ADFA-3827 Whitelist for MIUI's AccessController.haveAccessControlPassword disk read during startActivity transitions

[hal-eisen-adfa]

Part of fixing StrictMode violations
Xiaomi/MIUI ROM checks an access-control password file during activity transitions

[coderabbitai]

📝 Walkthrough

Walkthrough

A new strict-mode whitelist rule is added to WhitelistEngine.kt that allows DiskReadViolation when java.io.File.exists calls appear in frames adjacent to MIUI access-control password verification methods, addressing framework-specific exception scenarios on MIUI devices.

Changes

Cohort / File(s)	Summary
Strict Mode Whitelist Rule app/src/main/java/com/itsaky/androidide/app/strictmode/WhitelistEngine.kt	Added a new DiskReadViolation whitelist rule that permits file-existence checks when they appear in call frames adjacent to MIUI access-control password checks (AccessController.haveAccessControlPassword and SecurityManagerService.haveAccessControlPassword).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• ADFA-2416 | Whitelist Oplus UIFirst StrictMode DiskReadViolation #803: Adds similar narrowly-scoped DiskReadViolation whitelist rule to the same file, but targeting Oplus UIFirst framework-specific frames instead of MIUI access-control checks.

Suggested reviewers

• itsaky-adfa
• alome007
• Daniel-ADFA

Poem

🐰 A whitelist rule hops into place,
Letting disk reads have their space—
When MIUI guards stand by with care,
File checks dance without a snare! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: adding a whitelist for MIUI's AccessController.haveAccessControlPassword disk read violations during activity transitions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	The pull request description accurately relates to the changeset, which adds a StrictMode whitelist rule for MIUI's AccessController.haveAccessControlPassword disk read violations during activity transitions.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ADFA-3827-StrictMode-violations-permissions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@app/src/main/java/com/itsaky/androidide/app/strictmode/WhitelistEngine.kt`:
- Around line 142-144: Update the comment in WhitelistEngine.kt to avoid
implying the violation originates remotely in the system_server; instead note
that the stack shows com.miui.server.AccessController and SecurityManagerService
frames executing in-process on MIUI ROMs (e.g., "executes in-process during
activity transitions on MIUI ROMs"), so change the wording around that block
where the current comment mentions "happens in the system server and is reported
back via Binder" to the tightened phrasing; keep this as a documentation-only
change in the same comment near the handling of
AccessController/SecurityManagerService frames.
- Around line 137-153: Add a unit test in WhitelistRulesTest.kt that covers the
new rule: create a test method (follow naming like
allow_DiskRead_on_MiuiMultiLangHelperTextViewDraw, e.g.,
allow_DiskRead_on_MiuiAccessControllerHaveAccessControlPassword) that constructs
a stack trace with adjacent frames matching java.io.File.exists ->
com.miui.server.AccessController.haveAccessControlPassword ->
com.miui.server.SecurityManagerService.haveAccessControlPassword, triggers a
DiskReadViolation, and asserts the WhitelistEngine rule allows it (use the same
helper/assert utilities used by existing tests to verify the rule permits
DiskReadViolation for that frame sequence).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 933dbfc7-143a-4823-a62b-0a31ae4b0355

📥 Commits

Reviewing files that changed from the base of the PR and between 9726e17 and 92ccbc7.

📒 Files selected for processing (1)

• app/src/main/java/com/itsaky/androidide/app/strictmode/WhitelistEngine.kt