diff --git a/policy/modules/kernel/storage.fc b/policy/modules/kernel/storage.fc
index 63e86d1..d819311 100644
--- a/policy/modules/kernel/storage.fc
+++ b/policy/modules/kernel/storage.fc
@@ -20,6 +20,7 @@
/dev/gscd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/hitcd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/ht[0-1] -b gen_context(system_u:object_r:tape_device_t,s0)
+/dev/hwcdrom -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/initrd -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/jsfd -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/jsflash -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
diff --git a/policy/modules/kernel/storage.if b/policy/modules/kernel/storage.if
index f37c658..bb0effd 100644
--- a/policy/modules/kernel/storage.if
+++ b/policy/modules/kernel/storage.if
@@ -572,6 +572,25 @@ interface(`storage_dontaudit_read_removable_device',`
########################################
##
+## Do not audit attempts made by the caller to write
+## removable devices device nodes.
+##
+##
+##
+## The type of the process to not audit.
+##
+##
+#
+interface(`storage_dontaudit_write_removable_device',`
+ gen_require(`
+ type removable_device_t;
+ ')
+
+ dontaudit $1 removable_device_t:blk_file write_blk_file_perms;
+')
+
+########################################
+##
## Allow the caller to set the attributes of removable
## devices device nodes.
##
diff --git a/policy/modules/kernel/storage.te b/policy/modules/kernel/storage.te
index 43635dd..bbe024e 100644
--- a/policy/modules/kernel/storage.te
+++ b/policy/modules/kernel/storage.te
@@ -1,5 +1,5 @@
-policy_module(storage, 1.8.0)
+policy_module(storage, 1.8.1)
########################################
#