diff --git a/file.te b/file.te
index d8bbdc40a9dbc1f15843ed68d4b7aae1d93f7878..3dfa4fecd257e9427b2a81d574fcf5fcb997dc04 100644
--- a/file.te
+++ b/file.te
@@ -33,6 +33,9 @@ type sysfs_mac_address, fs_type, sysfs_type;
 type sysfs_devices_system_cpu, fs_type, sysfs_type;
 # /sys/module/lowmemorykiller
 type sysfs_lowmemorykiller, fs_type, sysfs_type;
+
+type sysfs_thermal, sysfs_type, fs_type;
+
 type sysfs_zram, fs_type, sysfs_type;
 type sysfs_zram_uevent, fs_type, sysfs_type;
 type inotify, fs_type, mlstrustedobject;
diff --git a/system_server.te b/system_server.te
index 5a3573a914a0794379e884140745dd549e052c4f..6ab48e76bc78271ec7ba0f76c3fc0e28733cefa1 100644
--- a/system_server.te
+++ b/system_server.te
@@ -158,6 +158,8 @@ allow system_server sysfs:file rw_file_perms;
 allow system_server sysfs_nfc_power_writable:file rw_file_perms;
 allow system_server sysfs_devices_system_cpu:file w_file_perms;
 allow system_server sysfs_mac_address:file r_file_perms;
+allow system_server sysfs_thermal:dir search;
+allow system_server sysfs_thermal:file r_file_perms;
 
 # Access devices.
 allow system_server device:dir r_dir_perms;