I'm trying to find a way of labeling specific files/directories in sysfs that do not exist at boot time. I'm running an embedded SELinux enabled system (4.1 series kernel) where at boot there is an init script performing a restorecon on /sys. Sometime later a usb cellular modem is powered on and enumerated at which point the it's sysfs sub-directory structure is added. This directory path is correctly getting my custom label via restorecon during boot /sys/devices/platform/xxxx/yyyy/fsl-ehci.0/usb1/ After the cellular modem is powered on the following directory structure is created. /sys/devices/platform/xxxx/yyyy/fsl-ehci.0/usb1/1-1/1-1:1.10/net/wwan1/qmi Everything "1-1" and lower that is getting the "default" sysfs_t label. Is there a method of labeling that newly added sub-directory structure other than running restorecond or restorecon again? I specifically need to control access to the "qmi" file. I've tried adding a genfscon to the policy but it doesn't seem to work although I don't know if it's suppose to. Any advice would be appreciated.
