diff --git a/policy/modules/services/isns.te b/policy/modules/services/isns.te
index 56be6ff98..2b18f97d3 100644
--- a/policy/modules/services/isns.te
+++ b/policy/modules/services/isns.te
@@ -27,6 +27,7 @@ allow isnsd_t self:capability kill;
 allow isnsd_t self:process signal;
 allow isnsd_t self:fifo_file rw_fifo_file_perms;
 allow isnsd_t self:udp_socket { accept listen };
+allow isnsd_t self:tcp_socket create_stream_socket_perms;
 allow isnsd_t self:unix_stream_socket { accept listen };
 
 manage_dirs_pattern(isnsd_t, isnsd_var_lib_t, isnsd_var_lib_t)
@@ -37,6 +38,8 @@ manage_sock_files_pattern(isnsd_t, isnsd_runtime_t, isnsd_runtime_t)
 manage_files_pattern(isnsd_t, isnsd_runtime_t, isnsd_runtime_t)
 files_runtime_filetrans(isnsd_t, isnsd_runtime_t, { file sock_file })
 
+kernel_read_crypto_sysctls(isnsd_t)
+
 corenet_all_recvfrom_netlabel(isnsd_t)
 corenet_tcp_sendrecv_generic_if(isnsd_t)
 corenet_tcp_sendrecv_generic_node(isnsd_t)