maint: cleanup detection of const'ness of selinux ctx

Commit 292d3f2d fixed the build with libselinux 2.3, but missed
some suggestions by eblake

https://www.redhat.com/archives/libvir-list/2014-May/msg00977.html

This patch changes the macro introduced in 292d3f2d to either be
empty in the case of newer libselinux, or contain 'const' in the
case of older libselinux.  The macro is then used directly in
tests/securityselinuxhelper.c.

diff --git a/m4/virt-selinux.m4 b/m4/virt-selinux.m4
index 1d899d5beaa6c98363b1f77d7cdac199e79bf53a..2764a304d70584a302734a2b35f33b2809db9054 100644 (file)
--- a/m4/virt-selinux.m4
+++ b/m4/virt-selinux.m4
@@ -29,19 +29,18 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
 
   if test "$with_selinux" = "yes"; then
     # libselinux changed signatures between 2.2 and 2.3
-    AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
+    AC_CACHE_CHECK([for selinux setcon parameter type], [lv_cv_setcon_param],
     [AC_COMPILE_IFELSE(
       [AC_LANG_PROGRAM(
          [[
 #include <selinux/selinux.h>
-int setcon(const security_context_t context);
+int setcon(char *context);
          ]])],
-         [gt_cv_setcon_param='security_context_t'],
-         [gt_cv_setcon_param='const char*'])])
-    if test "$gt_cv_setcon_param" = 'const char*'; then
-       AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
-                          [SELinux uses newer char * for security context])
-    fi
+         [lv_cv_setcon_const=''],
+         [lv_cv_setcon_const='const'])])
+    AC_DEFINE_UNQUOTED([VIR_SELINUX_CTX_CONST], [$lv_cv_setcon_const],
+      [Define to empty or 'const' depending on how SELinux qualifies its
+       security context parameters])
 
     AC_MSG_CHECKING([SELinux mount point])
     if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then

diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
index af4fae4ddce92b5c1586feb5b4c3eca56d24301c..1252c15d32624f90104210d09dad907754b9fd6e 100644 (file)
--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -156,11 +156,7 @@ int getpidcon(pid_t pid, security_context_t *context)
     return getpidcon_raw(pid, context);
 }
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setcon_raw(const char *context)
-#else
-int setcon_raw(security_context_t context)
-#endif
+int setcon_raw(VIR_SELINUX_CTX_CONST char *context)
 {
     if (!is_selinux_enabled()) {
         errno = EINVAL;
@@ -169,21 +165,13 @@ int setcon_raw(security_context_t context)
     return setenv("FAKE_SELINUX_CONTEXT", context, 1);
 }
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setcon(const char *context)
-#else
-int setcon(security_context_t context)
-#endif
+int setcon(VIR_SELINUX_CTX_CONST char *context)
 {
     return setcon_raw(context);
 }
 
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setfilecon_raw(const char *path, const char *con)
-#else
-int setfilecon_raw(const char *path, security_context_t con)
-#endif
+int setfilecon_raw(const char *path, VIR_SELINUX_CTX_CONST char *con)
 {
     const char *constr = con;
     if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
@@ -194,11 +182,7 @@ int setfilecon_raw(const char *path, security_context_t con)
                     constr, strlen(constr), 0);
 }
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setfilecon(const char *path, const char *con)
-#else
-int setfilecon(const char *path, security_context_t con)
-#endif
+int setfilecon(const char *path, VIR_SELINUX_CTX_CONST char *con)
 {
     return setfilecon_raw(path, con);
 }