diff --git a/internal/util/fscrypt/fscrypt.go b/internal/util/fscrypt/fscrypt.go
index 3bc78fcf1aa..5f843cf82cc 100644
--- a/internal/util/fscrypt/fscrypt.go
+++ b/internal/util/fscrypt/fscrypt.go
@@ -111,6 +111,21 @@ func createKeyFuncFromVolumeEncryption(
 	return keyFunc, nil
 }
 
+func fsyncEncryptedDirectory(dirPath string) error {
+	dir, err := os.Open(dirPath)
+	if err != nil {
+		return err
+	}
+	defer dir.Close()
+
+	err = dir.Sync()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
 // unlockExisting tries to unlock an already set up fscrypt directory using keys from Ceph CSI.
 func unlockExisting(
 	ctx context.Context,
@@ -225,6 +240,12 @@ func initializeAndUnlock(
 		return err
 	}
 
+	if err = fsyncEncryptedDirectory(encryptedPath); err != nil {
+		log.ErrorLog(ctx, "fscrypt: fsync encrypted dir - to flush kernel policy to disk failed %v", err)
+
+		return err
+	}
+
 	return nil
 }