diff --git a/SOURCES/0089-Revert-cgroup-util-Don-t-try-to-open-pidfd-for-kerne.patch b/SOURCES/0089-Revert-cgroup-util-Don-t-try-to-open-pidfd-for-kerne.patch
new file mode 100644
index 0000000000000000000000000000000000000000..2b968973b306c21468a2fbae93c0501bc9e5cb3d
--- /dev/null
+++ b/SOURCES/0089-Revert-cgroup-util-Don-t-try-to-open-pidfd-for-kerne.patch
@@ -0,0 +1,33 @@
+From 38623336fb84eb0df1f72ef8d472a36bb5d60822 Mon Sep 17 00:00:00 2001
+From: Daan De Meyer <daan.j.demeyer@gmail.com>
+Date: Wed, 21 Aug 2024 11:25:46 +0200
+Subject: [PATCH] Revert "cgroup-util: Don't try to open pidfd for kernel
+ threads"
+
+The kernel patch was reverted so let's try again to open pidfds
+for kernel threads.
+
+This reverts commit ead48ec35c863650944352a3455f26ce3b393058.
+
+(cherry picked from commit 1ce69e06615e69692a6d02d447acfd77f5d44631)
+
+Related: RHEL-52634
+---
+ src/basic/cgroup-util.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
+index 2c64a54906..a6ad711ac0 100644
+--- a/src/basic/cgroup-util.c
++++ b/src/basic/cgroup-util.c
+@@ -149,9 +149,7 @@ int cg_read_pidref(FILE *f, PidRef *ret, CGroupFlags flags) {
+                 if (pid == 0)
+                         return -EREMOTE;
+ 
+-                /* We might read kernel thread pids from cgroup.procs for which we cannot create a pidfd so
+-                 * catch those and don't try to create a pidfd for them. */
+-                if (FLAGS_SET(flags, CGROUP_NO_PIDFD) || pid_is_kernel_thread(pid) > 0) {
++                if (FLAGS_SET(flags, CGROUP_NO_PIDFD)) {
+                         *ret = PIDREF_MAKE_FROM_PID(pid);
+                         return 1;
+                 }
diff --git a/SOURCES/0090-ukify-Skip-test-on-architectures-without-UEFI.patch b/SOURCES/0090-ukify-Skip-test-on-architectures-without-UEFI.patch
new file mode 100644
index 0000000000000000000000000000000000000000..e502a96095e26ec8ba3249d5bd86ae18dae28126
--- /dev/null
+++ b/SOURCES/0090-ukify-Skip-test-on-architectures-without-UEFI.patch
@@ -0,0 +1,30 @@
+From 65dbacdb67ae94f7481a413dfea651b2d8a74d13 Mon Sep 17 00:00:00 2001
+From: Daan De Meyer <daan.j.demeyer@gmail.com>
+Date: Wed, 28 Aug 2024 14:08:30 +0200
+Subject: [PATCH] ukify: Skip test on architectures without UEFI
+
+(cherry picked from commit 5121f7c45b37afca53c89f42123b1dd6a04fa80f)
+
+Related: RHEL-52634
+---
+ src/ukify/test/test_ukify.py | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/ukify/test/test_ukify.py b/src/ukify/test/test_ukify.py
+index 0e3f932890..15d1578695 100755
+--- a/src/ukify/test/test_ukify.py
++++ b/src/ukify/test/test_ukify.py
+@@ -35,6 +35,13 @@ except ImportError as e:
+ sys.path.append(os.path.dirname(__file__) + '/..')
+ import ukify
+ 
++# Skip if we're running on an architecture that does not use UEFI.
++try:
++    ukify.guess_efi_arch()
++except ValueError as e:
++    print(str(e), file=sys.stderr)
++    sys.exit(77)
++
+ build_root = os.getenv('PROJECT_BUILD_ROOT')
+ try:
+     slow_tests = bool(int(os.getenv('SYSTEMD_SLOW_TESTS', '1')))
diff --git a/SOURCES/split-files.py b/SOURCES/split-files.py
index 7bdd2ed9db4a3a11e82056f7f8f58473885d71c1..5337c1ada00d3072a7711d3dc5f33f878b879b13 100644
--- a/SOURCES/split-files.py
+++ b/SOURCES/split-files.py
@@ -228,6 +228,6 @@ for file in files(buildroot):
 if [print(f'ERROR: no file names were written to {o.name}')
     for name, o in outputs.items()
     if (o.tell() == 0 and
-        not (no_bootloader and name in ('ukify', 'boot')))
+        not (no_bootloader and name == 'boot'))
     ]:
     sys.exit(1)
diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec
index eb95b43f9b96f807d428c38f8f00dd64059db759..7619540a272e95af9463b417353fea38f5fa1bd1 100644
--- a/SPECS/systemd.spec
+++ b/SPECS/systemd.spec
@@ -48,7 +48,7 @@ Url:            https://systemd.io
 # Allow users to specify the version and release when building the rpm by 
 # setting the %%version_override and %%release_override macros.
 Version:        %{?version_override}%{!?version_override:256}
-Release:        13%{?dist}
+Release:        14%{?dist}
 
 %global stable %(c="%version"; [ "$c" = "${c#*.*}" ]; echo $?)
 
@@ -194,6 +194,8 @@ Patch0085: 0085-cgroup-util-fix-typo.patch
 Patch0086: 0086-netif-naming-scheme-rename-rhel-10.0-to-rhel-10.0.be.patch
 Patch0087: 0087-net-naming-scheme-disable-NAMING_FIRMWARE_NODE_SUN.patch
 Patch0088: 0088-net-naming-scheme-remove-NAMING_FIRMWARE_NODE_SUN-fr.patch
+Patch0089: 0089-Revert-cgroup-util-Don-t-try-to-open-pidfd-for-kerne.patch
+Patch0090: 0090-ukify-Skip-test-on-architectures-without-UEFI.patch
 
 # Downstream-only patches (9000–9999)
 
@@ -512,12 +514,16 @@ This package also provides systemd-timesyncd, a network time protocol daemon.
 It also contains tools to manage encrypted home areas and secrets bound to the
 machine, and to create or grow partitions and make file systems automatically.
 
-%if 0%{?want_bootloader}
 %package ukify
 Summary:        Tool to build Unified Kernel Images
 Requires:       %{name} = %{version}-%{release}
 
-Requires:       systemd-boot
+Requires:       (systemd-boot if %{shrink:(
+        filesystem(x86-32) or
+        filesystem(x86-64) or
+        filesystem(aarch64) or
+        filesystem(riscv64)
+)})
 Requires:       python3dist(pefile)
 Requires:       python3dist(zstd)
 Requires:       python3dist(cryptography)
@@ -530,11 +536,14 @@ Recommends:     python3dist(pillow)
 %endif
 BuildRequires:  binutils %{?binutils_version_req}
 
+BuildArch:      noarch
+
 %description ukify
 This package provides ukify, a script that combines a kernel image, an initrd,
 with a command line, and possibly PCR measurements and other metadata, into a
 Unified Kernel Image (UKI).
 
+%if 0%{?want_bootloader}
 %package boot-unsigned
 Summary: UEFI boot manager (unsigned version)
 
@@ -723,10 +732,8 @@ CONFIGURE_OPTS=(
         # For now, let's build the bootloader in the same places where we
         # built with gnu-efi. Later on, we might want to extend coverage, but
         # considering that that support is untested, let's not do this now.
-        # Note, ukify requires bootloader, let's also explicitly enable/disable it
-        # here for https://github.com/systemd/systemd/pull/24175.
         -Dbootloader=%[%{?want_bootloader}?"enabled":"disabled"]
-        -Dukify=%[%{?want_bootloader}?"enabled":"disabled"]
+        -Dukify=enabled
 
         # RHEL10 bootstrapping
         -Dstandalone-binaries=false
@@ -1099,8 +1106,8 @@ getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /s
 
 %files udev -f .file-list-udev
 
-%if 0%{?want_bootloader}
 %files ukify -f .file-list-ukify
+%if 0%{?want_bootloader}
 %files boot-unsigned -f .file-list-boot
 %endif
 
@@ -1118,6 +1125,10 @@ rm -f .file-list-*
 rm -f %{name}.lang
 
 %changelog
+* Fri Aug 30 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-14
+- Revert "cgroup-util: Don't try to open pidfd for kernel threads" (RHEL-52634)
+- ukify: Skip test on architectures without UEFI (RHEL-52634)
+
 * Thu Aug 22 2024 systemd maintenance team <systemd-maint@redhat.com> - 256-13
 - systemctl: do not try to acquire triggering units for template units (RHEL-55132)
 - core/unit: add one assertion for u->manager (RHEL-55734)