When doing a basic jls -n, jls(8) will jailparam_get() the mac.label
for every jail on the system using the same set of jailparams, and thus
the same jp_value. We only init the mac_t the first time, so the first
jail would populate it with ? from /etc/mac.conf and the resulting
jail_get(2) would clobber it with the empty string, then a second jail
would try to pass the empty string to the kernel and fail because it
must have a non-zero length.

Fix it by invoking jps_get() every time. Drop some comments to note
that jps_get() will be invoked with zero || garbage from previous call,
and be sure that we don't leak our previous mac_t. There aren't any
other jps_get implementations at this time, so this shouldn't cause any
unexpected problems.

Reported by: ivy