basic/non_plat/hal_thermal_default.te - LeafOS-Devices/android_device_mediatek_sepolicy - Gitiles

 # ==============================================
 # Common SEPolicy Rule
 # ==============================================

 allow hal_thermal_default proc_mtktz:dir search;
 allow hal_thermal_default proc_mtktz:file r_file_perms;
 allow hal_thermal_default proc_stat:file r_file_perms;

 #for uevent handle
 allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;

 #for thermal sysfs
 allow hal_thermal_default sysfs_therm:file rw_file_perms;
 allow hal_thermal_default sysfs_therm:dir search;

 #for thermal hal socket
 allow hal_thermal_default thermal_hal_socket:dir { rw_dir_perms setattr};
 allow hal_thermal_default thermal_hal_socket:sock_file create_file_perms;
	# ==============================================
	# Common SEPolicy Rule
	# ==============================================

	allow hal_thermal_default proc_mtktz:dir search;
	allow hal_thermal_default proc_mtktz:file r_file_perms;
	allow hal_thermal_default proc_stat:file r_file_perms;

	#for uevent handle
	allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;

	#for thermal sysfs
	allow hal_thermal_default sysfs_therm:file rw_file_perms;
	allow hal_thermal_default sysfs_therm:dir search;

	#for thermal hal socket
	allow hal_thermal_default thermal_hal_socket:dir { rw_dir_perms setattr};
	allow hal_thermal_default thermal_hal_socket:sock_file create_file_perms;