diff --git a/policy/modules/services/rpc.fc b/policy/modules/services/rpc.fc
index 6d3c9b68b..88d2acaf0 100644
--- a/policy/modules/services/rpc.fc
+++ b/policy/modules/services/rpc.fc
@@ -16,6 +16,7 @@
 /usr/lib/systemd/system/nfs.*\.service --   gen_context(system_u:object_r:nfsd_unit_t,s0)
 /usr/lib/systemd/system/rpc.*\.service --   gen_context(system_u:object_r:rpcd_unit_t,s0)
 
+/usr/sbin/blkmapd	--	gen_context(system_u:object_r:blkmapd_exec_t,s0)
 /usr/sbin/rpc\..*	--	gen_context(system_u:object_r:rpcd_exec_t,s0)
 /usr/sbin/rpc\.idmapd	--	gen_context(system_u:object_r:rpcd_exec_t,s0)
 /usr/sbin/rpc\.gssd	--	gen_context(system_u:object_r:gssd_exec_t,s0)
@@ -27,6 +28,7 @@
 
 /var/lib/nfs(/.*)?	gen_context(system_u:object_r:var_lib_nfs_t,s0)
 
+/run/blkmapd\.pid	--	gen_context(system_u:object_r:rpcd_runtime_t,s0)
 /run/rpc\.statd(/.*)?	gen_context(system_u:object_r:rpcd_runtime_t,s0)
 /run/rpc\.statd\.pid	--	gen_context(system_u:object_r:rpcd_runtime_t,s0)
 /run/sm-notify\.pid	--	gen_context(system_u:object_r:rpcd_runtime_t,s0)
diff --git a/policy/modules/services/rpc.te b/policy/modules/services/rpc.te
index e1752025c..53b4cb8ff 100644
--- a/policy/modules/services/rpc.te
+++ b/policy/modules/services/rpc.te
@@ -72,6 +72,14 @@ init_unit_file(nfsd_unit_t)
 type var_lib_nfs_t;
 files_mountpoint(var_lib_nfs_t)
 
+rpc_domain_template(blkmapd)
+
+type blkmapd_runtime_t;
+files_runtime_file(blkmapd_runtime_t)
+files_runtime_filetrans(blkmapd_t, blkmapd_runtime_t, file, "blkmapd.pid")
+allow blkmapd_t blkmapd_runtime_t:file manage_file_perms;
+
+
 ########################################
 #
 # Common rpc domain local policy
@@ -276,6 +284,17 @@ optional_policy(`
 	mount_exec(nfsd_t)
 ')
 
+########################################
+#
+# BLKMAPD local policy
+#
+
+allow blkmapd_t self:capability sys_rawio;
+allow blkmapd_t self:unix_dgram_socket create_socket_perms;
+
+fs_list_rpc(blkmapd_t)
+storage_raw_read_fixed_disk(blkmapd_t)
+
 ########################################
 #
 # GSSD local policy