What were you trying to do that didn't work?

As subject

What is the impact of this issue to you?

AVC denial

Please provide the package NVR for which the bug is seen:

selinux-policy-40.13.35-1.el10.noarch
libvirt-11.5.0-1.el10.x86_64
virt-install-5.0.0-1.el10.noarch

How reproducible is this bug?:

100%

Steps to reproduce

1.  Prepare a host with iommu enabled: intel_iommu=on or amd_iommu=on in the kernel cmdline.
   Prepare a pci ethernet for hostdev

18:00.0 Ethernet controller: Broadcom Inc. and subsidiaries NetXtreme BCM5720 Gigabit Ethernet PCIe

1. Create the VM

virt-install --import --transient -n VM --disk none -r 2048 --hostdev pci_0000_18_0_0 --osinfo detect=on,require=off

1. Destroy the VM
   (avc_detector)> virsh destroy VM

Domain 'VM' destroyed
Result: 0 known AVCs and 1 new AVCs got.                                                                                                                                                 
============================================================
See the logs at /tmp/tmp.Q3NKY9VpQY

The avc denial at step3:
type=AVC msg=audit(1752834654.521:12920): avc:  denied  { write } for  pid=1664132 comm="prio-rpc-virtqe" name="driver_override" dev="sysfs" ino=21461 scontext=system_u:system_r:virtqemud_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=file permissive=1

The file for inode number 21461 is /sys/devices/pci0000:16/0000:16:02.0/0000:18:00.0/driver_override

Expected results

As above

Actual results

NO AVC