Hello, now this patch no longer appends "*" in the kernel space. I tested this patch on Debian by creating a modified SELinux policy where all genfs rules were followed by a trailing '*" and the new genfs_seclabel_wildcard cap were enabled. Both the new policy with the capability enabled and Debian's default policy without that policy capability made correct labels. > + bool wildcard = 0; I overlooked that this should be `= true`. I can fix it.
