libselinux: explicitly ignore return values

Tell GCC, see [1], to actually no issue warnings about explicitly
ignored return values.

Also explicitly ignored return values in cleanup handlers.

    togglesebool.c: In function ‘rollback’:
    togglesebool.c:18:17: error: ignoring return value of ‘security_set_boolean’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
       18 |                 security_set_boolean(argv[i],
          |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       19 |                                      security_get_boolean_active(argv[i]));
          |                                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    load_policy.c: In function ‘selinux_init_load_policy’:
    load_policy.c:329:17: error: ‘security_disable’ is deprecated: SELinux runtime disable is deprecated [-Werror=deprecated-declarations]
      329 |                 rc = security_disable();
          |                 ^~

    booleans.c: In function ‘rollback’:
    booleans.c:332:17: error: ignoring return value of ‘security_set_boolean’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
      332 |                 security_set_boolean(boollist[i].name,
          |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      333 |                                      security_get_boolean_active(boollist[i].
          |                                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      334 |                                                                  name));
          |                                                                  ~~~~~~

    checkAccess.c: In function ‘selinux_check_access’:
    checkAccess.c:42:16: error: ignoring return value of ‘selinux_status_updated’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
       42 |         (void) selinux_status_updated();
          |                ^~~~~~~~~~~~~~~~~~~~~~~~

    avc.c: In function ‘avc_has_perm_noaudit’:
    avc.c:761:24: error: ignoring return value of ‘selinux_status_updated’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
      761 |                 (void) selinux_status_updated();
          |                        ^~~~~~~~~~~~~~~~~~~~~~~~

[1]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425

Signed-off-by: Christian Göttsche <[email protected]>

Author: cgzones

libselinux/src/avc.c

@@ -757,7 +757,7 @@ int avc_has_perm_noaudit(security_id_t ssid,
 		avd_init(avd);
 
 	if (!avc_using_threads && !avc_app_main_loop) {
-		(void) selinux_status_updated();
+		(void)! selinux_status_updated();
 	}
 
 	if (!aeref) {

libselinux/src/booleans.c

@@ -327,7 +327,7 @@ static void rollback(SELboolean * boollist, int end)
 	int i;
 
 	for (i = 0; i < end; i++)
-		security_set_boolean(boollist[i].name,
+		(void)! security_set_boolean(boollist[i].name,
 				     security_get_boolean_active(boollist[i].
 								 name));
 }

libselinux/src/checkAccess.c

@@ -39,7 +39,7 @@ int selinux_check_access(const char *scon, const char *tcon, const char *class,
 	if (rc < 0)
 		return rc;
 
-	(void) selinux_status_updated();
+	(void)! selinux_status_updated();
 
        sclass = string_to_security_class(class);
        if (sclass == 0) {

libselinux/src/load_policy.c

@@ -238,7 +238,7 @@ int selinux_init_load_policy(int *enforce)
 	 * Get desired mode (disabled, permissive, enforcing) from 
 	 * /etc/selinux/config. 
 	 */
-	selinux_getenforcemode(&seconfig);
+	(void)! selinux_getenforcemode(&seconfig);
 
 	/* Check for an override of the mode via the kernel command line. */
 	rc = mount("proc", "/proc", "proc", 0, 0);

libselinux/utils/togglesebool.c

@@ -15,7 +15,7 @@ static __attribute__ ((__noreturn__)) void rollback(int argc, char **argv)
 	int i;
 
 	for (i = 1; i < argc; i++)
-		security_set_boolean(argv[i],
+		(void)! security_set_boolean(argv[i],
 				     security_get_boolean_active(argv[i]));
 	exit(1);
 }