diff --git a/packages/gramine/default.nix b/packages/gramine/default.nix
index 2c98b96..93d58bf 100644
--- a/packages/gramine/default.nix
+++ b/packages/gramine/default.nix
@@ -2,6 +2,7 @@
 , lib
 , nixsgx
 , fetchurl
+, fetchpatch
 , bash
 , meson
 , nasm
@@ -69,6 +70,14 @@ python.pkgs.buildPythonPackage {
     fetchSubmodules = true;
   };
 
+  patches = [
+    # Add locking around read/write on encrypted pipes
+    (fetchpatch {
+      url = "https://github.com/gramineproject/gramine/commit/cd68a460abf9db2295f5dc5cf292b8678741fb22.patch";
+      hash = "sha256-KRgcFiZWCOz1x8O0cgL7aZ1xG9bdZDPwRKSgqOWJ2nQ=";
+    })
+  ];
+
   outputs = [ "out" "dev" ];
 
   # Unpack subproject sources