diff --git a/policy/modules/kernel/storage.fc b/policy/modules/kernel/storage.fc
index 63e86d1..d819311 100644
--- a/policy/modules/kernel/storage.fc
+++ b/policy/modules/kernel/storage.fc
@@ -20,6 +20,7 @@
 /dev/gscd		-b	gen_context(system_u:object_r:removable_device_t,s0)
 /dev/hitcd		-b	gen_context(system_u:object_r:removable_device_t,s0)
 /dev/ht[0-1]		-b	gen_context(system_u:object_r:tape_device_t,s0)
+/dev/hwcdrom		-b	gen_context(system_u:object_r:removable_device_t,s0)
 /dev/initrd		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
 /dev/jsfd		-b	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
 /dev/jsflash		-c	gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
diff --git a/policy/modules/kernel/storage.if b/policy/modules/kernel/storage.if
index f37c658..bb0effd 100644
--- a/policy/modules/kernel/storage.if
+++ b/policy/modules/kernel/storage.if
@@ -572,6 +572,25 @@ interface(`storage_dontaudit_read_removable_device',`
 
 ########################################
 ## <summary>
+##	Do not audit attempts made by the caller to write
+##	removable devices device nodes.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	The type of the process to not audit.
+##	</summary>
+## </param>
+#
+interface(`storage_dontaudit_write_removable_device',`
+	gen_require(`
+		type removable_device_t;
+	')
+
+	dontaudit $1 removable_device_t:blk_file write_blk_file_perms;
+')
+
+########################################
+## <summary>
 ##	Allow the caller to set the attributes of removable
 ##	devices device nodes.
 ## </summary>
diff --git a/policy/modules/kernel/storage.te b/policy/modules/kernel/storage.te
index 43635dd..bbe024e 100644
--- a/policy/modules/kernel/storage.te
+++ b/policy/modules/kernel/storage.te
@@ -1,5 +1,5 @@
 
-policy_module(storage, 1.8.0)
+policy_module(storage, 1.8.1)
 
 ########################################
 #