diff --git a/Patches/LineageOS-14.1/android_external_expat/337987-backport.patch b/Patches/LineageOS-14.1/android_external_expat/337987-backport.patch
new file mode 100644
index 00000000..85feeccf
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_expat/337987-backport.patch
@@ -0,0 +1,29 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sadaf Ebrahimi <sadafebrahimi@google.com>
+Date: Thu, 2 Jun 2022 19:32:22 +0000
+Subject: [PATCH] Prevent XML_GetBuffer signed integer overflow
+
+Bug: http://b/221255869
+Change-Id: I38758fae8c71184f728f95e6073457cdb86bcc29
+(cherry picked from commit d6a09f1b7fb24dd03dc58e45062ad951a37ff8e3)
+Merged-In: I38758fae8c71184f728f95e6073457cdb86bcc29
+---
+ lib/xmlparse.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/lib/xmlparse.c b/lib/xmlparse.c
+index 0655e080..ee4de203 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -1738,6 +1738,11 @@ XML_GetBuffer(XML_Parser parser, int len)
+ 
+     if (keep > XML_CONTEXT_BYTES)
+       keep = XML_CONTEXT_BYTES;
++    /* Detect and prevent integer overflow */
++    if (keep > INT_MAX - neededSize) {
++      errorCode = XML_ERROR_NO_MEMORY;
++      return NULL;
++    }
+     neededSize += keep;
+ #endif  /* defined XML_CONTEXT_BYTES */
+     if (neededSize  <= bufferLim - buffer) {
diff --git a/Patches/LineageOS-14.1/android_external_expat/337988-backport.patch b/Patches/LineageOS-14.1/android_external_expat/337988-backport.patch
new file mode 100644
index 00000000..a9f6d30f
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_expat/337988-backport.patch
@@ -0,0 +1,54 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sadaf Ebrahimi <sadafebrahimi@google.com>
+Date: Fri, 3 Jun 2022 03:40:21 +0000
+Subject: [PATCH] Prevent integer overflow in function doProlog
+
+Bug: http://b/221256678
+Change-Id: I6fe381103f4eb287726d1ccb5bfec99db160ffe4
+(cherry picked from commit 257f1d3777240016d3ccd74a61cd7d0e0efcaae3)
+Merged-In: I6fe381103f4eb287726d1ccb5bfec99db160ffe4
+---
+ lib/xmlparse.c | 20 +++++++++++++-------
+ 1 file changed, 13 insertions(+), 7 deletions(-)
+
+diff --git a/lib/xmlparse.c b/lib/xmlparse.c
+index ee4de203..6c8a3a57 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -4667,23 +4667,29 @@ doProlog(XML_Parser parser,
+       if (dtd->in_eldecl) {
+         ELEMENT_TYPE *el;
+         const XML_Char *name;
+-        int nameLen;
+-        const char *nxt = (quant == XML_CQUANT_NONE
+-                           ? next
+-                           : next - enc->minBytesPerChar);
++        size_t nameLen;
++        const char *nxt
++            = (quant == XML_CQUANT_NONE ? next : next - enc->minBytesPerChar);
+         int myindex = nextScaffoldPart(parser);
+         if (myindex < 0)
+           return XML_ERROR_NO_MEMORY;
+         dtd->scaffold[myindex].type = XML_CTYPE_NAME;
+         dtd->scaffold[myindex].quant = quant;
+         el = getElementType(parser, enc, s, nxt);
+-        if (!el)
++        if (! el)
+           return XML_ERROR_NO_MEMORY;
+         name = el->name;
+         dtd->scaffold[myindex].name = name;
+         nameLen = 0;
+-        for (; name[nameLen++]; );
+-        dtd->contentStringLen +=  nameLen;
++        for (; name[nameLen++];)
++          ;
++
++        /* Detect and prevent integer overflow */
++        if (nameLen > UINT_MAX - dtd->contentStringLen) {
++          return XML_ERROR_NO_MEMORY;
++        }
++
++        dtd->contentStringLen += (unsigned)nameLen;
+         if (elementDeclHandler)
+           handleDefault = XML_FALSE;
+       }
diff --git a/Patches/LineageOS-14.1/android_external_expat/337989-backport.patch b/Patches/LineageOS-14.1/android_external_expat/337989-backport.patch
new file mode 100644
index 00000000..a53e8754
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_expat/337989-backport.patch
@@ -0,0 +1,244 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sadaf Ebrahimi <sadafebrahimi@google.com>
+Date: Wed, 15 Jun 2022 04:14:33 +0000
+Subject: [PATCH] Prevent more integer overflows
+
+Bug: http://b/219942275
+Change-Id: I7489f59564e0053a4a46bb8c362f7c36ab0b3c9d
+Merged-In: Ic5c8087ee64e6faafcf013cef9536c042eb8a09d
+(cherry picked from commit 15a1f35dddde9c1a0a626972349a59642abd345a)
+Merged-In: I7489f59564e0053a4a46bb8c362f7c36ab0b3c9d
+---
+ lib/xmlparse.c | 152 ++++++++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 150 insertions(+), 2 deletions(-)
+
+diff --git a/lib/xmlparse.c b/lib/xmlparse.c
+index 6c8a3a57..956c2677 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -2780,18 +2780,54 @@ storeAtts(XML_Parser parser, const ENCODING *enc,
+ 
+   /* get the attributes from the tokenizer */
+   n = XmlGetAttributes(enc, attStr, attsSize, atts);
++
++  /* Detect and prevent integer overflow */
++  if (n > INT_MAX - nDefaultAtts) {
++    return XML_ERROR_NO_MEMORY;
++  }
++
+   if (n + nDefaultAtts > attsSize) {
+     int oldAttsSize = attsSize;
+     ATTRIBUTE *temp;
+ #ifdef XML_ATTR_INFO
+     XML_AttrInfo *temp2;
+ #endif
++
++    /* Detect and prevent integer overflow */
++    if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE)
++        || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) {
++      return XML_ERROR_NO_MEMORY;
++    }
++
+     attsSize = n + nDefaultAtts + INIT_ATTS_SIZE;
++
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) {
++      attsSize = oldAttsSize;
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     temp = (ATTRIBUTE *)REALLOC((void *)atts, attsSize * sizeof(ATTRIBUTE));
+     if (temp == NULL)
+       return XML_ERROR_NO_MEMORY;
+     atts = temp;
+ #ifdef XML_ATTR_INFO
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) {
++      attsSize = oldAttsSize;
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     temp2 = (XML_AttrInfo *)REALLOC((void *)attInfo, attsSize * sizeof(XML_AttrInfo));
+     if (temp2 == NULL)
+       return XML_ERROR_NO_MEMORY;
+@@ -3069,9 +3105,31 @@ storeAtts(XML_Parser parser, const ENCODING *enc,
+   tagNamePtr->prefixLen = prefixLen;
+   for (i = 0; localPart[i++];)
+     ;  /* i includes null terminator */
++
++  /* Detect and prevent integer overflow */
++  if (binding->uriLen > INT_MAX - prefixLen
++      || i > INT_MAX - (binding->uriLen + prefixLen)) {
++    return XML_ERROR_NO_MEMORY;
++  }
++
+   n = i + binding->uriLen + prefixLen;
+   if (n > binding->uriAlloc) {
+     TAG *p;
++
++    /* Detect and prevent integer overflow */
++    if (n > INT_MAX - EXPAND_SPARE) {
++      return XML_ERROR_NO_MEMORY;
++    }
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     uri = (XML_Char *)MALLOC((n + EXPAND_SPARE) * sizeof(XML_Char));
+     if (!uri)
+       return XML_ERROR_NO_MEMORY;
+@@ -3172,6 +3230,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+   if (freeBindingList) {
+     b = freeBindingList;
+     if (len > b->uriAlloc) {
++      /* Detect and prevent integer overflow */
++      if (len > INT_MAX - EXPAND_SPARE) {
++        return XML_ERROR_NO_MEMORY;
++      }
++
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++        return XML_ERROR_NO_MEMORY;
++      }
++#endif
++
+       XML_Char *temp = (XML_Char *)REALLOC(b->uri,
+                           sizeof(XML_Char) * (len + EXPAND_SPARE));
+       if (temp == NULL)
+@@ -3185,6 +3258,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+     b = (BINDING *)MALLOC(sizeof(BINDING));
+     if (!b)
+       return XML_ERROR_NO_MEMORY;
++
++    /* Detect and prevent integer overflow */
++    if (len > INT_MAX - EXPAND_SPARE) {
++      return XML_ERROR_NO_MEMORY;
++    }
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     b->uri = (XML_Char *)MALLOC(sizeof(XML_Char) * (len + EXPAND_SPARE));
+     if (!b->uri) {
+       FREE(b);
+@@ -5437,7 +5525,24 @@ defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata,
+     }
+     else {
+       DEFAULT_ATTRIBUTE *temp;
++
++      /* Detect and prevent integer overflow */
++      if (type->allocDefaultAtts > INT_MAX / 2) {
++        return 0;
++      }
++
+       int count = type->allocDefaultAtts * 2;
++
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) {
++        return 0;
++      }
++#endif
++
+       temp = (DEFAULT_ATTRIBUTE *)
+         REALLOC(type->defaultAtts, (count * sizeof(DEFAULT_ATTRIBUTE)));
+       if (temp == NULL)
+@@ -6066,8 +6171,20 @@ lookup(XML_Parser parser, HASH_TABLE *table, KEY name, size_t createSize)
+     /* check for overflow (table is half full) */
+     if (table->used >> (table->power - 1)) {
+       unsigned char newPower = table->power + 1;
++
++      /* Detect and prevent invalid shift */
++      if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) {
++        return NULL;
++      }
++
+       size_t newSize = (size_t)1 << newPower;
+       unsigned long newMask = (unsigned long)newSize - 1;
++
++      /* Detect and prevent integer overflow */
++      if (newSize > (size_t)(-1) / sizeof(NAMED *)) {
++        return NULL;
++      }
++
+       size_t tsize = newSize * sizeof(NAMED *);
+       NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize);
+       if (!newV)
+@@ -6358,6 +6475,20 @@ nextScaffoldPart(XML_Parser parser)
+   if (dtd->scaffCount >= dtd->scaffSize) {
+     CONTENT_SCAFFOLD *temp;
+     if (dtd->scaffold) {
++      /* Detect and prevent integer overflow */
++      if (dtd->scaffSize > UINT_MAX / 2u) {
++        return -1;
++      }
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) {
++        return -1;
++      }
++#endif
++
+       temp = (CONTENT_SCAFFOLD *)
+         REALLOC(dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD));
+       if (temp == NULL)
+@@ -6434,8 +6565,25 @@ build_model (XML_Parser parser)
+   XML_Content *ret;
+   XML_Content *cpos;
+   XML_Char * str;
+-  int allocsize = (dtd->scaffCount * sizeof(XML_Content)
+-                   + (dtd->contentStringLen * sizeof(XML_Char)));
++  /* Detect and prevent integer overflow.
++   * The preprocessor guard addresses the "always false" warning
++   * from -Wtype-limits on platforms where
++   * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++  if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) {
++    return NULL;
++  }
++  if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) {
++    return NULL;
++  }
++#endif
++  if (dtd->scaffCount * sizeof(XML_Content)
++      > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) {
++    return NULL;
++  }
++
++  const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content)
++                            + (dtd->contentStringLen * sizeof(XML_Char)));
+ 
+   ret = (XML_Content *)MALLOC(allocsize);
+   if (!ret)
diff --git a/Patches/LineageOS-14.1/android_external_libavc/315711.patch b/Patches/LineageOS-14.1/android_external_libavc/315711.patch
new file mode 100644
index 00000000..01a1e514
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libavc/315711.patch
@@ -0,0 +1,50 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Rakesh Kumar <rakesh.kumar@ittiam.com>
+Date: Wed, 28 Apr 2021 23:44:50 +0530
+Subject: [PATCH] Decoder: Update check for increment u2_cur_slice_num
+
+Increment u2_cur_slice_num only if current slice had atleast
+one MB of memory left.
+
+Test: clusterfuzz generated poc in bug
+Bug: b/182152757
+Bug: b/179938345
+Bug: b/185112718
+
+Change-Id: Ic5eb07e961bccb7fde954bcfd791fd879804e335
+(cherry picked from commit a88e0683a420d7ee9aa4b6f41f94cb8dc0c5e040)
+---
+ decoder/ih264d_parse_slice.c | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/decoder/ih264d_parse_slice.c b/decoder/ih264d_parse_slice.c
+index cf2dda9..ffe7f2b 100644
+--- a/decoder/ih264d_parse_slice.c
++++ b/decoder/ih264d_parse_slice.c
+@@ -1476,17 +1476,20 @@ WORD32 ih264d_parse_decode_slice(UWORD8 u1_is_idr_slice,
+         i1_is_end_of_poc = 0;
+     }
+ 
+-    if (ps_dec->u4_first_slice_in_pic == 0)
++    /* Increment only if the current slice has atleast 1 more MB */
++    if (ps_dec->u4_first_slice_in_pic == 0 &&
++        (ps_dec->ps_parse_cur_slice->u4_first_mb_in_slice <
++        (UWORD32)(ps_dec->u2_total_mbs_coded >> ps_dec->ps_cur_slice->u1_mbaff_frame_flag)))
+     {
+         ps_dec->ps_parse_cur_slice++;
+         ps_dec->u2_cur_slice_num++;
++        // in the case of single core increment ps_decode_cur_slice
++        if(ps_dec->u1_separate_parse == 0)
++        {
++            ps_dec->ps_decode_cur_slice++;
++        }
+     }
+ 
+-    // in the case of single core increment ps_decode_cur_slice
+-    if((ps_dec->u1_separate_parse == 0) && (ps_dec->u4_first_slice_in_pic == 0))
+-    {
+-        ps_dec->ps_decode_cur_slice++;
+-    }
+     ps_dec->u1_slice_header_done = 0;
+ 
+ 
diff --git a/Patches/LineageOS-14.1/android_external_libavc/323462.patch b/Patches/LineageOS-14.1/android_external_libavc/323462.patch
new file mode 100644
index 00000000..c719781b
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libavc/323462.patch
@@ -0,0 +1,77 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Harish Mahendrakar <harish.mahendrakar@ittiam.com>
+Date: Tue, 5 Oct 2021 15:35:31 -0700
+Subject: [PATCH] Move slice increments after completing header parsing
+
+Slice increments are now done after completing header parse.
+Earlier this was done before validating mmco related parameters
+and calculating poc. In case there were errors that were detected
+at this stage, slice increments were incorrect.
+
+Bug: 199536974
+Bug: 199733300
+Bug: 205702093
+Bug: oss-fuzz#38387
+Bug: oss-fuzz#38482
+Bug: oss-fuzz#40851
+Test: ossfuzz generated poc in bug
+
+Change-Id: I8569e9369e4ab6f6c69c81b937f111c299b7a134
+(cherry picked from commit cd0385dc074c6ba119dffbcd3df669a9b9ca1790)
+(cherry picked from commit dc110841d6a3fb2f9c9f1af04b3b71da40fbd392)
+Merged-In:I8569e9369e4ab6f6c69c81b937f111c299b7a134
+---
+ decoder/ih264d_parse_slice.c | 33 ++++++++++++++++-----------------
+ 1 file changed, 16 insertions(+), 17 deletions(-)
+
+diff --git a/decoder/ih264d_parse_slice.c b/decoder/ih264d_parse_slice.c
+index ffe7f2b..43025e5 100644
+--- a/decoder/ih264d_parse_slice.c
++++ b/decoder/ih264d_parse_slice.c
+@@ -1476,23 +1476,6 @@ WORD32 ih264d_parse_decode_slice(UWORD8 u1_is_idr_slice,
+         i1_is_end_of_poc = 0;
+     }
+ 
+-    /* Increment only if the current slice has atleast 1 more MB */
+-    if (ps_dec->u4_first_slice_in_pic == 0 &&
+-        (ps_dec->ps_parse_cur_slice->u4_first_mb_in_slice <
+-        (UWORD32)(ps_dec->u2_total_mbs_coded >> ps_dec->ps_cur_slice->u1_mbaff_frame_flag)))
+-    {
+-        ps_dec->ps_parse_cur_slice++;
+-        ps_dec->u2_cur_slice_num++;
+-        // in the case of single core increment ps_decode_cur_slice
+-        if(ps_dec->u1_separate_parse == 0)
+-        {
+-            ps_dec->ps_decode_cur_slice++;
+-        }
+-    }
+-
+-    ps_dec->u1_slice_header_done = 0;
+-
+-
+     if(u1_field_pic_flag)
+     {
+         ps_dec->u2_prv_frame_num = u2_frame_num;
+@@ -1546,6 +1529,22 @@ WORD32 ih264d_parse_decode_slice(UWORD8 u1_is_idr_slice,
+         }
+     }
+ 
++    /* Increment only if the current slice has atleast 1 more MB */
++    if (ps_dec->u4_first_slice_in_pic == 0 &&
++        (ps_dec->ps_parse_cur_slice->u4_first_mb_in_slice <
++        (UWORD32)(ps_dec->u2_total_mbs_coded >> ps_dec->ps_cur_slice->u1_mbaff_frame_flag)))
++    {
++        ps_dec->ps_parse_cur_slice++;
++        ps_dec->u2_cur_slice_num++;
++        // in the case of single core increment ps_decode_cur_slice
++        if(ps_dec->u1_separate_parse == 0)
++        {
++            ps_dec->ps_decode_cur_slice++;
++        }
++    }
++
++    ps_dec->u1_slice_header_done = 0;
++
+     /*--------------------------------------------------------------------*/
+     /* Copy the values read from the bitstream to the slice header and then*/
+     /* If the slice is first slice in picture, then do Start of Picture   */
diff --git a/Patches/LineageOS-14.1/android_external_libexif/323459.patch b/Patches/LineageOS-14.1/android_external_libexif/323459.patch
new file mode 100644
index 00000000..6a17506a
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libexif/323459.patch
@@ -0,0 +1,305 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jayant Chowdhary <jchowdhary@google.com>
+Date: Tue, 24 Aug 2021 18:04:56 +0000
+Subject: [PATCH] Fix MakerNote tag size overflow issues at read time.
+
+This is a cherry-pick of
+https://github.com/libexif/libexif/commit/435e21f05001fb03f9f186fa7cbc69454afd00d1
+for CVE-2020-13112
+
+Bug: 194342672
+
+Test: sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases
+      --test android.security.sts.CVE_2020_13112#testPocBug_194342672
+
+Change-Id: Ibdf388bc768213833f8fef9740b3527d46a14a2a
+Merged-In: Id106e79e829329145d27a93273241b58878bfac3
+Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>
+(cherry picked from commit fd5f7bab830858e57a2baf9d4dd47e5820337b56)
+Merged-In:Ibdf388bc768213833f8fef9740b3527d46a14a2a
+---
+ libexif/canon/exif-mnote-data-canon.c     | 20 ++++++++++++++---
+ libexif/fuji/exif-mnote-data-fuji.c       | 22 +++++++++++++-----
+ libexif/olympus/exif-mnote-data-olympus.c | 27 ++++++++++++++++++-----
+ libexif/pentax/exif-mnote-data-pentax.c   | 19 ++++++++++++----
+ 4 files changed, 69 insertions(+), 19 deletions(-)
+
+diff --git a/libexif/canon/exif-mnote-data-canon.c b/libexif/canon/exif-mnote-data-canon.c
+index acf88ab..4396c53 100644
+--- a/libexif/canon/exif-mnote-data-canon.c
++++ b/libexif/canon/exif-mnote-data-canon.c
+@@ -32,6 +32,8 @@
+ 
+ #define DEBUG
+ 
++#define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
++
+ static void
+ exif_mnote_data_canon_clear (ExifMnoteDataCanon *n)
+ {
+@@ -209,7 +211,8 @@ exif_mnote_data_canon_load (ExifMnoteData *ne,
+ 		return;
+ 	}
+ 	datao = 6 + n->offset;
+-	if ((datao + 2 < datao) || (datao + 2 < 2) || (datao + 2 > buf_size)) {
++
++	if (CHECKOVERFLOW(datao, buf_size, 2)) {
+ 		exif_log (ne->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 			  "ExifMnoteCanon", "Short MakerNote");
+ 		return;
+@@ -233,7 +236,7 @@ exif_mnote_data_canon_load (ExifMnoteData *ne,
+ 	tcount = 0;
+ 	for (i = c, o = datao; i; --i, o += 12) {
+ 		size_t s;
+-		if ((o + 12 < o) || (o + 12 < 12) || (o + 12 > buf_size)) {
++		if (CHECKOVERFLOW(o,buf_size,12)) {
+ 			exif_log (ne->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				"ExifMnoteCanon", "Short MakerNote");
+ 			break;
+@@ -248,6 +251,16 @@ exif_mnote_data_canon_load (ExifMnoteData *ne,
+ 			"Loading entry 0x%x ('%s')...", n->entries[tcount].tag,
+ 			 mnote_canon_tag_get_name (n->entries[tcount].tag));
+ 
++		/* Check if we overflow the multiplication. Use buf_size as the max size for integer overflow detection,
++		 * we will check the buffer sizes closer later. */
++		if (	exif_format_get_size (n->entries[tcount].format) &&
++			buf_size / exif_format_get_size (n->entries[tcount].format) < n->entries[tcount].components
++		) {
++			exif_log (ne->log, EXIF_LOG_CODE_CORRUPT_DATA,
++				  "ExifMnoteCanon", "Tag size overflow detected (%u * %lu)", exif_format_get_size (n->entries[tcount].format), n->entries[tcount].components);
++			continue;
++		}
++
+ 		/*
+ 		 * Size? If bigger than 4 bytes, the actual data is not
+ 		 * in the entry but somewhere else (offset).
+@@ -264,7 +277,8 @@ exif_mnote_data_canon_load (ExifMnoteData *ne,
+ 		} else {
+ 			size_t dataofs = o + 8;
+ 			if (s > 4) dataofs = exif_get_long (buf + dataofs, n->order) + 6;
+-			if ((dataofs + s < s) || (dataofs + s < dataofs) || (dataofs + s > buf_size)) {
++
++			if (CHECKOVERFLOW(dataofs, buf_size, s)) {
+ 				exif_log (ne->log, EXIF_LOG_CODE_DEBUG,
+ 					"ExifMnoteCanon",
+ 					"Tag data past end of buffer (%zu > %u)",
+diff --git a/libexif/fuji/exif-mnote-data-fuji.c b/libexif/fuji/exif-mnote-data-fuji.c
+index a9949e1..11ff8c3 100644
+--- a/libexif/fuji/exif-mnote-data-fuji.c
++++ b/libexif/fuji/exif-mnote-data-fuji.c
+@@ -28,6 +28,8 @@
+ 
+ #include "exif-mnote-data-fuji.h"
+ 
++#define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
++
+ struct _MNoteFujiDataPrivate {
+ 	ExifByteOrder order;
+ };
+@@ -162,7 +164,7 @@ exif_mnote_data_fuji_load (ExifMnoteData *en,
+ 		return;
+ 	}
+ 	datao = 6 + n->offset;
+-	if ((datao + 12 < datao) || (datao + 12 < 12) || (datao + 12 > buf_size)) {
++	if (CHECKOVERFLOW(datao, buf_size, 12)) {
+ 		exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 			  "ExifMnoteDataFuji", "Short MakerNote");
+ 		return;
+@@ -170,8 +172,7 @@ exif_mnote_data_fuji_load (ExifMnoteData *en,
+ 
+ 	n->order = EXIF_BYTE_ORDER_INTEL;
+ 	datao += exif_get_long (buf + datao + 8, EXIF_BYTE_ORDER_INTEL);
+-	if ((datao + 2 < datao) || (datao + 2 < 2) ||
+-	    (datao + 2 > buf_size)) {
++	if (CHECKOVERFLOW(datao, buf_size, 2)) {
+ 		exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 			  "ExifMnoteDataFuji", "Short MakerNote");
+ 		return;
+@@ -195,7 +196,7 @@ exif_mnote_data_fuji_load (ExifMnoteData *en,
+ 	tcount = 0;
+ 	for (i = c, o = datao; i; --i, o += 12) {
+ 		size_t s;
+-		if ((o + 12 < o) || (o + 12 < 12) || (o + 12 > buf_size)) {
++		if (CHECKOVERFLOW(o, buf_size, 12)) {
+ 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				  "ExifMnoteDataFuji", "Short MakerNote");
+ 			break;
+@@ -210,6 +211,16 @@ exif_mnote_data_fuji_load (ExifMnoteData *en,
+ 			  "Loading entry 0x%x ('%s')...", n->entries[tcount].tag,
+ 			  mnote_fuji_tag_get_name (n->entries[tcount].tag));
+ 
++		/* Check if we overflow the multiplication. Use buf_size as the max size for integer overflow detection,
++		 * we will check the buffer sizes closer later. */
++		if (	exif_format_get_size (n->entries[tcount].format) &&
++			buf_size / exif_format_get_size (n->entries[tcount].format) < n->entries[tcount].components
++		) {
++			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
++					  "ExifMnoteDataFuji", "Tag size overflow detected (%u * %lu)", exif_format_get_size (n->entries[tcount].format), n->entries[tcount].components);
++			continue;
++		}
++
+ 		/*
+ 		 * Size? If bigger than 4 bytes, the actual data is not
+ 		 * in the entry but somewhere else (offset).
+@@ -221,8 +232,7 @@ exif_mnote_data_fuji_load (ExifMnoteData *en,
+ 			if (s > 4)
+ 				/* The data in this case is merely a pointer */
+ 				dataofs = exif_get_long (buf + dataofs, n->order) + 6 + n->offset;
+-			if ((dataofs + s < dataofs) || (dataofs + s < s) ||
+-				(dataofs + s >= buf_size)) {
++			if (CHECKOVERFLOW(dataofs, buf_size, s)) {
+ 				exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 						  "ExifMnoteDataFuji", "Tag data past end of "
+ 					  "buffer (%zu >= %u)", dataofs + s, buf_size);
+diff --git a/libexif/olympus/exif-mnote-data-olympus.c b/libexif/olympus/exif-mnote-data-olympus.c
+index f4ccbb0..e7bf984 100644
+--- a/libexif/olympus/exif-mnote-data-olympus.c
++++ b/libexif/olympus/exif-mnote-data-olympus.c
+@@ -37,6 +37,8 @@
+  */
+ /*#define EXIF_OVERCOME_SANYO_OFFSET_BUG */
+ 
++#define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
++
+ static enum OlympusVersion
+ exif_mnote_data_olympus_identify_variant (const unsigned char *buf,
+ 		unsigned int buf_size);
+@@ -247,7 +249,8 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 		return;
+ 	}
+ 	o2 = 6 + n->offset; /* Start of interesting data */
+-	if ((o2 + 10 < o2) || (o2 + 10 < 10) || (o2 + 10 > buf_size)) {
++
++	if (CHECKOVERFLOW(o2,buf_size,10)) {
+ 		exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 			  "ExifMnoteDataOlympus", "Short MakerNote");
+ 		return;
+@@ -303,6 +306,8 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 		/* Olympus S760, S770 */
+ 		datao = o2;
+ 		o2 += 8;
++
++		if (CHECKOVERFLOW(o2,buf_size,4)) return;
+ 		exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataOlympus",
+ 			"Parsing Olympus maker note v2 (0x%02x, %02x, %02x, %02x)...",
+ 			buf[o2], buf[o2 + 1], buf[o2 + 2], buf[o2 + 3]);
+@@ -347,6 +352,7 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 	case nikonV2:
+ 		o2 += 6;
+ 		if (o2 >= buf_size) return;
++		if (CHECKOVERFLOW(o2,buf_size,12)) return;
+ 		exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataOlympus",
+ 			"Parsing Nikon maker note v2 (0x%02x, %02x, %02x, "
+ 			"%02x, %02x, %02x, %02x, %02x)...",
+@@ -406,7 +412,8 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 	}
+ 
+ 	/* Sanity check the offset */
+-	if ((o2 + 2 < o2) || (o2 + 2 < 2) || (o2 + 2 > buf_size)) {
++
++	if (CHECKOVERFLOW(o2,buf_size,2)) {
+ 		exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 			  "ExifMnoteOlympus", "Short MakerNote");
+ 		return;
+@@ -430,7 +437,7 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 	tcount = 0;
+ 	for (i = c, o = o2; i; --i, o += 12) {
+ 		size_t s;
+-		if ((o + 12 < o) || (o + 12 < 12) || (o + 12 > buf_size)) {
++		if (CHECKOVERFLOW(o, buf_size, 12)) {
+ 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				  "ExifMnoteOlympus", "Short MakerNote");
+ 			break;
+@@ -451,6 +458,15 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 		    n->entries[tcount].components,
+ 		    (int)exif_format_get_size(n->entries[tcount].format)); */
+ 
++	    /* Check if we overflow the multiplication. Use buf_size as the max size for integer overflow detection,
++	     * we will check the buffer sizes closer later. */
++	    if (exif_format_get_size (n->entries[tcount].format) &&
++		buf_size / exif_format_get_size (n->entries[tcount].format) < n->entries[tcount].components
++	    ) {
++		exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifMnoteOlympus", "Tag size overflow detected (%u * %lu)", exif_format_get_size (n->entries[tcount].format), n->entries[tcount].components);
++		continue;
++	    }
++
+ 	    /*
+ 	     * Size? If bigger than 4 bytes, the actual data is not
+ 	     * in the entry but somewhere else (offset).
+@@ -469,7 +485,7 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 				 * tag in its MakerNote. The offset is actually the absolute
+ 				 * position in the file instead of the position within the IFD.
+ 				 */
+-			    if (dataofs + s > buf_size && n->version == sanyoV1) {
++			    if (dataofs > (buf_size - s) && n->version == sanyoV1) {
+ 					/* fix pointer */
+ 					dataofs -= datao + 6;
+ 					exif_log (en->log, EXIF_LOG_CODE_DEBUG,
+@@ -478,8 +494,7 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 			    }
+ #endif
+ 			}
+-			if ((dataofs + s < dataofs) || (dataofs + s < s) || 
+-			    (dataofs + s > buf_size)) {
++			if (CHECKOVERFLOW(dataofs, buf_size, s)) {
+ 				exif_log (en->log, EXIF_LOG_CODE_DEBUG,
+ 					  "ExifMnoteOlympus",
+ 					  "Tag data past end of buffer (%zu > %u)",
+diff --git a/libexif/pentax/exif-mnote-data-pentax.c b/libexif/pentax/exif-mnote-data-pentax.c
+index 38fbf64..f9eb69c 100644
+--- a/libexif/pentax/exif-mnote-data-pentax.c
++++ b/libexif/pentax/exif-mnote-data-pentax.c
+@@ -28,6 +28,8 @@
+ #include <libexif/exif-byte-order.h>
+ #include <libexif/exif-utils.h>
+ 
++#define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
++
+ static void
+ exif_mnote_data_pentax_clear (ExifMnoteDataPentax *n)
+ {
+@@ -224,7 +226,7 @@ exif_mnote_data_pentax_load (ExifMnoteData *en,
+ 		return;
+ 	}
+ 	datao = 6 + n->offset;
+-	if ((datao + 8 < datao) || (datao + 8 < 8) || (datao + 8 > buf_size)) {
++	if (CHECKOVERFLOW(datao, buf_size, 8)) {
+ 		exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 			  "ExifMnoteDataPentax", "Short MakerNote");
+ 		return;
+@@ -277,7 +279,7 @@ exif_mnote_data_pentax_load (ExifMnoteData *en,
+ 	tcount = 0;
+ 	for (i = c, o = datao; i; --i, o += 12) {
+ 		size_t s;
+-		if ((o + 12 < o) || (o + 12 < 12) || (o + 12 > buf_size)) {
++		if (CHECKOVERFLOW(o,buf_size,12)) {
+ 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				  "ExifMnoteDataPentax", "Short MakerNote");
+ 			break;
+@@ -292,6 +294,16 @@ exif_mnote_data_pentax_load (ExifMnoteData *en,
+ 			  "Loading entry 0x%x ('%s')...", n->entries[tcount].tag,
+ 			  mnote_pentax_tag_get_name (n->entries[tcount].tag));
+ 
++		/* Check if we overflow the multiplication. Use buf_size as the max size for integer overflow detection,
++		 * we will check the buffer sizes closer later. */
++		if (	exif_format_get_size (n->entries[tcount].format) &&
++			buf_size / exif_format_get_size (n->entries[tcount].format) < n->entries[tcount].components
++		) {
++			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
++				  "ExifMnoteDataPentax", "Tag size overflow detected (%u * %lu)", exif_format_get_size (n->entries[tcount].format), n->entries[tcount].components);
++			break;
++		}
++
+ 		/*
+ 		 * Size? If bigger than 4 bytes, the actual data is not
+ 		 * in the entry but somewhere else (offset).
+@@ -304,8 +316,7 @@ exif_mnote_data_pentax_load (ExifMnoteData *en,
+ 			if (s > 4)
+ 				/* The data in this case is merely a pointer */
+ 			   	dataofs = exif_get_long (buf + dataofs, n->order) + 6;
+-			if ((dataofs + s < dataofs) || (dataofs + s < s) ||
+-				(dataofs + s > buf_size)) {
++			if (CHECKOVERFLOW(dataofs, buf_size, s)) {
+ 				exif_log (en->log, EXIF_LOG_CODE_DEBUG,
+ 						  "ExifMnoteDataPentax", "Tag data past end "
+ 					  "of buffer (%zu > %u)", dataofs + s, buf_size);
diff --git a/Patches/LineageOS-14.1/android_external_libexif/323460.patch b/Patches/LineageOS-14.1/android_external_libexif/323460.patch
new file mode 100644
index 00000000..67e7236c
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libexif/323460.patch
@@ -0,0 +1,77 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jayant Chowdhary <jchowdhary@google.com>
+Date: Mon, 30 Aug 2021 22:12:01 +0000
+Subject: [PATCH] Ensure MakeNote data pointers are initialized with NULL.
+
+This is a cherry-pick of
+https://github.com/libexif/libexif/commit/ec412aa4583ad71ecabb967d3c77162760169d1f
+
+Bug: 196085005
+
+Test:  sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases
+      --test android.security.sts.CVE_2020_13113#testPocBug_196085005
+
+Change-Id: Iaed1a1161e4c026bee24337a0ef5f34d2efdb3cf
+Merged-In: Id106e79e829329145d27a93273241b58878bfac3
+Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>
+(cherry picked from commit 4ceb535b530fd8d0504c9df65c99045a71e12232)
+Merged-In:Iaed1a1161e4c026bee24337a0ef5f34d2efdb3cf
+---
+ libexif/canon/exif-mnote-data-canon.c     | 2 ++
+ libexif/fuji/exif-mnote-data-fuji.c       | 2 ++
+ libexif/olympus/exif-mnote-data-olympus.c | 2 ++
+ libexif/pentax/exif-mnote-data-pentax.c   | 2 ++
+ 4 files changed, 8 insertions(+)
+
+diff --git a/libexif/canon/exif-mnote-data-canon.c b/libexif/canon/exif-mnote-data-canon.c
+index 4396c53..6d97930 100644
+--- a/libexif/canon/exif-mnote-data-canon.c
++++ b/libexif/canon/exif-mnote-data-canon.c
+@@ -236,6 +236,8 @@ exif_mnote_data_canon_load (ExifMnoteData *ne,
+ 	tcount = 0;
+ 	for (i = c, o = datao; i; --i, o += 12) {
+ 		size_t s;
++
++		memset(&n->entries[tcount], 0, sizeof(MnoteCanonEntry));
+ 		if (CHECKOVERFLOW(o,buf_size,12)) {
+ 			exif_log (ne->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				"ExifMnoteCanon", "Short MakerNote");
+diff --git a/libexif/fuji/exif-mnote-data-fuji.c b/libexif/fuji/exif-mnote-data-fuji.c
+index 11ff8c3..3f3091b 100644
+--- a/libexif/fuji/exif-mnote-data-fuji.c
++++ b/libexif/fuji/exif-mnote-data-fuji.c
+@@ -196,6 +196,8 @@ exif_mnote_data_fuji_load (ExifMnoteData *en,
+ 	tcount = 0;
+ 	for (i = c, o = datao; i; --i, o += 12) {
+ 		size_t s;
++
++		memset(&n->entries[tcount], 0, sizeof(MnoteFujiEntry));
+ 		if (CHECKOVERFLOW(o, buf_size, 12)) {
+ 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				  "ExifMnoteDataFuji", "Short MakerNote");
+diff --git a/libexif/olympus/exif-mnote-data-olympus.c b/libexif/olympus/exif-mnote-data-olympus.c
+index e7bf984..493463b 100644
+--- a/libexif/olympus/exif-mnote-data-olympus.c
++++ b/libexif/olympus/exif-mnote-data-olympus.c
+@@ -437,6 +437,8 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
+ 	tcount = 0;
+ 	for (i = c, o = o2; i; --i, o += 12) {
+ 		size_t s;
++
++		memset(&n->entries[tcount], 0, sizeof(MnoteOlympusEntry));
+ 		if (CHECKOVERFLOW(o, buf_size, 12)) {
+ 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				  "ExifMnoteOlympus", "Short MakerNote");
+diff --git a/libexif/pentax/exif-mnote-data-pentax.c b/libexif/pentax/exif-mnote-data-pentax.c
+index f9eb69c..b4722d6 100644
+--- a/libexif/pentax/exif-mnote-data-pentax.c
++++ b/libexif/pentax/exif-mnote-data-pentax.c
+@@ -279,6 +279,8 @@ exif_mnote_data_pentax_load (ExifMnoteData *en,
+ 	tcount = 0;
+ 	for (i = c, o = datao; i; --i, o += 12) {
+ 		size_t s;
++
++		memset(&n->entries[tcount], 0, sizeof(MnotePentaxEntry));
+ 		if (CHECKOVERFLOW(o,buf_size,12)) {
+ 			exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ 				  "ExifMnoteDataPentax", "Short MakerNote");
diff --git a/Patches/LineageOS-14.1/android_external_libexif/323461.patch b/Patches/LineageOS-14.1/android_external_libexif/323461.patch
new file mode 100644
index 00000000..ee0e9abf
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libexif/323461.patch
@@ -0,0 +1,80 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jayant Chowdhary <jchowdhary@google.com>
+Date: Fri, 12 Nov 2021 18:22:59 +0000
+Subject: [PATCH] Zero initialize ExifMnoteData<vendor> during construction
+ with exif_mnote_data_<vendor>_new.
+
+This is in order to not have an uninitialized 'mem' pointer in parent
+ExifMnoteData after construction, when a non default ExifMem is used.
+
+Bug: 205915333
+Bug: 196085005
+
+Test: create exif_mnote_data_<vendor>_new with non default exif mem using
+      malloc debug; use exif_mem pointer from previously created
+      ExifMnoteData, client app doesn't crash.
+
+Change-Id: I35a393cdfb03755109aaa8f725b0792aef359dc6
+Merged-In: Id106e79e829329145d27a93273241b58878bfac3
+Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>
+(cherry picked from commit c9da78d8d9f302c767b366ef256e24fa32f8784f)
+Merged-In:I35a393cdfb03755109aaa8f725b0792aef359dc6
+---
+ libexif/canon/exif-mnote-data-canon.c     | 2 ++
+ libexif/fuji/exif-mnote-data-fuji.c       | 2 ++
+ libexif/olympus/exif-mnote-data-olympus.c | 2 ++
+ libexif/pentax/exif-mnote-data-pentax.c   | 2 ++
+ 4 files changed, 8 insertions(+)
+
+diff --git a/libexif/canon/exif-mnote-data-canon.c b/libexif/canon/exif-mnote-data-canon.c
+index 6d97930..3a0778c 100644
+--- a/libexif/canon/exif-mnote-data-canon.c
++++ b/libexif/canon/exif-mnote-data-canon.c
+@@ -384,6 +384,8 @@ exif_mnote_data_canon_new (ExifMem *mem, ExifDataOption o)
+ 	if (!d)
+ 		return NULL;
+ 
++        memset(d, 0, sizeof(ExifMnoteDataCanon));
++
+ 	exif_mnote_data_construct (d, mem);
+ 
+ 	/* Set up function pointers */
+diff --git a/libexif/fuji/exif-mnote-data-fuji.c b/libexif/fuji/exif-mnote-data-fuji.c
+index 3f3091b..ce70bb6 100644
+--- a/libexif/fuji/exif-mnote-data-fuji.c
++++ b/libexif/fuji/exif-mnote-data-fuji.c
+@@ -342,6 +342,8 @@ exif_mnote_data_fuji_new (ExifMem *mem)
+ 	d = exif_mem_alloc (mem, sizeof (ExifMnoteDataFuji));
+ 	if (!d) return NULL;
+ 
++        memset(d, 0, sizeof(ExifMnoteDataFuji));
++
+ 	exif_mnote_data_construct (d, mem);
+ 
+ 	/* Set up function pointers */
+diff --git a/libexif/olympus/exif-mnote-data-olympus.c b/libexif/olympus/exif-mnote-data-olympus.c
+index 493463b..f11616c 100644
+--- a/libexif/olympus/exif-mnote-data-olympus.c
++++ b/libexif/olympus/exif-mnote-data-olympus.c
+@@ -657,6 +657,8 @@ exif_mnote_data_olympus_new (ExifMem *mem)
+ 	d = exif_mem_alloc (mem, sizeof (ExifMnoteDataOlympus));
+ 	if (!d) return NULL;
+ 
++        memset(d, 0, sizeof(ExifMnoteDataOlympus));
++
+ 	exif_mnote_data_construct (d, mem);
+ 
+ 	/* Set up function pointers */
+diff --git a/libexif/pentax/exif-mnote-data-pentax.c b/libexif/pentax/exif-mnote-data-pentax.c
+index b4722d6..3676563 100644
+--- a/libexif/pentax/exif-mnote-data-pentax.c
++++ b/libexif/pentax/exif-mnote-data-pentax.c
+@@ -443,6 +443,8 @@ exif_mnote_data_pentax_new (ExifMem *mem)
+ 	d = exif_mem_alloc (mem, sizeof (ExifMnoteDataPentax));
+ 	if (!d) return NULL;
+ 
++        memset(d, 0, sizeof(ExifMnoteDataPentax));
++
+ 	exif_mnote_data_construct (d, mem);
+ 
+ 	/* Set up function pointers */
diff --git a/Patches/LineageOS-14.1/android_external_libnfc-nci/317037.patch b/Patches/LineageOS-14.1/android_external_libnfc-nci/317037.patch
new file mode 100644
index 00000000..74040319
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libnfc-nci/317037.patch
@@ -0,0 +1,203 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alisher Alikhodjaev <alisher@google.com>
+Date: Wed, 25 Aug 2021 17:33:04 -0700
+Subject: [PATCH] Type confusion due to race condition on tag type change
+
+Pending timers need to be canceled before a tag type is changed.
+
+Bug: 192472262
+Test: build ok
+Merged-In: Icd4b5a1615dac4548c6343344e17d7f087c7c057
+Merged-In: Iebfcaf9d269381ef2ba14a26e6124f173d2299ec
+Merged-In: I93c36bf0f6b92e33a5d03d7420251f5bcf112d66
+Change-Id: Ied6cb8c73f4ed60e847b94c18cebad87f7c37463
+(cherry picked from commit c46f6bae6eead08db2cf8802597d6a79abecd61d)
+---
+ src/nfa/rw/nfa_rw_main.c | 47 ++++++++++++++++++++++++++++++++++++++++
+ src/nfc/int/rw_int.h     | 10 +++++++++
+ src/nfc/tags/rw_main.c   | 35 ++++++++++++++++++++++++++++++
+ 3 files changed, 92 insertions(+)
+
+diff --git a/src/nfa/rw/nfa_rw_main.c b/src/nfa/rw/nfa_rw_main.c
+index 2176c08..800eb06 100644
+--- a/src/nfa/rw/nfa_rw_main.c
++++ b/src/nfa/rw/nfa_rw_main.c
+@@ -28,6 +28,7 @@
+ #include "nfa_rw_int.h"
+ #include "nfa_dm_int.h"
+ #include "nfa_sys_int.h"
++#include "rw_int.h"
+ 
+ /* NFA_RW control block */
+ tNFA_RW_CB nfa_rw_cb;
+@@ -93,6 +94,52 @@ void nfa_rw_init (void)
+ *******************************************************************************/
+ void nfa_rw_sys_disable (void)
+ {
++    tRW_T1T_CB* p_t1t;
++    tRW_T2T_CB* p_t2t;
++    tRW_T3T_CB* p_t3t;
++    tRW_T4T_CB* p_t4t;
++    tRW_I93_CB* p_i93;
++
++    switch (rw_cb.tcb_type) {
++      case RW_CB_TYPE_T1T:
++        p_t1t = &rw_cb.tcb.t1t;
++        if (p_t1t->p_cur_cmd_buf != NULL) {
++          GKI_freebuf(p_t1t->p_cur_cmd_buf);
++          p_t1t->p_cur_cmd_buf = NULL;
++        }
++        break;
++      case RW_CB_TYPE_T2T:
++        p_t2t = &rw_cb.tcb.t2t;
++        if (p_t2t->p_cur_cmd_buf != NULL) {
++          GKI_freebuf(p_t2t->p_cur_cmd_buf);
++          p_t2t->p_cur_cmd_buf = NULL;
++        }
++        if (p_t2t->p_sec_cmd_buf != NULL) {
++          GKI_freebuf(p_t2t->p_sec_cmd_buf);
++          p_t2t->p_sec_cmd_buf = NULL;
++        }
++        break;
++      case RW_CB_TYPE_T3T:
++        p_t3t = &rw_cb.tcb.t3t;
++        if (p_t3t->p_cur_cmd_buf != NULL) {
++          GKI_freebuf(p_t3t->p_cur_cmd_buf);
++          p_t3t->p_cur_cmd_buf = NULL;
++        }
++        break;
++      case RW_CB_TYPE_T4T: /* do nothing */
++        p_t4t = &rw_cb.tcb.t4t;
++        break;
++      case RW_CB_TYPE_T5T:
++        p_i93 = &rw_cb.tcb.i93;
++        if (p_i93->p_retry_cmd != NULL) {
++          GKI_freebuf(p_i93->p_retry_cmd);
++          p_i93->p_retry_cmd = NULL;
++        }
++        break;
++      default: /* do nothing */
++        break;
++    }
++
+     /* Return to idle */
+     NFC_SetStaticRfCback (NULL);
+ 
+diff --git a/src/nfc/int/rw_int.h b/src/nfc/int/rw_int.h
+index ef07b47..013dcab 100644
+--- a/src/nfc/int/rw_int.h
++++ b/src/nfc/int/rw_int.h
+@@ -570,9 +570,19 @@ typedef union
+     tRW_I93_CB          i93;
+ } tRW_TCB;
+ 
++/* RW callback type */
++#define RW_CB_TYPE_UNKNOWN 0
++#define RW_CB_TYPE_T1T 1
++#define RW_CB_TYPE_T2T 2
++#define RW_CB_TYPE_T3T 3
++#define RW_CB_TYPE_T4T 4
++#define RW_CB_TYPE_T5T 5
++typedef uint8_t tRW_CB_TYPE;
++
+ /* RW control blocks */
+ typedef struct
+ {
++    tRW_CB_TYPE         tcb_type;
+     tRW_TCB             tcb;
+     tRW_CBACK           *p_cback;
+     UINT32              cur_retry;          /* Retry count for the current operation */
+diff --git a/src/nfc/tags/rw_main.c b/src/nfc/tags/rw_main.c
+index d9fe097..b1dcd34 100644
+--- a/src/nfc/tags/rw_main.c
++++ b/src/nfc/tags/rw_main.c
+@@ -30,6 +30,7 @@
+ 
+ #if (NFC_INCLUDED == TRUE)
+ #include "nfc_api.h"
++#include "nfc_int.h"
+ #include "nci_hmsgs.h"
+ #include "rw_api.h"
+ #include "rw_int.h"
+@@ -218,6 +219,34 @@ tNFC_STATUS RW_SetActivatedTagType (tNFC_ACTIVATE_DEVT *p_activate_params, tRW_C
+         return (NFC_STATUS_FAILED);
+     }
+ 
++    switch (rw_cb.tcb_type) {
++      case RW_CB_TYPE_T1T: {
++        nfc_stop_quick_timer(&rw_cb.tcb.t1t.timer);
++        break;
++      }
++      case RW_CB_TYPE_T2T: {
++        nfc_stop_quick_timer(&rw_cb.tcb.t2t.t2_timer);
++        break;
++      }
++      case RW_CB_TYPE_T3T: {
++        nfc_stop_quick_timer(&rw_cb.tcb.t3t.timer);
++        nfc_stop_quick_timer(&rw_cb.tcb.t3t.poll_timer);
++        break;
++      }
++      case RW_CB_TYPE_T4T: {
++        nfc_stop_quick_timer(&rw_cb.tcb.t4t.timer);
++        break;
++      }
++      case RW_CB_TYPE_T5T: {
++        nfc_stop_quick_timer(&rw_cb.tcb.i93.timer);
++        break;
++      }
++      case RW_CB_TYPE_UNKNOWN: {
++        break;
++      }
++    }
++
++
+     /* Reset tag-specific area of control block */
+     memset (&rw_cb.tcb, 0, sizeof (tRW_TCB));
+ 
+@@ -233,6 +262,7 @@ tNFC_STATUS RW_SetActivatedTagType (tNFC_ACTIVATE_DEVT *p_activate_params, tRW_C
+         /* Type1Tag    - NFC-A */
+         if (p_activate_params->rf_tech_param.mode == NFC_DISCOVERY_TYPE_POLL_A)
+         {
++            rw_cb.tcb_type = RW_CB_TYPE_T1T;
+             status = rw_t1t_select (p_activate_params->rf_tech_param.param.pa.hr,
+                                     p_activate_params->rf_tech_param.param.pa.nfcid1);
+         }
+@@ -242,6 +272,7 @@ tNFC_STATUS RW_SetActivatedTagType (tNFC_ACTIVATE_DEVT *p_activate_params, tRW_C
+         /* Type2Tag    - NFC-A */
+         if (p_activate_params->rf_tech_param.mode == NFC_DISCOVERY_TYPE_POLL_A)
+         {
++            rw_cb.tcb_type = RW_CB_TYPE_T2T;
+             if (p_activate_params->rf_tech_param.param.pa.sel_rsp == NFC_SEL_RES_NFC_FORUM_T2T)
+                 status      = rw_t2t_select ();
+         }
+@@ -251,6 +282,7 @@ tNFC_STATUS RW_SetActivatedTagType (tNFC_ACTIVATE_DEVT *p_activate_params, tRW_C
+         /* Type3Tag    - NFC-F */
+         if (p_activate_params->rf_tech_param.mode == NFC_DISCOVERY_TYPE_POLL_F)
+         {
++            rw_cb.tcb_type = RW_CB_TYPE_T3T;
+             status = rw_t3t_select (p_activate_params->rf_tech_param.param.pf.nfcid2,
+                                     p_activate_params->rf_tech_param.param.pf.mrti_check,
+                                     p_activate_params->rf_tech_param.param.pf.mrti_update);
+@@ -262,6 +294,7 @@ tNFC_STATUS RW_SetActivatedTagType (tNFC_ACTIVATE_DEVT *p_activate_params, tRW_C
+         if (  (p_activate_params->rf_tech_param.mode == NFC_DISCOVERY_TYPE_POLL_B)
+             ||(p_activate_params->rf_tech_param.mode == NFC_DISCOVERY_TYPE_POLL_A)  )
+         {
++            rw_cb.tcb_type = RW_CB_TYPE_T4T;
+             status          = rw_t4t_select ();
+         }
+     }
+@@ -270,12 +303,14 @@ tNFC_STATUS RW_SetActivatedTagType (tNFC_ACTIVATE_DEVT *p_activate_params, tRW_C
+         /* ISO 15693 */
+         if (p_activate_params->rf_tech_param.mode == NFC_DISCOVERY_TYPE_POLL_ISO15693)
+         {
++            rw_cb.tcb_type = RW_CB_TYPE_T5T;
+             status          = rw_i93_select (p_activate_params->rf_tech_param.param.pi93.uid);
+         }
+     }
+     /* TODO set up callback for proprietary protocol */
+     else
+     {
++        rw_cb.tcb_type = RW_CB_TYPE_UNKNOWN;
+         RW_TRACE_ERROR0 ("RW_SetActivatedTagType Invalid protocol");
+     }
+ 
diff --git a/Patches/LineageOS-14.1/android_external_libnfc-nci/318515.patch b/Patches/LineageOS-14.1/android_external_libnfc-nci/318515.patch
new file mode 100644
index 00000000..6c46f134
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libnfc-nci/318515.patch
@@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alisher Alikhodjaev <alisher@google.com>
+Date: Tue, 4 May 2021 17:46:57 -0700
+Subject: [PATCH] OOBW in phNxpNciHal_process_ext_rsp
+
+Bug: 181584626
+Bug: 181660091
+Bug: 181660093
+Test: build ok
+Change-Id: I05959cc1bbba12aab896fd93684ce163217e599d
+(cherry picked from commit 528b21d3443efd763313a446624ea985f3d46722)
+---
+ halimpl/pn54x/hal/phNxpNciHal_ext.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/halimpl/pn54x/hal/phNxpNciHal_ext.c b/halimpl/pn54x/hal/phNxpNciHal_ext.c
+index b7c3159..bb667e9 100644
+--- a/halimpl/pn54x/hal/phNxpNciHal_ext.c
++++ b/halimpl/pn54x/hal/phNxpNciHal_ext.c
+@@ -323,6 +323,11 @@ NFCSTATUS phNxpNciHal_process_ext_rsp (uint8_t *p_ntf, uint16_t *p_len)
+         {
+             icode_send_eof = 0;
+         }
++        if (*p_len <= (p_ntf[2] + 2)) {
++            android_errorWriteLog(0x534e4554, "181660091");
++            NXPLOG_NCIHAL_E("length error!");
++            return NFCSTATUS_FAILED;
++        }
+         if (p_ntf[p_ntf[2]+ 2] == 0x00)
+         {
+             NXPLOG_NCIHAL_D ("> Going through workaround - data of ISO 15693");
+@@ -352,7 +357,7 @@ NFCSTATUS phNxpNciHal_process_ext_rsp (uint8_t *p_ntf, uint16_t *p_len)
+                 p_ntf[2] == 0x01 &&
+                 p_ntf[3] == 0x06 )
+     {
+-        NXPLOG_NCIHAL_D ("> Deinit workaround for LLCP set_config 0x%x 0x%x 0x%x", p_ntf[21], p_ntf[22], p_ntf[23]);
++        /* NXPLOG_NCIHAL_D ("> Deinit workaround for LLCP set_config 0x%x 0x%x 0x%x", p_ntf[21], p_ntf[22], p_ntf[23]); */
+         p_ntf[0] = 0x40;
+         p_ntf[1] = 0x02;
+         p_ntf[2] = 0x02;
diff --git a/Patches/LineageOS-14.1/android_external_libnfc-nci/332458.patch b/Patches/LineageOS-14.1/android_external_libnfc-nci/332458.patch
new file mode 100644
index 00000000..cd137a7d
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libnfc-nci/332458.patch
@@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alisher Alikhodjaev <alisher@google.com>
+Date: Thu, 17 Mar 2022 15:39:20 -0700
+Subject: [PATCH] Out of Bounds Read in nfa_dm_check_set_config
+
+Bug: 221216105
+Test: build ok
+Change-Id: I1930de8531f6c15e6be400a7b1ab3e7cf86b4229
+(cherry picked from commit 88c5c267e889699c71412022e3fcb03d20100e99)
+Merged-In: I1930de8531f6c15e6be400a7b1ab3e7cf86b4229
+---
+ src/nfa/dm/nfa_dm_main.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/nfa/dm/nfa_dm_main.c b/src/nfa/dm/nfa_dm_main.c
+index e146009..3f21261 100644
+--- a/src/nfa/dm/nfa_dm_main.c
++++ b/src/nfa/dm/nfa_dm_main.c
+@@ -28,6 +28,7 @@
+ #include "nfa_sys.h"
+ #include "nfa_dm_int.h"
+ #include "nfa_sys_int.h"
++#include <log/log.h>
+ 
+ 
+ /*****************************************************************************
+@@ -247,6 +248,13 @@ tNFA_STATUS nfa_dm_check_set_config (UINT8 tlv_list_len, UINT8 *p_tlv_list, BOOL
+         len     = *(p_tlv_list + xx + 1);
+         p_value = p_tlv_list + xx + 2;
+         p_cur_len = NULL;
++        if (len > (tlv_list_len - xx - 2))
++        {
++            NFA_TRACE_ERROR2 ("error: invalid TLV length: t:0x%x, l:%d",
++                                       type, len);
++            android_errorWriteLog(0x534e4554, "221216105");
++            return NFA_STATUS_FAILED;
++        }
+ 
+         switch (type)
+         {
diff --git a/Patches/LineageOS-14.1/android_external_libnfc-nci/332459.patch b/Patches/LineageOS-14.1/android_external_libnfc-nci/332459.patch
new file mode 100644
index 00000000..4ee590d4
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libnfc-nci/332459.patch
@@ -0,0 +1,31 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alisher Alikhodjaev <alisher@google.com>
+Date: Mon, 21 Mar 2022 19:31:28 -0700
+Subject: [PATCH] OOBR in nfc_ncif_proc_ee_discover_req()
+
+Bug: 221856662
+Test: build ok
+Change-Id: If4b4872e4101fc65172596b4f7579b259b6f6b63
+(cherry picked from commit 1c6ab25b3d76c2ced764dc649bec6cf05aecd198)
+Merged-In: If4b4872e4101fc65172596b4f7579b259b6f6b63
+---
+ src/nfc/nfc/nfc_ncif.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/nfc/nfc/nfc_ncif.c b/src/nfc/nfc/nfc_ncif.c
+index 95de9d1..dd89d46 100644
+--- a/src/nfc/nfc/nfc_ncif.c
++++ b/src/nfc/nfc/nfc_ncif.c
+@@ -1136,6 +1136,12 @@ void nfc_ncif_proc_ee_discover_req (UINT8 *p, UINT16 plen)
+     UINT8                       u8;
+ 
+     NFC_TRACE_DEBUG2 ("nfc_ncif_proc_ee_discover_req %d len:%d", *p, plen);
++    if (!plen)
++    {
++        android_errorWriteLog(0x534e4554, "221856662");
++        return;
++    }
++
+     if (p_cback)
+     {
+         u8  = *p;
diff --git a/Patches/LineageOS-14.1/android_external_libnfc-nci/332460.patch b/Patches/LineageOS-14.1/android_external_libnfc-nci/332460.patch
new file mode 100644
index 00000000..0fc9c7b8
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_libnfc-nci/332460.patch
@@ -0,0 +1,26 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alisher Alikhodjaev <alisher@google.com>
+Date: Tue, 8 Mar 2022 17:27:34 -0800
+Subject: [PATCH] Double Free in ce_t4t_data_cback
+
+Bug: 221862119
+Test: build ok
+Change-Id: If12f98033b8c1bc1b57b27d338fa33b6a3cce640
+(cherry picked from commit 2fcf7d677bcebae5a00db43938460bcce267149e)
+Merged-In: If12f98033b8c1bc1b57b27d338fa33b6a3cce640
+---
+ src/nfc/tags/ce_t4t.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/nfc/tags/ce_t4t.c b/src/nfc/tags/ce_t4t.c
+index 98870e7..2e34c6c 100644
+--- a/src/nfc/tags/ce_t4t.c
++++ b/src/nfc/tags/ce_t4t.c
+@@ -701,6 +701,7 @@ static void ce_t4t_data_cback (UINT8 conn_id, tNFC_CONN_EVT event, tNFC_CONN *p_
+         {
+             GKI_freebuf (p_c_apdu);
+             ce_t4t_send_status (T4T_RSP_NOT_FOUND);
++            return;
+         }
+     }
+     else if (ce_cb.mem.t4t.status & CE_T4T_STATUS_WILDCARD_AID_SELECTED)
diff --git a/Patches/LineageOS-14.1/android_external_sonivox/317038.patch b/Patches/LineageOS-14.1/android_external_sonivox/317038.patch
new file mode 100644
index 00000000..78481ba1
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_sonivox/317038.patch
@@ -0,0 +1,70 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Aayush Soni <aayush.soni@ittiam.com>
+Date: Mon, 5 Jul 2021 10:11:29 +0530
+Subject: [PATCH] sonivox: Fix global buffer overflow in WT_InterpolateNoLoop
+
+Check for loop end before accessing new samples
+
+Bug: 190286685
+
+Test: POC in bug description
+
+Change-Id: I26a187d161d713c1a1b1b3009256acfd9e263fb3
+(cherry picked from commit 8bfcd9c03af5170b5003712fb77f096b5c9f341b)
+---
+ arm-wt-22k/lib_src/eas_wtengine.c | 16 ++++++++++++----
+ 1 file changed, 12 insertions(+), 4 deletions(-)
+
+diff --git a/arm-wt-22k/lib_src/eas_wtengine.c b/arm-wt-22k/lib_src/eas_wtengine.c
+index 854d4b4..68a0400 100644
+--- a/arm-wt-22k/lib_src/eas_wtengine.c
++++ b/arm-wt-22k/lib_src/eas_wtengine.c
+@@ -282,6 +282,7 @@ void WT_InterpolateNoLoop (S_WT_VOICE *pWTVoice, S_WT_INT_FRAME *pWTIntFrame)
+     EAS_I32 phaseFrac;
+     EAS_I32 acc0;
+     const EAS_SAMPLE *pSamples;
++    const EAS_SAMPLE *bufferEndP1;
+     EAS_I32 samp1;
+     EAS_I32 samp2;
+     EAS_I32 numSamples;
+@@ -296,8 +297,9 @@ void WT_InterpolateNoLoop (S_WT_VOICE *pWTVoice, S_WT_INT_FRAME *pWTIntFrame)
+     pOutputBuffer = pWTIntFrame->pAudioBuffer;
+ 
+     phaseInc = pWTIntFrame->frame.phaseIncrement;
++    bufferEndP1 = (const EAS_SAMPLE*) pWTVoice->loopEnd + 1;
+     pSamples = (const EAS_SAMPLE*) pWTVoice->phaseAccum;
+-    phaseFrac = (EAS_I32)pWTVoice->phaseFrac;
++    phaseFrac = (EAS_I32)(pWTVoice->phaseFrac & PHASE_FRAC_MASK);
+ 
+     /* fetch adjacent samples */
+ #if defined(_8_BIT_SAMPLES)
+@@ -312,6 +314,7 @@ void WT_InterpolateNoLoop (S_WT_VOICE *pWTVoice, S_WT_INT_FRAME *pWTIntFrame)
+ 
+     while (numSamples--) {
+ 
++        EAS_I32 nextSamplePhaseInc;
+ 
+         /* linear interpolation */
+         acc0 = samp2 - samp1;
+@@ -326,13 +329,18 @@ void WT_InterpolateNoLoop (S_WT_VOICE *pWTVoice, S_WT_INT_FRAME *pWTIntFrame)
+         /* increment phase */
+         phaseFrac += phaseInc;
+         /*lint -e{704} <avoid divide>*/
+-        acc0 = phaseFrac >> NUM_PHASE_FRAC_BITS;
++        nextSamplePhaseInc = phaseFrac >> NUM_PHASE_FRAC_BITS;
+ 
+         /* next sample */
+-        if (acc0 > 0) {
++        if (nextSamplePhaseInc > 0) {
++
++            /* check for loop end */
++            if ( &pSamples[nextSamplePhaseInc+1] >= bufferEndP1) {
++                break;
++            }
+ 
+             /* advance sample pointer */
+-            pSamples += acc0;
++            pSamples += nextSamplePhaseInc;
+             phaseFrac = (EAS_I32)((EAS_U32)phaseFrac & PHASE_FRAC_MASK);
+ 
+             /* fetch new samples */
diff --git a/Patches/LineageOS-14.1/android_external_tremolo/319986.patch b/Patches/LineageOS-14.1/android_external_tremolo/319986.patch
new file mode 100644
index 00000000..fd986282
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_external_tremolo/319986.patch
@@ -0,0 +1,78 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Harish Mahendrakar <harish.mahendrakar@ittiam.com>
+Date: Wed, 15 Sep 2021 18:40:53 -0700
+Subject: [PATCH] handle cases where order isn't a multiple of dimension
+
+loop around vorbis_book_decodev_set() didn't support a case where
+info->order wasn't an integer multple of dimension.
+
+vorbis_book_decodev_set() is now updated to handle the loop inside
+with appropriate checks added.
+
+Other functions vorbis_book_decode_*() have appropriate checks where
+they are called. So added a comment for those.
+
+This fix is similar to the one in Xiph tremor project's
+commit 80661a13c93a01f25b8df4e89fecad0eee69ddcc
+
+Bug: 199065614
+Test: clusterfuzz generated poc in bug
+Test: atest VorbisDecoderTest -- --enable-module-dynamic-download=true
+Test: atest VtsHalMediaC2V1_0TargetAudioDecTest
+Test: atest CtsMediaV2TestCases -- --module-arg  CtsMediaV2TestCases:\
+ instrumentation-arg:codec-prefix:=c2.android.vorbis.decoder
+
+Change-Id: Ibb94e7fc361e843caad7f7620229377dc1f8dd73
+(cherry picked from commit 42aa2b936a078e2f69725e95009affcc93cb0f98)
+---
+ Tremolo/codebook.c | 5 +++++
+ Tremolo/floor0.c   | 5 ++---
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/Tremolo/codebook.c b/Tremolo/codebook.c
+index a06302d..de6f3cb 100644
+--- a/Tremolo/codebook.c
++++ b/Tremolo/codebook.c
+@@ -838,6 +838,7 @@ static int decode_map(codebook *s, oggpack_buffer *b, ogg_int32_t *v, int point)
+ #endif
+ 
+ /* returns 0 on OK or -1 on eof *************************************/
++/* decode vector / dim granularity gaurding is done in the upper layer */
+ long vorbis_book_decodevs_add(codebook *book,ogg_int32_t *a,
+                               oggpack_buffer *b,int n,int point){
+   if(book->used_entries>0){
+@@ -855,6 +856,7 @@ long vorbis_book_decodevs_add(codebook *book,ogg_int32_t *a,
+   return 0;
+ }
+ 
++/* decode vector / dim granularity gaurding is done in the upper layer */
+ long vorbis_book_decodev_add(codebook *book,ogg_int32_t *a,
+                              oggpack_buffer *b,int n,int point){
+   if(book->used_entries>0){
+@@ -871,6 +873,9 @@ long vorbis_book_decodev_add(codebook *book,ogg_int32_t *a,
+   return 0;
+ }
+ 
++/* unlike the others, we guard against n not being an integer number
++   of <dim> internally rather than in the upper layer (called only by
++   floor0) */
+ long vorbis_book_decodev_set(codebook *book,ogg_int32_t *a,
+                              oggpack_buffer *b,int n,int point){
+   if(book->used_entries>0){
+diff --git a/Tremolo/floor0.c b/Tremolo/floor0.c
+index b6ece29..812c720 100644
+--- a/Tremolo/floor0.c
++++ b/Tremolo/floor0.c
+@@ -419,10 +419,9 @@ ogg_int32_t *floor0_inverse1(vorbis_dsp_state *vd,vorbis_info_floor *i,
+       }
+       ogg_int32_t last=0;
+ 
+-      for(j=0;j<info->order;j+=b->dim)
+-        if(vorbis_book_decodev_set(b,lsp+j,&vd->opb,b->dim,-24)==-1)goto eop;
++      if(vorbis_book_decodev_set(b,lsp,&vd->opb,info->order,-24)==-1)goto eop;
+       for(j=0;j<info->order;){
+-        for(k=0;k<b->dim;k++,j++)lsp[j]+=last;
++        for(k=0;k<b->dim && j<info->order;k++,j++)lsp[j]+=last;
+         last=lsp[j-1];
+       }
+ 
diff --git a/Patches/LineageOS-14.1/android_frameworks_av/319987.patch b/Patches/LineageOS-14.1/android_frameworks_av/319987.patch
new file mode 100644
index 00000000..dc4afaa3
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_av/319987.patch
@@ -0,0 +1,72 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Santiago Seifert <aquilescanta@google.com>
+Date: Thu, 2 Sep 2021 10:29:09 +0100
+Subject: [PATCH] Fix heap-buffer-overflow in MPEG4Extractor
+
+Caused by the extractor assuming that sample size will never exceed
+the declared max input size (as in AMEDIAFORMAT_KEY_MAX_INPUT_SIZE).
+
+Bug: 188893559
+Test: Ran the fuzzer using the bug's testcase.
+Change-Id: I31f2b9a4f1b561c4466c76ea2af8dd532622102a
+Merged-In: I31f2b9a4f1b561c4466c76ea2af8dd532622102a
+(cherry picked from commit 621f0e12017a2d057aeaa1937e979ce61b2ac3cf)
+(cherry picked from commit d13a4efc7a5c07c95a00036a7db15b16116b41a5)
+---
+ media/libstagefright/MPEG4Extractor.cpp | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/media/libstagefright/MPEG4Extractor.cpp b/media/libstagefright/MPEG4Extractor.cpp
+index 989ce75e15..805ff486bb 100644
+--- a/media/libstagefright/MPEG4Extractor.cpp
++++ b/media/libstagefright/MPEG4Extractor.cpp
+@@ -149,6 +149,7 @@ private:
+ 
+     bool mWantsNALFragments;
+ 
++    size_t mSrcBufferSize;
+     uint8_t *mSrcBuffer;
+ 
+     size_t parseNALSize(const uint8_t *data) const;
+@@ -3763,6 +3764,7 @@ MPEG4Source::MPEG4Source(
+       mGroup(NULL),
+       mBuffer(NULL),
+       mWantsNALFragments(false),
++      mSrcBufferSize(0),
+       mSrcBuffer(NULL) {
+ #ifdef DOLBY_ENABLE
+       ALOGV("@DDP MPEG4Source::MPEG4Source");
+@@ -3876,6 +3878,7 @@ status_t MPEG4Source::start(MetaData *params) {
+         mGroup = NULL;
+         return ERROR_MALFORMED;
+     }
++    mSrcBufferSize = max_size;
+ 
+     mStarted = true;
+ 
+@@ -3892,6 +3895,7 @@ status_t MPEG4Source::stop() {
+         mBuffer = NULL;
+     }
+ 
++    mSrcBufferSize = 0;
+     delete[] mSrcBuffer;
+     mSrcBuffer = NULL;
+ 
+@@ -4727,11 +4731,15 @@ status_t MPEG4Source::read(
+         ssize_t num_bytes_read = 0;
+         int32_t drm = 0;
+         bool usesDRM = (mFormat->findInt32(kKeyIsDRM, &drm) && drm != 0);
+-        if (usesDRM) {
++        if (usesDRM && size <= mBuffer->size()) {
+             num_bytes_read =
+                 mDataSource->readAt(offset, (uint8_t*)mBuffer->data(), size);
+-        } else {
++        } else if (!usesDRM && size <= mSrcBufferSize) {
+             num_bytes_read = mDataSource->readAt(offset, mSrcBuffer, size);
++        } else {
++            // The sample is larger than the expected maximum size. Fall through and let the failure
++            // be handled by the following if.
++            android_errorWriteLog(0x534e4554, "188893559");
+         }
+ 
+         if (num_bytes_read < (ssize_t)size) {
diff --git a/Patches/LineageOS-14.1/android_frameworks_av/321222.patch b/Patches/LineageOS-14.1/android_frameworks_av/321222.patch
new file mode 100644
index 00000000..2c80eed7
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_av/321222.patch
@@ -0,0 +1,53 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Gopalakrishnan Nallasamy <gokrishnan@google.com>
+Date: Wed, 29 Sep 2021 08:24:26 -0700
+Subject: [PATCH] SimpleDecodingSource:Prevent OOB write in heap mem
+
+doRead() doesn't handle situations when received byte do not fit into
+input buffer in case of vorbis audio compression. It results in OOB
+write in heap memory right after the allocated input buffer. Added
+code to copy kKeyValidSamples only if there was enough space.
+Otherwise, print a warning log.
+
+Bug: 194105348
+
+Test: post-submit media cts tests
+Change-Id: I2b27580deff9ad937b68703a1e7c3ff2a6dccc60
+(cherry picked from commit a625b40e1c210f1e8ed57962eee9f70cef06fb1b)
+(cherry picked from commit f3590a1b18d8cde4ac1cbc135c1022816096438d)
+Merged-In:I2b27580deff9ad937b68703a1e7c3ff2a6dccc60
+---
+ media/libstagefright/SimpleDecodingSource.cpp | 11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/media/libstagefright/SimpleDecodingSource.cpp b/media/libstagefright/SimpleDecodingSource.cpp
+index 2503a3205d..66e17c9c31 100644
+--- a/media/libstagefright/SimpleDecodingSource.cpp
++++ b/media/libstagefright/SimpleDecodingSource.cpp
+@@ -292,18 +292,23 @@ status_t SimpleDecodingSource::doRead(
+                 }
+                 size_t cpLen = min(in_buf->range_length(), in_buffer->capacity());
+                 memcpy(in_buffer->base(), (uint8_t *)in_buf->data() + in_buf->range_offset(),
+-                        cpLen );
++                        cpLen);
+ 
+                 if (mIsVorbis) {
+                     int32_t numPageSamples;
+                     if (!in_buf->meta_data()->findInt32(kKeyValidSamples, &numPageSamples)) {
+                         numPageSamples = -1;
+                     }
+-                    memcpy(in_buffer->base() + cpLen, &numPageSamples, sizeof(numPageSamples));
++                    if (cpLen + sizeof(numPageSamples) <= in_buffer->capacity()) {
++                        memcpy(in_buffer->base() + cpLen, &numPageSamples, sizeof(numPageSamples));
++                        cpLen += sizeof(numPageSamples);
++                    } else {
++                        ALOGW("Didn't have enough space to copy kKeyValidSamples");
++                    }
+                 }
+ 
+                 res = mCodec->queueInputBuffer(
+-                        in_ix, 0 /* offset */, in_buf->range_length() + (mIsVorbis ? 4 : 0),
++                        in_ix, 0 /* offset */, cpLen,
+                         timestampUs, 0 /* flags */);
+                 if (res != OK) {
+                     ALOGI("[%s] failed to queue input buffer #%zu", mComponentName.c_str(), in_ix);
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/315712.patch b/Patches/LineageOS-14.1/android_frameworks_base/315712.patch
new file mode 100644
index 00000000..cde89255
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/315712.patch
@@ -0,0 +1,68 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jorim Jaggi <jjaggi@google.com>
+Date: Thu, 20 May 2021 18:35:30 +0200
+Subject: [PATCH] Fix race condition between lockNow() and
+ updateLockscreenTimeout
+
+If updateLockscreenTimeout gets called before the Runnable queued
+from lockNow gets executed, lockNow request will be ignored. Fix
+this by not clearing out the runnable if it's pending lock request.
+
+Test: Switch user, ensure lockscreen comes up
+Bug: 161149543
+Change-Id: Ie486396fd7328edf8ca0912df92524bb82a1fb7f
+(cherry picked from commit 875fa991aac0f3bbd5c66327408ceae60a24a6b3)
+Merged-In: Ie486396fd7328edf8ca0912df92524bb82a1fb7f
+(cherry picked from commit 1692babe5e60b4e10f23d4960455ccbff6616ba3)
+---
+ .../android/server/policy/PhoneWindowManager.java    | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/services/core/java/com/android/server/policy/PhoneWindowManager.java b/services/core/java/com/android/server/policy/PhoneWindowManager.java
+index 67949ef13137..6a22c505beb3 100644
+--- a/services/core/java/com/android/server/policy/PhoneWindowManager.java
++++ b/services/core/java/com/android/server/policy/PhoneWindowManager.java
+@@ -853,6 +853,8 @@ public class PhoneWindowManager implements WindowManagerPolicy {
+ 
+     private final List<DeviceKeyHandler> mDeviceKeyHandlers = new ArrayList<>();
+ 
++    private boolean mLockNowPending = false;
++
+     private static final int MSG_ENABLE_POINTER_LOCATION = 1;
+     private static final int MSG_DISABLE_POINTER_LOCATION = 2;
+     private static final int MSG_DISPATCH_MEDIA_KEY_WITH_WAKE_LOCK = 3;
+@@ -8199,6 +8201,7 @@ public class PhoneWindowManager implements WindowManagerPolicy {
+                     mKeyguardDelegate.doKeyguardTimeout(options);
+                 }
+                 mLockScreenTimerActive = false;
++                mLockNowPending = false;
+                 options = null;
+             }
+         }
+@@ -8208,7 +8211,7 @@ public class PhoneWindowManager implements WindowManagerPolicy {
+         }
+     }
+ 
+-    ScreenLockTimeout mScreenLockTimeout = new ScreenLockTimeout();
++    final ScreenLockTimeout mScreenLockTimeout = new ScreenLockTimeout();
+ 
+     @Override
+     public void lockNow(Bundle options) {
+@@ -8220,10 +8223,17 @@ public class PhoneWindowManager implements WindowManagerPolicy {
+             mScreenLockTimeout.setLockOptions(options);
+         }
+         mHandler.post(mScreenLockTimeout);
++        synchronized (mScreenLockTimeout) {
++            mLockNowPending = true;
++        }
+     }
+ 
+     private void updateLockScreenTimeout() {
+         synchronized (mScreenLockTimeout) {
++            if (mLockNowPending) {
++                Log.w(TAG, "lockNow pending, ignore updating lockscreen timeout");
++                return;
++            }
+             boolean enable = (mAllowLockscreenWhenOn && mAwake &&
+                     mKeyguardDelegate != null && mKeyguardDelegate.isSecure(mCurrentUserId));
+             if (mLockScreenTimerActive != enable) {
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/315713.patch b/Patches/LineageOS-14.1/android_frameworks_base/315713.patch
new file mode 100644
index 00000000..de9328d0
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/315713.patch
@@ -0,0 +1,49 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Seigo Nonaka <nona@google.com>
+Date: Tue, 8 Jun 2021 16:12:39 -0700
+Subject: [PATCH] Improve ellipsize performance
+
+Instead of iterate all ellipsized characters, only iterate the necessary
+ranges for copying.
+
+Bug: 188913943
+Test: atest CtsTextTestCases CtsGraphicsTestCases CtsWidgetTestCases
+Change-Id: I3d03b1e3897e427c23fbe51315f412c57a4ce9e9
+Merged-In: I3d03b1e3897e427c23fbe51315f412c57a4ce9e9
+(cherry picked from commit ae1912b62f7dfa361acfbe472cb8a49cd60f746e)
+---
+ core/java/android/text/Layout.java | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/core/java/android/text/Layout.java b/core/java/android/text/Layout.java
+index 0999b982d990..11e5fab2ebb3 100644
+--- a/core/java/android/text/Layout.java
++++ b/core/java/android/text/Layout.java
+@@ -2054,20 +2054,20 @@ public abstract class Layout {
+         int ellipsisStart = getEllipsisStart(line);
+         int linestart = getLineStart(line);
+ 
+-        for (int i = ellipsisStart; i < ellipsisStart + ellipsisCount; i++) {
++        final int min = Math.max(0, start - ellipsisStart - linestart);
++        final int max = Math.min(ellipsisCount, end - ellipsisStart - linestart);
++
++        for (int i = min; i < max; i++) {
+             char c;
+ 
+-            if (i == ellipsisStart) {
++            if (i == 0) {
+                 c = getEllipsisChar(method); // ellipsis
+             } else {
+                 c = '\uFEFF'; // 0-width space
+             }
+ 
+-            int a = i + linestart;
+-
+-            if (a >= start && a < end) {
+-                dest[destoff + a - start] = c;
+-            }
++            int a = i + ellipsisStart + linestart;
++            dest[destoff + a - start] = c;
+         }
+     }
+ 
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/315740.patch b/Patches/LineageOS-14.1/android_frameworks_base/315740.patch
new file mode 100644
index 00000000..b1f2d39b
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/315740.patch
@@ -0,0 +1,50 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Christopher Tate <ctate@google.com>
+Date: Mon, 7 Jun 2021 15:02:45 -0700
+Subject: [PATCH] Fix side effects of trace-ipc and dumpheap commands
+
+These shell commands were implicitly deleting any client-named file for
+which the system uid had deletion capability.  They no longer do this,
+instead using only the client's own capabilities and file manipulation
+modes.
+
+Bug: 185398942
+Test: manual "adb shell cmd activity dumpheap system_server /data/system/last-fstrim"
+Test: atest CtsPermissionTestCases:ShellCommandPermissionTest
+
+[basilgello: Backport to LineageOS 14.1:
+ - Adjust file name,
+ - Do not remove file creation statements]
+Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
+
+Merged-In: Ie61ab2c3f4bfbd04de09ca99c1116d1129461e8f
+Change-Id: Ie61ab2c3f4bfbd04de09ca99c1116d1129461e8f
+(cherry picked from commit 6984eaa9f4a369228259047c2f797d022afb8f3b)
+---
+ cmds/am/src/com/android/commands/am/Am.java | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/cmds/am/src/com/android/commands/am/Am.java b/cmds/am/src/com/android/commands/am/Am.java
+index 618a7ed34708..ebf3d0b8a8fc 100644
+--- a/cmds/am/src/com/android/commands/am/Am.java
++++ b/cmds/am/src/com/android/commands/am/Am.java
+@@ -945,8 +945,8 @@ public class Am extends BaseCommand {
+         ParcelFileDescriptor fd = null;
+ 
+         try {
++            // Writes an error message to stderr on failure
+             File file = new File(filename);
+-            file.delete();
+             fd = openForSystemServer(file,
+                     ParcelFileDescriptor.MODE_CREATE |
+                             ParcelFileDescriptor.MODE_TRUNCATE |
+@@ -1094,8 +1094,8 @@ public class Am extends BaseCommand {
+         ParcelFileDescriptor fd = null;
+ 
+         try {
++            // Writes an error message to stderr on failure
+             File file = new File(heapFile);
+-            file.delete();
+             fd = openForSystemServer(file,
+                     ParcelFileDescriptor.MODE_CREATE |
+                     ParcelFileDescriptor.MODE_TRUNCATE |
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/315741.patch b/Patches/LineageOS-14.1/android_frameworks_base/315741.patch
new file mode 100644
index 00000000..d232a908
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/315741.patch
@@ -0,0 +1,65 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Steve Elliott <steell@google.com>
+Date: Tue, 22 Jun 2021 13:58:48 -0400
+Subject: [PATCH] Don't attach private Notification to A11yEvent when user
+ locked
+
+Fixes: 159624555
+Test: manual, atest
+Change-Id: Ib44f1d3695d2b31bee4f8ccae3f948c83f3b40b6
+Merged-In: Ib44f1d3695d2b31bee4f8ccae3f948c83f3b40b6
+(cherry picked from commit 54fbccc2934eae844550d851480d5448c2542f1d)
+(cherry picked from commit 93f167b8f577027f5744dc8c03c8f4c256735eb8)
+---
+ .../NotificationManagerService.java           | 23 +++++++++++++++----
+ 1 file changed, 18 insertions(+), 5 deletions(-)
+
+diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java
+index 4a827dc6cfef..7ced1f96cc49 100644
+--- a/services/core/java/com/android/server/notification/NotificationManagerService.java
++++ b/services/core/java/com/android/server/notification/NotificationManagerService.java
+@@ -3081,7 +3081,7 @@ public class NotificationManagerService extends SystemService {
+             if (!(record.isUpdate
+                     && (notification.flags & Notification.FLAG_ONLY_ALERT_ONCE) != 0)) {
+ 
+-                sendAccessibilityEvent(notification, record.sbn.getPackageName());
++                sendAccessibilityEvent(record);
+ 
+                 if (canBeep && hasValidSound) {
+                     boolean looping =
+@@ -3508,18 +3508,31 @@ public class NotificationManagerService extends SystemService {
+         return (x < low) ? low : ((x > high) ? high : x);
+     }
+ 
+-    void sendAccessibilityEvent(Notification notification, CharSequence packageName) {
++    void sendAccessibilityEvent(NotificationRecord record) {
+         AccessibilityManager manager = AccessibilityManager.getInstance(getContext());
+         if (!manager.isEnabled()) {
+             return;
+         }
+ 
+-        AccessibilityEvent event =
++        final Notification notification = record.getNotification();
++        final CharSequence packageName = record.sbn.getPackageName();
++        final AccessibilityEvent event =
+             AccessibilityEvent.obtain(AccessibilityEvent.TYPE_NOTIFICATION_STATE_CHANGED);
+         event.setPackageName(packageName);
+         event.setClassName(Notification.class.getName());
+-        event.setParcelableData(notification);
+-        CharSequence tickerText = notification.tickerText;
++        final int visibilityOverride = record.getPackageVisibilityOverride();
++        final int notifVisibility = visibilityOverride == NotificationManager.VISIBILITY_NO_OVERRIDE
++                ? notification.visibility : visibilityOverride;
++        final int userId = record.getUser().getIdentifier();
++        final boolean needPublic = userId >= 0 && mKeyguardManager.isDeviceLocked(userId);
++        if (needPublic && notifVisibility != Notification.VISIBILITY_PUBLIC) {
++            // Emit the public version if we're on the lockscreen and this notification isn't
++            // publicly visible.
++            event.setParcelableData(notification.publicVersion);
++        } else {
++            event.setParcelableData(notification);
++        }
++        final CharSequence tickerText = notification.tickerText;
+         if (!TextUtils.isEmpty(tickerText)) {
+             event.getText().add(tickerText);
+         }
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/317035.patch b/Patches/LineageOS-14.1/android_frameworks_base/317035.patch
new file mode 100644
index 00000000..89c9b86b
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/317035.patch
@@ -0,0 +1,41 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: John Reck <jreck@google.com>
+Date: Thu, 22 Apr 2021 16:55:09 -0400
+Subject: [PATCH] Fix a potential thread safety issue in VectorDrawable
+
+Bug: 158839504
+Bug: 185178568
+Test: speculative
+Change-Id: Id9f229f08fe5897dda25441fbaa15c98f8130de9
+(cherry picked from commit 32207ceb2fb408d06924b46919fc438477fddcf0)
+---
+ .../java/android/graphics/drawable/VectorDrawable.java | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/graphics/java/android/graphics/drawable/VectorDrawable.java b/graphics/java/android/graphics/drawable/VectorDrawable.java
+index d644beeb7d37..a182e5b8b71b 100644
+--- a/graphics/java/android/graphics/drawable/VectorDrawable.java
++++ b/graphics/java/android/graphics/drawable/VectorDrawable.java
+@@ -262,15 +262,19 @@ public class VectorDrawable extends Drawable {
+     private final Rect mTmpBounds = new Rect();
+ 
+     public VectorDrawable() {
+-        this(new VectorDrawableState(null), null);
++        this(null, null);
+     }
+ 
+     /**
+      * The one constructor to rule them all. This is called by all public
+      * constructors to set the state and initialize local properties.
+      */
+-    private VectorDrawable(@NonNull VectorDrawableState state, @Nullable Resources res) {
+-        mVectorState = state;
++    private VectorDrawable(@Nullable VectorDrawableState state, @Nullable Resources res) {
++        // As the mutable, not-thread-safe native instance is stored in VectorDrawableState, we
++        // need to always do a defensive copy even if mutate() isn't called. Otherwise
++        // draw() being called on 2 different VectorDrawable instances could still hit the same
++        // underlying native object.
++        mVectorState = new VectorDrawableState(state);
+         updateLocalState(res);
+     }
+ 
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/317036.patch b/Patches/LineageOS-14.1/android_frameworks_base/317036.patch
new file mode 100644
index 00000000..204f46ff
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/317036.patch
@@ -0,0 +1,63 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Rhed Jao <rhedjao@google.com>
+Date: Fri, 30 Jul 2021 15:52:05 +0800
+Subject: [PATCH] DO NOT MERGE Apply a maximum char count to the load label api
+
+The system is overwhelmed by an enormous label string returned by
+the load label api. This cl truncates the label string if it exceeds
+the maximum safe length.
+
+Also update the max safe label length to 1000 characters, which is
+enough.
+
+Bug: 67013844
+Test: atest PackageManagerTest
+Change-Id: Ia4d768cc93a47cfb8b6f7c4b6dc73abd801809bd
+Merged-in: Ia4d768cc93a47cfb8b6f7c4b6dc73abd801809bd
+(cherry picked from commit 7380c153b97bfa38a0dfa9cccc71062f6d6bd6f4)
+---
+ .../android/content/pm/PackageItemInfo.java     | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/core/java/android/content/pm/PackageItemInfo.java b/core/java/android/content/pm/PackageItemInfo.java
+index 73ae83e32f68..4ce6a8db2f3f 100644
+--- a/core/java/android/content/pm/PackageItemInfo.java
++++ b/core/java/android/content/pm/PackageItemInfo.java
+@@ -47,7 +47,7 @@ import java.util.Comparator;
+ public class PackageItemInfo {
+     private static final float MAX_LABEL_SIZE_PX = 500f;
+     /** The maximum length of a safe label, in characters */
+-    private static final int MAX_SAFE_LABEL_LENGTH = 50000;
++    private static final int MAX_SAFE_LABEL_LENGTH = 1000;
+ 
+     /**
+      * Public name of this item. From the "android:name" attribute.
+@@ -135,6 +135,12 @@ public class PackageItemInfo {
+      * item does not have a label, its name is returned.
+      */
+     public CharSequence loadLabel(PackageManager pm) {
++        // Trims the label string to the MAX_SAFE_LABEL_LENGTH. This is to prevent that the
++        // system is overwhelmed by an enormous string returned by the application.
++        return trimToSize(loadUnsafeLabel(pm), MAX_SAFE_LABEL_LENGTH);
++    }
++
++    private CharSequence loadUnsafeLabel(PackageManager pm) {
+         if (nonLocalizedLabel != null) {
+             return nonLocalizedLabel;
+         }
+@@ -212,6 +218,15 @@ public class PackageItemInfo {
+                 TextUtils.TruncateAt.END);
+     }
+ 
++    private CharSequence trimToSize(CharSequence label, int size) {
++        if (TextUtils.isEmpty(label) || label.length() <= size) return label;
++        if (Character.isHighSurrogate(label.charAt(size - 1))
++                && Character.isLowSurrogate(label.charAt(size))) {
++            size = size - 1;
++        }
++        return label.subSequence(0, size);
++    }
++
+     /**
+      * Retrieve the current graphical icon associated with this item.  This
+      * will call back on the given PackageManager to load the icon from
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/317049.patch b/Patches/LineageOS-14.1/android_frameworks_base/317049.patch
new file mode 100644
index 00000000..73ad79d1
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/317049.patch
@@ -0,0 +1,93 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Dmitry Dementyev <dementyev@google.com>
+Date: Thu, 17 Jun 2021 13:16:38 -0700
+Subject: [PATCH] Change ownership of the account request notification.
+
+Add "Permission requested by Application..." string.
+Test: manual
+Bug: 179338675
+
+Change-Id: Ib66ccc1b39bd1f3f8fa3b1efc38a9d413b72a321
+(cherry picked from commit 26de0c231ffb9fd8d22e80ca120c766c26276779)
+---
+ core/res/res/values/strings.xml               |  2 ++
+ core/res/res/values/symbols.xml               |  1 +
+ .../accounts/AccountManagerService.java       | 19 ++++++++++++++-----
+ 3 files changed, 17 insertions(+), 5 deletions(-)
+
+diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
+index d3df61ba1942..1e32ca2629d2 100755
+--- a/core/res/res/values/strings.xml
++++ b/core/res/res/values/strings.xml
+@@ -3309,6 +3309,8 @@
+     <string name="deny">Deny</string>
+     <string name="permission_request_notification_title">Permission requested</string>
+     <string name="permission_request_notification_with_subtitle">Permission requested\nfor account <xliff:g id="account" example="foo@gmail.com">%s</xliff:g>.</string>
++     <!-- Title and subtitle for notification shown when app request account access (two lines) [CHAR LIMIT=NONE] -->
++    <string name="permission_request_notification_for_app_with_subtitle">Permission requested by <xliff:g id="app" example="Gmail">%1$s</xliff:g>\nfor account <xliff:g id="account" example="foo@gmail.com">%2$s</xliff:g>.</string>
+ 
+     <!-- Message to show when an intent automatically switches users into the personal profile. -->
+     <string name="forward_intent_to_owner">You\'re using this app outside of your work profile</string>
+diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml
+index eeacb08436e2..71e388d48ba7 100755
+--- a/core/res/res/values/symbols.xml
++++ b/core/res/res/values/symbols.xml
+@@ -462,6 +462,7 @@
+   <java-symbol type="string" name="menu_space_shortcut_label" />
+   <java-symbol type="string" name="notification_title" />
+   <java-symbol type="string" name="permission_request_notification_with_subtitle" />
++  <java-symbol type="string" name="permission_request_notification_for_app_with_subtitle" />
+   <java-symbol type="string" name="prepend_shortcut_label" />
+   <java-symbol type="string" name="paste_as_plain_text" />
+   <java-symbol type="string" name="replace" />
+diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
+index 126955add01a..520a0d314318 100644
+--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
++++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
+@@ -502,7 +502,7 @@ public class AccountManagerService
+         if (!checkAccess || hasAccountAccess(account, packageName,
+                 UserHandle.getUserHandleForUid(uid))) {
+             cancelNotification(getCredentialPermissionNotificationId(account,
+-                    AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid), packageName,
++                    AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid),
+                     UserHandle.getUserHandleForUid(uid));
+         }
+     }
+@@ -2572,8 +2572,8 @@ public class AccountManagerService
+         String authTokenType = intent.getStringExtra(
+                 GrantCredentialsPermissionActivity.EXTRAS_AUTH_TOKEN_TYPE);
+         final String titleAndSubtitle =
+-                mContext.getString(R.string.permission_request_notification_with_subtitle,
+-                account.name);
++                mContext.getString(R.string.permission_request_notification_for_app_with_subtitle,
++                getApplicationLabel(packageName), account.name);
+         final int index = titleAndSubtitle.indexOf('\n');
+         String title = titleAndSubtitle;
+         String subtitle = "";
+@@ -2594,7 +2594,16 @@ public class AccountManagerService
+                         PendingIntent.FLAG_CANCEL_CURRENT, null, user))
+                 .build();
+         installNotification(getCredentialPermissionNotificationId(
+-                account, authTokenType, uid), n, packageName, user.getIdentifier());
++                account, authTokenType, uid), n, "android", user.getIdentifier());
++    }
++
++    private String getApplicationLabel(String packageName) {
++        try {
++            return mPackageManager.getApplicationLabel(
++                    mPackageManager.getApplicationInfo(packageName, 0)).toString();
++        } catch (PackageManager.NameNotFoundException e) {
++            return packageName;
++        }
+     }
+ 
+     private Intent newGrantCredentialsPermissionIntent(Account account, String packageName,
+@@ -3582,7 +3591,7 @@ public class AccountManagerService
+ 
+             private void handleAuthenticatorResponse(boolean accessGranted) throws RemoteException {
+                 cancelNotification(getCredentialPermissionNotificationId(account,
+-                        AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid), packageName,
++                        AccountManager.ACCOUNT_ACCESS_TOKEN_TYPE, uid),
+                         UserHandle.getUserHandleForUid(uid));
+                 if (callback != null) {
+                     Bundle result = new Bundle();
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/317050.patch b/Patches/LineageOS-14.1/android_frameworks_base/317050.patch
new file mode 100644
index 00000000..226ed2c6
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/317050.patch
@@ -0,0 +1,45 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: MahendaviAamir <mahendavi.aamirmohammedbhai@sasken.com>
+Date: Wed, 9 Jun 2021 17:10:42 +0530
+Subject: [PATCH] Send targeted broadcasts to prevent other apps from receiving
+ them.
+
+When sending broadcasts ACTION_SNOOZE_WARNING in NPMS, which may
+contain sensitive information, explicitly set the package name
+that should receive it to prevent other apps from receiving them.
+
+Bug: 177931370
+Test: manual
+Change-Id: I2a0a0dc09e27791de829bacfb2e865ffea993715
+Merged-In: I11d736771d859d2af27d5c84a502ab038974e2e2
+(cherry picked from commit fdbcf17a4eda04e3140b5d97658a3d4815abd9f5)
+---
+ .../com/android/server/net/NetworkPolicyManagerService.java | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+index fddfb003029b..c1111607f0dc 100644
+--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
++++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+@@ -1067,7 +1067,8 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
+                 builder.setDefaults(Notification.DEFAULT_ALL);
+                 builder.setPriority(Notification.PRIORITY_HIGH);
+ 
+-                final Intent snoozeIntent = buildSnoozeWarningIntent(policy.template);
++                final Intent snoozeIntent = buildSnoozeWarningIntent(policy.template,
++                        mContext.getPackageName());
+                 builder.setDeleteIntent(PendingIntent.getBroadcast(
+                         mContext, 0, snoozeIntent, PendingIntent.FLAG_UPDATE_CURRENT));
+ 
+@@ -3607,9 +3608,10 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
+         return new Intent(ACTION_ALLOW_BACKGROUND);
+     }
+ 
+-    private static Intent buildSnoozeWarningIntent(NetworkTemplate template) {
++    private static Intent buildSnoozeWarningIntent(NetworkTemplate template, String targetPackage) {
+         final Intent intent = new Intent(ACTION_SNOOZE_WARNING);
+         intent.putExtra(EXTRA_NETWORK_TEMPLATE, template);
++        intent.setPackage(targetPackage);
+         return intent;
+     }
+ 
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/318516.patch b/Patches/LineageOS-14.1/android_frameworks_base/318516.patch
new file mode 100644
index 00000000..e5855bce
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/318516.patch
@@ -0,0 +1,68 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jayant Chowdhary <jchowdhary@google.com>
+Date: Wed, 9 Jun 2021 14:34:54 -0700
+Subject: [PATCH] camera2: Fix exception swallowing in params classes
+ createFromParcel
+
+Do not catch exceptions when we attempt to create the following classes
+from a parcel
+- OutputConfiguration
+- VendorTagDescriptor
+- VendorTagDescriptorCache
+- SessionConfiguration
+This could cause subsequent parcel information to be read incorrectly.
+
+Bug: 188675581
+
+Test: Sample app which tries to write invalid data into an
+      OutputConfiguration parcel to send in an intent via Broadcast. When read by the receiving app,
+      gets an exception (not swallowed).
+
+Merged-In: I745ca49daa6ca36b1020d518e9f346b52684f2b1
+Change-Id: I745ca49daa6ca36b1020d518e9f346b52684f2b1
+Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>
+(cherry picked from commit 6b0bcd60c81003e6a193aeccf44ee03f188e3984)
+(cherry picked from commit 8a11538146d894264420d5baa554e3968496b020)
+---
+ .../hardware/camera2/params/OutputConfiguration.java      | 8 +-------
+ .../hardware/camera2/params/VendorTagDescriptor.java      | 8 +-------
+ 2 files changed, 2 insertions(+), 14 deletions(-)
+
+diff --git a/core/java/android/hardware/camera2/params/OutputConfiguration.java b/core/java/android/hardware/camera2/params/OutputConfiguration.java
+index 69c00e987302..15b64993912c 100644
+--- a/core/java/android/hardware/camera2/params/OutputConfiguration.java
++++ b/core/java/android/hardware/camera2/params/OutputConfiguration.java
+@@ -395,13 +395,7 @@ public final class OutputConfiguration implements Parcelable {
+             new Parcelable.Creator<OutputConfiguration>() {
+         @Override
+         public OutputConfiguration createFromParcel(Parcel source) {
+-            try {
+-                OutputConfiguration outputConfiguration = new OutputConfiguration(source);
+-                return outputConfiguration;
+-            } catch (Exception e) {
+-                Log.e(TAG, "Exception creating OutputConfiguration from parcel", e);
+-                return null;
+-            }
++            return new OutputConfiguration(source);
+         }
+ 
+         @Override
+diff --git a/core/java/android/hardware/camera2/params/VendorTagDescriptor.java b/core/java/android/hardware/camera2/params/VendorTagDescriptor.java
+index ea424e594081..893bde1e1430 100644
+--- a/core/java/android/hardware/camera2/params/VendorTagDescriptor.java
++++ b/core/java/android/hardware/camera2/params/VendorTagDescriptor.java
+@@ -36,13 +36,7 @@ public final class VendorTagDescriptor implements Parcelable {
+             new Parcelable.Creator<VendorTagDescriptor>() {
+         @Override
+         public VendorTagDescriptor createFromParcel(Parcel source) {
+-            try {
+-                VendorTagDescriptor vendorDescriptor = new VendorTagDescriptor(source);
+-                return vendorDescriptor;
+-            } catch (Exception e) {
+-                Log.e(TAG, "Exception creating VendorTagDescriptor from parcel", e);
+-                return null;
+-            }
++            return new VendorTagDescriptor(source);
+         }
+ 
+         @Override
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/318517.patch b/Patches/LineageOS-14.1/android_frameworks_base/318517.patch
new file mode 100644
index 00000000..bc593cf1
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/318517.patch
@@ -0,0 +1,37 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Hansong Zhang <hsz@google.com>
+Date: Wed, 18 Aug 2021 16:35:00 -0700
+Subject: [PATCH] DO NOT MERGE Bluetooth: Fix formatting in getAlias()
+
+Bug: 180747689
+Test: manual
+Change-Id: Ic309f4aad116fd424d5d0d0e2016d61be8826b78
+(cherry picked from commit 3bdad2df2e34c948bde80a51ae232c46848dab06)
+---
+ core/java/android/bluetooth/BluetoothDevice.java | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/core/java/android/bluetooth/BluetoothDevice.java b/core/java/android/bluetooth/BluetoothDevice.java
+index 3134445112f0..44fb652cabb0 100644
+--- a/core/java/android/bluetooth/BluetoothDevice.java
++++ b/core/java/android/bluetooth/BluetoothDevice.java
+@@ -770,8 +770,17 @@ public final class BluetoothDevice implements Parcelable {
+             return null;
+         }
+         try {
+-            return sService.getRemoteAlias(this);
+-        } catch (RemoteException e) {Log.e(TAG, "", e);}
++            String alias = sService.getRemoteAlias(this);
++            if (alias == null) {
++                return getName();
++            }
++            return alias
++                    .replace('\t', ' ')
++                    .replace('\n', ' ')
++                    .replace('\r', ' ');
++        } catch (RemoteException e) {
++            Log.e(TAG, "", e);
++        }
+         return null;
+     }
+ 
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/319988.patch b/Patches/LineageOS-14.1/android_frameworks_base/319988.patch
new file mode 100644
index 00000000..a6d6fa6e
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/319988.patch
@@ -0,0 +1,32 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Yu-Han Yang <yuhany@google.com>
+Date: Tue, 21 Sep 2021 12:29:34 -0700
+Subject: [PATCH] Fix serialization bug in GpsNavigationMessage
+
+Bug: 196970023
+Test: presubmits passing.
+Change-Id: I69f51eb2faac0cf2ee9f7a5f94f7100925f7221c
+(cherry picked from commit 8bcd86e6626a38df525507cd25044cc9592b9b0d)
+---
+ location/java/android/location/GpsNavigationMessage.java | 8 ++------
+ 1 file changed, 2 insertions(+), 6 deletions(-)
+
+diff --git a/location/java/android/location/GpsNavigationMessage.java b/location/java/android/location/GpsNavigationMessage.java
+index 5c3c71012cdd..16ac26d7852d 100644
+--- a/location/java/android/location/GpsNavigationMessage.java
++++ b/location/java/android/location/GpsNavigationMessage.java
+@@ -259,12 +259,8 @@ public class GpsNavigationMessage implements Parcelable {
+             parcel.readByteArray(data);
+             navigationMessage.setData(data);
+ 
+-            if (parcel.dataAvail() >= Integer.SIZE) {
+-                int status = parcel.readInt();
+-                navigationMessage.setStatus((short) status);
+-            } else {
+-                navigationMessage.setStatus(STATUS_UNKNOWN);
+-            }
++            int status = parcel.readInt();
++            navigationMessage.setStatus((short) status);
+ 
+             return navigationMessage;
+         }
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/322452.patch b/Patches/LineageOS-14.1/android_frameworks_base/322452.patch
new file mode 100644
index 00000000..46a78bb5
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/322452.patch
@@ -0,0 +1,106 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: tiansiming <tiansiming@xiaomi.com>
+Date: Wed, 20 Sep 2017 13:59:13 +0800
+Subject: [PATCH] Fix another AddAccountSettings memory leak
+
+The memory leak will always occur in AddAccoutSettings
+when Bundle with an invalid intent returned in the addAccount we implement.
+
+Bug:https://issuetracker.google.com/issues/66088681
+Test:Install the app through the github offered in above link,
+then press the "Test" item in ChooseAccountActivity (adb shell am start -n
+'com.android.settings/.accounts.ChooseAccountActivity') serveal times.
+Check the activity number by "adb shell dumpsys meminfo com.android.settings".
+
+Change-Id: Id15fc73521d0ddc6ca891b6029ad04cd4427dbfe
+Signed-off-by: tiansiming <tiansiming@xiaomi.com>
+---
+ .../accounts/AccountManagerService.java       | 36 +++++++++++++------
+ 1 file changed, 25 insertions(+), 11 deletions(-)
+
+diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
+index 520a0d314318..dd3e4d9cb17c 100644
+--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
++++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
+@@ -2530,9 +2530,13 @@ public class AccountManagerService
+                              * have users launching arbitrary activities by tricking users to
+                              * interact with malicious notifications.
+                              */
+-                            checkKeyIntent(
++                            if (!checkKeyIntent(
+                                     Binder.getCallingUid(),
+-                                    intent);
++                                    intent)) {
++                                onError(AccountManager.ERROR_CODE_INVALID_RESPONSE,
++                                        "invalid intent in bundle returned");
++                                return;
++                            }
+                             doNotification(mAccounts,
+                                     account, result.getString(AccountManager.KEY_AUTH_FAILED_MESSAGE),
+                                     intent, "android", accounts.userId);
+@@ -2941,9 +2945,13 @@ public class AccountManagerService
+             Intent intent = null;
+             if (result != null
+                     && (intent = result.getParcelable(AccountManager.KEY_INTENT)) != null) {
+-                checkKeyIntent(
++                if (!checkKeyIntent(
+                         Binder.getCallingUid(),
+-                        intent);
++                        intent)) {
++                    onError(AccountManager.ERROR_CODE_INVALID_RESPONSE,
++                            "invalid intent in bundle returned");
++                    return;
++                }
+             }
+             IAccountManagerResponse response;
+             if (mExpectActivityLaunch && result != null
+@@ -4209,9 +4217,7 @@ public class AccountManagerService
+          * into launching aribtrary intents on the device via by tricking to click authenticator
+          * supplied entries in the system Settings app.
+          */
+-        protected void checkKeyIntent(
+-                int authUid,
+-                Intent intent) throws SecurityException {
++        protected boolean checkKeyIntent(int authUid, Intent intent) {
+             intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION
+                     | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
+                     | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
+@@ -4220,6 +4226,9 @@ public class AccountManagerService
+             try {
+                 PackageManager pm = mContext.getPackageManager();
+                 ResolveInfo resolveInfo = pm.resolveActivityAsUser(intent, 0, mAccounts.userId);
++                if (resolveInfo == null) {
++                    return false;
++                }
+                 ActivityInfo targetActivityInfo = resolveInfo.activityInfo;
+                 int targetUid = targetActivityInfo.applicationInfo.uid;
+                 if (PackageManager.SIGNATURE_MATCH != pm.checkSignatures(authUid, targetUid)) {
+@@ -4227,9 +4236,10 @@ public class AccountManagerService
+                     String activityName = targetActivityInfo.name;
+                     String tmpl = "KEY_INTENT resolved to an Activity (%s) in a package (%s) that "
+                             + "does not share a signature with the supplying authenticator (%s).";
+-                    throw new SecurityException(
+-                            String.format(tmpl, activityName, pkgName, mAccountType));
++                    Log.e(TAG, String.format(tmpl, activityName, pkgName, mAccountType));
++                    return false;
+                 }
++                return true;
+             } finally {
+                 Binder.restoreCallingIdentity(bid);
+             }
+@@ -4378,9 +4388,13 @@ public class AccountManagerService
+             }
+             if (result != null
+                     && (intent = result.getParcelable(AccountManager.KEY_INTENT)) != null) {
+-                checkKeyIntent(
++                if (!checkKeyIntent(
+                         Binder.getCallingUid(),
+-                        intent);
++                        intent)) {
++                    onError(AccountManager.ERROR_CODE_INVALID_RESPONSE,
++                            "invalid intent in bundle returned");
++                    return;
++                }
+             }
+             if (result != null
+                     && !TextUtils.isEmpty(result.getString(AccountManager.KEY_AUTHTOKEN))) {
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/322453.patch b/Patches/LineageOS-14.1/android_frameworks_base/322453.patch
new file mode 100644
index 00000000..a20f5590
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/322453.patch
@@ -0,0 +1,44 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jeff Sharkey <jsharkey@android.com>
+Date: Thu, 23 Apr 2020 11:11:06 -0600
+Subject: [PATCH] Force-set a ClipData to prevent later migration.
+
+migrateExtraStreamToClipData() will only offer to promote Uri values
+if a ClipData isn't already defined, so we ensure that a ClipData
+value is always defined.  This blocks later promotion and granting.
+
+Bug: 200683077
+Bug: 123700107
+Test: manual
+Change-Id: I99c1411e8b4eb01eb27ac4306e3bf6cc88cb4273
+(cherry picked from commit 6ebf410b818c6a525130d5fcb72381217fec8e7a)
+(cherry picked from commit 3cf2b049867977916d29f1674f71e89b49ea1f69)
+Merged-In:I99c1411e8b4eb01eb27ac4306e3bf6cc88cb4273
+---
+ .../com/android/server/accounts/AccountManagerService.java  | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/services/core/java/com/android/server/accounts/AccountManagerService.java b/services/core/java/com/android/server/accounts/AccountManagerService.java
+index dd3e4d9cb17c..3aea365b7ced 100644
+--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
++++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
+@@ -47,6 +47,7 @@ import android.app.admin.DevicePolicyManager;
+ import android.app.admin.DevicePolicyManagerInternal;
+ import android.content.BroadcastReceiver;
+ import android.content.ComponentName;
++import android.content.ClipData;
+ import android.content.ContentValues;
+ import android.content.Context;
+ import android.content.Intent;
+@@ -4218,6 +4219,11 @@ public class AccountManagerService
+          * supplied entries in the system Settings app.
+          */
+         protected boolean checkKeyIntent(int authUid, Intent intent) {
++            // Explicitly set an empty ClipData to ensure that we don't offer to
++            // promote any Uris contained inside for granting purposes
++            if (intent.getClipData() == null) {
++                intent.setClipData(ClipData.newPlainText(null, null));
++            }
+             intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION
+                     | Intent.FLAG_GRANT_WRITE_URI_PERMISSION
+                     | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/322454.patch b/Patches/LineageOS-14.1/android_frameworks_base/322454.patch
new file mode 100644
index 00000000..5e82d2e7
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/322454.patch
@@ -0,0 +1,46 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Aseem Kumar <aseemk@google.com>
+Date: Mon, 17 May 2021 09:25:03 +0000
+Subject: [PATCH] Prevent apps from spamming addAccountExplicitly.
+
+See comment here for the discussion on solution
+https://b.corp.google.com/issues/169762606#comment14
+
+Change-Id: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253
+
+Bug: 169762606
+(cherry picked from commit 11053c17b397db67b20e96ce769508766cef7db9)
+
+Change-Id: I6494366a5695daedc3f4f0046da9e130a5363f5f
+Merged-In: If212df3a3b7be1de0fb26b8e88b2fcbb8077c253
+(cherry picked from commit 5beff34b5738ee050d04ff5786e8c883bb5585f8)
+Merged-In:I6494366a5695daedc3f4f0046da9e130a5363f5f
+---
+ core/java/android/accounts/Account.java | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/core/java/android/accounts/Account.java b/core/java/android/accounts/Account.java
+index 3f90f36fb2a1..1546ae14862d 100644
+--- a/core/java/android/accounts/Account.java
++++ b/core/java/android/accounts/Account.java
+@@ -28,6 +28,7 @@ import android.util.ArraySet;
+ import android.util.Log;
+ import com.android.internal.annotations.GuardedBy;
+ 
++import java.util.Objects;
+ import java.util.Set;
+ 
+ /**
+@@ -80,6 +81,12 @@ public class Account implements Parcelable {
+         if (TextUtils.isEmpty(type)) {
+             throw new IllegalArgumentException("the type must not be empty: " + type);
+         }
++        if (name.length() > 200) {
++            throw new IllegalArgumentException("account name is longer than 200 characters");
++        }
++        if (type.length() > 200) {
++            throw new IllegalArgumentException("account type is longer than 200 characters");
++        }
+         this.name = name;
+         this.type = type;
+         this.accessId = accessId;
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/331108.patch b/Patches/LineageOS-14.1/android_frameworks_base/331108.patch
new file mode 100644
index 00000000..8416ed9e
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/331108.patch
@@ -0,0 +1,87 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alex Buynytskyy <alexbuy@google.com>
+Date: Thu, 24 Feb 2022 21:40:13 -0800
+Subject: [PATCH] Always restart apps if base.apk gets updated.
+
+Bug: 219044664
+Fixes: 219044664
+Test: atest PackageManagerShellCommandTest
+Change-Id: I27a0c5009b2d5f1ea51618b9acfa1e6ccee71296
+Merged-In: I27a0c5009b2d5f1ea51618b9acfa1e6ccee71296
+(cherry picked from commit a5dd59db6d1889ae0aa95ef01bbf8c98e360a2f2)
+Merged-In: I27a0c5009b2d5f1ea51618b9acfa1e6ccee71296
+---
+ .../android/content/pm/IPackageInstallerSession.aidl |  2 ++
+ core/java/android/content/pm/PackageInstaller.java   | 12 ++++++++++++
+ .../android/server/pm/PackageInstallerSession.java   | 10 ++++++++++
+ 3 files changed, 24 insertions(+)
+
+diff --git a/core/java/android/content/pm/IPackageInstallerSession.aidl b/core/java/android/content/pm/IPackageInstallerSession.aidl
+index 2a3fac341e24..c612e6afc6e3 100644
+--- a/core/java/android/content/pm/IPackageInstallerSession.aidl
++++ b/core/java/android/content/pm/IPackageInstallerSession.aidl
+@@ -34,4 +34,6 @@ interface IPackageInstallerSession {
+     void close();
+     void commit(in IntentSender statusReceiver);
+     void abandon();
++
++    int getInstallFlags();
+ }
+diff --git a/core/java/android/content/pm/PackageInstaller.java b/core/java/android/content/pm/PackageInstaller.java
+index ed8143e36f03..3516590338c5 100644
+--- a/core/java/android/content/pm/PackageInstaller.java
++++ b/core/java/android/content/pm/PackageInstaller.java
+@@ -844,6 +844,18 @@ public class PackageInstaller {
+                 throw e.rethrowFromSystemServer();
+             }
+         }
++
++        /**
++         * @return Session's {@link SessionParams#installFlags}.
++         * @hide
++         */
++        public int getInstallFlags() {
++            try {
++                return mSession.getInstallFlags();
++            } catch (RemoteException e) {
++                throw e.rethrowFromSystemServer();
++            }
++        }
+     }
+ 
+     /**
+diff --git a/services/core/java/com/android/server/pm/PackageInstallerSession.java b/services/core/java/com/android/server/pm/PackageInstallerSession.java
+index 6eb7bcd9893a..d0721071e308 100644
+--- a/services/core/java/com/android/server/pm/PackageInstallerSession.java
++++ b/services/core/java/com/android/server/pm/PackageInstallerSession.java
+@@ -62,6 +62,7 @@ import android.system.OsConstants;
+ import android.system.StructStat;
+ import android.text.TextUtils;
+ import android.util.ArraySet;
++import android.util.EventLog;
+ import android.util.ExceptionUtils;
+ import android.util.MathUtils;
+ import android.util.Slog;
+@@ -808,6 +809,10 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
+             if (mResolvedBaseFile == null) {
+                 mResolvedBaseFile = new File(appInfo.getBaseCodePath());
+                 mResolvedInheritedFiles.add(mResolvedBaseFile);
++            } else if ((params.installFlags & PackageManager.INSTALL_DONT_KILL_APP) != 0) {
++                EventLog.writeEvent(0x534e4554, "219044664");
++                // Installing base.apk. Make sure the app is restarted.
++                params.setDontKillApp(false);
+             }
+ 
+             // Inherit splits if not overridden
+@@ -1136,6 +1141,11 @@ public class PackageInstallerSession extends IPackageInstallerSession.Stub {
+         dispatchSessionFinished(INSTALL_FAILED_ABORTED, "Session was abandoned", null);
+     }
+ 
++    @Override
++    public int getInstallFlags() {
++        return params.installFlags;
++    }
++
+     private void dispatchSessionFinished(int returnCode, String msg, Bundle extras) {
+         mFinalStatus = returnCode;
+         mFinalMessage = msg;
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/332444.patch b/Patches/LineageOS-14.1/android_frameworks_base/332444.patch
new file mode 100644
index 00000000..76720fcd
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/332444.patch
@@ -0,0 +1,36 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Selim Cinek <cinek@google.com>
+Date: Fri, 5 May 2017 14:45:11 -0700
+Subject: [PATCH] Fixed a concurrent modification crash
+
+Test: runtest -x packages/SystemUI/tests/src/com/android/systemui/settings/CurrentUserTrackerTest.java
+Change-Id: I23261843b7366d3a66a795a41c61b7661f7ca3a6
+Fixes: 38006784
+
+[syphyr: Backport to LineageOS 14.1: implement the actual fix only -
+without exposing private members for testing visibility]
+Signed-off-by: syphyr <syphyr@gmail.com>
+Change-Id: Iceb22cc9d93f893e12def6b4e6d2b8cfba9a1b9f
+---
+ .../com/android/systemui/settings/CurrentUserTracker.java | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/packages/SystemUI/src/com/android/systemui/settings/CurrentUserTracker.java b/packages/SystemUI/src/com/android/systemui/settings/CurrentUserTracker.java
+index 005206fcd14c..90d8b61b9157 100644
+--- a/packages/SystemUI/src/com/android/systemui/settings/CurrentUserTracker.java
++++ b/packages/SystemUI/src/com/android/systemui/settings/CurrentUserTracker.java
+@@ -105,8 +105,12 @@ public abstract class CurrentUserTracker {
+         private void notifyUserSwitched(int newUserId) {
+             if (mCurrentUserId != newUserId) {
+                 mCurrentUserId = newUserId;
+-                for (Consumer<Integer> consumer : mCallbacks) {
+-                    consumer.accept(newUserId);
++                List<Consumer<Integer>> callbacks = new ArrayList<>(mCallbacks);
++                for (Consumer<Integer> consumer : callbacks) {
++                    // Accepting may modify this list
++                    if (mCallbacks.contains(consumer)) {
++                        consumer.accept(newUserId);
++                    }
+                 }
+             }
+         }
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/332445.patch b/Patches/LineageOS-14.1/android_frameworks_base/332445.patch
new file mode 100644
index 00000000..a88b9006
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/332445.patch
@@ -0,0 +1,41 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Ayush Sharma <ayushsha@google.com>
+Date: Wed, 16 Mar 2022 10:32:23 +0000
+Subject: [PATCH] Fix security hole in GateKeeperResponse
+
+GateKeeperResponse has inconsistent writeToParcel() and
+createFromParcel() methods, making it possible for a malicious app to
+create a Bundle that changes contents after reserialization. Such
+Bundles can be used to execute Intents with system privileges.
+
+We fixed related issues previously for GateKeeperResponse class, but
+one of the case was remaining when payload is byte array of size 0,
+Fixing this case now.
+
+Bug: 220303465
+Test: With the POC provided in the bug.
+Change-Id: Ida28d611edd674e76ed39dd8037f52abcba82586
+Merged-In: Ida28d611edd674e76ed39dd8037f52abcba82586
+
+(cherry picked from commit 46653a91c30245ca29d41d69174813979a910496)
+
+Change-Id: I486348c7a01c6f59c952b20fb4a36429fff22958
+(cherry picked from commit 658c53c47c0d1b6a74d3c0a72372aaaba16c2516)
+Merged-In: I486348c7a01c6f59c952b20fb4a36429fff22958
+---
+ core/java/android/service/gatekeeper/GateKeeperResponse.java | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/core/java/android/service/gatekeeper/GateKeeperResponse.java b/core/java/android/service/gatekeeper/GateKeeperResponse.java
+index 6ca6d8ac7100..53baedc769fa 100644
+--- a/core/java/android/service/gatekeeper/GateKeeperResponse.java
++++ b/core/java/android/service/gatekeeper/GateKeeperResponse.java
+@@ -82,7 +82,7 @@ public final class GateKeeperResponse implements Parcelable {
+             dest.writeInt(mTimeout);
+         } else if (mResponseCode == RESPONSE_OK) {
+             dest.writeInt(mShouldReEnroll ? 1 : 0);
+-            if (mPayload != null) {
++            if (mPayload != null && mPayload.length > 0) {
+                 dest.writeInt(mPayload.length);
+                 dest.writeByteArray(mPayload);
+             } else {
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/332446.patch b/Patches/LineageOS-14.1/android_frameworks_base/332446.patch
new file mode 100644
index 00000000..164488bc
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/332446.patch
@@ -0,0 +1,45 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: David Christie <dnchrist@google.com>
+Date: Fri, 11 Mar 2022 01:13:31 +0000
+Subject: [PATCH] Update GeofenceHardwareRequestParcelable to match
+ parcel/unparcel format.
+
+Test: manual
+Bug: 216631962
+
+Change-Id: I3d6d1be9d6c312fe0bf98f600ff8fc9c617f8ec3
+(cherry picked from commit 3e1ffdb29417f4fb994587a013fa56c83e157f6f)
+Merged-In: I3d6d1be9d6c312fe0bf98f600ff8fc9c617f8ec3
+---
+ .../location/GeofenceHardwareRequestParcelable.java      | 9 +++------
+ 1 file changed, 3 insertions(+), 6 deletions(-)
+
+diff --git a/core/java/android/hardware/location/GeofenceHardwareRequestParcelable.java b/core/java/android/hardware/location/GeofenceHardwareRequestParcelable.java
+index d3311f5c8c5e..fc27d1de6372 100644
+--- a/core/java/android/hardware/location/GeofenceHardwareRequestParcelable.java
++++ b/core/java/android/hardware/location/GeofenceHardwareRequestParcelable.java
+@@ -16,9 +16,9 @@
+ 
+ package android.hardware.location;
+ 
++import android.os.BadParcelableException;
+ import android.os.Parcel;
+ import android.os.Parcelable;
+-import android.util.Log;
+ 
+ /**
+  * Geofence Hardware Request used for internal location services communication.
+@@ -139,11 +139,8 @@ public final class GeofenceHardwareRequestParcelable implements Parcelable {
+         @Override
+         public GeofenceHardwareRequestParcelable createFromParcel(Parcel parcel) {
+             int geofenceType = parcel.readInt();
+-            if(geofenceType != GeofenceHardwareRequest.GEOFENCE_TYPE_CIRCLE) {
+-                Log.e(
+-                        "GeofenceHardwareRequest",
+-                        String.format("Invalid Geofence type: %d", geofenceType));
+-                return null;
++            if (geofenceType != GeofenceHardwareRequest.GEOFENCE_TYPE_CIRCLE) {
++                throw new BadParcelableException("Invalid Geofence type: " + geofenceType);
+             }
+ 
+             GeofenceHardwareRequest request = GeofenceHardwareRequest.createCircularGeofence(
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/332447.patch b/Patches/LineageOS-14.1/android_frameworks_base/332447.patch
new file mode 100644
index 00000000..b23f36b6
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/332447.patch
@@ -0,0 +1,44 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Oli Lan <olilan@google.com>
+Date: Fri, 25 Mar 2022 10:02:41 +0000
+Subject: [PATCH] RESTRICT AUTOMERGE Prevent non-admin users from deleting
+ system apps.
+
+This addresses a security issue where the guest user can remove updates
+for system apps.
+
+With this CL, attempts to uninstall/downgrade system apps will fail if
+attempted by a non-admin user.
+
+This is a backport of ag/17352264.
+
+Bug: 170646036
+Test: manual, try uninstalling system app update as guest
+Change-Id: I5bbaaf83d035c500bfc02ff4b9b0e7fb1e7c2feb
+Merged-In: I4e959e296cca9bbdfc8fccc5e5e0e654ca524165
+(cherry picked from commit a7621e0ce00f1d140b375518e26cf75693314203)
+Merged-In: I5bbaaf83d035c500bfc02ff4b9b0e7fb1e7c2feb
+---
+ .../com/android/server/pm/PackageManagerService.java     | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
+index 2e63c6c4d4e3..9265358b8b37 100644
+--- a/services/core/java/com/android/server/pm/PackageManagerService.java
++++ b/services/core/java/com/android/server/pm/PackageManagerService.java
+@@ -16059,6 +16059,15 @@ public class PackageManagerService extends IPackageManager.Stub {
+                 Slog.w(TAG, "Not removing non-existent package " + packageName);
+                 return PackageManager.DELETE_FAILED_INTERNAL_ERROR;
+             }
++            if (isSystemApp(uninstalledPs)) {
++                UserInfo userInfo = sUserManager.getUserInfo(userId);
++                if (userInfo == null || !userInfo.isAdmin()) {
++                    Slog.w(TAG, "Not removing package " + packageName
++                            + " as only admin user may downgrade system apps");
++                    EventLog.writeEvent(0x534e4554, "170646036", -1, packageName);
++                    return PackageManager.DELETE_FAILED_USER_RESTRICTED;
++                }
++            }
+             allUsers = sUserManager.getUserIds();
+             info.origUsers = uninstalledPs.queryInstalledUsers(allUsers, true);
+         }
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/332448.patch b/Patches/LineageOS-14.1/android_frameworks_base/332448.patch
new file mode 100644
index 00000000..6a92aab3
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/332448.patch
@@ -0,0 +1,36 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Thomas Stuart <tjstuart@google.com>
+Date: Mon, 31 Jan 2022 20:31:42 +0000
+Subject: [PATCH] limit TelecomManager#registerPhoneAccount to 10; api doc
+ update
+
+bug: 209814693
+Bug: 217934478
+Test: CTS
+Change-Id: I8e4425a4e7de716f86b1f1f56ea605d93f357a57
+Merged-In: I8e4425a4e7de716f86b1f1f56ea605d93f357a57
+(cherry picked from commit f0f67b5a319efedbf8693b436a641fa65bc2d8be)
+Merged-In: I8e4425a4e7de716f86b1f1f56ea605d93f357a57
+---
+ telecomm/java/android/telecom/TelecomManager.java | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/telecomm/java/android/telecom/TelecomManager.java b/telecomm/java/android/telecom/TelecomManager.java
+index c06fb3aeb860..b05e0fc2752c 100644
+--- a/telecomm/java/android/telecom/TelecomManager.java
++++ b/telecomm/java/android/telecom/TelecomManager.java
+@@ -845,9 +845,14 @@ public class TelecomManager {
+      * when placing calls. The user may still need to enable the {@link PhoneAccount} within
+      * the phone app settings before the account is usable.
+      * <p>
++     * Note: Each package is limited to 10 {@link PhoneAccount} registrations.
++     * <p>
+      * A {@link SecurityException} will be thrown if an app tries to register a
+      * {@link PhoneAccountHandle} where the package name specified within
+      * {@link PhoneAccountHandle#getComponentName()} does not match the package name of the app.
++     * <p>
++     * A {@link IllegalArgumentException} will be thrown if an app tries to register a
++     * {@link PhoneAccount} when the upper bound limit, 10, has already been reached.
+      *
+      * @param account The complete {@link PhoneAccount}.
+      */
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/332449.patch b/Patches/LineageOS-14.1/android_frameworks_base/332449.patch
new file mode 100644
index 00000000..53c53b55
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/332449.patch
@@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Julia Reynolds <juliacr@google.com>
+Date: Tue, 1 Mar 2022 10:30:27 -0500
+Subject: [PATCH] DO NOT MERGE Add an OEM configurable limit for zen rules
+
+Test: ZenModeHelperTest
+Bug: 220735360
+Change-Id: I3da105951af90007bf48dc6cf00aed3e28778b36
+Merged-In: I3da105951af90007bf48dc6cf00aed3e28778b36
+(cherry picked from commit 3072d98c2dc2b709bd8ffc343c101557a53dd188)
+Merged-In: I3da105951af90007bf48dc6cf00aed3e28778b36
+---
+ .../com/android/server/notification/ZenModeHelper.java     | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/services/core/java/com/android/server/notification/ZenModeHelper.java b/services/core/java/com/android/server/notification/ZenModeHelper.java
+index c2d70c070ad4..eb883b486b09 100644
+--- a/services/core/java/com/android/server/notification/ZenModeHelper.java
++++ b/services/core/java/com/android/server/notification/ZenModeHelper.java
+@@ -85,6 +85,7 @@ public class ZenModeHelper {
+ 
+     // The amount of time rules instances can exist without their owning app being installed.
+     private static final int RULE_INSTANCE_GRACE_PERIOD = 1000 * 60 * 60 * 72;
++    static final int RULE_LIMIT_PER_PACKAGE = 100;
+ 
+     private final Context mContext;
+     private final H mHandler;
+@@ -294,8 +295,10 @@ public class ZenModeHelper {
+                 ruleInstanceLimit = owner.metaData.getInt(
+                         ConditionProviderService.META_DATA_RULE_INSTANCE_LIMIT, -1);
+             }
+-            if (ruleInstanceLimit > 0 && ruleInstanceLimit
+-                    < (getCurrentInstanceCount(automaticZenRule.getOwner()) + 1)) {
++            int newRuleInstanceCount = getCurrentInstanceCount(automaticZenRule.getOwner())
++                    + 1;
++            if (newRuleInstanceCount > RULE_LIMIT_PER_PACKAGE
++                    || (ruleInstanceLimit > 0 && ruleInstanceLimit < newRuleInstanceCount)) {
+                 throw new IllegalArgumentException("Rule instance limit exceeded");
+             }
+         }
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/334035.patch b/Patches/LineageOS-14.1/android_frameworks_base/334035.patch
new file mode 100644
index 00000000..ecf62153
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/334035.patch
@@ -0,0 +1,34 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Julia Reynolds <juliacr@google.com>
+Date: Wed, 7 Jul 2021 16:19:44 -0400
+Subject: [PATCH] DO NOT MERGE Crash invalid FGS notifications
+
+Test: CTS, ActivityManagerProcessStateTest
+Fixes: 191981182
+Change-Id: I13a0202b25c8118db47edba11a93c1939c94b392
+Merged-In: I13a0202b25c8118db47edba11a93c1939c94b392
+(cherry picked from commit 6f657f8f5b7d41af426d6cd8d60bfda6e12057c0)
+(cherry picked from commit b6b2906ea6472d182e6ae03c581a63802cd84f08)
+Merged-In: I13a0202b25c8118db47edba11a93c1939c94b392
+---
+ .../server/notification/NotificationManagerService.java    | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/services/core/java/com/android/server/notification/NotificationManagerService.java b/services/core/java/com/android/server/notification/NotificationManagerService.java
+index 7ced1f96cc49..84ea9ce7751a 100644
+--- a/services/core/java/com/android/server/notification/NotificationManagerService.java
++++ b/services/core/java/com/android/server/notification/NotificationManagerService.java
+@@ -2732,8 +2732,11 @@ public class NotificationManagerService extends SystemService {
+                     pkg, PackageManager.MATCH_DEBUG_TRIAGED_MISSING,
+                     (userId == UserHandle.USER_ALL) ? UserHandle.USER_SYSTEM : userId);
+             Notification.addFieldsFromContext(ai, userId, notification);
+-        } catch (NameNotFoundException e) {
+-            Slog.e(TAG, "Cannot create a context for sending app", e);
++        } catch (Exception e) {
++            if ((notification.flags & Notification.FLAG_FOREGROUND_SERVICE) != 0) {
++                throw new SecurityException("Invalid FGS notification", e);
++            }
++            Slog.e(TAG, "Cannot fix notification", e);
+             return;
+         }
+ 
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/334325.patch b/Patches/LineageOS-14.1/android_frameworks_base/334325.patch
new file mode 100644
index 00000000..b72f3121
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/334325.patch
@@ -0,0 +1,36 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Bin Wang <bin.wang@oppo.corp-partner.google.com>
+Date: Thu, 23 Jun 2022 16:00:24 +0800
+Subject: [PATCH] Modify conditions for preventing updated system apps from
+ being downgraded
+
+Add two conditions prior to deciding whether a specific user can downgrade system apps by deletePackageX.
+1.uninstalledPs must be a updated system app.
+2.deleteFlags does not contains PackageManager.DELETE_SYSTEM_APP, since flag PackageManager.DELETE_SYSTEM_APP
+will just mark the app as uninstalled for the specific user instead of uninstalling the update and rolling back
+to the older system version.
+
+Test: Update a system app and create some multi users; Then use command "pm uninstall --user ${userId} ${packageName}"
+to uninstall the system app for a specific user; The result is that the system app is marked as uninstalled for
+this specific user successfully
+
+Signed-off-by: Bin Wang <bin.wang@oppo.corp-partner.google.com>
+Change-Id: I2c6c8c4ad1b41995c4d7d0153a036edcfae03687
+---
+ .../core/java/com/android/server/pm/PackageManagerService.java | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
+index 9265358b8b37..e109337809cf 100644
+--- a/services/core/java/com/android/server/pm/PackageManagerService.java
++++ b/services/core/java/com/android/server/pm/PackageManagerService.java
+@@ -16059,7 +16059,8 @@ public class PackageManagerService extends IPackageManager.Stub {
+                 Slog.w(TAG, "Not removing non-existent package " + packageName);
+                 return PackageManager.DELETE_FAILED_INTERNAL_ERROR;
+             }
+-            if (isSystemApp(uninstalledPs)) {
++            if (isUpdatedSystemApp(uninstalledPs)
++                    && ((deleteFlags & PackageManager.DELETE_SYSTEM_APP) == 0)) {
+                 UserInfo userInfo = sUserManager.getUserInfo(userId);
+                 if (userInfo == null || !userInfo.isAdmin()) {
+                     Slog.w(TAG, "Not removing package " + packageName
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/334871.patch b/Patches/LineageOS-14.1/android_frameworks_base/334871.patch
new file mode 100644
index 00000000..0f351d8e
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/334871.patch
@@ -0,0 +1,128 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jeff Chang <chengjeff@google.com>
+Date: Wed, 29 Sep 2021 16:49:00 +0800
+Subject: [PATCH] Only allow system and same app to apply
+ relinquishTaskIdentity
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Any malicious application could hijack tasks by
+android:relinquishTaskIdentity. This vulnerability can perform UI
+spoofing or spy on user’s activities.
+
+This CL limit the usage which only allow system and same app to apply
+relinquishTaskIdentity
+
+Bug: 185810717
+Test: atest IntentTests
+      atest ActivityStarterTests
+Change-Id: I55fe8938cd9a0dd7c0268e1cfec89d4e95eee049
+(cherry picked from commit cd1f9e72cf9752c9a31e990822ab34ae3d475fec)
+Merged-In: I55fe8938cd9a0dd7c0268e1cfec89d4e95eee049
+---
+ .../com/android/server/am/TaskRecord.java     | 48 +++++++++++++++----
+ 1 file changed, 38 insertions(+), 10 deletions(-)
+
+diff --git a/services/core/java/com/android/server/am/TaskRecord.java b/services/core/java/com/android/server/am/TaskRecord.java
+index 3f6db990a5b5..1e64d9f8a5b5 100644
+--- a/services/core/java/com/android/server/am/TaskRecord.java
++++ b/services/core/java/com/android/server/am/TaskRecord.java
+@@ -38,6 +38,7 @@ import android.graphics.Point;
+ import android.graphics.Rect;
+ import android.os.Debug;
+ import android.os.ParcelFileDescriptor;
++import android.os.Process;
+ import android.os.RemoteException;
+ import android.os.UserHandle;
+ import android.provider.Settings;
+@@ -138,6 +139,11 @@ final class TaskRecord {
+     static final int INVALID_TASK_ID = -1;
+     static final int INVALID_MIN_SIZE = -1;
+ 
++    /**
++     * Used to identify if the activity that is installed from device's system image.
++     */
++    boolean mIsEffectivelySystemApp;
++
+     final int taskId;       // Unique identifier for this task.
+     String affinity;        // The affinity name for this task, or null; may change identity.
+     String rootAffinity;    // Initial base affinity, or null; does not change from initial root.
+@@ -389,9 +395,18 @@ final class TaskRecord {
+ 
+     /** Sets the original intent, and the calling uid and package. */
+     void setIntent(ActivityRecord r) {
+-        mCallingUid = r.launchedFromUid;
+-        mCallingPackage = r.launchedFromPackage;
+-        setIntent(r.intent, r.info);
++        boolean updateIdentity = false;
++        if (this.intent == null) {
++            updateIdentity = true;
++        } else if (!mNeverRelinquishIdentity) {
++            updateIdentity = (effectiveUid == Process.SYSTEM_UID || mIsEffectivelySystemApp
++                    || effectiveUid == r.info.applicationInfo.uid);
++        }
++        if (updateIdentity) {
++            mCallingUid = r.launchedFromUid;
++            mCallingPackage = r.launchedFromPackage;
++            setIntent(r.intent, r.info);
++        }
+     }
+ 
+     /** Sets the original intent, _without_ updating the calling uid or package. */
+@@ -411,6 +426,7 @@ final class TaskRecord {
+             rootAffinity = affinity;
+         }
+         effectiveUid = info.applicationInfo.uid;
++        mIsEffectivelySystemApp = info.applicationInfo.isSystemApp();
+         stringName = null;
+ 
+         if (info.targetActivity == null) {
+@@ -1055,12 +1071,12 @@ final class TaskRecord {
+         // utility activities.
+         int activityNdx;
+         final int numActivities = mActivities.size();
+-        final boolean relinquish = numActivities == 0 ? false :
+-                (mActivities.get(0).info.flags & ActivityInfo.FLAG_RELINQUISH_TASK_IDENTITY) != 0;
+-        for (activityNdx = Math.min(numActivities, 1); activityNdx < numActivities;
+-                ++activityNdx) {
++        for (activityNdx = 0; activityNdx < numActivities; ++activityNdx) {
+             final ActivityRecord r = mActivities.get(activityNdx);
+-            if (relinquish && (r.info.flags & ActivityInfo.FLAG_RELINQUISH_TASK_IDENTITY) == 0) {
++            if ((r.info.flags & ActivityInfo.FLAG_RELINQUISH_TASK_IDENTITY) == 0
++                    || (r.info.applicationInfo.uid != Process.SYSTEM_UID
++                    && !r.info.applicationInfo.isSystemApp()
++                    && r.info.applicationInfo.uid != effectiveUid)) {
+                 // This will be the top activity for determining taskDescription. Pre-inc to
+                 // overcome initial decrement below.
+                 ++activityNdx;
+@@ -1109,15 +1125,27 @@ final class TaskRecord {
+     int findEffectiveRootIndex() {
+         int effectiveNdx = 0;
+         final int topActivityNdx = mActivities.size() - 1;
++        ActivityRecord root = null;
+         for (int activityNdx = 0; activityNdx <= topActivityNdx; ++activityNdx) {
+             final ActivityRecord r = mActivities.get(activityNdx);
+             if (r.finishing) {
+                 continue;
+             }
+-            effectiveNdx = activityNdx;
+-            if ((r.info.flags & ActivityInfo.FLAG_RELINQUISH_TASK_IDENTITY) == 0) {
++
++            if (root == null) {
++                // Set this as the candidate root since it isn't finishing.
++                root = r;
++                effectiveNdx = activityNdx;
++            }
++            final int uid = root == r ? effectiveUid : r.info.applicationInfo.uid;
++            if ((root.info.flags & ActivityInfo.FLAG_RELINQUISH_TASK_IDENTITY) == 0
++                || (root.info.applicationInfo.uid != Process.SYSTEM_UID
++                    && !root.info.applicationInfo.isSystemApp()
++                    && root.info.applicationInfo.uid != uid)) {
+                 break;
+             }
++            effectiveNdx = activityNdx;
++            root = r;
+         }
+         return effectiveNdx;
+     }
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/334872.patch b/Patches/LineageOS-14.1/android_frameworks_base/334872.patch
new file mode 100644
index 00000000..a6c51118
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/334872.patch
@@ -0,0 +1,70 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: chiachangwang <chiachangwang@google.com>
+Date: Thu, 2 Jun 2022 10:22:20 +0000
+Subject: [PATCH] Stop using invalid URL to prevent unexpected crash
+
+Verify the input PAC Uri before performing follow-up actions.
+
+Check if the URL is a valid URL to filter some invalid URLs since
+these invalid URLs could not fall into any subclass of existing
+URLConnections. When the PAC Uri is other invalid URL scheme, it
+will cause an UnsupportedOperationException if there is no proper
+subclass that implements the openConnection() method.
+A malformed URL may crash the system.
+
+Even it's a valid URL, some subclasses(e.g. JarURLConnection)
+may not have openConnection() implemented. It will also hit the
+problem, so convert the possbile exception from openConnection()
+to re-throw it to IOException which is handled in the existing
+code.
+
+Bug: 219498290
+Test: atest FrameworksNetTests CtsNetTestCases
+Test: Test with malformed URL
+Merged-In: I22903414380b62051f514e43b93af992f45740b4
+Merged-In: I2abff75ec59a17628ef006aad348c53fadbed076
+Change-Id: I4d6cec1da9cf3f70dec0dcf4223254d3da4f30a3
+(cherry picked from commit 6390b37a3b32fc7583154d53fda3af8fbd95f59f)
+(cherry picked from commit 6d6f4106948bbad67b9845603392d084078997c4)
+Merged-In: I4d6cec1da9cf3f70dec0dcf4223254d3da4f30a3
+---
+ .../server/connectivity/PacManager.java       | 19 +++++++++++++++++--
+ 1 file changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/services/core/java/com/android/server/connectivity/PacManager.java b/services/core/java/com/android/server/connectivity/PacManager.java
+index 46f76b1a1aec..8bd6a835930c 100644
+--- a/services/core/java/com/android/server/connectivity/PacManager.java
++++ b/services/core/java/com/android/server/connectivity/PacManager.java
+@@ -36,6 +36,7 @@ import android.os.SystemClock;
+ import android.os.SystemProperties;
+ import android.provider.Settings;
+ import android.util.Log;
++import android.webkit.URLUtil;
+ 
+ import com.android.internal.annotations.GuardedBy;
+ import com.android.net.IProxyCallback;
+@@ -209,8 +210,22 @@ public class PacManager {
+      * @throws IOException
+      */
+     private static String get(Uri pacUri) throws IOException {
+-        URL url = new URL(pacUri.toString());
+-        URLConnection urlConnection = url.openConnection(java.net.Proxy.NO_PROXY);
++        if (!URLUtil.isValidUrl(pacUri.toString()))  {
++            throw new IOException("Malformed URL:" + pacUri);
++        }
++
++        final URL url = new URL(pacUri.toString());
++        URLConnection urlConnection;
++        try {
++            urlConnection = url.openConnection(java.net.Proxy.NO_PROXY);
++            // Catch the possible exceptions and rethrow as IOException to not to crash the system
++            // for illegal input.
++        } catch (IllegalArgumentException e) {
++            throw new IOException("Incorrect proxy type for " + pacUri);
++        } catch (UnsupportedOperationException e) {
++            throw new IOException("Unsupported URL connection type for " + pacUri);
++        }
++
+         long contentLength = -1;
+         try {
+             contentLength = Long.parseLong(urlConnection.getHeaderField("Content-Length"));
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/334873.patch b/Patches/LineageOS-14.1/android_frameworks_base/334873.patch
new file mode 100644
index 00000000..ef5c5254
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/334873.patch
@@ -0,0 +1,60 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Makoto Onuki <omakoto@google.com>
+Date: Tue, 19 Apr 2022 10:54:18 -0700
+Subject: [PATCH] Only allow the system server to connect to sync adapters
+
+Bug: 203229608
+Test: Manual test with changing the check logic + debug log
+Change-Id: If18009f61360564d02dcda9b1e5fa15685e3250f
+(cherry picked from commit 58270527d11ac7e5f07d337a402d8edf046a63ee)
+(cherry picked from commit 7d1397a54475ed7fee632339ef7c60b432f0fbff)
+Merged-In: If18009f61360564d02dcda9b1e5fa15685e3250f
+---
+ .../content/AbstractThreadedSyncAdapter.java    | 17 +++++++++++++++++
+ 1 file changed, 17 insertions(+)
+
+diff --git a/core/java/android/content/AbstractThreadedSyncAdapter.java b/core/java/android/content/AbstractThreadedSyncAdapter.java
+index 58bd5cda825d..9d1978a3a5ef 100644
+--- a/core/java/android/content/AbstractThreadedSyncAdapter.java
++++ b/core/java/android/content/AbstractThreadedSyncAdapter.java
+@@ -17,6 +17,7 @@
+ package android.content;
+ 
+ import android.accounts.Account;
++import android.os.Binder;
+ import android.os.Bundle;
+ import android.os.IBinder;
+ import android.os.Process;
+@@ -160,9 +161,22 @@ public abstract class AbstractThreadedSyncAdapter {
+     }
+ 
+     private class ISyncAdapterImpl extends ISyncAdapter.Stub {
++        private boolean isCallerSystem() {
++            final long callingUid = Binder.getCallingUid();
++            if (callingUid != Process.SYSTEM_UID) {
++                android.util.EventLog.writeEvent(0x534e4554, "203229608", -1, "");
++                return false;
++            }
++            return true;
++        }
++
+         @Override
+         public void startSync(ISyncContext syncContext, String authority, Account account,
+                 Bundle extras) {
++            if (!isCallerSystem()) {
++                return;
++            }
++
+             final SyncContext syncContextClient = new SyncContext(syncContext);
+ 
+             boolean alreadyInProgress;
+@@ -203,6 +217,9 @@ public abstract class AbstractThreadedSyncAdapter {
+ 
+         @Override
+         public void cancelSync(ISyncContext syncContext) {
++            if (!isCallerSystem()) {
++                return;
++            }
+             // synchronize to make sure that mSyncThreads doesn't change between when we
+             // check it and when we use it
+             SyncThread info = null;
diff --git a/Patches/LineageOS-14.1/android_frameworks_base/338003.patch b/Patches/LineageOS-14.1/android_frameworks_base/338003.patch
new file mode 100644
index 00000000..be891f6c
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_base/338003.patch
@@ -0,0 +1,41 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Adrian Roos <roosa@google.com>
+Date: Thu, 24 Sep 2020 15:30:46 +0200
+Subject: [PATCH] IMMS: Make IMMS PendingIntents immutable
+
+Fixes: 154913391
+Test: n/a
+Change-Id: I34a95732ef3e7c20d6549b57230c11f0c3db04d6
+Merged-In: I34a95732ef3e7c20d6549b57230c11f0c3db04d6
+(cherry picked from commit d4b625994f7664666ac7b53bf6a7d79a6459b3f1)
+(cherry picked from commit 6842f03c9d2f128785df5ce2bd02c61f35226554)
+(cherry picked from commit 2b859826165bddb11f17b217d097253c442f6045)
+Merged-In: I34a95732ef3e7c20d6549b57230c11f0c3db04d6
+---
+ .../java/com/android/server/InputMethodManagerService.java  | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/services/core/java/com/android/server/InputMethodManagerService.java b/services/core/java/com/android/server/InputMethodManagerService.java
+index 6ae495a37632..6685ea942f55 100644
+--- a/services/core/java/com/android/server/InputMethodManagerService.java
++++ b/services/core/java/com/android/server/InputMethodManagerService.java
+@@ -914,7 +914,8 @@ public class InputMethodManagerService extends IInputMethodManager.Stub
+             .setColor(com.android.internal.R.color.system_notification_accent_color);
+ 
+         Intent intent = new Intent(Settings.ACTION_SHOW_INPUT_METHOD_PICKER);
+-        mImeSwitchPendingIntent = PendingIntent.getBroadcast(mContext, 0, intent, 0);
++        mImeSwitchPendingIntent = PendingIntent.getBroadcast(mContext, 0, intent,
++                PendingIntent.FLAG_IMMUTABLE);
+ 
+         mShowOngoingImeSwitcherForPhones = false;
+ 
+@@ -1507,7 +1508,8 @@ public class InputMethodManagerService extends IInputMethodManager.Stub
+         mCurIntent.putExtra(Intent.EXTRA_CLIENT_LABEL,
+                 com.android.internal.R.string.input_method_binding_label);
+         mCurIntent.putExtra(Intent.EXTRA_CLIENT_INTENT, PendingIntent.getActivity(
+-                mContext, 0, new Intent(Settings.ACTION_INPUT_METHOD_SETTINGS), 0));
++                mContext, 0, new Intent(Settings.ACTION_INPUT_METHOD_SETTINGS),
++                PendingIntent.FLAG_IMMUTABLE));
+         if (bindCurrentInputMethodService(mCurIntent, this, Context.BIND_AUTO_CREATE
+                 | Context.BIND_NOT_VISIBLE | Context.BIND_NOT_FOREGROUND
+                 | Context.BIND_SHOWING_UI)) {
diff --git a/Patches/LineageOS-14.1/android_frameworks_native/315714.patch b/Patches/LineageOS-14.1/android_frameworks_native/315714.patch
new file mode 100644
index 00000000..5a2c3fa3
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_native/315714.patch
@@ -0,0 +1,187 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Siarhei Vishniakou <svv@google.com>
+Date: Mon, 21 Jun 2021 22:30:51 +0000
+Subject: [PATCH] Do not modify vector after getting references
+
+We used to obtain a reference to a specific element inside a vector. We
+would then modify the vector, invalidating the reference. But we then
+used the reference, and passed it to 'assignPointerIds'.
+
+Refactor the code to modify the collection first, and then to proceed
+with modifying / reading the elements.
+
+Bug: 179839665
+Test: atest inputflinger_tests (on a hwasan build)
+Merged-In: I9204b954884e9c83a50babdad5e08a0f6d18ad78
+Change-Id: I9204b954884e9c83a50babdad5e08a0f6d18ad78
+(cherry picked from commit ade0672333565773645abe89eccc468572c07228)
+---
+ services/inputflinger/InputReader.cpp | 80 +++++++++++++--------------
+ services/inputflinger/InputReader.h   |  2 +-
+ 2 files changed, 41 insertions(+), 41 deletions(-)
+
+diff --git a/services/inputflinger/InputReader.cpp b/services/inputflinger/InputReader.cpp
+index 768c8f88da..7f8457e1e5 100644
+--- a/services/inputflinger/InputReader.cpp
++++ b/services/inputflinger/InputReader.cpp
+@@ -4082,27 +4082,27 @@ void TouchInputMapper::process(const RawEvent* rawEvent) {
+ }
+ 
+ void TouchInputMapper::sync(nsecs_t when) {
+-    const RawState* last = mRawStatesPending.isEmpty() ?
+-            &mCurrentRawState : &mRawStatesPending.top();
+-
+     // Push a new state.
+     mRawStatesPending.push();
+-    RawState* next = &mRawStatesPending.editTop();
+-    next->clear();
+-    next->when = when;
++    RawState& next = mRawStatesPending.editTop();
++    next.clear();
++    next.when = when;
+ 
+     // Sync button state.
+-    next->buttonState = mTouchButtonAccumulator.getButtonState()
++    next.buttonState = mTouchButtonAccumulator.getButtonState()
+             | mCursorButtonAccumulator.getButtonState();
+ 
+     // Sync scroll
+-    next->rawVScroll = mCursorScrollAccumulator.getRelativeVWheel();
+-    next->rawHScroll = mCursorScrollAccumulator.getRelativeHWheel();
++    next.rawVScroll = mCursorScrollAccumulator.getRelativeVWheel();
++    next.rawHScroll = mCursorScrollAccumulator.getRelativeHWheel();
+     mCursorScrollAccumulator.finishSync();
+ 
+     // Sync touch
+-    syncTouch(when, next);
++    syncTouch(when, &next);
+ 
++    // The last RawState is actually the second to last, since we just added a new state
++    const RawState& last = mRawStatesPending.size() == 1 ?
++            mCurrentRawState : mRawStatesPending.editItemAt(mRawStatesPending.size() - 2);
+     // Assign pointer ids.
+     if (!mHavePointerIds) {
+         assignPointerIds(last, next);
+@@ -4111,12 +4111,12 @@ void TouchInputMapper::sync(nsecs_t when) {
+ #if DEBUG_RAW_EVENTS
+     ALOGD("syncTouch: pointerCount %d -> %d, touching ids 0x%08x -> 0x%08x, "
+             "hovering ids 0x%08x -> 0x%08x",
+-            last->rawPointerData.pointerCount,
+-            next->rawPointerData.pointerCount,
+-            last->rawPointerData.touchingIdBits.value,
+-            next->rawPointerData.touchingIdBits.value,
+-            last->rawPointerData.hoveringIdBits.value,
+-            next->rawPointerData.hoveringIdBits.value);
++            last.rawPointerData.pointerCount,
++            next.rawPointerData.pointerCount,
++            last.rawPointerData.touchingIdBits.value,
++            next.rawPointerData.touchingIdBits.value,
++            last.rawPointerData.hoveringIdBits.value,
++            next.rawPointerData.hoveringIdBits.value);
+ #endif
+ 
+     processRawTouches(false /*timeout*/);
+@@ -6368,11 +6368,11 @@ const TouchInputMapper::VirtualKey* TouchInputMapper::findVirtualKeyHit(
+     return NULL;
+ }
+ 
+-void TouchInputMapper::assignPointerIds(const RawState* last, RawState* current) {
+-    uint32_t currentPointerCount = current->rawPointerData.pointerCount;
+-    uint32_t lastPointerCount = last->rawPointerData.pointerCount;
++void TouchInputMapper::assignPointerIds(const RawState& last, RawState& current) {
++    uint32_t currentPointerCount = current.rawPointerData.pointerCount;
++    uint32_t lastPointerCount = last.rawPointerData.pointerCount;
+ 
+-    current->rawPointerData.clearIdBits();
++    current.rawPointerData.clearIdBits();
+ 
+     if (currentPointerCount == 0) {
+         // No pointers to assign.
+@@ -6383,21 +6383,21 @@ void TouchInputMapper::assignPointerIds(const RawState* last, RawState* current)
+         // All pointers are new.
+         for (uint32_t i = 0; i < currentPointerCount; i++) {
+             uint32_t id = i;
+-            current->rawPointerData.pointers[i].id = id;
+-            current->rawPointerData.idToIndex[id] = i;
+-            current->rawPointerData.markIdBit(id, current->rawPointerData.isHovering(i));
++            current.rawPointerData.pointers[i].id = id;
++            current.rawPointerData.idToIndex[id] = i;
++            current.rawPointerData.markIdBit(id, current.rawPointerData.isHovering(i));
+         }
+         return;
+     }
+ 
+     if (currentPointerCount == 1 && lastPointerCount == 1
+-            && current->rawPointerData.pointers[0].toolType
+-                    == last->rawPointerData.pointers[0].toolType) {
++            && current.rawPointerData.pointers[0].toolType
++                    == last.rawPointerData.pointers[0].toolType) {
+         // Only one pointer and no change in count so it must have the same id as before.
+-        uint32_t id = last->rawPointerData.pointers[0].id;
+-        current->rawPointerData.pointers[0].id = id;
+-        current->rawPointerData.idToIndex[id] = 0;
+-        current->rawPointerData.markIdBit(id, current->rawPointerData.isHovering(0));
++        uint32_t id = last.rawPointerData.pointers[0].id;
++        current.rawPointerData.pointers[0].id = id;
++        current.rawPointerData.idToIndex[id] = 0;
++        current.rawPointerData.markIdBit(id, current.rawPointerData.isHovering(0));
+         return;
+     }
+ 
+@@ -6415,9 +6415,9 @@ void TouchInputMapper::assignPointerIds(const RawState* last, RawState* current)
+         for (uint32_t lastPointerIndex = 0; lastPointerIndex < lastPointerCount;
+                 lastPointerIndex++) {
+             const RawPointerData::Pointer& currentPointer =
+-                    current->rawPointerData.pointers[currentPointerIndex];
++                    current.rawPointerData.pointers[currentPointerIndex];
+             const RawPointerData::Pointer& lastPointer =
+-                    last->rawPointerData.pointers[lastPointerIndex];
++                    last.rawPointerData.pointers[lastPointerIndex];
+             if (currentPointer.toolType == lastPointer.toolType) {
+                 int64_t deltaX = currentPointer.x - lastPointer.x;
+                 int64_t deltaY = currentPointer.y - lastPointer.y;
+@@ -6523,11 +6523,11 @@ void TouchInputMapper::assignPointerIds(const RawState* last, RawState* current)
+             matchedCurrentBits.markBit(currentPointerIndex);
+             matchedLastBits.markBit(lastPointerIndex);
+ 
+-            uint32_t id = last->rawPointerData.pointers[lastPointerIndex].id;
+-            current->rawPointerData.pointers[currentPointerIndex].id = id;
+-            current->rawPointerData.idToIndex[id] = currentPointerIndex;
+-            current->rawPointerData.markIdBit(id,
+-                    current->rawPointerData.isHovering(currentPointerIndex));
++            uint32_t id = last.rawPointerData.pointers[lastPointerIndex].id;
++            current.rawPointerData.pointers[currentPointerIndex].id = id;
++            current.rawPointerData.idToIndex[id] = currentPointerIndex;
++            current.rawPointerData.markIdBit(id,
++                    current.rawPointerData.isHovering(currentPointerIndex));
+             usedIdBits.markBit(id);
+ 
+ #if DEBUG_POINTER_ASSIGNMENT
+@@ -6543,10 +6543,10 @@ void TouchInputMapper::assignPointerIds(const RawState* last, RawState* current)
+         uint32_t currentPointerIndex = matchedCurrentBits.markFirstUnmarkedBit();
+         uint32_t id = usedIdBits.markFirstUnmarkedBit();
+ 
+-        current->rawPointerData.pointers[currentPointerIndex].id = id;
+-        current->rawPointerData.idToIndex[id] = currentPointerIndex;
+-        current->rawPointerData.markIdBit(id,
+-                current->rawPointerData.isHovering(currentPointerIndex));
++        current.rawPointerData.pointers[currentPointerIndex].id = id;
++        current.rawPointerData.idToIndex[id] = currentPointerIndex;
++        current.rawPointerData.markIdBit(id,
++                current.rawPointerData.isHovering(currentPointerIndex));
+ 
+ #if DEBUG_POINTER_ASSIGNMENT
+         ALOGD("assignPointerIds - assigned: cur=%d, id=%d",
+diff --git a/services/inputflinger/InputReader.h b/services/inputflinger/InputReader.h
+index dacdacc8de..9c11f8dc80 100644
+--- a/services/inputflinger/InputReader.h
++++ b/services/inputflinger/InputReader.h
+@@ -1906,7 +1906,7 @@ private:
+     bool isPointInsideSurface(int32_t x, int32_t y);
+     const VirtualKey* findVirtualKeyHit(int32_t x, int32_t y);
+ 
+-    static void assignPointerIds(const RawState* last, RawState* current);
++    static void assignPointerIds(const RawState& last, RawState& current);
+     
+     void unfadePointer(PointerControllerInterface::Transition transition);
+ 
diff --git a/Patches/LineageOS-14.1/android_frameworks_native/325993.patch b/Patches/LineageOS-14.1/android_frameworks_native/325993.patch
new file mode 100644
index 00000000..f4e354c6
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_frameworks_native/325993.patch
@@ -0,0 +1,42 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Siarhei Vishniakou <svv@google.com>
+Date: Wed, 9 Dec 2020 08:07:46 -1000
+Subject: [PATCH] Check if the window is partially obscured for slippery enters
+
+Currently, we only check whether a window is partially obscured during
+the initial tap down. However, there is another use case: slippery
+enter.
+
+During a slippery enter, the touch down is generated into the
+slipped-into window, and touch cancel is generated for the slipped-from
+window. The window receiving the slippery enter does not need to have
+any flags.
+
+Until we figure out whether we can restrict the usage of this flag to
+system components, add this check as an intermediate fix.
+
+Bug: 157929241
+Test: atest FlagSlipperyTest
+Test: atest inputflinger_tests
+Change-Id: I93d9681479f41244ffed4b1f88cceb69be71adf2
+Merged-In: I93d9681479f41244ffed4b1f88cceb69be71adf2
+(cherry picked from commit 870ececa8d5dfb293e671c716f98ccddae24147f)
+(cherry picked from commit 6e689ffe3fad4b190629e11222936fb7cda041c2)
+Merged-In:I93d9681479f41244ffed4b1f88cceb69be71adf2
+---
+ services/inputflinger/InputDispatcher.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/services/inputflinger/InputDispatcher.cpp b/services/inputflinger/InputDispatcher.cpp
+index 37e9038aa6..07040a626b 100644
+--- a/services/inputflinger/InputDispatcher.cpp
++++ b/services/inputflinger/InputDispatcher.cpp
+@@ -1391,6 +1391,8 @@ int32_t InputDispatcher::findTouchedWindowTargetsLocked(nsecs_t currentTime,
+                 }
+                 if (isWindowObscuredAtPointLocked(newTouchedWindowHandle, x, y)) {
+                     targetFlags |= InputTarget::FLAG_WINDOW_IS_OBSCURED;
++                } else if (isWindowObscuredLocked(newTouchedWindowHandle)) {
++                    targetFlags |= InputTarget::FLAG_WINDOW_IS_PARTIALLY_OBSCURED;
+                 }
+ 
+                 BitSet32 pointerIds;
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Bluetooth/332451.patch b/Patches/LineageOS-14.1/android_packages_apps_Bluetooth/332451.patch
new file mode 100644
index 00000000..ca8806ae
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Bluetooth/332451.patch
@@ -0,0 +1,30 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Rahul Sabnis <rahulsabnis@google.com>
+Date: Wed, 6 Apr 2022 18:08:18 +0000
+Subject: [PATCH] Removes app access to BluetoothAdapter#setScanMode by
+ requiring BLUETOOTH_PRIVILEGED permission.
+
+Bug: 203431023
+Test: Manual
+Merged-In: I50d5ed327a7c90a3f73a9924e5b2b66310dff76c
+Change-Id: I50d5ed327a7c90a3f73a9924e5b2b66310dff76c
+(cherry picked from commit 95cbb22647ef5e4505f64d97b7dcbfad2a9fb0e0)
+Merged-In: I50d5ed327a7c90a3f73a9924e5b2b66310dff76c
+---
+ src/com/android/bluetooth/btservice/AdapterService.java | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/com/android/bluetooth/btservice/AdapterService.java b/src/com/android/bluetooth/btservice/AdapterService.java
+index 9ecb0bb7b..753b0a298 100644
+--- a/src/com/android/bluetooth/btservice/AdapterService.java
++++ b/src/com/android/bluetooth/btservice/AdapterService.java
+@@ -1625,7 +1625,8 @@ public class AdapterService extends Service {
+     }
+ 
+      boolean setScanMode(int mode, int duration) {
+-        enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
++        enforceCallingOrSelfPermission(BLUETOOTH_PRIVILEGED,
++			               "Need BLUETOOTH PRIVILEGED permission");
+ 
+         setDiscoverableTimeout(duration);
+         int newMode = convertScanModeToHal(mode);
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Bluetooth/332452.patch b/Patches/LineageOS-14.1/android_packages_apps_Bluetooth/332452.patch
new file mode 100644
index 00000000..cb73055b
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Bluetooth/332452.patch
@@ -0,0 +1,30 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Rahul Sabnis <rahulsabnis@google.com>
+Date: Wed, 6 Apr 2022 22:44:01 +0000
+Subject: [PATCH] Removes app access to BluetoothAdapter#setDiscoverableTimeout
+ by requiring BLUETOOTH_PRIVILEGED permission.
+
+Bug: 206807679
+Test: Manual
+Merged-In: I73288f495d35280a5724d070248db54e2fe537fd
+Change-Id: I73288f495d35280a5724d070248db54e2fe537fd
+(cherry picked from commit 528ea846133dc7dc4ce843e5b649abd50b58d527)
+Merged-In: I73288f495d35280a5724d070248db54e2fe537fd
+---
+ src/com/android/bluetooth/btservice/AdapterService.java | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/com/android/bluetooth/btservice/AdapterService.java b/src/com/android/bluetooth/btservice/AdapterService.java
+index 753b0a298..d4c7778ae 100644
+--- a/src/com/android/bluetooth/btservice/AdapterService.java
++++ b/src/com/android/bluetooth/btservice/AdapterService.java
+@@ -1640,7 +1640,8 @@ public class AdapterService extends Service {
+     }
+ 
+      boolean setDiscoverableTimeout(int timeout) {
+-        enforceCallingOrSelfPermission(BLUETOOTH_PERM, "Need BLUETOOTH permission");
++        enforceCallingOrSelfPermission(BLUETOOTH_PRIVILEGED,
++                                       "Need BLUETOOTH PRIVILEGED permission");
+ 
+         return mAdapterProperties.setDiscoverableTimeout(timeout);
+     }
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Contacts/318518.patch b/Patches/LineageOS-14.1/android_packages_apps_Contacts/318518.patch
new file mode 100644
index 00000000..19e872b2
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Contacts/318518.patch
@@ -0,0 +1,26 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: John Shao <johnshao@google.com>
+Date: Wed, 25 Aug 2021 23:29:56 +0000
+Subject: [PATCH] Add permission to start NFC activity to ensure it is from NFC
+ stack
+
+Bug: 191053931
+Test: build
+Change-Id: I41b5ddf464f45e68a4da6ad880cbc9b12e447ec5
+(cherry picked from commit 024c62fa49aa2090daf50657c2b509b9478d8b92)
+---
+ AndroidManifest.xml | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index b3f789852..c0c87c192 100755
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -468,6 +468,7 @@
+         </activity>
+ 
+         <activity android:name=".common.vcard.NfcImportVCardActivity"
++            android:permission="android.permission.DISPATCH_NFC_MESSAGE"
+             android:label="@string/launcherActivityLabel"
+             android:configChanges="orientation|screenSize|keyboardHidden"
+             android:theme="@style/BackgroundOnlyTheme">
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Contacts/319989.patch b/Patches/LineageOS-14.1/android_packages_apps_Contacts/319989.patch
new file mode 100644
index 00000000..fdcd290f
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Contacts/319989.patch
@@ -0,0 +1,95 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Gary Mai <garymai@google.com>
+Date: Wed, 15 Sep 2021 16:20:01 -0700
+Subject: [PATCH] Address photo editing security bug
+
+Filter to only system apps that can handle cropping.
+Otherwise, save the photo as is.
+
+Bug: 195748381
+Test: Manual test with the PoC. Verified only the system installed app
+was able to crop the photo and no crop was offered when it was disabled
+
+Change-Id: Id1527f589064aa278715afcb060647ec6841e6da
+(cherry picked from commit 8b19ca470847f5f77d5b2e5dd086aae9ad4ea389)
+---
+ .../contacts/activities/AttachPhotoActivity.java    | 13 ++++++++-----
+ .../contacts/detail/PhotoSelectionHandler.java      | 13 ++++++++-----
+ 2 files changed, 16 insertions(+), 10 deletions(-)
+
+diff --git a/src/com/android/contacts/activities/AttachPhotoActivity.java b/src/com/android/contacts/activities/AttachPhotoActivity.java
+index 1abbecfd1..012bd1501 100644
+--- a/src/com/android/contacts/activities/AttachPhotoActivity.java
++++ b/src/com/android/contacts/activities/AttachPhotoActivity.java
+@@ -187,7 +187,8 @@ public class AttachPhotoActivity extends ContactsActivity {
+             }
+             ContactPhotoUtils.addPhotoPickerExtras(intent, mCroppedPhotoUri);
+             ContactPhotoUtils.addCropExtras(intent, mPhotoDim != 0 ? mPhotoDim : mDefaultPhotoDim);
+-            if (!hasIntentHandler(intent)) {
++            final ResolveInfo intentHandler = getIntentHandler(intent);
++            if (intentHandler == null) {
+                 // No activity supports the crop action. So skip cropping and set the photo
+                 // without performing any cropping.
+                 mCroppedPhotoUri = mTempPhotoUri;
+@@ -201,6 +202,7 @@ public class AttachPhotoActivity extends ContactsActivity {
+                 return;
+             }
+ 
++            intent.setPackage(intentHandler.activityInfo.packageName);
+             try {
+                 startActivityForResult(intent, REQUEST_CROP_PHOTO);
+             } catch (ActivityNotFoundException ex) {
+@@ -227,10 +229,11 @@ public class AttachPhotoActivity extends ContactsActivity {
+         }
+     }
+ 
+-    private boolean hasIntentHandler(Intent intent) {
+-        final List<ResolveInfo> resolveInfo = getPackageManager()
+-                .queryIntentActivities(intent, PackageManager.MATCH_DEFAULT_ONLY);
+-        return resolveInfo != null && resolveInfo.size() > 0;
++    private ResolveInfo getIntentHandler(Intent intent) {
++        final List<ResolveInfo> resolveInfos = getPackageManager()
++                .queryIntentActivities(intent,
++                        PackageManager.MATCH_DEFAULT_ONLY | PackageManager.MATCH_SYSTEM_ONLY);
++        return (resolveInfos != null && resolveInfos.size() > 0) ? resolveInfos.get(0) : null;
+     }
+ 
+     // TODO: consider moving this to ContactLoader, especially if we keep adding similar
+diff --git a/src/com/android/contacts/detail/PhotoSelectionHandler.java b/src/com/android/contacts/detail/PhotoSelectionHandler.java
+index d2e5763a0..302e8c1a9 100644
+--- a/src/com/android/contacts/detail/PhotoSelectionHandler.java
++++ b/src/com/android/contacts/detail/PhotoSelectionHandler.java
+@@ -241,7 +241,8 @@ public abstract class PhotoSelectionHandler implements OnClickListener {
+      */
+     private void doCropPhoto(Uri inputUri, Uri outputUri) {
+         final Intent intent = getCropImageIntent(inputUri, outputUri);
+-        if (!hasIntentHandler(intent)) {
++        final ResolveInfo intentHandler = getIntentHandler(intent);
++        if (intentHandler == null) {
+             try {
+                 getListener().onPhotoSelected(inputUri);
+             } catch (FileNotFoundException e) {
+@@ -251,6 +252,7 @@ public abstract class PhotoSelectionHandler implements OnClickListener {
+             }
+             return;
+         }
++        intent.setPackage(intentHandler.activityInfo.packageName);
+         try {
+             // Launch gallery to crop the photo
+             startPhotoActivity(intent, REQUEST_CROP_PHOTO, inputUri);
+@@ -321,10 +323,11 @@ public abstract class PhotoSelectionHandler implements OnClickListener {
+         return intent;
+     }
+ 
+-    private boolean hasIntentHandler(Intent intent) {
+-        final List<ResolveInfo> resolveInfo = mContext.getPackageManager()
+-                .queryIntentActivities(intent, PackageManager.MATCH_DEFAULT_ONLY);
+-        return resolveInfo != null && resolveInfo.size() > 0;
++    private ResolveInfo getIntentHandler(Intent intent) {
++        final List<ResolveInfo> resolveInfos = mContext.getPackageManager()
++                .queryIntentActivities(intent,
++                        PackageManager.MATCH_DEFAULT_ONLY | PackageManager.MATCH_SYSTEM_ONLY);
++        return (resolveInfos != null && resolveInfos.size() > 0) ? resolveInfos.get(0) : null;
+     }
+ 
+     /**
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Contacts/332453.patch b/Patches/LineageOS-14.1/android_packages_apps_Contacts/332453.patch
new file mode 100644
index 00000000..83a5f8cd
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Contacts/332453.patch
@@ -0,0 +1,31 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: John Shao <johnshao@google.com>
+Date: Thu, 24 Feb 2022 22:20:11 +0000
+Subject: [PATCH] No longer export CallSubjectDialog
+
+This is most likely not used outside of the app and can be potentially
+exploited
+
+Bug: 218341397
+Test: Manual
+Change-Id: I8c0c2bdddb172aba5a41e3fff0413eb48a5f4455
+Merged-In: I8c0c2bdddb172aba5a41e3fff0413eb48a5f4455
+(cherry picked from commit eadb0b1cc94deaa238bfdf225a504119a8a24388)
+(cherry picked from commit 1f6d68c79699a9790e6cf0ab82bdc15c64eb7f5a)
+Merged-In: I8c0c2bdddb172aba5a41e3fff0413eb48a5f4455
+---
+ AndroidManifest.xml | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index c0c87c192..05600da64 100755
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -569,6 +569,7 @@
+ 
+         <activity android:name="com.android.contacts.common.dialog.CallSubjectDialog"
+                   android:theme="@style/Theme.CallSubjectDialogTheme"
++                  android:exported="false"
+                   android:windowSoftInputMode="stateVisible|adjustResize">
+             <intent-filter>
+                 <action android:name="android.intent.action.VIEW"/>
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Dialer/332454.patch b/Patches/LineageOS-14.1/android_packages_apps_Dialer/332454.patch
new file mode 100644
index 00000000..0468728b
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Dialer/332454.patch
@@ -0,0 +1,27 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tatsuaki Machida <tmachida@google.com>
+Date: Mon, 28 Feb 2022 10:36:08 +0000
+Subject: [PATCH] No longer export CallSubjectDialog
+
+Bug: 221802256
+Change-Id: Ibfc10e706d204131c33071a5fd5b6596ba5c2d48
+Test: N/A
+(cherry picked from commit d96b98bbb21118356726588d0ff3707246369fdb)
+(cherry picked from commit 380a088b2d03f239e37b23c051beadd7d0280dbf)
+Merged-In: Ibfc10e706d204131c33071a5fd5b6596ba5c2d48
+---
+ AndroidManifest.xml | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index b154c778a..ee8905394 100644
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -209,6 +209,7 @@
+ 
+         <activity android:name="com.android.contacts.common.dialog.CallSubjectDialog"
+                   android:theme="@style/Theme.CallSubjectDialogTheme"
++                  android:exported="false"
+                   android:windowSoftInputMode="stateVisible|adjustResize">
+             <intent-filter>
+                 <action android:name="android.intent.action.VIEW"/>
diff --git a/Patches/LineageOS-14.1/android_packages_apps_KeyChain/319990.patch b/Patches/LineageOS-14.1/android_packages_apps_KeyChain/319990.patch
new file mode 100644
index 00000000..56a8a42d
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_KeyChain/319990.patch
@@ -0,0 +1,51 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tianyi Hu <hutianyi@bytedance.com>
+Date: Wed, 15 Sep 2021 21:43:18 +0800
+Subject: [PATCH] DO NOT MERGE Hide overlay on KeyChainActivity
+
+Hide non system overlay to improve security.
+
+Test: N/A
+Bug: 199754277
+Merged-In: Ia0e97f40d79a7f89035572e0175990694870938f
+Change-Id: Ia0e97f40d79a7f89035572e0175990694870938f
+(cherry picked from commit cdca35442c767d64f6d0db4af438a3856263857a)
+---
+ AndroidManifest.xml                            | 2 ++
+ src/com/android/keychain/KeyChainActivity.java | 3 +++
+ 2 files changed, 5 insertions(+)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index 3e03c87..807966a 100755
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -3,6 +3,8 @@
+           package="com.android.keychain"
+           android:sharedUserId="android.uid.system"
+           >
++    <uses-permission android:name="android.permission.HIDE_NON_SYSTEM_OVERLAY_WINDOWS"/>
++
+     <application android:label="@string/app_name"
+             android:allowBackup="false"
+             android:usesCleartextTraffic="false" >
+diff --git a/src/com/android/keychain/KeyChainActivity.java b/src/com/android/keychain/KeyChainActivity.java
+index b5058b2..eac36b4 100644
+--- a/src/com/android/keychain/KeyChainActivity.java
++++ b/src/com/android/keychain/KeyChainActivity.java
+@@ -61,6 +61,8 @@ import java.util.List;
+ 
+ import javax.security.auth.x500.X500Principal;
+ 
++import static android.view.WindowManager.LayoutParams.PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS;
++
+ public class KeyChainActivity extends Activity {
+     private static final String TAG = "KeyChain";
+ 
+@@ -84,6 +86,7 @@ public class KeyChainActivity extends Activity {
+ 
+     @Override public void onCreate(Bundle savedState) {
+         super.onCreate(savedState);
++        getWindow().addPrivateFlags(PRIVATE_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS);
+         if (savedState == null) {
+             mState = State.INITIAL;
+         } else {
diff --git a/Patches/LineageOS-14.1/android_packages_apps_KeyChain/334036.patch b/Patches/LineageOS-14.1/android_packages_apps_KeyChain/334036.patch
new file mode 100644
index 00000000..07c40f49
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_KeyChain/334036.patch
@@ -0,0 +1,33 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Ayush Sharma <ayushsha@google.com>
+Date: Tue, 10 May 2022 14:09:40 +0000
+Subject: [PATCH] Encode authority part of uri before showing in UI
+
+As per rfc2396, allowing only characters that are reserved|unreserved|@
+to be in non escaped form, all the other characters will be escaped.
+This would cover all the possible characters there can be in valid
+authority as per the rfc2396. android.net.Uri conforms to  RFC 2396.
+
+Bug: 221859869
+Test: Manual
+Change-Id: Ib4f5431bd80b7f4c72c4414f98d99eeb7ca900ed
+Merged-In: Ib4f5431bd80b7f4c72c4414f98d99eeb7ca900ed
+(cherry picked from commit 8550c37c186099926ce364b65b61ffbf6ed7958d)
+Merged-In: Ib4f5431bd80b7f4c72c4414f98d99eeb7ca900ed
+---
+ src/com/android/keychain/KeyChainActivity.java | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/com/android/keychain/KeyChainActivity.java b/src/com/android/keychain/KeyChainActivity.java
+index eac36b4..21ba9aa 100644
+--- a/src/com/android/keychain/KeyChainActivity.java
++++ b/src/com/android/keychain/KeyChainActivity.java
+@@ -289,7 +289,7 @@ public class KeyChainActivity extends Activity {
+         Uri uri = getIntent().getParcelableExtra(KeyChain.EXTRA_URI);
+         if (uri != null) {
+             String hostMessage = String.format(res.getString(R.string.requesting_server),
+-                                               uri.getAuthority());
++                    Uri.encode(uri.getAuthority(), "$,;:@&=+"));
+             if (contextMessage == null) {
+                 contextMessage = hostMessage;
+             } else {
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Nfc/315715.patch b/Patches/LineageOS-14.1/android_packages_apps_Nfc/315715.patch
new file mode 100644
index 00000000..2b3112a1
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Nfc/315715.patch
@@ -0,0 +1,28 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alisher Alikhodjaev <alisher@google.com>
+Date: Thu, 17 Jun 2021 11:27:00 -0700
+Subject: [PATCH] Add HIDE_NON_SYSTEM_OVERLAY_WINDOWS permission to Nfc
+
+This permission is required for xx_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS
+window flag to function properly.
+
+Bug: 180422108
+Test: build ok
+Change-Id: I8246c06c0e7d60d4e06ef4fa430ccd5111e99a43
+(cherry picked from commit 9c56b01c5745252c13c05a2fe39faaef130813e5)
+---
+ AndroidManifest.xml | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index 8a7763cf..fe94e7de 100755
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -35,6 +35,7 @@
+     <uses-permission android:name="android.permission.READ_CONTACTS" />
+     <uses-permission android:name="android.permission.READ_FRAME_BUFFER" />
+     <uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW" />
++    <uses-permission android:name="android.permission.HIDE_NON_SYSTEM_OVERLAY_WINDOWS" />
+     <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
+     <uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
+     <uses-permission android:name="android.permission.VIBRATE" />
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Nfc/328308.patch b/Patches/LineageOS-14.1/android_packages_apps_Nfc/328308.patch
new file mode 100644
index 00000000..effab575
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Nfc/328308.patch
@@ -0,0 +1,59 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Jack Yu <jackcwyu@google.com>
+Date: Thu, 13 Jan 2022 16:27:22 +0800
+Subject: [PATCH] Do not set default contactless application without user
+ interaction
+
+Keep the default contactless apllication "not set" if user does not
+select one from the Settings page.
+
+Bug: 212610736
+Test: Manual
+Merged-In: I8e1d67528eca037f4f88380a96f8c542965a1981
+Change-Id: I8e1d67528eca037f4f88380a96f8c542965a1981
+(cherry picked from commit 4177b086cf2f1ae9c1831cb1a7ed88233c7a6aca)
+Merged-In:I8e1d67528eca037f4f88380a96f8c542965a1981
+---
+ .../cardemulation/CardEmulationManager.java   | 27 +++----------------
+ 1 file changed, 4 insertions(+), 23 deletions(-)
+
+diff --git a/src/com/android/nfc/cardemulation/CardEmulationManager.java b/src/com/android/nfc/cardemulation/CardEmulationManager.java
+index cff9dd3e..af31f89c 100644
+--- a/src/com/android/nfc/cardemulation/CardEmulationManager.java
++++ b/src/com/android/nfc/cardemulation/CardEmulationManager.java
+@@ -205,31 +205,12 @@ public class CardEmulationManager implements RegisteredServicesCache.Callback,
+ 
+     void verifyDefaults(int userId, List<ApduServiceInfo> services) {
+         ComponentName defaultPaymentService =
+-                getDefaultServiceForCategory(userId, CardEmulation.CATEGORY_PAYMENT, false);
++                getDefaultServiceForCategory(userId, CardEmulation.CATEGORY_PAYMENT, true);
+         if (DBG) Log.d(TAG, "Current default: " + defaultPaymentService);
+         if (defaultPaymentService == null) {
+-            // A payment service may have been removed, leaving only one;
+-            // in that case, automatically set that app as default.
+-            int numPaymentServices = 0;
+-            ComponentName lastFoundPaymentService = null;
+-            for (ApduServiceInfo service : services) {
+-                if (service.hasCategory(CardEmulation.CATEGORY_PAYMENT))  {
+-                    numPaymentServices++;
+-                    lastFoundPaymentService = service.getComponent();
+-                }
+-            }
+-            if (numPaymentServices > 1) {
+-                // More than one service left, leave default unset
+-                if (DBG) Log.d(TAG, "No default set, more than one service left.");
+-            } else if (numPaymentServices == 1) {
+-                // Make single found payment service the default
+-                if (DBG) Log.d(TAG, "No default set, making single service default.");
+-                setDefaultServiceForCategoryChecked(userId, lastFoundPaymentService,
+-                        CardEmulation.CATEGORY_PAYMENT);
+-            } else {
+-                // No payment services left, leave default at null
+-                if (DBG) Log.d(TAG, "No default set, last payment service removed.");
+-            }
++            // A payment service may have been removed, set default payment selection to "not set".
++            if (DBG) Log.d(TAG, "No default set, last payment service removed.");
++            setDefaultServiceForCategoryChecked(userId, null, CardEmulation.CATEGORY_PAYMENT);
+         }
+     }
+ 
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Nfc/332455.patch b/Patches/LineageOS-14.1/android_packages_apps_Nfc/332455.patch
new file mode 100644
index 00000000..25a1e266
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Nfc/332455.patch
@@ -0,0 +1,44 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alisher Alikhodjaev <alisher@google.com>
+Date: Fri, 18 Mar 2022 17:13:05 -0700
+Subject: [PATCH] OOB read in phNciNfc_RecvMfResp()
+
+The size of RspBuff for Mifare shall be at least 2 bytes:
+Mifare Req/Rsp Id + Status
+
+Bug: 221852424
+Test: build ok
+Change-Id: I3a1e10997de8d2a7cb8bbb524fc8788aaf97944e
+(cherry picked from commit f0d86f7fe23499cd4c6631348618463fbc496436)
+Merged-In: I3a1e10997de8d2a7cb8bbb524fc8788aaf97944e
+---
+ nci/jni/extns/pn54x/src/mifare/phNxpExtns_MifareStd.c | 9 +--------
+ 1 file changed, 1 insertion(+), 8 deletions(-)
+
+diff --git a/nci/jni/extns/pn54x/src/mifare/phNxpExtns_MifareStd.c b/nci/jni/extns/pn54x/src/mifare/phNxpExtns_MifareStd.c
+index d3d78a03..0ee2314d 100755
+--- a/nci/jni/extns/pn54x/src/mifare/phNxpExtns_MifareStd.c
++++ b/nci/jni/extns/pn54x/src/mifare/phNxpExtns_MifareStd.c
+@@ -1230,7 +1230,7 @@ phNciNfc_RecvMfResp(phNciNfc_Buff_t* RspBuffInfo,
+     }
+     else
+     {
+-        if((0 == (RspBuffInfo->wLen))
++        if(((PHNCINFC_EXTNID_SIZE + PHNCINFC_EXTNSTATUS_SIZE) > RspBuffInfo->wLen)
+                 || (PH_NCINFC_STATUS_OK != wStatus)
+                 || (NULL == (RspBuffInfo->pBuff))
+                 )
+@@ -1250,13 +1250,6 @@ phNciNfc_RecvMfResp(phNciNfc_Buff_t* RspBuffInfo,
+                     {
+                         status = NFCSTATUS_SUCCESS;
+ 
+-                        if ((PHNCINFC_EXTNID_SIZE + PHNCINFC_EXTNSTATUS_SIZE) >
+-                            RspBuffInfo->wLen)
+-                        {
+-                            android_errorWriteLog(0x534e4554, "181346550");
+-                            return NFCSTATUS_FAILED;
+-                        }
+-
+                         /* DataLen = TotalRecvdLen - (sizeof(RspId) + sizeof(Status)) */
+                         wPldDataSize = ((RspBuffInfo->wLen) -
+                             (PHNCINFC_EXTNID_SIZE + PHNCINFC_EXTNSTATUS_SIZE));
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/315716.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/315716.patch
new file mode 100644
index 00000000..db42a1d1
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/315716.patch
@@ -0,0 +1,62 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Hugh Chen <hughchen@google.com>
+Date: Thu, 3 Jun 2021 16:38:24 +0800
+Subject: [PATCH] RESTRICT AUTOMERGE Update string
+
+1. Replace "An untrusted Bluetooth device" to "A Bluetooth device".
+2. Replace "Deny" to "Don't allow"
+
+https://docs.google.com/document/d/18bVSIAyX4MNpNeCvxqyZu7CXcBUcdV0pnh-gzVprjqU/edit?ts=60709637
+
+Bug: 167403112
+Test: send intent to test right prompts message is pop up.
+make -j42 RunSettingsRoboTests
+
+Change-Id: I38da15d4b1fb08671f6352458cbf3f735b4083bc
+(cherry picked from commit 38fc9a91b53e82c092c1324f5ba3085740e7dcdf)
+(cherry picked from commit 3d6641a468bdb296af29bd222b3bc55ed62b78bc)
+---
+ res/values/strings.xml                                | 11 +++++++----
+ .../bluetooth/BluetoothPermissionActivity.java        |  2 +-
+ 2 files changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index a4fdaf58c9..322baf1566 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -7961,15 +7961,18 @@
+     <string name="touchscreen_gesture_settings_summary">Perform various touchscreen gestures for quick actions</string>
+ 
+     <!-- Bluetooth message permission alert for notification content [CHAR LIMIT=none] -->
+-    <string name="bluetooth_message_access_notification_content">Untrusted device wants to access your messages. Tap for details.</string>
++    <string name="bluetooth_message_access_notification_content">A device wants to access your messages. Tap for details.</string>
+     <!-- Bluetooth message permission alert for dialog title [CHAR LIMIT=none] -->
+     <string name="bluetooth_message_access_dialog_title">Allow access to messages?</string>
+     <!-- Bluetooth message permission alert for dialog content [CHAR LIMIT=none] -->
+-    <string name="bluetooth_message_access_dialog_content">An untrusted Bluetooth device, <xliff:g id="device_name" example="My device">%1$s</xliff:g>, wants to access your messages.\n\nYou haven\u2019t connected to <xliff:g id="device_name" example="My device">%2$s</xliff:g> before.</string>
++    <string name="bluetooth_message_access_dialog_content">A Bluetooth device, <xliff:g id="device_name" example="My device">%1$s</xliff:g>, wants to access your messages.\n\nYou haven\u2019t connected to <xliff:g id="device_name" example="My device">%2$s</xliff:g> before.</string>
+     <!-- Bluetooth phonebook permission alert for notification content [CHAR LIMIT=none] -->
+-    <string name="bluetooth_phonebook_access_notification_content">Untrusted device wants to access your contacts and call log. Tap for details.</string>
++    <string name="bluetooth_phonebook_access_notification_content">A device wants to access your contacts and call log. Tap for details.</string>
+     <!-- Bluetooth phonebook permission alert for dialog title [CHAR LIMIT=none] -->
+     <string name="bluetooth_phonebook_access_dialog_title">Allow access to contacts and call log?</string>
+     <!-- Bluetooth phonebook permission alert for dialog content [CHAR LIMIT=none] -->
+-    <string name="bluetooth_phonebook_access_dialog_content">An untrusted Bluetooth device, <xliff:g id="device_name" example="My device">%1$s</xliff:g>, wants to access your contacts and call log. This includes data about incoming and outgoing calls.\n\nYou haven\u2019t connected to <xliff:g id="device_name" example="My device">%2$s</xliff:g> before.</string>
++    <string name="bluetooth_phonebook_access_dialog_content">A Bluetooth device, <xliff:g id="device_name" example="My device">%1$s</xliff:g>, wants to access your contacts and call log. This includes data about incoming and outgoing calls.\n\nYou haven\u2019t connected to <xliff:g id="device_name" example="My device">%2$s</xliff:g> before.</string>
++
++    <!-- Label for button to not allow grant the permission for remote devices. [CHAR_LIMIT=50] -->
++    <string name="request_manage_bluetooth_permission_dont_allow">Don\u2019t allow</string>
+ </resources>
+diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java
+index ffb4f398ab..92988dd97e 100644
+--- a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java
++++ b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java
+@@ -138,7 +138,7 @@ public class BluetoothPermissionActivity extends AlertActivity implements
+         }
+         p.mPositiveButtonText = getString(R.string.allow);
+         p.mPositiveButtonListener = this;
+-        p.mNegativeButtonText = getString(R.string.deny);
++        p.mNegativeButtonText = getString(R.string.request_manage_bluetooth_permission_dont_allow);
+         p.mNegativeButtonListener = this;
+         mOkButton = mAlert.getButton(DialogInterface.BUTTON_POSITIVE);
+         setupAlert();
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/315717.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/315717.patch
new file mode 100644
index 00000000..49312d49
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/315717.patch
@@ -0,0 +1,151 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Hugh Chen <hughchen@google.com>
+Date: Thu, 3 Jun 2021 16:38:24 +0800
+Subject: [PATCH] RESTRICT AUTOMERGE Fix phishing attacks over Bluetooth due to
+ unclear warning message
+
+This CL add more prompts presented for users to avoid phishing attacks.
+
+Screenshot:
+https://screenshot.googleplex.com/p5PZbphN46ddPFV.png
+https://screenshot.googleplex.com/6Q2wKfPbNQmTtx8.png
+https://screenshot.googleplex.com/987VpYgNUZL2K4T.png
+https://screenshot.googleplex.com/9eVg6SAGScVXU8U.png
+
+Bug: 167403112
+Test: manually test
+Change-Id: Iadec059b662fd91754ad573bbe688702cdd3c9af
+(cherry picked from commit 10e459921953825d34e70cc4da846aac703d913c)
+(cherry picked from commit 8fe8e0fc211d4f36cce2865a17c834573ec25211)
+---
+ res/values/strings.xml                        | 21 +++++++++++++++++
+ .../BluetoothPermissionActivity.java          | 23 ++++++++++++-------
+ .../bluetooth/BluetoothPermissionRequest.java | 12 ++++++----
+ 3 files changed, 44 insertions(+), 12 deletions(-)
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 322baf1566..f98146b139 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -7975,4 +7975,25 @@
+ 
+     <!-- Label for button to not allow grant the permission for remote devices. [CHAR_LIMIT=50] -->
+     <string name="request_manage_bluetooth_permission_dont_allow">Don\u2019t allow</string>
++
++    <!-- Bluetooth sim card permission alert for notification title [CHAR LIMIT=none] -->
++    <string name="bluetooth_sim_card_access_notification_title">SIM card access request</string>
++    <!-- Bluetooth sim card permission alert for notification content [CHAR LIMIT=none] -->
++    <string name="bluetooth_sim_card_access_notification_content">A device wants to access your SIM card. Tap for details.</string>
++    <!-- Bluetooth sim card permission alert for dialog title [CHAR LIMIT=none] -->
++    <string name="bluetooth_sim_card_access_dialog_title">Allow access to SIM card?</string>
++    <!-- Bluetooth sim card permission alert for dialog content [CHAR LIMIT=none] -->
++    <string name="bluetooth_sim_card_access_dialog_content">A Bluetooth device, <xliff:g id="device_name" example="My device">%1$s</xliff:g>, wants to access data on your SIM card. This includes your contacts.\n\nWhile connected, <xliff:g id="device_name" example="My device">%2$s</xliff:g> will receive all calls made to <xliff:g id="phone_number" example="0912345678">%3$s</xliff:g>.</string>
++    <!-- Bluetooth connect permission alert for notification title [CHAR LIMIT=none] -->
++    <string name="bluetooth_connect_access_notification_title">Bluetooth device available</string>
++    <!-- Bluetooth connect permission alert for notification content [CHAR LIMIT=none] -->
++    <string name="bluetooth_connect_access_notification_content">A device wants to connect. Tap for details.</string>
++    <!-- Bluetooth connect permission alert for dialog title [CHAR LIMIT=none] -->
++    <string name="bluetooth_connect_access_dialog_title">Connect to Bluetooth device?</string>
++    <!-- Bluetooth connect permission alert for dialog content [CHAR LIMIT=none] -->
++    <string name="bluetooth_connect_access_dialog_content"><xliff:g id="device_name" example="My device">%1$s</xliff:g> wants to connect to this phone.\n\nYou haven\u2019t connected to <xliff:g id="device_name" example="My device">%2$s</xliff:g> before.</string>
++    <!-- Strings for Dialog don't connect button -->
++    <string name="bluetooth_connect_access_dialog_negative">Don\u2019t connect</string>
++    <!-- Strings for Dialog connect button -->
++    <string name="bluetooth_connect_access_dialog_positive">Connect</string>
+ </resources>
+diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java
+index 92988dd97e..9444d49263 100644
+--- a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java
++++ b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java
+@@ -25,6 +25,7 @@ import android.content.DialogInterface;
+ import android.content.Intent;
+ import android.content.IntentFilter;
+ import android.os.Bundle;
++import android.telephony.TelephonyManager;
+ import android.support.v7.preference.Preference;
+ import android.util.EventLog;
+ import android.util.Log;
+@@ -97,13 +98,13 @@ public class BluetoothPermissionActivity extends AlertActivity implements
+         if(DEBUG) Log.i(TAG, "onCreate() Request type: " + mRequestType);
+ 
+         if (mRequestType == BluetoothDevice.REQUEST_TYPE_PROFILE_CONNECTION) {
+-            showDialog(getString(R.string.bluetooth_connection_permission_request), mRequestType);
++            showDialog(getString(R.string.bluetooth_connect_access_dialog_title), mRequestType);
+         } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_PHONEBOOK_ACCESS) {
+             showDialog(getString(R.string.bluetooth_phonebook_access_dialog_title), mRequestType);
+         } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_MESSAGE_ACCESS) {
+             showDialog(getString(R.string.bluetooth_message_access_dialog_title), mRequestType);
+         } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_SIM_ACCESS) {
+-            showDialog(getString(R.string.bluetooth_sap_request), mRequestType);
++            showDialog(getString(R.string.bluetooth_sim_card_access_dialog_title), mRequestType);
+         }
+         else {
+             Log.e(TAG, "Error: bad request type: " + mRequestType);
+@@ -136,9 +137,14 @@ public class BluetoothPermissionActivity extends AlertActivity implements
+             p.mView = createSapDialogView();
+             break;
+         }
+-        p.mPositiveButtonText = getString(R.string.allow);
++        p.mPositiveButtonText = getString(
++                requestType == BluetoothDevice.REQUEST_TYPE_PROFILE_CONNECTION
++                        ? R.string.bluetooth_connect_access_dialog_positive : R.string.allow);
+         p.mPositiveButtonListener = this;
+-        p.mNegativeButtonText = getString(R.string.request_manage_bluetooth_permission_dont_allow);
++        p.mNegativeButtonText = getString(
++                requestType == BluetoothDevice.REQUEST_TYPE_PROFILE_CONNECTION
++                        ? R.string.bluetooth_connect_access_dialog_negative
++                        : R.string.request_manage_bluetooth_permission_dont_allow);
+         p.mNegativeButtonListener = this;
+         mOkButton = mAlert.getButton(DialogInterface.BUTTON_POSITIVE);
+         setupAlert();
+@@ -170,8 +176,8 @@ public class BluetoothPermissionActivity extends AlertActivity implements
+         String mRemoteName = createRemoteName();
+         mView = getLayoutInflater().inflate(R.layout.bluetooth_access, null);
+         messageView = (TextView)mView.findViewById(R.id.message);
+-        messageView.setText(getString(R.string.bluetooth_connection_dialog_text,
+-                mRemoteName));
++        messageView.setText(getString(R.string.bluetooth_connect_access_dialog_content,
++                mRemoteName, mRemoteName));
+         return mView;
+     }
+ 
+@@ -195,10 +201,11 @@ public class BluetoothPermissionActivity extends AlertActivity implements
+ 
+     private View createSapDialogView() {
+         String mRemoteName = createRemoteName();
++        TelephonyManager tm = getSystemService(TelephonyManager.class);
+         mView = getLayoutInflater().inflate(R.layout.bluetooth_access, null);
+         messageView = (TextView)mView.findViewById(R.id.message);
+-        messageView.setText(getString(R.string.bluetooth_sap_acceptance_dialog_text,
+-                mRemoteName, mRemoteName));
++        messageView.setText(getString(R.string.bluetooth_sim_card_access_dialog_content,
++                mRemoteName, mRemoteName, tm.getLine1Number()));
+         return mView;
+     }
+ 
+diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java b/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java
+index 3de10a5d10..d23dea93e5 100644
+--- a/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java
++++ b/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java
+@@ -144,13 +144,17 @@ public final class BluetoothPermissionRequest extends BroadcastReceiver {
+                                 R.string.bluetooth_message_access_notification_content);
+                         break;
+                     case BluetoothDevice.REQUEST_TYPE_SIM_ACCESS:
+-                        title = context.getString(R.string.bluetooth_sap_request);
+-                        message = context.getString(R.string.bluetooth_sap_acceptance_dialog_text,
++                        title = context.getString(
++                                R.string.bluetooth_sim_card_access_notification_title);
++                        message = context.getString(
++                                R.string.bluetooth_sim_card_access_notification_content,
+                                 deviceAlias, deviceAlias);
+                         break;
+                     default:
+-                        title = context.getString(R.string.bluetooth_connection_permission_request);
+-                        message = context.getString(R.string.bluetooth_connection_dialog_text,
++                        title = context.getString(
++                                R.string.bluetooth_connect_access_notification_title);
++                        message = context.getString(
++                                R.string.bluetooth_connect_access_notification_content,
+                                 deviceAlias, deviceAlias);
+                         break;
+                 }
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/318519.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/318519.patch
new file mode 100644
index 00000000..ffec5754
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/318519.patch
@@ -0,0 +1,1411 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Bill Yi <byi@google.com>
+Date: Tue, 17 Aug 2021 22:14:24 -0700
+Subject: [PATCH] Import translations. DO NOT MERGE ANYWHERE
+
+BUG:167403112
+
+Auto-generated-cl: translation import
+
+[basilgello: Back-port to LineageOS 14.1]
+
+Since the patch is too big to apply it manually, I splitted
+the patch into '/tmp/a' with this script:
+
+===
+
+PREVLINENO=""
+PREVFILENAME=""
+grep -n "^diff " "$1" | while read LINE; do
+	CURLINENO="$(echo "$LINE" | awk -F: '{print $1}')"
+	FILENAME="$(echo "$LINE" | awk '{print $3}' | sed 's,^'$2'/,,')"
+
+	if [ ! -z "$PREVLINENO" ]; then
+		DIRNAME="$(dirname "$PREVFILENAME")"
+
+		mkdir -p "$DIRNAME"
+		REALCURLINENO="$(expr $CURLINENO - 1)"
+		sed -n $PREVLINENO","$REALCURLINENO"p" "$1" |
+			sed '/^Only in/d' >"$PREVFILENAME.diff"
+		echo "---" >>"$PREVFILENAME.diff"
+	fi
+
+	PREVLINENO="$CURLINENO"
+	PREVFILENAME="$FILENAME"
+done
+
+echo "$PREVFILENAME"
+===
+
+then imported the filediffs which exist in the resource tree:
+
+===
+for _1 in $(find /tmp/a/ -type f)
+do
+        _2="${_1/.diff/}"
+        _2="${_2/\/tmp\/a\//}"
+        if [ -f "$_2" ]; then
+                sed -i '\|^</resources>|d' "$_2"
+                sed -n '/^+ /{s/^+//; p}' "/tmp/a/$_2.diff" >> "$_2"
+                echo "</resources>" >> "$_2"
+        fi
+done
+===
+
+Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
+
+Change-Id: Id5c579245cf72f10f4d15fcb69d24bcf58dd281a
+(cherry picked from commit 88a0994ed854f04730d178159f8bb95f08c4597b)
+---
+ res/values-af/strings.xml        | 17 +++++++++++++++++
+ res/values-am/strings.xml        | 17 +++++++++++++++++
+ res/values-ar/strings.xml        | 17 +++++++++++++++++
+ res/values-b+sr+Latn/strings.xml | 17 +++++++++++++++++
+ res/values-bg/strings.xml        | 17 +++++++++++++++++
+ res/values-ca/strings.xml        | 17 +++++++++++++++++
+ res/values-cs/strings.xml        | 17 +++++++++++++++++
+ res/values-da/strings.xml        | 17 +++++++++++++++++
+ res/values-de/strings.xml        | 17 +++++++++++++++++
+ res/values-el/strings.xml        | 17 +++++++++++++++++
+ res/values-en-rAU/strings.xml    | 17 +++++++++++++++++
+ res/values-en-rGB/strings.xml    | 17 +++++++++++++++++
+ res/values-en-rIN/strings.xml    | 17 +++++++++++++++++
+ res/values-es-rUS/strings.xml    | 17 +++++++++++++++++
+ res/values-es/strings.xml        | 17 +++++++++++++++++
+ res/values-fa/strings.xml        | 17 +++++++++++++++++
+ res/values-fi/strings.xml        | 17 +++++++++++++++++
+ res/values-fr-rCA/strings.xml    | 17 +++++++++++++++++
+ res/values-fr/strings.xml        | 17 +++++++++++++++++
+ res/values-hi/strings.xml        | 17 +++++++++++++++++
+ res/values-hr/strings.xml        | 17 +++++++++++++++++
+ res/values-hu/strings.xml        | 17 +++++++++++++++++
+ res/values-in/strings.xml        | 17 +++++++++++++++++
+ res/values-it/strings.xml        | 17 +++++++++++++++++
+ res/values-iw/strings.xml        | 17 +++++++++++++++++
+ res/values-ja/strings.xml        | 17 +++++++++++++++++
+ res/values-ko/strings.xml        | 17 +++++++++++++++++
+ res/values-lt/strings.xml        | 17 +++++++++++++++++
+ res/values-lv/strings.xml        | 17 +++++++++++++++++
+ res/values-nb/strings.xml        | 17 +++++++++++++++++
+ res/values-nl/strings.xml        | 17 +++++++++++++++++
+ res/values-pl/strings.xml        | 17 +++++++++++++++++
+ res/values-pt-rBR/strings.xml    | 17 +++++++++++++++++
+ res/values-pt-rPT/strings.xml    | 17 +++++++++++++++++
+ res/values-pt/strings.xml        | 17 +++++++++++++++++
+ res/values-ro/strings.xml        | 17 +++++++++++++++++
+ res/values-ru/strings.xml        | 17 +++++++++++++++++
+ res/values-sk/strings.xml        | 17 +++++++++++++++++
+ res/values-sl/strings.xml        | 17 +++++++++++++++++
+ res/values-sr/strings.xml        | 17 +++++++++++++++++
+ res/values-sv/strings.xml        | 17 +++++++++++++++++
+ res/values-sw/strings.xml        | 17 +++++++++++++++++
+ res/values-th/strings.xml        | 17 +++++++++++++++++
+ res/values-tl/strings.xml        | 17 +++++++++++++++++
+ res/values-tr/strings.xml        | 17 +++++++++++++++++
+ res/values-uk/strings.xml        | 17 +++++++++++++++++
+ res/values-vi/strings.xml        | 17 +++++++++++++++++
+ res/values-zh-rCN/strings.xml    | 17 +++++++++++++++++
+ res/values-zh-rHK/strings.xml    | 17 +++++++++++++++++
+ res/values-zh-rTW/strings.xml    | 17 +++++++++++++++++
+ 50 files changed, 850 insertions(+)
+
+diff --git a/res/values-af/strings.xml b/res/values-af/strings.xml
+index 7305defade..c89e846582 100644
+--- a/res/values-af/strings.xml
++++ b/res/values-af/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Jou berging word nou deur die bergingbestuurder bestuur"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Diensverskaffervoorsiening-inligting"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Trigger-diensverskaffervoorsiening"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"\'n Toestel wil toegang tot jou boodskappe hê. Tik vir besonderhede."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Gee toegang tot boodskappe?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"\'n Bluetooth-toestel, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wil toegang tot jou boodskappe hê.\n\nJy het nog nooit aan <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> gekoppel nie."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"\'n Toestel wil toegang tot jou kontakte en oproeprekord hê. Tik vir besonderhede."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Gee toegang tot kontakte en oproeprekord?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"\'n Bluetooth-toestel, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wil toegang tot jou kontakte en oproeprekord hê. Dit sluit data oor inkomende en uitgaande oproepe in.\n\nJy het nog nooit aan <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> gekoppel nie."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Moenie toelaat nie"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Versoek vir toegang tot SIM-kaart"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"\'n Toestel wil toegang tot jou SIM-kaart hê. Tik vir besonderhede."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Laat toegang tot SIM-kaart toe?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"\'n Bluetooth-toestel, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wil toegang tot data op jou SIM-kaart hê. Dit sluit jou kontakte in.\n\nTerwyl <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> gekoppel is, sal hulle alle oproepe ontvang wat na <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> toe gemaak word."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth-toestel is beskikbaar"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"\'n Toestel wil koppel. Tik vir besonderhede."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Koppel aan Bluetooth-toestel?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> wil aan hierdie foon koppel.\n\nJy het nog nie voorheen aan <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> gekoppel nie."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Moenie koppel nie"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Koppel"</string>
+ </resources>
+diff --git a/res/values-am/strings.xml b/res/values-am/strings.xml
+index 7d70dc6cbe..d3f0c6cbca 100644
+--- a/res/values-am/strings.xml
++++ b/res/values-am/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"የእርስዎ ማከማቻ አሁን በማከማቻ አስተዳዳሪ እየተዳደረ ነው"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"የአገልግሎት አቅራቢ አቅርቦት መረጃ"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"የቀስቃሴ አገልግሎት አቅራቢ አቅርቦት"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"አንድ መሣሪያ መልዕክቶችዎን መድረስ ይፈልጋል። ዝርዝሮችን ለማግኘት መታ ያድርጉ።"</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"የመልዕክቶች መዳረሻ ይፈቀድ?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"አንድ የብሉቱዝ መሣሪያ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> መልዕክቶችዎን መድረስ ይፈልጋል።\n\nከዚህ በፊት ከ<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ጋር አልተገናኙም።"</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"አንድ መሣሪያ የእርስዎን እውቂያዎች እና የጥሪ ምዝግብ ማስታወሻ መድረስ ይፈልጋል። ዝርዝሮችን ለማግኘት መታ ያድርጉ።"</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"የእውቂያዎች እና የጥሪ ምዝግብ ማስታወሻ መዳረሻ ይፈቀድ?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"አንድ የብሉቱዝ መሣሪያ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> የእርስዎን እውቂያዎች እና የጥሪ ምዝግብ ማስታወሻ መድረስ ይፈልጋል። ይህ የገቢ እና ወጪ ጥሪዎች ውሂብን ያካትታል።\n\nከዚህ በፊት ከ<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ጋር አልተገናኙም።"</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"አትፍቀድ"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"የሲም ካርድ መዳረሻ ጥያቄ"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"አንድ መሣሪያ ሲም ካርድዎን መድረስ ይፈልጋል። ዝርዝሮችን ለማግኘት መታ ያድርጉ።"</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"የሲም ካርድ መዳረሻ ይፈቀድ?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"አንድ የብሉቱዝ መሣሪያ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> በሲም ካርድዎ ላይ ውሂብን መድረስ ይፈልጋል። ይህ የእርስዎን እውቂያዎች ያካትታል።\n\nተገናኝቶ ሳለ <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ለ<xliff:g id="PHONE_NUMBER">%3$s</xliff:g> የተደረጉ ሁሉንም ጥሪዎች ይቀበላል።"</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"የብሉቱዝ መሣሪያ ይገኛል"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"አንድ መሣሪያ መገናኘት ይፈልጋል። ዝርዝሮችን ለማግኘት መታ ያድርጉ።"</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"ከብሉቱዝ መሣሪያ ጋር ይገናኝ?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ከዚህ ስልክ ጋር መገናኘት ይፈልጋል።\n\nከዚህ በፊት ከ<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ጋር አልተገናኙም።"</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"አታገናኝ"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"አገናኝ"</string>
+ </resources>
+diff --git a/res/values-ar/strings.xml b/res/values-ar/strings.xml
+index 0353c3bcf8..e64d14a5fd 100644
+--- a/res/values-ar/strings.xml
++++ b/res/values-ar/strings.xml
+@@ -3403,4 +3403,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"تتم إدارة السعة التخزينية لجهازك الآن عن طريق مدير السعة التخزينية"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"معلومات توفير خدمة مشغل شبكة الجوال"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"بدء توفير خدمة مشغل شبكة الجوال"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"يريد جهاز الوصول إلى رسائلك. انقر للحصول على التفاصيل."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"هل تريد السماح بالوصول إلى الرسائل؟"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"يريد جهاز يتضمّن بلوتوث، اسمه <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>، الوصول إلى رسائلك.\n\nلم يتم ربطك بالجهاز <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> في السابق."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"يريد جهاز الوصول إلى جهات الاتصال وسجلّ المكالمات. انقر للحصول على التفاصيل."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"هل تريد السماح بالوصول إلى جهات الاتصال وسجلّ المكالمات؟"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"يريد جهاز يتضمّن بلوتوث، اسمه <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>، الوصول إلى جهات الاتصال وسجلّ المكالمات. يتضمن ذلك الوصول إلى بيانات عن المكالمات الواردة والصادرة.\n\nلم يتم ربطك بالجهاز <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> في السابق."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"عدم السماح"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"‏طلب الوصول إلى شريحة SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"‏يريد أحد الأجهزة الوصول إلى شريحة SIM. انقر للحصول على التفاصيل."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"‏هل تريد السماح بالوصول إلى شريحة SIM؟"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"‏يريد الجهاز الذي يتضمّن بلوتوث <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> الوصول إلى البيانات على شريحة SIM. يتضمّن ذلك جهات اتصالك.\n\nعندما يكون الجهاز متصلاً، سيتلقّى <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> كل المكالمات التي يتم إجراؤها إلى الرقم <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"يتوفّر جهاز يتضمّن بلوتوث"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"يريد أحد الأجهزة الاتصال بجهازك. انقر للحصول على التفاصيل."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"هل تريد الاتصال بالجهاز الذي يتضمّن بلوتوث؟"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"يريد <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> الاتصال بهذا الهاتف.\n\nلم تتصل بالجهاز <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> من قبل."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"عدم الاتصال"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"الاتصال"</string>
+ </resources>
+diff --git a/res/values-b+sr+Latn/strings.xml b/res/values-b+sr+Latn/strings.xml
+index 1306c1606e..dc22a54702 100644
+--- a/res/values-b+sr+Latn/strings.xml
++++ b/res/values-b+sr+Latn/strings.xml
+@@ -3295,4 +3295,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Memorijskim prostorom sada upravlja Menadžer memorijskog prostora"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informacije o dodeli mobilnog operatera"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Pokretanje dodele mobilnog operatera"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Uređaj želi da pristupa porukama. Dodirnite za detalje."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Želite li da dozvolite pristup porukama?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Bluetooth uređaj, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, želi da pristupa porukama.\n\nRanije se niste povezivali sa uređajem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Uređaj želi da pristupa kontaktima i evidenciji poziva. Dodirnite za detalje."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Želite li da dozvolite pristup kontaktima i evidenciji poziva?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Bluetooth uređaj, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, želi da pristupa kontaktima i evidenciji poziva. To obuhvata podatke o dolaznim i odlaznim pozivima.\n\nRanije se niste povezivali sa uređajem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Ne dozvoli"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Zahtev za pristup SIM kartici"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Uređaj želi da pristupa SIM kartici. Dodirnite za detalje."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Želite da dozvolite pristup SIM kartici?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Bluetooth uređaj, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, želi da pristupa podacima na SIM kartici. To obuhvata vaše kontakte.\n\nDok ste povezani, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> će primati sve pozive upućene na <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth uređaj je dostupan"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Uređaj želi da se poveže. Dodirnite za detalje."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Želite da se povežete sa Bluetooth uređajem?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> želi da se poveže sa ovim telefonom.\n\nRanije se niste povezivali sa uređajem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Ne povezuj"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Poveži"</string>
+ </resources>
+diff --git a/res/values-bg/strings.xml b/res/values-bg/strings.xml
+index 535a81604a..76b9df05eb 100644
+--- a/res/values-bg/strings.xml
++++ b/res/values-bg/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Хранилището ви вече се управлява от съответния мениджър"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Carrier Provisioning Info"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Задействане на обезпечаването от оператора"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Устройство иска достъп до съобщенията ви. Докоснете за подробности."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Да се разреши ли достъпът до съобщенията?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Устройство с Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) иска да осъществи достъп до съобщенията ви.\n\nДосега не сте се свързвали с(ъс) <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Устройство иска достъп до контактите ви и списъка с обажданията ви. Докоснете за подробности."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Да се разреши ли достъпът до контактите и списъка с обажданията?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Устройство с Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) иска да осъществи достъп до контактите ви и списъка с обажданията ви. Това включва данни за входящите и изходящите обаждания.\n\nДосега не сте се свързвали с(ъс) <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Забраняване"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Заявка за достъп до SIM картата"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Устройство иска да осъществи достъп до SIM картата ви. Докоснете за подробности."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Да се разреши ли достъпът до SIM картата?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Устройство с Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) иска да осъществи достъп до данните на SIM картата ви. Това включва контактите ви.\n\nДокато е свързано, устройството „<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>“ ще получава всички обаждания до <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Има налично устройство с Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Устройство иска да се свърже. Докоснете за подробности."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Да се установи ли връзка с устройството с Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> иска да се свърже с този телефон.\n\nДосега не сте се свързвали с(ъс) <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Отказ"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Свързване"</string>
+ </resources>
+diff --git a/res/values-ca/strings.xml b/res/values-ca/strings.xml
+index 50ec304b9f..65cfb3610e 100644
+--- a/res/values-ca/strings.xml
++++ b/res/values-ca/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Ara mateix, el gestor d\'emmagatzematge gestiona el teu emmagatzematge"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informació de serveis de l\'operador de telefonia mòbil"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Activa els serveis de l\'operador de telefonia mòbil"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Un dispositiu vol accedir als teus missatges. Toca per obtenir més detalls."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Vols permetre l\'accés als missatges?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Un dispositiu Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vol accedir als teus missatges.\n\nNo t\'has connectat a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> abans."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Un dispositiu vol accedir als teus contactes i al registre de trucades. Toca per obtenir més detalls."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Vols permetre l\'accés als contactes i al registre de trucades?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Un dispositiu Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vol accedir als teus contactes i al registre de trucades. Això inclou dades sobre les trucades entrants i sortints.\n\nNo t\'has connectat a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> abans."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"No permetis"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Sol·licitud d\'accés a la targeta SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Un dispositiu vol accedir a la teva targeta SIM. Toca per obtenir informació."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Vols permetre l\'accés a la targeta SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Un dispositiu Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vol accedir a les dades de la teva targeta SIM. Això inclou els teus contactes.\n\nMentre estigui connectat, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> rebrà totes les trucades que es facin a <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dispositiu Bluetooth disponible"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Un dispositiu vol connectar-se al teu. Toca per obtenir informació."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Vols connectar-te al dispositiu Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> vol connectar-se a aquest telèfon.\n\nNo t\'has connectat a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> abans."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"No connectis"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Connecta"</string>
+ </resources>
+diff --git a/res/values-cs/strings.xml b/res/values-cs/strings.xml
+index d313f7a3c0..204ce67618 100644
+--- a/res/values-cs/strings.xml
++++ b/res/values-cs/strings.xml
+@@ -3331,4 +3331,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Úložiště je nyní spravováno správcem úložiště."</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informace o zprovoznění služby u operátora"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Spustit zprovoznění služby u operátora"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Zařízení žádá o přístup k vašim zprávám. Podrobnosti zobrazíte klepnutím."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Chcete povolit přístup ke zprávám?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Zařízení Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> žádá o přístup k vašim zprávám.\n\nK zařízení <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> jste se ještě nikdy nepřipojili."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Zařízení žádá o přístup k vašim kontaktům a seznamu hovorů. Podrobnosti zobrazíte klepnutím."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Chcete povolit přístup ke kontaktům a seznamu hovorů?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Zařízení Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> žádá o přístup k vašim kontaktům a seznamu hovorů. To zahrnuje data o příchozích a odchozích hovorech.\n\nK zařízení <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> jste se ještě nikdy nepřipojili."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Nepovolovat"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Žádost o přístup k SIM kartě"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Zařízení žádá o přístup k vaší SIM kartě. Podrobnosti zobrazíte klepnutím."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Povolit přístup k SIM kartě?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Zařízení Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> žádá o přístup k datům na vaší SIM kartě. Tato data zahrnují i vaše kontakty.\n\nBěhem připojení bude zařízení <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> přijímat všechny hovory směrované na číslo <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Je dostupné zařízení Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Zařízení žádá o připojení. Podrobnosti zobrazíte klepnutím."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Připojit k zařízení Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"Zařízení <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> žádá o připojení k tomuto telefonu.\n\nK zařízení <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> jste se ještě nikdy nepřipojili."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Nepřipojovat"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Připojit"</string>
+ </resources>
+diff --git a/res/values-da/strings.xml b/res/values-da/strings.xml
+index 000cb2d99f..a1878e3638 100644
+--- a/res/values-da/strings.xml
++++ b/res/values-da/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Din lagerplads administreres nu af lageradministratoren"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Oplysninger om mobilselskab"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Udløs mobilselskab"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"En enhed vil gerne have adgang til dine beskeder. Tryk for at få flere oplysninger."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Vil du give adgang til beskeder?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"En Bluetooth-enhed, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vil gerne have adgang til dine beskeder.\n\nDu har ikke oprettet forbindelse til <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> før."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"En enhed vil gerne have adgang til dine kontakter og din opkaldshistorik. Tryk for at få flere oplysninger."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Vil du give adgang til kontakter og opkaldshistorik?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"En Bluetooth-enhed, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vil gerne have adgang til dine kontakter og din opkaldshistorik. Dette omfatter data om indgående og udgående opkald.\n\nDu har ikke oprettet forbindelse til <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> før."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Tillad ikke"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Anmodning om adgang til SIM-kort"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"En enhed vil gerne have adgang til dit SIM-kort. Tryk for at få flere oplysninger."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Vil du give adgang til SIM-kortet?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Bluetooth-enheden <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> vil gerne have adgang til data på dit SIM-kort. Dette omfatter dine kontakter.\n\nNår der er oprettet forbindelse, vil <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> modtage alle indgående opkald til <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"En Bluetooth-enhed er tilgængelig"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"En enhed vil gerne oprette forbindelse. Tryk for at få flere oplysninger."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Vil du oprette forbindelse til Bluetooth-enheden?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> vil gerne oprette forbindelse til denne telefon.\n\nDu har ikke tidligere oprettet forbindelse til <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Opret ikke forbindelse"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Opret forbindelse"</string>
+ </resources>
+diff --git a/res/values-de/strings.xml b/res/values-de/strings.xml
+index 4d1b5dedcf..19d05ebf0f 100644
+--- a/res/values-de/strings.xml
++++ b/res/values-de/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Dein Speicher wird jetzt vom Speichermanager verwaltet"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informationen zur Nutzerverwaltung durch den Anbieter"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Nutzerverwaltung durch den Anbieter auslösen"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Ein Gerät fordert Zugriff auf deine Nachrichten an. Weitere Informationen."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Möchtest du den Zugriff auf Nachrichten zulassen?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Ein Bluetooth-Gerät (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) fordert Zugriff auf deine Nachrichten an.\n\nDein Gerät war bisher noch nicht mit <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> verbunden."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Ein Gerät fordert Zugriff auf deine Kontakte und deine Anrufliste an. Weitere Informationen."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Möchtest du den Zugriff auf Kontakte und Anrufliste zulassen?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Ein Bluetooth-Gerät (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) fordert Zugriff auf deine Kontakte und deine Anrufliste an. Dazu gehören auch Daten über ein- und ausgehende Anrufe.\n\nDein Gerät war bisher noch nicht mit <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> verbunden."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Nicht zulassen"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Anfrage nach Zugriff auf SIM-Karte"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Ein Gerät möchte auf deine SIM-Karte zugreifen. Weitere Informationen."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Zugriff auf SIM-Karte erlauben?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Ein Bluetooth-Gerät, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, möchte auf Daten auf deiner SIM-Karte zugreifen. Das betrifft auch deine Kontakte.\n\nSo lange die Verbindung besteht, erhält <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> alle Anrufe für <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Ein Bluetooth-Gerät ist verfügbar"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Ein Gerät möchte sich verbinden. Weitere Informationen."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Mit Bluetooth-Gerät verbinden?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> möchte sich mit diesem Smartphone verbinden.\n\nDu hast dich bisher nicht mit <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> verbunden."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Nicht verbinden"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Verbinden"</string>
+ </resources>
+diff --git a/res/values-el/strings.xml b/res/values-el/strings.xml
+index 7934c502ec..47f753c94d 100644
+--- a/res/values-el/strings.xml
++++ b/res/values-el/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Στο εξής, γίνεται διαχείριση του αποθηκευτικού σας χώρου από τον διαχειριστή αποθηκευτικού χώρου"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Πληροφορίες παροχής εταιρείας κινητής τηλεφωνίας"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Ενεργοποίηση παροχής εταιρείας κινητής τηλεφωνίας"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Μια συσκευή θέλει να αποκτήσει πρόσβαση στα μηνύματά σας. Πατήστε για λεπτομέρειες."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Να επιτρέπεται η πρόσβαση σε μηνύματα;"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Μια συσκευή Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, θέλει να αποκτήσει πρόσβαση στα μηνύματά σας.\n\nΔεν έχετε συνδεθεί στη συσκευή <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> στο παρελθόν."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Μια συσκευή θέλει να αποκτήσει πρόσβαση στις επαφές και το αρχείο καταγραφής κλήσεων. Πατήστε για λεπτομέρειες."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Να επιτρέπεται η πρόσβαση στις επαφές και στο αρχείο καταγραφής κλήσεων;"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Η συσκευή Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> θέλει να αποκτήσει πρόσβαση στις επαφές και το αρχείο καταγραφής κλήσεων. Αυτό περιλαμβάνει δεδομένα σχετικά με τις εισερχόμενες και τις εξερχόμενες κλήσεις.\n\nΔεν έχετε συνδεθεί στη συσκευή <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> στο παρελθόν."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Να μην επιτρέπεται"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Αίτημα πρόσβασης στην κάρτα SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Μια συσκευή θέλει να αποκτήσει πρόσβαση στην κάρτα SIM. Πατήστε για λεπτομέρειες."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Να επιτρέπεται η πρόσβαση στην κάρτα SIM;"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Η συσκευή Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, θέλει να αποκτήσει πρόσβαση σε δεδομένα της κάρτας SIM. Στα δεδομένα περιλαμβάνονται οι επαφές σας.\n\nΌταν είναι συνδεδεμένη, η συσκευή <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> θα λαμβάνει όλες τις κλήσεις που πραγματοποιούνται στον αριθμό τηλεφώνου <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Υπάρχει διαθέσιμη συσκευή Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Μια συσκευή θέλει να συνδεθεί. Πατήστε για λεπτομέρειες."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Σύνδεση σε συσκευή Bluetooth;"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"Η συσκευή <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> θέλει να συνδεθεί σε αυτό το τηλέφωνο.\n\nΔεν έχετε συνδεθεί στο παρελθόν στη συσκευή <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Να μην γίνει σύνδεση"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Σύνδεση"</string>
+ </resources>
+diff --git a/res/values-en-rAU/strings.xml b/res/values-en-rAU/strings.xml
+index e57faea997..007f5b3231 100644
+--- a/res/values-en-rAU/strings.xml
++++ b/res/values-en-rAU/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Your storage is now being managed by the storage manager"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Operator Provisioning Info"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Trigger Operator Provisioning"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"A device wants to access your messages. Tap for details."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Allow access to messages?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access your messages.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"A device wants to access your contacts and call log. Tap for details."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Allow access to contacts and call log?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access your contacts and call log. This includes data about incoming and outgoing calls.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Don\'t allow"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM card access request"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"A device wants to access your SIM card. Tap for details."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Allow access to SIM card?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access data on your SIM card. This includes your contacts.\n\nWhile connected, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> will receive all calls made to <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth device available"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"A device wants to connect. Tap for details."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Connect to Bluetooth device?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> wants to connect to this phone.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Don’t connect"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Connect"</string>
+ </resources>
+diff --git a/res/values-en-rGB/strings.xml b/res/values-en-rGB/strings.xml
+index 6a22132233..562d21263d 100644
+--- a/res/values-en-rGB/strings.xml
++++ b/res/values-en-rGB/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Your storage is now being managed by the storage manager"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Operator Provisioning Info"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Trigger Operator Provisioning"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"A device wants to access your messages. Tap for details."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Allow access to messages?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access your messages.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"A device wants to access your contacts and call log. Tap for details."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Allow access to contacts and call log?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access your contacts and call log. This includes data about incoming and outgoing calls.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Don\'t allow"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM card access request"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"A device wants to access your SIM card. Tap for details."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Allow access to SIM card?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access data on your SIM card. This includes your contacts.\n\nWhile connected, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> will receive all calls made to <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth device available"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"A device wants to connect. Tap for details."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Connect to Bluetooth device?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> wants to connect to this phone.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Don’t connect"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Connect"</string>
+ </resources>
+diff --git a/res/values-en-rIN/strings.xml b/res/values-en-rIN/strings.xml
+index 6a22132233..562d21263d 100644
+--- a/res/values-en-rIN/strings.xml
++++ b/res/values-en-rIN/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Your storage is now being managed by the storage manager"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Operator Provisioning Info"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Trigger Operator Provisioning"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"A device wants to access your messages. Tap for details."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Allow access to messages?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access your messages.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"A device wants to access your contacts and call log. Tap for details."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Allow access to contacts and call log?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access your contacts and call log. This includes data about incoming and outgoing calls.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Don\'t allow"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM card access request"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"A device wants to access your SIM card. Tap for details."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Allow access to SIM card?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"A Bluetooth device, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, wants to access data on your SIM card. This includes your contacts.\n\nWhile connected, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> will receive all calls made to <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth device available"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"A device wants to connect. Tap for details."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Connect to Bluetooth device?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> wants to connect to this phone.\n\nYou haven’t connected to <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> before."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Don’t connect"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Connect"</string>
+ </resources>
+diff --git a/res/values-es-rUS/strings.xml b/res/values-es-rUS/strings.xml
+index 7a573307bd..38c1b222d6 100644
+--- a/res/values-es-rUS/strings.xml
++++ b/res/values-es-rUS/strings.xml
+@@ -3257,4 +3257,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Tu almacenamiento ahora está a cargo del administrador de almacenamiento"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Información del aprovisionamiento del proveedor"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Activar aprovisionamiento del proveedor"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Un dispositivo quiere acceder a tus mensajes. Presiona para ver más detalles"</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"¿Quieres permitir el acceso a los mensajes?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Un dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, quiere acceder a tus mensajes.\n\nNunca antes te habías conectado a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Un dispositivo quiere acceder a tus contactos y al registro de llamadas. Presiona para ver más detalles"</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"¿Quieres permitir el acceso a los contactos y al registro de llamadas?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Un dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, quiere acceder a tus contactos y al registro de llamadas. Esto incluye datos sobre llamadas entrantes y salientes.\n\nNunca antes te habías conectado a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"No permitir"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Solicitud de acceso a la tarjeta SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Un dispositivo quiere acceder a tu tarjeta SIM. Presiona para ver más detalles."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"¿Permitir acceso a la tarjeta SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Un dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, quiere acceder a los datos de tu tarjeta SIM. Eso incluye tus contactos.\n\nMientras estés conectado, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> recibiremos todas las llamadas que realices a <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dispositivo Bluetooth disponible"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Un dispositivo quiere conectarse. Presiona para ver más detalles."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"¿Conectar al dispositivo Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> quiere conectarse a este teléfono.\n\nNo te conectaste a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> antes."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"No conectar"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Conectar"</string>
+ </resources>
+diff --git a/res/values-es/strings.xml b/res/values-es/strings.xml
+index 0d867de44f..389475ecb0 100644
+--- a/res/values-es/strings.xml
++++ b/res/values-es/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"El Administrador de Almacenamiento gestiona ahora el almacenamiento"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Información de servicios del operador"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Activar servicios del operador"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Un dispositivo quiere acceder a tus mensajes. Toca para consultar información detallada."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"¿Permitir acceso a los mensajes?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Un dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, quiere acceder a tus mensajes.\n\nEs la primera vez que te conectas a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Un dispositivo quiere acceder a tus contactos y a tu registro de llamadas. Toca para consultar información detallada."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"¿Permitir acceso a los contactos y al registro de llamadas?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Un dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quiere acceder a tus contactos y a tu registro de llamadas, lo que incluye datos sobre llamadas entrantes y salientes.\n\nEs la primera vez que te conectas a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"No permitir"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Solicitud de acceso a la tarjeta SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Un dispositivo quiere acceder a la tarjeta SIM. Toca para consultar más información."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"¿Permitir acceso a la tarjeta SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Un dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quiere acceder a los datos de tu tarjeta SIM. También tendrá acceso a tus contactos.\n\nMientras esté conectado, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> recibirá todas las llamadas dirigidas al <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dispositivo Bluetooth disponible"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Un dispositivo quiere conectarse. Toca para consultar más información."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"¿Conectar con dispositivo Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> quiere conectarse a este teléfono.\n\nEs la primera vez que te conectas a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"No conectar"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Conectar"</string>
+ </resources>
+diff --git a/res/values-fa/strings.xml b/res/values-fa/strings.xml
+index c15eaa826c..5e0c4f0825 100644
+--- a/res/values-fa/strings.xml
++++ b/res/values-fa/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"حافظه شما اکنون توسط مدیر حافظه مدیریت می‌شود"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"اطلاعات ارائه شرکت مخابراتی"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"شروع ارائه شرکت مخابراتی"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"دستگاهی می‌خواهد به پیام‌هایتان دسترسی داشته باشد. برای جزئیات ضربه بزنید."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"دسترسی به پیام‌ها مجاز شود؟"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"دستگاه بلوتوثی (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) می‌خواهد به پیام‌هایتان دسترسی داشته باشد.\n\nقبلاً به <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> متصل نشده‌اید."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"دستگاهی می‌خواهد به مخاطبین و گزارش تماس شما دسترسی داشته باشد. برای جزئیات ضربه بزنید."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"دسترسی به مخاطبین و گزارش تماس مجاز شود؟"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"دستگاه بلوتوثی (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) می‌خواهد به مخاطبین و گزارش تماس شما دسترسی داشته باشد. این شامل داده‌های مربوط به تماس‌های ورودی و خروجی می‌شود.\n\nتاکنون به <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> متصل نشده‌اید."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"مجاز نیست"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"درخواست دسترسی به سیم‌کارت"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"دستگاهی می‌خواهد به سیم‌کارتتان دسترسی داشته باشد. برای دیدن جزئیات، ضربه بزنید."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"دسترسی به سیم‌کارت مجاز شود؟"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"دستگاه بلوتوثی (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) می‌خواهد به داده‌های سیم‌کارتتان دسترسی داشته باشد. این داده‌ها شامل مخاطبین شما می‌شود.\n\nوقتی متصل باشد، <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> همه تماس‌هایی را که با <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> برقرار می‌شود دریافت خواهد کرد."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"دستگاه بلوتوث دردسترس است"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"دستگاهی می‌خواهد متصل شود. برای دیدن جزئیات، ضربه بزنید."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"به دستگاه بلوتوث متصل می‌شوید؟"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> می‌خواهد به این تلفن متصل شود.\n\nقبلاً به <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> متصل نشده‌اید."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"متصل نشود"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"متصل شود"</string>
+ </resources>
+diff --git a/res/values-fi/strings.xml b/res/values-fi/strings.xml
+index 14136bd2a7..b223c0ece1 100644
+--- a/res/values-fi/strings.xml
++++ b/res/values-fi/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Tallennustilan hallinta hallitsee nyt tallennustilaasi."</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Operaattorin hallintatiedot"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Ota operaattorin hallinta käyttöön"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Laite pyytää pääsyä viesteihisi. Katso lisätietoja napauttamalla."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Sallitaanko pääsy viesteihin?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Bluetooth-laite, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, pyytää pääsyä viesteihisi.\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ei ole ennen ollut yhteydessä laitteeseesi."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Laite pyytää pääsyä yhteystietoihisi ja puhelulokiisi. Katso lisätietoja napauttamalla."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Sallitaanko pääsy yhteystietoihin ja puhelulokiin?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Bluetooth-laite, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, pyytää pääsyä yhteystietoihisi ja puhelulokiisi. Tämä sisältää datan saapuvista ja lähtevistä puheluista.\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ei ole ennen ollut yhteydessä laitteeseesi."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Älä salli"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM-kortin pääsyoikeuspyyntö"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Laite haluaa pääsyn SIM-korttiisi. Katso lisätietoja napauttamalla."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Sallitaanko pääsy SIM-korttiin?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Bluetooth-laite, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, haluaa pääsyn SIM-korttisi dataan. Yhteystietosi sisältyvät dataan.\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> vastaanottaa yhteyden aikana kaikki puhelut, jotka soitetaan numeroon <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth-laite saatavilla"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Laite haluaa muodostaa yhteyden. Katso lisätietoja napauttamalla."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Yhdistetäänkö Bluetooth-laitteeseen?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> haluaa yhdistää tähän puhelimeen.\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ei ole ennen muodostanut yhteyttä."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Älä yhdistä"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Yhdistä"</string>
+ </resources>
+diff --git a/res/values-fr-rCA/strings.xml b/res/values-fr-rCA/strings.xml
+index 639fcd27f0..38c27094d6 100644
+--- a/res/values-fr-rCA/strings.xml
++++ b/res/values-fr-rCA/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Votre espace de stockage est maintenant géré par le gestionnaire de stockage"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Données d\'approvisionnement du fournisseur de services"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Déclencher l\'approvisionnement du fournisseur de services"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Un appareil souhaite accéder à vos messages. Touchez l\'écran pour en savoir plus."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Autoriser l\'accès aux messages?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Un appareil Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, souhaite accéder à vos messages.\n\nVous ne vous êtes jamais connecté à <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> auparavant."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Un appareil veut accéder à vos contacts et à votre journal d\'appels. Touchez l\'écran pour en savoir plus."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Autoriser l\'accès aux contacts et au journal d\'appels?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Un appareil Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, souhaite accéder à vos contacts et à votre journal d\'appels. Cela comprend des données à propos des appels entrants et sortants.\n\nVous ne vous êtes jamais connecté à <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> auparavant."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Ne pas autoriser"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Demande d\'accès à la carte SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Un appareil veut accéder à votre carte SIM. Touchez l\'écran pour en savoir plus."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Autoriser l\'accès à la carte SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Un appareil Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, veut accéder aux données de votre carte SIM. Parmi celles-ci figurent vos contacts.\n\nPendant qu\'il est connecté, l\'appareil <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> recevra tous les appels passés au numéro <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Appareil Bluetooth accessible"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Un appareil veut se connecter. Touchez l\'écran pour en savoir plus."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Se connecter à un appareil Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> veut se connecter à ce téléphone.\n\nVous ne vous êtes jamais connecté à <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> auparavant."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Ne pas se connecter"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Se connecter"</string>
+ </resources>
+diff --git a/res/values-fr/strings.xml b/res/values-fr/strings.xml
+index 434527e316..4aaf6a4b04 100644
+--- a/res/values-fr/strings.xml
++++ b/res/values-fr/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Votre espace de stockage est désormais géré par le gestionnaire d\'espace de stockage."</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informations de gestion des comptes opérateur"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Déclencher la gestion des comptes opérateur"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Un appareil souhaite accéder à vos messages. Appuyez ici pour plus de détails."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Autoriser l\'accès aux messages ?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Un appareil Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, souhaite accéder à vos messages.\n\nVous ne vous êtes jamais connecté à <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> auparavant."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Un appareil souhaite accéder à vos contacts et à votre journal d\'appels. Appuyez ici pour plus de détails."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Autoriser l\'accès aux contacts et au journal d\'appels ?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Un appareil Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, souhaite accéder à vos contacts et à votre journal d\'appels. Ceci inclut des données concernant les appels entrants et sortants.\n\nVous ne vous êtes jamais connecté à <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> auparavant."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Ne pas autoriser"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Demande d\'accès à la carte SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Un appareil souhaite accéder à votre carte SIM. Appuyez ici pour plus de détails."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Autoriser l\'accès à la carte SIM ?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"L\'appareil Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> souhaite accéder aux données de votre carte SIM. Cela inclut vos contacts.\n\nUne fois la connexion établie, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> recevra tous les appels passés au <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Appareil Bluetooth indisponible"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Un appareil souhaite se connecter. Appuyez ici pour plus de détails."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Autoriser la connexion Bluetooth ?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> souhaite se connecter à ce téléphone.\n\nC\'est la première fois que votre téléphone se connecte à <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Refuser la connexion"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Autoriser la connexion"</string>
+ </resources>
+diff --git a/res/values-hi/strings.xml b/res/values-hi/strings.xml
+index 2901bb8ff8..6ac0c9d200 100644
+--- a/res/values-hi/strings.xml
++++ b/res/values-hi/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"आपकी जगह का प्रबंधन अब जगह प्रबंधक द्वारा किया जा रहा है"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"वाहक प्रावधान जानकारी"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"वाहक प्रावधान ट्रिगर करें"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"एक डिवाइस आपके मैसेज ऐक्सेस करना चाहता है. जानकारी के लिए टैप करें."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"क्या आप मैसेज का ऐक्सेस देना चाहते हैं?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"एक ब्लूटूथ डिवाइस, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> आपके मैसेज ऐक्सेस करना चाहता है.\n\nआपने इससे पहले कभी अपने डिवाइस को <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> से कनेक्ट नहीं किया है."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"एक डिवाइस आपके संपर्क और कॉल लॉग ऐक्सेस करना चाहता है. जानकारी के लिए टैप करें."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"क्या आप अपने संपर्क और कॉल लॉग का ऐक्सेस देना चाहते हैं?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"एक ब्लूटूथ डिवाइस, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> आपके संपर्क और कॉल लॉग ऐक्सेस करना चाहता है. इसमें, आपके किए गए (आउटगोइंग) कॉल और आने वाले (इनकमिंग) कॉल से जुड़ा डेटा भी शामिल है.\n\nआपने इससे पहले कभी अपने डिवाइस को <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> से कनेक्ट नहीं किया है."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"अनुमति न दें"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"सिम कार्ड को ऐक्सेस करने का अनुरोध"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"डिवाइस आपके सिम कार्ड को ऐक्सेस करना चाहता है. जानकारी पाने के लिए टैप करें."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"क्या आप सिम कार्ड का ऐक्सेस देना चाहते हैं?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"ब्लूटूथ डिवाइस, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> आपके सिम कार्ड पर मौजूद डेटा को ऐक्सेस करना चाहता है. इस डेटा में आपके संपर्क शामिल हैं.\n\nजब <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> कनेक्ट रहेगा, तो यह डिवाइस <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> पर आने वाले सभी कॉल लेगा."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"ब्लूटूथ डिवाइस उपलब्ध है"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"ब्लूटूथ डिवाइस आपके डिवाइस से कनेक्ट होना चाहता है जानकारी पाने के लिए टैप करें."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"ब्लूटूथ डिवाइस से कनेक्ट करना चाहते हैं?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"ब्लूटूथ डिवाइस, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> इस फ़ोन से कनेक्ट होना चाहता है.\n\nआपने पहले कभी <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> से कनेक्ट नहीं किया है."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"कनेक्ट न करें"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"कनेक्ट करें"</string>
+ </resources>
+diff --git a/res/values-hr/strings.xml b/res/values-hr/strings.xml
+index df896b8db3..18f20b2f05 100644
+--- a/res/values-hr/strings.xml
++++ b/res/values-hr/strings.xml
+@@ -3295,4 +3295,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Vašom pohranom sada upravlja upravitelj pohrane"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informacije o uslugama mobilnog operatera"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Pokretanje usluga mobilnog operatera"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Uređaj želi pristupiti vašim porukama. Dodirnite da biste vidjeli pojedinosti."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Dopustiti pristup porukama?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Bluetooth uređaj <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> želi pristupiti vašim porukama.\n\nDosad se niste povezali s uređajem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Uređaj želi pristupiti vašim kontaktima i zapisniku poziva. Dodirnite da biste vidjeli pojedinosti."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Dopustiti pristup kontaktima i zapisniku poziva?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Bluetooth uređaj <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> želi pristupiti vašim kontaktima i zapisniku poziva. To uključuje podatke o dolaznim i odlaznim pozivima.\n\nDo sad se niste povezali s uređajem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Nemoj dopustiti"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Zahtjev za pristup SIM kartici"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Uređaj želi pristupiti vašoj SIM kartici. Dodirnite da biste vidjeli pojedinosti."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Želite li dopustiti pristup SIM kartici?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Bluetooth uređaj <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> želi pristupiti podacima na vašoj SIM kartici. To uključuje vaše kontakte.\n\nDok ste povezani, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> će primati sve pozive upućene broju <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth uređaj dostupan"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Uređaj se želi povezati. Dodirnite da biste vidjeli pojedinosti."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Želite li se povezati s Bluetooth uređajem?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> se želi povezati s ovim telefonom.\n\nDosad se niste povezivali s uređajem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Nemoj povezati"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Poveži"</string>
+ </resources>
+diff --git a/res/values-hu/strings.xml b/res/values-hu/strings.xml
+index b6d1ba90db..9474b452ef 100644
+--- a/res/values-hu/strings.xml
++++ b/res/values-hu/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Tárhelyét mostantól a tárhelykezelő kezeli"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Információ a szolgáltatói hozzáférésről"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Szolgáltatói ellátás aktiválása"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Egy eszköz hozzá szeretne férni az Ön üzeneteihez. Koppintson a részletekért."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Engedélyezi az üzenetekhez való hozzáférést?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Egy Bluetooth-eszköz (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) hozzá szeretne férni az Ön üzeneteihez.\n\nEddig még nem csatlakozott a következő eszközhöz: <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Egy eszköz hozzá szeretne férni az Ön névjegyeihez és hívásnaplójához. Koppintson a részletekért."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Engedélyezi a névjegyeihez és a hívásnaplójához való hozzáférést?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Egy Bluetooth-eszköz (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) hozzá szeretne férni az Ön névjegyeihez és hívásnaplójához. Ide tartoznak a bejövő és kimenő hívások adatai is.\n\nEddig még nem csatlakozott a következő eszközhöz: <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Tiltás"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM-kártyához való hozzáférés kérése"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Egy eszköz szeretne hozzáférni a SIM-kártyájához. Koppintson a részletekért."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Engedélyezi a SIM-kártyához való hozzáférést?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Egy Bluetooth-eszköz (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) szeretne hozzáférni a SIM-kártyáján található adatokhoz (többek között a névjegyeihez is).\n\nAmíg csatlakozik, a(z) <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> eszköz fogadja majd a(z) <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> telefonszámra érkező összes hívást."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth-eszköz áll rendelkezésre"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Egy eszköz csatlakozni szeretne. Koppintson a részletekért."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Csatlakozik a Bluetooth-eszközhöz?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"A következő csatlakozni szeretne ehhez a telefonhoz: <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>.\n\nÖn eddig még nem csatlakozott a(z) <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> eszközhöz."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Ne csatlakozzon"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Csatlakozás"</string>
+ </resources>
+diff --git a/res/values-in/strings.xml b/res/values-in/strings.xml
+index 1397cdb54d..0892d1def4 100644
+--- a/res/values-in/strings.xml
++++ b/res/values-in/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Penyimpanan kini dikelola oleh pengelola penyimpanan"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Info Provisioning Operator"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Memicu Provisioning Operator"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Sebuah perangkat ingin mengakses pesan Anda. Ketuk untuk melihat detailnya."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Izinkan akses ke pesan?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Sebuah perangkat Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, ingin mengakses pesan Anda.\n\nAnda belum pernah terhubung ke <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> sebelumnya."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Sebuah perangkat ingin mengakses kontak dan log panggilan Anda. Ketuk untuk melihat detailnya."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Izinkan akses ke kontak dan log panggilan?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Sebuah perangkat Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, ingin mengakses kontak dan log panggilan Anda. Ini mencakup data tentang panggilan masuk dan keluar.\n\nAnda belum pernah terhubung ke <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> sebelumnya."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Jangan izinkan"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Permintaan akses kartu SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Sebuah perangkat ingin mengakses kartu SIM Anda. Ketuk untuk melihat detailnya."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Izinkan akses ke kartu SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Perangkat Bluetooth bernama <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ingin mengakses data di kartu SIM Anda. Data ini mencakup kontak Anda.\n\nSaat terhubung, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> akan menerima semua panggilan telepon yang dilakukan ke <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Perangkat Bluetooth tersedia"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Sebuah perangkat ingin terhubung. Ketuk untuk melihat detailnya."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Hubungkan ke perangkat Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ingin terhubung ke ponsel ini.\n\nAnda belum pernah terhubung ke <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> sebelumnya."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Jangan hubungkan"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Hubungkan"</string>
+ </resources>
+diff --git a/res/values-it/strings.xml b/res/values-it/strings.xml
+index 5c8a8c0721..29c2410f4e 100644
+--- a/res/values-it/strings.xml
++++ b/res/values-it/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Il tuo spazio di archiviazione è ora gestito dalla Gestione memoria"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informazioni sul provisioning operatore"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Attiva provisioning operatore"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Un dispositivo richiede l\'accesso ai tuoi messaggi. Tocca per conoscere i dettagli."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Vuoi consentire l\'accesso ai messaggi?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Un dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, richiede l\'accesso ai tuoi messaggi.\n\nNon hai mai effettuato la connessione a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> in passato."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Un dispositivo richiede l\'accesso ai tuoi contatti e al tuo registro chiamate. Tocca per conoscere i dettagli."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Vuoi consentire l\'accesso a contatti e registro chiamate?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Un dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, richiede l\'accesso ai tuoi contatti e al tuo registro chiamate, inclusi i dati relativi a chiamate in arrivo e in uscita.\n\nNon hai mai effettuato la connessione a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> in passato."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Non consentire"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Richiesta di accesso alla scheda SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Un dispositivo vuole accedere alla tua scheda SIM. Tocca per conoscere i dettagli."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Consentire l\'accesso alla scheda SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Un dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vuole accedere ai dati della tua scheda SIM. Sono inclusi i tuoi contatti.\n\nDurante la connessione, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> riceverà tutte le chiamate effettuate al numero <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dispositivo Bluetooth disponibile"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Un dispositivo vuole connettersi. Tocca per conoscere i dettagli."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Connettersi al dispositivo Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> vorrebbe connettersi a questo telefono.\n\nNon hai mai effettuato la connessione al dispositivo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Non connettere"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Connetti"</string>
+ </resources>
+diff --git a/res/values-iw/strings.xml b/res/values-iw/strings.xml
+index 2afe97516f..b45f91ba31 100644
+--- a/res/values-iw/strings.xml
++++ b/res/values-iw/strings.xml
+@@ -3333,4 +3333,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"האחסון שלך מנוהל כעת על ידי מנהל האחסון"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"פרטי ניהול תצורה של ספק סלולרי"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"הפעל ניהול תצורה של ספק סלולרי"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"מכשיר מבקש לקבל גישה להודעות. יש להקיש לקבלת פרטים."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"להעניק גישה להודעות?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"‏מכשיר Bluetooth,‏ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, מבקש לקבל גישה להודעות.\n\nלא התחברת בעבר למכשיר <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"מכשיר מבקש לקבל גישה לאנשי הקשר וליומן השיחות. יש להקיש לקבלת פרטים."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"להעניק גישה לאנשי הקשר וליומן השיחות?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"‏מכשיר Bluetooth,‏ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, מבקש לקבל גישה לאנשי הקשר וליומן השיחות. הגישה תכלול גם נתונים על שיחות נכנסות ויוצאות.\n\nלא התחברת בעבר למכשיר <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"אין אישור"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"‏בקשת גישה לכרטיס ה-SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"‏מכשיר מבקש גישה לכרטיס SIM שלך. יש להקיש לקבלת פרטים."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"‏להעניק גישה לכרטיס ה-SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"‏מכשיר Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, מבקש גישה לנתונים בכרטיס ה-SIM שלך. הנתונים האלה כוללים את אנשי הקשר שלך.\n\nבמהלך החיבור, כל השיחות שיבוצעו למספר <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> ינותבו אל <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"‏מכשיר ה-Bluetooth זמין"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"מכשיר מבקש להתחבר. יש להקיש לקבלת פרטים."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"‏להתחבר למכשיר ה-Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> מבקש להתחבר לטלפון הזה.\n\nלא התחברת אל <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> בעבר."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"אין להתחבר"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"התחברות"</string>
+ </resources>
+diff --git a/res/values-ja/strings.xml b/res/values-ja/strings.xml
+index a2279c4b4c..950c2bb781 100644
+--- a/res/values-ja/strings.xml
++++ b/res/values-ja/strings.xml
+@@ -3263,4 +3263,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"お使いのストレージの管理はストレージ マネージャが行うようになりました"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"携帯通信会社のプロビジョニング情報"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"携帯通信会社のプロビジョニングをトリガー"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"デバイスがメッセージにアクセスしようとしています。タップして詳細をご確認ください。"</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"メッセージへのアクセスを許可しますか？"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Bluetooth デバイス <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> がメッセージにアクセスしようとしています。\n\nこれまでに <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> に接続したことはありません。"</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"デバイスが連絡先と通話履歴にアクセスしようとしています。タップして詳細をご確認ください。"</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"連絡先と通話履歴へのアクセスを許可しますか？"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Bluetooth デバイス <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> が連絡先と通話履歴にアクセスしようとしています。これには着信や発信に関するデータも含まれます。\n\nこれまでに <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> に接続したことはありません。"</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"許可しない"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM カードへのアクセスのリクエスト"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"デバイスが SIM カードにアクセスしようとしています。タップして詳細をご確認ください。"</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"SIM カードへのアクセスを許可しますか？"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Bluetooth デバイス <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> が SIM カードのデータにアクセスしようとしています。これには連絡先のデータが含まれます。\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> は接続されると、<xliff:g id="PHONE_NUMBER">%3$s</xliff:g> への通話をすべて受信するようになります。"</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth デバイスが利用可能です"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"別のデバイスが接続しようとしています。タップして詳細をご確認ください。"</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Bluetooth デバイスに接続しますか？"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> がこのスマートフォンに接続しようとしています。\n\nこれまでに <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> に接続したことはありません。"</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"接続しない"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"接続"</string>
+ </resources>
+diff --git a/res/values-ko/strings.xml b/res/values-ko/strings.xml
+index 43b80927d5..a4691a22f2 100644
+--- a/res/values-ko/strings.xml
++++ b/res/values-ko/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"현재 저장용량 관리자가 저장용량을 관리하고 있습니다."</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Carrier Provisioning Info"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Trigger Carrier Provisioning"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"기기에서 메시지에 액세스하려고 합니다. 탭하여 세부정보를 확인하세요."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"메시지 액세스를 허용하시겠습니까?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"블루투스 기기 <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>에서 메시지에 액세스하려고 합니다.\n\n전에는 <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>에 연결한 적이 없습니다."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"기기에서 연락처와 통화 기록에 액세스하려고 합니다. 탭하여 세부정보를 확인하세요."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"연락처와 통화 기록 액세스를 허용하시겠습니까?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"블루투스 기기 <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>에서 연락처와 통화 기록에 액세스하려고 합니다. 여기에는 수신 전화와 발신 전화에 관한 데이터도 포함됩니다.\n\n전에는 <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>에 연결한 적이 없습니다."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"허용 안함"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM 카드 액세스 요청"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"기기에서 SIM 카드에 액세스하려고 합니다. 탭하여 세부정보를 확인하세요."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"SIM 카드 액세스를 허용하시겠습니까?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"블루투스 기기 <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>에서 SIM 카드 데이터에 액세스하려고 합니다. 여기에는 연락처 정보가 포함되어 있습니다.\n\n연결된 상태에서는 <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>에서 <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>번으로 수신되는 모든 전화를 받습니다."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"블루투스 기기 사용 가능"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"연결을 시도하는 기기가 있습니다. 탭하여 세부정보를 확인하세요."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"블루투스 기기에 연결하시겠습니까?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>에서 이 휴대전화에 연결하려고 합니다.\n\n전에는 <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>에 연결한 적이 없습니다."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"연결 안함"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"연결"</string>
+ </resources>
+diff --git a/res/values-lt/strings.xml b/res/values-lt/strings.xml
+index 55b074a965..645145f258 100644
+--- a/res/values-lt/strings.xml
++++ b/res/values-lt/strings.xml
+@@ -3333,4 +3333,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Saugyklą dabar tvarko saugyklos valdytojas"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Operatoriaus aprūpinimo informacija"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Aktyviklio operatoriaus aprūpinimas"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Įrenginys nori pasiekti jūsų pranešimus. Palieskite, jei reikia išsamios informacijos."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Leisti pasiekti pranešimus?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"„Bluetooth“ įrenginys „<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>“ nori pasiekti jūsų pranešimus.\n\nPrie „<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>“ dar niekada nebuvote prisijungę."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Įrenginys nori pasiekti jūsų kontaktus ir skambučių žurnalą. Palieskite, jei reikia išsamios informacijos."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Leisti pasiekti kontaktus ir skambučių žurnalą?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"„Bluetooth“ įrenginys „<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>“ nori pasiekti jūsų kontaktus ir skambučių žurnalą. Tai apima duomenis apie gaunamuosius ir siunčiamuosius skambučius.\n\nPrie „<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>“ dar niekada nebuvote prisijungę."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Neleisti"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM kortelės prieigos užklausa"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Įrenginys nori pasiekti jūsų SIM kortelę. Palieskite, jei reikia išsamios informacijos."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Leisti pasiekti SIM kortelę?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"„Bluetooth“ įrenginys (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) nori pasiekti duomenis jūsų SIM kortelėje. Tai apima jūsų kontaktus.\n\nPrisijungęs įrenginys <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> gaus visus telefono numeriu <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> atliktus skambučius."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Pasiekiamas „Bluetooth“ įrenginys"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Įrenginys nori prisijungti. Palieskite, jei reikia išsamios informacijos."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Prisijungti prie „Bluetooth“ įrenginio?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> nori prisijungti prie šio telefono.\n\nAnksčiau nebuvote prisijungę prie <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Neprisijungti"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Susieti"</string>
+ </resources>
+diff --git a/res/values-lv/strings.xml b/res/values-lv/strings.xml
+index 7513656733..8ec0790107 100644
+--- a/res/values-lv/strings.xml
++++ b/res/values-lv/strings.xml
+@@ -3295,4 +3295,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Tagad jūsu krātuvi pārvalda krātuves pārvaldnieks"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informācija par operatora nodrošināšanu"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Aktivizēt operatora nodrošināšanu"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Kāda ierīce pieprasa atļauju piekļūt jūsu ziņojumiem. Pieskarieties, lai skatītu detalizētu informāciju."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Vai atļaujat piekļūt ziņojumiem?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Bluetooth ierīce “<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>” pieprasa atļauju piekļūt jūsu ziņojumiem.\n\nJūs iepriekš neesat izveidojis savienojumu ar ierīci “<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>”."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Kāda ierīce pieprasa atļauju piekļūt jūsu kontaktpersonu datiem un zvanu žurnālam. Pieskarieties, lai skatītu detalizētu informāciju."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Vai atļaujat piekļūt kontaktpersonu datiem un zvanu žurnālam?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Bluetooth ierīce “<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>” pieprasa atļauju piekļūt jūsu kontaktpersonu datiem un zvanu žurnālam. Tas attiecas arī uz datiem par ienākošajiem un izejošajiem zvaniem.\n\nJūs iepriekš neesat izveidojis savienojumu ar ierīci “<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>”."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Neatļaut"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM kartes piekļuves pieprasījums"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Kāda ierīce pieprasa piekļuvi jūsu SIM kartei. Pieskarieties, lai skatītu detalizētu informāciju."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Vai atļaut piekļuvi SIM kartei?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Bluetooth ierīce “<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>” pieprasa atļauju piekļūt jūsu SIM kartē saglabātajiem datiem, tostarp kontaktpersonām.\n\nKamēr savienojums būs aktīvs, visi zvani uz numuru <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> tiks saņemti ierīcē <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Ir pieejama Bluetooth ierīce"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Ierīce pieprasa atļauju izveidot savienojumu. Pieskarieties, lai skatītu detalizētu informāciju."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Vai izveidot savienojumu ar Bluetooth ierīci?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"Ierīce “<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>” pieprasa atļauju izveidot savienojumu ar šo tālruni.\n\nIepriekš neesat veidojis savienojumu ar ierīci <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Neizveidot savienojumu"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Izveidot savienojumu"</string>
+ </resources>
+diff --git a/res/values-nb/strings.xml b/res/values-nb/strings.xml
+index 1564c3aebd..e7bb6a0f6b 100644
+--- a/res/values-nb/strings.xml
++++ b/res/values-nb/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Lagringsplassen din blir nå administrert av lagringsadministratoren"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informasjon om operatørhåndtering"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Utløs operatørhåndtering"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"En enhet vil ha tilgang til meldingene dine. Trykk for å se mer informasjon."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Vil du gi tilgang til meldinger?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"En Bluetooth-enhet, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vil ha tilgang til meldingene dine.\n\nDu har ikke koblet til <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> tidligere."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"En enhet vil ha tilgang til kontaktene dine og samtaleloggen din. Trykk for å se mer informasjon."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Vil du gi tilgang til kontaktene og samtaleloggen?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"En Bluetooth-enhet, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vil ha tilgang til kontaktene dine og samtaleloggen din. Dette inkluderer data om innkommende og utgående anrop.\n\nDu har ikke koblet til <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> tidligere."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Ikke tillat"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Forespørsel om tilgang til SIM-kort"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"En enhet vil ha tilgang til SIM-kortet ditt. Trykk for å se mer informasjon."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Vil du gi tilgang til SIM-kortet?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"En Bluetooth-enhet, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vil ha tilgang til dataene på SIM-kortet ditt. Dette inkluderer kontaktene dine.\n\nNår <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> er tilkoblet, mottar enheten alle anrop til <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"En Bluetooth-enhet er tilgjengelig"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"En enhet vil koble til. Trykk for å se mer informasjon."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Vil du koble til Bluetooth-enheten?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> vil koble til denne telefonen.\n\nDu har ikke koblet til <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> tidligere."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Ikke koble til"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Koble til"</string>
+ </resources>
+diff --git a/res/values-nl/strings.xml b/res/values-nl/strings.xml
+index b5fd751567..b57e8e5810 100644
+--- a/res/values-nl/strings.xml
++++ b/res/values-nl/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Je opslag wordt nu beheerd door de opslagbeheerder"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Gegevens voor providerregistratie"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Providerregistratie activeren"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Een apparaat wil toegang tot je berichten. Tik voor details."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Toegang tot berichten toestaan?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Een bluetooth-apparaat (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) wil toegang tot je berichten.\n\nJe hebt niet eerder verbinding gemaakt met <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Een apparaat wil toegang tot je contacten en gesprekslijst. Tik voor details."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Toegang tot contacten en gesprekslijst toestaan?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Een bluetooth-apparaat (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) wil toegang tot je contacten en gesprekslijst. Dit omvat gegevens over inkomende en uitgaande gesprekken.\n\nJe hebt niet eerder verbinding gemaakt met <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Niet toestaan"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Verzoek voor toegang tot simkaart"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Een apparaat wil toegang tot je simkaart. Tik voor informatie."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Toegang tot simkaart toestaan?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Een bluetooth-apparaat (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) wil toegang tot gegevens op je simkaart. Dit zijn onder andere je contacten.\n\nTerwijl <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> is verbonden, ontvangt dit apparaat alle gesprekken naar <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth-apparaat beschikbaar"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Een apparaat wil verbinding maken. Tik voor informatie."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Verbinding maken met bluetooth-apparaat?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> wil verbinding maken met deze telefoon.\n\nJe hebt nog niet eerder verbinding gemaakt met <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Geen verbinding maken"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Verbinding maken"</string>
+ </resources>
+diff --git a/res/values-pl/strings.xml b/res/values-pl/strings.xml
+index 889ab42063..0665c17ac5 100644
+--- a/res/values-pl/strings.xml
++++ b/res/values-pl/strings.xml
+@@ -3331,4 +3331,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Pamięcią zarządza teraz menedżer miejsca"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informacje o obsłudze administracyjnej operatora"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Uruchom obsługę administracyjną operatora"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Urządzenie chce uzyskać dostęp do Twoich wiadomości. Kliknij, aby wyświetlić szczegóły."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Zezwolić na dostęp do wiadomości?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Urządzenie Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> chce uzyskać dostęp do Twoich wiadomości.\n\nTwoje urządzenie nie łączyło się wcześniej z urządzeniem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Urządzenie chce uzyskać dostęp do Twoich kontaktów i rejestru połączeń. Kliknij, aby wyświetlić szczegóły."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Zezwolić na dostęp do kontaktów i rejestru połączeń?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Urządzenie Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> chce uzyskać dostęp do Twoich kontaktów i rejestru połączeń. Chodzi między innymi o dane o połączeniach przychodzących i wychodzących.\n\nTwoje urządzenie nie łączyło się wcześniej z urządzeniem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Nie zezwalaj"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Prośba o dostęp do karty SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Urządzenie chce uzyskać dostęp do Twojej karty SIM. Kliknij, by wyświetlić szczegóły."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Zezwolić na dostęp do karty SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Urządzenie Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) chce uzyskać dostęp do danych na Twojej karcie SIM. Te dane obejmują również Twoje kontakty.\n\nGdy urządzenia będą połączone, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> będzie otrzymywać wszystkie rozmowy przychodzące na numer <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dostępne jest urządzenie Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Urządzenie chce się połączyć. Kliknij, by wyświetlić szczegóły."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Połączyć z urządzeniem Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> chce połączyć się z tym telefonem.\n\nTwój telefon nigdy wcześniej nie był połączony z urządzeniem <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Nie łącz"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Połącz"</string>
+ </resources>
+diff --git a/res/values-pt-rBR/strings.xml b/res/values-pt-rBR/strings.xml
+index a4dc8b2d46..66c634ecfd 100644
+--- a/res/values-pt-rBR/strings.xml
++++ b/res/values-pt-rBR/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Seu armazenamento está sendo controlado pelo gerenciador de armazenamento"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informações de aprovisionamento da operadora"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Acionar aprovisionamento da operadora"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Um dispositivo quer acessar suas mensagens. Toque para ver detalhes."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Conceder acesso às mensagens?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Um dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quer acessar suas mensagens.\n\nVocê nunca se conectou a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Um dispositivo quer acessar seus contatos e seu registro de chamadas. Toque para ver detalhes."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Conceder acesso aos contatos e ao registro de chamadas?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Um dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quer acessar seus contatos e seu registro de chamadas. Isso inclui dados sobre chamadas recebidas e realizadas.\n\nVocê nunca se conectou a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Não permitir"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Solicitação de acesso ao chip"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Um dispositivo quer acessar seu chip. Toque para ver detalhes."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Permitir acesso ao chip?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Um dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quer acessar dados no seu chip. Isso inclui seus contatos.\n\nEnquanto estiver conectado, o <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> receberá todas as chamadas feitas para o número <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dispositivo Bluetooth disponível"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Um dispositivo quer se conectar. Toque para ver detalhes."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Conectar ao dispositivo Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> quer se conectar a este smartphone.\n\nVocê nunca se conectou ao <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Não conectar"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Conectar"</string>
+ </resources>
+diff --git a/res/values-pt-rPT/strings.xml b/res/values-pt-rPT/strings.xml
+index 3ad51989fd..7c822f31ef 100644
+--- a/res/values-pt-rPT/strings.xml
++++ b/res/values-pt-rPT/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"O seu armazenamento está agora a ser gerido pelo gestor de armazenamento"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informações de fornecimento do operador"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Acionar fornecimento do operador"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Um dispositivo pretende aceder às suas mensagens. Toque para obter detalhes."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Pretende permitir o acesso às mensagens?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Um dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, pretende aceder às suas mensagens.\n\nNão estabeleceu ligação ao dispositivo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> anteriormente."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Um dispositivo pretende aceder aos seus contactos e registo de chamadas. Toque para obter detalhes."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Pretende permitir o acesso aos contactos e registo de chamadas?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Um dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, pretende aceder aos seus contactos e registo de chamadas. Isto inclui dados acerca de chamadas recebidas e efetuadas.\n\nNão estabeleceu ligação ao dispositivo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> anteriormente."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Não permitir"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Pedido de acesso ao cartão SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Um dispositivo pretende aceder ao seu cartão SIM. Toque para obter detalhes."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Pretende permitir o acesso ao cartão SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Um dispositivo Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, pretende aceder aos dados no seu cartão SIM. Estes dados incluem os seus contactos.\n\nEnquanto estiver ligado, o dispositivo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> vai receber todas as chamadas efetuadas para <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dispositivo Bluetooth disponível"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Um dispositivo pretende estabelecer ligação. Toque para obter detalhes."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Pretende ligar ao dispositivo Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"O dispositivo <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> pretende ligar-se a este telemóvel.\n\nNão estabeleceu ligação ao dispositivo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> anteriormente."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Não ligar"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Ligar"</string>
+ </resources>
+diff --git a/res/values-pt/strings.xml b/res/values-pt/strings.xml
+index a4dc8b2d46..66c634ecfd 100644
+--- a/res/values-pt/strings.xml
++++ b/res/values-pt/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Seu armazenamento está sendo controlado pelo gerenciador de armazenamento"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informações de aprovisionamento da operadora"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Acionar aprovisionamento da operadora"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Um dispositivo quer acessar suas mensagens. Toque para ver detalhes."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Conceder acesso às mensagens?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Um dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quer acessar suas mensagens.\n\nVocê nunca se conectou a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Um dispositivo quer acessar seus contatos e seu registro de chamadas. Toque para ver detalhes."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Conceder acesso aos contatos e ao registro de chamadas?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Um dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quer acessar seus contatos e seu registro de chamadas. Isso inclui dados sobre chamadas recebidas e realizadas.\n\nVocê nunca se conectou a <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Não permitir"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Solicitação de acesso ao chip"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Um dispositivo quer acessar seu chip. Toque para ver detalhes."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Permitir acesso ao chip?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Um dispositivo Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) quer acessar dados no seu chip. Isso inclui seus contatos.\n\nEnquanto estiver conectado, o <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> receberá todas as chamadas feitas para o número <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Dispositivo Bluetooth disponível"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Um dispositivo quer se conectar. Toque para ver detalhes."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Conectar ao dispositivo Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> quer se conectar a este smartphone.\n\nVocê nunca se conectou ao <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Não conectar"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Conectar"</string>
+ </resources>
+diff --git a/res/values-ro/strings.xml b/res/values-ro/strings.xml
+index 7538004a6a..0b90949114 100644
+--- a/res/values-ro/strings.xml
++++ b/res/values-ro/strings.xml
+@@ -3295,4 +3295,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Spațiul de stocare este acum gestionat de managerul spațiului de stocare"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informații despre provizionarea operatorului"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Declanșați provizionarea operatorului"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Un dispozitiv solicită acces la mesajele dvs. Atingeți pentru detalii."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Permiteți accesul la mesaje?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Un dispozitiv Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, solicită acces la mesajele dvs.\n\nNu v-ați mai conectat la <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Un dispozitiv solicită acces la persoanele de contact și la jurnalul dvs. de apeluri. Atingeți pentru detalii."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Permiteți accesul la agendă și la jurnalul de apeluri?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Un dispozitiv Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, solicită acces la persoanele dvs. de contact și la jurnalul de apeluri. Aici sunt incluse date despre apelurile primite și efectuate.\n\nNu v-ați mai conectat la <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Nu permiteți"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Solicitare de acces la cardul SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Un dispozitiv solicită acces la cardul SIM. Atingeți pentru detalii."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Permiteți accesul la cardul SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Un dispozitiv Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, solicită acces la datele de pe cardul SIM. Aici este inclusă agenda.\n\nDupă ce se conectează, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> va primi toate apelurile primite la <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Este disponibil un dispozitiv Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Un dispozitiv solicită conectarea. Atingeți pentru detalii."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Vă conectați la dispozitivul Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> solicită conectarea la acest telefon.\n\nNu v-ați mai conectat la <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Nu vă conectați"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Conectați-vă"</string>
+ </resources>
+diff --git a/res/values-ru/strings.xml b/res/values-ru/strings.xml
+index c2346806e5..9af521ca7b 100644
+--- a/res/values-ru/strings.xml
++++ b/res/values-ru/strings.xml
+@@ -3331,4 +3331,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Память устройства теперь управляется менеджером хранилища"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Сведения об операторе"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Запустить синхронизацию оператора"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Устройство запрашивает доступ к вашим сообщениям. Нажмите, чтобы узнать больше."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Предоставить доступ к сообщениям?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Устройство Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) запрашивает доступ к вашим сообщениям.\n\nЭто ваше первое подключение к устройству \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\"."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Устройство запрашивает доступ к вашим контактам и списку вызовов. Нажмите, чтобы узнать больше."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Предоставить доступ к контактам и списку вызовов?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Устройство Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) запрашивает доступ к вашим контактам и списку вызовов, включая данные о входящих и исходящих звонках.\n\nЭто ваше первое подключение к устройству \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\"."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Запретить"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Запрос на доступ к SIM-карте"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Устройство запрашивает доступ к вашей SIM-карте. Нажмите, чтобы узнать больше."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Предоставить доступ к SIM-карте?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Устройство Bluetooth \"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>\" запрашивает доступ к данным на SIM-карте, в том числе к вашим контактам.\n\nПока устройство \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\" подключено, оно будет принимать все входящие вызовы на номер <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Доступно устройство Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Устройство запрашивает разрешение на подключение. Нажмите, чтобы узнать больше."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Подключиться к устройству Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"Устройство \"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>\" хочет подключиться к этому телефону.\n\nЭто ваше первое подключение к устройству \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\"."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Не подключаться"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Подключиться"</string>
+ </resources>
+diff --git a/res/values-sk/strings.xml b/res/values-sk/strings.xml
+index 3174c120b1..043d0e6d65 100644
+--- a/res/values-sk/strings.xml
++++ b/res/values-sk/strings.xml
+@@ -3331,4 +3331,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Vaše úložisko odteraz riadi správca úložiska"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Informácie o poskytovaní služieb operátorom"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Spustiť poskytovanie služieb operátorom"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Zariadenie vyžaduje prístup k vašim správam. Klepnutím zobrazíte podrobnosti."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Chcete povoliť prístup k správam?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Zariadenie <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> s rozhraním Bluetooth vyžaduje prístup k vašim správam.\n\nK zariadeniu <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ste sa predtým nikdy nepripojili."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Zariadenie vyžaduje prístup k vašim kontaktom a zoznamu hovorov. Klepnutím zobrazíte podrobnosti."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Chcete povoliť prístup ku kontaktom a zoznamu hovorov?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Zariadenie <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> s rozhraním Bluetooth vyžaduje prístup k vašim kontaktom a zoznamu hovorov. Zahŕňa to údaje o prichádzajúcich a odchádzajúcich hovoroch.\n\nK zariadeniu <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ste sa predtým nikdy nepripojili."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Nepovoliť"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Žiadosť o prístup k SIM karte"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Zariadenie požaduje prístup k vašej SIM karte. Klepnutím zobrazíte podrobnosti."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Chcete povoliť prístup k SIM karte?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Zariadenie s rozhraním Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> požaduje prístup k údajom na vašej SIM karte. Zahŕňa to aj kontakty.\n\nPočas pripojenia bude zariadenie <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> prijímať všetky hovory smerujúce na číslo <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"K dispozícii je zariadenie s rozhraním Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Zariadenie sa chce pripojiť. Klepnutím zobrazíte podrobnosti."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Chcete sa pripojiť k zariadeniu s rozhraním Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> sa chce pripojiť k tomuto telefónu.\n\nK zariadeniu <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ste sa ešte nikdy nepripojili."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Nepripojiť"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Pripojiť"</string>
+ </resources>
+diff --git a/res/values-sl/strings.xml b/res/values-sl/strings.xml
+index afe3ce2c0a..f17fe239d7 100644
+--- a/res/values-sl/strings.xml
++++ b/res/values-sl/strings.xml
+@@ -3331,4 +3331,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Shrambo zdaj upravlja upravitelj shrambe"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Podatki o omogočanju uporabe operaterja"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Sproži omogočanje uporabe operaterja"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Naprava želi dostopati do vaših sporočil. Dotaknite se za podrobnosti."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Želite dovoliti dostop do sporočil?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Naprava Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> želi dostopati do vaših sporočil.\n\nŠe nikoli niste vzpostavili povezave z napravo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Naprava želi dostopati do vaših stikov in dnevnika klicev. Dotaknite se za podrobnosti."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Želite dovoliti dostop do stikov in dnevnika klicev?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Naprava Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> želi dostopati do vaših stikov in dnevnika klicev. To vključuje podatke o dohodnih in odhodnih klicih.\n\nŠe nikoli niste vzpostavili povezave z napravo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Ne dovoli"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Zahteva za dostop do kartice SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Naprava želi dostopati do kartice SIM. Dotaknite se za podrobnosti."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Želite dovoliti dostop do kartice SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Naprava Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> želi dostopati do podatkov na kartici SIM. To vključuje vaše stike.\n\nDokler bo povezava vzpostavljena, bo naprava <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> prejemala vse klice na številko <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Naprava Bluetooth je na voljo"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Naprava želi vzpostaviti povezavo. Dotaknite se za podrobnosti."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Želite vzpostaviti povezavo z napravo Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"Naprava <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> se želi povezati s tem telefonom.\n\nŠe nikoli niste vzpostavili povezave z napravo <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Ne poveži"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Poveži"</string>
+ </resources>
+diff --git a/res/values-sr/strings.xml b/res/values-sr/strings.xml
+index fda00b5da1..cd40bed518 100644
+--- a/res/values-sr/strings.xml
++++ b/res/values-sr/strings.xml
+@@ -3295,4 +3295,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Меморијским простором сада управља Менаџер меморијског простора"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Информације о додели мобилног оператера"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Покретање доделе мобилног оператера"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Уређај жели да приступа порукама. Додирните за детаље."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Желите ли да дозволите приступ порукама?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Bluetooth уређај, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, жели да приступа порукама.\n\nРаније се нисте повезивали са уређајем <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Уређај жели да приступа контактима и евиденцији позива. Додирните за детаље."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Желите ли да дозволите приступ контактима и евиденцији позива?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Bluetooth уређај, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, жели да приступа контактима и евиденцији позива. То обухвата податке о долазним и одлазним позивима.\n\nРаније се нисте повезивали са уређајем <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Не дозволи"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Захтев за приступ SIM картици"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Уређај жели да приступа SIM картици. Додирните за детаље."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Желите да дозволите приступ SIM картици?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Bluetooth уређај, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, жели да приступа подацима на SIM картици. То обухвата ваше контакте.\n\nДок сте повезани, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ће примати све позиве упућене на <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Bluetooth уређај је доступан"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Уређај жели да се повеже. Додирните за детаље."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Желите да се повежете са Bluetooth уређајем?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> жели да се повеже са овим телефоном.\n\nРаније се нисте повезивали са уређајем <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Не повезуј"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Повежи"</string>
+ </resources>
+diff --git a/res/values-sv/strings.xml b/res/values-sv/strings.xml
+index 96af86a45b..0619b36d2d 100644
+--- a/res/values-sv/strings.xml
++++ b/res/values-sv/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Ditt lagringsutrymme hanteras nu av lagringshanteraren"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Information om operatörsadministration"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Aktivera operatörsadministration"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"En enhet vill få åtkomst till dina meddelanden. Tryck här för mer information."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Vill du tillåta åtkomst till meddelanden?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"En Bluetooth-enhet, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vill få åtkomst till dina meddelanden.\n\nDu har inte anslutit till <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> tidigare."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"En enhet vill få åtkomst till dina kontakter och samtalshistoriken. Tryck här för mer information."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Vill du tillåta åtkomst till kontakter och samtalshistorik?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"En Bluetooth-enhet, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vill få åtkomst till dina kontakter och samtalshistoriken. Detta inkluderar data om inkommande och utgående samtal.\n\nDu har inte anslutit till <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> tidigare."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Tillåt inte"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Begäran om åtkomst till SIM-kort"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"En enhet vill få åtkomst till ditt SIM-kort. Tryck här för mer information."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Vill du tillåta åtkomst till SIM-kortet?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"En Bluetooth-enhet, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, vill få åtkomst till data på ditt SIM-kort. Detta inkluderar dina kontakter.\n\nNär <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> är ansluten tar den emot alla samtal till <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"En Bluetooth-enhet är tillgänglig"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"En enhet vill ansluta. Tryck här för mer information."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Vill du ansluta till Bluetooth-enheten?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> vill ansluta till den här telefonen.\n\nDu har inte anslutit till <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> tidigare."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Anslut inte"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Anslut"</string>
+ </resources>
+diff --git a/res/values-sw/strings.xml b/res/values-sw/strings.xml
+index 17b6f5aaf0..e1044f1170 100644
+--- a/res/values-sw/strings.xml
++++ b/res/values-sw/strings.xml
+@@ -3263,4 +3263,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Hifadhi yako sasa inasimamiwa na kidhibiti cha hifadhi"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Maelezo ya Utaratibu wa Mtoa Huduma"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Anzisha Utaratibu wa Mtoa Huduma"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Kifaa kinataka kufikia ujumbe wako. Gusa ili upate maelezo."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Ungependa kuruhusu kifaa kifikie ujumbe?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Kifaa chenye Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, kinataka kufikia ujumbe wako.\n\nHujawahi kuunganisha kwenye <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Kifaa kinataka kufikia anwani na kumbukumbu za simu. Gusa ili upate maelezo."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Ungependa kuruhusu kifaa kifikie anwani na kumbukumbu za simu?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Kifaa chenye Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, kinataka kufikia anwani na kumbukumbu za simu. Hii ni pamoja na data kuhusu simu unazopigiwa na unazopiga.\n\nHujawahi kuunganisha kwenye <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Usiruhusu"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Ombi la kufikia SIM kadi"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Kifaa kinataka kufikia SIM kadi yako. Gusa ili upate maelezo."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Ungependa kuruhusu ifikie SIM kadi?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Kifaa chenye Bluetooth, <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, kinataka kufikia data iliyo kwenye SIM kadi yako. Hii ni pamoja na anwani zako.\n\nKikiunganishwa, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> kitapokea simu zote zinazopigwa kwa <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Kifaa chenye Bluetooth kinapatikana"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Kifaa kinataka kuunganisha. Gusa ili upate maelezo."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Ungependa kuunganisha kwenye kifaa chenye Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> kinataka kuunganishwa kwenye simu hii.\n\nHujawahi kuunganisha kwenye <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Usiunganishe"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Unganisha"</string>
+ </resources>
+diff --git a/res/values-th/strings.xml b/res/values-th/strings.xml
+index cd68a81ac5..56925e2e2e 100644
+--- a/res/values-th/strings.xml
++++ b/res/values-th/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"ตัวจัดการพื้นที่เก็บข้อมูลกำลังจัดการพื้นที่เก็บข้อมูลของคุณ"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"ข้อมูลการจัดสรรผู้ให้บริการ"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"ทริกเกอร์การจัดสรรผู้ให้บริการ"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"อุปกรณ์หนึ่งต้องการเข้าถึงข้อความของคุณ แตะเพื่อดูรายละเอียด"</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"อนุญาตให้เข้าถึงข้อความไหม"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"อุปกรณ์บลูทูธ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ต้องการเข้าถึงข้อความของคุณ\n\nคุณไม่เคยเชื่อมต่อกับ <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> มาก่อน"</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"อุปกรณ์หนึ่งต้องการเข้าถึงรายชื่อติดต่อและบันทึกการโทร แตะเพื่อดูรายละเอียด"</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"อนุญาตให้เข้าถึงรายชื่อติดต่อและบันทึกการโทรไหม"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"อุปกรณ์บลูทูธ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ต้องการเข้าถึงรายชื่อติดต่อและบันทึกการโทร ซึ่งรวมถึงข้อมูลเกี่ยวกับสายเรียกเข้าและโทรออก\n\nคุณไม่เคยเชื่อมต่อกับ <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> มาก่อน"</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"ไม่อนุญาต"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"คำขอเข้าถึงซิมการ์ด"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"อุปกรณ์หนึ่งต้องการเข้าถึงซิมการ์ดของคุณ แตะเพื่อดูรายละเอียด"</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"อนุญาตให้เข้าถึงซิมการ์ดไหม"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"อุปกรณ์บลูทูธ <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ต้องการเข้าถึงข้อมูลในซิมการ์ดของคุณ ซึ่งรวมถึงรายชื่อติดต่อ\n\nขณะที่เชื่อมต่อ <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> จะได้รับทุกสายที่โทรหา <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>"</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"อุปกรณ์บลูทูธพร้อมเชื่อมต่อ"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"อุปกรณ์หนึ่งต้องการเชื่อมต่อด้วย แตะเพื่อดูรายละเอียด"</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"เชื่อมต่ออุปกรณ์บลูทูธไหม"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ต้องการเชื่อมต่อโทรศัพท์เครื่องนี้\n\nคุณไม่เคยเชื่อมต่อกับ <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> มาก่อน"</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"ไม่เชื่อมต่อ"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"เชื่อมต่อ"</string>
+ </resources>
+diff --git a/res/values-tl/strings.xml b/res/values-tl/strings.xml
+index 0c6308f8a8..2569417f29 100644
+--- a/res/values-tl/strings.xml
++++ b/res/values-tl/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Pinamamahalaan na ngayon ng storage manager ang iyong storage"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Impormasyon sa Provisioning ng Carrier"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"I-trigger ang Provisioning ng Carrier"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Gustong i-access ng isang device ang iyong mga mensahe. I-tap para sa mga detalye."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Payagan ang access sa mga mensahe?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Gustong i-access ng isang Bluetooth device, ang <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, ang iyong mga mensahe.\n\nHindi ka pa nakakakonekta dati sa <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Gustong i-access ng isang device ang iyong mga contact at log ng tawag. I-tap para sa mga detalye."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Payagan ang access sa mga contact at log ng tawag?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Gustong i-access ng isang Bluetooth device, ang <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, ang iyong mga contact at log ng tawag. Kasama rito ang data tungkol sa mga papasok at papalabas na tawag.\n\nHindi ka pa nakakakonekta dati sa <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Huwag payagan"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Kahilingan sa pag-access sa SIM card"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Gustong i-access ng isang device ang iyong SIM card. I-tap para sa mga detalye."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Payagan ang access sa SIM card?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Gustong i-access ng Bluetooth device na <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> ang data sa iyong SIM card. Kasama rito ang iyong mga contact.\n\nHabang nakakonekta, matatanggap ng <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> ang lahat ng tawag sa <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Available ang Bluetooth device"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Gustong kumonekta ng device. I-tap para sa mga detalye."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Kumonekta sa Bluetooth device?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"Gustong kumonekta ng <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> sa teleponong ito.\n\nHindi ka pa nakakakonekta sa <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> dati."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Huwag kumonekta"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Kumonekta"</string>
+ </resources>
+diff --git a/res/values-tr/strings.xml b/res/values-tr/strings.xml
+index 3a5e831685..c446b27b9d 100644
+--- a/res/values-tr/strings.xml
++++ b/res/values-tr/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Depolama alanınız artık depolama yöneticisi tarafından yönetiliyor"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Operatör Temel Hazırlık Bilgileri"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Tetikleyici Operatör Temel Hazırlığı"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Bir cihaz, mesajlarınıza erişmek istiyor. Ayrıntılar için dokunun."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Mesajlara erişime izin verilsin mi?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> adlı Bluetooth cihazı, mesajlarınıza erişmek istiyor.\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> adlı cihaza daha önce hiç bağlanmadınız."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Bir cihaz, kişilerinize ve arama kaydınıza erişmek istiyor. Ayrıntılar için dokunun."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Kişilerinize ve arama kaydınıza erişime izin verilsin mi?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> adlı Bluetooth cihazı, kişilerinize ve arama kaydınıza erişmek istiyor. Buna, gelen ve giden aramalarınıza ait verileri dahildir.\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> adlı cihaza daha önce hiç bağlanmadınız."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"İzin verme"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM karta erişim isteği"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Bir cihaz SIM kartınıza erişmek istiyor. Ayrıntılar için dokunun."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"SIM karta erişime izin verilsin mi?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> adlı Bluetooth cihazı, kişileriniz de dahil olmak üzere SIM kartınızdaki verilere ulaşmak istiyor.\n\nBağlantı süresince <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> numarasına gelen tüm aramaları <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> adlı cihaz alacak."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Kullanılabilir Bluetooth cihaz"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Bir cihaz bağlanmak istiyor. Ayrıntılar için dokunun."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Bluetooth cihazına bağlanılsın mı?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>, bu telefona bağlanmak istiyor.\n\n<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> adlı cihaza daha önce bağlanmadınız."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Bağlanma"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Bağlan"</string>
+ </resources>
+diff --git a/res/values-uk/strings.xml b/res/values-uk/strings.xml
+index 5cbff65844..d37c4985dc 100644
+--- a/res/values-uk/strings.xml
++++ b/res/values-uk/strings.xml
+@@ -3331,4 +3331,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Зараз пам’яттю керує диспетчер пам’яті"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Інформація про ініціалізацію оператора"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Активатор ініціалізації оператора"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Інший пристрій хоче отримати доступ до ваших повідомлень. Натисніть, щоб дізнатися більше."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Дозволити доступ до повідомлень?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Пристрій із Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) хоче отримати доступ до ваших повідомлень.\n\nВи ще не підключалися до пристрою \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\"."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Інший пристрій хоче отримати доступ до ваших контактів і журналу викликів. Натисніть, щоб дізнатися більше."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Дозволити доступ до контактів і журналу викликів?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Пристрій із Bluetooth (<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>) хоче отримати доступ до ваших контактів і журналу викликів, зокрема даних про вхідні й вихідні дзвінки.\n\nВи ще не підключалися до пристрою \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\"."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Не дозволяти"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Запити на доступ до SIM-карти"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Пристрій хоче отримати доступ до SIM-карти. Натисніть, щоб дізнатися більше."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Дозволити доступ до SIM-карти?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Пристрій із Bluetooth \"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>\" хоче отримати доступ до даних на вашій SIM-карті, зокрема до контактів.\n\nПід час підключення пристрій \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\" зможе отримувати всі виклики, що надходитимуть на номер <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Доступний пристрій із Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Пристрій хоче підключитися. Натисніть, щоб дізнатися більше."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Підключитися до пристрою з Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"Пристрій \"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>\" хоче підключитися до цього телефона.\n\nВи ще не підключалися до пристрою \"<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>\"."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Не підключатися"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Підключитися"</string>
+ </resources>
+diff --git a/res/values-vi/strings.xml b/res/values-vi/strings.xml
+index 8c93d7f4c6..dec7547003 100644
+--- a/res/values-vi/strings.xml
++++ b/res/values-vi/strings.xml
+@@ -3259,4 +3259,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"Bộ nhớ của bạn hiện đang được quản lý bởi trình quản lý bộ nhớ"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"Thông tin cấp phép của nhà cung cấp dịch vụ"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"Kích hoạt cấp phép của nhà cung cấp dịch vụ"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"Một thiết bị muốn truy cập vào tin nhắn của bạn. Hãy nhấn để biết thông tin chi tiết."</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"Cho phép truy cập vào tin nhắn?"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"Thiết bị Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> muốn truy cập vào tin nhắn của bạn.\n\nBạn chưa từng kết nối với <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"Một thiết bị muốn truy cập vào danh bạ và nhật ký cuộc gọi của bạn. Hãy nhấn để biết thông tin chi tiết."</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"Cho phép truy cập vào danh bạ và nhật ký cuộc gọi?"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"Thiết bị Bluetooth <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> muốn truy cập vào danh bạ và nhật ký cuộc gọi của bạn, trong đó có cả dữ liệu về cuộc gọi đi và cuộc gọi đến.\n\nBạn chưa từng kết nối với <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"Không cho phép"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"Yêu cầu truy cập vào thẻ SIM"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"Một thiết bị muốn truy cập vào thẻ SIM của bạn. Hãy nhấn để xem thông tin chi tiết."</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"Cho phép truy cập vào thẻ SIM?"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"Một thiết bị Bluetooth là <xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> muốn truy cập vào dữ liệu trên thẻ SIM của bạn. Dữ liệu này bao gồm cả danh bạ của bạn.\n\nSau khi kết nối, <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g> sẽ nhận được tất cả các cuộc gọi đến số <xliff:g id="PHONE_NUMBER">%3$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"Hiện có thiết bị Bluetooth"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"Một thiết bị muốn kết nối. Hãy nhấn để xem thông tin chi tiết."</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"Kết nối với thiết bị Bluetooth?"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g> muốn kết nối với điện thoại này.\n\nBạn chưa từng kết nối với <xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>."</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"Không kết nối"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"Kết nối"</string>
+ </resources>
+diff --git a/res/values-zh-rCN/strings.xml b/res/values-zh-rCN/strings.xml
+index 74b54de365..b65a5cc646 100644
+--- a/res/values-zh-rCN/strings.xml
++++ b/res/values-zh-rCN/strings.xml
+@@ -3298,4 +3298,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"您的存储空间目前是由存储空间管理器管理"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"运营商配置信息"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"触发运营商配置"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"有设备想要访问您的消息。点按可了解详情。"</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"要允许访问消息吗？"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"蓝牙设备“<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>”想要访问您的消息。\n\n您之前没有连接过“<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>”。"</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"有设备想要访问您的通讯录和通话记录。点按可了解详情。"</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"要允许访问通讯录和通话记录吗？"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"蓝牙设备“<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>”想要访问您的通讯录和通话记录，包括有关来电和去电的数据。\n\n您之前没有连接过“<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>”。"</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"不允许"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM 卡访问请求"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"有一部设备想访问您的 SIM 卡。点按可了解详情。"</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"要允许访问 SIM 卡吗？"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"蓝牙设备“<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>”想访问您的 SIM 卡中的数据。其中包括您的联系人信息。\n\n在保持连接期间，“<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>”将会收到打给 <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> 的所有电话。"</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"有可用的蓝牙设备"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"有一部设备想要连接。点按可了解详情。"</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"要连接到蓝牙设备吗？"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"“<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>”想连接到此手机。\n\n您之前没有连接过“<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>”。"</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"不连接"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"连接"</string>
+ </resources>
+diff --git a/res/values-zh-rHK/strings.xml b/res/values-zh-rHK/strings.xml
+index 051663c4d6..23432b6bf6 100644
+--- a/res/values-zh-rHK/strings.xml
++++ b/res/values-zh-rHK/strings.xml
+@@ -3262,4 +3262,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"您的儲存空間即將由儲存空間管理員管理"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"流動網絡供應商佈建資料"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"觸發流動網絡供應商佈建程序"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"有裝置想存取您的訊息。輕按即可瞭解詳情。"</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"要允許存取訊息嗎？"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"藍牙裝置「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想存取您的訊息。\n\n請注意，您從未連接「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」。"</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"有裝置要求存取您的聯絡人資料和通話記錄。輕按即可瞭解詳情。"</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"要允許存取聯絡人和通話記錄嗎？"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"藍牙裝置「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想存取您的聯絡人資料和通話記錄，包括來電和撥出電話的資料。\n\n您從未連接「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」。"</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"不允許"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM 卡存取要求"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"有裝置想存取 SIM 卡。輕按即可瞭解詳情。"</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"要允許存取 SIM 卡嗎？"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"藍牙裝置「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想存取 SIM 卡上的資料，包括您的聯絡人。\n\n連接後，打給 <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> 的所有來電都會轉到「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」。"</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"有可用的藍牙裝置"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"有裝置要連接。輕按即可瞭解詳情。"</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"要連接藍牙裝置嗎？"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想連接此手機。\n\n請注意，您從未連接「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」"</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"不要連接"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"連接"</string>
+ </resources>
+diff --git a/res/values-zh-rTW/strings.xml b/res/values-zh-rTW/strings.xml
+index ddddb7dc72..312b62ad22 100644
+--- a/res/values-zh-rTW/strings.xml
++++ b/res/values-zh-rTW/strings.xml
+@@ -3263,4 +3263,21 @@
+     <string name="automatic_storage_manager_activation_warning" msgid="6353100011690933254">"你的儲存空間目前是由儲存空間管理員管理"</string>
+     <string name="carrier_provisioning" msgid="4398683675591893169">"行動通訊業者佈建資訊"</string>
+     <string name="trigger_carrier_provisioning" msgid="3434865918009286187">"觸發行動通訊業者佈建程序"</string>
++    <string name="bluetooth_message_access_notification_content" msgid="5111712860712823893">"一部裝置想要存取你的訊息。輕觸即可瞭解詳情。"</string>
++    <string name="bluetooth_message_access_dialog_title" msgid="9009836130395061579">"要允許存取訊息嗎？"</string>
++    <string name="bluetooth_message_access_dialog_content" msgid="7186694737578788487">"藍牙裝置「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想要存取你的訊息。\n\n請注意，你從未與「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」建立連線。"</string>
++    <string name="bluetooth_phonebook_access_notification_content" msgid="9175220052703433637">"一部裝置想要存取你的聯絡人資料和通話記錄。輕觸即可瞭解詳情。"</string>
++    <string name="bluetooth_phonebook_access_dialog_title" msgid="7624607995928968721">"要允許存取聯絡人和通話記錄嗎？"</string>
++    <string name="bluetooth_phonebook_access_dialog_content" msgid="959658135522249170">"藍牙裝置「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想要存取你的聯絡人資料和通話記錄，包括你接聽及撥打的電話。\n\n請注意，你從未與「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」建立連線。"</string>
++    <string name="request_manage_bluetooth_permission_dont_allow" msgid="8798061333407581300">"不允許"</string>
++    <string name="bluetooth_sim_card_access_notification_title" msgid="5217037846900908318">"SIM 卡存取要求"</string>
++    <string name="bluetooth_sim_card_access_notification_content" msgid="6759306429895300286">"有裝置想要存取 SIM 卡。輕觸即可瞭解詳情。"</string>
++    <string name="bluetooth_sim_card_access_dialog_title" msgid="4486768729352090174">"要允許存取 SIM 卡嗎？"</string>
++    <string name="bluetooth_sim_card_access_dialog_content" msgid="4153857191661567190">"藍牙裝置「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想要存取 SIM 卡上的資料，包括你的聯絡人。\n\n連線後，打給 <xliff:g id="PHONE_NUMBER">%3$s</xliff:g> 的每通電話都會轉到「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」。"</string>
++    <string name="bluetooth_connect_access_notification_title" msgid="2573547043170883947">"有可用的藍牙裝置"</string>
++    <string name="bluetooth_connect_access_notification_content" msgid="1328465545685433304">"有裝置想要連線。輕觸即可瞭解詳情。"</string>
++    <string name="bluetooth_connect_access_dialog_title" msgid="1948056782712451381">"要連線到藍牙裝置嗎？"</string>
++    <string name="bluetooth_connect_access_dialog_content" msgid="4336436466468405850">"「<xliff:g id="DEVICE_NAME_0">%1$s</xliff:g>」想要連線到這支手機。\n\n請注意，你從未與「<xliff:g id="DEVICE_NAME_1">%2$s</xliff:g>」連線。"</string>
++    <string name="bluetooth_connect_access_dialog_negative" msgid="4944672755226375059">"不要連線"</string>
++    <string name="bluetooth_connect_access_dialog_positive" msgid="3630561675207269710">"連線"</string>
+ </resources>
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/319991.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/319991.patch
new file mode 100644
index 00000000..36d4f038
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/319991.patch
@@ -0,0 +1,27 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Chen Chen <cncn@google.com>
+Date: Tue, 5 Oct 2021 17:46:02 -0700
+Subject: [PATCH] BluetoothSecurity: Add BLUETOOTH_PRIVILEGED permission for
+ pairing dialog
+
+Bug: 194300867
+Test: Build
+
+Change-Id: I5a496df50550ea7ee6986c960e28ae3e4a056b4b
+(cherry picked from commit aebca7f35bf6bf975eeeb443fa8bbeb5d477d642)
+---
+ AndroidManifest.xml | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index 4871306669..86fc53bb18 100755
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -2098,6 +2098,7 @@
+ 
+         <activity android:name=".bluetooth.BluetoothPairingDialog"
+                   android:label="@string/bluetooth_pairing_request"
++                  android:permission="android.permission.BLUETOOTH_PRIVILEGED"
+                   android:excludeFromRecents="true"
+                   android:windowSoftInputMode="stateVisible|adjustResize"
+                   android:theme="@*android:style/Theme.DeviceDefault.Light.Dialog.Alert">
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/323458.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/323458.patch
new file mode 100644
index 00000000..b9c3e38e
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/323458.patch
@@ -0,0 +1,29 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Yanting Yang <yantingyang@google.com>
+Date: Thu, 14 Oct 2021 15:06:33 +0000
+Subject: [PATCH] Rephrase dialog message of clear storage dialog for security
+ concern
+
+Bug: 193890833
+Test: visual
+Change-Id: I8f0b066de710169ee8b922c44b6519ca21b9c7ef
+(cherry picked from commit 0c359da620498d536d81cb97d5ae48048201c226)
+(cherry picked from commit 7d22136fb086da3edff0664d8fe5f5e0b70fd77d)
+Merged-In:I8f0b066de710169ee8b922c44b6519ca21b9c7ef
+---
+ res/values/strings.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index f98146b139..d63cbc6b60 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -3508,7 +3508,7 @@
+     <!-- Manage applications, individual application screen, confirmation dialog title. Displays when user selects to "Clear data". -->
+     <string name="clear_data_dlg_title">Delete app data?</string>
+     <!-- Manage applications, individual application screen, confirmation dialog message. Displays when user selects to "Clear data". It warns the user of the consequences of clearing the data for an app. -->
+-    <string name="clear_data_dlg_text">All this app\u2019s data will be deleted permanently. This includes all files, settings, accounts, databases, etc.</string>
++    <string name="clear_data_dlg_text">This app\u2019s data will be permanently deleted. This includes files, settings, databases, and other app data.</string>
+     <!-- Manage applications, individual application screen, confirmation dialog button. Displays when user selects to "Clear data". Goes through with the clearing of the data. -->
+     <string name="dlg_ok">OK</string>
+     <!-- Manage applications, individual application screen, confirmation dialog button. Displays when user selects to "Clear data". -->
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/325994.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/325994.patch
new file mode 100644
index 00000000..ccec4ff1
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/325994.patch
@@ -0,0 +1,85 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Edgar Wang <edgarwang@google.com>
+Date: Thu, 6 Jan 2022 20:53:48 +0800
+Subject: [PATCH] Fix bypass CALL_PRIVILEGED permission in
+ AppRestrictionsFragment
+
+In onReceive of AppRestrictionsFragment.java, there is a possible way to
+start a phone call without permissions due to a confused deputy.
+This could lead to local escalation of privilege with no additional
+execution privileges needed.
+
+We should not allow the restrictionsIntent to startActivity simply
+because it resolves to multiple activities.
+Instead, we should call resolveActivity and check the result's package
+name is same as current package name, then it is safe to startActivity.
+
+Bug: 200688991
+Test: manual verify
+Change-Id: Iaa2d3a9497c3266babe0789961befc9776a4db7a
+Merged-In: Iaa2d3a9497c3266babe0789961befc9776a4db7a
+(cherry picked from commit 359512cd9553c940af3c9045b856647b7529731a)
+(cherry picked from commit f57d75f127fe96e91250585208a339763f1a2253)
+Merged-In:Iaa2d3a9497c3266babe0789961befc9776a4db7a
+---
+ .../users/AppRestrictionsFragment.java        | 24 +++++++++++++------
+ 1 file changed, 17 insertions(+), 7 deletions(-)
+
+diff --git a/src/com/android/settings/users/AppRestrictionsFragment.java b/src/com/android/settings/users/AppRestrictionsFragment.java
+index f72bf9e97b..ee2114219e 100644
+--- a/src/com/android/settings/users/AppRestrictionsFragment.java
++++ b/src/com/android/settings/users/AppRestrictionsFragment.java
+@@ -17,6 +17,7 @@
+ package com.android.settings.users;
+ 
+ import android.app.Activity;
++import android.content.ActivityNotFoundException;
+ import android.content.BroadcastReceiver;
+ import android.content.Context;
+ import android.content.Intent;
+@@ -44,6 +45,7 @@ import android.support.v7.preference.Preference.OnPreferenceChangeListener;
+ import android.support.v7.preference.Preference.OnPreferenceClickListener;
+ import android.support.v7.preference.PreferenceGroup;
+ import android.support.v7.preference.PreferenceViewHolder;
++import android.util.EventLog;
+ import android.util.Log;
+ import android.view.View;
+ import android.view.View.OnClickListener;
+@@ -634,7 +636,15 @@ public class AppRestrictionsFragment extends SettingsPreferenceFragment implemen
+             } else if (restrictionsIntent != null) {
+                 preference.setRestrictions(restrictions);
+                 if (invokeIfCustom && AppRestrictionsFragment.this.isResumed()) {
+-                    assertSafeToStartCustomActivity(restrictionsIntent);
++                    try {
++                        assertSafeToStartCustomActivity(restrictionsIntent);
++                    } catch (ActivityNotFoundException | SecurityException e) {
++                        // return without startActivity
++                        Log.e(TAG, "Cannot start restrictionsIntent " + e);
++                        EventLog.writeEvent(0x534e4554, "200688991", -1 /* UID */, "");
++                        return;
++                    }
++
+                     int requestCode = generateCustomActivityRequestCode(
+                             RestrictionsResultReceiver.this.preference);
+                     AppRestrictionsFragment.this.startActivityForResult(
+@@ -648,14 +658,14 @@ public class AppRestrictionsFragment extends SettingsPreferenceFragment implemen
+             if (intent.getPackage() != null && intent.getPackage().equals(packageName)) {
+                 return;
+             }
+-            // Activity can be started if intent resolves to multiple activities
+-            List<ResolveInfo> resolveInfos = AppRestrictionsFragment.this.mPackageManager
+-                    .queryIntentActivities(intent, 0 /* no flags */);
+-            if (resolveInfos.size() != 1) {
+-                return;
++            ResolveInfo resolveInfo = mPackageManager.resolveActivity(
++                    intent, PackageManager.MATCH_DEFAULT_ONLY);
++
++            if (resolveInfo == null) {
++                throw new ActivityNotFoundException("No result for resolving " + intent);
+             }
+             // Prevent potential privilege escalation
+-            ActivityInfo activityInfo = resolveInfos.get(0).activityInfo;
++            ActivityInfo activityInfo = resolveInfo.activityInfo;
+             if (!packageName.equals(activityInfo.packageName)) {
+                 throw new SecurityException("Application " + packageName
+                         + " is not allowed to start activity " + intent);
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/327099.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/327099.patch
new file mode 100644
index 00000000..8bade74b
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/327099.patch
@@ -0,0 +1,79 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Alex Johnston <acjohnston@google.com>
+Date: Wed, 5 Jan 2022 22:19:29 +0000
+Subject: [PATCH] Add caller check to com.android.credentials.RESET [Backport]
+
+* Only the Settings app can reset credentials
+  via com.android.credentials.RESET.
+* com.android.credentials.INSTALL should still be
+  callable by CertInstaller.
+
+Manual testing steps:
+* Install certificate via Settings
+* Verify unable to reset certificates via test app
+  provided in the bug (app-debug.apk)
+* Verify able to reset certificates via Settings
+* Verify com.android.credentials.INSTALL isn't changed
+
+Bug: 200164168
+Test: manual
+
+Change-Id: I9dfde586616d004befbee529f2ae842d22795065
+(cherry picked from commit 4c1272a921bb9037e17a01e1e5a0692f7f704c3d)
+Merged-In: I9dfde586616d004befbee529f2ae842d22795065
+(cherry picked from commit 35e3d0c1b0598b2032fc6c134c657255f1907594)
+Merged-In: I9dfde586616d004befbee529f2ae842d22795065
+---
+ .../android/settings/CredentialStorage.java    | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/com/android/settings/CredentialStorage.java b/src/com/android/settings/CredentialStorage.java
+index eed380bae4..1c82bff713 100644
+--- a/src/com/android/settings/CredentialStorage.java
++++ b/src/com/android/settings/CredentialStorage.java
+@@ -17,6 +17,7 @@
+ package com.android.settings;
+ 
+ import android.app.Activity;
++import android.app.ActivityManagerNative;
+ import android.app.AlertDialog;
+ import android.app.admin.DevicePolicyManager;
+ import android.content.Context;
+@@ -27,6 +28,7 @@ import android.content.pm.UserInfo;
+ import android.content.res.Resources;
+ import android.os.AsyncTask;
+ import android.os.Bundle;
++import android.os.IBinder;
+ import android.os.Process;
+ import android.os.RemoteException;
+ import android.os.UserHandle;
+@@ -128,7 +130,7 @@ public final class CredentialStorage extends Activity {
+         String action = intent.getAction();
+         UserManager userManager = (UserManager) getSystemService(Context.USER_SERVICE);
+         if (!userManager.hasUserRestriction(UserManager.DISALLOW_CONFIG_CREDENTIALS)) {
+-            if (ACTION_RESET.equals(action)) {
++            if (ACTION_RESET.equals(action) && checkCallerIsSelf()) {
+                 new ResetDialog();
+             } else {
+                 if (ACTION_INSTALL.equals(action) && checkCallerIsCertInstallerOrSelfInProfile()) {
+@@ -405,6 +407,20 @@ public final class CredentialStorage extends Activity {
+         }
+     }
+ 
++    /**
++     * Check that the caller is Settings.
++     */
++    private boolean checkCallerIsSelf() {
++        try {
++            IBinder activityToken = getActivityToken();
++            return Process.myUid() == ActivityManagerNative.getDefault()
++                    .getLaunchedFromUid(activityToken);
++        } catch (RemoteException re) {
++            // Error talking to ActivityManager, just give up
++            return false;
++        }
++    }
++
+     /**
+      * Check that the caller is either certinstaller or Settings running in a profile of this user.
+      */
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/334037.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/334037.patch
new file mode 100644
index 00000000..96e5ba3b
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/334037.patch
@@ -0,0 +1,39 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Edgar Wang <edgarwang@google.com>
+Date: Wed, 6 Apr 2022 17:30:27 +0800
+Subject: [PATCH] Fix LaunchAnyWhere in AppRestrictionsFragment
+
+If the intent's package equals to the app's package, this intent
+will be allowed to startActivityForResult.
+But this check is unsafe, because if the component of this intent
+is set, the package field will just be ignored. So if we set the
+component to any activity we like and set package to the app's
+package, it will pass the assertSafeToStartCustomActivity check
+and now we can launch anywhere.
+
+Bug: 223578534
+Test: robotest and manual verify
+Change-Id: I40496105bae313fe5cff2a36dfe329c1e2b5bbe4
+(cherry picked from commit 90e095dbe372f29823ad4788c0cc2d781ae3bb24)
+(cherry picked from commit b3eecdd13d9f3d9fde99e9881c9e451ff199f7ad)
+Merged-In: I40496105bae313fe5cff2a36dfe329c1e2b5bbe4
+---
+ src/com/android/settings/users/AppRestrictionsFragment.java | 5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+diff --git a/src/com/android/settings/users/AppRestrictionsFragment.java b/src/com/android/settings/users/AppRestrictionsFragment.java
+index ee2114219e..feb8b9ef01 100644
+--- a/src/com/android/settings/users/AppRestrictionsFragment.java
++++ b/src/com/android/settings/users/AppRestrictionsFragment.java
+@@ -654,10 +654,7 @@ public class AppRestrictionsFragment extends SettingsPreferenceFragment implemen
+         }
+ 
+         private void assertSafeToStartCustomActivity(Intent intent) {
+-            // Activity can be started if it belongs to the same app
+-            if (intent.getPackage() != null && intent.getPackage().equals(packageName)) {
+-                return;
+-            }
++            EventLog.writeEvent(0x534e4554, "223578534", -1 /* UID */, "");
+             ResolveInfo resolveInfo = mPackageManager.resolveActivity(
+                     intent, PackageManager.MATCH_DEFAULT_ONLY);
+ 
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/334874.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/334874.patch
new file mode 100644
index 00000000..2e203f77
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/334874.patch
@@ -0,0 +1,54 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Arc Wang <arcwang@google.com>
+Date: Fri, 6 May 2022 17:42:30 +0800
+Subject: [PATCH] Verify ringtone from ringtone picker is audio
+
+To improve privacy.
+
+Bug: 221041256
+Test: atest com.android.settings.DefaultRingtonePreferenceTest
+Change-Id: I0a9ca163f5ae91b67c9f957fde4c6db326b8718d
+Merged-In: I0a9ca163f5ae91b67c9f957fde4c6db326b8718d
+(cherry picked from commit e4c22580c9a66a3d5523782c2daa707531210227)
+(cherry picked from commit 640eab60f2baa9052d395fccd4a0324103ad6c7a)
+Merged-In: I0a9ca163f5ae91b67c9f957fde4c6db326b8718d
+---
+ .../settings/DefaultRingtonePreference.java    | 18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+diff --git a/src/com/android/settings/DefaultRingtonePreference.java b/src/com/android/settings/DefaultRingtonePreference.java
+index 4e0e1e7403..3333016565 100644
+--- a/src/com/android/settings/DefaultRingtonePreference.java
++++ b/src/com/android/settings/DefaultRingtonePreference.java
+@@ -22,6 +22,7 @@ import android.content.Intent;
+ import android.media.RingtoneManager;
+ import android.net.Uri;
+ import android.util.AttributeSet;
++import android.util.Log;
+ 
+ public class DefaultRingtonePreference extends RingtonePreference {
+     private static final String TAG = "DefaultRingtonePreference";
+@@ -43,6 +44,23 @@ public class DefaultRingtonePreference extends RingtonePreference {
+ 
+     @Override
+     protected void onSaveRingtone(Uri ringtoneUri) {
++        String mimeType = getContext().getContentResolver().getType(ringtoneUri);
++        if (mimeType == null) {
++            Log.e(TAG, "onSaveRingtone for URI:" + ringtoneUri
++                    + " ignored: failure to find mimeType (no access from this context?)");
++            return;
++        }
++
++        if (!(mimeType.startsWith("audio/") || mimeType.equals("application/ogg"))) {
++            Log.e(TAG, "onSaveRingtone for URI:" + ringtoneUri
++                    + " ignored: associated mimeType:" + mimeType + " is not an audio type");
++            return;
++        }
++
++        setActualDefaultRingtoneUri(ringtoneUri);
++    }
++
++    void setActualDefaultRingtoneUri(Uri ringtoneUri) {
+         RingtoneManager.setActualDefaultRingtoneUri(getContext(), getRingtoneType(), ringtoneUri);
+     }
+ 
diff --git a/Patches/LineageOS-14.1/android_packages_apps_Settings/334875.patch b/Patches/LineageOS-14.1/android_packages_apps_Settings/334875.patch
new file mode 100644
index 00000000..f4c09da6
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_apps_Settings/334875.patch
@@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Arc Wang <arcwang@google.com>
+Date: Mon, 16 May 2022 14:36:19 +0800
+Subject: [PATCH] Fix Settings crash when setting a null ringtone
+
+Ringtone picker may callback a null ringtone Uri
+if users select None.
+
+This change pass null ringtone Uri to RingtoneManager
+and return.
+
+Bug: 232502532
+Bug: 221041256
+Test: maunal
+      Settings - Sound & Vibration -> Phone ringtone
+      -> My Sounds -> None
+Change-Id: I044b680871472a3c272f6264c4ef272df542112e
+Merged-In: I044b680871472a3c272f6264c4ef272df542112e
+(cherry picked from commit d94b73b3041614a5ff57c7745f50f235bf6c7783)
+Merged-In: I044b680871472a3c272f6264c4ef272df542112e
+---
+ src/com/android/settings/DefaultRingtonePreference.java | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/com/android/settings/DefaultRingtonePreference.java b/src/com/android/settings/DefaultRingtonePreference.java
+index 3333016565..75c527fa31 100644
+--- a/src/com/android/settings/DefaultRingtonePreference.java
++++ b/src/com/android/settings/DefaultRingtonePreference.java
+@@ -44,6 +44,11 @@ public class DefaultRingtonePreference extends RingtonePreference {
+ 
+     @Override
+     protected void onSaveRingtone(Uri ringtoneUri) {
++        if (ringtoneUri == null) {
++            setActualDefaultRingtoneUri(ringtoneUri);
++            return;
++        }
++
+         String mimeType = getContext().getContentResolver().getType(ringtoneUri);
+         if (mimeType == null) {
+             Log.e(TAG, "onSaveRingtone for URI:" + ringtoneUri
diff --git a/Patches/LineageOS-14.1/android_packages_providers_ContactsProvider/334876.patch b/Patches/LineageOS-14.1/android_packages_providers_ContactsProvider/334876.patch
new file mode 100644
index 00000000..2d29a4a2
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_providers_ContactsProvider/334876.patch
@@ -0,0 +1,150 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Thomas Stuart <tjstuart@google.com>
+Date: Thu, 28 Apr 2022 16:53:40 -0700
+Subject: [PATCH] enforce stricter CallLogProvider query
+
+changes:
+- phoneNumber is now a selectionArgument
+- if the user makes a query request for the CALLS_FILTER case,
+  throw a SE if the cursor is empty && SQL is detected
+
+Bug: 224771921
+Test: 2 manual,
+	manual 1: test app 1 can still make valid call filter query
+	manual 2: test app 2 with invalid query crashes b/c of SE
+
+      2 CTS tests,
+      test 1: ensures the existing functionality still works
+      test 2: ensures a SE is thrown on an invalid query for call filter
+
+Change-Id: Ia445bb59581abb14e247aa8d9f0177e02307cf96
+Merged-In: Ia445bb59581abb14e247aa8d9f0177e02307cf96
+(cherry picked from commit c8b6397d364c2741baf5d850bfdd1693782af940)
+Merged-In: Ia445bb59581abb14e247aa8d9f0177e02307cf96
+---
+ .../providers/contacts/CallLogProvider.java   | 77 ++++++++++++++++++-
+ 1 file changed, 75 insertions(+), 2 deletions(-)
+
+diff --git a/src/com/android/providers/contacts/CallLogProvider.java b/src/com/android/providers/contacts/CallLogProvider.java
+index 2d4639dc..8010dee2 100755
+--- a/src/com/android/providers/contacts/CallLogProvider.java
++++ b/src/com/android/providers/contacts/CallLogProvider.java
+@@ -31,6 +31,7 @@ import android.database.Cursor;
+ import android.database.DatabaseUtils;
+ import android.database.sqlite.SQLiteDatabase;
+ import android.database.sqlite.SQLiteQueryBuilder;
++import android.database.sqlite.SQLiteTokenizer;
+ import android.net.Uri;
+ import android.os.Binder;
+ import android.os.Handler;
+@@ -48,6 +49,7 @@ import android.telecom.PhoneAccount;
+ import android.telecom.PhoneAccountHandle;
+ import android.telecom.TelecomManager;
+ import android.text.TextUtils;
++import android.util.EventLog;
+ import android.util.Log;
+ 
+ import com.android.internal.annotations.VisibleForTesting;
+@@ -59,6 +61,9 @@ import com.android.providers.contacts.util.UserUtils;
+ import java.util.Arrays;
+ import java.util.HashMap;
+ import java.util.List;
++import java.util.Locale;
++import java.util.Set;
++import java.util.UUID;
+ import java.util.concurrent.CountDownLatch;
+ 
+ /**
+@@ -273,9 +278,10 @@ public class CallLogProvider extends ContentProvider {
+                 List<String> pathSegments = uri.getPathSegments();
+                 String phoneNumber = pathSegments.size() >= 2 ? pathSegments.get(2) : null;
+                 if (!TextUtils.isEmpty(phoneNumber)) {
+-                    qb.appendWhere("PHONE_NUMBERS_EQUAL(number, ");
+-                    qb.appendWhereEscapeString(phoneNumber);
++                    qb.appendWhere("PHONE_NUMBERS_EQUAL(number, ?");
+                     qb.appendWhere(mUseStrictPhoneNumberComparation ? ", 1)" : ", 0)");
++                    selectionArgs = copyArrayAndAppendElement(selectionArgs,
++                            "'" + phoneNumber + "'");
+                 } else {
+                     qb.appendWhere(Calls.NUMBER_PRESENTATION + "!="
+                             + Calls.PRESENTATION_ALLOWED);
+@@ -299,12 +305,79 @@ public class CallLogProvider extends ContentProvider {
+         final SQLiteDatabase db = mDbHelper.getReadableDatabase();
+         final Cursor c = qb.query(db, projection, selectionBuilder.build(), selectionArgs, groupby,
+                 null, sortOrder, limitClause);
++
++        if (match == CALLS_FILTER && selectionArgs.length > 0) {
++            // throw SE if the user is sending requests that try to bypass voicemail permissions
++            examineEmptyCursorCause(c, selectionArgs[selectionArgs.length - 1]);
++        }
++
+         if (c != null) {
+             c.setNotificationUri(getContext().getContentResolver(), CallLog.CONTENT_URI);
+         }
+         return c;
+     }
+ 
++    /**
++     * Helper method for queryInternal that appends an extra argument to the existing selection
++     * arguments array.
++     *
++     * @param oldSelectionArguments the existing selection argument array in queryInternal
++     * @param phoneNumber           the phoneNumber that was passed into queryInternal
++     * @return the new selection argument array with the phoneNumber as the last argument
++     */
++    private String[] copyArrayAndAppendElement(String[] oldSelectionArguments, String phoneNumber) {
++        if (oldSelectionArguments == null) {
++            return new String[]{phoneNumber};
++        }
++        String[] newSelectionArguments = new String[oldSelectionArguments.length + 1];
++        System.arraycopy(oldSelectionArguments, 0, newSelectionArguments, 0,
++                oldSelectionArguments.length);
++        newSelectionArguments[oldSelectionArguments.length] = phoneNumber;
++        return newSelectionArguments;
++    }
++
++    /**
++     * Helper that throws a Security Exception if the Cursor object is empty && the phoneNumber
++     * appears to have SQL.
++     *
++     * @param cursor      returned from the query.
++     * @param phoneNumber string to check for SQL.
++     */
++    private void examineEmptyCursorCause(Cursor cursor, String phoneNumber) {
++        // checks if the cursor is empty
++        if ((cursor == null) || !cursor.moveToFirst()) {
++            try {
++                // tokenize the phoneNumber and run each token through a checker
++                SQLiteTokenizer.tokenize(phoneNumber, SQLiteTokenizer.OPTION_NONE,
++                        this::enforceStrictPhoneNumber);
++            } catch (IllegalArgumentException e) {
++                EventLog.writeEvent(0x534e4554, "224771921", Binder.getCallingUid(),
++                        ("invalid phoneNumber passed to queryInternal"));
++                throw new SecurityException("invalid phoneNumber passed to queryInternal");
++            }
++        }
++    }
++
++    private void enforceStrictPhoneNumber(String token) {
++        boolean isAllowedKeyword = SQLiteTokenizer.isKeyword(token);
++        switch (token.toUpperCase(Locale.US)) {
++            case "SELECT":
++            case "FROM":
++            case "WHERE":
++            case "GROUP":
++            case "HAVING":
++            case "WINDOW":
++            case "VALUES":
++            case "ORDER":
++            case "LIMIT":
++                isAllowedKeyword = false;
++                break;
++        }
++        if (!isAllowedKeyword) {
++            throw new IllegalArgumentException("Invalid token " + token);
++        }
++    }
++
+     private void queryForTesting(Uri uri) {
+         if (!uri.getBooleanQueryParameter(PARAM_KEY_QUERY_FOR_TESTING, false)) {
+             return;
diff --git a/Patches/LineageOS-14.1/android_packages_providers_MediaProvider/324248.patch b/Patches/LineageOS-14.1/android_packages_providers_MediaProvider/324248.patch
new file mode 100644
index 00000000..8c76ca1d
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_providers_MediaProvider/324248.patch
@@ -0,0 +1,147 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Zim <zezeozue@google.com>
+Date: Thu, 4 Nov 2021 11:05:39 +0000
+Subject: [PATCH] Open all files with O_NOFOLLOW.
+
+SD cards don't support symlinks, so we have no reason to try
+following them if somehow an evil caller is able to sneak them into
+the database.
+
+Bug: 124329382
+Bug: 200682135
+Test: atest --test-mapping packages/providers/MediaProvider
+Change-Id: Idb1f3ee1db90913a97a50515003f211519037066
+Merged-In: Idb1f3ee1db90913a97a50515003f211519037066
+(cherry picked from commit b50868065a4cf0c15e96aea66732afc89c388022)
+Merged-In: Idb1f3ee1db90913a97a50515003f211519037066
+---
+ .../media/MediaDocumentsProvider.java         |  4 +-
+ .../providers/media/MediaProvider.java        | 77 ++++++++++++++++++-
+ 2 files changed, 76 insertions(+), 5 deletions(-)
+
+diff --git a/src/com/android/providers/media/MediaDocumentsProvider.java b/src/com/android/providers/media/MediaDocumentsProvider.java
+index 7c3d773a6..c2877731c 100644
+--- a/src/com/android/providers/media/MediaDocumentsProvider.java
++++ b/src/com/android/providers/media/MediaDocumentsProvider.java
+@@ -799,7 +799,7 @@ public class MediaDocumentsProvider extends DocumentsProvider {
+                     null, signal);
+             if (cursor.moveToFirst()) {
+                 final String data = cursor.getString(ImageThumbnailQuery._DATA);
+-                return ParcelFileDescriptor.open(
++                return MediaProvider.openSafely(
+                         new File(data), ParcelFileDescriptor.MODE_READ_ONLY);
+             }
+         } finally {
+@@ -886,7 +886,7 @@ public class MediaDocumentsProvider extends DocumentsProvider {
+                     null, signal);
+             if (cursor.moveToFirst()) {
+                 final String data = cursor.getString(VideoThumbnailQuery._DATA);
+-                return new AssetFileDescriptor(ParcelFileDescriptor.open(
++                return new AssetFileDescriptor(MediaProvider.openSafely(
+                         new File(data), ParcelFileDescriptor.MODE_READ_ONLY), 0,
+                         AssetFileDescriptor.UNKNOWN_LENGTH);
+             }
+diff --git a/src/com/android/providers/media/MediaProvider.java b/src/com/android/providers/media/MediaProvider.java
+index f0370d7a3..d8a68cff2 100644
+--- a/src/com/android/providers/media/MediaProvider.java
++++ b/src/com/android/providers/media/MediaProvider.java
+@@ -21,9 +21,25 @@ import static android.Manifest.permission.INTERACT_ACROSS_USERS;
+ import static android.Manifest.permission.READ_EXTERNAL_STORAGE;
+ import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE;
+ import static android.Manifest.permission.WRITE_MEDIA_STORAGE;
++import static android.os.ParcelFileDescriptor.MODE_APPEND;
++import static android.os.ParcelFileDescriptor.MODE_CREATE;
+ import static android.os.ParcelFileDescriptor.MODE_READ_ONLY;
++import static android.os.ParcelFileDescriptor.MODE_READ_WRITE;
++import static android.os.ParcelFileDescriptor.MODE_TRUNCATE;
+ import static android.os.ParcelFileDescriptor.MODE_WRITE_ONLY;
+-
++import static android.system.OsConstants.O_APPEND;
++import static android.system.OsConstants.O_CLOEXEC;
++import static android.system.OsConstants.O_CREAT;
++import static android.system.OsConstants.O_NOFOLLOW;
++import static android.system.OsConstants.O_RDONLY;
++import static android.system.OsConstants.O_RDWR;
++import static android.system.OsConstants.O_TRUNC;
++import static android.system.OsConstants.O_WRONLY;
++import static android.system.OsConstants.S_IRWXG;
++import static android.system.OsConstants.S_IRWXU;
++
++import android.annotation.NonNull;
++import android.annotation.Nullable;
+ import android.app.AppOpsManager;
+ import android.app.SearchManager;
+ import android.content.BroadcastReceiver;
+@@ -5035,7 +5051,62 @@ public class MediaProvider extends ContentProvider {
+             file = Environment.maybeTranslateEmulatedPathToInternal(file);
+         }
+ 
+-        return ParcelFileDescriptor.open(file, modeBits);
++        return openSafely(file, modeBits);
++    }
++
++    /**
++     * Drop-in replacement for {@link ParcelFileDescriptor#open(File, int)}
++     * which adds security features like {@link OsConstants#O_CLOEXEC} and
++     * {@link OsConstants#O_NOFOLLOW}.
++     */
++    public static @NonNull ParcelFileDescriptor openSafely(@NonNull File file, int pfdFlags)
++            throws FileNotFoundException {
++        final int posixFlags = translateModePfdToPosix(pfdFlags) | O_CLOEXEC | O_NOFOLLOW;
++        try {
++            final FileDescriptor fd = Os.open(file.getAbsolutePath(), posixFlags,
++                    S_IRWXU | S_IRWXG);
++            try {
++                return ParcelFileDescriptor.dup(fd);
++            } finally {
++                closeQuietly(fd);
++            }
++        } catch (IOException | ErrnoException e) {
++            throw new FileNotFoundException(e.getMessage());
++        }
++    }
++
++    private static void closeQuietly(@Nullable FileDescriptor fd) {
++        if (fd == null) return;
++        try {
++            Os.close(fd);
++        } catch (ErrnoException ignored) {
++        }
++    }
++
++    /**
++     * Shamelessly borrowed from {@code android.os.FileUtils}.
++     */
++    private static int translateModePfdToPosix(int mode) {
++        int res = 0;
++        if ((mode & MODE_READ_WRITE) == MODE_READ_WRITE) {
++            res = O_RDWR;
++        } else if ((mode & MODE_WRITE_ONLY) == MODE_WRITE_ONLY) {
++            res = O_WRONLY;
++        } else if ((mode & MODE_READ_ONLY) == MODE_READ_ONLY) {
++            res = O_RDONLY;
++        } else {
++            throw new IllegalArgumentException("Bad mode: " + mode);
++        }
++        if ((mode & MODE_CREATE) == MODE_CREATE) {
++            res |= O_CREAT;
++        }
++        if ((mode & MODE_TRUNCATE) == MODE_TRUNCATE) {
++            res |= O_TRUNC;
++        }
++        if ((mode & MODE_APPEND) == MODE_APPEND) {
++            res |= O_APPEND;
++        }
++        return res;
+     }
+ 
+     private void deleteIfAllowed(Uri uri, String path) {
+@@ -5268,7 +5339,7 @@ public class MediaProvider extends ContentProvider {
+         }
+         try {
+             File f = new File(path);
+-            ParcelFileDescriptor pfd = ParcelFileDescriptor.open(f,
++            ParcelFileDescriptor pfd = openSafely(f,
+                     ParcelFileDescriptor.MODE_READ_ONLY);
+ 
+             try (MediaScanner scanner = new MediaScanner(context, INTERNAL_VOLUME)) {
diff --git a/Patches/LineageOS-14.1/android_packages_services_Telecomm/332456.patch b/Patches/LineageOS-14.1/android_packages_services_Telecomm/332456.patch
new file mode 100644
index 00000000..48290de6
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_packages_services_Telecomm/332456.patch
@@ -0,0 +1,64 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Thomas Stuart <tjstuart@google.com>
+Date: Sat, 15 Jan 2022 01:15:29 +0000
+Subject: [PATCH] limit TelecomManager#registerPhoneAccount to 10
+
+bug: 209814693
+Bug: 217934478
+Test: CTS
+Change-Id: I3042a3973dd0dcc8d2fdc96c23d6d41522dc00af
+Merged-In: I3042a3973dd0dcc8d2fdc96c23d6d41522dc00af
+(cherry picked from commit eb3394e3a8e21cd07c4f7a7ad43494ba14a8cbf4)
+Merged-In: I3042a3973dd0dcc8d2fdc96c23d6d41522dc00af
+---
+ .../server/telecom/PhoneAccountRegistrar.java | 23 +++++++++++++++++--
+ 1 file changed, 21 insertions(+), 2 deletions(-)
+
+diff --git a/src/com/android/server/telecom/PhoneAccountRegistrar.java b/src/com/android/server/telecom/PhoneAccountRegistrar.java
+index 122036bbe..536f11826 100644
+--- a/src/com/android/server/telecom/PhoneAccountRegistrar.java
++++ b/src/com/android/server/telecom/PhoneAccountRegistrar.java
+@@ -126,6 +126,7 @@ public class PhoneAccountRegistrar {
+     private static final String FILE_NAME = "phone-account-registrar-state.xml";
+     @VisibleForTesting
+     public static final int EXPECTED_STATE_VERSION = 9;
++    public static final int MAX_PHONE_ACCOUNT_REGISTRATIONS = 10;
+ 
+     /** Keep in sync with the same in SipSettings.java */
+     private static final String SIP_SHARED_PREFERENCES = "SIP_PREFERENCES";
+@@ -636,8 +637,13 @@ public class PhoneAccountRegistrar {
+         return getPhoneAccountHandles(0, null, packageName, false, userHandle);
+     }
+ 
+-    // TODO: Should we implement an artificial limit for # of accounts associated with a single
+-    // ComponentName?
++    /**
++     * Performs checks before calling addOrReplacePhoneAccount(PhoneAccount)
++     *
++     * @param account The {@code PhoneAccount} to add or replace.
++     * @throws SecurityException if package does not have BIND_TELECOM_CONNECTION_SERVICE permission
++     * @throws IllegalArgumentException if MAX_PHONE_ACCOUNT_REGISTRATIONS are reached
++     */
+     public void registerPhoneAccount(PhoneAccount account) {
+         // Enforce the requirement that a connection service for a phone account has the correct
+         // permission.
+@@ -648,6 +654,19 @@ public class PhoneAccountRegistrar {
+             throw new SecurityException("PhoneAccount connection service requires "
+                     + "BIND_TELECOM_CONNECTION_SERVICE permission.");
+         }
++        //Enforce an upper bound on the number of PhoneAccount's a package can register.
++        // Most apps should only require 1-2.
++        if (getPhoneAccountsForPackage(
++                account.getAccountHandle().getComponentName().getPackageName(),
++                account.getAccountHandle().getUserHandle()).size()
++                >= MAX_PHONE_ACCOUNT_REGISTRATIONS) {
++            Log.w(this, "Phone account %s reached max registration limit for package",
++                    account.getAccountHandle());
++            throw new IllegalArgumentException(
++                    "Error, cannot register phone account " + account.getAccountHandle()
++                            + " because the limit, " + MAX_PHONE_ACCOUNT_REGISTRATIONS
++                            + ", has been reached");
++        }
+ 
+         addOrReplacePhoneAccount(account);
+     }
diff --git a/Patches/LineageOS-14.1/android_system_bt/315718.patch b/Patches/LineageOS-14.1/android_system_bt/315718.patch
new file mode 100644
index 00000000..013b7afd
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/315718.patch
@@ -0,0 +1,50 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sumit Deshmukh <sumitd@codeaurora.org>
+Date: Tue, 16 Apr 2019 12:38:32 +0530
+Subject: [PATCH] BLE: [IOT] Initiate disconnection when encryption fails
+ during pairing
+
+Usecase:
+1. Keep remote device (IOGEAR Keyboard) in advertising mode.
+2. Pair and connect remote device with DUT.
+3. Disconnect remote from settings menu.
+4. Keep remote back in pairing mode. (This deletes link key
+   at remote side.)
+5. Select remote for connection from Settings menu from
+   paired devices.
+
+Issue:
+Device is seen stuck in "Connecting state" in settings app.
+
+Root Cause:
+When pairing is initiated again from DUT (step 5), encryption
+change event is received with status "PIN or Key Missing" after
+connection complete but disconnection is not initiated by DUT
+thereafter.
+
+Fix:
+Trigger disconnection if encyption fails with reason like
+HCI_ERR_AUTH_FAILURE, HCI_ERR_KEY_MISSING,
+HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE etc
+
+CRs-Fixed: 2427750
+Change-Id: Ie93938a5dc68c6bbd4b6c375c360f09e797f9e77
+---
+ stack/btm/btm_ble.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/stack/btm/btm_ble.c b/stack/btm/btm_ble.c
+index 51fd748c0..6bb85a4ce 100644
+--- a/stack/btm/btm_ble.c
++++ b/stack/btm/btm_ble.c
+@@ -1643,7 +1643,9 @@ void btm_ble_link_encrypted(BD_ADDR bd_addr, UINT8 encr_enable)
+     {
+         if (encr_enable)
+             btm_sec_dev_rec_cback_event(p_dev_rec, BTM_SUCCESS, TRUE);
+-        else if (p_dev_rec->role_master)
++        else if (p_dev_rec->sec_flags & ~BTM_SEC_LE_LINK_KEY_KNOWN) {
++            btm_sec_dev_rec_cback_event(p_dev_rec, BTM_FAILED_ON_SECURITY, TRUE);
++        } else if (p_dev_rec->role_master)
+             btm_sec_dev_rec_cback_event(p_dev_rec, BTM_ERR_PROCESSING, TRUE);
+ 
+     }
diff --git a/Patches/LineageOS-14.1/android_system_bt/315719.patch b/Patches/LineageOS-14.1/android_system_bt/315719.patch
new file mode 100644
index 00000000..eac301cd
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/315719.patch
@@ -0,0 +1,29 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Hansong Zhang <hsz@google.com>
+Date: Mon, 7 Jun 2021 11:06:17 -0700
+Subject: [PATCH] SMP: Reject pairing if public_key.x match
+
+Bug: 189329824
+Test: POC
+Test: pair an LE device
+Change-Id: If6d8a72075f0cf657cadfab033cacffeb22868cb
+Tag: #security
+(cherry picked from commit 9fbf77d1a81b3a1e09d4efa96070a568431e844d)
+---
+ stack/smp/smp_act.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/stack/smp/smp_act.c b/stack/smp/smp_act.c
+index 8702e1095..fffee6f75 100644
+--- a/stack/smp/smp_act.c
++++ b/stack/smp/smp_act.c
+@@ -757,8 +757,7 @@ void smp_process_pairing_public_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
+     memcpy(pt.x, p_cb->peer_publ_key.x, BT_OCTET32_LEN);
+     memcpy(pt.y, p_cb->peer_publ_key.y, BT_OCTET32_LEN);
+ 
+-    if (!memcmp(p_cb->peer_publ_key.x, p_cb->loc_publ_key.x, BT_OCTET32_LEN) &&
+-        !memcmp(p_cb->peer_publ_key.y, p_cb->loc_publ_key.y, BT_OCTET32_LEN))
++    if (!memcmp(p_cb->peer_publ_key.x, p_cb->loc_publ_key.x, BT_OCTET32_LEN))
+     {
+         android_errorWriteLog(0x534e4554, "174886838");
+         SMP_TRACE_WARNING("Remote and local public keys can't match");
diff --git a/Patches/LineageOS-14.1/android_system_bt/320420.patch b/Patches/LineageOS-14.1/android_system_bt/320420.patch
new file mode 100644
index 00000000..fdb135a9
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/320420.patch
@@ -0,0 +1,38 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Chris Manton <cmanton@google.com>
+Date: Wed, 29 Sep 2021 17:49:25 -0700
+Subject: [PATCH] osi: Prevent memory allocations with MSB set
+
+Limit allocations on 32bit to 2 GB
+Limit allocations on 64bit to 8 Exabyte
+
+Bug: 197868577
+Tag: #refactor
+Test: gd/cert/run
+Ignore-AOSP-First: Security
+Change-Id: I1c347084d7617b1e364a3241f1b37b398a2a6c6a
+(cherry picked from commit cee4d086c959e174328a0e173398d99f59ccbb1f)
+---
+ osi/src/allocator.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/osi/src/allocator.c b/osi/src/allocator.c
+index 3d821a826..a81a206a9 100644
+--- a/osi/src/allocator.c
++++ b/osi/src/allocator.c
+@@ -63,6 +63,7 @@ char *osi_strndup(const char *str, size_t len) {
+ }
+ 
+ void *osi_malloc(size_t size) {
++  assert((ssize_t)size >= 0);
+   size_t real_size = allocation_tracker_resize_for_canary(size);
+   void *ptr = malloc(real_size);
+   assert(ptr);
+@@ -70,6 +71,7 @@ void *osi_malloc(size_t size) {
+ }
+ 
+ void *osi_calloc(size_t size) {
++  assert((ssize_t)size >= 0);
+   size_t real_size = allocation_tracker_resize_for_canary(size);
+   void *ptr = calloc(1, real_size);
+   assert(ptr);
diff --git a/Patches/LineageOS-14.1/android_system_bt/323456.patch b/Patches/LineageOS-14.1/android_system_bt/323456.patch
new file mode 100644
index 00000000..26f98f6a
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/323456.patch
@@ -0,0 +1,53 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Chris Manton <cmanton@google.com>
+Date: Mon, 8 Nov 2021 16:45:42 -0800
+Subject: [PATCH] security: Use-After-Free in btm_sec_[dis]connected
+
+Bug: 201083442
+Tag: #security
+Test: gd/cert/run
+Ignore-AOSP-First: Security
+
+Change-Id: I69c362d1eb644a3b7fd967cd526a8a58c3b4d975
+(cherry picked from commit 4f3fdf141b248cacd7c7dd09c06d058931726c98)
+Merged-In:I69c362d1eb644a3b7fd967cd526a8a58c3b4d975
+---
+ stack/btm/btm_sec.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/stack/btm/btm_sec.c b/stack/btm/btm_sec.c
+index b27b7e071..175fefeae 100644
+--- a/stack/btm/btm_sec.c
++++ b/stack/btm/btm_sec.c
+@@ -4472,7 +4472,6 @@ static void btm_sec_connect_after_cc_page_tout (UNUSED_ATTR void *data)
+ *******************************************************************************/
+ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
+ {
+-    tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bda);
+     UINT8            res;
+     BOOLEAN          is_pairing_device = FALSE;
+     tACL_CONN        *p_acl_cb;
+@@ -4480,6 +4479,7 @@ void btm_sec_connected (UINT8 *bda, UINT16 handle, UINT8 status, UINT8 enc_mode)
+ 
+     btm_acl_resubmit_page();
+ 
++    tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bda);
+     /* Commenting out trace due to obf/compilation problems.
+     */
+ #if (BT_USE_TRACES == TRUE)
+@@ -4836,7 +4836,6 @@ tBTM_STATUS btm_sec_disconnect (UINT16 handle, UINT8 reason)
+ *******************************************************************************/
+ void btm_sec_disconnected (UINT16 handle, UINT8 reason)
+ {
+-    tBTM_SEC_DEV_REC  *p_dev_rec = btm_find_dev_by_handle (handle);
+     UINT8             old_pairing_flags = btm_cb.pairing_flags;
+     int               result = HCI_ERR_AUTH_FAILURE;
+     tBTM_SEC_CALLBACK   *p_callback = NULL;
+@@ -4847,6 +4846,7 @@ void btm_sec_disconnected (UINT16 handle, UINT8 reason)
+ 
+     btm_acl_resubmit_page();
+ 
++    tBTM_SEC_DEV_REC  *p_dev_rec = btm_find_dev_by_handle (handle);
+     if (!p_dev_rec)
+         return;
+ 
diff --git a/Patches/LineageOS-14.1/android_system_bt/323457.patch b/Patches/LineageOS-14.1/android_system_bt/323457.patch
new file mode 100644
index 00000000..b8bfa81c
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/323457.patch
@@ -0,0 +1,50 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Martin Brabham <optedoblivion@google.com>
+Date: Fri, 29 Oct 2021 21:27:27 +0000
+Subject: [PATCH] Reset the IRK after all devices are unpaired
+
+Bug: 204355134
+Bug: 195410559
+Test: Check IRK, pair devices, unpair all devices, Check IRK
+Tag: #security
+Change-Id: I8e44f010a72dcdec595d81293a05f49ccc054065
+Merged-In: I8e44f010a72dcdec595d81293a05f49ccc054065
+(cherry picked from commit 6b3c0f6a368dbf6fe9d0d3ca625d47a69fe15d2f)
+Merged-In:I8e44f010a72dcdec595d81293a05f49ccc054065
+---
+ bta/dm/bta_dm_act.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/bta/dm/bta_dm_act.c b/bta/dm/bta_dm_act.c
+index ff25cef00..74dc74704 100644
+--- a/bta/dm/bta_dm_act.c
++++ b/bta/dm/bta_dm_act.c
+@@ -35,6 +35,7 @@
+ #include "bta_dm_co.h"
+ #include "bta_dm_int.h"
+ #include "bta_sys.h"
++#include "btif/include/btif_storage.h"
+ #include "btm_api.h"
+ #include "btm_int.h"
+ #include "btu.h"
+@@ -44,6 +45,7 @@
+ #include "osi/include/log.h"
+ #include "osi/include/osi.h"
+ #include "sdp_api.h"
++#include "stack/btm/btm_ble_int.h"
+ #include "utl.h"
+ 
+ #if (GAP_INCLUDED == TRUE)
+@@ -865,6 +867,12 @@ void bta_dm_remove_device(tBTA_DM_MSG *p_data)
+     BD_ADDR dummy_bda = {0};
+     if (continue_delete_other_dev && (bdcmp(other_address, dummy_bda) != 0))
+         bta_dm_process_remove_device(other_address);
++
++    /* Check the length of the paired devices, and if 0 then reset IRK */
++    if (btif_storage_get_num_bonded_devices() < 1) {
++        LOG_INFO(LOG_TAG, "Last paired device removed, resetting IRK");
++        btm_ble_reset_id();
++    }
+ }
+ 
+ /*******************************************************************************
diff --git a/Patches/LineageOS-14.1/android_system_bt/328306.patch b/Patches/LineageOS-14.1/android_system_bt/328306.patch
new file mode 100644
index 00000000..2f45de7c
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/328306.patch
@@ -0,0 +1,46 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Ted Wang <tedwang@google.com>
+Date: Thu, 13 Jan 2022 15:00:32 +0800
+Subject: [PATCH] Security fix OOB read due to invalid count in
+ stack/avrc/avrc_pars_ct
+
+Bug: 205837191
+Tag: #security
+Test: PoC test program
+Ignore-AOSP-First: Security
+Change-Id: I7b5bcb6551a8c0c015566327e13ba719271ce374
+Merged-In: I7b5bcb6551a8c0c015566327e13ba719271ce374
+(cherry picked from commit 60a5d2f63bf95ed386a2ca6c43f1d88bb1d07003)
+Merged-In:I7b5bcb6551a8c0c015566327e13ba719271ce374
+---
+ stack/avrc/avrc_pars_ct.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/stack/avrc/avrc_pars_ct.c b/stack/avrc/avrc_pars_ct.c
+index cff7bffbe..077ef1210 100644
+--- a/stack/avrc/avrc_pars_ct.c
++++ b/stack/avrc/avrc_pars_ct.c
+@@ -285,6 +285,11 @@ static tAVRC_STS avrc_ctrl_pars_vendor_rsp(
+                          __func__, p_result->get_caps.capability_id, p_result->get_caps.count);
+         if (p_result->get_caps.capability_id == AVRC_CAP_COMPANY_ID)
+         {
++            if (p_result->get_caps.count > AVRC_CAP_MAX_NUM_COMP_ID)
++            {
++                android_errorWriteLog(0x534e4554, "205837191");
++                return AVRC_STS_INTERNAL_ERR;
++            }
+             min_len += MIN(p_result->get_caps.count, AVRC_CAP_MAX_NUM_COMP_ID) * 3;
+             if (len < min_len) goto length_error;
+             for(int xx = 0; ((xx < p_result->get_caps.count) && (xx < AVRC_CAP_MAX_NUM_COMP_ID));
+@@ -295,6 +300,11 @@ static tAVRC_STS avrc_ctrl_pars_vendor_rsp(
+         }
+         else if (p_result->get_caps.capability_id == AVRC_CAP_EVENTS_SUPPORTED)
+         {
++            if (p_result->get_caps.count > AVRC_CAP_MAX_NUM_EVT_ID)
++            {
++                android_errorWriteLog(0x534e4554, "205837191");
++                return AVRC_STS_INTERNAL_ERR;
++            }
+             min_len += MIN(p_result->get_caps.count, AVRC_CAP_MAX_NUM_EVT_ID);
+             if (len < min_len) goto length_error;
+             for(int xx = 0; ((xx < p_result->get_caps.count) && (xx < AVRC_CAP_MAX_NUM_EVT_ID));
diff --git a/Patches/LineageOS-14.1/android_system_bt/334032.patch b/Patches/LineageOS-14.1/android_system_bt/334032.patch
new file mode 100644
index 00000000..ed9c45f0
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/334032.patch
@@ -0,0 +1,31 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Chen Chen <cncn@google.com>
+Date: Fri, 15 Apr 2022 14:24:48 -0700
+Subject: [PATCH] Security: Fix out of bound write in HFP client
+
+Bug: 224536184
+Test: build
+Tag: #security
+Ignore-AOSP-First: Security bug
+Change-Id: I9f0be0de6c4e1569095a43e92e9d8f9d73ca5fda
+(cherry picked from commit 01136338f6d739226e027716b6e5304df379fa4c)
+Merged-In: I9f0be0de6c4e1569095a43e92e9d8f9d73ca5fda
+---
+ bta/hf_client/bta_hf_client_at.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/bta/hf_client/bta_hf_client_at.c b/bta/hf_client/bta_hf_client_at.c
+index 76575f730..f790dd432 100644
+--- a/bta/hf_client/bta_hf_client_at.c
++++ b/bta/hf_client/bta_hf_client_at.c
+@@ -355,6 +355,10 @@ static void bta_hf_client_handle_cind_list_item(char *name, UINT32 min, UINT32 m
+ 
+     APPL_TRACE_DEBUG("%s %lu.%s <%lu:%lu>", __FUNCTION__, index, name, min, max);
+ 
++    if (index >= BTA_HF_CLIENT_AT_INDICATOR_COUNT) {
++      return;
++    }
++
+     /* look for a matching indicator on list of supported ones */
+     for(i = 0; i < BTA_HF_CLIENT_AT_SUPPORTED_INDICATOR_COUNT; i++)
+     {
diff --git a/Patches/LineageOS-14.1/android_system_bt/334033.patch b/Patches/LineageOS-14.1/android_system_bt/334033.patch
new file mode 100644
index 00000000..56aeae42
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/334033.patch
@@ -0,0 +1,33 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: William Escande <wescande@google.com>
+Date: Mon, 2 May 2022 09:48:59 -0700
+Subject: [PATCH] Check Avrcp packet vendor length before extracting length
+
+Bug: 205571133
+Test: build + ag/18105403 for sts test
+Ignore-AOSP-First: Security vulnerability
+Change-Id: Ic9fa9400ab15785cfdb251af66b1867daf09570e
+(cherry picked from commit 003e42896493afb7a0cd7406720987725d4e9da3)
+Merged-In: Ic9fa9400ab15785cfdb251af66b1867daf09570e
+---
+ stack/avrc/avrc_pars_tg.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/stack/avrc/avrc_pars_tg.c b/stack/avrc/avrc_pars_tg.c
+index 78bd18a43..d976a0d14 100644
+--- a/stack/avrc/avrc_pars_tg.c
++++ b/stack/avrc/avrc_pars_tg.c
+@@ -44,6 +44,13 @@ static tAVRC_STS avrc_ctrl_pars_vendor_cmd(tAVRC_MSG_VENDOR *p_msg, tAVRC_COMMAN
+ {
+     tAVRC_STS  status = AVRC_STS_NO_ERROR;
+ 
++    if (p_msg->vendor_len < 4)
++    {  /* 4 == pdu + reserved byte + len as uint16 */
++      AVRC_TRACE_WARNING("%s: message length %d too short: must be at least 4",
++                         __func__, p_msg->vendor_len);
++      android_errorWriteLog(0x534e4554, "205571133");
++      return AVRC_STS_INTERNAL_ERR;
++    }
+     UINT8   *p = p_msg->p_vendor_data;
+     p_result->pdu = *p++;
+     AVRC_TRACE_DEBUG("%s pdu:0x%x", __func__, p_result->pdu);
diff --git a/Patches/LineageOS-14.1/android_system_bt/334034.patch b/Patches/LineageOS-14.1/android_system_bt/334034.patch
new file mode 100644
index 00000000..f4fb794a
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/334034.patch
@@ -0,0 +1,29 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Josh Wu <joshwu@google.com>
+Date: Fri, 29 Apr 2022 00:02:23 -0700
+Subject: [PATCH] Security: Fix out of bound read in AT_SKIP_REST
+
+Bug: 220732646
+Test: build
+Tag: #security
+Ignore-AOSP-First: Security bug
+Change-Id: Ia49f26e4979f9e57c448190a52d0d01b70e342c4
+(cherry picked from commit 4ce5a3c374fb5d24f367a202a6a3dcab4ba4dffd)
+Merged-In: Ia49f26e4979f9e57c448190a52d0d01b70e342c4
+---
+ bta/hf_client/bta_hf_client_at.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bta/hf_client/bta_hf_client_at.c b/bta/hf_client/bta_hf_client_at.c
+index f790dd432..695c4fb32 100644
+--- a/bta/hf_client/bta_hf_client_at.c
++++ b/bta/hf_client/bta_hf_client_at.c
+@@ -622,7 +622,7 @@ static void bta_hf_client_handle_cgmm(char *manf_model)
+     buf += sizeof("\r\n") - 1;
+ 
+ /* skip rest of AT string up to <cr> */
+-#define AT_SKIP_REST(buf) while(*buf != '\r') buf++;
++#define AT_SKIP_REST(buf) while(*buf != '\r' && *buf != '\0') buf++;
+ 
+ static char *bta_hf_client_parse_ok(char *buffer)
+ {
diff --git a/Patches/LineageOS-14.1/android_system_bt/334877.patch b/Patches/LineageOS-14.1/android_system_bt/334877.patch
new file mode 100644
index 00000000..a8a6694e
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/334877.patch
@@ -0,0 +1,43 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Roopa Sattiraju <sattiraju@google.com>
+Date: Wed, 25 May 2022 21:00:01 +0000
+Subject: [PATCH] Removing bonded device when auth fails due to missing keys
+
+Bug: 231161832
+Test: Test against trying to connect using the same address
+Change-Id: I2a23440303758faf281989abdb2a614708f05d36
+Merged-In: I2a23440303758faf281989abdb2a614708f05d36
+(cherry picked from commit 21df1076a4b9c1d1bbe3f5ecb475fe0b7c1b8c2a)
+Merged-In: I2a23440303758faf281989abdb2a614708f05d36
+---
+ btif/src/btif_dm.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/btif/src/btif_dm.c b/btif/src/btif_dm.c
+index 3b6f2a744..8dfbae924 100644
+--- a/btif/src/btif_dm.c
++++ b/btif/src/btif_dm.c
+@@ -1387,7 +1387,6 @@ static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
+                 break;
+ 
+             case HCI_ERR_PAIRING_NOT_ALLOWED:
+-                btif_storage_remove_bonded_device(&bd_addr);
+                 status = BT_STATUS_AUTH_REJECTED;
+                 break;
+ 
+@@ -1398,7 +1397,6 @@ static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
+             /* map the auth failure codes, so we can retry pairing if necessary */
+             case HCI_ERR_AUTH_FAILURE:
+             case HCI_ERR_KEY_MISSING:
+-                btif_storage_remove_bonded_device(&bd_addr);
+             case HCI_ERR_HOST_REJECT_SECURITY:
+             case HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE:
+             case HCI_ERR_UNIT_KEY_USED:
+@@ -1429,7 +1427,6 @@ static void btif_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
+         if (check_cod(&bd_addr, COD_HID_POINTING)) {
+             /* Remove Device as bonded in nvram as authentication failed */
+             BTIF_TRACE_DEBUG("%s(): removing hid pointing device from nvram", __FUNCTION__);
+-            btif_storage_remove_bonded_device(&bd_addr);
+         }
+         bond_state_changed(status, &bd_addr, state);
+     }
diff --git a/Patches/LineageOS-14.1/android_system_bt/337998.patch b/Patches/LineageOS-14.1/android_system_bt/337998.patch
new file mode 100644
index 00000000..8ddbde63
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/337998.patch
@@ -0,0 +1,52 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Chienyuan <chienyuanhuang@google.com>
+Date: Wed, 30 Jan 2019 19:17:03 +0800
+Subject: [PATCH] Fix OOB in BNEP_Write
+
+Bug: 112050583
+Test: PoC
+Change-Id: I2ad3aceea38950b83f98819ede47538afb053ac0
+(cherry picked from commit b31554e2a31534888c0eb593d915f735ce4670c7)
+CRs-Fixed: 3155069
+---
+ stack/bnep/bnep_api.c | 15 +++++++++++++--
+ 1 file changed, 13 insertions(+), 2 deletions(-)
+
+diff --git a/stack/bnep/bnep_api.c b/stack/bnep/bnep_api.c
+index 3e866d100..dc349299a 100644
+--- a/stack/bnep/bnep_api.c
++++ b/stack/bnep/bnep_api.c
+@@ -374,10 +374,16 @@ tBNEP_RESULT BNEP_WriteBuf (UINT16 handle,
+     /* Check MTU size */
+     if (p_buf->len > BNEP_MTU_SIZE)
+     {
+-        BNEP_TRACE_ERROR ("BNEP_Write() length %d exceeded MTU %d", p_buf->len, BNEP_MTU_SIZE);
++        BNEP_TRACE_ERROR ("%s length %d exceeded MTU %d", __func__, p_buf->len, BNEP_MTU_SIZE);
+         osi_free(p_buf);
+         return (BNEP_MTU_EXCEDED);
+     }
++    else if (p_buf->len < 2)
++    {
++        BNEP_TRACE_ERROR ("%s length %d too short, must be at least 2", __func__, p_buf->len);
++        osi_free(p_buf);
++        return BNEP_IGNORE_CMD;
++    }
+ 
+     /* Check if the packet should be filtered out */
+     p_data = (UINT8 *)(p_buf + 1) + p_buf->offset;
+@@ -484,9 +490,14 @@ tBNEP_RESULT  BNEP_Write (UINT16 handle,
+     /* Check MTU size. Consider the possibility of having extension headers */
+     if (len > BNEP_MTU_SIZE)
+     {
+-        BNEP_TRACE_ERROR ("BNEP_Write() length %d exceeded MTU %d", len, BNEP_MTU_SIZE);
++        BNEP_TRACE_ERROR ("%s length %d exceeded MTU %d", __func__, len, BNEP_MTU_SIZE);
+         return (BNEP_MTU_EXCEDED);
+     }
++    else if (len < 2)
++    {
++        BNEP_TRACE_ERROR ("%s length %d too short, must be at least 2", __func__, len);
++        return BNEP_IGNORE_CMD;
++    }
+ 
+     if ((!handle) || (handle > BNEP_MAX_CONNECTIONS))
+         return (BNEP_WRONG_HANDLE);
diff --git a/Patches/LineageOS-14.1/android_system_bt/337999.patch b/Patches/LineageOS-14.1/android_system_bt/337999.patch
new file mode 100644
index 00000000..4b3f9f13
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/337999.patch
@@ -0,0 +1,119 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Chienyuan <chienyuanhuang@google.com>
+Date: Tue, 12 Feb 2019 16:01:00 +0800
+Subject: [PATCH] Fix OOB in bnep_is_packet_allowed
+
+Bug: 112050983
+Test: PoC
+Change-Id: I5d331f46cdba86c8e61de206a2ede1d2b348d7e4
+(cherry picked from commit 230f252b8a1a1073ec1a4081545b2ff62393d16d)
+CRs-Fixed: 3155069
+---
+ stack/bnep/bnep_api.c   | 15 +++++++++++++--
+ stack/bnep/bnep_int.h   |  2 +-
+ stack/bnep/bnep_utils.c | 13 ++++++++++++-
+ 3 files changed, 26 insertions(+), 4 deletions(-)
+
+diff --git a/stack/bnep/bnep_api.c b/stack/bnep/bnep_api.c
+index dc349299a..e1c9f2e3d 100644
+--- a/stack/bnep/bnep_api.c
++++ b/stack/bnep/bnep_api.c
+@@ -387,7 +387,8 @@ tBNEP_RESULT BNEP_WriteBuf (UINT16 handle,
+ 
+     /* Check if the packet should be filtered out */
+     p_data = (UINT8 *)(p_buf + 1) + p_buf->offset;
+-    if (bnep_is_packet_allowed (p_bcb, p_dest_addr, protocol, fw_ext_present, p_data) != BNEP_SUCCESS)
++    if (bnep_is_packet_allowed (p_bcb, p_dest_addr, protocol, fw_ext_present,
++                                p_data, p_buf->len) != BNEP_SUCCESS)
+     {
+         /*
+         ** If packet is filtered and ext headers are present
+@@ -401,6 +402,11 @@ tBNEP_RESULT BNEP_WriteBuf (UINT16 handle,
+             org_len = p_buf->len;
+             new_len = 0;
+             do {
++                if ((new_len + 2) > org_len)
++                {
++                  osi_free(p_buf);
++                  return BNEP_IGNORE_CMD;
++                }
+ 
+                 ext     = *p_data++;
+                 length  = *p_data++;
+@@ -505,7 +511,8 @@ tBNEP_RESULT  BNEP_Write (UINT16 handle,
+     p_bcb = &(bnep_cb.bcb[handle - 1]);
+ 
+     /* Check if the packet should be filtered out */
+-    if (bnep_is_packet_allowed (p_bcb, p_dest_addr, protocol, fw_ext_present, p_data) != BNEP_SUCCESS)
++    if (bnep_is_packet_allowed (p_bcb, p_dest_addr, protocol, fw_ext_present,
++                                p_data, len) != BNEP_SUCCESS)
+     {
+         /*
+         ** If packet is filtered and ext headers are present
+@@ -520,6 +527,10 @@ tBNEP_RESULT  BNEP_Write (UINT16 handle,
+             new_len = 0;
+             p       = p_data;
+             do {
++                if ((new_len + 2) > org_len)
++                {
++                  return BNEP_IGNORE_CMD;
++                }
+ 
+                 ext     = *p_data++;
+                 length  = *p_data++;
+diff --git a/stack/bnep/bnep_int.h b/stack/bnep/bnep_int.h
+index 126be04fe..b10098122 100644
+--- a/stack/bnep/bnep_int.h
++++ b/stack/bnep/bnep_int.h
+@@ -236,7 +236,7 @@ extern UINT8       *bnep_process_control_packet (tBNEP_CONN *p_bcb, UINT8 *p, UI
+ extern void        bnep_sec_check_complete (BD_ADDR bd_addr, tBT_TRANSPORT trasnport,
+                                                     void *p_ref_data, UINT8 result);
+ extern tBNEP_RESULT bnep_is_packet_allowed (tBNEP_CONN *p_bcb, BD_ADDR p_dest_addr, UINT16 protocol,
+-                                                    BOOLEAN fw_ext_present, UINT8 *p_data);
++                                            BOOLEAN fw_ext_present, UINT8 *p_data, UINT16 org_len);
+ extern UINT32      bnep_get_uuid32 (tBT_UUID *src_uuid);
+ 
+ 
+diff --git a/stack/bnep/bnep_utils.c b/stack/bnep/bnep_utils.c
+index 65acd33f6..09f2d13c2 100644
+--- a/stack/bnep/bnep_utils.c
++++ b/stack/bnep/bnep_utils.c
+@@ -1336,7 +1336,7 @@ tBNEP_RESULT bnep_is_packet_allowed (tBNEP_CONN *p_bcb,
+                                      BD_ADDR p_dest_addr,
+                                      UINT16 protocol,
+                                      BOOLEAN fw_ext_present,
+-                                     UINT8 *p_data)
++                                     UINT8 *p_data, UINT16 org_len)
+ {
+     if (p_bcb->rcvd_num_filters)
+     {
+@@ -1346,18 +1346,29 @@ tBNEP_RESULT bnep_is_packet_allowed (tBNEP_CONN *p_bcb,
+         proto = protocol;
+         if (proto == BNEP_802_1_P_PROTOCOL)
+         {
++            UINT16 new_len = 0;
+             if (fw_ext_present)
+             {
+                 UINT8       len, ext;
+                 /* parse the extension headers and findout actual protocol */
+                 do {
++                    if ((new_len + 2) > org_len)
++                    {
++                      return BNEP_IGNORE_CMD;
++                    }
+ 
+                     ext     = *p_data++;
+                     len     = *p_data++;
+                     p_data += len;
+ 
++                    new_len += (len + 2);
++
+                 } while (ext & 0x80);
+             }
++            if ((new_len + 4) > org_len)
++            {
++              return BNEP_IGNORE_CMD;
++            }
+             p_data += 2;
+             BE_STREAM_TO_UINT16 (proto, p_data);
+         }
diff --git a/Patches/LineageOS-14.1/android_system_bt/338000.patch b/Patches/LineageOS-14.1/android_system_bt/338000.patch
new file mode 100644
index 00000000..1835bf0e
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_bt/338000.patch
@@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Venkata Jagadeesh Garaga <quic_vgaraga@quicinc.com>
+Date: Tue, 22 Mar 2022 13:35:43 +0530
+Subject: [PATCH] Fix OOB in reassemble_and_dispatch
+
+Fix OOB while reading L2cap length in HCI pkt
+
+Change-Id: I7f32b171e8c68b9724f95fcf2327959539e2d0d5
+CRs-Fixed: 3155132
+---
+ hci/src/packet_fragmenter.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/hci/src/packet_fragmenter.c b/hci/src/packet_fragmenter.c
+index f1d302238..b2ebefe0e 100644
+--- a/hci/src/packet_fragmenter.c
++++ b/hci/src/packet_fragmenter.c
+@@ -130,12 +130,10 @@ static void reassemble_and_dispatch(UNUSED_ATTR BT_HDR *packet) {
+   if ((packet->event & MSG_EVT_MASK) == MSG_HC_TO_STACK_HCI_ACL) {
+     uint8_t *stream = packet->data;
+     uint16_t handle;
+-    uint16_t l2cap_length;
+     uint16_t acl_length;
+ 
+     STREAM_TO_UINT16(handle, stream);
+     STREAM_TO_UINT16(acl_length, stream);
+-    STREAM_TO_UINT16(l2cap_length, stream);
+ 
+     assert(acl_length == packet->len - HCI_ACL_PREAMBLE_SIZE);
+ 
+@@ -166,6 +164,9 @@ static void reassemble_and_dispatch(UNUSED_ATTR BT_HDR *packet) {
+         return;
+       }
+ 
++      uint16_t l2cap_length;
++      STREAM_TO_UINT16(l2cap_length, stream);
++
+       uint16_t full_length = l2cap_length + L2CAP_HEADER_SIZE + HCI_ACL_PREAMBLE_SIZE;
+ 
+       // Check for buffer overflow and that the full packet size + BT_HDR size is less than
diff --git a/Patches/LineageOS-14.1/android_system_core/332457.patch b/Patches/LineageOS-14.1/android_system_core/332457.patch
new file mode 100644
index 00000000..78f6f22c
--- /dev/null
+++ b/Patches/LineageOS-14.1/android_system_core/332457.patch
@@ -0,0 +1,47 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Shaju Mathew <shaju@google.com>
+Date: Tue, 5 Apr 2022 04:01:04 -0700
+Subject: [PATCH] Backport of Win-specific suppression of potentially rogue
+ construct that can engage
+
+in directory traversal on the host.
+
+Bug:209438553
+
+Ignore-AOSP-First: Resolution for potential security exploit.
+
+Test: Synced just system/core, therefore relying on presubmits for now.
+Will followup with a full-fledged sync and manual cursory test.
+
+Signed-off-by: Shaju Mathew <shaju@google.com>
+Change-Id: I993a00ce6130478b7becfdbea816c348824f319f
+Merged-In: Ie1f82db2fb14e1bdd183bf8d3d93d5e9f974be5d
+(cherry picked from commit a36a342ec9721240e5a48ca50e833b9a35bef256)
+Merged-In: I993a00ce6130478b7becfdbea816c348824f319f
+---
+ adb/file_sync_client.cpp | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/adb/file_sync_client.cpp b/adb/file_sync_client.cpp
+index 56ff68c58..9920c0b2f 100644
+--- a/adb/file_sync_client.cpp
++++ b/adb/file_sync_client.cpp
+@@ -554,6 +554,18 @@ static bool sync_ls(SyncConnection& sc, const char* path,
+         if (!ReadFdExactly(sc.fd, buf, len)) return false;
+         buf[len] = 0;
+ 
++        // Address the unlikely scenario wherein a
++        // compromised device/service might be able to
++        // traverse across directories on the host. Let's
++        // shut that door!
++        if (strchr(buf, '/')
++#if defined(_WIN32)
++            || strchr(buf, '\\')
++#endif
++           ) {
++          return false;
++        }
++
+         func(msg.dent.mode, msg.dent.size, msg.dent.time, buf);
+     }
+ }
diff --git a/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch b/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch
new file mode 100644
index 00000000..aebadec3
--- /dev/null
+++ b/Patches/LineageOS-15.1/android_external_expat/337988-backport.patch
@@ -0,0 +1,54 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sadaf Ebrahimi <sadafebrahimi@google.com>
+Date: Fri, 3 Jun 2022 03:40:21 +0000
+Subject: [PATCH 1/2] Prevent integer overflow in function doProlog
+
+Bug: http://b/221256678
+Change-Id: I6fe381103f4eb287726d1ccb5bfec99db160ffe4
+(cherry picked from commit 257f1d3777240016d3ccd74a61cd7d0e0efcaae3)
+Merged-In: I6fe381103f4eb287726d1ccb5bfec99db160ffe4
+---
+ lib/xmlparse.c | 20 +++++++++++++-------
+ 1 file changed, 13 insertions(+), 7 deletions(-)
+
+diff --git a/lib/xmlparse.c b/lib/xmlparse.c
+index 91f50034..0e57538a 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -4671,23 +4671,29 @@ doProlog(XML_Parser parser,
+       if (dtd->in_eldecl) {
+         ELEMENT_TYPE *el;
+         const XML_Char *name;
+-        int nameLen;
+-        const char *nxt = (quant == XML_CQUANT_NONE
+-                           ? next
+-                           : next - enc->minBytesPerChar);
++        size_t nameLen;
++        const char *nxt
++            = (quant == XML_CQUANT_NONE ? next : next - enc->minBytesPerChar);
+         int myindex = nextScaffoldPart(parser);
+         if (myindex < 0)
+           return XML_ERROR_NO_MEMORY;
+         dtd->scaffold[myindex].type = XML_CTYPE_NAME;
+         dtd->scaffold[myindex].quant = quant;
+         el = getElementType(parser, enc, s, nxt);
+-        if (!el)
++        if (! el)
+           return XML_ERROR_NO_MEMORY;
+         name = el->name;
+         dtd->scaffold[myindex].name = name;
+         nameLen = 0;
+-        for (; name[nameLen++]; );
+-        dtd->contentStringLen +=  nameLen;
++        for (; name[nameLen++];)
++          ;
++
++        /* Detect and prevent integer overflow */
++        if (nameLen > UINT_MAX - dtd->contentStringLen) {
++          return XML_ERROR_NO_MEMORY;
++        }
++
++        dtd->contentStringLen += (unsigned)nameLen;
+         if (elementDeclHandler)
+           handleDefault = XML_FALSE;
+       }
diff --git a/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch b/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch
new file mode 100644
index 00000000..5c7e30d9
--- /dev/null
+++ b/Patches/LineageOS-15.1/android_external_expat/337989-backport.patch
@@ -0,0 +1,244 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Sadaf Ebrahimi <sadafebrahimi@google.com>
+Date: Wed, 15 Jun 2022 04:14:33 +0000
+Subject: [PATCH 2/2] Prevent more integer overflows
+
+Bug: http://b/219942275
+Change-Id: I7489f59564e0053a4a46bb8c362f7c36ab0b3c9d
+Merged-In: Ic5c8087ee64e6faafcf013cef9536c042eb8a09d
+(cherry picked from commit 15a1f35dddde9c1a0a626972349a59642abd345a)
+Merged-In: I7489f59564e0053a4a46bb8c362f7c36ab0b3c9d
+---
+ lib/xmlparse.c | 152 ++++++++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 150 insertions(+), 2 deletions(-)
+
+diff --git a/lib/xmlparse.c b/lib/xmlparse.c
+index 0e57538a..7b25a0b8 100644
+--- a/lib/xmlparse.c
++++ b/lib/xmlparse.c
+@@ -2784,18 +2784,54 @@ storeAtts(XML_Parser parser, const ENCODING *enc,
+ 
+   /* get the attributes from the tokenizer */
+   n = XmlGetAttributes(enc, attStr, attsSize, atts);
++
++  /* Detect and prevent integer overflow */
++  if (n > INT_MAX - nDefaultAtts) {
++    return XML_ERROR_NO_MEMORY;
++  }
++
+   if (n + nDefaultAtts > attsSize) {
+     int oldAttsSize = attsSize;
+     ATTRIBUTE *temp;
+ #ifdef XML_ATTR_INFO
+     XML_AttrInfo *temp2;
+ #endif
++
++    /* Detect and prevent integer overflow */
++    if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE)
++        || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) {
++      return XML_ERROR_NO_MEMORY;
++    }
++
+     attsSize = n + nDefaultAtts + INIT_ATTS_SIZE;
++
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) {
++      attsSize = oldAttsSize;
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     temp = (ATTRIBUTE *)REALLOC((void *)atts, attsSize * sizeof(ATTRIBUTE));
+     if (temp == NULL)
+       return XML_ERROR_NO_MEMORY;
+     atts = temp;
+ #ifdef XML_ATTR_INFO
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) {
++      attsSize = oldAttsSize;
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     temp2 = (XML_AttrInfo *)REALLOC((void *)attInfo, attsSize * sizeof(XML_AttrInfo));
+     if (temp2 == NULL)
+       return XML_ERROR_NO_MEMORY;
+@@ -3073,9 +3109,31 @@ storeAtts(XML_Parser parser, const ENCODING *enc,
+   tagNamePtr->prefixLen = prefixLen;
+   for (i = 0; localPart[i++];)
+     ;  /* i includes null terminator */
++
++  /* Detect and prevent integer overflow */
++  if (binding->uriLen > INT_MAX - prefixLen
++      || i > INT_MAX - (binding->uriLen + prefixLen)) {
++    return XML_ERROR_NO_MEMORY;
++  }
++
+   n = i + binding->uriLen + prefixLen;
+   if (n > binding->uriAlloc) {
+     TAG *p;
++
++    /* Detect and prevent integer overflow */
++    if (n > INT_MAX - EXPAND_SPARE) {
++      return XML_ERROR_NO_MEMORY;
++    }
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     uri = (XML_Char *)MALLOC((n + EXPAND_SPARE) * sizeof(XML_Char));
+     if (!uri)
+       return XML_ERROR_NO_MEMORY;
+@@ -3176,6 +3234,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+   if (freeBindingList) {
+     b = freeBindingList;
+     if (len > b->uriAlloc) {
++      /* Detect and prevent integer overflow */
++      if (len > INT_MAX - EXPAND_SPARE) {
++        return XML_ERROR_NO_MEMORY;
++      }
++
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++        return XML_ERROR_NO_MEMORY;
++      }
++#endif
++
+       XML_Char *temp = (XML_Char *)REALLOC(b->uri,
+                           sizeof(XML_Char) * (len + EXPAND_SPARE));
+       if (temp == NULL)
+@@ -3189,6 +3262,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId,
+     b = (BINDING *)MALLOC(sizeof(BINDING));
+     if (!b)
+       return XML_ERROR_NO_MEMORY;
++
++    /* Detect and prevent integer overflow */
++    if (len > INT_MAX - EXPAND_SPARE) {
++      return XML_ERROR_NO_MEMORY;
++    }
++    /* Detect and prevent integer overflow.
++     * The preprocessor guard addresses the "always false" warning
++     * from -Wtype-limits on platforms where
++     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++    if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) {
++      return XML_ERROR_NO_MEMORY;
++    }
++#endif
++
+     b->uri = (XML_Char *)MALLOC(sizeof(XML_Char) * (len + EXPAND_SPARE));
+     if (!b->uri) {
+       FREE(b);
+@@ -5441,7 +5529,24 @@ defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata,
+     }
+     else {
+       DEFAULT_ATTRIBUTE *temp;
++
++      /* Detect and prevent integer overflow */
++      if (type->allocDefaultAtts > INT_MAX / 2) {
++        return 0;
++      }
++
+       int count = type->allocDefaultAtts * 2;
++
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) {
++        return 0;
++      }
++#endif
++
+       temp = (DEFAULT_ATTRIBUTE *)
+         REALLOC(type->defaultAtts, (count * sizeof(DEFAULT_ATTRIBUTE)));
+       if (temp == NULL)
+@@ -6070,8 +6175,20 @@ lookup(XML_Parser parser, HASH_TABLE *table, KEY name, size_t createSize)
+     /* check for overflow (table is half full) */
+     if (table->used >> (table->power - 1)) {
+       unsigned char newPower = table->power + 1;
++
++      /* Detect and prevent invalid shift */
++      if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) {
++        return NULL;
++      }
++
+       size_t newSize = (size_t)1 << newPower;
+       unsigned long newMask = (unsigned long)newSize - 1;
++
++      /* Detect and prevent integer overflow */
++      if (newSize > (size_t)(-1) / sizeof(NAMED *)) {
++        return NULL;
++      }
++
+       size_t tsize = newSize * sizeof(NAMED *);
+       NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize);
+       if (!newV)
+@@ -6362,6 +6479,20 @@ nextScaffoldPart(XML_Parser parser)
+   if (dtd->scaffCount >= dtd->scaffSize) {
+     CONTENT_SCAFFOLD *temp;
+     if (dtd->scaffold) {
++      /* Detect and prevent integer overflow */
++      if (dtd->scaffSize > UINT_MAX / 2u) {
++        return -1;
++      }
++      /* Detect and prevent integer overflow.
++       * The preprocessor guard addresses the "always false" warning
++       * from -Wtype-limits on platforms where
++       * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++      if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) {
++        return -1;
++      }
++#endif
++
+       temp = (CONTENT_SCAFFOLD *)
+         REALLOC(dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD));
+       if (temp == NULL)
+@@ -6438,8 +6569,25 @@ build_model (XML_Parser parser)
+   XML_Content *ret;
+   XML_Content *cpos;
+   XML_Char * str;
+-  int allocsize = (dtd->scaffCount * sizeof(XML_Content)
+-                   + (dtd->contentStringLen * sizeof(XML_Char)));
++  /* Detect and prevent integer overflow.
++   * The preprocessor guard addresses the "always false" warning
++   * from -Wtype-limits on platforms where
++   * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
++#if UINT_MAX >= SIZE_MAX
++  if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) {
++    return NULL;
++  }
++  if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) {
++    return NULL;
++  }
++#endif
++  if (dtd->scaffCount * sizeof(XML_Content)
++      > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) {
++    return NULL;
++  }
++
++  const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content)
++                            + (dtd->contentStringLen * sizeof(XML_Char)));
+ 
+   ret = (XML_Content *)MALLOC(allocsize);
+   if (!ret)
diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh
index a2bef916..66bd30c8 100644
--- a/Scripts/LineageOS-14.1/Functions.sh
+++ b/Scripts/LineageOS-14.1/Functions.sh
@@ -105,22 +105,7 @@ patchWorkspace() {
 
 	source build/envsetup.sh;
 	#repopick -it bt-sbc-hd-dualchannel-nougat;
-	repopick -i 315718; #CVE-2021-1957
-	repopick -it n-asb-2021-09;
-	repopick -it n-asb-2021-10;
-	repopick -it n-asb-2021-11;
-	repopick -it n-asb-2021-12;
-	repopick -it n-asb-2022-01;
-	repopick -it n-asb-2022-02;
-	repopick -it n-asb-2022-03;
-	repopick -it n-asb-2022-04;
 	repopick -it tzdb_N;
-	repopick -it n-asb-2022-05;
-	repopick -it n-asb-2022-06;
-	repopick -it n-asb-2022-07;
-	repopick -i 334325; #Modify conditions for preventing updated system apps from being downgraded
-	repopick -it n-asb-2022-08;
-	repopick -it n-asb-2022-09;
 
 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";
diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh
index da0a0bf4..437c1995 100644
--- a/Scripts/LineageOS-14.1/Patch.sh
+++ b/Scripts/LineageOS-14.1/Patch.sh
@@ -86,15 +86,77 @@ if [ "$(type -t DOS_WEBVIEW_CHERRYPICK)" = "alias" ] ; then DOS_WEBVIEW_CHERRYPI
 if [ "$DOS_WEBVIEW_LFS" = true ]; then git lfs pull; fi; #Ensure the objects are available
 fi;
 
+if enterAndClear "external/expat"; then
+applyPatch "$DOS_PATCHES/android_external_expat/337987-backport.patch"; #n-asb-2022-09 Prevent XML_GetBuffer signed integer overflow
+applyPatch "$DOS_PATCHES/android_external_expat/337988-backport.patch"; #n-asb-2022-09 Prevent integer overflow in function doProlog
+applyPatch "$DOS_PATCHES/android_external_expat/337989-backport.patch"; #n-asb-2022-09 Prevent more integer overflows
+fi;
+
+if enterAndClear "external/libavc"; then
+applyPatch "$DOS_PATCHES/android_external_libavc/315711.patch"; #n-asb-2021-09 Decoder: Update check for increment u2_cur_slice_num
+applyPatch "$DOS_PATCHES/android_external_libavc/323462.patch"; #n-asb-2022-02 Move slice increments after completing header parsing
+fi;
+
+if enterAndClear "external/libexif"; then
+applyPatch "$DOS_PATCHES/android_external_libexif/323459.patch"; #n-asb-2022-02 Fix MakerNote tag size overflow issues at read time.
+applyPatch "$DOS_PATCHES/android_external_libexif/323460.patch"; #n-asb-2022-02 Ensure MakeNote data pointers are initialized with NULL.
+applyPatch "$DOS_PATCHES/android_external_libexif/323461.patch"; #n-asb-2022-02 Zero initialize ExifMnoteData<vendor> during construction with exif_mnote_data_<vendor>_new.
+fi;
+
+if enterAndClear "external/libnfc-nci"; then
+applyPatch "$DOS_PATCHES/android_external_libnfc-nci/317037.patch"; #n-asb-2021-10 Type confusion due to race condition on tag type change
+applyPatch "$DOS_PATCHES/android_external_libnfc-nci/318515.patch"; #n-asb-2021-11 OOBW in phNxpNciHal_process_ext_rsp
+applyPatch "$DOS_PATCHES/android_external_libnfc-nci/332458.patch"; #n-asb-2022-06 Out of Bounds Read in nfa_dm_check_set_config
+applyPatch "$DOS_PATCHES/android_external_libnfc-nci/332459.patch"; #n-asb-2022-06 OOBR in nfc_ncif_proc_ee_discover_req()
+applyPatch "$DOS_PATCHES/android_external_libnfc-nci/332460.patch"; #n-asb-2022-06 Double Free in ce_t4t_data_cback
+fi;
+
+if enterAndClear "external/sonivox"; then
+applyPatch "$DOS_PATCHES/android_external_sonivox/317038.patch"; #n-asb-2021-10 Fix global buffer overflow in WT_InterpolateNoLoop
+fi;
+
 if enterAndClear "external/sqlite"; then
 applyPatch "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (AndroidHardening-13.0)
 fi;
 
+if enterAndClear "external/tremolo"; then
+applyPatch "$DOS_PATCHES/android_external_tremolo/319986.patch"; #n-asb-2021-12 handle cases where order isn't a multiple of dimension
+fi;
+
 if enterAndClear "frameworks/av"; then
 applyPatch "$DOS_PATCHES/android_frameworks_av/212799.patch"; #FLAC extractor CVE-2017-0592. alt: 212827/174106 (AOSP)
+applyPatch "$DOS_PATCHES/android_frameworks_av/319987.patch"; #n-asb-2021-12 Fix heap-buffer-overflow in MPEG4Extractor
+applyPatch "$DOS_PATCHES/android_frameworks_av/321222.patch"; #n-asb-2022-01 SimpleDecodingSource:Prevent OOB write in heap mem
 fi;
 
 if enterAndClear "frameworks/base"; then
+applyPatch "$DOS_PATCHES/android_frameworks_base/315712.patch"; #n-asb-2021-09 Fix race condition between lockNow() and updateLockscreenTimeout
+applyPatch "$DOS_PATCHES/android_frameworks_base/315713.patch"; #n-asb-2021-09 Improve ellipsize performance
+applyPatch "$DOS_PATCHES/android_frameworks_base/315740.patch"; #n-asb-2021-09 Fix side effects of trace-ipc and dumpheap commands
+applyPatch "$DOS_PATCHES/android_frameworks_base/315741.patch"; #n-asb-2021-09 Don't attach private Notification to A11yEvent when user locked
+applyPatch "$DOS_PATCHES/android_frameworks_base/317035.patch"; #n-asb-2021-10 Fix a potential thread safety issue in VectorDrawable
+applyPatch "$DOS_PATCHES/android_frameworks_base/317036.patch"; #n-asb-2021-10 Apply a maximum char count to the load label api
+applyPatch "$DOS_PATCHES/android_frameworks_base/317049.patch"; #n-asb-2021-10 Change ownership of the account request notification.
+applyPatch "$DOS_PATCHES/android_frameworks_base/317050.patch"; #n-asb-2021-10 Send targeted broadcasts to prevent other apps from receiving them.
+applyPatch "$DOS_PATCHES/android_frameworks_base/318516.patch"; #n-asb-2021-11 camera2: Fix exception swallowing in params classes createFromParcel
+applyPatch "$DOS_PATCHES/android_frameworks_base/318517.patch"; #n-asb-2021-11 Bluetooth: Fix formatting in getAlias()
+applyPatch "$DOS_PATCHES/android_frameworks_base/319988.patch"; #n-asb-2021-12 Fix serialization bug in GpsNavigationMessage
+applyPatch "$DOS_PATCHES/android_frameworks_base/322452.patch"; #n-asb-2022-01 Fix another AddAccountSettings memory leak
+applyPatch "$DOS_PATCHES/android_frameworks_base/322453.patch"; #n-asb-2022-01 Force-set a ClipData to prevent later migration.
+applyPatch "$DOS_PATCHES/android_frameworks_base/322454.patch"; #n-asb-2022-01 Prevent apps from spamming addAccountExplicitly.
+applyPatch "$DOS_PATCHES/android_frameworks_base/331108.patch"; #n-asb-2022-05 Always restart apps if base.apk gets updated.
+applyPatch "$DOS_PATCHES/android_frameworks_base/332444.patch"; #n-asb-2022-06 Fixed a concurrent modification crash
+applyPatch "$DOS_PATCHES/android_frameworks_base/332445.patch"; #n-asb-2022-06 Fix security hole in GateKeeperResponse
+applyPatch "$DOS_PATCHES/android_frameworks_base/332446.patch"; #n-asb-2022-06 Update GeofenceHardwareRequestParcelable to match parcel/unparcel format.
+applyPatch "$DOS_PATCHES/android_frameworks_base/332447.patch"; #n-asb-2022-06 Prevent non-admin users from deleting system apps.
+applyPatch "$DOS_PATCHES/android_frameworks_base/334325.patch"; #n-asb-2022-06-FIXUP Modify conditions for preventing updated system apps from being downgraded
+applyPatch "$DOS_PATCHES/android_frameworks_base/332448.patch"; #n-asb-2022-06 limit TelecomManager#registerPhoneAccount to 10; api doc update
+applyPatch "$DOS_PATCHES/android_frameworks_base/332449.patch"; #n-asb-2022-06 Add an OEM configurable limit for zen rules
+applyPatch "$DOS_PATCHES/android_frameworks_base/334035.patch"; #n-asb-2022-07 Crash invalid FGS notifications
+applyPatch "$DOS_PATCHES/android_frameworks_base/334871.patch"; #n-asb-2022-08 Only allow system and same app to apply relinquishTaskIdentity
+applyPatch "$DOS_PATCHES/android_frameworks_base/334872.patch"; #n-asb-2022-08 Stop using invalid URL to prevent unexpected crash
+applyPatch "$DOS_PATCHES/android_frameworks_base/334873.patch"; #n-asb-2022-08 Only allow the system server to connect to sync adapters
+applyPatch "$DOS_PATCHES/android_frameworks_base/338003.patch"; #n-asb-2022-09 IMMS: Make IMMS PendingIntents immutable
 git revert --no-edit 0326bb5e41219cf502727c3aa44ebf2daa19a5b3; #Re-enable doze on devices without gms
 applyPatch "$DOS_PATCHES/android_frameworks_base/248599.patch"; #Make SET_TIME_ZONE permission match SET_TIME (AOSP)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0001-Reduced_Resolution.patch"; #Allow reducing resolution to save power TODO: Add 800x480 (DivestOS)
@@ -112,6 +174,8 @@ rm -rf packages/PrintRecommendationService; #Creates popups to install proprieta
 fi;
 
 if enterAndClear "frameworks/native"; then
+applyPatch "$DOS_PATCHES/android_frameworks_native/315714.patch"; #n-asb-2021-09 Do not modify vector after getting references
+applyPatch "$DOS_PATCHES/android_frameworks_native/325993.patch"; #n-asb-2022-03 Check if the window is partially obscured for slippery enters
 if [ "$DOS_SENSORS_PERM" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_native/0001-Sensors.patch"; fi; #Permission for sensors access (MSe1969)
 fi;
 
@@ -199,7 +263,15 @@ if enterAndClear "hardware/qcom/media-caf/msm8994"; then
 applyPatch "$DOS_PATCHES/android_hardware_qcom_media/227622.patch"; #n_asb_09-2018-qcom (CAF)
 fi;
 
+if enterAndClear "packages/apps/Bluetooth"; then
+applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/332451.patch"; #n-asb-2022-06 Removes app access to BluetoothAdapter#setScanMode by requiring BLUETOOTH_PRIVILEGED permission.
+applyPatch "$DOS_PATCHES/android_packages_apps_Bluetooth/332452.patch"; #n-asb-2022-06 Removes app access to BluetoothAdapter#setDiscoverableTimeout by requiring BLUETOOTH_PRIVILEGED permission.
+fi;
+
 if enterAndClear "packages/apps/Contacts"; then
+applyPatch "$DOS_PATCHES/android_packages_apps_Contacts/318518.patch"; #n-asb-2021-11 Add permission to start NFC activity to ensure it is from NFC stack
+applyPatch "$DOS_PATCHES/android_packages_apps_Contacts/319989.patch"; #n-asb-2021-12 Address photo editing security bug
+applyPatch "$DOS_PATCHES/android_packages_apps_Contacts/332453.patch"; #n-asb-2022-06 No longer export CallSubjectDialog
 applyPatch "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0004-No_GMaps.patch"; #Use common intent for directions instead of Google Maps URL (GrapheneOS)
 fi;
 
@@ -210,11 +282,36 @@ applyPatch "$DOS_PATCHES/android_packages_apps_CMParts/0002-Reduced_Resolution.p
 cp -f "$DOS_PATCHES_COMMON/contributors.db" assets/contributors.db; #Update contributors cloud
 fi;
 
+if enterAndClear "packages/apps/Dialer"; then
+applyPatch "$DOS_PATCHES/android_packages_apps_Dialer/332454.patch"; #n-asb-2022-06 No longer export CallSubjectDialog
+fi;
+
+if enterAndClear "packages/apps/KeyChain"; then
+applyPatch "$DOS_PATCHES/android_packages_apps_KeyChain/319990.patch"; #n-asb-2021-12 Hide overlay on KeyChainActivity
+applyPatch "$DOS_PATCHES/android_packages_apps_KeyChain/334036.patch"; #n-asb-2022-07 Encode authority part of uri before showing in UI
+fi;
+
+if enterAndClear "packages/apps/Nfc"; then
+applyPatch "$DOS_PATCHES/android_packages_apps_Nfc/315715.patch"; #n-asb-2021-09 Add HIDE_NON_SYSTEM_OVERLAY_WINDOWS permission to Nfc
+applyPatch "$DOS_PATCHES/android_packages_apps_Nfc/328308.patch"; #n-asb-2022-04 Do not set default contactless application without user interaction
+applyPatch "$DOS_PATCHES/android_packages_apps_Nfc/332455.patch"; #n-asb-2022-06 OOB read in phNciNfc_RecvMfResp()
+fi;
+
 if enterAndClear "packages/apps/PackageInstaller"; then
 applyPatch "$DOS_PATCHES/android_packages_apps_PackageInstaller/64d8b44.patch"; #Fix an issue with Permission Review (AOSP/452540)
 fi;
 
 if enterAndClear "packages/apps/Settings"; then
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/315716.patch"; #n-asb-2021-09 Update string
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/315717.patch"; #n-asb-2021-09 Fix phishing attacks over Bluetooth due to unclear warning message
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/318519.patch"; #n-asb-2021-11 Import translations.
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/319991.patch"; #n-asb-2021-12 BluetoothSecurity: Add BLUETOOTH_PRIVILEGED permission for pairing dialog
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/323458.patch"; #n-asb-2022-02 Rephrase dialog message of clear storage dialog for security concern
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/325994.patch"; #n-asb-2022-03 Fix bypass CALL_PRIVILEGED permission in AppRestrictionsFragment
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/327099.patch"; #n-asb-2022-03 Add caller check to com.android.credentials.RESET
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/334037.patch"; #n-asb-2022-07 Fix LaunchAnyWhere in AppRestrictionsFragment
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/334874.patch"; #n-asb-2022-08 Verify ringtone from ringtone picker is audio
+applyPatch "$DOS_PATCHES/android_packages_apps_Settings/334875.patch"; #n-asb-2022-08 Fix Settings crash when setting a null ringtone
 git revert --no-edit 2ebe6058c546194a301c1fd22963d6be4adbf961; #Don't hide OEM unlock
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/201113.patch"; #wifi: Add world regulatory domain country code (syphyr)
 applyPatch "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks (MSe1969)
@@ -251,12 +348,37 @@ applyPatch "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voic
 applyPatch "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0002-Disable_Personalization.patch"; #Disable personalization dictionary by default (GrapheneOS)
 fi;
 
+if enterAndClear "packages/services/Telecomm"; then
+applyPatch "$DOS_PATCHES/android_packages_services_Telecomm/332456.patch"; #n-asb-2022-06 limit TelecomManager#registerPhoneAccount to 10
+fi;
+
 if enterAndClear "packages/services/Telephony"; then
 applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #(DivestOS)
 applyPatch "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
 fi;
 
+if enterAndClear "packages/providers/ContactsProvider"; then
+applyPatch "$DOS_PATCHES/android_packages_providers_ContactsProvider/334876.patch"; #n-asb-2022-08 enforce stricter CallLogProvider query
+fi;
+
+if enterAndClear "packages/providers/MediaProvider"; then
+applyPatch "$DOS_PATCHES/android_packages_providers_MediaProvider/324248.patch"; #n-asb-2022-02 Open all files with O_NOFOLLOW.
+fi;
+
 if enterAndClear "system/bt"; then
+applyPatch "$DOS_PATCHES/android_system_bt/315718.patch"; #BLE: [IOT] Initiate disconnection when encryption fails during pairing #CVE-2021-1957
+applyPatch "$DOS_PATCHES/android_system_bt/315719.patch"; #n-asb-2021-09 SMP: Reject pairing if public_key.x match
+applyPatch "$DOS_PATCHES/android_system_bt/320420.patch"; #n-asb-2021-12 osi: Prevent memory allocations with MSB set
+applyPatch "$DOS_PATCHES/android_system_bt/323456.patch"; #n-asb-2022-02 security: Use-After-Free in btm_sec_[dis]connected
+applyPatch "$DOS_PATCHES/android_system_bt/323457.patch"; #n-asb-2022-02 Reset the IRK after all devices are unpaired
+applyPatch "$DOS_PATCHES/android_system_bt/328306.patch"; #n-asb-2022-04 Security fix OOB read due to invalid count in stack/avrc/avrc_pars_ct
+applyPatch "$DOS_PATCHES/android_system_bt/334032.patch"; #n-asb-2022-07 Security: Fix out of bound write in HFP client
+applyPatch "$DOS_PATCHES/android_system_bt/334033.patch"; #n-asb-2022-07 Check Avrcp packet vendor length before extracting length
+applyPatch "$DOS_PATCHES/android_system_bt/334034.patch"; #n-asb-2022-07 Security: Fix out of bound read in AT_SKIP_REST
+applyPatch "$DOS_PATCHES/android_system_bt/334877.patch"; #n-asb-2022-08 Removing bonded device when auth fails due to missing keys
+applyPatch "$DOS_PATCHES/android_system_bt/337998.patch"; #n-asb-2022-09 Fix OOB in BNEP_Write
+applyPatch "$DOS_PATCHES/android_system_bt/337999.patch"; #n-asb-2022-09 Fix OOB in bnep_is_packet_allowed
+applyPatch "$DOS_PATCHES/android_system_bt/338000.patch"; #n-asb-2022-09 Fix OOB in reassemble_and_dispatch
 applyPatch "$DOS_PATCHES/android_system_bt/229574.patch"; #Increase maximum Bluetooth SBC codec bitrate for SBC HD (ValdikSS)
 applyPatch "$DOS_PATCHES/android_system_bt/229575.patch"; #Explicit SBC Dual Channel (SBC HD) support (ValdikSS)
 applyPatch "$DOS_PATCHES/android_system_bt/242134.patch"; #avrc_bld_get_attrs_rsp - fix attribute length position off by one (cprhokie)
@@ -264,6 +386,7 @@ applyPatch "$DOS_PATCHES/android_system_bt/0001-NO_READENCRKEYSIZE.patch"; #Add
 fi;
 
 if enterAndClear "system/core"; then
+applyPatch "$DOS_PATCHES/android_system_core/332457.patch"; #n-asb-2022-06 Backport of Win-specific suppression of potentially rogue construct that can engage
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert --no-edit 0217dddeb5c16903c13ff6c75213619b79ea622b d7aa1231b6a0631f506c0c23816f2cd81645b15f; #Always update recovery XXX: This doesn't seem to work
 applyPatch "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysctl changes (GrapheneOS)
diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh
index 4489297c..559f00cc 100644
--- a/Scripts/LineageOS-15.1/Patch.sh
+++ b/Scripts/LineageOS-15.1/Patch.sh
@@ -98,6 +98,8 @@ fi;
 
 if enterAndClear "external/expat"; then
 applyPatch "$DOS_PATCHES/android_external_expat/337987.patch"; #Q_asb_2022-09 Prevent XML_GetBuffer signed integer overflow
+applyPatch "$DOS_PATCHES/android_external_expat/337988-backport.patch"; #n-asb-2022-09 Prevent integer overflow in function doProlog
+applyPatch "$DOS_PATCHES/android_external_expat/337989-backport.patch"; #n-asb-2022-09 Prevent more integer overflows
 fi;
 
 #if [ "$DOS_GRAPHENE_MALLOC_BROKEN" = true ]; then