I couldn't find the answer to this question before reading: getenforce source code. I just wanted to get the mode of selinux so I would know in runtime if selinux is enforcing and spamming avc denials because gdb is reading: gdb avc denial bug.
I have no intention of fixing it so the solution I thought of was to warn the user if selinux is in enforcing mode. I was checking if selinux is enabled with is_selinux_enabled() from selinux.h. But the problem is selinux could also be in Permissive mode which isn't an issue for denials since it only warns the user rather than killing the process.
How to check if selinux is in enforcing or permissive mode?
To see the mode selinux is currently using:
#include <selinux/selinux.h>
if (is_selinux_enabled())
return security_getenforce();
link with -lselinux