On Sat, Jun 8, 2024 at 1:20 PM Christian Göttsche
<cgoettsche@xxxxxxxxxxxxx> wrote:
>
> From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> The option array passed to avc_open(3) is only read from.
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> libselinux/include/selinux/avc.h | 2 +-
> libselinux/man/man3/avc_open.3 | 2 +-
> libselinux/src/avc.c | 2 +-
> 3 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/libselinux/include/selinux/avc.h b/libselinux/include/selinux/avc.h
> index 4bbd2382..1f79ba16 100644
> --- a/libselinux/include/selinux/avc.h
> +++ b/libselinux/include/selinux/avc.h
> @@ -215,7 +215,7 @@ extern int avc_init(const char *msgprefix,
> * is set to "avc" and any callbacks desired should be specified via
> * selinux_set_callback(). Available options are listed above.
> */
> -extern int avc_open(struct selinux_opt *opts, unsigned nopts);
> +extern int avc_open(const struct selinux_opt *opts, unsigned nopts);
>
> /**
> * avc_cleanup - Remove unused SIDs and AVC entries.
> diff --git a/libselinux/man/man3/avc_open.3 b/libselinux/man/man3/avc_open.3
> index 55683bb6..74f85593 100644
> --- a/libselinux/man/man3/avc_open.3
> +++ b/libselinux/man/man3/avc_open.3
> @@ -10,7 +10,7 @@ avc_open, avc_destroy, avc_reset, avc_cleanup \- userspace SELinux AVC setup and
> .br
> .B #include <selinux/avc.h>
> .sp
> -.BI "int avc_open(struct selinux_opt *" options ", unsigned " nopt ");"
> +.BI "int avc_open(const struct selinux_opt *" options ", unsigned " nopt ");"
> .sp
> .BI "void avc_destroy(void);"
> .sp
> diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
> index ce87ac16..7af5d192 100644
> --- a/libselinux/src/avc.c
> +++ b/libselinux/src/avc.c
> @@ -225,7 +225,7 @@ static int avc_init_internal(const char *prefix,
> return rc;
> }
>
> -int avc_open(struct selinux_opt *opts, unsigned nopts)
> +int avc_open(const struct selinux_opt *opts, unsigned nopts)
> {
> avc_setenforce = 0;
>
> --
> 2.45.1
>
>
