ANSSI hardening profile and SELinux prevents booting a fresh install

I've been scratching my head for some time trying to get to the bottom of an issue.
We want to install some RHEL systems (using 8.8) and would like to apply the ANSSI high level hardening profile.
In doing this, you have to define multiple mount points for separation and security, which I have done.

I also want to use ext4 as the file system instead of xfs which is the new default to allow easier management of the sizing (ability to reduce partition if unused space).

However, if I do a fresh install with the multiple mount points defined as per the ANSSI high level profile, the system will not boot. I am left at the emergency console.

Looking at journalctl -xb, it shows that either /boot or /boot/efi cannot be mounted because the file system is unknown!

Not understanding why this is the case, out of curiosity, I changed selinux to permissive instead of the default enforced setting. Upon a reboot, the system works fine!

It feels like the combination of the hardening profile and selinux sets some security settings meaning the drivers aren't available causing the file system to be unknown. I did see at some point some 1400 logs in the audit, but cannot seem to find them now.

Any suggestions on how to solve this?