From 7b6282275912bed724f9a66c44f1cb9ac3cd7b12 Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Mon, 8 Dec 2025 07:54:44 +0000
Subject: [PATCH] Import from CS git

---
 .gitignore          |  2 +-
 .kernel-rt.metadata |  2 +-
 SPECS/kernel.spec   | 18 +++++++++++++++---
 3 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/.gitignore b/.gitignore
index 060d5a0..0b16050 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
 SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
-SOURCES/linux-4.18.0-553.87.1.rt7.428.el8_10.tar.xz
+SOURCES/linux-4.18.0-553.89.1.rt7.430.el8_10.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata
index ecdbdf1..d54e788 100644
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@@ -1,6 +1,6 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-00489ee679e7464d3553ef40a1b003100274f9f0 SOURCES/linux-4.18.0-553.87.1.rt7.428.el8_10.tar.xz
+a8bb2ccd0cf445e5288b3d36221b1e47587a261a SOURCES/linux-4.18.0-553.89.1.rt7.430.el8_10.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index a88570e..f9c611a 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.87.1.rt7.428.el8_10
+%define pkgrelease 553.89.1.rt7.430.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.87.1.rt7.428%{?dist}
+%define specrelease 553.89.1.rt7.430%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .428
+%global rtbuild .430
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@@ -2708,6 +2708,18 @@ fi
 #
 #
 %changelog
+* Mon Dec 01 2025 Alexandra Hájková <ahajkova@redhat.com> [4.18.0-553.89.1.rt7.430.el8_10]
+- mm: memcg: use READ_ONCE()/WRITE_ONCE() to access stock->cached (Radostin Stoyanov) [RHEL-122774]
+- mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() (Radostin Stoyanov) [RHEL-122774] {CVE-2023-53401}
+- mm/memcg: revert ("mm/memcg: optimize user context object stock access") (Radostin Stoyanov) [RHEL-122774] {CVE-2023-53401}
+- gfs2: Add proper lockspace locking (Andreas Gruenbacher) [RHEL-88660]
+- gfs2: do_xmote cleanup (Andreas Gruenbacher) [RHEL-88660]
+
+* Thu Nov 27 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.88.1.rt7.429.el8_10]
+- scsi: s390: zfcp: Ensure synchronous unit_add (Mete Durlu) [RHEL-129199]
+- RDMA/rxe: Fix incomplete state save in rxe_requester (Kamal Heib) [RHEL-124700] {CVE-2023-53539}
+- RDMA/rxe: Fix mr->map double free (CKI Backport Bot) [RHEL-123715] {CVE-2022-50543}
+
 * Tue Nov 25 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.87.1.rt7.428.el8_10]
 - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). (Antoine Tenart) [RHEL-120664]
 - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). (Antoine Tenart) [RHEL-120664] {CVE-2025-39955}