Sync from SUSE:SLFO:Kernel:1.0 kernel-livepatch-MICRO-6-0_Update_7 revision 5a229650042eddb2f01887b7cf50160a

Makefile

@@ -4,7 +4,7 @@ ccflags-y += -I$(obj)
 
 obj-m := livepatch-@@RPMRELEASE@@.o
 
-livepatch-@@RPMRELEASE@@-y := uname_patch/livepatch_uname.o livepatch_main.o bsc1245776/livepatch_bsc1245776.o bsc1245793/livepatch_bsc1245793.o bsc1245797/livepatch_bsc1245797.o 
+livepatch-@@RPMRELEASE@@-y := uname_patch/livepatch_uname.o livepatch_main.o bsc1245776/livepatch_bsc1245776.o bsc1245793/livepatch_bsc1245793.o bsc1245797/livepatch_bsc1245797.o bsc1245218/livepatch_bsc1245218.o bsc1245350/livepatch_bsc1245350.o bsc1247351/livepatch_bsc1247351.o bsc1244235/livepatch_bsc1244235.o bsc1245505/livepatch_bsc1245505.o bsc1246030/livepatch_bsc1246030.o bsc1245685/livepatch_bsc1245685.o bsc1246001/livepatch_bsc1246001.o bsc1246356/livepatch_bsc1246356.o bsc1247499/livepatch_bsc1247499.o bsc1248298/livepatch_bsc1248298.o bsc1245509/livepatch_bsc1245509.o bsc1247315/livepatch_bsc1247315.o bsc1246075/livepatch_bsc1246075.o bsc1247158/bsc1247158_fs_anon_inodes.o bsc1247158/bsc1247158_mm_secretmem.o bsc1247158/livepatch_bsc1247158.o bsc1247452/livepatch_bsc1247452.o bsc1248376/livepatch_bsc1248376.o bsc1248673/livepatch_bsc1248673.o bsc1248749/livepatch_bsc1248749.o bsc1249458/livepatch_bsc1249458.o bsc1249534/livepatch_bsc1249534.o bsc1248631/livepatch_bsc1248631.o bsc1249207/livepatch_bsc1249207.o bsc1249208/livepatch_bsc1249208.o bsc1248672/livepatch_bsc1248672.o bsc1249537/bsc1249537_net_tls_tls_strp.o bsc1249537/bsc1249537_net_tls_tls_sw.o 
 
 default:
 	$(MAKE) -C $(KDIR) M=$(CURDIR) modules
@@ -18,3 +18,61 @@ CFLAGS_livepatch_bsc1245793.o += -Werror
 CFLAGS_bsc1245793/livepatch_bsc1245793.o += -Werror
 CFLAGS_livepatch_bsc1245797.o += -Werror
 CFLAGS_bsc1245797/livepatch_bsc1245797.o += -Werror
+CFLAGS_livepatch_bsc1245218.o += -Werror
+CFLAGS_bsc1245218/livepatch_bsc1245218.o += -Werror
+CFLAGS_livepatch_bsc1245350.o += -Werror
+CFLAGS_bsc1245350/livepatch_bsc1245350.o += -Werror
+CFLAGS_livepatch_bsc1247351.o += -Werror
+CFLAGS_bsc1247351/livepatch_bsc1247351.o += -Werror
+CFLAGS_livepatch_bsc1244235.o += -Werror
+CFLAGS_bsc1244235/livepatch_bsc1244235.o += -Werror
+CFLAGS_livepatch_bsc1245505.o += -Werror
+CFLAGS_bsc1245505/livepatch_bsc1245505.o += -Werror
+CFLAGS_livepatch_bsc1246030.o += -Werror
+CFLAGS_bsc1246030/livepatch_bsc1246030.o += -Werror
+CFLAGS_livepatch_bsc1245685.o += -Werror
+CFLAGS_bsc1245685/livepatch_bsc1245685.o += -Werror
+CFLAGS_livepatch_bsc1246001.o += -Werror
+CFLAGS_bsc1246001/livepatch_bsc1246001.o += -Werror
+CFLAGS_livepatch_bsc1246356.o += -Werror
+CFLAGS_bsc1246356/livepatch_bsc1246356.o += -Werror
+CFLAGS_livepatch_bsc1247499.o += -Werror
+CFLAGS_bsc1247499/livepatch_bsc1247499.o += -Werror
+CFLAGS_livepatch_bsc1248298.o += -Werror
+CFLAGS_bsc1248298/livepatch_bsc1248298.o += -Werror
+CFLAGS_livepatch_bsc1245509.o += -Werror
+CFLAGS_bsc1245509/livepatch_bsc1245509.o += -Werror
+CFLAGS_livepatch_bsc1247315.o += -Werror
+CFLAGS_bsc1247315/livepatch_bsc1247315.o += -Werror
+CFLAGS_livepatch_bsc1246075.o += -Werror
+CFLAGS_bsc1246075/livepatch_bsc1246075.o += -Werror
+CFLAGS_bsc1247158_mm_secretmem.o += -Werror
+CFLAGS_bsc1247158/bsc1247158_mm_secretmem.o += -Werror
+CFLAGS_bsc1247158_fs_anon_inodes.o += -Werror
+CFLAGS_bsc1247158/bsc1247158_fs_anon_inodes.o += -Werror
+CFLAGS_livepatch_bsc1247158.o += -Werror
+CFLAGS_bsc1247158/livepatch_bsc1247158.o += -Werror
+CFLAGS_livepatch_bsc1247452.o += -Werror
+CFLAGS_bsc1247452/livepatch_bsc1247452.o += -Werror
+CFLAGS_livepatch_bsc1248376.o += -Werror
+CFLAGS_bsc1248376/livepatch_bsc1248376.o += -Werror
+CFLAGS_livepatch_bsc1248673.o += -Werror
+CFLAGS_bsc1248673/livepatch_bsc1248673.o += -Werror
+CFLAGS_livepatch_bsc1248749.o += -Werror
+CFLAGS_bsc1248749/livepatch_bsc1248749.o += -Werror
+CFLAGS_livepatch_bsc1249458.o += -Werror
+CFLAGS_bsc1249458/livepatch_bsc1249458.o += -Werror
+CFLAGS_livepatch_bsc1249534.o += -Werror
+CFLAGS_bsc1249534/livepatch_bsc1249534.o += -Werror
+CFLAGS_livepatch_bsc1248631.o += -Werror
+CFLAGS_bsc1248631/livepatch_bsc1248631.o += -Werror
+CFLAGS_livepatch_bsc1249207.o += -Werror
+CFLAGS_bsc1249207/livepatch_bsc1249207.o += -Werror
+CFLAGS_livepatch_bsc1249208.o += -Werror
+CFLAGS_bsc1249208/livepatch_bsc1249208.o += -Werror
+CFLAGS_livepatch_bsc1248672.o += -Werror
+CFLAGS_bsc1248672/livepatch_bsc1248672.o += -Werror
+CFLAGS_bsc1249537_net_tls_tls_strp.o += -Werror
+CFLAGS_bsc1249537/bsc1249537_net_tls_tls_strp.o += -Werror
+CFLAGS_bsc1249537_net_tls_tls_sw.o += -Werror
+CFLAGS_bsc1249537/bsc1249537_net_tls_tls_sw.o += -Werror

kernel-livepatch-MICRO-6-0_Update_7.changes

@@ -1,9 +1,380 @@
+-------------------------------------------------------------------
+Fri Nov 21 09:44:53 CET 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit b8fd741
+
+-------------------------------------------------------------------
+Fri Nov 14 16:38:47 CET 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38616 ("tls: handle data disappearing from under the TLS ULP")
+  Live patch for CVE-2025-38616. Upstream commits:
+- 6db015fc4b5d ("tls: handle data disappearing from under the TLS ULP")
+  KLP: CVE-2025-38616
+  References: bsc#1249537 CVE-2025-38616
+- commit eb23d17
+
+-------------------------------------------------------------------
+Thu Nov 13 11:38:58 CET 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38500 ("xfrm: interface: fix use-after-free after changing collect_md xfrm interface")
+  Live patch for CVE-2025-38500. Upstream commit:
+- a90b2a1aaacb ("xfrm: interface: fix use-after-free after changing collect_md xfrm interface")
+  KLP: CVE-2025-38500
+  References: bsc#1248672 CVE-2025-38500
+- commit 3958092
+
+-------------------------------------------------------------------
+Thu Oct 30 10:13:10 CET 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 79ea673
+
+-------------------------------------------------------------------
+Wed Oct 29 11:41:55 CET 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38664 ("ice: Fix a null pointer dereference in ice_copy_and_init_pkg()")
+  Live patch for CVE-2025-38664. Upstream commit:
+- 4ff12d82dac1 ("ice: Fix a null pointer dereference in ice_copy_and_init_pkg()")
+  KLP: CVE-2025-38664
+  References: bsc#1248631 CVE-2025-38664
+- commit 1c1ab21
+
+-------------------------------------------------------------------
+Mon Oct 27 17:35:07 CET 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38617 ("net/packet: fix a race in packet_set_ring() and packet_notifier()")
+  Live patch for CVE-2025-38617. Upstream commit:
+- 01d3c8417b9c ("net/packet: fix a race in packet_set_ring() and packet_notifier()")
+  KLP: CVE-2025-38617
+  References: bsc#1249208 CVE-2025-38617
+- commit f7bea4a
+
+-------------------------------------------------------------------
+Tue Oct 21 08:58:42 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38618 ("vsock: Do not allow binding to VMADDR_PORT_ANY")
+  Live patch for CVE-2025-38618. Upstream commit:
+- aba0c94f61ec ("vsock: Do not allow binding to VMADDR_PORT_ANY")
+  KLP: CVE-2025-38618
+  References: bsc#1249207 CVE-2025-38618
+- commit 8e242ac
+
+-------------------------------------------------------------------
+Fri Oct 17 09:31:13 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit e0ff42a
+
+-------------------------------------------------------------------
+Wed Oct 15 18:14:08 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38678 ("netfilter: nf_tables: reject duplicate device on updates")
+  Live patch for CVE-2025-38678. Upstream commit:
+- cf5fb87fcdaa ("netfilter: nf_tables: reject duplicate device on updates")
+  KLP: CVE-2025-38678
+  References: bsc#1249534 CVE-2025-38678
+- commit c3d6ac9
+
+-------------------------------------------------------------------
+Fri Oct 10 03:58:09 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38499 ("clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns")
+  Live patch for CVE-2025-38499. Upstream commit:
+- c28f922c9dce ("clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns")
+  KLP: CVE-2025-38499
+  References: bsc#1248673 CVE-2025-38499
+- commit cba321a
+
+-------------------------------------------------------------------
+Tue Oct  7 17:50:17 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38396 ("fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass")
+  Live patch for CVE-2025-38396. Upstream commit:
+- cbe4134ea4bc ("fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass")
+  KLP: CVE-2025-38396
+  References: bsc#1247158 CVE-2025-38396
+- commit beb608a
+
+-------------------------------------------------------------------
+Mon Oct  6 15:00:24 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38566 ("sunrpc: fix handling of server side tls alerts")
+  Live patch for CVE-2025-38566. Upstream commit:
+- bee47cb026e7 ("sunrpc: fix handling of server side tls alerts")
+  KLP: CVE-2025-38566
+  References: bsc#1248376 CVE-2025-38566
+- commit f1e26eb
+
+-------------------------------------------------------------------
+Fri Oct  3 11:19:04 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38110 ("net/mdiobus: Fix potential out-of-bounds clause 45 read/write access")
+  Live patch for CVE-2025-38110. Upstream commit:
+- 260388f79e94 ("net/mdiobus: Fix potential out-of-bounds clause 45 read/write access")
+  KLP: CVE-2025-38110
+  References: bsc#1249458 CVE-2025-38110
+- commit 7e8149c
+
+-------------------------------------------------------------------
+Thu Oct  2 15:16:52 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38644 ("wifi: mac80211: reject TDLS operations when station is not associated")
+  Live patch for CVE-2025-38644. Upstream commit:
+- 16ecdab5446f ("wifi: mac80211: reject TDLS operations when station is not associated")
+  KLP: CVE-2025-38644
+  References: bsc#1248749 CVE-2025-38644
+- commit a10df65
+
+-------------------------------------------------------------------
+Thu Oct  2 13:38:40 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 677e136
+
+-------------------------------------------------------------------
+Wed Oct  1 16:29:12 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38206 ("exfat: fix double free in delayed_free")
+  Live patch for CVE-2025-38206. Upstream commit:
+- 1f3d9724e16d ("exfat: fix double free in delayed_free")
+  KLP: CVE-2025-38206
+  References: bsc#1246075 CVE-2025-38206
+- commit 9eb1606
+
+-------------------------------------------------------------------
+Wed Oct  1 15:00:56 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38471 ("kernel: tls: always refresh the queue when reading sock")
+  Live patch for CVE-2025-38471. Upstream commit:
+- 4ab26bce3969 ("tls: always refresh the queue when reading sock")
+  KLP: CVE-2025-38471
+  References: bsc#1247452 CVE-2025-38471
+- commit 1f77ac2
+
+-------------------------------------------------------------------
+Wed Oct  1 11:43:30 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38477 ("net/sched: sch_qfq: Fix race condition on qfq_aggregate")
+  Live patch for CVE-2025-38477. Upstream commits:
+- 5e28d5a3f774 ("net/sched: sch_qfq: Fix race condition on qfq_aggregate")
+- cf074eca0065 ("net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class")
+  KLP: CVE-2025-38477
+  References: bsc#1247315 CVE-2025-38477
+- commit 6796f28
+
+-------------------------------------------------------------------
+Fri Sep 19 17:04:03 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38089 ("sunrpc: handle SVC_GARBAGE during svc auth processing as auth error")
+  Live patch for CVE-2025-38089. Upstream commit:
+- 94d10a4dba0b ("sunrpc: handle SVC_GARBAGE during svc auth processing as auth error")
+  KLP: CVE-2025-38089
+  References: bsc#1245509 CVE-2025-38089
+- commit 2398e30
+
+-------------------------------------------------------------------
+Fri Sep 19 12:39:50 CEST 2025 - vincenzo.mezzela@suse.com
+
+- klp_trace.h: add KLPR_TRACE_EVENT_CONDITION macro
+- commit 17e9fce
+
+-------------------------------------------------------------------
+Thu Sep 18 09:39:17 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 4ddc8df
+
+-------------------------------------------------------------------
+Fri Sep 12 20:25:10 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38177 ("kernel: sch_hfsc: make hfsc_qlen_notify() idempotent")
+  Live patch for CVE-2025-38177. Upstream commit:
+- 51eb3b65544c ("sch_hfsc: make hfsc_qlen_notify() idempotent")
+  KLP: CVE-2025-38177
+  References: bsc#1246356 CVE-2025-38177
+- commit 2448b46
+
+-------------------------------------------------------------------
+Wed Sep 10 16:53:55 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38109 ("net/mlx5: fix ECVF vports unload on shutdown flow")
+  Live patch for CVE-2025-38109. Upstream commit:
+- 687560d8a9a2 ("net/mlx5: Fix ECVF vports unload on shutdown flow")
+  KLP: CVE-2025-38109
+  References: bsc#1245685 CVE-2025-38109
+- commit a5d2ea4
+
+-------------------------------------------------------------------
+Tue Sep  9 14:57:58 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38181 ("calipso: fix null-ptr-deref in calipso_req_{set,del}attr()")
+  Live patch for CVE-2025-38181. Upstream commit:
+- 10876da918fa ("calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().")
+  KLP: CVE-2025-38181
+  References: bsc#1246001 CVE-2025-38181
+- commit e1def10
+
+-------------------------------------------------------------------
+Tue Sep  9 04:38:51 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38498 ("do_change_type(): refuse to operate on unmounted/not ours mounts")
+  Live patch for CVE-2025-38498. Upstream commit:
+- 12f147ddd6de ("do_change_type(): refuse to operate on unmounted/not ours mounts")
+  KLP: CVE-2025-38498
+  References: bsc#1247499 CVE-2025-38498
+- commit 8eebc30
+
+-------------------------------------------------------------------
+Fri Sep  5 10:00:56 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 25b3f12
+
+-------------------------------------------------------------------
+Fri Sep  5 09:29:38 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38555 ("usb: gadget : fix use-after-free in composite_dev_cleanup()")
+  Live patch for CVE-2025-38555. Upstream commit:
+- 151c0aa896c4 ("usb: gadget : fix use-after-free in
+  composite_dev_cleanup()")
+  KLP: CVE-2025-38555
+  References: bsc#1248298 CVE-2025-38555
+- commit 466e488
+
+-------------------------------------------------------------------
+Wed Sep  3 16:50:49 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38087 ("net/sched: fix use-after-free in taprio_dev_notifier")
+  Live patch for CVE-2025-38087. Upstream commit:
+- b160766e26d4 ("net/sched: fix use-after-free in taprio_dev_notifier")
+  KLP: CVE-2025-38087
+  References: bsc#1245505 CVE-2025-38087
+- commit 95ff041
+
+-------------------------------------------------------------------
+Mon Sep  1 09:41:08 CEST 2025 - nstange@suse.de
+
+- scripts/tar-up.sh: unconditionally enable s390x on SLE default
+  Nowadays, s390x builds should be enabed for all SLE default kernels
+  -- the versions from before the point where s390x coverage got
+  added to the product have gone out of support a long time ago.
+  Remove the conditional s390x enablement logic from tar-up.sh.
+- commit 9bcbefb
+
+-------------------------------------------------------------------
+Fri Aug 29 11:47:23 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38001 ("net_sched: hfsc: Address reentrant enqueue adding class to eltree twice")
+  Live patch for CVE-2025-38001. Upstream commit:
+- ac9fe7dd8e73 ("net_sched: hfsc: Address reentrant enqueue adding class to eltree twice")
+  KLP: CVE-2025-38001
+  References: bsc#1244235 CVE-2025-38001
+- commit f561f37
+
+-------------------------------------------------------------------
+Mon Aug 25 17:30:09 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38000 ("sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()")
+  Live patch for CVE-2025-38000. Upstream commit:
+- 3f981138109f ("sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()")
+  KLP: CVE-2025-38000
+  References: bsc#1245775 CVE-2025-38000
+- commit d65b7b9
+
+-------------------------------------------------------------------
+Mon Aug 18 14:38:37 CEST 2025 - pmladek@suse.com
+
+- kernel-livepatch.spec: Replace kernel-syms with kernel-<flavor>-specific dependencies (bsc#1248108)
+  The commit ead79afe7cbfae ("kernel-livepatch.spec: Update build
+  dependencies for non-default flavors") broke build of livepatches
+  which were built with kernel-syms-rt.
+  The problem is that livepatch packages for already released kernels
+  are built in exactly the same build environment as the initial livepatch.
+  The BS (Build Service) installs the build environment using the given
+  _buildinfo-*.xml and ignores BuildRequires. But the BuildRequires are
+  later checked by rpmbuild tool. It would complain when new dependencies
+  were added.
+  Unfortunately, kernel-syms-rt does not exist on SLE16. This was the main
+  motivation for the above mentioned commit.
+  But the package kernel-syms is empty. Its only purpose is to add other
+  dependencies. Replace it by opencoding the dependencies.
+  Note that the kernel devel files are historically split into various
+  packages, kernel-<flavor>-devel, kernel-devel-<flavor>, and
+  even kernel-devel. But it is enough to require kernel-<flavor>-devel
+  because it requires the other devel files on its own. This seems
+  to be true back to SLE15-SP4 at minimum.
+- commit 7696578
+
+-------------------------------------------------------------------
+Fri Aug 15 06:40:42 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 828f0cf
+
+-------------------------------------------------------------------
+Thu Aug 14 10:52:36 CEST 2025 - nstange@suse.de
+
+- Revert "Remove the support for different flavors, take 2"
+  This reverts commit b9cd4812c513d94d75916b50ea06ffef6ce8cf5b.
+- commit 1da45d8
+
+-------------------------------------------------------------------
+Thu Aug 14 10:15:15 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38212 ("ipc: fix to protect IPCS lookups using RCU")
+  Live patch for CVE-2025-38212. Upstream commit:
+- d66adabe9180 ("ipc: fix to protect IPCS lookups using RCU")
+  KLP: CVE-2025-38212
+  References: bsc#1246030 CVE-2025-38212
+- commit 939565c
+
+-------------------------------------------------------------------
+Tue Aug 12 12:05:23 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38494 ("HID: core: do not bypass hid_hw_raw_request")
+  Live patch for CVE-2025-38494. Upstream commit:
+- c2ca42f190b6 ("HID: core: do not bypass hid_hw_raw_request")
+  KLP: CVE-2025-38494
+  References: bsc#1247350 CVE-2025-38494
+- commit dad1889
+
+-------------------------------------------------------------------
+Fri Aug  8 12:38:21 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38495 ("HID: core: ensure the allocated report buffer can contain the reserved report ID")
+  Live patch for CVE-2025-38495. Upstream commit:
+- 4f15ee98304b ("HID: core: ensure the allocated report buffer can contain the reserved report ID")
+  KLP: CVE-2025-38495
+  References: bsc#1247351 CVE-2025-38495
+- commit 3d8c5db
+
+-------------------------------------------------------------------
+Mon Aug  4 18:22:03 CEST 2025 - marco.crivellari@suse.com
+
+- Fix for CVE-2025-38079 ("crypto: algif_hash - fix double free in hash_accept")
+  Live patch for CVE-2025-38079. Upstream commit:
+- b2df03ed4052 ("crypto: algif_hash - fix double free in hash_accept")
+  KLP: CVE-2025-38079
+  References: bsc#1245218 CVE-2025-38079
+- commit b0df6f5
+
 -------------------------------------------------------------------
 Fri Aug  1 08:32:47 CEST 2025 - nstange@suse.de
 
 - Bump up the version number in spec file
 - commit cdec311
 
+-------------------------------------------------------------------
+Thu Jul 31 15:30:08 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38083 ("net_sched: prio: fix a race in prio_tune()")
+  Live patch for CVE-2025-38083. Upstream commit:
+- d35acc1be348 ("net_sched: prio: fix a race in prio_tune()")
+  KLP: CVE-2025-38083
+  References: bsc#1245350 CVE-2025-38083
+- commit 22ac46f
+
 -------------------------------------------------------------------
 Fri Jul 25 15:45:00 CEST 2025 - vincenzo.mezzela@suse.com
 
@@ -52,6 +423,21 @@ Tue Jul  1 13:36:15 CEST 2025 - mbenes@suse.cz
   time).
 - commit ead79af
 
+-------------------------------------------------------------------
+Fri Jun 27 13:57:01 CEST 2025 - mbenes@suse.cz
+
+- Remove the support for different flavors, take 2
+  There is a support for different kernel flavors from the beginning in
+  our spec file. Originally, there were -default and -xen flavors.
+  However, it is questionable. A live patch is built against a very
+  specific kernel binary. Different flavors of the same kernel source can
+  be easily different also in this respect.
+  Remove it then. The build process is driven by "variant" macro deriving
+  from a branch name. We can stick with that. %klp_module_package defines
+  %flavor based on that. It also keeps %flavors_to_build definition for
+  older releases without this change.
+- commit b9cd481
+
 -------------------------------------------------------------------
 Thu Jun 26 13:24:09 CEST 2025 - mbenes@suse.cz
 
@@ -91,6 +477,17 @@ Mon May 26 09:47:38 CEST 2025 - nstange@suse.de
 - Add IBS _buildenv files + update PATCHINFO_ID after the initial submission
 - commit 09f1d1e
 
+-------------------------------------------------------------------
+Thu May 15 10:23:31 CEST 2025 - nstange@suse.de
+
+- uname_patch: don't use klp_convert.h wrappers
+  With the removal of klp_convert.h, the uname_patch fails to compile.
+  Replace all invocations of the KLP_SYM_LINKAGE or KLP_SYM() macros
+  formerly defined there in by their expansions for the !USE_KLP_CONVERT
+  case and drop the klp_convert.h #include.
+  Fixes: b2fa29be2 ("Remove old klp-convert support")
+- commit 601b6d1
+
 -------------------------------------------------------------------
 Mon May  5 10:08:44 CEST 2025 - nstange@suse.de
 
@@ -105,7 +502,7 @@ Mon Apr 28 14:31:04 CEST 2025 - mbenes@suse.cz
   patches. It never happened. Kallsyms was used up until SLE15-SP6 where
   everything was migrated to much lighter klp-convert-mini implementation.
   Remove the old klp-convert support all together now.
-- commit 1731556
+- commit b2fa29b
 
 -------------------------------------------------------------------
 Mon Apr 28 14:00:44 CEST 2025 - mbenes@suse.cz

kernel-livepatch-MICRO-6-0_Update_7.spec

@@ -20,7 +20,7 @@
 %define variant %{nil}
 
 Name:           kernel-livepatch-MICRO-6-0_Update_7
-Version:        2
+Version:        9
 Release:        1
 %define module_num %(echo %version-%release | sed 'y/\./_/')
 License:        GPL-2.0
@@ -36,27 +36,58 @@ Source6:	klp_syscalls.h
 Source7:	klp_trace.h
 Source8:	lp-mod-checks.sh
 # Auto expanded KLP_PATCHES_SOURCES:
-Source9:	bsc1245776.tar.bz2
-Source10:	bsc1245793.tar.bz2
-Source11:	bsc1245797.tar.bz2
+Source9:	bsc1244235.tar.bz2
+Source10:	bsc1245218.tar.bz2
+Source11:	bsc1245350.tar.bz2
+Source12:	bsc1245505.tar.bz2
+Source13:	bsc1245509.tar.bz2
+Source14:	bsc1245685.tar.bz2
+Source15:	bsc1245776.tar.bz2
+Source16:	bsc1245793.tar.bz2
+Source17:	bsc1245797.tar.bz2
+Source18:	bsc1246001.tar.bz2
+Source19:	bsc1246030.tar.bz2
+Source20:	bsc1246075.tar.bz2
+Source21:	bsc1246356.tar.bz2
+Source22:	bsc1247158.tar.bz2
+Source23:	bsc1247315.tar.bz2
+Source24:	bsc1247351.tar.bz2
+Source25:	bsc1247452.tar.bz2
+Source26:	bsc1247499.tar.bz2
+Source27:	bsc1248298.tar.bz2
+Source28:	bsc1248376.tar.bz2
+Source29:	bsc1248631.tar.bz2
+Source30:	bsc1248672.tar.bz2
+Source31:	bsc1248673.tar.bz2
+Source32:	bsc1248749.tar.bz2
+Source33:	bsc1249207.tar.bz2
+Source34:	bsc1249208.tar.bz2
+Source35:	bsc1249458.tar.bz2
+Source36:	bsc1249534.tar.bz2
+Source37:	bsc1249537.tar.bz2
+# Use kernel-<flavor> specific build dependencies instead of kernel-syms (bsc#1248108)
 %if "%variant" != ""
 BuildRequires:  kernel%variant-devel
+%else
+BuildRequires:  kernel-default-devel
 %endif
-BuildRequires:  kernel-syms kernel-livepatch-tools-devel libelf-devel
+BuildRequires:  pesign-obs-integration
+BuildRequires:  kernel-livepatch-tools-devel
+BuildRequires:  libelf-devel
 ExclusiveArch:	x86_64 s390x
 %klp_module_package
 
 %description
 This is a live patch for SUSE Linux Enterprise Server kernel.
 
-Source timestamp: 2025-08-01 08:32:47 +0200
-GIT Revision: cdec3119f846a9d6ebefc8ff4d8302bf9672d55d
+Source timestamp: 2025-11-21 09:44:53 +0100
+GIT Revision: b8fd7416fcc9a32d6b343b594842c0c5506e83d6
 GIT Branch: MICRO-6-0_Update_7
 
 %prep
 %setup -c
 # Auto expanded KLP_PATCHES_SETUP_SOURCES:
-%setup -T -D -a 9 -a 10 -a 11
+%setup -T -D -a 9 -a 10 -a 11 -a 12 -a 13 -a 14 -a 15 -a 16 -a 17 -a 18 -a 19 -a 20 -a 21 -a 22 -a 23 -a 24 -a 25 -a 26 -a 27 -a 28 -a 29 -a 30 -a 31 -a 32 -a 33 -a 34 -a 35 -a 36 -a 37
 cp %_sourcedir/livepatch_main.c .
 cp %_sourcedir/shadow.h .
 cp %_sourcedir/Makefile .

klp_trace.h

@@ -38,6 +38,13 @@
 #define KLPR_TRACE_EVENT(name, proto, args) \
 	KLPR_DECLARE_TRACE(name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(name, proto, args, cond)		\
+	KLPR___DECLARE_TRACE(name, PARAMS(proto), PARAMS(args),		\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto),				\
+		PARAMS(__data, args))
+
+
 #elif LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
 
 #define KLPR___DO_TRACE_CALL(name, args)   (*klpe___traceiter_##name)(NULL, args)
@@ -99,6 +106,11 @@
 #define KLPR_TRACE_EVENT(name, proto, args) \
 	KLPR_DECLARE_TRACE(name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(name, proto, args, cond)		\
+	KLPR___DECLARE_TRACE(name, PARAMS(proto), PARAMS(args),		\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto))
+
 #else /* LINUX_VERSION_CODE >= KERNEL_VERSION(6, 4, 0) */
 
 #define KLPR___DO_TRACE_CALL(name, args)   __traceiter_##name(NULL, args)
@@ -164,6 +176,11 @@
 #define KLPR_TRACE_EVENT(module, name, proto, args) \
 	KLPR_DECLARE_TRACE(module, name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(module, name, proto, args, cond)	\
+	KLPR___DECLARE_TRACE(module, name, PARAMS(proto), PARAMS(args),	\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto))
+
 #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(5, 12, 0) */
 
 

livepatch_main.c

@@ -25,9 +25,35 @@
 #include "uname_patch/livepatch_uname.h"
 
 /* Auto expanded KLP_PATCHES_INCLUDES: */
+#include "bsc1244235/livepatch_bsc1244235.h"
+#include "bsc1245218/livepatch_bsc1245218.h"
+#include "bsc1245350/livepatch_bsc1245350.h"
+#include "bsc1245505/livepatch_bsc1245505.h"
+#include "bsc1245509/livepatch_bsc1245509.h"
+#include "bsc1245685/livepatch_bsc1245685.h"
 #include "bsc1245776/livepatch_bsc1245776.h"
 #include "bsc1245793/livepatch_bsc1245793.h"
 #include "bsc1245797/livepatch_bsc1245797.h"
+#include "bsc1246001/livepatch_bsc1246001.h"
+#include "bsc1246030/livepatch_bsc1246030.h"
+#include "bsc1246075/livepatch_bsc1246075.h"
+#include "bsc1246356/livepatch_bsc1246356.h"
+#include "bsc1247158/livepatch_bsc1247158.h"
+#include "bsc1247315/livepatch_bsc1247315.h"
+#include "bsc1247351/livepatch_bsc1247351.h"
+#include "bsc1247452/livepatch_bsc1247452.h"
+#include "bsc1247499/livepatch_bsc1247499.h"
+#include "bsc1248298/livepatch_bsc1248298.h"
+#include "bsc1248376/livepatch_bsc1248376.h"
+#include "bsc1248631/livepatch_bsc1248631.h"
+#include "bsc1248672/livepatch_bsc1248672.h"
+#include "bsc1248673/livepatch_bsc1248673.h"
+#include "bsc1248749/livepatch_bsc1248749.h"
+#include "bsc1249207/livepatch_bsc1249207.h"
+#include "bsc1249208/livepatch_bsc1249208.h"
+#include "bsc1249458/livepatch_bsc1249458.h"
+#include "bsc1249534/livepatch_bsc1249534.h"
+#include "bsc1249537/livepatch_bsc1249537.h"
 
 
 static struct klp_object objs[] = {
@@ -46,13 +72,123 @@ static struct klp_object objs[] = {
 			},
 #endif
 			{ .old_name = __stringify(pfifo_tail_enqueue), .new_func = klpp_pfifo_tail_enqueue, },
+			{ .old_name = __stringify(calipso_req_setattr), .new_func = klpp_calipso_req_setattr, .old_sympos = 1, },
+			{ .old_name = __stringify(calipso_req_delattr), .new_func = klpp_calipso_req_delattr, .old_sympos = 1, },
+			{ .old_name = __stringify(shm_destroy_orphaned), .new_func = klpp_shm_destroy_orphaned, },
+#if defined(CONFIG_SECRETMEM)
+			{ .old_name = __stringify(KLP_SYSCALL_SYM(memfd_secret)), .new_func = KLP_SYSCALL_SYM(klpp_memfd_secret), },
+#endif
+#if defined(KLP_ARCH_HAS_SYSCALL_COMPAT_STUBS) && defined(CONFIG_SECRETMEM)
+			{ .old_name = __stringify(KLP_SYSCALL_COMPAT_STUB_SYM(memfd_secret)), .new_func = KLP_SYSCALL_COMPAT_STUB_SYM(klpp_memfd_secret), },
+#endif
+			{ .old_name = __stringify(__anon_inode_getfile), .new_func = klpp___anon_inode_getfile, },
+#if IS_ENABLED(CONFIG_HID)
+			{ .old_name = __stringify(hid_alloc_report_buf), .new_func = klpp_hid_alloc_report_buf, },
+			{ .old_name = __stringify(__hid_request), .new_func = klpp___hid_request, },
+#endif
+			{ .old_name = __stringify(path_mount), .new_func = klpp_path_mount, },
+			{ .old_name = __stringify(clone_private_mount), .new_func = klpp_clone_private_mount, },
+			{ }
+		}
+	},
+	{
+		.name = "af_packet",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(packet_set_ring), .new_func = klpp_packet_set_ring, },
+			{ }
+		}
+	},
+	{
+		.name = "algif_hash",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(hash_accept), .new_func = klpp_hash_accept, },
+			{ }
+		}
+	},
+	{
+		.name = "exfat",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(exfat_free_upcase_table), .new_func = klpp_exfat_free_upcase_table, },
+			{ }
+		}
+	},
+#if IS_ENABLED(CONFIG_ICE)
+	{
+		.name = "ice",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(ice_copy_and_init_pkg), .new_func = klpp_ice_copy_and_init_pkg, },
+			{ }
+		}
+	},
+#endif
+#if IS_ENABLED(CONFIG_USB_LIBCOMPOSITE)
+	{
+		.name = "libcomposite",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(composite_os_desc_req_prepare), .new_func = klpp_composite_os_desc_req_prepare, },
+			{ }
+		}
+	},
+#endif
+	{
+		.name = "libphy",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(__mdiobus_c45_read), .new_func = klpp___mdiobus_c45_read, },
+			{ .old_name = __stringify(__mdiobus_c45_write), .new_func = klpp___mdiobus_c45_write, },
+			{ }
+		}
+	},
+#if IS_ENABLED(CONFIG_MAC80211)
+	{
+		.name = "mac80211",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(ieee80211_tdls_oper), .new_func = klpp_ieee80211_tdls_oper, },
+			{ }
+		}
+	},
+#endif
+	{
+		.name = "mlx5_core",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(mlx5_eswitch_enable_pf_vf_vports), .new_func = klpp_mlx5_eswitch_enable_pf_vf_vports, },
+			{ .old_name = __stringify(mlx5_eswitch_disable_pf_vf_vports), .new_func = klpp_mlx5_eswitch_disable_pf_vf_vports, },
+			{ }
+		}
+	},
+	{
+		.name = "nf_tables",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(nf_tables_newchain), .new_func = klpp_nf_tables_newchain, },
+			{ .old_name = __stringify(nf_tables_newflowtable), .new_func = klpp_nf_tables_newflowtable, },
 			{ }
 		}
 	},
 	{
 		.name = "sch_hfsc",
 		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(hfsc_enqueue), .new_func = klpp_hfsc_enqueue, },
 			{ .old_name = __stringify(hfsc_change_class), .new_func = klpp_hfsc_change_class, },
+			{ .old_name = __stringify(hfsc_dequeue), .new_func = klpp_hfsc_dequeue, },
+			{ .old_name = __stringify(update_ed), .new_func = klpp_update_ed, },
+			{ .old_name = __stringify(hfsc_qlen_notify), .new_func = klpp_hfsc_qlen_notify, },
+			{ }
+		}
+	},
+	{
+		.name = "sch_prio",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(prio_tune), .new_func = klpp_prio_tune, },
+			{ }
+		}
+	},
+	{
+		.name = "sch_qfq",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(qfq_change_class), .new_func = klpp_qfq_change_class, },
+			{ .old_name = __stringify(qfq_delete_class), .new_func = klpp_qfq_delete_class, },
+			{ .old_name = __stringify(qfq_dump_class), .new_func = klpp_qfq_dump_class, },
+			{ .old_name = __stringify(qfq_dump_class_stats), .new_func = klpp_qfq_dump_class_stats, },
+			{ .old_name = __stringify(qfq_destroy_qdisc), .new_func = klpp_qfq_destroy_qdisc, },
 			{ }
 		}
 	},
@@ -63,6 +199,44 @@ static struct klp_object objs[] = {
 			{ }
 		}
 	},
+	{
+		.name = "sch_taprio",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(taprio_dev_notifier), .new_func = klpp_taprio_dev_notifier, },
+			{ }
+		}
+	},
+	{
+		.name = "sunrpc",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(svc_process_common), .new_func = klpp_svc_process_common, },
+			{ .old_name = __stringify(svc_tcp_read_msg), .new_func = klpp_svc_tcp_read_msg, },
+			{ .old_name = __stringify(svc_tcp_recvfrom), .new_func = klpp_svc_tcp_recvfrom, },
+			{ }
+		}
+	},
+	{
+		.name = "tls",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(tls_strp_check_rcv), .new_func = klpp_tls_strp_check_rcv, },
+			{ .old_name = __stringify(tls_rx_rec_wait), .new_func = klpp_tls_rx_rec_wait, },
+			{ }
+		}
+	},
+	{
+		.name = "vsock",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(__vsock_bind), .new_func = klpp___vsock_bind, },
+			{ }
+		}
+	},
+	{
+		.name = "xfrm_interface",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(xfrmi_changelink), .new_func = klpp_xfrmi_changelink, },
+			{ }
+		}
+	},
 	{ }
 };
 
@@ -79,6 +253,30 @@ static int __init klp_patch_init(void)
 	pr_info("livepatch: initializing\n");
 
 	/* Auto expanded KLP_PATCHES_INIT_CALLS: */
+	retval = livepatch_bsc1244235_init();
+	if (retval)
+		goto err_bsc1244235;
+
+	retval = livepatch_bsc1245218_init();
+	if (retval)
+		goto err_bsc1245218;
+
+	retval = livepatch_bsc1245350_init();
+	if (retval)
+		goto err_bsc1245350;
+
+	retval = livepatch_bsc1245505_init();
+	if (retval)
+		goto err_bsc1245505;
+
+	retval = livepatch_bsc1245509_init();
+	if (retval)
+		goto err_bsc1245509;
+
+	retval = livepatch_bsc1245685_init();
+	if (retval)
+		goto err_bsc1245685;
+
 	retval = livepatch_bsc1245776_init();
 	if (retval)
 		goto err_bsc1245776;
@@ -91,17 +289,149 @@ static int __init klp_patch_init(void)
 	if (retval)
 		goto err_bsc1245797;
 
+	retval = livepatch_bsc1246001_init();
+	if (retval)
+		goto err_bsc1246001;
+
+	retval = livepatch_bsc1246030_init();
+	if (retval)
+		goto err_bsc1246030;
+
+	retval = livepatch_bsc1246075_init();
+	if (retval)
+		goto err_bsc1246075;
+
+	retval = livepatch_bsc1246356_init();
+	if (retval)
+		goto err_bsc1246356;
+
+	retval = livepatch_bsc1247158_init();
+	if (retval)
+		goto err_bsc1247158;
+
+	retval = livepatch_bsc1247315_init();
+	if (retval)
+		goto err_bsc1247315;
+
+	retval = livepatch_bsc1247351_init();
+	if (retval)
+		goto err_bsc1247351;
+
+	retval = livepatch_bsc1247452_init();
+	if (retval)
+		goto err_bsc1247452;
+
+	retval = livepatch_bsc1247499_init();
+	if (retval)
+		goto err_bsc1247499;
+
+	retval = livepatch_bsc1248298_init();
+	if (retval)
+		goto err_bsc1248298;
+
+	retval = livepatch_bsc1248376_init();
+	if (retval)
+		goto err_bsc1248376;
+
+	retval = livepatch_bsc1248631_init();
+	if (retval)
+		goto err_bsc1248631;
+
+	retval = livepatch_bsc1248672_init();
+	if (retval)
+		goto err_bsc1248672;
+
+	retval = livepatch_bsc1248673_init();
+	if (retval)
+		goto err_bsc1248673;
+
+	retval = livepatch_bsc1248749_init();
+	if (retval)
+		goto err_bsc1248749;
+
+	retval = livepatch_bsc1249207_init();
+	if (retval)
+		goto err_bsc1249207;
+
+	retval = livepatch_bsc1249208_init();
+	if (retval)
+		goto err_bsc1249208;
+
+	retval = livepatch_bsc1249458_init();
+	if (retval)
+		goto err_bsc1249458;
+
+	retval = livepatch_bsc1249534_init();
+	if (retval)
+		goto err_bsc1249534;
+
+	retval = livepatch_bsc1249537_init();
+	if (retval)
+		goto err_bsc1249537;
+
 	retval = klp_enable_patch(&patch);
 	if (!retval)
 		return retval;
 
 	/* Auto expanded KLP_PATCHES_INIT_ERR_HANDLERS: */
+	livepatch_bsc1249537_cleanup();
+err_bsc1249537:
+	livepatch_bsc1249534_cleanup();
+err_bsc1249534:
+	livepatch_bsc1249458_cleanup();
+err_bsc1249458:
+	livepatch_bsc1249208_cleanup();
+err_bsc1249208:
+	livepatch_bsc1249207_cleanup();
+err_bsc1249207:
+	livepatch_bsc1248749_cleanup();
+err_bsc1248749:
+	livepatch_bsc1248673_cleanup();
+err_bsc1248673:
+	livepatch_bsc1248672_cleanup();
+err_bsc1248672:
+	livepatch_bsc1248631_cleanup();
+err_bsc1248631:
+	livepatch_bsc1248376_cleanup();
+err_bsc1248376:
+	livepatch_bsc1248298_cleanup();
+err_bsc1248298:
+	livepatch_bsc1247499_cleanup();
+err_bsc1247499:
+	livepatch_bsc1247452_cleanup();
+err_bsc1247452:
+	livepatch_bsc1247351_cleanup();
+err_bsc1247351:
+	livepatch_bsc1247315_cleanup();
+err_bsc1247315:
+	livepatch_bsc1247158_cleanup();
+err_bsc1247158:
+	livepatch_bsc1246356_cleanup();
+err_bsc1246356:
+	livepatch_bsc1246075_cleanup();
+err_bsc1246075:
+	livepatch_bsc1246030_cleanup();
+err_bsc1246030:
+	livepatch_bsc1246001_cleanup();
+err_bsc1246001:
 	livepatch_bsc1245797_cleanup();
 err_bsc1245797:
 	livepatch_bsc1245793_cleanup();
 err_bsc1245793:
 	livepatch_bsc1245776_cleanup();
 err_bsc1245776:
+	livepatch_bsc1245685_cleanup();
+err_bsc1245685:
+	livepatch_bsc1245509_cleanup();
+err_bsc1245509:
+	livepatch_bsc1245505_cleanup();
+err_bsc1245505:
+	livepatch_bsc1245350_cleanup();
+err_bsc1245350:
+	livepatch_bsc1245218_cleanup();
+err_bsc1245218:
+	livepatch_bsc1244235_cleanup();
+err_bsc1244235:
 
 	return retval;
 }
@@ -111,9 +441,35 @@ static void __exit klp_patch_cleanup(void)
 	pr_info("livepatch: removed\n");
 
 	/* Auto expanded KLP_PATCHES_CLEANUP_CALLS: */
+	livepatch_bsc1244235_cleanup();
+	livepatch_bsc1245218_cleanup();
+	livepatch_bsc1245350_cleanup();
+	livepatch_bsc1245505_cleanup();
+	livepatch_bsc1245509_cleanup();
+	livepatch_bsc1245685_cleanup();
 	livepatch_bsc1245776_cleanup();
 	livepatch_bsc1245793_cleanup();
 	livepatch_bsc1245797_cleanup();
+	livepatch_bsc1246001_cleanup();
+	livepatch_bsc1246030_cleanup();
+	livepatch_bsc1246075_cleanup();
+	livepatch_bsc1246356_cleanup();
+	livepatch_bsc1247158_cleanup();
+	livepatch_bsc1247315_cleanup();
+	livepatch_bsc1247351_cleanup();
+	livepatch_bsc1247452_cleanup();
+	livepatch_bsc1247499_cleanup();
+	livepatch_bsc1248298_cleanup();
+	livepatch_bsc1248376_cleanup();
+	livepatch_bsc1248631_cleanup();
+	livepatch_bsc1248672_cleanup();
+	livepatch_bsc1248673_cleanup();
+	livepatch_bsc1248749_cleanup();
+	livepatch_bsc1249207_cleanup();
+	livepatch_bsc1249208_cleanup();
+	livepatch_bsc1249458_cleanup();
+	livepatch_bsc1249534_cleanup();
+	livepatch_bsc1249537_cleanup();
 
 }
 
@@ -122,4 +478,4 @@ module_exit(klp_patch_cleanup);
 
 MODULE_LICENSE("GPL");
 MODULE_INFO(livepatch, "Y");
-MODULE_INFO(klpgitrev, "cdec3119f846a9d6ebefc8ff4d8302bf9672d55d");
+MODULE_INFO(klpgitrev, "b8fd7416fcc9a32d6b343b594842c0c5506e83d6");

source-timestamp

@@ -1,3 +1,3 @@
-2025-08-01 08:32:47 +0200
-GIT Revision: cdec3119f846a9d6ebefc8ff4d8302bf9672d55d
+2025-11-21 09:44:53 +0100
+GIT Revision: b8fd7416fcc9a32d6b343b594842c0c5506e83d6
 GIT Branch: MICRO-6-0_Update_7