diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 67aa29ed9f..e5695eb826 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -49,6 +49,7 @@ fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
 # like pipes and sockets, so that these objects are labeled with the same
 # type as the creating task.
 fs_use_task eventpollfs gen_context(system_u:object_r:fs_t,s0);
+fs_use_task pidfs gen_context(system_u:object_r:fs_t,s0);
 fs_use_task pipefs gen_context(system_u:object_r:fs_t,s0);
 fs_use_task sockfs gen_context(system_u:object_r:fs_t,s0);
 
diff --git a/policy/support/ipc_patterns.spt b/policy/support/ipc_patterns.spt
index f8dea13b3c..e420bd3376 100644
--- a/policy/support/ipc_patterns.spt
+++ b/policy/support/ipc_patterns.spt
@@ -18,3 +18,14 @@ define(`dgram_send_pattern',`
 	allow $1 $3:sock_file write_sock_file_perms;
 	allow $1 $4:unix_dgram_socket sendto;
 ')
+
+#
+# pidfd
+#
+# Parameters:
+# 1. source domain type
+# 2. target domain type
+define(`use_pidfds_pattern',`
+	allow $1 $2:fd use;
+	allow $1 $2:file { getattr read write };
+')