A recent update of libpcre caused the binary precompiled regular expression files of SELinux to become outdated (and even blatantly wrong). The details are in bug 471718 but that doesn't help the users that are already facing the problem, nor have we found a good place to put the fix in.
Anyway, if you are facing issues with SELinux labeling (having files
being labeled as portage_tmp_t instead of the proper label), check
with matchpathcon if the label is correct. If matchpathcon sais
that the label should be <<none>> then you need to rebuild the SELinux
context files:
# cd /etc/selinux/strict/contexts/files
# for n in *.bin; do sefcontext_compile ${n%%.bin}; done
The sefcontext_compile command will rebuild the SELinux context files. When that has been done, matchpathcon should show the right context again, and Portage will relabel files correctly. Until then, you will need to relabel the packages that have been built since (and including) the libpcre build.
If someone has a good suggestion where to put these rebuilds in, please do drop a note in the bug. Although the proper one might be libpcre itself, I'd rather not put too much SELinux logic in the ebuild unless it is pretty safeguarded...
In any case, it has also been documented in the Gentoo SELinux FAQ on the Gentoo wiki.