selinux: reload label db on policy load with libselinux 3.2
Currently the label database is not reloaded with libselinux 3.2 on a
policy reload.
Since libselinux 3.2 avc_open(3) uses the SELinux status page instead of
a netlink socket to check for policy reloads.
The status page is also queried in mac_selinux_maybe_reload().
Thus calls to selinux_check_access(3) might consume an update, queried
by selinux_status_updated(3), leaving mac_selinux_maybe_reload() unable
to detect a policy reload.
Do not use selinux_status_updated(3), use selinux_status_policyload(3)
unconditionally.
Relevant libselinux commit: https://github.com/SELinuxProject/selinux/commit/05bdc03130d741e53e1fb45a958d0a2c184be503
Debian Bullseye is going to ship libselinux 3.1, so stay compatible for
backports.
(cherry picked from commit c46c76881144271b9a18842e086d1318febdb372)