Created attachment 1943865 [details]
audit.log

Description of problem:

***NOTE:***This appears to be the same issue tracked for RHEL-8 in https://bugzilla.redhat.com/show_bug.cgi?id=2107705.

avc.log reporting denied  { write } for  pid=xxxxx comm="ovs-appctl" for various PIDs related to ovn processes (more details below)


Version-Release number of selected component (if applicable):

kernel: 5.14.0-239.el9.x86_64
openvswitch-selinux-extra-policy-1.0-31.el9fdp.noarch
openvswitch3.0-3.0.0-27.el9fdp.x86_64
ovn22.09-22.09.0-31.el9fdp.x86_64
ovn22.09-central-22.09.0-31.el9fdp.x86_64
ovn22.09-host-22.09.0-31.el9fdp.x86_64


How reproducible:


Steps to Reproduce:
1. Ran memory leak soak beaker job using Valgrind
2. avc.log in job show errors
3.

Actual results:
AVC denied messages

Expected results:
no AVC denied messages

Additional info:

audit.log attached.

Link to sample AVC log from beaker job:
https://beaker-archive.hosts.prod.psi.bos.redhat.com/beaker-logs/2023/01/74728/7472872/13296060/155487890/725124741/avc.log

Link to beaker job:
https://beaker.engineering.redhat.com/jobs/7472872

Link to sos report:
http://netqe-infra01.knqe.lab.eng.bos.redhat.com/sosreports/sosreport-wsfd-advnetlab34-2023-02-13-tullxvh.tar.xz

Link to test script:
https://gitlab.cee.redhat.com/kernel-qe/kernel/-/blob/master/networking/openvswitch/memory_leak_soak/runtest.sh

Link to location in test script where Valgrind is configured:
https://gitlab.cee.redhat.com/kernel-qe/kernel/-/blob/master/networking/openvswitch/memory_leak_soak/runtest.sh#L308