libselinux: declare avc_open(3) options parameter const

The first parameter of avc_open(3) is a read-only array of options. Signed-off-by: Christian Göttsche <[email protected]>
SELinuxProject · cgzones · Jun 16, 2022 · Jun 16, 2022 · Jun 16, 2022 · Jun 16, 2022
commit aad63240f5c6747b888e57becd55f3daf8946de6
diff --git a/libselinux/include/selinux/avc.h b/libselinux/include/selinux/avc.h
@@ -201,7 +201,7 @@ extern int avc_init(const char *msgprefix,
  * is set to "avc" and any callbacks desired should be specified via
  * selinux_set_callback(). Available options are listed above.
  */
-extern int avc_open(struct selinux_opt *opts, unsigned nopts) selinux_access((read_only, 1, 2)) selinux_nodiscard;
+extern int avc_open(const struct selinux_opt *opts, unsigned nopts) selinux_access((read_only, 1, 2)) selinux_nodiscard;
 
 /**
  * avc_cleanup - Remove unused SIDs and AVC entries.

diff --git a/libselinux/man/man3/avc_open.3 b/libselinux/man/man3/avc_open.3
@@ -10,7 +10,7 @@ avc_open, avc_destroy, avc_reset, avc_cleanup \- userspace SELinux AVC setup and
 .br
 .B #include <selinux/avc.h>
 .sp
-.BI "int avc_open(struct selinux_opt *" options ", unsigned " nopt ");"
+.BI "int avc_open(const struct selinux_opt *" options ", unsigned " nopt ");"
 .sp
 .BI "void avc_destroy(void);"
 .sp

diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
@@ -225,7 +225,7 @@ static int avc_init_internal(const char *prefix,
  return rc;
 }
 
-int avc_open(struct selinux_opt *opts, unsigned nopts)
+int avc_open(const struct selinux_opt *opts, unsigned nopts)
 {
  avc_setenforce = 0;