I am writing a new device in QEMU, which opens and reads from Netlink socket from the hypervisor. I need this Netlink socket to support migration of connection tracking entries during VM Live migration.

If I am using QEMU command directly to launch the VM, then any operation on Netlink socket works fine. But, If I am using libvirt to create the VM and attaching the device, then I am getting permission denied error. As I found out that this is related to SElinux, I added the svirt_t context as permissive "semanage permissive  -a svirt_t". With this, I am not receiving permission denied error, instead i am receiving "operation not permitted" error. 

I changed the user and group field in libvirtd/qemu.conf to root/root. But still, I am facing the same problem.

Any suggestions to overcome this?

--