hal_health_default: Fix avc denials

12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2270): avc: denied { search } for name="thermal" dev="tmpfs" ino=1028 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2271): avc: denied { search } for name="thermal" dev="sysfs" ino=16790 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2273): avc: denied { open } for path="/sys/devices/virtual/thermal/thermal_zone13/mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2272): avc: denied { write } for name="mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1

Bug:208721638
Test: adb bugreport
Change-Id: I4d9491862ff1bcc88f89b1478497ac569e3d1df1
Signed-off-by: Ted Lin <tedlin@google.com>

tracking_denials/hal_health_default.te

@@ -1,5 +0,0 @@
-# b/208721638
-dontaudit hal_health_default sysfs_thermal:dir { search };
-dontaudit hal_health_default sysfs_thermal:file { open };
-dontaudit hal_health_default sysfs_thermal:file { write };
-dontaudit hal_health_default thermal_link_device:dir { search };

whitechapel_pro/hal_health_default.te

@@ -9,3 +9,6 @@ allow hal_health_default sysfs_scsi_devices_0000:file rw_file_perms;
 
 allow hal_health_default sysfs_wlc:dir search;
 allow hal_health_default sysfs_batteryinfo:file w_file_perms;
+allow hal_health_default sysfs_thermal:dir search;
+allow hal_health_default sysfs_thermal:file w_file_perms;
+allow hal_health_default thermal_link_device:dir search;