Sync from SUSE:SLFO:Kernel:1.0 kernel-livepatch-MICRO-6-0_Update_3 revision f3bd09afd5f30271669cc3fb08ab9e04

Makefile

@@ -4,7 +4,7 @@ ccflags-y += -I$(obj)
 
 obj-m := livepatch-@@RPMRELEASE@@.o
 
-livepatch-@@RPMRELEASE@@-y := uname_patch/livepatch_uname.o bsc1230998/livepatch_bsc1230998.o bsc1231993/bsc1231993_net_ipv4_tcp_input.o bsc1231993/bsc1231993_net_ipv4_tcp_output.o bsc1231993/livepatch_bsc1231993.o bsc1233679/livepatch_bsc1233679.o bsc1235452/livepatch_bsc1235452.o bsc1235916/livepatch_bsc1235916.o bsc1236783/livepatch_bsc1236783.o bsc1235218/livepatch_bsc1235218.o bsc1233677/livepatch_bsc1233677.o bsc1235008/livepatch_bsc1235008.o bsc1235431/livepatch_bsc1235431.o bsc1240840/livepatch_bsc1240840.o bsc1233019/livepatch_bsc1233019.o bsc1233678/bsc1233678_drivers_net_ethernet_mellanox_mlxsw_spectrum_span.o bsc1233678/bsc1233678_net_ipv4_ip_gre.o bsc1233678/bsc1233678_net_ipv4_ip_tunnel.o bsc1233678/livepatch_bsc1233678.o bsc1234847/livepatch_bsc1234847.o livepatch_main.o bsc1232900/livepatch_bsc1232900.o bsc1236701/livepatch_bsc1236701.o bsc1239077/livepatch_bsc1239077.o bsc1239096/livepatch_bsc1239096.o bsc1232908/livepatch_bsc1232908.o bsc1232927/livepatch_bsc1232927.o bsc1232929/livepatch_bsc1232929.o bsc1233245/livepatch_bsc1233245.o bsc1233680/livepatch_bsc1233680.o bsc1233708/livepatch_bsc1233708.o bsc1235062/livepatch_bsc1235062.o bsc1235086/livepatch_bsc1235086.o bsc1235129/livepatch_bsc1235129.o bsc1235231/livepatch_bsc1235231.o bsc1236244/livepatch_bsc1236244.o bsc1233118/livepatch_bsc1233118.o bsc1233227/livepatch_bsc1233227.o bsc1234854/livepatch_bsc1234854.o bsc1234885/livepatch_bsc1234885.o bsc1234892/livepatch_bsc1234892.o bsc1235005/livepatch_bsc1235005.o bsc1235769/livepatch_bsc1235769.o bsc1235921/livepatch_bsc1235921.o bsc1238912/livepatch_bsc1238912.o bsc1241579/livepatch_bsc1241579.o bsc1243648/livepatch_bsc1243648.o bsc1235250/livepatch_bsc1235250.o bsc1245793/livepatch_bsc1245793.o bsc1245797/livepatch_bsc1245797.o bsc1245804/livepatch_bsc1245804.o 
+livepatch-@@RPMRELEASE@@-y := uname_patch/livepatch_uname.o bsc1230998/livepatch_bsc1230998.o bsc1231993/bsc1231993_net_ipv4_tcp_input.o bsc1231993/bsc1231993_net_ipv4_tcp_output.o bsc1231993/livepatch_bsc1231993.o bsc1233679/livepatch_bsc1233679.o bsc1235452/livepatch_bsc1235452.o bsc1235916/livepatch_bsc1235916.o bsc1236783/livepatch_bsc1236783.o bsc1235218/livepatch_bsc1235218.o bsc1233677/livepatch_bsc1233677.o bsc1235008/livepatch_bsc1235008.o bsc1235431/livepatch_bsc1235431.o bsc1240840/livepatch_bsc1240840.o bsc1233019/livepatch_bsc1233019.o bsc1233678/bsc1233678_drivers_net_ethernet_mellanox_mlxsw_spectrum_span.o bsc1233678/bsc1233678_net_ipv4_ip_gre.o bsc1233678/bsc1233678_net_ipv4_ip_tunnel.o bsc1233678/livepatch_bsc1233678.o bsc1234847/livepatch_bsc1234847.o livepatch_main.o bsc1232900/livepatch_bsc1232900.o bsc1236701/livepatch_bsc1236701.o bsc1239077/livepatch_bsc1239077.o bsc1239096/livepatch_bsc1239096.o bsc1232908/livepatch_bsc1232908.o bsc1232927/livepatch_bsc1232927.o bsc1232929/livepatch_bsc1232929.o bsc1233245/livepatch_bsc1233245.o bsc1233680/livepatch_bsc1233680.o bsc1233708/livepatch_bsc1233708.o bsc1235062/livepatch_bsc1235062.o bsc1235086/livepatch_bsc1235086.o bsc1235129/livepatch_bsc1235129.o bsc1235231/livepatch_bsc1235231.o bsc1236244/livepatch_bsc1236244.o bsc1233118/livepatch_bsc1233118.o bsc1233227/livepatch_bsc1233227.o bsc1234854/livepatch_bsc1234854.o bsc1234885/livepatch_bsc1234885.o bsc1234892/livepatch_bsc1234892.o bsc1235005/livepatch_bsc1235005.o bsc1235769/livepatch_bsc1235769.o bsc1235921/livepatch_bsc1235921.o bsc1238912/livepatch_bsc1238912.o bsc1241579/livepatch_bsc1241579.o bsc1243648/livepatch_bsc1243648.o bsc1235250/livepatch_bsc1235250.o bsc1245793/livepatch_bsc1245793.o bsc1245797/livepatch_bsc1245797.o bsc1245804/livepatch_bsc1245804.o bsc1245218/livepatch_bsc1245218.o bsc1245350/livepatch_bsc1245350.o bsc1247350/livepatch_bsc1247350.o bsc1231676/livepatch_bsc1231676.o bsc1231943/livepatch_bsc1231943.o bsc1232271/livepatch_bsc1232271.o bsc1236207/livepatch_bsc1236207.o bsc1242579/bsc1242579_fs_proc_generic.o bsc1242579/bsc1242579_fs_proc_inode.o bsc1242579/livepatch_bsc1242579.o bsc1245505/livepatch_bsc1245505.o bsc1245791/livepatch_bsc1245791.o bsc1245805/livepatch_bsc1245805.o bsc1246030/livepatch_bsc1246030.o bsc1245685/livepatch_bsc1245685.o bsc1245795/livepatch_bsc1245795.o bsc1246001/livepatch_bsc1246001.o bsc1246356/livepatch_bsc1246356.o bsc1247499/livepatch_bsc1247499.o bsc1248298/livepatch_bsc1248298.o bsc1233072/livepatch_bsc1233072.o bsc1237048/livepatch_bsc1237048.o bsc1240744/bsc1240744_net_ipv4_ip_output.o bsc1240744/bsc1240744_net_ipv6_ip6_output.o bsc1240744/bsc1240744_net_ipv6_output_core.o bsc1240744/bsc1240744_net_ipv6_raw.o bsc1240744/livepatch_bsc1240744.o bsc1243650/bsc1243650_net_sunrpc_svcsock.o bsc1243650/bsc1243650_net_sunrpc_xprtsock.o bsc1243650/livepatch_bsc1243650.o bsc1245509/livepatch_bsc1245509.o bsc1247315/livepatch_bsc1247315.o bsc1232384/livepatch_bsc1232384.o bsc1245794/livepatch_bsc1245794.o bsc1246075/livepatch_bsc1246075.o bsc1247158/bsc1247158_fs_anon_inodes.o bsc1247158/bsc1247158_mm_secretmem.o bsc1247158/livepatch_bsc1247158.o bsc1247452/livepatch_bsc1247452.o bsc1248376/livepatch_bsc1248376.o bsc1248673/livepatch_bsc1248673.o bsc1248749/livepatch_bsc1248749.o bsc1249458/livepatch_bsc1249458.o bsc1249534/livepatch_bsc1249534.o bsc1246019/bsc1246019_net_sched_sch_cake.o bsc1246019/bsc1246019_net_sched_sch_choke.o bsc1246019/livepatch_bsc1246019.o bsc1248631/livepatch_bsc1248631.o bsc1249207/livepatch_bsc1249207.o bsc1249208/livepatch_bsc1249208.o bsc1242882/livepatch_bsc1242882.o bsc1245778/livepatch_bsc1245778.o bsc1248672/livepatch_bsc1248672.o bsc1249537/bsc1249537_net_tls_tls_strp.o bsc1249537/bsc1249537_net_tls_tls_sw.o 
 
 default:
 	$(MAKE) -C $(KDIR) M=$(CURDIR) modules
@@ -110,3 +110,113 @@ CFLAGS_livepatch_bsc1245797.o += -Werror
 CFLAGS_bsc1245797/livepatch_bsc1245797.o += -Werror
 CFLAGS_livepatch_bsc1245804.o += -Werror
 CFLAGS_bsc1245804/livepatch_bsc1245804.o += -Werror
+CFLAGS_livepatch_bsc1245218.o += -Werror
+CFLAGS_bsc1245218/livepatch_bsc1245218.o += -Werror
+CFLAGS_livepatch_bsc1245350.o += -Werror
+CFLAGS_bsc1245350/livepatch_bsc1245350.o += -Werror
+CFLAGS_livepatch_bsc1247350.o += -Werror
+CFLAGS_bsc1247350/livepatch_bsc1247350.o += -Werror
+CFLAGS_livepatch_bsc1231676.o += -Werror
+CFLAGS_bsc1231676/livepatch_bsc1231676.o += -Werror
+CFLAGS_livepatch_bsc1231943.o += -Werror
+CFLAGS_bsc1231943/livepatch_bsc1231943.o += -Werror
+CFLAGS_livepatch_bsc1232271.o += -Werror
+CFLAGS_bsc1232271/livepatch_bsc1232271.o += -Werror
+CFLAGS_livepatch_bsc1236207.o += -Werror
+CFLAGS_bsc1236207/livepatch_bsc1236207.o += -Werror
+CFLAGS_bsc1242579_fs_proc_inode.o += -Werror
+CFLAGS_bsc1242579/bsc1242579_fs_proc_inode.o += -Werror
+CFLAGS_bsc1242579_fs_proc_generic.o += -Werror
+CFLAGS_bsc1242579/bsc1242579_fs_proc_generic.o += -Werror
+CFLAGS_livepatch_bsc1242579.o += -Werror
+CFLAGS_bsc1242579/livepatch_bsc1242579.o += -Werror
+CFLAGS_livepatch_bsc1245505.o += -Werror
+CFLAGS_bsc1245505/livepatch_bsc1245505.o += -Werror
+CFLAGS_livepatch_bsc1245791.o += -Werror
+CFLAGS_bsc1245791/livepatch_bsc1245791.o += -Werror
+CFLAGS_livepatch_bsc1245805.o += -Werror
+CFLAGS_bsc1245805/livepatch_bsc1245805.o += -Werror
+CFLAGS_livepatch_bsc1246030.o += -Werror
+CFLAGS_bsc1246030/livepatch_bsc1246030.o += -Werror
+CFLAGS_livepatch_bsc1245685.o += -Werror
+CFLAGS_bsc1245685/livepatch_bsc1245685.o += -Werror
+CFLAGS_livepatch_bsc1245795.o += -Werror
+CFLAGS_bsc1245795/livepatch_bsc1245795.o += -Werror
+CFLAGS_livepatch_bsc1246001.o += -Werror
+CFLAGS_bsc1246001/livepatch_bsc1246001.o += -Werror
+CFLAGS_livepatch_bsc1246356.o += -Werror
+CFLAGS_bsc1246356/livepatch_bsc1246356.o += -Werror
+CFLAGS_livepatch_bsc1247499.o += -Werror
+CFLAGS_bsc1247499/livepatch_bsc1247499.o += -Werror
+CFLAGS_livepatch_bsc1248298.o += -Werror
+CFLAGS_bsc1248298/livepatch_bsc1248298.o += -Werror
+CFLAGS_livepatch_bsc1233072.o += -Werror
+CFLAGS_bsc1233072/livepatch_bsc1233072.o += -Werror
+CFLAGS_livepatch_bsc1237048.o += -Werror
+CFLAGS_bsc1237048/livepatch_bsc1237048.o += -Werror
+CFLAGS_bsc1240744_net_ipv4_ip_output.o += -Werror
+CFLAGS_bsc1240744/bsc1240744_net_ipv4_ip_output.o += -Werror
+CFLAGS_bsc1240744_net_ipv6_ip6_output.o += -Werror
+CFLAGS_bsc1240744/bsc1240744_net_ipv6_ip6_output.o += -Werror
+CFLAGS_bsc1240744_net_ipv6_output_core.o += -Werror
+CFLAGS_bsc1240744/bsc1240744_net_ipv6_output_core.o += -Werror
+CFLAGS_bsc1240744_net_ipv6_raw.o += -Werror
+CFLAGS_bsc1240744/bsc1240744_net_ipv6_raw.o += -Werror
+CFLAGS_livepatch_bsc1240744.o += -Werror
+CFLAGS_bsc1240744/livepatch_bsc1240744.o += -Werror
+CFLAGS_bsc1243650_net_sunrpc_svcsock.o += -Werror
+CFLAGS_bsc1243650/bsc1243650_net_sunrpc_svcsock.o += -Werror
+CFLAGS_bsc1243650_net_sunrpc_xprtsock.o += -Werror
+CFLAGS_bsc1243650/bsc1243650_net_sunrpc_xprtsock.o += -Werror
+CFLAGS_livepatch_bsc1243650.o += -Werror
+CFLAGS_bsc1243650/livepatch_bsc1243650.o += -Werror
+CFLAGS_livepatch_bsc1245509.o += -Werror
+CFLAGS_bsc1245509/livepatch_bsc1245509.o += -Werror
+CFLAGS_livepatch_bsc1247315.o += -Werror
+CFLAGS_bsc1247315/livepatch_bsc1247315.o += -Werror
+CFLAGS_livepatch_bsc1232384.o += -Werror
+CFLAGS_bsc1232384/livepatch_bsc1232384.o += -Werror
+CFLAGS_livepatch_bsc1245794.o += -Werror
+CFLAGS_bsc1245794/livepatch_bsc1245794.o += -Werror
+CFLAGS_livepatch_bsc1246075.o += -Werror
+CFLAGS_bsc1246075/livepatch_bsc1246075.o += -Werror
+CFLAGS_bsc1247158_mm_secretmem.o += -Werror
+CFLAGS_bsc1247158/bsc1247158_mm_secretmem.o += -Werror
+CFLAGS_bsc1247158_fs_anon_inodes.o += -Werror
+CFLAGS_bsc1247158/bsc1247158_fs_anon_inodes.o += -Werror
+CFLAGS_livepatch_bsc1247158.o += -Werror
+CFLAGS_bsc1247158/livepatch_bsc1247158.o += -Werror
+CFLAGS_livepatch_bsc1247452.o += -Werror
+CFLAGS_bsc1247452/livepatch_bsc1247452.o += -Werror
+CFLAGS_livepatch_bsc1248376.o += -Werror
+CFLAGS_bsc1248376/livepatch_bsc1248376.o += -Werror
+CFLAGS_livepatch_bsc1248673.o += -Werror
+CFLAGS_bsc1248673/livepatch_bsc1248673.o += -Werror
+CFLAGS_livepatch_bsc1248749.o += -Werror
+CFLAGS_bsc1248749/livepatch_bsc1248749.o += -Werror
+CFLAGS_livepatch_bsc1249458.o += -Werror
+CFLAGS_bsc1249458/livepatch_bsc1249458.o += -Werror
+CFLAGS_livepatch_bsc1249534.o += -Werror
+CFLAGS_bsc1249534/livepatch_bsc1249534.o += -Werror
+CFLAGS_bsc1246019_net_sched_sch_cake.o += -Werror
+CFLAGS_bsc1246019/bsc1246019_net_sched_sch_cake.o += -Werror
+CFLAGS_bsc1246019_net_sched_sch_choke.o += -Werror
+CFLAGS_bsc1246019/bsc1246019_net_sched_sch_choke.o += -Werror
+CFLAGS_livepatch_bsc1246019.o += -Werror
+CFLAGS_bsc1246019/livepatch_bsc1246019.o += -Werror
+CFLAGS_livepatch_bsc1248631.o += -Werror
+CFLAGS_bsc1248631/livepatch_bsc1248631.o += -Werror
+CFLAGS_livepatch_bsc1249207.o += -Werror
+CFLAGS_bsc1249207/livepatch_bsc1249207.o += -Werror
+CFLAGS_livepatch_bsc1249208.o += -Werror
+CFLAGS_bsc1249208/livepatch_bsc1249208.o += -Werror
+CFLAGS_livepatch_bsc1242882.o += -Werror
+CFLAGS_bsc1242882/livepatch_bsc1242882.o += -Werror
+CFLAGS_livepatch_bsc1245778.o += -Werror
+CFLAGS_bsc1245778/livepatch_bsc1245778.o += -Werror
+CFLAGS_livepatch_bsc1248672.o += -Werror
+CFLAGS_bsc1248672/livepatch_bsc1248672.o += -Werror
+CFLAGS_bsc1249537_net_tls_tls_strp.o += -Werror
+CFLAGS_bsc1249537/bsc1249537_net_tls_tls_strp.o += -Werror
+CFLAGS_bsc1249537_net_tls_tls_sw.o += -Werror
+CFLAGS_bsc1249537/bsc1249537_net_tls_tls_sw.o += -Werror

kernel-livepatch-MICRO-6-0_Update_3.changes

@@ -1,9 +1,554 @@
+-------------------------------------------------------------------
+Fri Nov 21 09:44:53 CET 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit a1564f0
+
+-------------------------------------------------------------------
+Fri Nov 14 16:38:47 CET 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38616 ("tls: handle data disappearing from under the TLS ULP")
+  Live patch for CVE-2025-38616. Upstream commits:
+- 6db015fc4b5d ("tls: handle data disappearing from under the TLS ULP")
+  KLP: CVE-2025-38616
+  References: bsc#1249537 CVE-2025-38616
+- commit eb23d17
+
+-------------------------------------------------------------------
+Thu Nov 13 11:38:58 CET 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38500 ("xfrm: interface: fix use-after-free after changing collect_md xfrm interface")
+  Live patch for CVE-2025-38500. Upstream commit:
+- a90b2a1aaacb ("xfrm: interface: fix use-after-free after changing collect_md xfrm interface")
+  KLP: CVE-2025-38500
+  References: bsc#1248672 CVE-2025-38500
+- commit 3958092
+
+-------------------------------------------------------------------
+Tue Nov 11 11:22:56 CET 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2024-53141 ("netfilter: ipset: add missing range check in bitmap_ip_uadt")
+  Live patch for CVE-2024-53141. Upstream commit:
+- 35f56c554eb1 ("netfilter: ipset: add missing range check in bitmap_ip_uadt")
+  KLP: CVE-2024-53141
+  References: bsc#1245778 CVE-2024-53141
+- commit 9fb11e7
+
+-------------------------------------------------------------------
+Thu Nov  6 13:53:58 CET 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-23145 ("mptcp: fix NULL pointer in can_accept_new_subflow")
+  Live patch for CVE-2025-23145. Upstream commits:
+- 443041deb5ef ("mptcp: fix NULL pointer in can_accept_new_subflow")
+  KLP: CVE-2025-23145
+  References: bsc#1242882 CVE-2025-23145
+- commit 6861174
+
+-------------------------------------------------------------------
+Thu Oct 30 10:13:10 CET 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 18c7c81
+
+-------------------------------------------------------------------
+Wed Oct 29 11:41:53 CET 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38664 ("ice: Fix a null pointer dereference in ice_copy_and_init_pkg()")
+  Live patch for CVE-2025-38664. Upstream commit:
+- 4ff12d82dac1 ("ice: Fix a null pointer dereference in ice_copy_and_init_pkg()")
+  KLP: CVE-2025-38664
+  References: bsc#1248631 CVE-2025-38664
+- commit 28bbecc
+
+-------------------------------------------------------------------
+Mon Oct 27 17:35:07 CET 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38617 ("net/packet: fix a race in packet_set_ring() and packet_notifier()")
+  Live patch for CVE-2025-38617. Upstream commit:
+- 01d3c8417b9c ("net/packet: fix a race in packet_set_ring() and packet_notifier()")
+  KLP: CVE-2025-38617
+  References: bsc#1249208 CVE-2025-38617
+- commit f7bea4a
+
+-------------------------------------------------------------------
+Tue Oct 21 08:58:42 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38618 ("vsock: Do not allow binding to VMADDR_PORT_ANY")
+  Live patch for CVE-2025-38618. Upstream commit:
+- aba0c94f61ec ("vsock: Do not allow binding to VMADDR_PORT_ANY")
+  KLP: CVE-2025-38618
+  References: bsc#1249207 CVE-2025-38618
+- commit 8e242ac
+
+-------------------------------------------------------------------
+Fri Oct 17 09:31:13 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit e62e30c
+
+-------------------------------------------------------------------
+Thu Oct 16 08:10:47 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2024-53164 ("net: sched: fix ordering of qlen adjustment")
+  Live patch for CVE-2024-53164. Upstream commit:
+- 5eb7de8cd58e ("net: sched: fix ordering of qlen adjustment")
+  KLP: CVE-2024-53164
+  References: bsc#1246019 CVE-2024-53164
+- commit be4fe45
+
+-------------------------------------------------------------------
+Wed Oct 15 18:14:07 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38678 ("netfilter: nf_tables: reject duplicate device on updates")
+  Live patch for CVE-2025-38678. Upstream commit:
+- cf5fb87fcdaa ("netfilter: nf_tables: reject duplicate device on updates")
+  KLP: CVE-2025-38678
+  References: bsc#1249534 CVE-2025-38678
+- commit 9fedca7
+
+-------------------------------------------------------------------
+Fri Oct 10 03:58:09 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38499 ("clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns")
+  Live patch for CVE-2025-38499. Upstream commit:
+- c28f922c9dce ("clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns")
+  KLP: CVE-2025-38499
+  References: bsc#1248673 CVE-2025-38499
+- commit cba321a
+
+-------------------------------------------------------------------
+Tue Oct  7 17:50:17 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38396 ("fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass")
+  Live patch for CVE-2025-38396. Upstream commit:
+- cbe4134ea4bc ("fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass")
+  KLP: CVE-2025-38396
+  References: bsc#1247158 CVE-2025-38396
+- commit beb608a
+
+-------------------------------------------------------------------
+Mon Oct  6 15:00:24 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38566 ("sunrpc: fix handling of server side tls alerts")
+  Live patch for CVE-2025-38566. Upstream commit:
+- bee47cb026e7 ("sunrpc: fix handling of server side tls alerts")
+  KLP: CVE-2025-38566
+  References: bsc#1248376 CVE-2025-38566
+- commit f1e26eb
+
+-------------------------------------------------------------------
+Mon Oct  6 11:43:37 CEST 2025 - marco.crivellari@suse.com
+
+- Fix for CVE-2024-49974 ("NFSD: limit the number of concurrent async COPY operations")
+  Live patch for CVE-2024-49974. Upstream commit:
+- 8d915bbf3926 ("NFSD: Force all NFSv4.2 COPY requests to be synchronous")
+  KLP: CVE-2024-49974
+  References: bsc#1232384 CVE-2024-49974
+- commit 8cf9389
+
+-------------------------------------------------------------------
+Fri Oct  3 12:03:00 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-21971 ("net_sched: Prevent creation of classes with TC_H_ROOT")
+  Live patch for CVE-2025-21971. Upstream commit:
+- 0c3057a5a04d ("net_sched: Prevent creation of classes with TC_H_ROOT")
+  KLP: CVE-2025-21971
+  References: bsc#1245794 CVE-2025-21971
+- commit 46a1702
+
+-------------------------------------------------------------------
+Fri Oct  3 11:19:04 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38110 ("net/mdiobus: Fix potential out-of-bounds clause 45 read/write access")
+  Live patch for CVE-2025-38110. Upstream commit:
+- 260388f79e94 ("net/mdiobus: Fix potential out-of-bounds clause 45 read/write access")
+  KLP: CVE-2025-38110
+  References: bsc#1249458 CVE-2025-38110
+- commit 7e8149c
+
+-------------------------------------------------------------------
+Thu Oct  2 15:16:52 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38644 ("wifi: mac80211: reject TDLS operations when station is not associated")
+  Live patch for CVE-2025-38644. Upstream commit:
+- 16ecdab5446f ("wifi: mac80211: reject TDLS operations when station is not associated")
+  KLP: CVE-2025-38644
+  References: bsc#1248749 CVE-2025-38644
+- commit a10df65
+
+-------------------------------------------------------------------
+Thu Oct  2 13:38:40 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 3f5cf0e
+
+-------------------------------------------------------------------
+Wed Oct  1 16:29:12 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38206 ("exfat: fix double free in delayed_free")
+  Live patch for CVE-2025-38206. Upstream commit:
+- 1f3d9724e16d ("exfat: fix double free in delayed_free")
+  KLP: CVE-2025-38206
+  References: bsc#1246075 CVE-2025-38206
+- commit 9eb1606
+
+-------------------------------------------------------------------
+Wed Oct  1 15:00:56 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38471 ("kernel: tls: always refresh the queue when reading sock")
+  Live patch for CVE-2025-38471. Upstream commit:
+- 4ab26bce3969 ("tls: always refresh the queue when reading sock")
+  KLP: CVE-2025-38471
+  References: bsc#1247452 CVE-2025-38471
+- commit 1f77ac2
+
+-------------------------------------------------------------------
+Wed Oct  1 11:43:30 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38477 ("net/sched: sch_qfq: Fix race condition on qfq_aggregate")
+  Live patch for CVE-2025-38477. Upstream commits:
+- 5e28d5a3f774 ("net/sched: sch_qfq: Fix race condition on qfq_aggregate")
+- cf074eca0065 ("net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class")
+  KLP: CVE-2025-38477
+  References: bsc#1247315 CVE-2025-38477
+- commit 6796f28
+
+-------------------------------------------------------------------
+Tue Sep 30 16:52:07 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2024-53168 ("sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket")
+  Live patch for CVE-2024-53168. Upstream commits:
+- d477eb900484 ("net: make sock_inuse_add() available")
+- 3f23f96528e8 ("sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket")
+  KLP: CVE-2024-53168
+  References: bsc#1243650 CVE-2024-53168
+- commit 039077a
+
+-------------------------------------------------------------------
+Tue Sep 30 12:26:04 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2024-50154 ("tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().")
+  Live patch for CVE-2024-50154. Upstream commits:
+- e8c526f2bdf1 ("tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().")
+- c31e72d021db ("tcp: Fix use-after-free of nreq in reqsk_timer_handler().")
+  KLP: CVE-2024-50154
+  References: bsc#1233072 CVE-2024-50154
+- commit 2ee4c52
+
+-------------------------------------------------------------------
+Wed Sep 24 17:17:59 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-21791 ("vrf: use RCU protection in l3mdev_l3_out()")
+  Live patch for CVE-2025-21791. Upstream commit:
+- 6d0ce46a9313 ("vrf: use RCU protection in l3mdev_l3_out()")
+  KLP: CVE-2025-21791
+  References: bsc#1240744 CVE-2025-21791
+- commit e725bcd
+
+-------------------------------------------------------------------
+Fri Sep 19 17:04:03 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38089 ("sunrpc: handle SVC_GARBAGE during svc auth processing as auth error")
+  Live patch for CVE-2025-38089. Upstream commit:
+- 94d10a4dba0b ("sunrpc: handle SVC_GARBAGE during svc auth processing as auth error")
+  KLP: CVE-2025-38089
+  References: bsc#1245509 CVE-2025-38089
+- commit 2398e30
+
+-------------------------------------------------------------------
+Fri Sep 19 12:39:50 CEST 2025 - vincenzo.mezzela@suse.com
+
+- klp_trace.h: add KLPR_TRACE_EVENT_CONDITION macro
+- commit 17e9fce
+
+-------------------------------------------------------------------
+Thu Sep 18 09:39:17 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 6d3faa7
+
+-------------------------------------------------------------------
+Wed Sep 17 12:46:42 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-21692 ("net: sched: fix ets qdisc OOB Indexing")
+  Live patch for CVE-2025-21692. Upstream commit:
+- d62b04fca434 ("net: sched: fix ets qdisc OOB Indexing")
+  KLP: CVE-2025-21692
+  References: bsc#1237048 CVE-2025-21692
+- commit 7b23137
+
+-------------------------------------------------------------------
+Fri Sep 12 20:25:10 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38177 ("kernel: sch_hfsc: make hfsc_qlen_notify() idempotent")
+  Live patch for CVE-2025-38177. Upstream commit:
+- 51eb3b65544c ("sch_hfsc: make hfsc_qlen_notify() idempotent")
+  KLP: CVE-2025-38177
+  References: bsc#1246356 CVE-2025-38177
+- commit 2448b46
+
+-------------------------------------------------------------------
+Wed Sep 10 16:53:55 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38109 ("net/mlx5: fix ECVF vports unload on shutdown flow")
+  Live patch for CVE-2025-38109. Upstream commit:
+- 687560d8a9a2 ("net/mlx5: Fix ECVF vports unload on shutdown flow")
+  KLP: CVE-2025-38109
+  References: bsc#1245685 CVE-2025-38109
+- commit a5d2ea4
+
+-------------------------------------------------------------------
+Tue Sep  9 14:57:58 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38181 ("calipso: fix null-ptr-deref in calipso_req_{set,del}attr()")
+  Live patch for CVE-2025-38181. Upstream commit:
+- 10876da918fa ("calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().")
+  KLP: CVE-2025-38181
+  References: bsc#1246001 CVE-2025-38181
+- commit e1def10
+
+-------------------------------------------------------------------
+Tue Sep  9 11:49:56 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-21756 ("vsock: Keep the binding until socket destruction")
+  Live patch for CVE-2025-21756. Upstream commits:
+- fcdd2242c023 ("vsock: Keep the binding until socket destruction")
+- 78dafe1cf3af ("vsock: Orphan socket after transport release")
+  KLP: CVE-2025-21756
+  References: bsc#1245795 CVE-2025-21756
+- commit ea7d1b0
+
+-------------------------------------------------------------------
+Tue Sep  9 04:38:51 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38498 ("do_change_type(): refuse to operate on unmounted/not ours mounts")
+  Live patch for CVE-2025-38498. Upstream commit:
+- 12f147ddd6de ("do_change_type(): refuse to operate on unmounted/not ours mounts")
+  KLP: CVE-2025-38498
+  References: bsc#1247499 CVE-2025-38498
+- commit 8eebc30
+
+-------------------------------------------------------------------
+Fri Sep  5 10:00:56 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 967bfab
+
+-------------------------------------------------------------------
+Fri Sep  5 09:29:38 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38555 ("usb: gadget : fix use-after-free in composite_dev_cleanup()")
+  Live patch for CVE-2025-38555. Upstream commit:
+- 151c0aa896c4 ("usb: gadget : fix use-after-free in
+  composite_dev_cleanup()")
+  KLP: CVE-2025-38555
+  References: bsc#1248298 CVE-2025-38555
+- commit 466e488
+
+-------------------------------------------------------------------
+Wed Sep  3 16:50:49 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38087 ("net/sched: fix use-after-free in taprio_dev_notifier")
+  Live patch for CVE-2025-38087. Upstream commit:
+- b160766e26d4 ("net/sched: fix use-after-free in taprio_dev_notifier")
+  KLP: CVE-2025-38087
+  References: bsc#1245505 CVE-2025-38087
+- commit 95ff041
+
+-------------------------------------------------------------------
+Tue Sep  2 20:14:02 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-21999 ("proc: fix UAF in proc_get_inode()")
+  Live patch for CVE-2025-21999. Upstream commit:
+- 654b33ada4ab ("proc: fix UAF in proc_get_inode()")
+  KLP: CVE-2025-21999
+  References: bsc#1242579 CVE-2025-21999
+- commit 5c12bf0
+
+-------------------------------------------------------------------
+Mon Sep  1 09:41:08 CEST 2025 - nstange@suse.de
+
+- scripts/tar-up.sh: unconditionally enable s390x on SLE default
+  Nowadays, s390x builds should be enabed for all SLE default kernels
+  -- the versions from before the point where s390x coverage got
+  added to the product have gone out of support a long time ago.
+  Remove the conditional s390x enablement logic from tar-up.sh.
+- commit 9bcbefb
+
+-------------------------------------------------------------------
+Fri Aug 29 11:47:22 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38001 ("net_sched: hfsc: Address reentrant enqueue adding class to eltree twice")
+  Live patch for CVE-2025-38001. Upstream commit:
+- ac9fe7dd8e73 ("net_sched: hfsc: Address reentrant enqueue adding class to eltree twice")
+  KLP: CVE-2025-38001
+  References: bsc#1244235 CVE-2025-38001
+- commit fef2ca9
+
+-------------------------------------------------------------------
+Thu Aug 28 21:57:55 CEST 2025 - mpdesouza@suse.com
+
+- Fix for CVE-2024-49867 ("btrfs: wait for fixup workers before stopping cleaner kthread during umount")
+  Live patch for CVE-2024-49867. Upstream commits:
+- a362bb864b8d ("btrfs: fix hang during unmount when stopping a space reclaim worker")
+- 41fd1e94066a ("btrfs: wait for fixup workers before stopping cleaner kthread during umount")
+  KLP: CVE-2024-49867
+  References: bsc#1232271 CVE-2024-49867
+- commit 14352e7
+
+-------------------------------------------------------------------
+Tue Aug 26 16:37:49 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-21659 ("netdev: prevent accessing NAPI instances from another namespace")
+  Live patch for CVE-2025-21659. Upstream commit:
+- d1cacd747768 ("netdev: prevent accessing NAPI instances from another namespace")
+  KLP: CVE-2025-21659
+  References: bsc#1236207 CVE-2025-21659
+- commit 7dd06b6
+
+-------------------------------------------------------------------
+Mon Aug 25 17:30:08 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38000 ("sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()")
+  Live patch for CVE-2025-38000. Upstream commit:
+- 3f981138109f ("sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()")
+  KLP: CVE-2025-38000
+  References: bsc#1245775 CVE-2025-38000
+- commit 7d64cbe
+
+-------------------------------------------------------------------
+Thu Aug 21 15:48:37 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-37890 ("net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc")
+  Live patch for CVE-2025-37890. Upstream commit:
+- 141d34391abb ("net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc")
+  KLP: CVE-2025-37890
+  References: bsc#1245791 CVE-2025-37890
+- commit ddba0b8
+
+-------------------------------------------------------------------
+Wed Aug 20 18:35:27 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2024-47674 ("mm: avoid leaving partial pfn mappings around in error case")
+  Live patch for CVE-2024-47674. Upstream commit:
+- 79a61cc3fc04 ("mm: avoid leaving partial pfn mappings around in error case")
+  KLP: CVE-2024-47674
+  References: bsc#1231676 CVE-2024-47674
+- commit 4259378
+
+-------------------------------------------------------------------
+Wed Aug 20 16:59:21 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-21701 ("net: avoid race between device unregistration and ethnl ops")
+  Live patch for CVE-2025-21701. Upstream commit:
+- 12e070eb6964 ("net: avoid race between device unregistration and ethnl ops")
+  KLP: CVE-2025-21701
+  References: bsc#1245805 CVE-2025-21701
+- commit f1c3868
+
+-------------------------------------------------------------------
+Mon Aug 18 22:18:51 CEST 2025 - mpdesouza@suse.com
+
+- Fix for CVE-2024-47706 ("block, bfq: fix possible UAF for bfqq->bic with merge chain")
+  Live patch for CVE-2024-47706. Upstream commit:
+- 18ad4df091dd ("block, bfq: fix possible UAF for bfqq->bic with merge chain")
+  KLP: CVE-2024-47706
+  References: bsc#1231943 CVE-2024-47706
+- commit 38baf0c
+
+-------------------------------------------------------------------
+Mon Aug 18 14:38:37 CEST 2025 - pmladek@suse.com
+
+- kernel-livepatch.spec: Replace kernel-syms with kernel-<flavor>-specific dependencies (bsc#1248108)
+  The commit ead79afe7cbfae ("kernel-livepatch.spec: Update build
+  dependencies for non-default flavors") broke build of livepatches
+  which were built with kernel-syms-rt.
+  The problem is that livepatch packages for already released kernels
+  are built in exactly the same build environment as the initial livepatch.
+  The BS (Build Service) installs the build environment using the given
+  _buildinfo-*.xml and ignores BuildRequires. But the BuildRequires are
+  later checked by rpmbuild tool. It would complain when new dependencies
+  were added.
+  Unfortunately, kernel-syms-rt does not exist on SLE16. This was the main
+  motivation for the above mentioned commit.
+  But the package kernel-syms is empty. Its only purpose is to add other
+  dependencies. Replace it by opencoding the dependencies.
+  Note that the kernel devel files are historically split into various
+  packages, kernel-<flavor>-devel, kernel-devel-<flavor>, and
+  even kernel-devel. But it is enough to require kernel-<flavor>-devel
+  because it requires the other devel files on its own. This seems
+  to be true back to SLE15-SP4 at minimum.
+- commit 7696578
+
+-------------------------------------------------------------------
+Fri Aug 15 06:40:42 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit bd0ada3
+
+-------------------------------------------------------------------
+Thu Aug 14 10:52:36 CEST 2025 - nstange@suse.de
+
+- Revert "Remove the support for different flavors, take 2"
+  This reverts commit b9cd4812c513d94d75916b50ea06ffef6ce8cf5b.
+- commit 40d6e9d
+
+-------------------------------------------------------------------
+Thu Aug 14 10:15:15 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38212 ("ipc: fix to protect IPCS lookups using RCU")
+  Live patch for CVE-2025-38212. Upstream commit:
+- d66adabe9180 ("ipc: fix to protect IPCS lookups using RCU")
+  KLP: CVE-2025-38212
+  References: bsc#1246030 CVE-2025-38212
+- commit 939565c
+
+-------------------------------------------------------------------
+Tue Aug 12 12:05:22 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38494 ("HID: core: do not bypass hid_hw_raw_request")
+  Live patch for CVE-2025-38494. Upstream commit:
+- c2ca42f190b6 ("HID: core: do not bypass hid_hw_raw_request")
+  KLP: CVE-2025-38494
+  References: bsc#1247350 CVE-2025-38494
+- commit 23745e4
+
+-------------------------------------------------------------------
+Fri Aug  8 12:38:20 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38495 ("HID: core: ensure the allocated report buffer can contain the reserved report ID")
+  Live patch for CVE-2025-38495. Upstream commit:
+- 4f15ee98304b ("HID: core: ensure the allocated report buffer can contain the reserved report ID")
+  KLP: CVE-2025-38495
+  References: bsc#1247351 CVE-2025-38495
+- commit 34fe5aa
+
+-------------------------------------------------------------------
+Mon Aug  4 18:22:03 CEST 2025 - marco.crivellari@suse.com
+
+- Fix for CVE-2025-38079 ("crypto: algif_hash - fix double free in hash_accept")
+  Live patch for CVE-2025-38079. Upstream commit:
+- b2df03ed4052 ("crypto: algif_hash - fix double free in hash_accept")
+  KLP: CVE-2025-38079
+  References: bsc#1245218 CVE-2025-38079
+- commit b0df6f5
+
 -------------------------------------------------------------------
 Fri Aug  1 08:32:46 CEST 2025 - nstange@suse.de
 
 - Bump up the version number in spec file
 - commit d593dfe
 
+-------------------------------------------------------------------
+Thu Jul 31 15:30:08 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38083 ("net_sched: prio: fix a race in prio_tune()")
+  Live patch for CVE-2025-38083. Upstream commit:
+- d35acc1be348 ("net_sched: prio: fix a race in prio_tune()")
+  KLP: CVE-2025-38083
+  References: bsc#1245350 CVE-2025-38083
+- commit 22ac46f
+
 -------------------------------------------------------------------
 Mon Jul 28 17:33:44 CEST 2025 - vincenzo.mezzela@suse.com
 
@@ -149,6 +694,21 @@ Fri Jun 27 16:46:40 CEST 2025 - ali.abdallah@suse.de
   References: bsc#1238912 CVE-2025-21772
 - commit ff41df4
 
+-------------------------------------------------------------------
+Fri Jun 27 13:57:01 CEST 2025 - mbenes@suse.cz
+
+- Remove the support for different flavors, take 2
+  There is a support for different kernel flavors from the beginning in
+  our spec file. Originally, there were -default and -xen flavors.
+  However, it is questionable. A live patch is built against a very
+  specific kernel binary. Different flavors of the same kernel source can
+  be easily different also in this respect.
+  Remove it then. The build process is driven by "variant" macro deriving
+  from a branch name. We can stick with that. %klp_module_package defines
+  %flavor based on that. It also keeps %flavors_to_build definition for
+  older releases without this change.
+- commit b9cd481
+
 -------------------------------------------------------------------
 Thu Jun 26 16:50:56 CEST 2025 - ali.abdallah@suse.de
 
@@ -394,6 +954,17 @@ Fri May 16 09:51:37 CEST 2025 - nstange@suse.de
 - Bump up the version number in spec file
 - commit b0d5a4f
 
+-------------------------------------------------------------------
+Thu May 15 10:23:31 CEST 2025 - nstange@suse.de
+
+- uname_patch: don't use klp_convert.h wrappers
+  With the removal of klp_convert.h, the uname_patch fails to compile.
+  Replace all invocations of the KLP_SYM_LINKAGE or KLP_SYM() macros
+  formerly defined there in by their expansions for the !USE_KLP_CONVERT
+  case and drop the klp_convert.h #include.
+  Fixes: b2fa29be2 ("Remove old klp-convert support")
+- commit 601b6d1
+
 -------------------------------------------------------------------
 Tue May 13 14:58:12 CEST 2025 - vincenzo.mezzela@suse.com
 
@@ -438,7 +1009,7 @@ Mon Apr 28 14:31:04 CEST 2025 - mbenes@suse.cz
   patches. It never happened. Kallsyms was used up until SLE15-SP6 where
   everything was migrated to much lighter klp-convert-mini implementation.
   Remove the old klp-convert support all together now.
-- commit 1731556
+- commit b2fa29b
 
 -------------------------------------------------------------------
 Mon Apr 28 14:00:44 CEST 2025 - mbenes@suse.cz

kernel-livepatch-MICRO-6-0_Update_3.spec

@@ -20,7 +20,7 @@
 %define variant %{nil}
 
 Name:           kernel-livepatch-MICRO-6-0_Update_3
-Version:        9
+Version:        16
 Release:        1
 %define module_num %(echo %version-%release | sed 'y/\./_/')
 License:        GPL-2.0
@@ -37,67 +37,114 @@ Source7:	klp_trace.h
 Source8:	lp-mod-checks.sh
 # Auto expanded KLP_PATCHES_SOURCES:
 Source9:	bsc1230998.tar.bz2
-Source10:	bsc1231993.tar.bz2
-Source11:	bsc1232900.tar.bz2
-Source12:	bsc1232908.tar.bz2
-Source13:	bsc1232927.tar.bz2
-Source14:	bsc1232929.tar.bz2
-Source15:	bsc1233019.tar.bz2
-Source16:	bsc1233118.tar.bz2
-Source17:	bsc1233227.tar.bz2
-Source18:	bsc1233245.tar.bz2
-Source19:	bsc1233677.tar.bz2
-Source20:	bsc1233678.tar.bz2
-Source21:	bsc1233679.tar.bz2
-Source22:	bsc1233680.tar.bz2
-Source23:	bsc1233708.tar.bz2
-Source24:	bsc1234847.tar.bz2
-Source25:	bsc1234854.tar.bz2
-Source26:	bsc1234885.tar.bz2
-Source27:	bsc1234892.tar.bz2
-Source28:	bsc1235005.tar.bz2
-Source29:	bsc1235008.tar.bz2
-Source30:	bsc1235062.tar.bz2
-Source31:	bsc1235086.tar.bz2
-Source32:	bsc1235129.tar.bz2
-Source33:	bsc1235218.tar.bz2
-Source34:	bsc1235231.tar.bz2
-Source35:	bsc1235250.tar.bz2
-Source36:	bsc1235431.tar.bz2
-Source37:	bsc1235452.tar.bz2
-Source38:	bsc1235769.tar.bz2
-Source39:	bsc1235916.tar.bz2
-Source40:	bsc1235921.tar.bz2
-Source41:	bsc1236244.tar.bz2
-Source42:	bsc1236701.tar.bz2
-Source43:	bsc1236783.tar.bz2
-Source44:	bsc1238912.tar.bz2
-Source45:	bsc1239077.tar.bz2
-Source46:	bsc1239096.tar.bz2
-Source47:	bsc1240840.tar.bz2
-Source48:	bsc1241579.tar.bz2
-Source49:	bsc1243648.tar.bz2
-Source50:	bsc1245793.tar.bz2
-Source51:	bsc1245797.tar.bz2
-Source52:	bsc1245804.tar.bz2
+Source10:	bsc1231676.tar.bz2
+Source11:	bsc1231943.tar.bz2
+Source12:	bsc1231993.tar.bz2
+Source13:	bsc1232271.tar.bz2
+Source14:	bsc1232384.tar.bz2
+Source15:	bsc1232900.tar.bz2
+Source16:	bsc1232908.tar.bz2
+Source17:	bsc1232927.tar.bz2
+Source18:	bsc1232929.tar.bz2
+Source19:	bsc1233019.tar.bz2
+Source20:	bsc1233072.tar.bz2
+Source21:	bsc1233118.tar.bz2
+Source22:	bsc1233227.tar.bz2
+Source23:	bsc1233245.tar.bz2
+Source24:	bsc1233677.tar.bz2
+Source25:	bsc1233678.tar.bz2
+Source26:	bsc1233679.tar.bz2
+Source27:	bsc1233680.tar.bz2
+Source28:	bsc1233708.tar.bz2
+Source29:	bsc1234847.tar.bz2
+Source30:	bsc1234854.tar.bz2
+Source31:	bsc1234885.tar.bz2
+Source32:	bsc1234892.tar.bz2
+Source33:	bsc1235005.tar.bz2
+Source34:	bsc1235008.tar.bz2
+Source35:	bsc1235062.tar.bz2
+Source36:	bsc1235086.tar.bz2
+Source37:	bsc1235129.tar.bz2
+Source38:	bsc1235218.tar.bz2
+Source39:	bsc1235231.tar.bz2
+Source40:	bsc1235250.tar.bz2
+Source41:	bsc1235431.tar.bz2
+Source42:	bsc1235452.tar.bz2
+Source43:	bsc1235769.tar.bz2
+Source44:	bsc1235916.tar.bz2
+Source45:	bsc1235921.tar.bz2
+Source46:	bsc1236207.tar.bz2
+Source47:	bsc1236244.tar.bz2
+Source48:	bsc1236701.tar.bz2
+Source49:	bsc1236783.tar.bz2
+Source50:	bsc1237048.tar.bz2
+Source51:	bsc1238912.tar.bz2
+Source52:	bsc1239077.tar.bz2
+Source53:	bsc1239096.tar.bz2
+Source54:	bsc1240744.tar.bz2
+Source55:	bsc1240840.tar.bz2
+Source56:	bsc1241579.tar.bz2
+Source57:	bsc1242579.tar.bz2
+Source58:	bsc1242882.tar.bz2
+Source59:	bsc1243648.tar.bz2
+Source60:	bsc1243650.tar.bz2
+Source61:	bsc1245218.tar.bz2
+Source62:	bsc1245350.tar.bz2
+Source63:	bsc1245505.tar.bz2
+Source64:	bsc1245509.tar.bz2
+Source65:	bsc1245685.tar.bz2
+Source66:	bsc1245778.tar.bz2
+Source67:	bsc1245791.tar.bz2
+Source68:	bsc1245793.tar.bz2
+Source69:	bsc1245794.tar.bz2
+Source70:	bsc1245795.tar.bz2
+Source71:	bsc1245797.tar.bz2
+Source72:	bsc1245804.tar.bz2
+Source73:	bsc1245805.tar.bz2
+Source74:	bsc1246001.tar.bz2
+Source75:	bsc1246019.tar.bz2
+Source76:	bsc1246030.tar.bz2
+Source77:	bsc1246075.tar.bz2
+Source78:	bsc1246356.tar.bz2
+Source79:	bsc1247158.tar.bz2
+Source80:	bsc1247315.tar.bz2
+Source81:	bsc1247350.tar.bz2
+Source82:	bsc1247452.tar.bz2
+Source83:	bsc1247499.tar.bz2
+Source84:	bsc1248298.tar.bz2
+Source85:	bsc1248376.tar.bz2
+Source86:	bsc1248631.tar.bz2
+Source87:	bsc1248672.tar.bz2
+Source88:	bsc1248673.tar.bz2
+Source89:	bsc1248749.tar.bz2
+Source90:	bsc1249207.tar.bz2
+Source91:	bsc1249208.tar.bz2
+Source92:	bsc1249458.tar.bz2
+Source93:	bsc1249534.tar.bz2
+Source94:	bsc1249537.tar.bz2
+# Use kernel-<flavor> specific build dependencies instead of kernel-syms (bsc#1248108)
 %if "%variant" != ""
 BuildRequires:  kernel%variant-devel
+%else
+BuildRequires:  kernel-default-devel
 %endif
-BuildRequires:  kernel-syms kernel-livepatch-tools-devel libelf-devel
+BuildRequires:  pesign-obs-integration
+BuildRequires:  kernel-livepatch-tools-devel
+BuildRequires:  libelf-devel
 ExclusiveArch:	x86_64 s390x
 %klp_module_package
 
 %description
 This is a live patch for SUSE Linux Enterprise Server kernel.
 
-Source timestamp: 2025-08-01 08:32:46 +0200
-GIT Revision: d593dfe7f557a8525dff516c15f86338efd36eba
+Source timestamp: 2025-11-21 09:44:53 +0100
+GIT Revision: a1564f0dca49c5c80ac6a20172e0a3bb248013af
 GIT Branch: MICRO-6-0_Update_3
 
 %prep
 %setup -c
 # Auto expanded KLP_PATCHES_SETUP_SOURCES:
-%setup -T -D -a 9 -a 10 -a 11 -a 12 -a 13 -a 14 -a 15 -a 16 -a 17 -a 18 -a 19 -a 20 -a 21 -a 22 -a 23 -a 24 -a 25 -a 26 -a 27 -a 28 -a 29 -a 30 -a 31 -a 32 -a 33 -a 34 -a 35 -a 36 -a 37 -a 38 -a 39 -a 40 -a 41 -a 42 -a 43 -a 44 -a 45 -a 46 -a 47 -a 48 -a 49 -a 50 -a 51 -a 52
+%setup -T -D -a 9 -a 10 -a 11 -a 12 -a 13 -a 14 -a 15 -a 16 -a 17 -a 18 -a 19 -a 20 -a 21 -a 22 -a 23 -a 24 -a 25 -a 26 -a 27 -a 28 -a 29 -a 30 -a 31 -a 32 -a 33 -a 34 -a 35 -a 36 -a 37 -a 38 -a 39 -a 40 -a 41 -a 42 -a 43 -a 44 -a 45 -a 46 -a 47 -a 48 -a 49 -a 50 -a 51 -a 52 -a 53 -a 54 -a 55 -a 56 -a 57 -a 58 -a 59 -a 60 -a 61 -a 62 -a 63 -a 64 -a 65 -a 66 -a 67 -a 68 -a 69 -a 70 -a 71 -a 72 -a 73 -a 74 -a 75 -a 76 -a 77 -a 78 -a 79 -a 80 -a 81 -a 82 -a 83 -a 84 -a 85 -a 86 -a 87 -a 88 -a 89 -a 90 -a 91 -a 92 -a 93 -a 94
 cp %_sourcedir/livepatch_main.c .
 cp %_sourcedir/shadow.h .
 cp %_sourcedir/Makefile .

klp_trace.h

@@ -38,6 +38,13 @@
 #define KLPR_TRACE_EVENT(name, proto, args) \
 	KLPR_DECLARE_TRACE(name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(name, proto, args, cond)		\
+	KLPR___DECLARE_TRACE(name, PARAMS(proto), PARAMS(args),		\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto),				\
+		PARAMS(__data, args))
+
+
 #elif LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
 
 #define KLPR___DO_TRACE_CALL(name, args)   (*klpe___traceiter_##name)(NULL, args)
@@ -99,6 +106,11 @@
 #define KLPR_TRACE_EVENT(name, proto, args) \
 	KLPR_DECLARE_TRACE(name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(name, proto, args, cond)		\
+	KLPR___DECLARE_TRACE(name, PARAMS(proto), PARAMS(args),		\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto))
+
 #else /* LINUX_VERSION_CODE >= KERNEL_VERSION(6, 4, 0) */
 
 #define KLPR___DO_TRACE_CALL(name, args)   __traceiter_##name(NULL, args)
@@ -164,6 +176,11 @@
 #define KLPR_TRACE_EVENT(module, name, proto, args) \
 	KLPR_DECLARE_TRACE(module, name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(module, name, proto, args, cond)	\
+	KLPR___DECLARE_TRACE(module, name, PARAMS(proto), PARAMS(args),	\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto))
+
 #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(5, 12, 0) */
 
 

livepatch_main.c

@@ -26,12 +26,17 @@
 
 /* Auto expanded KLP_PATCHES_INCLUDES: */
 #include "bsc1230998/livepatch_bsc1230998.h"
+#include "bsc1231676/livepatch_bsc1231676.h"
+#include "bsc1231943/livepatch_bsc1231943.h"
 #include "bsc1231993/livepatch_bsc1231993.h"
+#include "bsc1232271/livepatch_bsc1232271.h"
+#include "bsc1232384/livepatch_bsc1232384.h"
 #include "bsc1232900/livepatch_bsc1232900.h"
 #include "bsc1232908/livepatch_bsc1232908.h"
 #include "bsc1232927/livepatch_bsc1232927.h"
 #include "bsc1232929/livepatch_bsc1232929.h"
 #include "bsc1233019/livepatch_bsc1233019.h"
+#include "bsc1233072/livepatch_bsc1233072.h"
 #include "bsc1233118/livepatch_bsc1233118.h"
 #include "bsc1233227/livepatch_bsc1233227.h"
 #include "bsc1233245/livepatch_bsc1233245.h"
@@ -57,18 +62,55 @@
 #include "bsc1235769/livepatch_bsc1235769.h"
 #include "bsc1235916/livepatch_bsc1235916.h"
 #include "bsc1235921/livepatch_bsc1235921.h"
+#include "bsc1236207/livepatch_bsc1236207.h"
 #include "bsc1236244/livepatch_bsc1236244.h"
 #include "bsc1236701/livepatch_bsc1236701.h"
 #include "bsc1236783/livepatch_bsc1236783.h"
+#include "bsc1237048/livepatch_bsc1237048.h"
 #include "bsc1238912/livepatch_bsc1238912.h"
 #include "bsc1239077/livepatch_bsc1239077.h"
 #include "bsc1239096/livepatch_bsc1239096.h"
+#include "bsc1240744/livepatch_bsc1240744.h"
 #include "bsc1240840/livepatch_bsc1240840.h"
 #include "bsc1241579/livepatch_bsc1241579.h"
+#include "bsc1242579/livepatch_bsc1242579.h"
+#include "bsc1242882/livepatch_bsc1242882.h"
 #include "bsc1243648/livepatch_bsc1243648.h"
+#include "bsc1243650/livepatch_bsc1243650.h"
+#include "bsc1245218/livepatch_bsc1245218.h"
+#include "bsc1245350/livepatch_bsc1245350.h"
+#include "bsc1245505/livepatch_bsc1245505.h"
+#include "bsc1245509/livepatch_bsc1245509.h"
+#include "bsc1245685/livepatch_bsc1245685.h"
+#include "bsc1245778/livepatch_bsc1245778.h"
+#include "bsc1245791/livepatch_bsc1245791.h"
 #include "bsc1245793/livepatch_bsc1245793.h"
+#include "bsc1245794/livepatch_bsc1245794.h"
+#include "bsc1245795/livepatch_bsc1245795.h"
 #include "bsc1245797/livepatch_bsc1245797.h"
 #include "bsc1245804/livepatch_bsc1245804.h"
+#include "bsc1245805/livepatch_bsc1245805.h"
+#include "bsc1246001/livepatch_bsc1246001.h"
+#include "bsc1246019/livepatch_bsc1246019.h"
+#include "bsc1246030/livepatch_bsc1246030.h"
+#include "bsc1246075/livepatch_bsc1246075.h"
+#include "bsc1246356/livepatch_bsc1246356.h"
+#include "bsc1247158/livepatch_bsc1247158.h"
+#include "bsc1247315/livepatch_bsc1247315.h"
+#include "bsc1247350/livepatch_bsc1247350.h"
+#include "bsc1247452/livepatch_bsc1247452.h"
+#include "bsc1247499/livepatch_bsc1247499.h"
+#include "bsc1248298/livepatch_bsc1248298.h"
+#include "bsc1248376/livepatch_bsc1248376.h"
+#include "bsc1248631/livepatch_bsc1248631.h"
+#include "bsc1248672/livepatch_bsc1248672.h"
+#include "bsc1248673/livepatch_bsc1248673.h"
+#include "bsc1248749/livepatch_bsc1248749.h"
+#include "bsc1249207/livepatch_bsc1249207.h"
+#include "bsc1249208/livepatch_bsc1249208.h"
+#include "bsc1249458/livepatch_bsc1249458.h"
+#include "bsc1249534/livepatch_bsc1249534.h"
+#include "bsc1249537/livepatch_bsc1249537.h"
 
 
 static struct klp_object objs[] = {
@@ -86,8 +128,12 @@ static struct klp_object objs[] = {
 			  .new_func = KLP_SYSCALL_COMPAT_STUB_SYM(klp_newuname),
 			},
 #endif
+			{ .old_name = __stringify(remap_pfn_range_notrack), .new_func = klpp_remap_pfn_range_notrack, },
+			{ .old_name = __stringify(bfq_insert_requests), .new_func = klpp_bfq_insert_requests, },
 			{ .old_name = __stringify(tcp_rearm_rto), .new_func = klpp_tcp_rearm_rto, },
 			{ .old_name = __stringify(tcp_schedule_loss_probe), .new_func = klpp_tcp_schedule_loss_probe, },
+			{ .old_name = __stringify(inet_csk_reqsk_queue_drop), .new_func = klpp_inet_csk_reqsk_queue_drop, },
+			{ .old_name = __stringify(reqsk_timer_handler), .new_func = klpp_reqsk_timer_handler, },
 			{ .old_name = __stringify(dax_file_unshare), .new_func = klpp_dax_file_unshare, },
 #if IS_ENABLED(CONFIG_HID)
 			{ .old_name = __stringify(hid_alloc_report_buf), .new_func = klpp_hid_alloc_report_buf, },
@@ -99,9 +145,50 @@ static struct klp_object objs[] = {
 			{ .old_name = __stringify(sock_map_remove_links), .new_func = klpp_sock_map_remove_links, },
 			{ .old_name = __stringify(sock_map_delete_elem), .new_func = klpp_sock_map_delete_elem, },
 			{ .old_name = __stringify(mptcp_established_options), .new_func = klpp_mptcp_established_options, },
+			{ .old_name = __stringify(netdev_nl_napi_get_doit), .new_func = klpp_netdev_nl_napi_get_doit, },
+			{ .old_name = __stringify(netdev_nl_napi_fill_one), .new_func = klpp_netdev_nl_napi_fill_one, },
 			{ .old_name = __stringify(mac_partition), .new_func = klpp_mac_partition, },
+			{ .old_name = __stringify(__ip_local_out), .new_func = klpp___ip_local_out, },
+			{ .old_name = __stringify(ip6_xmit), .new_func = klpp_ip6_xmit, },
+			{ .old_name = __stringify(__ip6_local_out), .new_func = klpp___ip6_local_out, },
+			{ .old_name = __stringify(rawv6_sendmsg), .new_func = klpp_rawv6_sendmsg, },
+			{ .old_name = __stringify(proc_get_inode), .new_func = klpp_proc_get_inode, },
+			{ .old_name = __stringify(proc_create_seq_private), .new_func = klpp_proc_create_seq_private, },
+			{ .old_name = __stringify(proc_create_single_data), .new_func = klpp_proc_create_single_data, },
+			{ .old_name = __stringify(subflow_syn_recv_sock), .new_func = klpp_subflow_syn_recv_sock, },
+			{ .old_name = __stringify(tc_ctl_tclass), .new_func = klpp_tc_ctl_tclass, },
 			{ .old_name = __stringify(pfifo_tail_enqueue), .new_func = klpp_pfifo_tail_enqueue, },
 			{ .old_name = __stringify(find_equal_scalars), .new_func = klpp_find_equal_scalars, },
+			{ .old_name = __stringify(ethnl_ops_begin), .new_func = klpp_ethnl_ops_begin, },
+			{ .old_name = __stringify(calipso_req_setattr), .new_func = klpp_calipso_req_setattr, .old_sympos = 1, },
+			{ .old_name = __stringify(calipso_req_delattr), .new_func = klpp_calipso_req_delattr, .old_sympos = 1, },
+			{ .old_name = __stringify(shm_destroy_orphaned), .new_func = klpp_shm_destroy_orphaned, },
+#if defined(CONFIG_SECRETMEM)
+			{ .old_name = __stringify(KLP_SYSCALL_SYM(memfd_secret)), .new_func = KLP_SYSCALL_SYM(klpp_memfd_secret), },
+#endif
+#if defined(KLP_ARCH_HAS_SYSCALL_COMPAT_STUBS) && defined(CONFIG_SECRETMEM)
+			{ .old_name = __stringify(KLP_SYSCALL_COMPAT_STUB_SYM(memfd_secret)), .new_func = KLP_SYSCALL_COMPAT_STUB_SYM(klpp_memfd_secret), },
+#endif
+			{ .old_name = __stringify(__anon_inode_getfile), .new_func = klpp___anon_inode_getfile, },
+#if IS_ENABLED(CONFIG_HID)
+			{ .old_name = __stringify(__hid_request), .new_func = klpp___hid_request, },
+#endif
+			{ .old_name = __stringify(path_mount), .new_func = klpp_path_mount, },
+			{ .old_name = __stringify(clone_private_mount), .new_func = klpp_clone_private_mount, },
+			{ }
+		}
+	},
+	{
+		.name = "af_packet",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(packet_set_ring), .new_func = klpp_packet_set_ring, },
+			{ }
+		}
+	},
+	{
+		.name = "algif_hash",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(hash_accept), .new_func = klpp_hash_accept, },
 			{ }
 		}
 	},
@@ -145,6 +232,7 @@ static struct klp_object objs[] = {
 	{
 		.name = "btrfs",
 		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(close_ctree), .new_func = klpp_close_ctree, },
 			{ .old_name = __stringify(btrfs_encoded_read_endio), .new_func = klpp_btrfs_encoded_read_endio, },
 			{ .old_name = __stringify(btrfs_create_pending_block_groups), .new_func = klpp_btrfs_create_pending_block_groups, },
 			{ }
@@ -157,6 +245,13 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+	{
+		.name = "exfat",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(exfat_free_upcase_table), .new_func = klpp_exfat_free_upcase_table, },
+			{ }
+		}
+	},
 	{
 		.name = "hsr",
 		.funcs = (struct klp_func[]) {
@@ -164,6 +259,15 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+#if IS_ENABLED(CONFIG_ICE)
+	{
+		.name = "ice",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(ice_copy_and_init_pkg), .new_func = klpp_ice_copy_and_init_pkg, },
+			{ }
+		}
+	},
+#endif
 	{
 		.name = "ip_gre",
 		.funcs = (struct klp_func[]) {
@@ -171,6 +275,13 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+	{
+		.name = "ip_set_bitmap_ip",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(bitmap_ip_uadt), .new_func = klpp_bitmap_ip_uadt, },
+			{ }
+		}
+	},
 	{
 		.name = "ip_tunnel",
 		.funcs = (struct klp_func[]) {
@@ -198,6 +309,40 @@ static struct klp_object objs[] = {
 		}
 	},
 #endif
+#if IS_ENABLED(CONFIG_USB_LIBCOMPOSITE)
+	{
+		.name = "libcomposite",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(composite_os_desc_req_prepare), .new_func = klpp_composite_os_desc_req_prepare, },
+			{ }
+		}
+	},
+#endif
+	{
+		.name = "libphy",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(__mdiobus_c45_read), .new_func = klpp___mdiobus_c45_read, },
+			{ .old_name = __stringify(__mdiobus_c45_write), .new_func = klpp___mdiobus_c45_write, },
+			{ }
+		}
+	},
+#if IS_ENABLED(CONFIG_MAC80211)
+	{
+		.name = "mac80211",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(ieee80211_tdls_oper), .new_func = klpp_ieee80211_tdls_oper, },
+			{ }
+		}
+	},
+#endif
+	{
+		.name = "mlx5_core",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(mlx5_eswitch_enable_pf_vf_vports), .new_func = klpp_mlx5_eswitch_enable_pf_vf_vports, },
+			{ .old_name = __stringify(mlx5_eswitch_disable_pf_vf_vports), .new_func = klpp_mlx5_eswitch_disable_pf_vf_vports, },
+			{ }
+		}
+	},
 	{
 		.name = "mlxsw_spectrum",
 		.funcs = (struct klp_func[]) {
@@ -225,6 +370,7 @@ static struct klp_object objs[] = {
 	{
 		.name = "nfsd",
 		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(nfsd4_copy), .new_func = klpp_nfsd4_copy, },
 			{ .old_name = __stringify(decode_cb_compound4res), .new_func = klpp_decode_cb_compound4res, },
 			{ .old_name = __stringify(e_show), .new_func = klpp_e_show, },
 			{ }
@@ -237,6 +383,14 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+	{
+		.name = "nf_tables",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(nf_tables_newchain), .new_func = klpp_nf_tables_newchain, },
+			{ .old_name = __stringify(nf_tables_newflowtable), .new_func = klpp_nf_tables_newflowtable, },
+			{ }
+		}
+	},
 	{
 		.name = "pktgen",
 		.funcs = (struct klp_func[]) {
@@ -244,10 +398,40 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+	{
+		.name = "sch_cake",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(cake_enqueue), .new_func = klpp_cake_enqueue, },
+			{ }
+		}
+	},
+	{
+		.name = "sch_choke",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(choke_enqueue), .new_func = klpp_choke_enqueue, },
+			{ }
+		}
+	},
+	{
+		.name = "sch_ets",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(ets_class_change), .new_func = klpp_ets_class_change, },
+			{ .old_name = __stringify(ets_class_graft), .new_func = klpp_ets_class_graft, },
+			{ .old_name = __stringify(ets_class_leaf), .new_func = klpp_ets_class_leaf, },
+			{ .old_name = __stringify(ets_class_qlen_notify), .new_func = klpp_ets_class_qlen_notify, },
+			{ .old_name = __stringify(ets_class_dump), .new_func = klpp_ets_class_dump, },
+			{ .old_name = __stringify(ets_class_dump_stats), .new_func = klpp_ets_class_dump_stats, },
+			{ }
+		}
+	},
 	{
 		.name = "sch_hfsc",
 		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(hfsc_enqueue), .new_func = klpp_hfsc_enqueue, },
 			{ .old_name = __stringify(hfsc_change_class), .new_func = klpp_hfsc_change_class, },
+			{ .old_name = __stringify(hfsc_dequeue), .new_func = klpp_hfsc_dequeue, },
+			{ .old_name = __stringify(update_ed), .new_func = klpp_update_ed, },
+			{ .old_name = __stringify(hfsc_qlen_notify), .new_func = klpp_hfsc_qlen_notify, },
 			{ }
 		}
 	},
@@ -258,6 +442,24 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+	{
+		.name = "sch_prio",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(prio_tune), .new_func = klpp_prio_tune, },
+			{ }
+		}
+	},
+	{
+		.name = "sch_qfq",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(qfq_change_class), .new_func = klpp_qfq_change_class, },
+			{ .old_name = __stringify(qfq_delete_class), .new_func = klpp_qfq_delete_class, },
+			{ .old_name = __stringify(qfq_dump_class), .new_func = klpp_qfq_dump_class, },
+			{ .old_name = __stringify(qfq_dump_class_stats), .new_func = klpp_qfq_dump_class_stats, },
+			{ .old_name = __stringify(qfq_destroy_qdisc), .new_func = klpp_qfq_destroy_qdisc, },
+			{ }
+		}
+	},
 	{
 		.name = "sch_sfq",
 		.funcs = (struct klp_func[]) {
@@ -269,6 +471,7 @@ static struct klp_object objs[] = {
 		.name = "sch_taprio",
 		.funcs = (struct klp_func[]) {
 			{ .old_name = __stringify(taprio_change), .new_func = klpp_taprio_change, },
+			{ .old_name = __stringify(taprio_dev_notifier), .new_func = klpp_taprio_dev_notifier, },
 			{ }
 		}
 	},
@@ -281,6 +484,18 @@ static struct klp_object objs[] = {
 		}
 	},
 #endif
+	{
+		.name = "sunrpc",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(svc_create_socket), .new_func = klpp_svc_create_socket, },
+			{ .old_name = __stringify(xs_tcp_setup_socket), .new_func = klpp_xs_tcp_setup_socket, },
+			{ .old_name = __stringify(xs_udp_setup_socket), .new_func = klpp_xs_udp_setup_socket, },
+			{ .old_name = __stringify(svc_process_common), .new_func = klpp_svc_process_common, },
+			{ .old_name = __stringify(svc_tcp_read_msg), .new_func = klpp_svc_tcp_read_msg, },
+			{ .old_name = __stringify(svc_tcp_recvfrom), .new_func = klpp_svc_tcp_recvfrom, },
+			{ }
+		}
+	},
 #if IS_ENABLED(CONFIG_TDX_GUEST_DRIVER)
 	{
 		.name = "tdx_guest",
@@ -290,6 +505,14 @@ static struct klp_object objs[] = {
 		}
 	},
 #endif
+	{
+		.name = "tls",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(tls_strp_check_rcv), .new_func = klpp_tls_strp_check_rcv, },
+			{ .old_name = __stringify(tls_rx_rec_wait), .new_func = klpp_tls_rx_rec_wait, },
+			{ }
+		}
+	},
 #if IS_ENABLED(CONFIG_USB_VIDEO_CLASS)
 	{
 		.name = "uvcvideo",
@@ -313,6 +536,22 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+	{
+		.name = "vsock",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(vsock_remove_sock), .new_func = klpp_vsock_remove_sock, },
+			{ .old_name = __stringify(__vsock_release), .new_func = klpp___vsock_release, },
+			{ .old_name = __stringify(__vsock_bind), .new_func = klpp___vsock_bind, },
+			{ }
+		}
+	},
+	{
+		.name = "xfrm_interface",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(xfrmi_changelink), .new_func = klpp_xfrmi_changelink, },
+			{ }
+		}
+	},
 	{
 		.name = "x_tables",
 		.funcs = (struct klp_func[]) {
@@ -349,10 +588,26 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1230998;
 
+	retval = livepatch_bsc1231676_init();
+	if (retval)
+		goto err_bsc1231676;
+
+	retval = livepatch_bsc1231943_init();
+	if (retval)
+		goto err_bsc1231943;
+
 	retval = livepatch_bsc1231993_init();
 	if (retval)
 		goto err_bsc1231993;
 
+	retval = livepatch_bsc1232271_init();
+	if (retval)
+		goto err_bsc1232271;
+
+	retval = livepatch_bsc1232384_init();
+	if (retval)
+		goto err_bsc1232384;
+
 	retval = livepatch_bsc1232900_init();
 	if (retval)
 		goto err_bsc1232900;
@@ -373,6 +628,10 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1233019;
 
+	retval = livepatch_bsc1233072_init();
+	if (retval)
+		goto err_bsc1233072;
+
 	retval = livepatch_bsc1233118_init();
 	if (retval)
 		goto err_bsc1233118;
@@ -473,6 +732,10 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1235921;
 
+	retval = livepatch_bsc1236207_init();
+	if (retval)
+		goto err_bsc1236207;
+
 	retval = livepatch_bsc1236244_init();
 	if (retval)
 		goto err_bsc1236244;
@@ -485,6 +748,10 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1236783;
 
+	retval = livepatch_bsc1237048_init();
+	if (retval)
+		goto err_bsc1237048;
+
 	retval = livepatch_bsc1238912_init();
 	if (retval)
 		goto err_bsc1238912;
@@ -497,6 +764,10 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1239096;
 
+	retval = livepatch_bsc1240744_init();
+	if (retval)
+		goto err_bsc1240744;
+
 	retval = livepatch_bsc1240840_init();
 	if (retval)
 		goto err_bsc1240840;
@@ -505,14 +776,62 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1241579;
 
+	retval = livepatch_bsc1242579_init();
+	if (retval)
+		goto err_bsc1242579;
+
+	retval = livepatch_bsc1242882_init();
+	if (retval)
+		goto err_bsc1242882;
+
 	retval = livepatch_bsc1243648_init();
 	if (retval)
 		goto err_bsc1243648;
 
+	retval = livepatch_bsc1243650_init();
+	if (retval)
+		goto err_bsc1243650;
+
+	retval = livepatch_bsc1245218_init();
+	if (retval)
+		goto err_bsc1245218;
+
+	retval = livepatch_bsc1245350_init();
+	if (retval)
+		goto err_bsc1245350;
+
+	retval = livepatch_bsc1245505_init();
+	if (retval)
+		goto err_bsc1245505;
+
+	retval = livepatch_bsc1245509_init();
+	if (retval)
+		goto err_bsc1245509;
+
+	retval = livepatch_bsc1245685_init();
+	if (retval)
+		goto err_bsc1245685;
+
+	retval = livepatch_bsc1245778_init();
+	if (retval)
+		goto err_bsc1245778;
+
+	retval = livepatch_bsc1245791_init();
+	if (retval)
+		goto err_bsc1245791;
+
 	retval = livepatch_bsc1245793_init();
 	if (retval)
 		goto err_bsc1245793;
 
+	retval = livepatch_bsc1245794_init();
+	if (retval)
+		goto err_bsc1245794;
+
+	retval = livepatch_bsc1245795_init();
+	if (retval)
+		goto err_bsc1245795;
+
 	retval = livepatch_bsc1245797_init();
 	if (retval)
 		goto err_bsc1245797;
@@ -521,35 +840,197 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1245804;
 
+	retval = livepatch_bsc1245805_init();
+	if (retval)
+		goto err_bsc1245805;
+
+	retval = livepatch_bsc1246001_init();
+	if (retval)
+		goto err_bsc1246001;
+
+	retval = livepatch_bsc1246019_init();
+	if (retval)
+		goto err_bsc1246019;
+
+	retval = livepatch_bsc1246030_init();
+	if (retval)
+		goto err_bsc1246030;
+
+	retval = livepatch_bsc1246075_init();
+	if (retval)
+		goto err_bsc1246075;
+
+	retval = livepatch_bsc1246356_init();
+	if (retval)
+		goto err_bsc1246356;
+
+	retval = livepatch_bsc1247158_init();
+	if (retval)
+		goto err_bsc1247158;
+
+	retval = livepatch_bsc1247315_init();
+	if (retval)
+		goto err_bsc1247315;
+
+	retval = livepatch_bsc1247350_init();
+	if (retval)
+		goto err_bsc1247350;
+
+	retval = livepatch_bsc1247452_init();
+	if (retval)
+		goto err_bsc1247452;
+
+	retval = livepatch_bsc1247499_init();
+	if (retval)
+		goto err_bsc1247499;
+
+	retval = livepatch_bsc1248298_init();
+	if (retval)
+		goto err_bsc1248298;
+
+	retval = livepatch_bsc1248376_init();
+	if (retval)
+		goto err_bsc1248376;
+
+	retval = livepatch_bsc1248631_init();
+	if (retval)
+		goto err_bsc1248631;
+
+	retval = livepatch_bsc1248672_init();
+	if (retval)
+		goto err_bsc1248672;
+
+	retval = livepatch_bsc1248673_init();
+	if (retval)
+		goto err_bsc1248673;
+
+	retval = livepatch_bsc1248749_init();
+	if (retval)
+		goto err_bsc1248749;
+
+	retval = livepatch_bsc1249207_init();
+	if (retval)
+		goto err_bsc1249207;
+
+	retval = livepatch_bsc1249208_init();
+	if (retval)
+		goto err_bsc1249208;
+
+	retval = livepatch_bsc1249458_init();
+	if (retval)
+		goto err_bsc1249458;
+
+	retval = livepatch_bsc1249534_init();
+	if (retval)
+		goto err_bsc1249534;
+
+	retval = livepatch_bsc1249537_init();
+	if (retval)
+		goto err_bsc1249537;
+
 	retval = klp_enable_patch(&patch);
 	if (!retval)
 		return retval;
 
 	/* Auto expanded KLP_PATCHES_INIT_ERR_HANDLERS: */
+	livepatch_bsc1249537_cleanup();
+err_bsc1249537:
+	livepatch_bsc1249534_cleanup();
+err_bsc1249534:
+	livepatch_bsc1249458_cleanup();
+err_bsc1249458:
+	livepatch_bsc1249208_cleanup();
+err_bsc1249208:
+	livepatch_bsc1249207_cleanup();
+err_bsc1249207:
+	livepatch_bsc1248749_cleanup();
+err_bsc1248749:
+	livepatch_bsc1248673_cleanup();
+err_bsc1248673:
+	livepatch_bsc1248672_cleanup();
+err_bsc1248672:
+	livepatch_bsc1248631_cleanup();
+err_bsc1248631:
+	livepatch_bsc1248376_cleanup();
+err_bsc1248376:
+	livepatch_bsc1248298_cleanup();
+err_bsc1248298:
+	livepatch_bsc1247499_cleanup();
+err_bsc1247499:
+	livepatch_bsc1247452_cleanup();
+err_bsc1247452:
+	livepatch_bsc1247350_cleanup();
+err_bsc1247350:
+	livepatch_bsc1247315_cleanup();
+err_bsc1247315:
+	livepatch_bsc1247158_cleanup();
+err_bsc1247158:
+	livepatch_bsc1246356_cleanup();
+err_bsc1246356:
+	livepatch_bsc1246075_cleanup();
+err_bsc1246075:
+	livepatch_bsc1246030_cleanup();
+err_bsc1246030:
+	livepatch_bsc1246019_cleanup();
+err_bsc1246019:
+	livepatch_bsc1246001_cleanup();
+err_bsc1246001:
+	livepatch_bsc1245805_cleanup();
+err_bsc1245805:
 	livepatch_bsc1245804_cleanup();
 err_bsc1245804:
 	livepatch_bsc1245797_cleanup();
 err_bsc1245797:
+	livepatch_bsc1245795_cleanup();
+err_bsc1245795:
+	livepatch_bsc1245794_cleanup();
+err_bsc1245794:
 	livepatch_bsc1245793_cleanup();
 err_bsc1245793:
+	livepatch_bsc1245791_cleanup();
+err_bsc1245791:
+	livepatch_bsc1245778_cleanup();
+err_bsc1245778:
+	livepatch_bsc1245685_cleanup();
+err_bsc1245685:
+	livepatch_bsc1245509_cleanup();
+err_bsc1245509:
+	livepatch_bsc1245505_cleanup();
+err_bsc1245505:
+	livepatch_bsc1245350_cleanup();
+err_bsc1245350:
+	livepatch_bsc1245218_cleanup();
+err_bsc1245218:
+	livepatch_bsc1243650_cleanup();
+err_bsc1243650:
 	livepatch_bsc1243648_cleanup();
 err_bsc1243648:
+	livepatch_bsc1242882_cleanup();
+err_bsc1242882:
+	livepatch_bsc1242579_cleanup();
+err_bsc1242579:
 	livepatch_bsc1241579_cleanup();
 err_bsc1241579:
 	livepatch_bsc1240840_cleanup();
 err_bsc1240840:
+	livepatch_bsc1240744_cleanup();
+err_bsc1240744:
 	livepatch_bsc1239096_cleanup();
 err_bsc1239096:
 	livepatch_bsc1239077_cleanup();
 err_bsc1239077:
 	livepatch_bsc1238912_cleanup();
 err_bsc1238912:
+	livepatch_bsc1237048_cleanup();
+err_bsc1237048:
 	livepatch_bsc1236783_cleanup();
 err_bsc1236783:
 	livepatch_bsc1236701_cleanup();
 err_bsc1236701:
 	livepatch_bsc1236244_cleanup();
 err_bsc1236244:
+	livepatch_bsc1236207_cleanup();
+err_bsc1236207:
 	livepatch_bsc1235921_cleanup();
 err_bsc1235921:
 	livepatch_bsc1235916_cleanup();
@@ -600,6 +1081,8 @@ err_bsc1233245:
 err_bsc1233227:
 	livepatch_bsc1233118_cleanup();
 err_bsc1233118:
+	livepatch_bsc1233072_cleanup();
+err_bsc1233072:
 	livepatch_bsc1233019_cleanup();
 err_bsc1233019:
 	livepatch_bsc1232929_cleanup();
@@ -610,8 +1093,16 @@ err_bsc1232927:
 err_bsc1232908:
 	livepatch_bsc1232900_cleanup();
 err_bsc1232900:
+	livepatch_bsc1232384_cleanup();
+err_bsc1232384:
+	livepatch_bsc1232271_cleanup();
+err_bsc1232271:
 	livepatch_bsc1231993_cleanup();
 err_bsc1231993:
+	livepatch_bsc1231943_cleanup();
+err_bsc1231943:
+	livepatch_bsc1231676_cleanup();
+err_bsc1231676:
 	livepatch_bsc1230998_cleanup();
 err_bsc1230998:
 
@@ -624,12 +1115,17 @@ static void __exit klp_patch_cleanup(void)
 
 	/* Auto expanded KLP_PATCHES_CLEANUP_CALLS: */
 	livepatch_bsc1230998_cleanup();
+	livepatch_bsc1231676_cleanup();
+	livepatch_bsc1231943_cleanup();
 	livepatch_bsc1231993_cleanup();
+	livepatch_bsc1232271_cleanup();
+	livepatch_bsc1232384_cleanup();
 	livepatch_bsc1232900_cleanup();
 	livepatch_bsc1232908_cleanup();
 	livepatch_bsc1232927_cleanup();
 	livepatch_bsc1232929_cleanup();
 	livepatch_bsc1233019_cleanup();
+	livepatch_bsc1233072_cleanup();
 	livepatch_bsc1233118_cleanup();
 	livepatch_bsc1233227_cleanup();
 	livepatch_bsc1233245_cleanup();
@@ -655,18 +1151,55 @@ static void __exit klp_patch_cleanup(void)
 	livepatch_bsc1235769_cleanup();
 	livepatch_bsc1235916_cleanup();
 	livepatch_bsc1235921_cleanup();
+	livepatch_bsc1236207_cleanup();
 	livepatch_bsc1236244_cleanup();
 	livepatch_bsc1236701_cleanup();
 	livepatch_bsc1236783_cleanup();
+	livepatch_bsc1237048_cleanup();
 	livepatch_bsc1238912_cleanup();
 	livepatch_bsc1239077_cleanup();
 	livepatch_bsc1239096_cleanup();
+	livepatch_bsc1240744_cleanup();
 	livepatch_bsc1240840_cleanup();
 	livepatch_bsc1241579_cleanup();
+	livepatch_bsc1242579_cleanup();
+	livepatch_bsc1242882_cleanup();
 	livepatch_bsc1243648_cleanup();
+	livepatch_bsc1243650_cleanup();
+	livepatch_bsc1245218_cleanup();
+	livepatch_bsc1245350_cleanup();
+	livepatch_bsc1245505_cleanup();
+	livepatch_bsc1245509_cleanup();
+	livepatch_bsc1245685_cleanup();
+	livepatch_bsc1245778_cleanup();
+	livepatch_bsc1245791_cleanup();
 	livepatch_bsc1245793_cleanup();
+	livepatch_bsc1245794_cleanup();
+	livepatch_bsc1245795_cleanup();
 	livepatch_bsc1245797_cleanup();
 	livepatch_bsc1245804_cleanup();
+	livepatch_bsc1245805_cleanup();
+	livepatch_bsc1246001_cleanup();
+	livepatch_bsc1246019_cleanup();
+	livepatch_bsc1246030_cleanup();
+	livepatch_bsc1246075_cleanup();
+	livepatch_bsc1246356_cleanup();
+	livepatch_bsc1247158_cleanup();
+	livepatch_bsc1247315_cleanup();
+	livepatch_bsc1247350_cleanup();
+	livepatch_bsc1247452_cleanup();
+	livepatch_bsc1247499_cleanup();
+	livepatch_bsc1248298_cleanup();
+	livepatch_bsc1248376_cleanup();
+	livepatch_bsc1248631_cleanup();
+	livepatch_bsc1248672_cleanup();
+	livepatch_bsc1248673_cleanup();
+	livepatch_bsc1248749_cleanup();
+	livepatch_bsc1249207_cleanup();
+	livepatch_bsc1249208_cleanup();
+	livepatch_bsc1249458_cleanup();
+	livepatch_bsc1249534_cleanup();
+	livepatch_bsc1249537_cleanup();
 
 }
 
@@ -675,4 +1208,4 @@ module_exit(klp_patch_cleanup);
 
 MODULE_LICENSE("GPL");
 MODULE_INFO(livepatch, "Y");
-MODULE_INFO(klpgitrev, "d593dfe7f557a8525dff516c15f86338efd36eba");
+MODULE_INFO(klpgitrev, "a1564f0dca49c5c80ac6a20172e0a3bb248013af");

source-timestamp

@@ -1,3 +1,3 @@
-2025-08-01 08:32:46 +0200
-GIT Revision: d593dfe7f557a8525dff516c15f86338efd36eba
+2025-11-21 09:44:53 +0100
+GIT Revision: a1564f0dca49c5c80ac6a20172e0a3bb248013af
 GIT Branch: MICRO-6-0_Update_3