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -23,6 +23,7 @@
+ #include <grub/misc.h>
+ #include <grub/disk.h>
+ #include <grub/dl.h>
++#include <grub/time.h>
+ #include <grub/types.h>
+ #include <grub/fshelp.h>
+ #include <grub/safemath.h>
+@@ -75,10 +76,15 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ 	 XFS_SB_VERSION2_PROJID32BIT | \
+ 	 XFS_SB_VERSION2_FTYPE)
+ 
++/* Inode flags2 flags */
++#define XFS_DIFLAG2_BIGTIME_BIT	3
++#define XFS_DIFLAG2_BIGTIME		(1 << XFS_DIFLAG2_BIGTIME_BIT)
++
+ /* incompat feature flags */
+ #define XFS_SB_FEAT_INCOMPAT_FTYPE      (1 << 0)        /* filetype in dirent */
+ #define XFS_SB_FEAT_INCOMPAT_SPINODES   (1 << 1)        /* sparse inode chunks */
+ #define XFS_SB_FEAT_INCOMPAT_META_UUID  (1 << 2)        /* metadata UUID */
++#define XFS_SB_FEAT_INCOMPAT_BIGTIME    (1 << 3)        /* large timestamps */
+ 
+ /*
+  * Directory entries with ftype are explicitly handled by GRUB code.
+@@ -92,7 +98,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ #define XFS_SB_FEAT_INCOMPAT_SUPPORTED \
+ 	(XFS_SB_FEAT_INCOMPAT_FTYPE | \
+ 	 XFS_SB_FEAT_INCOMPAT_SPINODES | \
+-	 XFS_SB_FEAT_INCOMPAT_META_UUID)
++	 XFS_SB_FEAT_INCOMPAT_META_UUID | \
++	 XFS_SB_FEAT_INCOMPAT_BIGTIME)
+ 
+ struct grub_xfs_sblock
+ {
+@@ -177,7 +184,7 @@ struct grub_xfs_btree_root
+   grub_uint64_t keys[1];
+ } GRUB_PACKED;
+ 
+-struct grub_xfs_time
++struct grub_xfs_time_legacy
+ {
+   grub_uint32_t sec;
+   grub_uint32_t nanosec;
+@@ -190,20 +197,23 @@ struct grub_xfs_inode
+   grub_uint8_t version;
+   grub_uint8_t format;
+   grub_uint8_t unused2[26];
+-  struct grub_xfs_time atime;
+-  struct grub_xfs_time mtime;
+-  struct grub_xfs_time ctime;
++  grub_uint64_t atime;
++  grub_uint64_t mtime;
++  grub_uint64_t ctime;
+   grub_uint64_t size;
+   grub_uint64_t nblocks;
+   grub_uint32_t extsize;
+   grub_uint32_t nextents;
+   grub_uint16_t unused3;
+   grub_uint8_t fork_offset;
+-  grub_uint8_t unused4[17];
++  grub_uint8_t unused4[37];
++  grub_uint64_t flags2;
++  grub_uint8_t unused5[48];
+ } GRUB_PACKED;
+ 
+-#define XFS_V2_INODE_SIZE sizeof(struct grub_xfs_inode)
+-#define XFS_V3_INODE_SIZE (XFS_V2_INODE_SIZE + 76)
++#define XFS_V3_INODE_SIZE	sizeof(struct grub_xfs_inode)
++/* Size of struct grub_xfs_inode until fork_offset (included). */
++#define XFS_V2_INODE_SIZE	(XFS_V3_INODE_SIZE - 92)
+ 
+ struct grub_xfs_dirblock_tail
+ {
+@@ -1009,6 +1019,27 @@ struct grub_xfs_dir_ctx
+   void *hook_data;
+ };
+ 
++/* Bigtime inodes helpers. */
++#define XFS_BIGTIME_EPOCH_OFFSET	(-(grub_int64_t) GRUB_INT32_MIN)
++
++static int grub_xfs_inode_has_bigtime (const struct grub_xfs_inode *inode)
++{
++  return inode->version >= 3 &&
++	 (inode->flags2 & grub_cpu_to_be64_compile_time (XFS_DIFLAG2_BIGTIME));
++}
++
++static grub_int64_t
++grub_xfs_get_inode_time (struct grub_xfs_inode *inode)
++{
++  struct grub_xfs_time_legacy *lts;
++
++  if (grub_xfs_inode_has_bigtime (inode))
++    return grub_divmod64 (grub_be_to_cpu64 (inode->mtime), NSEC_PER_SEC, NULL) - XFS_BIGTIME_EPOCH_OFFSET;
++
++  lts = (struct grub_xfs_time_legacy *) &inode->mtime;
++  return grub_be_to_cpu32 (lts->sec);
++}
++
+ /* Helper for grub_xfs_dir.  */
+ static int
+ grub_xfs_dir_iter (const char *filename, enum grub_fshelp_filetype filetype,
+@@ -1021,7 +1052,7 @@ grub_xfs_dir_iter (const char *filename, enum grub_fshelp_filetype filetype,
+   if (node->inode_read)
+     {
+       info.mtimeset = 1;
+-      info.mtime = grub_be_to_cpu32 (node->inode.mtime.sec);
++      info.mtime = grub_xfs_get_inode_time (&node->inode);
+     }
+   info.dir = ((filetype & GRUB_FSHELP_TYPE_MASK) == GRUB_FSHELP_DIR);
+   grub_free (node);
+diff --git a/include/grub/time.h b/include/grub/time.h
+index c919c1f..32f0afa 100644
+--- a/include/grub/time.h
++++ b/include/grub/time.h
+@@ -30,6 +30,8 @@ grub_cpu_idle(void)
+ }
+ #endif
+ 
++#define NSEC_PER_SEC ((grub_int64_t) 1000000000)
++
+ void EXPORT_FUNC(grub_millisleep) (grub_uint32_t ms);
+ grub_uint64_t EXPORT_FUNC(grub_get_time_ms) (void);
+ 
+-- 
+2.43.5
+

SOURCES/0668-fs-xfs-Add-needsrepair-incompat-feature-support.patch

@@ -0,0 +1,81 @@
+From b03ffdb85eca0a5a632c6c5bbeea52373d2fea69 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Mon, 24 May 2021 19:40:07 +0200
+Subject: [PATCH 668/668] fs/xfs: Add needsrepair incompat feature support
+
+The XFS now has an incompat feature flag to indicate that a filesystem
+needs to be repaired. The Linux kernel refuses to mount the filesystem
+that has it set and only the xfs_repair tool is able to clear that flag.
+
+The GRUB doesn't have the concept of mounting filesystems and just
+attempts to read the files. But it does some sanity checking before
+attempting to read from the filesystem. Among the things which are tested,
+is if the super block only has set of incompatible features flags that
+are supported by GRUB. If it contains any flags that are not listed as
+supported, reading the XFS filesystem fails.
+
+Since the GRUB doesn't attempt to detect if the filesystem is inconsistent
+nor replays the journal, the filesystem access is a best effort. For this
+reason, ignore if the filesystem needs to be repaired and just print a debug
+message. That way, if reading or booting fails later, the user is able to
+figure out that the failures can be related to broken XFS filesystem.
+
+Suggested-by: Eric Sandeen <esandeen@redhat.com>
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ grub-core/fs/xfs.c | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index 8c23944..f113216 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -85,6 +85,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ #define XFS_SB_FEAT_INCOMPAT_SPINODES   (1 << 1)        /* sparse inode chunks */
+ #define XFS_SB_FEAT_INCOMPAT_META_UUID  (1 << 2)        /* metadata UUID */
+ #define XFS_SB_FEAT_INCOMPAT_BIGTIME    (1 << 3)        /* large timestamps */
++#define XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR (1 << 4)       /* needs xfs_repair */
+ 
+ /*
+  * Directory entries with ftype are explicitly handled by GRUB code.
+@@ -99,7 +100,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ 	(XFS_SB_FEAT_INCOMPAT_FTYPE | \
+ 	 XFS_SB_FEAT_INCOMPAT_SPINODES | \
+ 	 XFS_SB_FEAT_INCOMPAT_META_UUID | \
+-	 XFS_SB_FEAT_INCOMPAT_BIGTIME)
++	 XFS_SB_FEAT_INCOMPAT_BIGTIME | \
++	 XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR)
+ 
+ struct grub_xfs_sblock
+ {
+@@ -313,6 +315,16 @@ static int grub_xfs_sb_valid(struct grub_xfs_data *data)
+   return 0;
+ }
+ 
++static int
++grub_xfs_sb_needs_repair (struct grub_xfs_data *data)
++{
++  return ((data->sblock.version &
++           grub_cpu_to_be16_compile_time (XFS_SB_VERSION_NUMBITS)) ==
++          grub_cpu_to_be16_compile_time (XFS_SB_VERSION_5) &&
++          (data->sblock.sb_features_incompat &
++           grub_cpu_to_be32_compile_time (XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR)));
++}
++
+ /* Filetype information as used in inodes.  */
+ #define FILETYPE_INO_MASK	0170000
+ #define FILETYPE_INO_REG	0100000
+@@ -975,6 +987,9 @@ grub_xfs_mount (grub_disk_t disk)
+   if (!grub_xfs_sb_valid(data))
+     goto fail;
+ 
++  if (grub_xfs_sb_needs_repair (data))
++    grub_dprintf ("xfs", "XFS filesystem needs repair, boot may fail\n");
++
+   if (grub_add (grub_xfs_inode_size (data),
+       sizeof (struct grub_xfs_data) - sizeof (struct grub_xfs_inode) + 1, &sz))
+     goto fail;
+-- 
+2.43.5
+

SOURCES/0669-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch

@@ -0,0 +1,121 @@
+From e89ae8eac88f240d757f812bebac1b46e62222bc Mon Sep 17 00:00:00 2001
+From: Erwan Velu <erwanaliasr1@gmail.com>
+Date: Wed, 25 Aug 2021 15:31:52 +0200
+Subject: [PATCH 669/676] fs/xfs: Fix unreadable filesystem with v4 superblock
+
+The commit 8b1e5d193 (fs/xfs: Add bigtime incompat feature support)
+introduced the bigtime support by adding some features in v3 inodes.
+This change extended grub_xfs_inode struct by 76 bytes but also changed
+the computation of XFS_V2_INODE_SIZE and XFS_V3_INODE_SIZE. Prior this
+commit, XFS_V2_INODE_SIZE was 100 bytes. After the commit it's 84 bytes
+XFS_V2_INODE_SIZE becomes 16 bytes too small.
+
+As a result, the data structures aren't properly aligned and the GRUB
+generates "attempt to read or write outside of partition" errors when
+trying to read the XFS filesystem:
+
+                             GNU GRUB  version 2.11
+	....
+	grub> set debug=efi,gpt,xfs
+	grub> insmod part_gpt
+	grub> ls (hd0,gpt1)/
+	partmap/gpt.c:93: Read a valid GPT header
+	partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125
+	fs/xfs.c:931: Reading sb
+	fs/xfs.c:270: Validating superblock
+	fs/xfs.c:295: XFS v4 superblock detected
+	fs/xfs.c:962: Reading root ino 128
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (739521961424144223) - 344365866970255880, 3840
+	error: attempt to read or write outside of partition.
+
+This commit change the XFS_V2_INODE_SIZE computation by subtracting 76
+bytes instead of 92 bytes from the actual size of grub_xfs_inode struct.
+This 76 bytes value comes from added members:
+	20 grub_uint8_t   unused5
+	 1 grub_uint64_t  flags2
+        48 grub_uint8_t   unused6
+
+This patch explicitly splits the v2 and v3 parts of the structure.
+The unused4 is still ending of the v2 structures and the v3 starts
+at unused5. Thanks to this we will avoid future corruptions of v2
+or v3 inodes.
+
+The XFS_V2_INODE_SIZE is returning to its expected size and the
+filesystem is back to a readable state:
+
+                      GNU GRUB  version 2.11
+	....
+	grub> set debug=efi,gpt,xfs
+	grub> insmod part_gpt
+	grub> ls (hd0,gpt1)/
+	partmap/gpt.c:93: Read a valid GPT header
+	partmap/gpt.c:115: GPT entry 0: start=4096, length=1953125
+	fs/xfs.c:931: Reading sb
+	fs/xfs.c:270: Validating superblock
+	fs/xfs.c:295: XFS v4 superblock detected
+	fs/xfs.c:962: Reading root ino 128
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:931: Reading sb
+	fs/xfs.c:270: Validating superblock
+	fs/xfs.c:295: XFS v4 superblock detected
+	fs/xfs.c:962: Reading root ino 128
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (128) - 64, 0
+	fs/xfs.c:515: Reading inode (131) - 64, 768
+	efi/ fs/xfs.c:515: Reading inode (3145856) - 1464904, 0
+	grub2/ fs/xfs.c:515: Reading inode (132) - 64, 1024
+	grub/ fs/xfs.c:515: Reading inode (139) - 64, 2816
+	grub>
+
+Fixes: 8b1e5d193 (fs/xfs: Add bigtime incompat feature support)
+
+Signed-off-by: Erwan Velu <e.velu@criteo.com>
+Tested-by: Carlos Maiolino <cmaiolino@redhat.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+(cherry picked from commit a4b495520e4dc41a896a8b916a64eda9970c50ea)
+---
+ grub-core/fs/xfs.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index 7d4e632..7d15add 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -192,6 +192,11 @@ struct grub_xfs_time_legacy
+   grub_uint32_t nanosec;
+ } GRUB_PACKED;
+ 
++/*
++ * The struct grub_xfs_inode layout was taken from the
++ * struct xfs_dinode_core which is described here:
++ * https://mirrors.edge.kernel.org/pub/linux/utils/fs/xfs/docs/xfs_filesystem_structure.pdf
++ */
+ struct grub_xfs_inode
+ {
+   grub_uint8_t magic[2];
+@@ -208,14 +213,15 @@ struct grub_xfs_inode
+   grub_uint32_t nextents;
+   grub_uint16_t unused3;
+   grub_uint8_t fork_offset;
+-  grub_uint8_t unused4[37];
++  grub_uint8_t unused4[17]; /* Last member of inode v2. */
++  grub_uint8_t unused5[20]; /* First member of inode v3. */
+   grub_uint64_t flags2;
+-  grub_uint8_t unused5[48];
++  grub_uint8_t unused6[48]; /* Last member of inode v3. */
+ } GRUB_PACKED;
+ 
+ #define XFS_V3_INODE_SIZE	sizeof(struct grub_xfs_inode)
+-/* Size of struct grub_xfs_inode until fork_offset (included). */
+-#define XFS_V2_INODE_SIZE	(XFS_V3_INODE_SIZE - 92)
++/* Size of struct grub_xfs_inode v2, up to unused4 member included. */
++#define XFS_V2_INODE_SIZE	(XFS_V3_INODE_SIZE - 76)
+ 
+ struct grub_xfs_dirblock_tail
+ {
+-- 
+2.43.5
+

SOURCES/0671-fs-xfs-Fix-memory-leaks-in-XFS-module.patch

@@ -0,0 +1,50 @@
+From a6405bff7be8359a790f536a3fe2b84b96cfeccd Mon Sep 17 00:00:00 2001
+From: "t.feng" <fengtao40@huawei.com>
+Date: Tue, 29 Nov 2022 17:14:15 +0800
+Subject: [PATCH 671/676] fs/xfs: Fix memory leaks in XFS module
+
+Signed-off-by: t.feng <fengtao40@huawei.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ grub-core/fs/xfs.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index 4caf29f..171417d 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -598,7 +598,10 @@ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
+           if (grub_disk_read (node->data->disk,
+                               GRUB_XFS_FSB_TO_BLOCK (node->data, get_fsb (keys, i - 1 + recoffset)) << (node->data->sblock.log2_bsize - GRUB_DISK_SECTOR_BITS),
+                               0, node->data->bsize, leaf))
+-            return 0;
++            {
++              grub_free (leaf);
++              return 0;
++            }
+ 
+ 	  if ((!node->data->hascrc &&
+ 	       grub_strncmp ((char *) leaf->magic, "BMAP", 4)) ||
+@@ -789,6 +792,7 @@ static int iterate_dir_call_hook (grub_uint64_t ino, const char *filename,
+   if (err)
+     {
+       grub_print_error ();
++      grub_free (fdiro);
+       return 0;
+     }
+ 
+@@ -906,7 +910,10 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 					  blk << dirblk_log2,
+ 					  dirblk_size, dirblock, 0);
+ 	    if (numread != dirblk_size)
+-	      return 0;
++	      {
++	        grub_free (dirblock);
++	        return 0;
++	      }
+ 
+ 	    entries = (grub_be_to_cpu32 (tail->leaf_count)
+ 		       - grub_be_to_cpu32 (tail->leaf_stale));
+-- 
+2.43.5
+

SOURCES/0672-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch

@@ -0,0 +1,51 @@
+From df644ea62c0c0c029ee05d298dc1c61b967bc9c9 Mon Sep 17 00:00:00 2001
+From: Lidong Chen <lidong.chen@oracle.com>
+Date: Thu, 28 Sep 2023 22:33:44 +0000
+Subject: [PATCH 672/676] fs/xfs: Incorrect short form directory data boundary
+ check
+
+After parsing of the current entry, the entry pointer is advanced
+to the next entry at the end of the "for" loop. In case where the
+last entry is at the end of the data boundary, the advanced entry
+pointer can point off the data boundary. The subsequent boundary
+check for the advanced entry pointer can cause a failure.
+
+The fix is to include the boundary check into the "for" loop
+condition.
+
+Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Tested-by: Marta Lewandowska <mlewando@redhat.com>
+---
+ grub-core/fs/xfs.c | 7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index 171417d..a79d805 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -835,7 +835,8 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 	if (iterate_dir_call_hook (parent, "..", &ctx))
+ 	  return 1;
+ 
+-	for (i = 0; i < head->count; i++)
++	for (i = 0; i < head->count &&
++	     (grub_uint8_t *) de < ((grub_uint8_t *) dir + grub_xfs_fshelp_size (dir->data)); i++)
+ 	  {
+ 	    grub_uint64_t ino;
+ 	    grub_uint8_t *inopos = grub_xfs_inline_de_inopos(dir->data, de);
+@@ -870,10 +871,6 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 	    de->name[de->len] = c;
+ 
+ 	    de = grub_xfs_inline_next_de(dir->data, head, de);
+-
+-	    if ((grub_uint8_t *) de >= (grub_uint8_t *) dir + grub_xfs_fshelp_size (dir->data))
+-	      return grub_error (GRUB_ERR_BAD_FS, "invalid XFS directory entry");
+-
+ 	  }
+ 	break;
+       }
+-- 
+2.43.5
+

SOURCES/0673-fs-xfs-Fix-XFS-directory-extent-parsing.patch

@@ -0,0 +1,171 @@
+From e6845e0ad12d7f0a584e2a34da47a9d836efb0ad Mon Sep 17 00:00:00 2001
+From: Jon DeVree <nuxi@vault24.org>
+Date: Tue, 17 Oct 2023 23:03:47 -0400
+Subject: [PATCH 673/676] fs/xfs: Fix XFS directory extent parsing
+
+The XFS directory entry parsing code has never been completely correct
+for extent based directories. The parser correctly handles the case
+where the directory is contained in a single extent, but then mistakenly
+assumes the data blocks for the multiple extent case are each identical
+to the single extent case. The difference in the format of the data
+blocks between the two cases is tiny enough that its gone unnoticed for
+a very long time.
+
+A recent change introduced some additional bounds checking into the XFS
+parser. Like GRUB's existing parser, it is correct for the single extent
+case but incorrect for the multiple extent case. When parsing a directory
+with multiple extents, this new bounds checking is sometimes (but not
+always) tripped and triggers an "invalid XFS directory entry" error. This
+probably would have continued to go unnoticed but the /boot/grub/<arch>
+directory is large enough that it often has multiple extents.
+
+The difference between the two cases is that when there are multiple
+extents, the data blocks do not contain a trailer nor do they contain
+any leaf information. That information is stored in a separate set of
+extents dedicated to just the leaf information. These extents come after
+the directory entry extents and are not included in the inode size. So
+the existing parser already ignores the leaf extents.
+
+The only reason to read the trailer/leaf information at all is so that
+the parser can avoid misinterpreting that data as directory entries. So
+this updates the parser as follows:
+
+For the single extent case the parser doesn't change much:
+1. Read the size of the leaf information from the trailer
+2. Set the end pointer for the parser to the start of the leaf
+   information. (The previous bounds checking set the end pointer to the
+   start of the trailer, so this is actually a small improvement.)
+3. Set the entries variable to the expected number of directory entries.
+
+For the multiple extent case:
+1. Set the end pointer to the end of the block.
+2. Do not set up the entries variable. Figuring out how many entries are
+   in each individual block is complex and does not seem worth it when
+   it appears to be safe to just iterate over the entire block.
+
+The bounds check itself was also dependent upon the faulty XFS parser
+because it accidentally used "filename + length - 1". Presumably this
+was able to pass the fuzzer because in the old parser there was always
+8 bytes of slack space between the tail pointer and the actual end of
+the block. Since this is no longer the case the bounds check needs to be
+updated to "filename + length + 1" in order to prevent a regression in
+the handling of corrupt fliesystems.
+
+Notes:
+* When there is only one extent there will only ever be one block. If
+  more than one block is required then XFS will always switch to holding
+  leaf information in a separate extent.
+* B-tree based directories seems to be parsed properly by the same code
+  that handles multiple extents. This is unlikely to ever occur within
+  /boot though because its only used when there are an extremely large
+  number of directory entries.
+
+Fixes: ef7850c75 (fs/xfs: Fix issues found while fuzzing the XFS filesystem)
+Fixes: b2499b29c (Adds support for the XFS filesystem.)
+Fixes: https://savannah.gnu.org/bugs/?64376
+
+Signed-off-by: Jon DeVree <nuxi@vault24.org>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+Tested-by: Marta Lewandowska <mlewando@redhat.com>
+---
+ grub-core/fs/xfs.c | 52 +++++++++++++++++++++++++++++++++-------------
+ 1 file changed, 38 insertions(+), 14 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index a79d805..5beda40 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -223,6 +223,12 @@ struct grub_xfs_inode
+ /* Size of struct grub_xfs_inode v2, up to unused4 member included. */
+ #define XFS_V2_INODE_SIZE	(XFS_V3_INODE_SIZE - 76)
+ 
++struct grub_xfs_dir_leaf_entry
++{
++  grub_uint32_t hashval;
++  grub_uint32_t address;
++} GRUB_PACKED;
++
+ struct grub_xfs_dirblock_tail
+ {
+   grub_uint32_t leaf_count;
+@@ -899,9 +905,8 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 	  {
+ 	    struct grub_xfs_dir2_entry *direntry =
+ 					grub_xfs_first_de(dir->data, dirblock);
+-	    int entries;
+-	    struct grub_xfs_dirblock_tail *tail =
+-					grub_xfs_dir_tail(dir->data, dirblock);
++	    int entries = -1;
++	    char *end = dirblock + dirblk_size;
+ 
+ 	    numread = grub_xfs_read_file (dir, 0, 0,
+ 					  blk << dirblk_log2,
+@@ -912,14 +917,27 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 	        return 0;
+ 	      }
+ 
+-	    entries = (grub_be_to_cpu32 (tail->leaf_count)
+-		       - grub_be_to_cpu32 (tail->leaf_stale));
++	    /*
++	     * Leaf and tail information are only in the data block if the number
++	     * of extents is 1.
++	     */
++	    if (dir->inode.nextents == grub_cpu_to_be32_compile_time (1))
++	      {
++		struct grub_xfs_dirblock_tail *tail = grub_xfs_dir_tail (dir->data, dirblock);
++
++		end = (char *) tail;
++
++		/* Subtract the space used by leaf nodes. */
++		end -= grub_be_to_cpu32 (tail->leaf_count) * sizeof (struct grub_xfs_dir_leaf_entry);
+ 
+-	    if (!entries)
+-	      continue;
++		entries = grub_be_to_cpu32 (tail->leaf_count) - grub_be_to_cpu32 (tail->leaf_stale);
++
++		if (!entries)
++		  continue;
++	      }
+ 
+ 	    /* Iterate over all entries within this block.  */
+-	    while ((char *)direntry < (char *)tail)
++	    while ((char *) direntry < (char *) end)
+ 	      {
+ 		grub_uint8_t *freetag;
+ 		char *filename;
+@@ -939,7 +957,7 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 		  }
+ 
+ 		filename = (char *)(direntry + 1);
+-		if (filename + direntry->len - 1 > (char *) tail)
++		if (filename + direntry->len + 1 > (char *) end)
+ 		  return grub_error (GRUB_ERR_BAD_FS, "invalid XFS directory entry");
+ 
+ 		/* The byte after the filename is for the filetype, padding, or
+@@ -953,11 +971,17 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 		    return 1;
+ 		  }
+ 
+-		/* Check if last direntry in this block is
+-		   reached.  */
+-		entries--;
+-		if (!entries)
+-		  break;
++		/*
++		 * The expected number of directory entries is only tracked for the
++		 * single extent case.
++		 */
++		if (dir->inode.nextents == grub_cpu_to_be32_compile_time (1))
++		  {
++		    /* Check if last direntry in this block is reached. */
++		    entries--;
++		    if (!entries)
++		      break;
++		  }
+ 
+ 		/* Select the next directory entry.  */
+ 		direntry = grub_xfs_next_de(dir->data, direntry);
+-- 
+2.43.5
+

SOURCES/0674-fs-xfs-Add-large-extent-counters-incompat-feature-su.patch

@@ -0,0 +1,119 @@
+From 8aa1ebc1a094c7ae8eb6d2b11412bff99eda66b0 Mon Sep 17 00:00:00 2001
+From: Anthony Iliopoulos <ailiop@suse.com>
+Date: Thu, 26 Oct 2023 11:53:39 +0200
+Subject: [PATCH 674/676] fs/xfs: Add large extent counters incompat feature
+ support
+
+XFS introduced 64-bit extent counters for inodes via a series of
+upstream commits and the feature was marked as stable in v6.5 via
+commit 61d7e8274cd8 (xfs: drop EXPERIMENTAL tag for large extent
+counts).
+
+Further, xfsprogs release v6.5.0 switched this feature on by default
+in mkfs.xfs via commit e5b18d7d1d96 (mkfs: enable large extent counts
+by default).
+
+Filesystems formatted with large extent count support, nrext64=1, are
+thus currently not recognizable by GRUB, since this is an incompat
+feature. Add the required support so that those filesystems and inodes
+with large extent counters can be read by GRUB.
+
+Signed-off-by: Anthony Iliopoulos <ailiop@suse.com>
+Reviewed-by: Andrey Albershteyn <aalbersh@redhat.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Tested-by: Marta Lewandowska <mlewando@redhat.com>
+Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+---
+ grub-core/fs/xfs.c | 30 +++++++++++++++++++++++++-----
+ 1 file changed, 25 insertions(+), 5 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index 5beda40..f74b316 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -79,6 +79,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ /* Inode flags2 flags */
+ #define XFS_DIFLAG2_BIGTIME_BIT	3
+ #define XFS_DIFLAG2_BIGTIME		(1 << XFS_DIFLAG2_BIGTIME_BIT)
++#define XFS_DIFLAG2_NREXT64_BIT	4
++#define XFS_DIFLAG2_NREXT64		(1 << XFS_DIFLAG2_NREXT64_BIT)
+ 
+ /* incompat feature flags */
+ #define XFS_SB_FEAT_INCOMPAT_FTYPE      (1 << 0)        /* filetype in dirent */
+@@ -86,6 +88,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ #define XFS_SB_FEAT_INCOMPAT_META_UUID  (1 << 2)        /* metadata UUID */
+ #define XFS_SB_FEAT_INCOMPAT_BIGTIME    (1 << 3)        /* large timestamps */
+ #define XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR (1 << 4)       /* needs xfs_repair */
++#define XFS_SB_FEAT_INCOMPAT_NREXT64 (1 << 5)           /* large extent counters */
+ 
+ /*
+  * Directory entries with ftype are explicitly handled by GRUB code.
+@@ -101,7 +104,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
+ 	 XFS_SB_FEAT_INCOMPAT_SPINODES | \
+ 	 XFS_SB_FEAT_INCOMPAT_META_UUID | \
+ 	 XFS_SB_FEAT_INCOMPAT_BIGTIME | \
+-	 XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR)
++	 XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR | \
++	 XFS_SB_FEAT_INCOMPAT_NREXT64)
+ 
+ struct grub_xfs_sblock
+ {
+@@ -203,7 +207,8 @@ struct grub_xfs_inode
+   grub_uint16_t mode;
+   grub_uint8_t version;
+   grub_uint8_t format;
+-  grub_uint8_t unused2[26];
++  grub_uint8_t unused2[18];
++  grub_uint64_t nextents_big;
+   grub_uint64_t atime;
+   grub_uint64_t mtime;
+   grub_uint64_t ctime;
+@@ -547,11 +552,26 @@ get_fsb (const void *keys, int idx)
+   return grub_be_to_cpu64 (grub_get_unaligned64 (p));
+ }
+ 
++static int
++grub_xfs_inode_has_large_extent_counts (const struct grub_xfs_inode *inode)
++{
++  return inode->version >= 3 &&
++	 (inode->flags2 & grub_cpu_to_be64_compile_time (XFS_DIFLAG2_NREXT64));
++}
++
++static grub_uint64_t
++grub_xfs_get_inode_nextents (struct grub_xfs_inode *inode)
++{
++  return (grub_xfs_inode_has_large_extent_counts (inode)) ?
++	  grub_be_to_cpu64 (inode->nextents_big) :
++	  grub_be_to_cpu32 (inode->nextents);
++}
++
+ static grub_disk_addr_t
+ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
+ {
+   struct grub_xfs_btree_node *leaf = 0;
+-  int ex, nrec;
++  grub_uint64_t ex, nrec;
+   struct grub_xfs_extent *exts;
+   grub_uint64_t ret = 0;
+ 
+@@ -576,7 +596,7 @@ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
+ 				/ (2 * sizeof (grub_uint64_t));
+       do
+         {
+-          int i;
++          grub_uint64_t i;
+           grub_addr_t keys_end, data_end;
+           if (grub_mul (sizeof (grub_uint64_t), nrec, &keys_end) ||
+               grub_add ((grub_addr_t) keys, keys_end, &keys_end) ||
+@@ -633,7 +653,7 @@ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
+       grub_addr_t exts_end = 0;
+       grub_addr_t data_end = 0;
+ 
+-      nrec = grub_be_to_cpu32 (node->inode.nextents);
++      nrec = grub_xfs_get_inode_nextents (&node->inode);
+       exts = (struct grub_xfs_extent *) grub_xfs_inode_data(&node->inode);
+ 
+       if (grub_mul (sizeof (struct grub_xfs_extent), nrec, &exts_end) ||
+-- 
+2.43.5
+

SOURCES/0675-fs-xfs-Handle-non-continuous-data-blocks-in-director.patch

@@ -0,0 +1,57 @@
+From 4011de1eec2ccd61246cffe7bb96822ed97942eb Mon Sep 17 00:00:00 2001
+From: Jon DeVree <nuxi@vault24.org>
+Date: Sun, 11 Feb 2024 10:34:58 -0500
+Subject: [PATCH 675/676] fs/xfs: Handle non-continuous data blocks in
+ directory extents
+
+The directory extent list does not have to be a continuous list of data
+blocks. When GRUB tries to read a non-existant member of the list,
+grub_xfs_read_file() will return a block of zero'ed memory. Checking for
+a zero'ed magic number is sufficient to skip this non-existant data block.
+
+Prior to commit 07318ee7e (fs/xfs: Fix XFS directory extent parsing)
+this was handled as a subtle side effect of reading the (non-existant)
+tail data structure. Since the block was zero'ed the computation of the
+number of directory entries in the block would return 0 as well.
+
+Fixes: 07318ee7e (fs/xfs: Fix XFS directory extent parsing)
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2254370
+
+Signed-off-by: Jon DeVree <nuxi@vault24.org>
+Reviewed-By: Vladimir Serbinenko <phcoder@gmail.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+---
+ grub-core/fs/xfs.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index f74b316..a5ab311 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -927,6 +927,7 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 					grub_xfs_first_de(dir->data, dirblock);
+ 	    int entries = -1;
+ 	    char *end = dirblock + dirblk_size;
++	    grub_uint32_t magic;
+ 
+ 	    numread = grub_xfs_read_file (dir, 0, 0,
+ 					  blk << dirblk_log2,
+@@ -937,6 +938,15 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 	        return 0;
+ 	      }
+ 
++	    /*
++	     * If this data block isn't actually part of the extent list then
++	     * grub_xfs_read_file() returns a block of zeros. So, if the magic
++	     * number field is all zeros then this block should be skipped.
++	     */
++	    magic = *(grub_uint32_t *)(void *) dirblock;
++	    if (!magic)
++	      continue;
++
+ 	    /*
+ 	     * Leaf and tail information are only in the data block if the number
+ 	     * of extents is 1.
+-- 
+2.43.5
+

SOURCES/0676-fs-xfs-fix-large-extent-counters-incompat-feature-su.patch

@@ -0,0 +1,48 @@
+From dd6867d45ecc3ca9bb5026ee5197a9d88f5d2888 Mon Sep 17 00:00:00 2001
+From: Eric Sandeen <sandeen@redhat.com>
+Date: Wed, 4 Dec 2024 07:50:28 -0600
+Subject: [PATCH 676/676] fs/xfs: fix large extent counters incompat feature
+ support
+
+When large extent counter / NREXT64 support was added to grub, it missed
+a couple of direct reads of nextents which need to be changed to the new
+NREXT64-aware helper as well. Without this, we'll have mis-reads of some
+directories with this feature enabled.
+
+(The large extent counter fix likely raced on merge with
+07318ee7e ("fs/xfs: Fix XFS directory extent parsing") which added the new
+direct nextents reads just prior, causing this issue.)
+
+Fixes: aa7c1322671e ("fs/xfs: Add large extent counters incompat feature support")
+Signed-off-by: Eric Sandeen <sandeen@redhat.com>
+Reviewed-by: Anthony Iliopoulos <ailiop@suse.com>
+Reviewed-by: Jon DeVree <nuxi@vault24.org>
+---
+ grub-core/fs/xfs.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
+index a5ab311..148a0e5 100644
+--- a/grub-core/fs/xfs.c
++++ b/grub-core/fs/xfs.c
+@@ -951,7 +951,7 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 	     * Leaf and tail information are only in the data block if the number
+ 	     * of extents is 1.
+ 	     */
+-	    if (dir->inode.nextents == grub_cpu_to_be32_compile_time (1))
++	    if (grub_xfs_get_inode_nextents(&dir->inode) == 1)
+ 	      {
+ 		struct grub_xfs_dirblock_tail *tail = grub_xfs_dir_tail (dir->data, dirblock);
+ 
+@@ -1005,7 +1005,7 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
+ 		 * The expected number of directory entries is only tracked for the
+ 		 * single extent case.
+ 		 */
+-		if (dir->inode.nextents == grub_cpu_to_be32_compile_time (1))
++		if (grub_xfs_get_inode_nextents(&dir->inode) == 1)
+ 		  {
+ 		    /* Check if last direntry in this block is reached. */
+ 		    entries--;
+-- 
+2.43.5
+

SOURCES/grub.patches

@@ -663,3 +663,13 @@ Patch0663: 0663-types-Make-bool-generally-available.patch
 Patch0664: 0664-Remove-exttra-bool-definitions.patch
 Patch0665: 0665-fs-xfs-Fix-issues-found-while-fuzzing-the-XFS-filesy.patch
 Patch0666: 0666-ieee1275-ofnet-Fix-grub_malloc-removed-after-added-s.patch
+Patch0667: 0667-fs-xfs-Add-bigtime-incompat-feature-support.patch
+Patch0668: 0668-fs-xfs-Add-needsrepair-incompat-feature-support.patch
+Patch0669: 0669-fs-xfs-Fix-unreadable-filesystem-with-v4-superblock.patch
+Patch0670: 0670-fs-Remove-trailing-whitespaces.patch
+Patch0671: 0671-fs-xfs-Fix-memory-leaks-in-XFS-module.patch
+Patch0672: 0672-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch
+Patch0673: 0673-fs-xfs-Fix-XFS-directory-extent-parsing.patch
+Patch0674: 0674-fs-xfs-Add-large-extent-counters-incompat-feature-su.patch
+Patch0675: 0675-fs-xfs-Handle-non-continuous-data-blocks-in-director.patch
+Patch0676: 0676-fs-xfs-fix-large-extent-counters-incompat-feature-su.patch

SPECS/grub2.spec

@@ -7,7 +7,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.02
-Release:	162%{?dist}
+Release:	163%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 Group:		System Environment/Base
 License:	GPLv3+
@@ -523,6 +523,10 @@ fi
 %endif
 
 %changelog
+* Thu Apr 3 2025 Nicolas Frayer <nfrayer@redhat.com> - 2.02-163
+- fs/xfs: Synced xfs to latest
+- Resolves: #RHEL-85627
+
 * Tue Mar 25 2025 Nicolas Frayer <nfrayer@redhat.com> - 2.02-162
 - ieee1275/ofnet: Fix grub_malloc() removed after added safe
 - Remove 'fs/ntfs: Implement attribute verification' patch