[4/4] libselinux: declare parameter of security_load_policy(3) const

Commit Message

Christian Göttsche May 20, 2022, 1:08 p.m. UTC

security_load_policy(3) takes a read-only memory address for a binary
policy to be loaded.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 libselinux/include/selinux/selinux.h       | 2 +-
 libselinux/man/man3/security_load_policy.3 | 2 +-
 libselinux/src/load_policy.c               | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

Patch

diff --git a/libselinux/include/selinux/selinux.h b/libselinux/include/selinux/selinux.h
index ae98a92e..47af9953 100644
--- a/libselinux/include/selinux/selinux.h
+++ b/libselinux/include/selinux/selinux.h
@@ -279,7 +279,7 @@  extern int security_validatetrans_raw(const char *scon,
 				      const char *newcon);
 
 /* Load a policy configuration. */
-extern int security_load_policy(void *data, size_t len);
+extern int security_load_policy(const void *data, size_t len);
 
 /* Get the context of an initial kernel security identifier by name.  
    Caller must free via freecon */
diff --git a/libselinux/man/man3/security_load_policy.3 b/libselinux/man/man3/security_load_policy.3
index af561636..b2da0256 100644
--- a/libselinux/man/man3/security_load_policy.3
+++ b/libselinux/man/man3/security_load_policy.3
@@ -5,7 +5,7 @@  security_load_policy \- load a new SELinux policy
 .SH "SYNOPSIS"
 .B #include <selinux/selinux.h>
 .sp
-.BI "int security_load_policy(void *" data ", size_t "len );
+.BI "int security_load_policy(const void *" data ", size_t "len );
 .sp
 .BI "int selinux_mkload_policy(int " preservebools ");"
 .sp
diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
index d8c715ed..17918e8b 100644
--- a/libselinux/src/load_policy.c
+++ b/libselinux/src/load_policy.c
@@ -23,7 +23,7 @@ 
 #define MNT_DETACH 2
 #endif
 
-int security_load_policy(void *data, size_t len)
+int security_load_policy(const void *data, size_t len)
 {
 	char path[PATH_MAX];
 	int fd, ret;