diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index cefd6e2a5..3e3f1343c 100755
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -329,6 +329,8 @@ int security_change_sid(struct selinux_state *state, u32 ssid, u32 tsid,
 int security_sid_to_context(struct selinux_state *state, u32 sid,
 			    char **scontext, u32 *scontext_len);
 
+int security_sid_to_context_type(struct selinux_state *state, u32 sid, u32 *out);
+
 int security_sid_to_context_force(struct selinux_state *state,
 				  u32 sid, char **scontext, u32 *scontext_len);
 
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 370c14442..066a1e6c2 100755
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1386,6 +1386,35 @@ out_unlock:
 
 }
 
+// based on security_sid_to_context_core() above
+int security_sid_to_context_type(struct selinux_state *state, u32 sid, u32 *out)
+{
+	struct selinux_policy *policy;
+	struct policydb *policydb;
+	struct sidtab *sidtab;
+	struct sidtab_entry *entry;
+	int rc = 0;
+
+	rcu_read_lock();
+	policy = rcu_dereference(state->policy);
+	policydb = &policy->policydb;
+	sidtab = policy->sidtab;
+
+	entry = sidtab_search_entry(sidtab, sid);
+
+	if (!entry) {
+		pr_err("SELinux: %s:  unrecognized SID %d\n", __func__, sid);
+		rc = -EINVAL;
+		goto out_unlock;
+	}
+
+	*out = entry->context.type;
+
+out_unlock:
+	rcu_read_unlock();
+	return rc;
+}
+
 /**
  * security_sid_to_context - Obtain a context for a given SID.
  * @sid: security identifier, SID