Looks like SELinux policy needs to be updated. Moving to selinux-policy.

#============= hypervkvp_t ==============
allow hypervkvp_t shell_exec_t:file { execute execute_no_trans };

commit 2ac054e78639212deb1522cbfa2922b76e082e44
Author: Miroslav Grepl <mgrepl>
Date:   Fri Jan 10 10:03:33 2014 +0100

    Allow hyperv domains to execute shell



#!!!! This avc is allowed in the current policy
allow hypervkvp_t sysfs_t:dir read;

#!!!! This avc is allowed in the current policy
allow hypervkvp_t sysfs_t:lnk_file read;

selinux-policy-3.12.1-116.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-116.fc20

Package selinux-policy-3.12.1-116.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-116.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2014-0806/selinux-policy-3.12.1-116.fc20
then log in and leave karma (feedback).

I'm not sure if this new package fixes all the problems. Just after upgrading dmesg contains the following:

[  236.231060] SELinux: 2048 avtab hash slots, 96052 rules.
[  236.246955] SELinux:  8 users, 83 roles, 4690 types, 268 bools, 1 sens, 1024 cats
[  236.246959] SELinux:  83 classes, 96052 rules
[  236.271322] SELinux:  Context system_u:unconfined_r:udev_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.278655] SELinux:  Context system_u:unconfined_r:load_policy_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.287849] SELinux:  Context unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.295304] SELinux:  Context unconfined_u:unconfined_r:depmod_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.326614] SELinux:  Context system_u:unconfined_r:bootloader_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.337903] SELinux:  Context system_u:unconfined_r:semanage_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.347164] SELinux:  Context unconfined_u:unconfined_r:udev_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.354530] SELinux:  Context unconfined_u:unconfined_r:load_policy_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.367445] SELinux:  Context system_u:unconfined_r:useradd_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.401063] SELinux:  Context unconfined_u:unconfined_r:bootloader_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.411502] SELinux:  Context unconfined_u:unconfined_r:semanage_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.441352] SELinux:  Context unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.442991] SELinux:  Context system_u:unconfined_r:rpm_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.491249] SELinux:  Context system_u:unconfined_r:setsebool_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.513519] SELinux:  Context unconfined_u:unconfined_r:rpm_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.565027] SELinux:  Context unconfined_u:unconfined_r:setsebool_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.589059] SELinux:  Context system_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.664488] SELinux:  Context unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.678955] SELinux:  Context system_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 would be invalid if enforcing
[  236.687638] SELinux:  Context system_u:unconfined_r:depmod_t:s0-s0:c0.c1023 would be invalid if enforcing
[  245.161601] audit_printk_skb: 348 callbacks suppressed

After rebooting, logging in, running systemctl restart hypervkvpd.service, and then running (Get-VM Fed*20).NetworkAdapters on the Windows host and looking at dmesg on the Fedora guest the following were present:

[  139.097720] type=1400 audit(1389783371.270:17): avc:  denied  { read } for  pid=937 comm="sh" name="meminfo" dev="proc" ino=4026532027 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
[  139.103667] type=1400 audit(1389783371.278:18): avc:  denied  { open } for  pid=937 comm="sh" path="/proc/meminfo" dev="proc" ino=4026532027 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
[  139.110037] type=1400 audit(1389783371.285:19): avc:  denied  { getattr } for  pid=937 comm="sh" path="/proc/meminfo" dev="proc" ino=4026532027 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
[  139.117084] type=1400 audit(1389783371.291:20): avc:  denied  { read } for  pid=937 comm="sh" name="passwd" dev="sda1" ino=19041 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file
[  139.123566] type=1400 audit(1389783371.298:21): avc:  denied  { open } for  pid=937 comm="sh" path="/etc/passwd" dev="sda1" ino=19041 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file
[  139.129993] type=1400 audit(1389783371.305:22): avc:  denied  { getattr } for  pid=937 comm="sh" path="/etc/passwd" dev="sda1" ino=19041 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file
[  139.137538] type=1400 audit(1389783371.312:23): avc:  denied  { getattr } for  pid=938 comm="sh" path="/usr/sbin/ip" dev="sda1" ino=7460 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:ifconfig_exec_t:s0 tclass=file
[  139.144421] type=1400 audit(1389783371.318:24): avc:  denied  { execute } for  pid=939 comm="sh" name="gawk" dev="sda1" ino=5092 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file
[  139.151072] type=1400 audit(1389783371.325:25): avc:  denied  { execute } for  pid=938 comm="sh" name="ip" dev="sda1" ino=7460 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:ifconfig_exec_t:s0 tclass=file
[  139.157575] type=1400 audit(1389783371.332:26): avc:  denied  { execute_no_trans } for  pid=939 comm="sh" path="/usr/bin/gawk" dev="sda1" ino=5092 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file

Sitsofe ,
there is a bug in the policy causes all these dmesg issues. I am also fixing hypervkvp_t issues. Thank you.

selinux-policy-3.12.1-116.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Wait, stop! :-)

As there are still acknowledged problems with selinux-policy-3.12.1-116.fc20  I'm going to reopen this (hopefully I'm doing the right thing)...

(Brief aside: It would be really helpful if the URL for selinux-policy-targeted said something like https://git.fedorahosted.org/cgit/selinux-policy.git/?h=master_contrib as this is effectively what the package is built from and you can see commits for patches that might not be in the RPM changelog...)

Pllease run

# yum update selinux-policy-targeted --enablerepo=updates-testing

Seemingly still not fixed:

# rpm -q selinux-policy-targeted 
selinux-policy-targeted-3.12.1-117.fc20.noarch

# dmesg | grep avc.*hyperv
[   24.915769] type=1400 audit(1389949436.498:213): avc:  denied  { read } for  pid=1044 comm="sh" name="meminfo" dev="proc" ino=4026532027 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
[   24.915926] type=1400 audit(1389949436.498:214): avc:  denied  { open } for  pid=1044 comm="sh" path="/proc/meminfo" dev="proc" ino=4026532027 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
[   24.916098] type=1400 audit(1389949436.498:215): avc:  denied  { getattr } for  pid=1044 comm="sh" path="/proc/meminfo" dev="proc" ino=4026532027 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file
[   24.917206] type=1400 audit(1389949436.499:216): avc:  denied  { read } for  pid=1044 comm="sh" name="passwd" dev="sda1" ino=19041 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file
[   24.917408] type=1400 audit(1389949436.500:217): avc:  denied  { open } for  pid=1044 comm="sh" path="/etc/passwd" dev="sda1" ino=19041 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file
[   24.917576] type=1400 audit(1389949436.500:218): avc:  denied  { getattr } for  pid=1044 comm="sh" path="/etc/passwd" dev="sda1" ino=19041 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:passwd_file_t:s0 tclass=file
[   24.919983] type=1400 audit(1389949436.502:219): avc:  denied  { read } for  pid=1045 comm="ip" name="unix" dev="proc" ino=4026532002 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file

(I can no longer move this bug back to assigned)

commit adfc136aabbebb9895db6fb7ece3b7af5b81d970
Author: Miroslav Grepl <mgrepl>
Date:   Fri Jan 17 10:23:55 2014 +0100

    Allow hypervkvp to reat system states, passwd file and network states.

Miroslav:
I'm sorry to say we're not quite done as Hyper-V change/set IP addresses of a guest VM through hypervkvpd. I don't use this functionality myself but I guess better to report it now rather than later...

On the Windows host run some powershell like the following:
# Adapted from http://blogs.technet.com/b/virtualization/archive/2012/05/29/inject-ip-address-into-the-vm-during-failover.aspx
# In 2012 R2 you can’t use Set-VMNetworkAdapter to change a VM’s IP address so use WMI
$vm = Get-WmiObject -Namespace 'root\virtualization\v2' -Class 'Msvm_ComputerSystem' | Where-Object { $_.ElementName -eq “Fedora20" }
$VMSettings = $vm.GetRelated('Msvm_VirtualSystemSettingData') | Where-Object { $_.VirtualSystemType -eq 'Microsoft:Hyper-V:System:Realized' }
$VMNetAdapters = $VMSettings.GetRelated('Msvm_SyntheticEthernetPortSettingData’)

$NetworkConfigurations = @()
foreach ($NetAdapter in $VMNetAdapters) {
$NetworkConfigurations +=$NetAdapter.GetRelated("Msvm_GuestNetworkAdapterConfiguration”)
# Need to fix up IPV6 subnets because the data we get out of the 3.12 hypervkvpd cannot be fed back in to Hyper-V (why did no one test round tripping Hyper-V data?)
$NetworkConfigurations[-1].Subnets = $NetworkConfigurations[-1].Subnets | % {$_.TrimStart("/")}
}
# Arbitrarily change the first adapter’s address to 192.168.0.200 (assumes first adapter’s first address was an IPv4 address)
$IPAddresses = $NetworkConfigurations[0].IPAddresses
$IPAddresses[0] = “192.168.0.200"
$NetworkConfigurations[0].IPAddresses = $IPAddresses
$NetworkConfigurations[0].DHCPEnabled = $false
 
$Service = Get-WmiObject -Class "Msvm_VirtualSystemManagementService" -Namespace "root\virtualization\v2”
$setIP = $Service.SetGuestNetworkAdapterConfiguration($VM, $NetworkConfigurations.GetText(1))
# Print out error messages if it looks like something went wrong
if ($setIP.ReturnValue -eq 4096) { ([wmi]$setIP.Job) }

(The above was surprisingly painful to find out)

This produced the following (but different runs seems to produce different output e.g. some mention sysctl):
[  192.854521] type=1400 audit(1389961995.617:635): avc:  denied  { read } for  pid=2025 comm="ip" name="unix" dev="proc" ino=4026532002 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:proc_net_t:s0 tclass=file
[  193.228282] type=1400 audit(1389961995.990:636): avc:  denied  { write } for  pid=2097 comm="cp" name="ifcfg-eth0" dev="sda1" ino=15131 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:net_conf_t:s0 tclass=file
[  193.243497] type=1400 audit(1389961996.006:637): avc:  denied  { search } for  pid=2104 comm="mountpoint" name="/" dev="tmpfs" ino=1146 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
[  193.243776] type=1400 audit(1389961996.006:638): avc:  denied  { getattr } for  pid=2104 comm="mountpoint" path="/sys/fs/cgroup/systemd" dev="cgroup" ino=1148 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:cgroup_t:s0 tclass=dir
[  198.698825] audit_printk_skb: 501 callbacks suppressed
[  198.698874] type=1400 audit(1389962001.460:806): avc:  denied  { read } for  pid=2605 comm="pidof" name="stat" dev="proc" ino=12195 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file
[  198.699030] type=1400 audit(1389962001.460:807): avc:  denied  { open } for  pid=2605 comm="pidof" path="/proc/2/stat" dev="proc" ino=12195 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file
[  198.705775] type=1400 audit(1389962001.467:808): avc:  denied  { getattr } for  pid=2605 comm="pidof" path="/proc/2/stat" dev="proc" ino=12195 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file
[  238.604568] type=1400 audit(1389962041.364:809): avc:  denied  { read } for  pid=2886 comm="cat" name="dhclient-eth0.pid" dev="tmpfs" ino=19243 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file
[  238.613210] type=1400 audit(1389962041.373:810): avc:  denied  { signal } for  pid=2837 comm="ifdown-eth" scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:system_r:hypervkvp_t:s0 tclass=process
[  238.669281] type=1400 audit(1389962041.429:811): avc:  denied  { unlink } for  pid=2905 comm="rm" name="dhclient-eth0.pid" dev="tmpfs" ino=19243 scontext=system_u:system_r:hypervkvp_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file

No problem. Really thank you for testing.

This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '20'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 20 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Fedora 20 changed to end-of-life (EOL) status on 2015-06-23. Fedora 20 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.