diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 4bf45cb7f..7cbf5d649 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -563,6 +563,25 @@ interface(`kernel_dontaudit_request_load_module',`
dontaudit $1 kernel_t:system module_request;
')
+########################################
+##
+## Connect to kernel using a unix
+## domain stream socket.
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`kernel_stream_connect',`
+ gen_require(`
+ type kernel_t;
+ ')
+
+ allow $1 kernel_t:unix_stream_socket connectto;
+')
+
########################################
##
## Get information on all System V IPC objects.