diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index b913af36c0..9733da16c8 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -4507,7 +4507,7 @@ interface(`kernel_prog_run_bpf',`
 		type init_t;
 	')
 
-    allow $1 kernel_t:bpf prog_run;
+    allow $1 kernel_t:bpf { map_read map_write prog_run };
 ')
 
 ########################################