From 26f47e6a90ea8cc2734e175ed3f5380cd01289f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <cbosdonnat@suse.com>
Date: Wed, 28 May 2014 14:44:08 +0200
Subject: [PATCH] build: fix build with libselinux 2.3

Several function signatures changed in libselinux 2.3, now taking
a 'const char *' instead of 'security_context_t'.  The latter is
defined in selinux/selinux.h as

  typedef char *security_context_t;

Signed-off-by: Eric Blake <eblake@redhat.com>
(cherry picked from commit 292d3f2d38e8faca075ababcb652f2e090b745b2)
---
 m4/virt-selinux.m4            | 17 ++++++++++++++++-
 tests/securityselinuxhelper.c | 16 ++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/m4/virt-selinux.m4 b/m4/virt-selinux.m4
index 003c2a8685..1d899d5bea 100644
--- a/m4/virt-selinux.m4
+++ b/m4/virt-selinux.m4
@@ -1,6 +1,6 @@
 dnl The libselinux.so library
 dnl
-dnl Copyright (C) 2012-2013 Red Hat, Inc.
+dnl Copyright (C) 2012-2014 Red Hat, Inc.
 dnl
 dnl This library is free software; you can redistribute it and/or
 dnl modify it under the terms of the GNU Lesser General Public
@@ -28,6 +28,21 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
     [with_selinux_mount=check])
 
   if test "$with_selinux" = "yes"; then
+    # libselinux changed signatures between 2.2 and 2.3
+    AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
+    [AC_COMPILE_IFELSE(
+      [AC_LANG_PROGRAM(
+         [[
+#include <selinux/selinux.h>
+int setcon(const security_context_t context);
+         ]])],
+         [gt_cv_setcon_param='security_context_t'],
+         [gt_cv_setcon_param='const char*'])])
+    if test "$gt_cv_setcon_param" = 'const char*'; then
+       AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
+                          [SELinux uses newer char * for security context])
+    fi
+
     AC_MSG_CHECKING([SELinux mount point])
     if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then
       if test -d /sys/fs/selinux ; then
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
index dbc4c29563..af4fae4ddc 100644
--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -156,7 +156,11 @@ int getpidcon(pid_t pid, security_context_t *context)
     return getpidcon_raw(pid, context);
 }
 
+#ifdef SELINUX_CTX_CHAR_PTR
+int setcon_raw(const char *context)
+#else
 int setcon_raw(security_context_t context)
+#endif
 {
     if (!is_selinux_enabled()) {
         errno = EINVAL;
@@ -165,13 +169,21 @@ int setcon_raw(security_context_t context)
     return setenv("FAKE_SELINUX_CONTEXT", context, 1);
 }
 
+#ifdef SELINUX_CTX_CHAR_PTR
+int setcon(const char *context)
+#else
 int setcon(security_context_t context)
+#endif
 {
     return setcon_raw(context);
 }
 
 
+#ifdef SELINUX_CTX_CHAR_PTR
+int setfilecon_raw(const char *path, const char *con)
+#else
 int setfilecon_raw(const char *path, security_context_t con)
+#endif
 {
     const char *constr = con;
     if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
@@ -182,7 +194,11 @@ int setfilecon_raw(const char *path, security_context_t con)
                     constr, strlen(constr), 0);
 }
 
+#ifdef SELINUX_CTX_CHAR_PTR
+int setfilecon(const char *path, const char *con)
+#else
 int setfilecon(const char *path, security_context_t con)
+#endif
 {
     return setfilecon_raw(path, con);
 }
-- 
GitLab