diff --git a/PrivateVolume.cpp b/PrivateVolume.cpp
index a1bbb3b..74b6b5b 100644
--- a/PrivateVolume.cpp
+++ b/PrivateVolume.cpp
@@ -137,6 +137,24 @@ status_t PrivateVolume::doMount() {
         return -EIO;
     }
 
+    LOG(VERBOSE) << "Starting restorecon of " << mPath;
+
+    // TODO: find a cleaner way of waiting for restorecon to finish
+    property_set("selinux.restorecon_recursive", "");
+    property_set("selinux.restorecon_recursive", mPath.c_str());
+
+    char value[PROPERTY_VALUE_MAX];
+    while (true) {
+        property_get("selinux.restorecon_recursive", value, "");
+        if (strcmp(mPath.c_str(), value) == 0) {
+            break;
+        }
+        sleep(1);
+        LOG(VERBOSE) << "Waiting for restorecon...";
+    }
+
+    LOG(VERBOSE) << "Finished restorecon of " << mPath;
+
     // Verify that common directories are ready to roll
     if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||
             PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
@@ -147,8 +165,6 @@ status_t PrivateVolume::doMount() {
         return -EIO;
     }
 
-    // TODO: restorecon all the things!
-
     // Create a new emulated volume stacked above us, it will automatically
     // be destroyed during unmount
     std::string mediaPath(mPath + "/media");