import CS stalld-1.19.6-1.el9

.gitignore

@@ -1 +1 @@
-SOURCES/stalld-1.19.1.tar.bz2
+SOURCES/stalld-1.19.6.tar.bz2

.stalld.metadata

@@ -1 +1 @@
-5830e75cdc32cf0953ce9f223c9074681211c0d8 SOURCES/stalld-1.19.1.tar.bz2
+406389a8a23b5fa8c6511194461c4458120cc17e SOURCES/stalld-1.19.6.tar.bz2

SOURCES/Make-fill_process_comm-open-comm-file-as-READ_ONLY.patch

@@ -1,34 +0,0 @@
-From f9c0ade7cd9a514d4ca6f81f797284e11c56b31a Mon Sep 17 00:00:00 2001
-From: Chris White <chwhite@redhat.com>
-Date: Wed, 21 Feb 2024 15:22:44 -0500
-Subject: [PATCH] Make fill_process_comm() open comm file as READ_ONLY
-
-The fill_process_comm() opens the comm file using O_RDWR. The
-function itself does not perform a write operation on the file,
-and opening this in read and write mode can cause selinux policy
-violations where opening the file with write permission is
-restricted. Since the function itself only needs to read from this
-fd, changing this to READ_ONLY (O_RDONLY)
-
-Signed-off-by: Chris White <chwhite@redhat.com>
-Signed-off-by: John Kacur <jkacur@redhat.com>
----
- src/utils.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/utils.c b/src/utils.c
-index f6feca7040d8..898f4a5d06a7 100644
---- a/src/utils.c
-+++ b/src/utils.c
-@@ -55,7 +55,7 @@ int fill_process_comm(int tgid, int pid, char *comm, int comm_size)
- 	if (retval < 0)
- 		goto out_error;
- 
--	fd = open(path, O_RDWR);
-+	fd = open(path, O_RDONLY);
- 	if (fd < 0) {
- 		log_msg("failed to open comm file at %s\n", path);
- 		goto out_error;
--- 
-2.43.0
-

SPECS/stalld.spec

@@ -1,6 +1,6 @@
 Name:		stalld
-Version:	1.19.1
-Release:	2%{?dist}
+Version:	1.19.6
+Release:	1%{?dist}
 Summary:	Daemon that finds starving tasks and gives them a temporary boost
 
 License:	GPLv2
@@ -22,8 +22,7 @@ BuildRequires:	libbpf-devel
 Requires:	libbpf
 %endif
 
-# Patches
-Patch1: Make-fill_process_comm-open-comm-file-as-READ_ONLY.patch
+%define _hardened_build 1
 
 %description
 The stalld program monitors the set of system threads,
@@ -37,7 +36,7 @@ allow 10 microseconds of runtime for 1 second of clock time.
 %autosetup -p1
 
 %build
-%make_build CFLAGS="%{optflags} %{build_cflags} -DVERSION="\\\"%{version}\\\"""  LDFLAGS="%{build_ldflags}"
+%make_build RPMCFLAGS="%{optflags} %{build_cflags} -DVERSION="\\\"%{version}\\\"""  RPMLDFLAGS="%{build_ldflags}"
 
 %install
 %make_install DOCDIR=%{_docdir} MANDIR=%{_mandir} BINDIR=%{_bindir} DATADIR=%{_datadir} VERSION=%{version}
@@ -62,6 +61,23 @@ allow 10 microseconds of runtime for 1 second of clock time.
 %systemd_postun_with_restart %{name}.service
 
 %changelog
+* Thu Aug 22 2024 Chris White <chwhite@redhat.com> - 1.19.6-1
+- Makefile: add uninstall target
+- systemd: add BE environment variable to select backend
+Resolves: RHEL-33662
+
+* Wed Jul 31 2024 Chris White <chwhite@redhat.com> - 1.19.5-2
+- Fix changelog to use RPMCFLAGS, allowing for bpf to be used
+Resolves: RHEL-33662
+
+* Thu Jul 18 2024 Chris White <chwhite@redhat.com> - 1.19.5-1
+- Updated compile options for annocheck hardening
+- Ensure we resolve library symbols at load time (-z now) and are a Position Independent Executable (-pie). Refactored compile options to better deal with arch differences.
+- Added an 'annocheck' makefile target for local checking.
+- Makefile: change build to use FORTIFY_SOURCE=3
+- src/utils.c: fix off-by-one error in buffer allocation
+Resolves: RHEL-33662
+
 * Wed Feb 21 2024 John Kacur <jkacur@redhat.com> - 1.19.1-2
 -  Make fill_process_comm() open comm file as READ_ONLY
 Resolves: RHEL-25846