diff --git a/file.te b/file.te
index c478880630db1a566831dc1d9cccbe7553e709ff..18496707918cc7887cd7ade5657006a26a5155a7 100644
--- a/file.te
+++ b/file.te
@@ -34,6 +34,9 @@ type configfs, fs_type;
 type sysfs_devices_system_cpu, fs_type, sysfs_type;
 # /sys/module/lowmemorykiller
 type sysfs_lowmemorykiller, fs_type, sysfs_type;
+
+type sysfs_thermal, sysfs_type, fs_type;
+
 type sysfs_zram, fs_type, sysfs_type;
 type sysfs_zram_uevent, fs_type, sysfs_type;
 type inotify, fs_type, mlstrustedobject;
diff --git a/system_server.te b/system_server.te
index 102d5e305b8a3cc7e36f26139f2162c0041c6655..7ca5715b13cb92c5e29e3c061661c3daa1acb78d 100644
--- a/system_server.te
+++ b/system_server.te
@@ -170,6 +170,8 @@ allow system_server sysfs:file rw_file_perms;
 allow system_server sysfs_nfc_power_writable:file rw_file_perms;
 allow system_server sysfs_devices_system_cpu:file w_file_perms;
 allow system_server sysfs_mac_address:file r_file_perms;
+allow system_server sysfs_thermal:dir search;
+allow system_server sysfs_thermal:file r_file_perms;
 
 # Access devices.
 allow system_server device:dir r_dir_perms;