From 3a71da838f2d3b84a03084821b0eb054d3b52003 Mon Sep 17 00:00:00 2001
From: Eduard Abdullin <eabdullin@almalinux.org>
Date: Fri, 29 May 2026 02:07:36 +0000
Subject: [PATCH] Debrand for AlmaLinux OS

Use AlmaLinux OS secure boot cert

Enable Btrfs support for all kernel variants

hpsa: bring back deprecated PCI ids #CFHack #CFHack2024

mptsas: bring back deprecated PCI ids #CFHack #CFHack2024

megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024

qla2xxx: bring back deprecated PCI ids #CFHack #CFHack2024

qla4xxx: bring back deprecated PCI ids

be2iscsi: bring back deprecated PCI ids

kernel/rh_messages.h: enable all disabled pci devices by moving to unmaintained
---
 Makefile.rhelver |  2 +-
 kernel.changelog |  8 ++++++++
 kernel.spec      | 21 ++++++++++++++-------
 sources          |  6 +++---
 4 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/Makefile.rhelver b/Makefile.rhelver
index 4289e2e39..146f65f93 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 3
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 232
+RHEL_RELEASE = 233
 
 #
 # RHEL_REBASE_NUM
diff --git a/kernel.changelog b/kernel.changelog
index ac27db8a4..a716be93c 100644
--- a/kernel.changelog
+++ b/kernel.changelog
@@ -1,3 +1,11 @@
+* Tue May 26 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-233.el10]
+- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (CKI Backport Bot) [RHEL-130557]
+- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163346] {CVE-2025-38653}
+- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163346] {CVE-2025-38653}
+- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163346] {CVE-2025-38653}
+- rxrpc: Fix recvmsg() unconditional requeue (CKI Backport Bot) [RHEL-147235] {CVE-2026-23066}
+Resolves: RHEL-130557, RHEL-147235, RHEL-163346
+
 * Mon May 25 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-232.el10]
 - PCI: Fix alignment calculation for resource size larger than align (Myron Stowe) [RHEL-151449]
 - PCI: Fix premature removal from realloc_head list during resource assignment (Myron Stowe) [RHEL-151449]
diff --git a/kernel.spec b/kernel.spec
index 2a6b28ff6..e81091330 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -179,15 +179,15 @@ Summary: The Linux kernel
 %define specrpmversion 6.12.0
 %define specversion 6.12.0
 %define patchversion 6.12
-%define pkgrelease 232
+%define pkgrelease 233
 %define kversion 6
-%define tarfile_release 6.12.0-232.el10
+%define tarfile_release 6.12.0-233.el10
 # This is needed to do merge window version magic
 %define patchlevel 12
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 232%{?buildid}%{?dist}
+%define specrelease 233%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 6.12.0-232.el10
+%define kabiversion 6.12.0-233.el10
 
 # If this variable is set to 1, a bpf selftests build failure will cause a
 # fatal kernel package build error
@@ -4552,14 +4552,14 @@ fi\
 #
 #
 %changelog
-* Wed May 27 2026 Eduard Abdullin <eabdullin@almalinux.org> - 6.12.0-232
+* Fri May 29 2026 Eduard Abdullin <eabdullin@almalinux.org> - 6.12.0-233
 - Debrand for AlmaLinux OS
 - Use AlmaLinux OS secure boot cert
 
-* Wed May 27 2026 Neal Gompa <ngompa@almalinux.org> - 6.12.0-232
+* Fri May 29 2026 Neal Gompa <ngompa@almalinux.org> - 6.12.0-233
 - Enable Btrfs support for all kernel variants
 
-* Wed May 27 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 6.12.0-232
+* Fri May 29 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 6.12.0-233
 - hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
 - mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
 - megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024
@@ -4569,6 +4569,13 @@ fi\
 - kernel/rh_messages.h: enable all disabled pci devices by moving to
   unmaintained
 
+* Tue May 26 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-233.el10]
+- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (CKI Backport Bot) [RHEL-130557]
+- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-163346] {CVE-2025-38653}
+- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-163346] {CVE-2025-38653}
+- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CKI Backport Bot) [RHEL-163346] {CVE-2025-38653}
+- rxrpc: Fix recvmsg() unconditional requeue (CKI Backport Bot) [RHEL-147235] {CVE-2026-23066}
+
 * Mon May 25 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-232.el10]
 - PCI: Fix alignment calculation for resource size larger than align (Myron Stowe) [RHEL-151449]
 - PCI: Fix premature removal from realloc_head list during resource assignment (Myron Stowe) [RHEL-151449]
diff --git a/sources b/sources
index eb542a700..7c47b0ed0 100644
--- a/sources
+++ b/sources
@@ -1,5 +1,5 @@
 SHA512 (kernel-abi-stablelists-6.6.0.tar.bz2) = 4f917598056dee5e23814621ec96ff2e4a411c8c4ba9d56ecb01b23cb96431825bedbecfcbaac9338efbf5cb21694d85497fa0bf43e7c80d9cd10bc6dd144dbd
 SHA512 (kernel-kabi-dw-6.6.0.tar.bz2) = 19308cd976031d05e18ef7f5d093218acdb89446418bab0cd956ff12cf66369915b9e64bb66fa9f20939428a60e81884fec5be3529c6c7461738d6540d3cc5c6
-SHA512 (linux-6.12.0-232.el10.tar.xz) = 4a8b41b66dfdac0ccacea3820cbafd01fee428e6f16a88dccf9e8d36cef4dbd072082d30b6326c08f22b29194bc7013ab8ab403b2afc5d8f0797c0480109edc4
-SHA512 (kernel-abi-stablelists-6.12.0-232.el10.tar.xz) = b8aeb9d640ad7a548a6dbd9996ca02a56ce9bb56315882012e71dd42fa7f447b17f775ae6d944af6fc1ffcd4cfd400a6409963a73b444ded053e6eb86e66ea00
-SHA512 (kernel-kabi-dw-6.12.0-232.el10.tar.xz) = 8d3f169d84fb4e536e76421db5abb1a019e4cba43401d917b69035e436987858498eaeb7879a9ab48c910ad4cda39158413ac2ffb5b2229b7e2bc3414d797c6a
+SHA512 (linux-6.12.0-233.el10.tar.xz) = dbee92c0088f1297fab9bbeab034b8e336b4eb23673a7d3d2b63b788fcbd1b145dc6b1592e27954890570222f1f1472be365da26f6ea4f884eb6dacc9f8f1246
+SHA512 (kernel-abi-stablelists-6.12.0-233.el10.tar.xz) = f7045b8ab84924a16e8baac3231ca3e209b9a304147d94cff26519c361ddcc21b662672004228f52d421c648f033c92a0084d61ada64eedd46a0c4c1a689a440
+SHA512 (kernel-kabi-dw-6.12.0-233.el10.tar.xz) = ffa5381f52ec9dcc010b7181fce3da6b5cfd683707f1ec2ed3c5e0264570f6acf8abe41a5e725360fd61fc81eaa9ee266c498e3acc813469500e5541f99f3717