What does the fields "MountLabel" and "ProcessLabel" mean in docker inspect

Question

When executing the command docker inspect <container id>, we get the output include the many fields. But I can't find out the meaning of MountLabel and ProcessLabel.

I get an annotation from the source code :

// MountLabel contains the options for the 'mount' command 

and some example from RedHat:

# buildah inspect myecho-working-container | less
{
    "type": "buildah 0.0.1",
    "image": "docker.io/library/myecho:latest",
    "image-id": "e2b190ac8a37737ec03cfa4c9bfd989845b9bec3aa81ff48d8350d7418d748f6",
    "config": "eyJjcmV...
    "container-name": "myecho-working-container",
    "container-id": "70f22e886310bba26bb57ca7afa39fd19af2791c4c66067cb6206b7c3ebdcd20",
    "process-label": "system_u:system_r:svirt_lxc_net_t:s0:c225,c716",
    "mount-label": "system_u:object_r:svirt_sandbox_file_t:s0:c225,c716",
    "ociv1": {
        "created": "2017-10-12T15:15:00.207103Z",
        "author": "Red Hat, Inc.",
        "architecture": "amd64",

and the definition of the Container type which has those two fields from fsouza/go-dockerclient

But I still can't figure out the meaning of those two fields, MountLabel and ProcessLabel.