diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 7cc2c4c9a3..7688097f44 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -7024,6 +7024,25 @@ interface(`fs_rw_efivarfs_files',`
 	rw_files_pattern($1, efivarfs_t, efivarfs_t)
 ')
 
+#######################################
+## <summary>
+##      Create efivarfs files 
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+## <rolecap/>
+#
+interface(`fs_create_efivarfs_files',`
+        gen_require(`
+                type efivarfs_t;
+        ')
+
+        create_files_pattern($1, efivarfs_t, efivarfs_t)
+')
+
 #######################################
 ## <summary>
 ##      Manage efivarfs files 
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 0a7421b0c9..1c8332e8da 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -1548,6 +1548,7 @@ dev_create_sysfs_files(systemd_sleep_t)
 dev_rw_sysfs(systemd_sleep_t)
 dev_write_kmsg(systemd_sleep_t)
 
+fs_create_efivarfs_files(systemd_sleep_t)
 fs_rw_efivarfs_files(systemd_sleep_t)
 
 fstools_rw_swap_files(systemd_sleep_t)