Android regularly adds and splits permissions for new API levels. Legacy apps are handled by treating them as requesting the permission to provide a toggle for it. For example, Android 13 converted the existing toggle for disabling notifications for an app into a new POST_NOTIFICATIONS permission.
Discussion
The Android Open Source Project has infrastructure for this since it's a regular part of the app sandbox and permission model improving. We add Network and Sensors permission toggles in GrapheneOS where Network is based on the existing low-level INTERNET permission and Sensors is entirely new.
So what exactly is in the sensors category?
Accelerometer, gyroscope, compass, barometer, plus anything device specific like the thermometer
When Android apps request a permission is it an active request they make or are syscalls routed to some policy engine that triggers the "Allow/deny window" to pop up?