maint: cleanup detection of const'ness of selinux ctx

Commit 292d3f2d fixed the build with libselinux 2.3, but missed some suggestions by eblake https://www.redhat.com/archives/libvir-list/2014-May/msg00977.html This patch changes the macro introduced in 292d3f2d to either be empty in the case of newer libselinux, or contain 'const' in the case of older libselinux. The macro is then used directly in tests/securityselinuxhelper.c. (cherry picked from commit b109c097)

maint: cleanup detection of const'ness of selinux ctx
Commit 292d3f2d fixed the build with libselinux 2.3, but missed some suggestions by eblake https://www.redhat.com/archives/libvir-list/2014-May/msg00977.html This patch changes the macro introduced in 292d3f2d to either be empty in the case of newer libselinux, or contain 'const' in the case of older libselinux. The macro is then used directly in tests/securityselinuxhelper.c. (cherry picked from commit b109c097)
1343f237 · Jim Fehlig · Eric Blake · 26f47e6a · 1343f237 · 1343f237
隐藏空白更改
内联并排

Showing with 11 addition and 28 deletion

m4/virt-selinux.m4 m4/virt-selinux.m4 +7 -8

tests/securityselinuxhelper.c tests/securityselinuxhelper.c +4 -20

未找到文件。
--- a/m4/virt-selinux.m4
+++ b/m4/virt-selinux.m4
@@ -29,19 +29,18 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
  if test "$with_selinux" = "yes"; then
    # libselinux changed signatures between 2.2 and 2.3
-    AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
+    AC_CACHE_CHECK([for selinux setcon parameter type], [lv_cv_setcon_param],
    [AC_COMPILE_IFELSE(
      [AC_LANG_PROGRAM(
         [[
 #include <selinux/selinux.h>
-int setcon(const security_context_t context);
+int setcon(char *context);
         ]])],
-         [gt_cv_setcon_param='security_context_t'],
+         [lv_cv_setcon_const=''],
-         [gt_cv_setcon_param='const char*'])])
+         [lv_cv_setcon_const='const'])])
-    if test "$gt_cv_setcon_param" = 'const char*'; then
+    AC_DEFINE_UNQUOTED([VIR_SELINUX_CTX_CONST], [$lv_cv_setcon_const],
-       AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
+      [Define to empty or 'const' depending on how SELinux qualifies its
-                          [SELinux uses newer char * for security context])
+       security context parameters])
-    fi
    AC_MSG_CHECKING([SELinux mount point])
    if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then

--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -156,11 +156,7 @@ int getpidcon(pid_t pid, security_context_t *context)
    return getpidcon_raw(pid, context);
 }
-#ifdef SELINUX_CTX_CHAR_PTR
+int setcon_raw(VIR_SELINUX_CTX_CONST char *context)
-int setcon_raw(const char *context)
-#else
-int setcon_raw(security_context_t context)
-#endif
 {
    if (!is_selinux_enabled()) {
        errno = EINVAL;
@@ -169,21 +165,13 @@ int setcon_raw(security_context_t context)
    return setenv("FAKE_SELINUX_CONTEXT", context, 1);
 }
-#ifdef SELINUX_CTX_CHAR_PTR
+int setcon(VIR_SELINUX_CTX_CONST char *context)
-int setcon(const char *context)
-#else
-int setcon(security_context_t context)
-#endif
 {
    return setcon_raw(context);
 }
-#ifdef SELINUX_CTX_CHAR_PTR
+int setfilecon_raw(const char *path, VIR_SELINUX_CTX_CONST char *con)
-int setfilecon_raw(const char *path, const char *con)
-#else
-int setfilecon_raw(const char *path, security_context_t con)
-#endif
 {
    const char *constr = con;
    if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
@@ -194,11 +182,7 @@ int setfilecon_raw(const char *path, security_context_t con)
                    constr, strlen(constr), 0);
 }
-#ifdef SELINUX_CTX_CHAR_PTR
+int setfilecon(const char *path, VIR_SELINUX_CTX_CONST char *con)
-int setfilecon(const char *path, const char *con)
-#else
-int setfilecon(const char *path, security_context_t con)
-#endif
 {
    return setfilecon_raw(path, con);
 }