diff --git a/private/apexd.te b/private/apexd.te
index 69645a12c..040651d7e 100644
--- a/private/apexd.te
+++ b/private/apexd.te
@@ -16,6 +16,10 @@ allow apexd apex_metadata_file:file create_file_perms;
 # Allow creating and writing APEX files/dirs in the SEPolicy metadata dir
 allow apexd sepolicy_metadata_file:dir create_dir_perms;
 allow apexd sepolicy_metadata_file:file create_file_perms;
+# Allow apexd to setup fs-verity for SEPolicy files in metadata
+allowxperm apexd sepolicy_metadata_file:file ioctl  {
+  FS_IOC_ENABLE_VERITY FS_IOC_MEASURE_VERITY
+};
 
 # Allow reserving space on /data/apex/ota_reserved for apex decompression
 allow apexd apex_ota_reserved_file:dir create_dir_perms;