Fixup + Churn

Signed-off-by: Tad <tad@spotco.us>

Patches/LineageOS-17.1/android_frameworks_base/0014-Network_Permission-1.patch

@@ -22,7 +22,7 @@ index 586d9a819d1e..85e86237adf6 100644
      <!-- Allows applications to access information about networks.
           <p>Protection level: normal
 diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
-index 293bdc7ba197..3a71bc8d015b 100644
+index c0ae2274c38c..d34d672b825e 100644
 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 @@ -985,7 +985,7 @@ public class PermissionManagerService {

Patches/LineageOS-17.1/android_frameworks_base/0014-Sensors_Permission.patch

@@ -100,7 +100,7 @@ index 2cf2b923ef90..ae206c1f5872 100644
      <string name="permlab_readCalendar">Read calendar events and details</string>
      <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
 diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
-index 3a71bc8d015b..3eb4262ba634 100644
+index d34d672b825e..f348dbdb2778 100644
 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 @@ -985,7 +985,7 @@ public class PermissionManagerService {

Patches/LineageOS-17.1/android_frameworks_base/0014-Special_Permissions.patch

@@ -11,7 +11,7 @@ need to be granted by default for all apps to maintain compatibility.
  2 files changed, 20 insertions(+), 6 deletions(-)
 
 diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
-index 443687a650c8..69bf7c5f38b5 100644
+index 6cfb1989262f..dc9ad9e96699 100644
 --- a/services/core/java/com/android/server/pm/PackageManagerService.java
 +++ b/services/core/java/com/android/server/pm/PackageManagerService.java
 @@ -20172,7 +20172,8 @@ public class PackageManagerService extends IPackageManager.Stub
@@ -25,7 +25,7 @@ index 443687a650c8..69bf7c5f38b5 100644
                          Process.SYSTEM_UID, userId, delayingPermCallback);
                  // Allow app op later as we are holding mPackages
 diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
-index 82f963e1df2a..293bdc7ba197 100644
+index 42ed16268919..c0ae2274c38c 100644
 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 @@ -984,6 +984,10 @@ public class PermissionManagerService {
@@ -39,7 +39,7 @@ index 82f963e1df2a..293bdc7ba197 100644
      /**
       * Restore the permission state for a package.
       *
-@@ -1277,6 +1281,14 @@ public class PermissionManagerService {
+@@ -1283,6 +1287,14 @@ public class PermissionManagerService {
                                              }
                                          }
                                      }
@@ -54,7 +54,7 @@ index 82f963e1df2a..293bdc7ba197 100644
                                  } else {
                                      if (permState == null) {
                                          // New permission
-@@ -1410,7 +1422,7 @@ public class PermissionManagerService {
+@@ -1416,7 +1428,7 @@ public class PermissionManagerService {
                                               wasChanged = true;
                                          }
                                      }
@@ -63,7 +63,7 @@ index 82f963e1df2a..293bdc7ba197 100644
                                      if (!permissionsState.hasRuntimePermission(bp.name, userId)
                                              && permissionsState.grantRuntimePermission(bp,
                                                      userId) != PERMISSION_OPERATION_FAILURE) {
-@@ -2183,7 +2195,7 @@ public class PermissionManagerService {
+@@ -2189,7 +2201,7 @@ public class PermissionManagerService {
                      && (grantedPermissions == null
                             || ArrayUtils.contains(grantedPermissions, permission))) {
                  final int flags = permissionsState.getPermissionFlags(permission, userId);
@@ -72,7 +72,7 @@ index 82f963e1df2a..293bdc7ba197 100644
                      // Installer cannot change immutable permissions.
                      if ((flags & immutableFlags) == 0) {
                          grantRuntimePermission(permission, pkg.packageName, false, callingUid,
-@@ -2242,7 +2254,7 @@ public class PermissionManagerService {
+@@ -2248,7 +2260,7 @@ public class PermissionManagerService {
          // to keep the review required permission flag per user while an
          // install permission's state is shared across all users.
          if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
@@ -81,7 +81,7 @@ index 82f963e1df2a..293bdc7ba197 100644
              return;
          }
  
-@@ -2294,7 +2306,8 @@ public class PermissionManagerService {
+@@ -2300,7 +2312,8 @@ public class PermissionManagerService {
                      + permName + " for package " + packageName);
          }
  
@@ -91,7 +91,7 @@ index 82f963e1df2a..293bdc7ba197 100644
              Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
              return;
          }
-@@ -2381,7 +2394,7 @@ public class PermissionManagerService {
+@@ -2387,7 +2400,7 @@ public class PermissionManagerService {
          // to keep the review required permission flag per user while an
          // install permission's state is shared across all users.
          if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M

Patches/LineageOS-17.1/android_frameworks_opt_net_wifi/0002-Random_MAC.patch

@@ -41,7 +41,7 @@ index d91b7f8b8..befc92fb4 100644
                          configureRandomizedMacAddress(config);
                      } else {
 diff --git a/service/java/com/android/server/wifi/WifiConfigManager.java b/service/java/com/android/server/wifi/WifiConfigManager.java
-index 393a5c395..cb44fb4ab 100644
+index fce5758e1..817fb2958 100644
 --- a/service/java/com/android/server/wifi/WifiConfigManager.java
 +++ b/service/java/com/android/server/wifi/WifiConfigManager.java
 @@ -1113,7 +1113,13 @@ public class WifiConfigManager {

Patches/LineageOS-18.1/android_frameworks_base/0013-Network_Permission-1.patch

@@ -23,7 +23,7 @@ index 9bb5aecdac8f..13c77bf16ef6 100644
      <!-- Allows applications to access information about networks.
           <p>Protection level: normal
 diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
-index 26b959879084..9e6ecc739ffe 100644
+index f8d298a538e7..0ceb190c6068 100644
 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 @@ -2609,7 +2609,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {

Patches/LineageOS-18.1/android_frameworks_base/0013-Sensors_Permission.patch

@@ -128,7 +128,7 @@ index 189544f98594..9badc8c4d9c0 100644
      field public static final String SENSORS = "android.permission-group.SENSORS";
      field public static final String SMS = "android.permission-group.SMS";
 diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
-index 9e6ecc739ffe..c744a0b5079a 100644
+index 0ceb190c6068..2380844eec5d 100644
 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 @@ -2609,7 +2609,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {

Patches/LineageOS-18.1/android_frameworks_base/0013-Special_Permissions.patch

@@ -17,7 +17,7 @@ As a result, PackageManagerService is no longer modified.
  1 file changed, 19 insertions(+), 5 deletions(-)
 
 diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
-index 8d2363b6e831..26b959879084 100644
+index 663f6ebcd73a..f8d298a538e7 100644
 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
 @@ -1461,7 +1461,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
@@ -69,7 +69,7 @@ index 8d2363b6e831..26b959879084 100644
      /**
       * Restore the permission state for a package.
       *
-@@ -2952,6 +2958,14 @@ public class PermissionManagerService extends IPermissionManager.Stub {
+@@ -2958,6 +2964,14 @@ public class PermissionManagerService extends IPermissionManager.Stub {
                                              }
                                          }
                                      }
@@ -84,7 +84,7 @@ index 8d2363b6e831..26b959879084 100644
                                  } else {
                                      if (permState == null) {
                                          // New permission
-@@ -3907,7 +3921,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
+@@ -3913,7 +3927,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
                      && (grantedPermissions == null
                             || ArrayUtils.contains(grantedPermissions, permission))) {
                  final int flags = permissionsState.getPermissionFlags(permission, userId);

Patches/LineageOS-18.1/android_frameworks_opt_net_wifi/0001-Random_MAC.patch

@@ -116,7 +116,7 @@ index 14866c87e..8db407fa3 100644
          if (mVerboseLoggingEnabled) {
              final String key = config.getKey();
 diff --git a/service/java/com/android/server/wifi/WifiConfigManager.java b/service/java/com/android/server/wifi/WifiConfigManager.java
-index 8fc91cb09..25304cca4 100644
+index f40d65624..7276bfb44 100644
 --- a/service/java/com/android/server/wifi/WifiConfigManager.java
 +++ b/service/java/com/android/server/wifi/WifiConfigManager.java
 @@ -425,9 +425,14 @@ public class WifiConfigManager {

Patches/LineageOS-18.1/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch

@@ -40,13 +40,13 @@ index 7a4c93403e..894115bed2 100644
 +    <string name="captive_portal_switch_warning">Nach dem Ausschalten der Captive-Portal-Erkennung empfangen Sie keine Verbindungs-Rückmeldung mehr. Wirklich fortfahren?</string>
  </resources>
 diff --git a/res/values/cm_strings.xml b/res/values/cm_strings.xml
-index ab38dec706..6c81254ce2 100644
+index d13d4d4fe8..5ddfe66ec0 100644
 --- a/res/values/cm_strings.xml
 +++ b/res/values/cm_strings.xml
-@@ -175,4 +175,9 @@
+@@ -178,4 +178,9 @@
  
-     <!-- Display settings screen, peak refresh rate settings summary [CHAR LIMIT=NONE] -->
-     <string name="peak_refresh_rate_summary_custom">Automatically raises the refresh rate from 60 to %1$d Hz for some content. Increases battery usage.</string>
+     <!-- Warning message for the sd card setup -->
+     <string name="storage_warning_internal">Warning: This option may not work properly or lead to data loss and is therefore not recommended!</string>
 +
 +    <!-- Captive Portal -->
 +    <string name="captive_portal_switch_title">Captive portal mode</string>

Patches/LineageOS-18.1/android_packages_apps_Settings/0004-Private_DNS.patch

@@ -84,7 +84,7 @@ index 0b4f4db6c4..ca6a2cf62d 100644
                  android:id="@+id/private_dns_mode_opportunistic"
                  layout="@layout/preference_widget_dialog_radiobutton"/>
 diff --git a/res/values/cm_strings.xml b/res/values/cm_strings.xml
-index 6c81254ce2..86fd2bd6c6 100644
+index 5ddfe66ec0..89341009d4 100644
 --- a/res/values/cm_strings.xml
 +++ b/res/values/cm_strings.xml
 @@ -137,6 +137,21 @@

Scripts/Common/Fix_CVE_Patchers.sh

@@ -124,7 +124,7 @@ done
 declare -a threeDotEighteen=("${threeDotTen[@]}" "android_kernel_samsung_universal8890.sh" "android_kernel_google_dragon.sh" "android_kernel_lge_msm8996.sh" "android_kernel_zte_msm8996.sh" "android_kernel_asus_msm8953.sh" "android_kernel_xiaomi_msm8937.sh" "android_kernel_google_marlin.sh" "android_kernel_motorola_msm8996.sh" "android_kernel_oneplus_msm8996.sh");
 for script in "${threeDotEighteen[@]}"
 do
-	commentPatches $script "0008-Graphene-Kernel_Hardening/4.4/0006.patch" "CVE-2018-16597/4.4" "CVE-2019-19319/4.4" "CVE-2020-0305/4.4" "CVE-2020-0429/4.4" "CVE-2020-8992/4.4" "CVE-2021-1048/4.4" "CVE-2021-3428/4.4" "CVE-2021-20265/4.4" "CVE-2022-1184/4.9/0007.patch";
+	commentPatches $script "0008-Graphene-Kernel_Hardening/4.4/0006.patch" "CVE-2018-16597/4.4" "CVE-2019-19319/4.4" "CVE-2020-0305/4.4" "CVE-2020-0429/4.4" "CVE-2020-8992/4.4" "CVE-2021-1048/4.4" "CVE-2021-3428/4.4" "CVE-2021-20265/4.4" "CVE-2022-1184/4.9/0007.patch" "CVE-2022-40768/4.9/0007.patch";
 done
 #4.4
 declare -a fourDotFour=("${threeDotEighteen[@]}" "android_kernel_essential_msm8998.sh" "android_kernel_fxtec_msm8998.sh" "android_kernel_zuk_msm8996.sh" "android_kernel_xiaomi_sdm660.sh" "android_kernel_sony_sdm660.sh" "android_kernel_razer_msm8998.sh" "android_kernel_oneplus_msm8998.sh" "android_kernel_google_wahoo.sh" "android_kernel_yandex_sdm660.sh" "android_kernel_zuk_msm8996.sh");

Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh

@@ -727,7 +727,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch

Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_dragon.sh

@@ -685,7 +685,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0004/3.18/0003-alt.patch

Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8996.sh

@@ -580,7 +580,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch

Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_zte_msm8996.sh

@@ -671,7 +671,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch

Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_xiaomi_msm8937.sh

@@ -444,7 +444,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch

Scripts/LineageOS-16.0/Functions.sh

@@ -77,12 +77,13 @@ patchWorkspace() {
 
 	source build/envsetup.sh;
 	#repopick -it pie-firewall;
-	repopick -it P_asb_2022-05;
-	repopick -it P_asb_2022-06;
-	repopick -it P_asb_2022-07;
-	repopick -it P_asb_2022-08;
-	repopick -it P_asb_2022-09;
-	repopick -it P_asb_2022-10;
+	#repopick cannot handle empty commits
+	repopick -it P_asb_2022-05 -e 341484;
+	repopick -it P_asb_2022-06 -e 342112;
+	repopick -it P_asb_2022-07 -e 342113;
+	repopick -it P_asb_2022-08 -e 342114;
+	repopick -it P_asb_2022-09 -e 342116;
+	repopick -it P_asb_2022-10 -e 342119;
 	repopick -it P_tzdata_2022;
 
 	sh "$DOS_SCRIPTS/Patch.sh";

Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8996.sh

@@ -590,7 +590,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch

Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_marlin.sh

@@ -487,7 +487,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch

Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_lge_msm8996.sh

@@ -568,7 +568,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch

Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh

@@ -489,7 +489,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36123/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36879/4.4/0008.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39188/4.9/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-39842/4.9/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.9/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/^6.1/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-43750/4.9/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch

Scripts/LineageOS-20.0/Functions.sh

@@ -102,9 +102,9 @@ patchWorkspace() {
 	gpgVerifyGitTag "$DOS_BUILD_BASE/external/SecureCamera";
 	gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
 
-	source build/envsetup.sh;
-	repopick -i 343790; #usb: have enableUsbDataSignal() call queryPortStatus() if successful
-	repopick -i 343791; #UsbManager: enableUsbDataSignal: return early if HAL version is too old
+	#source build/envsetup.sh;
+	#repopick -i 343790; #usb: have enableUsbDataSignal() call queryPortStatus() if successful
+	#repopick -i 343791; #UsbManager: enableUsbDataSignal: return early if HAL version is too old
 
 	sh "$DOS_SCRIPTS/Patch.sh";
 	sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";