selinux: add mount label for rootfs

Signed-off-by: wujing <wujing50@huawei.com>

series.conf

@@ -1,69 +1,2 @@
-0001-iSulad-add-HAVE_ISULAD-macro.patch
+0001-huawei-adapt-to-huawei-4.0.3.patch
-0002-confile-add-lxc.isulad.init.args-config-interface.patch
+0002-add-mount-label-for-rootfs.patch
-0003-confile-add-lxc.isulad.populate.device-interface.patch
-0004-confile-add-support-umask.patch
-0005-cgroup-refact-cgroup-implemt.patch
-0006-modify-container-exit-code-and-stop-signal.patch
-0007-check-and-save-pid-info-file.patch
-0008-support-block-device-as-rootfs.patch
-0009-support-mount-squashfs-in-mount-entry.patch
-0010-IO-refact-terminal-progress.patch
-0011-add-exit-fifo-to-monitor-state-of-lxc-monitor.patch
-0012-Adapt-to-isulad-log.patch
-0013-set-env-in-container.patch
-0014-exec-refact-attach-progress.patch
-0015-add-masked-paths-and-readonly-paths.patch
-0016-start-separate-i-and-t.patch
-0017-attach-add_terminal_fifos-Add-terminal-fifos-dynamic.patch
-0018-pty-setup-pty-after-setup-rootfs-mount-options.patch
-0019-resize-implement-resize-function-in-exec-start.patch
-0020-confile-decode-escape-charactors-in-config.patch
-0021-cgroup-add-retry-for-destory-cgroups.patch
-0022-support-terminal-log.patch
-0023-Supporting-rootfs-mount-propagation.patch
-0024-start-do-not-check-ppid-when-set-death-signal.patch
-0025-support-oci-hooks.patch
-0026-Supporting-UID-GID-configuration.patch
-0027-Capabilites-security-feature-enhanced.patch
-0028-Supporting-workdir-configuration.patch
-0029-Supporting-additional-groups-configuration.patch
-0030-set-negative-files.limit-value-to-max.patch
-0031-head-file-remove-macro-HAVE_ISULAD-in-installed-head.patch
-0032-link-proc-mounts-to-etc-mtab.patch
-0033-build-add-secure-build-flags.patch
-0034-support-timeout.patch
-0035-Seccomp-security-feature-enhanced.patch
-0036-Security-coding-modification.patch
-0037-cgfsng-fix-build-error-device_cgroup_rule_parse.patch
-0038-Ignore-errors-when-loading-rules-fail.patch
-0039-net-adapt-to-isulad.patch
-0040-cgfsng-make-container-full-path-in-cgfsng_get_cgroup.patch
-0041-build-fix-some-bug-in-free-memory.patch
-0042-cgfsng-make-container-full-path-in-destory-cgroup.patch
-0043-support-error-report.patch
-0044-remove-filelock-in-destroy-dir.patch
-0045-restore-default-signal-handler.patch
-0046-add-support-systemd.patch
-0047-support-namespaced-kernel-params-can-be-changed-in-s.patch
-0048-don-t-use-the-unified-hierarchy-for-the-systemd-cgro.patch
-0049-make-dev-bind-mount-from-host-tmpfs-for-system-conta.patch
-0050-clean-add-init-fd-in-lxc_init_clean_handler.patch
-0051-init-pids-add-init-fd-in-lxc_init_pids_handler.patch
-0052-setupdev-add-judge-whether-have-mount-dev-entry.patch
-0053-attach-seprate-i-and-t-flags.patch
-0054-start-do-not-check-pid-die-when-lxc_poll-exit.patch
-0055-terminal-not-close-pipe-when-lxc_poll-exit.patch
-0056-attach-add-sigfd-to-monitor-the-exit-of-pid.patch
-0057-attach-add-read-data-from-attach-sigfd.patch
-0058-support-syslog-for-console.patch
-0059-set-state-to-stopped.patch
-0060-attach-append-error-msg-when-call-attach-failed.patch
-0061-mount-fix-symlink-error-use-parsed-path.patch
-0062-change-log-level-of-seccomp-setup.patch
-0063-hook-fix-memeory-leak.patch
-0064-termainal-fix-console-log-memory-leak.patch
-0065-lxc-disable-terminal-stdout-stderr-pipe-O_NONBLOCK.patch
-0066-lxc-fix-tests-build-error.patch
-0067-set-normal-ret-value-when-populate-exist-device-successfully.patch
-0068-lxc-config-default-cgroup-pattern-to-lxc-n.patch
-0069-rootfs-support-use-host-rootfs-as-container-rootfs.patch