As the use of SELinux expands in Enterprise environments customers are requesting the ability to use SELinux with their NFS based network storage.The labeled-nfs project seeks to extend the NFSv4 protocol to provide a generic mechanism for conveying process and file MAC security attribute information for use by security mechanisms employed on the client and server. This presentation explores the design and implementation for the labeled-nfs effort. We discuss why certain design decisions were made and what impact they have on the implementation of NFS in the Linux kernel and NFS userland infrastructure. Finally we discuss on going efforts working with the IETF to turn the labeled-nfs modifications into an open standard. This presentation contains content for system administrators as well as kernel developers and is accessible to a wide range of attendants.