Allow virtqemud relabel tun_socket

The commit addresses the following AVC denial:
type=PROCTITLE msg=audit(12/16/2024 03:49:11.325:19674) : proctitle=/usr/sbin/virtqemud --timeout 120
type=AVC msg=audit(12/16/2024 03:49:11.325:19674) : avc:  denied  { relabelfrom } for  pid=500526 comm=rpc-virtqemud scontext=system_u:system_r:virtqemud_t:s0 tcontext=system_u:system_r:virtqemud_t:s0 tclass=tun_socket permissive=1
type=AVC msg=audit(12/16/2024 03:49:11.325:19674) : avc:  denied  { relabelto } for  pid=500526 comm=rpc-virtqemud scontext=system_u:system_r:virtqemud_t:s0 tcontext=system_u:system_r:virtqemud_t:s0 tclass=tun_socket permissive=1
type=SYSCALL msg=audit(12/16/2024 03:49:11.325:19674) : arch=aarch64 syscall=ioctl success=yes exit=0 a0=0x1a a1=0x400454ca a2=0xffffa57dd800 a3=0x0 items=0 ppid=1 pid=500526 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=rpc-virtqemud exe=/usr/sbin/virtqemud subj=system_u:system_r:virtqemud_t:s0 key=(null)

Resolves: RHEL-71394

Author: zpytela

policy/modules/contrib/virt.te

@@ -2113,7 +2113,7 @@ allow virtqemud_t self:cap_userns kill;
 allow virtqemud_t self:netlink_audit_socket { nlmsg_relay read write };
 allow virtqemud_t self:process { setcap setexec setrlimit setsched setsockcreate };
 allow virtqemud_t self:tcp_socket create_socket_perms;
-allow virtqemud_t self:tun_socket create;
+allow virtqemud_t self:tun_socket { create relabelfrom relabelto };
 allow virtqemud_t self:udp_socket { connect create getattr };
 
 allow virtqemud_t qemu_var_run_t:{ dir file sock_file } relabelfrom;