Sync from SUSE:SLFO:Kernel:1.0 kernel-livepatch-MICRO-6-0_Update_9 revision cd65074a22243013c4fbbe320c55be36

Makefile

@@ -4,7 +4,7 @@ ccflags-y += -I$(obj)
 
 obj-m := livepatch-@@RPMRELEASE@@.o
 
-livepatch-@@RPMRELEASE@@-y := uname_patch/livepatch_uname.o bsc1245776/livepatch_bsc1245776.o bsc1245793/livepatch_bsc1245793.o bsc1245797/livepatch_bsc1245797.o livepatch_main.o 
+livepatch-@@RPMRELEASE@@-y := uname_patch/livepatch_uname.o livepatch_main.o bsc1248400/livepatch_bsc1248400.o bsc1248631/livepatch_bsc1248631.o bsc1248670/livepatch_bsc1248670.o bsc1248672/livepatch_bsc1248672.o bsc1249207/livepatch_bsc1249207.o bsc1249208/livepatch_bsc1249208.o bsc1249241/bsc1249241_net_ipv6_ip6_fib.o bsc1249241/bsc1249241_net_ipv6_route.o bsc1249537/bsc1249537_net_tls_tls_strp.o bsc1249537/bsc1249537_net_tls_tls_sw.o bsc1250192/livepatch_bsc1250192.o bsc1253437/bsc1253437_net_sctp_sm_make_chunk.o bsc1253437/bsc1253437_net_sctp_sm_statefuns.o bsc1246030/livepatch_bsc1246030.o bsc1246075/livepatch_bsc1246075.o bsc1247158/bsc1247158_fs_anon_inodes.o bsc1247158/bsc1247158_mm_secretmem.o bsc1247158/livepatch_bsc1247158.o bsc1247315/livepatch_bsc1247315.o bsc1247351/livepatch_bsc1247351.o bsc1247452/livepatch_bsc1247452.o bsc1247499/livepatch_bsc1247499.o bsc1248298/livepatch_bsc1248298.o bsc1248376/livepatch_bsc1248376.o bsc1248673/livepatch_bsc1248673.o bsc1248749/livepatch_bsc1248749.o bsc1249534/livepatch_bsc1249534.o bsc1251203/livepatch_bsc1251203.o bsc1251787/livepatch_bsc1251787.o 
 
 default:
 	$(MAKE) -C $(KDIR) M=$(CURDIR) modules
@@ -12,9 +12,61 @@ default:
 clean:
 	$(MAKE) -C $(KDIR) M=$(CURDIR) clean
 
-CFLAGS_livepatch_bsc1245776.o += -Werror
-CFLAGS_bsc1245776/livepatch_bsc1245776.o += -Werror
-CFLAGS_livepatch_bsc1245793.o += -Werror
-CFLAGS_bsc1245793/livepatch_bsc1245793.o += -Werror
-CFLAGS_livepatch_bsc1245797.o += -Werror
-CFLAGS_bsc1245797/livepatch_bsc1245797.o += -Werror
+CFLAGS_livepatch_bsc1248400.o += -Werror
+CFLAGS_bsc1248400/livepatch_bsc1248400.o += -Werror
+CFLAGS_livepatch_bsc1248631.o += -Werror
+CFLAGS_bsc1248631/livepatch_bsc1248631.o += -Werror
+CFLAGS_livepatch_bsc1248670.o += -Werror
+CFLAGS_bsc1248670/livepatch_bsc1248670.o += -Werror
+CFLAGS_livepatch_bsc1248672.o += -Werror
+CFLAGS_bsc1248672/livepatch_bsc1248672.o += -Werror
+CFLAGS_livepatch_bsc1249207.o += -Werror
+CFLAGS_bsc1249207/livepatch_bsc1249207.o += -Werror
+CFLAGS_livepatch_bsc1249208.o += -Werror
+CFLAGS_bsc1249208/livepatch_bsc1249208.o += -Werror
+CFLAGS_bsc1249241_net_ipv6_ip6_fib.o += -Werror
+CFLAGS_bsc1249241/bsc1249241_net_ipv6_ip6_fib.o += -Werror
+CFLAGS_bsc1249241_net_ipv6_route.o += -Werror
+CFLAGS_bsc1249241/bsc1249241_net_ipv6_route.o += -Werror
+CFLAGS_bsc1249537_net_tls_tls_strp.o += -Werror
+CFLAGS_bsc1249537/bsc1249537_net_tls_tls_strp.o += -Werror
+CFLAGS_bsc1249537_net_tls_tls_sw.o += -Werror
+CFLAGS_bsc1249537/bsc1249537_net_tls_tls_sw.o += -Werror
+CFLAGS_livepatch_bsc1250192.o += -Werror
+CFLAGS_bsc1250192/livepatch_bsc1250192.o += -Werror
+CFLAGS_bsc1253437_net_sctp_sm_make_chunk.o += -Werror
+CFLAGS_bsc1253437/bsc1253437_net_sctp_sm_make_chunk.o += -Werror
+CFLAGS_bsc1253437_net_sctp_sm_statefuns.o += -Werror
+CFLAGS_bsc1253437/bsc1253437_net_sctp_sm_statefuns.o += -Werror
+CFLAGS_livepatch_bsc1246030.o += -Werror
+CFLAGS_bsc1246030/livepatch_bsc1246030.o += -Werror
+CFLAGS_livepatch_bsc1246075.o += -Werror
+CFLAGS_bsc1246075/livepatch_bsc1246075.o += -Werror
+CFLAGS_bsc1247158_mm_secretmem.o += -Werror
+CFLAGS_bsc1247158/bsc1247158_mm_secretmem.o += -Werror
+CFLAGS_bsc1247158_fs_anon_inodes.o += -Werror
+CFLAGS_bsc1247158/bsc1247158_fs_anon_inodes.o += -Werror
+CFLAGS_livepatch_bsc1247158.o += -Werror
+CFLAGS_bsc1247158/livepatch_bsc1247158.o += -Werror
+CFLAGS_livepatch_bsc1247315.o += -Werror
+CFLAGS_bsc1247315/livepatch_bsc1247315.o += -Werror
+CFLAGS_livepatch_bsc1247351.o += -Werror
+CFLAGS_bsc1247351/livepatch_bsc1247351.o += -Werror
+CFLAGS_livepatch_bsc1247452.o += -Werror
+CFLAGS_bsc1247452/livepatch_bsc1247452.o += -Werror
+CFLAGS_livepatch_bsc1247499.o += -Werror
+CFLAGS_bsc1247499/livepatch_bsc1247499.o += -Werror
+CFLAGS_livepatch_bsc1248298.o += -Werror
+CFLAGS_bsc1248298/livepatch_bsc1248298.o += -Werror
+CFLAGS_livepatch_bsc1248376.o += -Werror
+CFLAGS_bsc1248376/livepatch_bsc1248376.o += -Werror
+CFLAGS_livepatch_bsc1248673.o += -Werror
+CFLAGS_bsc1248673/livepatch_bsc1248673.o += -Werror
+CFLAGS_livepatch_bsc1248749.o += -Werror
+CFLAGS_bsc1248749/livepatch_bsc1248749.o += -Werror
+CFLAGS_livepatch_bsc1249534.o += -Werror
+CFLAGS_bsc1249534/livepatch_bsc1249534.o += -Werror
+CFLAGS_livepatch_bsc1251203.o += -Werror
+CFLAGS_bsc1251203/livepatch_bsc1251203.o += -Werror
+CFLAGS_livepatch_bsc1251787.o += -Werror
+CFLAGS_bsc1251787/livepatch_bsc1251787.o += -Werror

kernel-livepatch-MICRO-6-0_Update_9.changes

@@ -1,9 +1,443 @@
+-------------------------------------------------------------------
+Tue Jan 20 15:55:29 CET 2026 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit bd8e9e6
+
+-------------------------------------------------------------------
+Tue Jan 20 12:36:20 CET 2026 - nstange@suse.de
+
+- bsc#1249241: fix addr_bit_set() issue on big-endian machines
+  BITOP_BE32_SWIZZLE ought to be defined depending on the target's
+  endianess, but the livepatch includes only the little-endian variant.
+  Fix that.
+  References: bsc#1249241 bsc#1256928
+- commit 3fedcee
+
+-------------------------------------------------------------------
+Fri Jan 16 08:45:02 CET 2026 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 65f93f2
+
+-------------------------------------------------------------------
+Mon Jan 12 11:44:44 CET 2026 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-40204 ("sctp: Fix MAC comparison to be constant-time")
+  Live patch for CVE-2025-40204. Upstream commit:
+- dd91c79e4f58 ("sctp: Fix MAC comparison to be constant-time")
+  KLP: CVE-2025-40204
+  References: bsc#1253437 CVE-2025-40204
+- commit 9ddb903
+
+-------------------------------------------------------------------
+Fri Jan  9 18:40:40 CET 2026 - mpdesouza@suse.com
+
+- Fix for CVE-2025-38572 ("ipv6: reject malicious packets in ipv6_gso_segment()")
+  Live patch for CVE-2025-38572. Upstream commits:
+- ae50ea52bdd7 ("net: add debug check in skb_reset_transport_header()")
+- d45cf1e7d718 ("ipv6: reject malicious packets in ipv6_gso_segment()")
+  KLP: CVE-2025-38572
+  References: bsc#1248400 CVE-2025-38572
+- commit 390fc80
+
+-------------------------------------------------------------------
+Fri Jan  2 14:53:26 CET 2026 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38608 ("bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls")
+  Live patch for CVE-2025-38608. Upstream commit:
+- 178f6a5c8cb3 ("bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls")
+  KLP: CVE-2025-38608
+  References: bsc#1248670 CVE-2025-38608
+- commit 43d3fcf
+
+-------------------------------------------------------------------
+Fri Dec 26 06:29:40 CET 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-39682 ("tls: fix handling of zero-length records on the rx_list")
+  Live patch for CVE-2025-39682. Upstream commit:
+- 62708b9452f8 ("tls: fix handling of zero-length records on the rx_list")
+  KLP: CVE-2025-39682
+  References: bsc#1250192 CVE-2025-39682
+- commit 2993616
+
+-------------------------------------------------------------------
+Sat Dec 20 05:41:41 CET 2025 - fernando.gonzalez@suse.com
+
+- Fix for CVE-2023-53676 ("scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()")
+  Live patch for CVE-2023-53676. Upstream commit:
+- 801f287c93ff ("scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()")
+  KLP: CVE-2023-53676
+  References: bsc#1251787 CVE-2023-53676
+- commit c527e12
+
+-------------------------------------------------------------------
+Fri Dec 12 10:43:01 CET 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38476 ("rpl: Fix use-after-free in rpl_do_srh_inline().")
+  Live patch for CVE-2025-38476. Upstream commit:
+- b640daa2822a ("rpl: Fix use-after-free in rpl_do_srh_inline().")
+  KLP: CVE-2025-38476
+  References: bsc#1251203 CVE-2025-38476
+- commit 9298f22
+
+-------------------------------------------------------------------
+Thu Dec 11 18:35:42 CET 2025 - mpdesouza@suse.com
+
+- Fix for CVE-2025-38588 ("ipv6: prevent infinite loop in rt6_nlmsg_size()")
+  Live patch for CVE-2025-38588. Upstream commit:
+- 54e6fe9dd3b0 ("ipv6: prevent infinite loop in rt6_nlmsg_size()")
+  KLP: CVE-2025-38588
+  References: bsc#1249241 CVE-2025-38588
+- commit 6db11a8
+
+-------------------------------------------------------------------
+Fri Nov 21 09:44:53 CET 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit bfdb821
+
+-------------------------------------------------------------------
+Fri Nov 14 16:38:47 CET 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38616 ("tls: handle data disappearing from under the TLS ULP")
+  Live patch for CVE-2025-38616. Upstream commits:
+- 6db015fc4b5d ("tls: handle data disappearing from under the TLS ULP")
+  KLP: CVE-2025-38616
+  References: bsc#1249537 CVE-2025-38616
+- commit eb23d17
+
+-------------------------------------------------------------------
+Thu Nov 13 11:38:58 CET 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38500 ("xfrm: interface: fix use-after-free after changing collect_md xfrm interface")
+  Live patch for CVE-2025-38500. Upstream commit:
+- a90b2a1aaacb ("xfrm: interface: fix use-after-free after changing collect_md xfrm interface")
+  KLP: CVE-2025-38500
+  References: bsc#1248672 CVE-2025-38500
+- commit 3958092
+
+-------------------------------------------------------------------
+Thu Oct 30 10:13:10 CET 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 3c78bce
+
+-------------------------------------------------------------------
+Wed Oct 29 11:41:55 CET 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38664 ("ice: Fix a null pointer dereference in ice_copy_and_init_pkg()")
+  Live patch for CVE-2025-38664. Upstream commit:
+- 4ff12d82dac1 ("ice: Fix a null pointer dereference in ice_copy_and_init_pkg()")
+  KLP: CVE-2025-38664
+  References: bsc#1248631 CVE-2025-38664
+- commit 1c1ab21
+
+-------------------------------------------------------------------
+Mon Oct 27 17:35:07 CET 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38617 ("net/packet: fix a race in packet_set_ring() and packet_notifier()")
+  Live patch for CVE-2025-38617. Upstream commit:
+- 01d3c8417b9c ("net/packet: fix a race in packet_set_ring() and packet_notifier()")
+  KLP: CVE-2025-38617
+  References: bsc#1249208 CVE-2025-38617
+- commit f7bea4a
+
+-------------------------------------------------------------------
+Tue Oct 21 08:58:42 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38618 ("vsock: Do not allow binding to VMADDR_PORT_ANY")
+  Live patch for CVE-2025-38618. Upstream commit:
+- aba0c94f61ec ("vsock: Do not allow binding to VMADDR_PORT_ANY")
+  KLP: CVE-2025-38618
+  References: bsc#1249207 CVE-2025-38618
+- commit 8e242ac
+
+-------------------------------------------------------------------
+Fri Oct 17 09:31:14 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit d5842db
+
+-------------------------------------------------------------------
+Wed Oct 15 18:14:08 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38678 ("netfilter: nf_tables: reject duplicate device on updates")
+  Live patch for CVE-2025-38678. Upstream commit:
+- cf5fb87fcdaa ("netfilter: nf_tables: reject duplicate device on updates")
+  KLP: CVE-2025-38678
+  References: bsc#1249534 CVE-2025-38678
+- commit c3d6ac9
+
+-------------------------------------------------------------------
+Fri Oct 10 03:58:08 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38499 ("clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns")
+  Live patch for CVE-2025-38499. Upstream commit:
+- c28f922c9dce ("clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns")
+  KLP: CVE-2025-38499
+  References: bsc#1248673 CVE-2025-38499
+- commit 0901e87
+
+-------------------------------------------------------------------
+Tue Oct  7 17:50:17 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38396 ("fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass")
+  Live patch for CVE-2025-38396. Upstream commit:
+- cbe4134ea4bc ("fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass")
+  KLP: CVE-2025-38396
+  References: bsc#1247158 CVE-2025-38396
+- commit beb608a
+
+-------------------------------------------------------------------
+Mon Oct  6 15:00:24 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38566 ("sunrpc: fix handling of server side tls alerts")
+  Live patch for CVE-2025-38566. Upstream commit:
+- bee47cb026e7 ("sunrpc: fix handling of server side tls alerts")
+  KLP: CVE-2025-38566
+  References: bsc#1248376 CVE-2025-38566
+- commit f1e26eb
+
+-------------------------------------------------------------------
+Thu Oct  2 15:16:52 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38644 ("wifi: mac80211: reject TDLS operations when station is not associated")
+  Live patch for CVE-2025-38644. Upstream commit:
+- 16ecdab5446f ("wifi: mac80211: reject TDLS operations when station is not associated")
+  KLP: CVE-2025-38644
+  References: bsc#1248749 CVE-2025-38644
+- commit a10df65
+
+-------------------------------------------------------------------
+Thu Oct  2 13:38:40 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit c46605f
+
+-------------------------------------------------------------------
+Wed Oct  1 16:29:12 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38206 ("exfat: fix double free in delayed_free")
+  Live patch for CVE-2025-38206. Upstream commit:
+- 1f3d9724e16d ("exfat: fix double free in delayed_free")
+  KLP: CVE-2025-38206
+  References: bsc#1246075 CVE-2025-38206
+- commit 9eb1606
+
+-------------------------------------------------------------------
+Wed Oct  1 15:00:56 CEST 2025 - ali.abdallah@suse.de
+
+- Fix for CVE-2025-38471 ("kernel: tls: always refresh the queue when reading sock")
+  Live patch for CVE-2025-38471. Upstream commit:
+- 4ab26bce3969 ("tls: always refresh the queue when reading sock")
+  KLP: CVE-2025-38471
+  References: bsc#1247452 CVE-2025-38471
+- commit 1f77ac2
+
+-------------------------------------------------------------------
+Wed Oct  1 11:43:31 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38477 ("net/sched: sch_qfq: Fix race condition on qfq_aggregate")
+  Live patch for CVE-2025-38477. Upstream commits:
+- 5e28d5a3f774 ("net/sched: sch_qfq: Fix race condition on qfq_aggregate")
+- cf074eca0065 ("net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class")
+  KLP: CVE-2025-38477
+  References: bsc#1247315 CVE-2025-38477
+- commit 4d922a7
+
+-------------------------------------------------------------------
+Fri Sep 19 12:39:50 CEST 2025 - vincenzo.mezzela@suse.com
+
+- klp_trace.h: add KLPR_TRACE_EVENT_CONDITION macro
+- commit 17e9fce
+
+-------------------------------------------------------------------
+Thu Sep 18 09:39:18 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 2bf294f
+
+-------------------------------------------------------------------
+Tue Sep  9 04:38:51 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38498 ("do_change_type(): refuse to operate on unmounted/not ours mounts")
+  Live patch for CVE-2025-38498. Upstream commit:
+- 12f147ddd6de ("do_change_type(): refuse to operate on unmounted/not ours mounts")
+  KLP: CVE-2025-38498
+  References: bsc#1247499 CVE-2025-38498
+- commit 8eebc30
+
+-------------------------------------------------------------------
+Fri Sep  5 10:00:56 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit def5201
+
+-------------------------------------------------------------------
+Fri Sep  5 09:29:38 CEST 2025 - lidong.zhong@suse.com
+
+- Fix for CVE-2025-38555 ("usb: gadget : fix use-after-free in composite_dev_cleanup()")
+  Live patch for CVE-2025-38555. Upstream commit:
+- 151c0aa896c4 ("usb: gadget : fix use-after-free in
+  composite_dev_cleanup()")
+  KLP: CVE-2025-38555
+  References: bsc#1248298 CVE-2025-38555
+- commit 466e488
+
+-------------------------------------------------------------------
+Mon Sep  1 09:41:08 CEST 2025 - nstange@suse.de
+
+- scripts/tar-up.sh: unconditionally enable s390x on SLE default
+  Nowadays, s390x builds should be enabed for all SLE default kernels
+  -- the versions from before the point where s390x coverage got
+  added to the product have gone out of support a long time ago.
+  Remove the conditional s390x enablement logic from tar-up.sh.
+- commit 9bcbefb
+
+-------------------------------------------------------------------
+Thu Aug 28 15:45:02 CEST 2025 - nstange@suse.de
+
+- Revert "Merge branch 'bsc#1245350_6.0u2-9_6.0rtu2-9' into MICRO-6-0_Update_9"
+  This reverts commit 9d80a8de2a27fe16dca635546196d210ee8e5eb8, reversing
+  changes made to 2b2a634de539a8bb351ae780440f5673b6395c65.
+  The target kernel is actually not affected by the issue the livepatch
+  is supposed to fix.
+- commit 1635830
+
+-------------------------------------------------------------------
+Thu Aug 28 15:44:41 CEST 2025 - nstange@suse.de
+
+- Revert "Merge branch 'bsc#1245793_6.0u2-9_6.0rtu2-8' into MICRO-6-0_Update_9"
+  This reverts commit 7a9f0246a5cad0c9b2384fc4480862a9833f10ca, reversing
+  changes made to a6b80c5bbafda42c0739171135b4186761894f21.
+  The target kernel is actually not affected by the issue the livepatch
+  is supposed to fix.
+- commit 55fb614
+
+-------------------------------------------------------------------
+Thu Aug 28 15:44:26 CEST 2025 - nstange@suse.de
+
+- Revert "Merge branch 'bsc#1245776_15.6u10-12_15.6rtu10-11_15.7u1_15.7rtu0-1_6.0u6-9_6.0rtu6-8' into MICRO-6-0_Update_9"
+  This reverts commit a6b80c5bbafda42c0739171135b4186761894f21, reversing
+  changes made to a5eac4f0ce5adf6ad47db369ba150a1a03988458.
+  The target kernel is actually not affected by the issue the livepatch
+  is supposed to fix.
+- commit 9f1675d
+
+-------------------------------------------------------------------
+Thu Aug 28 15:44:09 CEST 2025 - nstange@suse.de
+
+- Revert "Merge branch 'bsc#1245797_15.6u2-11_15.6rtu0-10_15.7u0_15.7rtu0_6.0u2-9_6.0rtu2-8' into MICRO-6-0_Update_9"
+  This reverts commit a5eac4f0ce5adf6ad47db369ba150a1a03988458, reversing
+  changes made to 453c7caf56e33499ad523cfde84e496e8014ed17.
+  The target kernel is actually not affected by the issue the livepatch
+  is supposed to fix.
+- commit c39a251
+
+-------------------------------------------------------------------
+Thu Aug 28 15:43:54 CEST 2025 - nstange@suse.de
+
+- Revert "Merge branch 'bsc#1245218_15.6u2-11_15.6rtu1-10_6.0u2-9_6.0rtu2-8' into MICRO-6-0_Update_9"
+  This reverts commit 2b2a634de539a8bb351ae780440f5673b6395c65, reversing
+  changes made to f75734c60540b2ed28ec6052e62987be06ec7c10.
+  The target kernel is actually not affected by the issue the livepatch
+  is supposed to fix.
+- commit 4acde03
+
+-------------------------------------------------------------------
+Mon Aug 18 14:38:37 CEST 2025 - pmladek@suse.com
+
+- kernel-livepatch.spec: Replace kernel-syms with kernel-<flavor>-specific dependencies (bsc#1248108)
+  The commit ead79afe7cbfae ("kernel-livepatch.spec: Update build
+  dependencies for non-default flavors") broke build of livepatches
+  which were built with kernel-syms-rt.
+  The problem is that livepatch packages for already released kernels
+  are built in exactly the same build environment as the initial livepatch.
+  The BS (Build Service) installs the build environment using the given
+  _buildinfo-*.xml and ignores BuildRequires. But the BuildRequires are
+  later checked by rpmbuild tool. It would complain when new dependencies
+  were added.
+  Unfortunately, kernel-syms-rt does not exist on SLE16. This was the main
+  motivation for the above mentioned commit.
+  But the package kernel-syms is empty. Its only purpose is to add other
+  dependencies. Replace it by opencoding the dependencies.
+  Note that the kernel devel files are historically split into various
+  packages, kernel-<flavor>-devel, kernel-devel-<flavor>, and
+  even kernel-devel. But it is enough to require kernel-<flavor>-devel
+  because it requires the other devel files on its own. This seems
+  to be true back to SLE15-SP4 at minimum.
+- commit 7696578
+
+-------------------------------------------------------------------
+Fri Aug 15 06:40:42 CEST 2025 - nstange@suse.de
+
+- Bump up the version number in spec file
+- commit 83db4d2
+
+-------------------------------------------------------------------
+Thu Aug 14 10:52:36 CEST 2025 - nstange@suse.de
+
+- Revert "Remove the support for different flavors, take 2"
+  This reverts commit b9cd4812c513d94d75916b50ea06ffef6ce8cf5b.
+- commit ec0af23
+
+-------------------------------------------------------------------
+Thu Aug 14 10:15:15 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38212 ("ipc: fix to protect IPCS lookups using RCU")
+  Live patch for CVE-2025-38212. Upstream commit:
+- d66adabe9180 ("ipc: fix to protect IPCS lookups using RCU")
+  KLP: CVE-2025-38212
+  References: bsc#1246030 CVE-2025-38212
+- commit 939565c
+
+-------------------------------------------------------------------
+Tue Aug 12 12:05:23 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38494 ("HID: core: do not bypass hid_hw_raw_request")
+  Live patch for CVE-2025-38494. Upstream commit:
+- c2ca42f190b6 ("HID: core: do not bypass hid_hw_raw_request")
+  KLP: CVE-2025-38494
+  References: bsc#1247350 CVE-2025-38494
+- commit dad1889
+
+-------------------------------------------------------------------
+Fri Aug  8 12:38:21 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38495 ("HID: core: ensure the allocated report buffer can contain the reserved report ID")
+  Live patch for CVE-2025-38495. Upstream commit:
+- 4f15ee98304b ("HID: core: ensure the allocated report buffer can contain the reserved report ID")
+  KLP: CVE-2025-38495
+  References: bsc#1247351 CVE-2025-38495
+- commit 3d8c5db
+
+-------------------------------------------------------------------
+Mon Aug  4 18:22:03 CEST 2025 - marco.crivellari@suse.com
+
+- Fix for CVE-2025-38079 ("crypto: algif_hash - fix double free in hash_accept")
+  Live patch for CVE-2025-38079. Upstream commit:
+- b2df03ed4052 ("crypto: algif_hash - fix double free in hash_accept")
+  KLP: CVE-2025-38079
+  References: bsc#1245218 CVE-2025-38079
+- commit b0df6f5
+
 -------------------------------------------------------------------
 Fri Aug  1 08:32:47 CEST 2025 - nstange@suse.de
 
 - Bump up the version number in spec file
 - commit f75734c
 
+-------------------------------------------------------------------
+Thu Jul 31 15:30:08 CEST 2025 - vincenzo.mezzela@suse.com
+
+- Fix for CVE-2025-38083 ("net_sched: prio: fix a race in prio_tune()")
+  Live patch for CVE-2025-38083. Upstream commit:
+- d35acc1be348 ("net_sched: prio: fix a race in prio_tune()")
+  KLP: CVE-2025-38083
+  References: bsc#1245350 CVE-2025-38083
+- commit 22ac46f
+
 -------------------------------------------------------------------
 Thu Jul 31 14:44:07 CEST 2025 - nstange@suse.de
 
@@ -64,6 +498,21 @@ Tue Jul  1 13:36:15 CEST 2025 - mbenes@suse.cz
   time).
 - commit ead79af
 
+-------------------------------------------------------------------
+Fri Jun 27 13:57:01 CEST 2025 - mbenes@suse.cz
+
+- Remove the support for different flavors, take 2
+  There is a support for different kernel flavors from the beginning in
+  our spec file. Originally, there were -default and -xen flavors.
+  However, it is questionable. A live patch is built against a very
+  specific kernel binary. Different flavors of the same kernel source can
+  be easily different also in this respect.
+  Remove it then. The build process is driven by "variant" macro deriving
+  from a branch name. We can stick with that. %klp_module_package defines
+  %flavor based on that. It also keeps %flavors_to_build definition for
+  older releases without this change.
+- commit b9cd481
+
 -------------------------------------------------------------------
 Thu Jun 26 14:51:43 CEST 2025 - mbenes@suse.cz
 
@@ -103,6 +552,17 @@ Wed Jun 18 13:01:24 CEST 2025 - mbenes@suse.cz
   from a branch name. We can stick with that.
 - commit 6254bb4
 
+-------------------------------------------------------------------
+Thu May 15 10:23:31 CEST 2025 - nstange@suse.de
+
+- uname_patch: don't use klp_convert.h wrappers
+  With the removal of klp_convert.h, the uname_patch fails to compile.
+  Replace all invocations of the KLP_SYM_LINKAGE or KLP_SYM() macros
+  formerly defined there in by their expansions for the !USE_KLP_CONVERT
+  case and drop the klp_convert.h #include.
+  Fixes: b2fa29be2 ("Remove old klp-convert support")
+- commit 601b6d1
+
 -------------------------------------------------------------------
 Mon Apr 28 14:31:04 CEST 2025 - mbenes@suse.cz
 
@@ -111,7 +571,7 @@ Mon Apr 28 14:31:04 CEST 2025 - mbenes@suse.cz
   patches. It never happened. Kallsyms was used up until SLE15-SP6 where
   everything was migrated to much lighter klp-convert-mini implementation.
   Remove the old klp-convert support all together now.
-- commit 1731556
+- commit b2fa29b
 
 -------------------------------------------------------------------
 Mon Apr 28 14:00:44 CEST 2025 - mbenes@suse.cz

kernel-livepatch-MICRO-6-0_Update_9.spec

@@ -20,7 +20,7 @@
 %define variant %{nil}
 
 Name:           kernel-livepatch-MICRO-6-0_Update_9
-Version:        2
+Version:        11
 Release:        1
 %define module_num %(echo %version-%release | sed 'y/\./_/')
 License:        GPL-2.0
@@ -36,27 +36,53 @@ Source6:	klp_syscalls.h
 Source7:	klp_trace.h
 Source8:	lp-mod-checks.sh
 # Auto expanded KLP_PATCHES_SOURCES:
-Source9:	bsc1245776.tar.bz2
-Source10:	bsc1245793.tar.bz2
-Source11:	bsc1245797.tar.bz2
+Source9:	bsc1246030.tar.bz2
+Source10:	bsc1246075.tar.bz2
+Source11:	bsc1247158.tar.bz2
+Source12:	bsc1247315.tar.bz2
+Source13:	bsc1247351.tar.bz2
+Source14:	bsc1247452.tar.bz2
+Source15:	bsc1247499.tar.bz2
+Source16:	bsc1248298.tar.bz2
+Source17:	bsc1248376.tar.bz2
+Source18:	bsc1248400.tar.bz2
+Source19:	bsc1248631.tar.bz2
+Source20:	bsc1248670.tar.bz2
+Source21:	bsc1248672.tar.bz2
+Source22:	bsc1248673.tar.bz2
+Source23:	bsc1248749.tar.bz2
+Source24:	bsc1249207.tar.bz2
+Source25:	bsc1249208.tar.bz2
+Source26:	bsc1249241.tar.bz2
+Source27:	bsc1249534.tar.bz2
+Source28:	bsc1249537.tar.bz2
+Source29:	bsc1250192.tar.bz2
+Source30:	bsc1251203.tar.bz2
+Source31:	bsc1251787.tar.bz2
+Source32:	bsc1253437.tar.bz2
+# Use kernel-<flavor> specific build dependencies instead of kernel-syms (bsc#1248108)
 %if "%variant" != ""
 BuildRequires:  kernel%variant-devel
+%else
+BuildRequires:  kernel-default-devel
 %endif
-BuildRequires:  kernel-syms kernel-livepatch-tools-devel libelf-devel
+BuildRequires:  pesign-obs-integration
+BuildRequires:  kernel-livepatch-tools-devel
+BuildRequires:  libelf-devel
 ExclusiveArch:	x86_64 s390x
 %klp_module_package
 
 %description
 This is a live patch for SUSE Linux Enterprise Server kernel.
 
-Source timestamp: 2025-08-01 08:32:47 +0200
-GIT Revision: f75734c60540b2ed28ec6052e62987be06ec7c10
+Source timestamp: 2026-01-20 15:55:29 +0100
+GIT Revision: bd8e9e68e2bf9fafcabebfbc288b0c2dc0f366d3
 GIT Branch: MICRO-6-0_Update_9
 
 %prep
 %setup -c
 # Auto expanded KLP_PATCHES_SETUP_SOURCES:
-%setup -T -D -a 9 -a 10 -a 11
+%setup -T -D -a 9 -a 10 -a 11 -a 12 -a 13 -a 14 -a 15 -a 16 -a 17 -a 18 -a 19 -a 20 -a 21 -a 22 -a 23 -a 24 -a 25 -a 26 -a 27 -a 28 -a 29 -a 30 -a 31 -a 32
 cp %_sourcedir/livepatch_main.c .
 cp %_sourcedir/shadow.h .
 cp %_sourcedir/Makefile .

klp_trace.h

@@ -38,6 +38,13 @@
 #define KLPR_TRACE_EVENT(name, proto, args) \
 	KLPR_DECLARE_TRACE(name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(name, proto, args, cond)		\
+	KLPR___DECLARE_TRACE(name, PARAMS(proto), PARAMS(args),		\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto),				\
+		PARAMS(__data, args))
+
+
 #elif LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
 
 #define KLPR___DO_TRACE_CALL(name, args)   (*klpe___traceiter_##name)(NULL, args)
@@ -99,6 +106,11 @@
 #define KLPR_TRACE_EVENT(name, proto, args) \
 	KLPR_DECLARE_TRACE(name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(name, proto, args, cond)		\
+	KLPR___DECLARE_TRACE(name, PARAMS(proto), PARAMS(args),		\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto))
+
 #else /* LINUX_VERSION_CODE >= KERNEL_VERSION(6, 4, 0) */
 
 #define KLPR___DO_TRACE_CALL(name, args)   __traceiter_##name(NULL, args)
@@ -164,6 +176,11 @@
 #define KLPR_TRACE_EVENT(module, name, proto, args) \
 	KLPR_DECLARE_TRACE(module, name, PARAMS(proto), PARAMS(args))
 
+#define KLPR_TRACE_EVENT_CONDITION(module, name, proto, args, cond)	\
+	KLPR___DECLARE_TRACE(module, name, PARAMS(proto), PARAMS(args),	\
+		cpu_online(raw_smp_processor_id()) && PARAMS(cond),	\
+		PARAMS(void *__data, proto))
+
 #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(5, 12, 0) */
 
 

livepatch_main.c

@@ -25,9 +25,30 @@
 #include "uname_patch/livepatch_uname.h"
 
 /* Auto expanded KLP_PATCHES_INCLUDES: */
-#include "bsc1245776/livepatch_bsc1245776.h"
-#include "bsc1245793/livepatch_bsc1245793.h"
-#include "bsc1245797/livepatch_bsc1245797.h"
+#include "bsc1246030/livepatch_bsc1246030.h"
+#include "bsc1246075/livepatch_bsc1246075.h"
+#include "bsc1247158/livepatch_bsc1247158.h"
+#include "bsc1247315/livepatch_bsc1247315.h"
+#include "bsc1247351/livepatch_bsc1247351.h"
+#include "bsc1247452/livepatch_bsc1247452.h"
+#include "bsc1247499/livepatch_bsc1247499.h"
+#include "bsc1248298/livepatch_bsc1248298.h"
+#include "bsc1248376/livepatch_bsc1248376.h"
+#include "bsc1248400/livepatch_bsc1248400.h"
+#include "bsc1248631/livepatch_bsc1248631.h"
+#include "bsc1248670/livepatch_bsc1248670.h"
+#include "bsc1248672/livepatch_bsc1248672.h"
+#include "bsc1248673/livepatch_bsc1248673.h"
+#include "bsc1248749/livepatch_bsc1248749.h"
+#include "bsc1249207/livepatch_bsc1249207.h"
+#include "bsc1249208/livepatch_bsc1249208.h"
+#include "bsc1249241/livepatch_bsc1249241.h"
+#include "bsc1249534/livepatch_bsc1249534.h"
+#include "bsc1249537/livepatch_bsc1249537.h"
+#include "bsc1250192/livepatch_bsc1250192.h"
+#include "bsc1251203/livepatch_bsc1251203.h"
+#include "bsc1251787/livepatch_bsc1251787.h"
+#include "bsc1253437/livepatch_bsc1253437.h"
 
 
 static struct klp_object objs[] = {
@@ -45,21 +66,133 @@ static struct klp_object objs[] = {
 			  .new_func = KLP_SYSCALL_COMPAT_STUB_SYM(klp_newuname),
 			},
 #endif
-			{ .old_name = __stringify(pfifo_tail_enqueue), .new_func = klpp_pfifo_tail_enqueue, },
+			{ .old_name = __stringify(shm_destroy_orphaned), .new_func = klpp_shm_destroy_orphaned, },
+#if defined(CONFIG_SECRETMEM)
+			{ .old_name = __stringify(KLP_SYSCALL_SYM(memfd_secret)), .new_func = KLP_SYSCALL_SYM(klpp_memfd_secret), },
+#endif
+#if defined(KLP_ARCH_HAS_SYSCALL_COMPAT_STUBS) && defined(CONFIG_SECRETMEM)
+			{ .old_name = __stringify(KLP_SYSCALL_COMPAT_STUB_SYM(memfd_secret)), .new_func = KLP_SYSCALL_COMPAT_STUB_SYM(klpp_memfd_secret), },
+#endif
+			{ .old_name = __stringify(__anon_inode_getfile), .new_func = klpp___anon_inode_getfile, },
+#if IS_ENABLED(CONFIG_HID)
+			{ .old_name = __stringify(hid_alloc_report_buf), .new_func = klpp_hid_alloc_report_buf, },
+			{ .old_name = __stringify(__hid_request), .new_func = klpp___hid_request, },
+#endif
+			{ .old_name = __stringify(path_mount), .new_func = klpp_path_mount, },
+			{ .old_name = __stringify(ipv6_gso_segment), .new_func = klpp_ipv6_gso_segment, },
+			{ .old_name = __stringify(clone_private_mount), .new_func = klpp_clone_private_mount, },
+			{ .old_name = __stringify(fib6_add), .new_func = klpp_fib6_add, },
+			{ .old_name = __stringify(fib6_del), .new_func = klpp_fib6_del, },
+			{ .old_name = __stringify(rt6_nlmsg_size), .new_func = klpp_rt6_nlmsg_size, },
+			{ .old_name = __stringify(rpl_input), .new_func = klpp_rpl_input, },
+			{ .old_name = __stringify(rpl_output), .new_func = klpp_rpl_output, },
 			{ }
 		}
 	},
 	{
-		.name = "sch_hfsc",
+		.name = "af_packet",
 		.funcs = (struct klp_func[]) {
-			{ .old_name = __stringify(hfsc_change_class), .new_func = klpp_hfsc_change_class, },
+			{ .old_name = __stringify(packet_set_ring), .new_func = klpp_packet_set_ring, },
 			{ }
 		}
 	},
 	{
-		.name = "sch_sfq",
+		.name = "exfat",
 		.funcs = (struct klp_func[]) {
-			{ .old_name = __stringify(sfq_init), .new_func = klpp_sfq_init, },
+			{ .old_name = __stringify(exfat_free_upcase_table), .new_func = klpp_exfat_free_upcase_table, },
+			{ }
+		}
+	},
+#if IS_ENABLED(CONFIG_ICE)
+	{
+		.name = "ice",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(ice_copy_and_init_pkg), .new_func = klpp_ice_copy_and_init_pkg, },
+			{ }
+		}
+	},
+#endif
+	{
+		.name = "iscsi_target_mod",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(lio_target_nacl_info_show), .new_func = klpp_lio_target_nacl_info_show, },
+			{ }
+		}
+	},
+#if IS_ENABLED(CONFIG_USB_LIBCOMPOSITE)
+	{
+		.name = "libcomposite",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(composite_os_desc_req_prepare), .new_func = klpp_composite_os_desc_req_prepare, },
+			{ }
+		}
+	},
+#endif
+#if IS_ENABLED(CONFIG_MAC80211)
+	{
+		.name = "mac80211",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(ieee80211_tdls_oper), .new_func = klpp_ieee80211_tdls_oper, },
+			{ }
+		}
+	},
+#endif
+	{
+		.name = "nf_tables",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(nf_tables_newchain), .new_func = klpp_nf_tables_newchain, },
+			{ .old_name = __stringify(nf_tables_newflowtable), .new_func = klpp_nf_tables_newflowtable, },
+			{ }
+		}
+	},
+	{
+		.name = "sch_qfq",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(qfq_change_class), .new_func = klpp_qfq_change_class, },
+			{ .old_name = __stringify(qfq_delete_class), .new_func = klpp_qfq_delete_class, },
+			{ .old_name = __stringify(qfq_dump_class), .new_func = klpp_qfq_dump_class, },
+			{ .old_name = __stringify(qfq_dump_class_stats), .new_func = klpp_qfq_dump_class_stats, },
+			{ .old_name = __stringify(qfq_destroy_qdisc), .new_func = klpp_qfq_destroy_qdisc, },
+			{ }
+		}
+	},
+	{
+		.name = "sctp",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(sctp_unpack_cookie), .new_func = klpp_sctp_unpack_cookie, },
+			{ .old_name = __stringify(sctp_sf_authenticate), .new_func = klpp_sctp_sf_authenticate, },
+			{ }
+		}
+	},
+	{
+		.name = "sunrpc",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(svc_tcp_read_msg), .new_func = klpp_svc_tcp_read_msg, },
+			{ .old_name = __stringify(svc_tcp_recvfrom), .new_func = klpp_svc_tcp_recvfrom, },
+			{ }
+		}
+	},
+	{
+		.name = "tls",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(tls_strp_check_rcv), .new_func = klpp_tls_strp_check_rcv, },
+			{ .old_name = __stringify(bpf_exec_tx_verdict), .new_func = klpp_bpf_exec_tx_verdict, },
+			{ .old_name = __stringify(tls_rx_rec_wait), .new_func = klpp_tls_rx_rec_wait, },
+			{ .old_name = __stringify(tls_sw_recvmsg), .new_func = klpp_tls_sw_recvmsg, },
+			{ }
+		}
+	},
+	{
+		.name = "vsock",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(__vsock_bind), .new_func = klpp___vsock_bind, },
+			{ }
+		}
+	},
+	{
+		.name = "xfrm_interface",
+		.funcs = (struct klp_func[]) {
+			{ .old_name = __stringify(xfrmi_changelink), .new_func = klpp_xfrmi_changelink, },
 			{ }
 		}
 	},
@@ -79,29 +212,155 @@ static int __init klp_patch_init(void)
 	pr_info("livepatch: initializing\n");
 
 	/* Auto expanded KLP_PATCHES_INIT_CALLS: */
-	retval = livepatch_bsc1245776_init();
+	retval = livepatch_bsc1246030_init();
 	if (retval)
-		goto err_bsc1245776;
+		goto err_bsc1246030;
 
-	retval = livepatch_bsc1245793_init();
+	retval = livepatch_bsc1246075_init();
 	if (retval)
-		goto err_bsc1245793;
+		goto err_bsc1246075;
 
-	retval = livepatch_bsc1245797_init();
+	retval = livepatch_bsc1247158_init();
 	if (retval)
-		goto err_bsc1245797;
+		goto err_bsc1247158;
+
+	retval = livepatch_bsc1247315_init();
+	if (retval)
+		goto err_bsc1247315;
+
+	retval = livepatch_bsc1247351_init();
+	if (retval)
+		goto err_bsc1247351;
+
+	retval = livepatch_bsc1247452_init();
+	if (retval)
+		goto err_bsc1247452;
+
+	retval = livepatch_bsc1247499_init();
+	if (retval)
+		goto err_bsc1247499;
+
+	retval = livepatch_bsc1248298_init();
+	if (retval)
+		goto err_bsc1248298;
+
+	retval = livepatch_bsc1248376_init();
+	if (retval)
+		goto err_bsc1248376;
+
+	retval = livepatch_bsc1248400_init();
+	if (retval)
+		goto err_bsc1248400;
+
+	retval = livepatch_bsc1248631_init();
+	if (retval)
+		goto err_bsc1248631;
+
+	retval = livepatch_bsc1248670_init();
+	if (retval)
+		goto err_bsc1248670;
+
+	retval = livepatch_bsc1248672_init();
+	if (retval)
+		goto err_bsc1248672;
+
+	retval = livepatch_bsc1248673_init();
+	if (retval)
+		goto err_bsc1248673;
+
+	retval = livepatch_bsc1248749_init();
+	if (retval)
+		goto err_bsc1248749;
+
+	retval = livepatch_bsc1249207_init();
+	if (retval)
+		goto err_bsc1249207;
+
+	retval = livepatch_bsc1249208_init();
+	if (retval)
+		goto err_bsc1249208;
+
+	retval = livepatch_bsc1249241_init();
+	if (retval)
+		goto err_bsc1249241;
+
+	retval = livepatch_bsc1249534_init();
+	if (retval)
+		goto err_bsc1249534;
+
+	retval = livepatch_bsc1249537_init();
+	if (retval)
+		goto err_bsc1249537;
+
+	retval = livepatch_bsc1250192_init();
+	if (retval)
+		goto err_bsc1250192;
+
+	retval = livepatch_bsc1251203_init();
+	if (retval)
+		goto err_bsc1251203;
+
+	retval = livepatch_bsc1251787_init();
+	if (retval)
+		goto err_bsc1251787;
+
+	retval = livepatch_bsc1253437_init();
+	if (retval)
+		goto err_bsc1253437;
 
 	retval = klp_enable_patch(&patch);
 	if (!retval)
 		return retval;
 
 	/* Auto expanded KLP_PATCHES_INIT_ERR_HANDLERS: */
-	livepatch_bsc1245797_cleanup();
-err_bsc1245797:
-	livepatch_bsc1245793_cleanup();
-err_bsc1245793:
-	livepatch_bsc1245776_cleanup();
-err_bsc1245776:
+	livepatch_bsc1253437_cleanup();
+err_bsc1253437:
+	livepatch_bsc1251787_cleanup();
+err_bsc1251787:
+	livepatch_bsc1251203_cleanup();
+err_bsc1251203:
+	livepatch_bsc1250192_cleanup();
+err_bsc1250192:
+	livepatch_bsc1249537_cleanup();
+err_bsc1249537:
+	livepatch_bsc1249534_cleanup();
+err_bsc1249534:
+	livepatch_bsc1249241_cleanup();
+err_bsc1249241:
+	livepatch_bsc1249208_cleanup();
+err_bsc1249208:
+	livepatch_bsc1249207_cleanup();
+err_bsc1249207:
+	livepatch_bsc1248749_cleanup();
+err_bsc1248749:
+	livepatch_bsc1248673_cleanup();
+err_bsc1248673:
+	livepatch_bsc1248672_cleanup();
+err_bsc1248672:
+	livepatch_bsc1248670_cleanup();
+err_bsc1248670:
+	livepatch_bsc1248631_cleanup();
+err_bsc1248631:
+	livepatch_bsc1248400_cleanup();
+err_bsc1248400:
+	livepatch_bsc1248376_cleanup();
+err_bsc1248376:
+	livepatch_bsc1248298_cleanup();
+err_bsc1248298:
+	livepatch_bsc1247499_cleanup();
+err_bsc1247499:
+	livepatch_bsc1247452_cleanup();
+err_bsc1247452:
+	livepatch_bsc1247351_cleanup();
+err_bsc1247351:
+	livepatch_bsc1247315_cleanup();
+err_bsc1247315:
+	livepatch_bsc1247158_cleanup();
+err_bsc1247158:
+	livepatch_bsc1246075_cleanup();
+err_bsc1246075:
+	livepatch_bsc1246030_cleanup();
+err_bsc1246030:
 
 	return retval;
 }
@@ -111,9 +370,30 @@ static void __exit klp_patch_cleanup(void)
 	pr_info("livepatch: removed\n");
 
 	/* Auto expanded KLP_PATCHES_CLEANUP_CALLS: */
-	livepatch_bsc1245776_cleanup();
-	livepatch_bsc1245793_cleanup();
-	livepatch_bsc1245797_cleanup();
+	livepatch_bsc1246030_cleanup();
+	livepatch_bsc1246075_cleanup();
+	livepatch_bsc1247158_cleanup();
+	livepatch_bsc1247315_cleanup();
+	livepatch_bsc1247351_cleanup();
+	livepatch_bsc1247452_cleanup();
+	livepatch_bsc1247499_cleanup();
+	livepatch_bsc1248298_cleanup();
+	livepatch_bsc1248376_cleanup();
+	livepatch_bsc1248400_cleanup();
+	livepatch_bsc1248631_cleanup();
+	livepatch_bsc1248670_cleanup();
+	livepatch_bsc1248672_cleanup();
+	livepatch_bsc1248673_cleanup();
+	livepatch_bsc1248749_cleanup();
+	livepatch_bsc1249207_cleanup();
+	livepatch_bsc1249208_cleanup();
+	livepatch_bsc1249241_cleanup();
+	livepatch_bsc1249534_cleanup();
+	livepatch_bsc1249537_cleanup();
+	livepatch_bsc1250192_cleanup();
+	livepatch_bsc1251203_cleanup();
+	livepatch_bsc1251787_cleanup();
+	livepatch_bsc1253437_cleanup();
 
 }
 
@@ -122,4 +402,4 @@ module_exit(klp_patch_cleanup);
 
 MODULE_LICENSE("GPL");
 MODULE_INFO(livepatch, "Y");
-MODULE_INFO(klpgitrev, "f75734c60540b2ed28ec6052e62987be06ec7c10");
+MODULE_INFO(klpgitrev, "bd8e9e68e2bf9fafcabebfbc288b0c2dc0f366d3");

source-timestamp

@@ -1,3 +1,3 @@
-2025-08-01 08:32:47 +0200
-GIT Revision: f75734c60540b2ed28ec6052e62987be06ec7c10
+2026-01-20 15:55:29 +0100
+GIT Revision: bd8e9e68e2bf9fafcabebfbc288b0c2dc0f366d3
 GIT Branch: MICRO-6-0_Update_9