diff --git a/m4/virt-selinux.m4 b/m4/virt-selinux.m4
index 1d899d5bea..2764a304d7 100644
--- a/m4/virt-selinux.m4
+++ b/m4/virt-selinux.m4
@@ -29,19 +29,18 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
 
   if test "$with_selinux" = "yes"; then
     # libselinux changed signatures between 2.2 and 2.3
-    AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
+    AC_CACHE_CHECK([for selinux setcon parameter type], [lv_cv_setcon_param],
     [AC_COMPILE_IFELSE(
       [AC_LANG_PROGRAM(
          [[
 #include <selinux/selinux.h>
-int setcon(const security_context_t context);
+int setcon(char *context);
          ]])],
-         [gt_cv_setcon_param='security_context_t'],
-         [gt_cv_setcon_param='const char*'])])
-    if test "$gt_cv_setcon_param" = 'const char*'; then
-       AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
-                          [SELinux uses newer char * for security context])
-    fi
+         [lv_cv_setcon_const=''],
+         [lv_cv_setcon_const='const'])])
+    AC_DEFINE_UNQUOTED([VIR_SELINUX_CTX_CONST], [$lv_cv_setcon_const],
+      [Define to empty or 'const' depending on how SELinux qualifies its
+       security context parameters])
 
     AC_MSG_CHECKING([SELinux mount point])
     if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
index af4fae4ddc..1252c15d32 100644
--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -156,11 +156,7 @@ int getpidcon(pid_t pid, security_context_t *context)
     return getpidcon_raw(pid, context);
 }
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setcon_raw(const char *context)
-#else
-int setcon_raw(security_context_t context)
-#endif
+int setcon_raw(VIR_SELINUX_CTX_CONST char *context)
 {
     if (!is_selinux_enabled()) {
         errno = EINVAL;
@@ -169,21 +165,13 @@ int setcon_raw(security_context_t context)
     return setenv("FAKE_SELINUX_CONTEXT", context, 1);
 }
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setcon(const char *context)
-#else
-int setcon(security_context_t context)
-#endif
+int setcon(VIR_SELINUX_CTX_CONST char *context)
 {
     return setcon_raw(context);
 }
 
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setfilecon_raw(const char *path, const char *con)
-#else
-int setfilecon_raw(const char *path, security_context_t con)
-#endif
+int setfilecon_raw(const char *path, VIR_SELINUX_CTX_CONST char *con)
 {
     const char *constr = con;
     if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
@@ -194,11 +182,7 @@ int setfilecon_raw(const char *path, security_context_t con)
                     constr, strlen(constr), 0);
 }
 
-#ifdef SELINUX_CTX_CHAR_PTR
-int setfilecon(const char *path, const char *con)
-#else
-int setfilecon(const char *path, security_context_t con)
-#endif
+int setfilecon(const char *path, VIR_SELINUX_CTX_CONST char *con)
 {
     return setfilecon_raw(path, con);
 }