Merge pull request #54696 from ousleyp/selinux-pr-2

CNV-20962: follow-up PR for SELinux in 4.12

Author: ousleyp

modules/virt-extended-selinux-policies-for-virt-launcher.adoc

@@ -34,4 +34,13 @@ Without this policy, any attempt to relay network debug messages is blocked. Thi
 
 ** `allow process nfs_t (dir (mounton))`
 ** `allow process proc_t (dir (mounton))`
-** `allow process proc_t (filesystem (mount unmount))`
+** `allow process proc_t (filesystem (mount unmount))`
+
+* The following policy is inherited from upstream Kubevirt, where it enables `passt` networking:
+
+** `allow process tmpfs_t (filesystem (mount))`
+
+[NOTE]
+====
+{VirtProductName} does not support `passt` at this time.
+====