Picks

Signed-off-by: Tavi <tavi@divested.dev>

Patches/LineageOS-14.1/android_frameworks_av/399268.patch

@@ -0,0 +1,38 @@
+From 14461bfefeef4f00cab8c6335eec7a701915ef5b Mon Sep 17 00:00:00 2001
+From: Rakesh Kumar <rakesh.kumar@ittiam.com>
+Date: Thu, 30 May 2024 11:17:48 +0000
+Subject: [PATCH] StagefrightRecoder: Disabling B-frame support
+
+Disabling b-frame support from stagefright recorder in case of
+audio source as mic and video source is surface use case only
+because screen recorder with microphone doesn't play in sync
+if b-frame is enabled.
+If the audio source selected is INTERNAL (i.e. device) or
+MIC_AND_INTERNAL with screen recorder then b frame is supported.
+
+Bug: 288549440
+Test: manually check screen recording with audio from mic has audio/video in synch
+(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:af685c66bab17b71fe1624f76b5d55628f79e6fa)
+(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:da3407f7688f35eb2dce79f1405feeb182241a3c)
+Merged-In: I4098655eb9687fb633085333bc140634441566e6
+Change-Id: I4098655eb9687fb633085333bc140634441566e6
+---
+ media/libmediaplayerservice/StagefrightRecorder.cpp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/media/libmediaplayerservice/StagefrightRecorder.cpp b/media/libmediaplayerservice/StagefrightRecorder.cpp
+index a6558ab3d44..0d8e9952527 100644
+--- a/media/libmediaplayerservice/StagefrightRecorder.cpp
++++ b/media/libmediaplayerservice/StagefrightRecorder.cpp
+@@ -1646,6 +1646,11 @@ status_t StagefrightRecorder::setupVideoEncoder(
+ 
+     if (tsLayers > 1) {
+         uint32_t bLayers = std::min(2u, tsLayers - 1); // use up-to 2 B-layers
++        // TODO(b/341121900): Remove this once B frames are handled correctly in screen recorder
++        // use case in case of mic only
++        if (mAudioSource == AUDIO_SOURCE_MIC && mVideoSource == VIDEO_SOURCE_SURFACE) {
++            bLayers = 0;
++        }
+         uint32_t pLayers = tsLayers - bLayers;
+         format->setString(
+                 "ts-schema", AStringPrintf("android.generic.%u+%u", pLayers, bLayers));

Patches/LineageOS-14.1/android_frameworks_base/399269.patch

@@ -0,0 +1,65 @@
+From 4f7911704b5e53dd50ef736de84205f17827b975 Mon Sep 17 00:00:00 2001
+From: Kiran S <krns@google.com>
+Date: Mon, 13 May 2024 05:49:06 +0000
+Subject: [PATCH] Restrict USB poups while setup is in progress
+
+Test: Cherry pick of http://ag/27094197
+Bug: 294105066
+(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2ce2e54a040342373e401f9c2e70035ede4e63ad)
+(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ec96cc3e3a81d21f2249db381c10638bb307cf39)
+Merged-In: I7d54534696fd73f3b94c5b4250142eed9341c5d8
+Change-Id: I7d54534696fd73f3b94c5b4250142eed9341c5d8
+---
+ .../server/usb/UsbSettingsManager.java        | 21 +++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+
+diff --git a/services/usb/java/com/android/server/usb/UsbSettingsManager.java b/services/usb/java/com/android/server/usb/UsbSettingsManager.java
+index de9ede397c130..195360df7dbfb 100644
+--- a/services/usb/java/com/android/server/usb/UsbSettingsManager.java
++++ b/services/usb/java/com/android/server/usb/UsbSettingsManager.java
+@@ -16,6 +16,8 @@
+ 
+ package com.android.server.usb;
+ 
++import static android.provider.Settings.Secure.USER_SETUP_COMPLETE;
++
+ import android.app.PendingIntent;
+ import android.content.ActivityNotFoundException;
+ import android.content.ComponentName;
+@@ -36,6 +38,7 @@
+ import android.os.Environment;
+ import android.os.Process;
+ import android.os.UserHandle;
++import android.provider.Settings;
+ import android.util.AtomicFile;
+ import android.util.Log;
+ import android.util.Slog;
+@@ -756,10 +759,28 @@ private void resolveActivity(Intent intent, UsbDevice device) {
+             defaultPackage = mDevicePreferenceMap.get(new DeviceFilter(device));
+         }
+ 
++        if (shouldRestrictOverlayActivities()) {
++            return;
++        }
++
+         // Start activity with registered intent
+         resolveActivity(intent, matches, defaultPackage, device, null);
+     }
+ 
++    private boolean shouldRestrictOverlayActivities() {
++        if (Settings.Secure.getIntForUser(
++                mContext.getContentResolver(),
++                USER_SETUP_COMPLETE,
++                /* defaultValue= */ 1,
++                UserHandle.CURRENT.getIdentifier())
++                == 0) {
++            Slog.d(TAG, "restricting usb overlay activities as setup is not complete");
++            return true;
++        }
++
++        return false;
++    }
++
+     public void deviceDetached(UsbDevice device) {
+         // clear temporary permissions for the device
+         mDevicePermissionMap.remove(device.getDeviceName());

Patches/LineageOS-14.1/android_frameworks_base/399270.patch

@@ -0,0 +1,147 @@
+From 42e379fa4967a4841931310b9308e5ff66e2be00 Mon Sep 17 00:00:00 2001
+From: Pinyao Ting <pinyaoting@google.com>
+Date: Thu, 30 Nov 2023 23:12:39 +0000
+Subject: [PATCH] Added throttle when reporting shortcut usage
+
+Bug: 304290201
+Test: manual
+(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:76121eb73d4c40829d5513b073871333520fe0a2)
+Merged-In: I96370cbd4f6a55f894c1a93307e5f82dfd394652
+Change-Id: I96370cbd4f6a55f894c1a93307e5f82dfd394652
+---
+ .../android/server/pm/ShortcutPackage.java    | 35 +++++++++++++++++++
+ .../android/server/pm/ShortcutService.java    | 12 +++----
+ .../server/pm/ShortcutManagerTest2.java       |  2 ++
+ 3 files changed, 41 insertions(+), 8 deletions(-)
+
+diff --git a/services/core/java/com/android/server/pm/ShortcutPackage.java b/services/core/java/com/android/server/pm/ShortcutPackage.java
+index 38d69ed287e1c..b8d0120f3db62 100644
+--- a/services/core/java/com/android/server/pm/ShortcutPackage.java
++++ b/services/core/java/com/android/server/pm/ShortcutPackage.java
+@@ -19,17 +19,20 @@
+ import android.annotation.Nullable;
+ import android.annotation.UserIdInt;
+ import android.content.ComponentName;
++import android.app.usage.UsageStatsManagerInternal;
+ import android.content.Intent;
+ import android.content.pm.PackageInfo;
+ import android.content.pm.ShortcutInfo;
+ import android.content.res.Resources;
+ import android.os.PersistableBundle;
++import android.os.SystemClock;
+ import android.text.format.Formatter;
+ import android.util.ArrayMap;
+ import android.util.ArraySet;
+ import android.util.Log;
+ import android.util.Slog;
+ 
++import com.android.internal.annotations.GuardedBy;
+ import com.android.internal.annotations.VisibleForTesting;
+ import com.android.internal.util.Preconditions;
+ import com.android.internal.util.XmlUtils;
+@@ -103,6 +106,11 @@ class ShortcutPackage extends ShortcutPackageItem {
+     private static final String KEY_BITMAPS = "bitmaps";
+     private static final String KEY_BITMAP_BYTES = "bitmapBytes";
+ 
++    @VisibleForTesting
++    public static final int REPORT_USAGE_BUFFER_SIZE = 3;
++
++    private final Object mLock = new Object();
++
+     /**
+      * All the shortcuts from the package, keyed on IDs.
+      */
+@@ -122,6 +130,9 @@ class ShortcutPackage extends ShortcutPackageItem {
+ 
+     private long mLastKnownForegroundElapsedTime;
+ 
++    @GuardedBy("mLock")
++    private List<Long> mLastReportedTime = new ArrayList<>();
++
+     private ShortcutPackage(ShortcutUser shortcutUser,
+             int packageUserId, String packageName, ShortcutPackageInfo spi) {
+         super(shortcutUser, packageUserId, packageName,
+@@ -1144,6 +1155,30 @@ public boolean hasNonManifestShortcuts() {
+         return false;
+     }
+ 
++    void reportShortcutUsed(@NonNull final UsageStatsManagerInternal usageStatsManagerInternal,
++            @NonNull final String shortcutId) {
++        synchronized (mLock) {
++            final long currentTS = SystemClock.elapsedRealtime();
++            final ShortcutService s = mShortcutUser.mService;
++            if (mLastReportedTime.isEmpty()
++                    || mLastReportedTime.size() < REPORT_USAGE_BUFFER_SIZE) {
++                mLastReportedTime.add(currentTS);
++            } else if (currentTS - mLastReportedTime.get(0) > s.mSaveDelayMillis) {
++                mLastReportedTime.remove(0);
++                mLastReportedTime.add(currentTS);
++            } else {
++                return;
++            }
++            final long token = s.injectClearCallingIdentity();
++            try {
++                usageStatsManagerInternal.reportShortcutUsage(getPackageName(), shortcutId,
++                        getUser().getUserId());
++            } finally {
++                s.injectRestoreCallingIdentity(token);
++            }
++        }
++    }
++
+     public void dump(@NonNull PrintWriter pw, @NonNull String prefix) {
+         pw.println();
+ 
+diff --git a/services/core/java/com/android/server/pm/ShortcutService.java b/services/core/java/com/android/server/pm/ShortcutService.java
+index 944f75345df6f..02b923384a836 100644
+--- a/services/core/java/com/android/server/pm/ShortcutService.java
++++ b/services/core/java/com/android/server/pm/ShortcutService.java
+@@ -290,7 +290,7 @@ public boolean test(PackageInfo pi) {
+     private CompressFormat mIconPersistFormat;
+     private int mIconPersistQuality;
+ 
+-    private int mSaveDelayMillis;
++    int mSaveDelayMillis;
+ 
+     private final IPackageManager mIPackageManager;
+     private final PackageManagerInternal mPackageManagerInternal;
+@@ -2041,10 +2041,11 @@ public void reportShortcutUsed(String packageName, String shortcutId, int userId
+                     shortcutId, packageName, userId));
+         }
+ 
++        final ShortcutPackage ps;
+         synchronized (mLock) {
+             throwIfUserLockedL(userId);
+ 
+-            final ShortcutPackage ps = getPackageShortcutsForPublisherLocked(packageName, userId);
++            ps = getPackageShortcutsForPublisherLocked(packageName, userId);
+ 
+             if (ps.findShortcutById(shortcutId) == null) {
+                 Log.w(TAG, String.format("reportShortcutUsed: package %s doesn't have shortcut %s",
+@@ -2053,12 +2054,7 @@ public void reportShortcutUsed(String packageName, String shortcutId, int userId
+             }
+         }
+ 
+-        final long token = injectClearCallingIdentity();
+-        try {
+-            mUsageStatsManagerInternal.reportShortcutUsage(packageName, shortcutId, userId);
+-        } finally {
+-            injectRestoreCallingIdentity(token);
+-        }
++        ps.reportShortcutUsed(mUsageStatsManagerInternal, shortcutId);
+     }
+ 
+     /**
+diff --git a/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java b/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
+index d25923c019cac..149037df2ff16 100644
+--- a/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
++++ b/services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java
+@@ -1799,6 +1799,8 @@ public void testThrottling_resetByInternalCall() throws Exception {
+ 
+     public void testReportShortcutUsed() {
+         mRunningUsers.put(USER_10, true);
++        mService.updateConfigurationLocked(
++                ShortcutService.ConfigConstants.KEY_SAVE_DELAY_MILLIS + "=1");
+ 
+         runWithCaller(CALLING_PACKAGE_1, USER_10, () -> {
+             reset(mMockUsageStatsManagerInternal);

Patches/LineageOS-14.1/android_system_bt/399271.patch

@@ -0,0 +1,51 @@
+From 31562d59f523d73b8c92d0327370cac98904992a Mon Sep 17 00:00:00 2001
+From: Brian Delwiche <delwiche@google.com>
+Date: Mon, 22 Apr 2024 16:43:29 +0000
+Subject: [PATCH] [BACKPORT] Fix heap-buffer overflow in sdp_utils.cc
+
+Fuzzer identifies a case where sdpu_compare_uuid_with_attr crashes with
+an out of bounds comparison.  Although the bug claims this is due to a
+comparison of a uuid with a smaller data field thana the discovery
+attribute, my research suggests that this instead stems from a
+comparison of a 128 bit UUID with a discovery attribute of some other,
+invalid size.
+
+Add checks for discovery attribute size.
+
+Bug: 287184435
+Test: atest bluetooth_test_gd_unit, net_test_stack_sdp
+Tag: #security
+Ignore-AOSP-First: Security
+(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:99210e2f251e2189c1eede15942c832e017404c2)
+Merged-In: Ib536cbeac454efbf6af3d713c05c8e3e077e069b
+Change-Id: Ib536cbeac454efbf6af3d713c05c8e3e077e069b
+---
+ stack/sdp/sdp_utils.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/stack/sdp/sdp_utils.c b/stack/sdp/sdp_utils.c
+index e9df4606893..d1dd94e138c 100644
+--- a/stack/sdp/sdp_utils.c
++++ b/stack/sdp/sdp_utils.c
+@@ -850,13 +850,20 @@ BOOLEAN sdpu_compare_uuid_with_attr (tBT_UUID *p_btuuid, tSDP_DISC_ATTR *p_attr)
+     UINT16      attr_len = SDP_DISC_ATTR_LEN (p_attr->attr_len_type);
+ 
+     /* Since both UUIDs are compressed, lengths must match  */
+-    if (p_btuuid->len != attr_len)
++    if (p_btuuid->len != attr_len) {
++        SDP_TRACE_ERROR("invalid length for discovery attribute");
+         return (FALSE);
++    }
+ 
+     if (p_btuuid->len == 2)
+         return (BOOLEAN)(p_btuuid->uu.uuid16 == p_attr->attr_value.v.u16);
+     else if (p_btuuid->len == 4)
+         return (BOOLEAN)(p_btuuid->uu.uuid32 == p_attr->attr_value.v.u32);
++    else if (attr_len != MAX_UUID_SIZE) {
++        SDP_TRACE_ERROR("invalid length for discovery attribute");
++        return (FALSE);
++    }
++
+     /* coverity[overrun-buffer-arg] */
+     /*
+        Event overrun-buffer-arg: Overrun of static array "&p_attr->attr_value.v.array" of size 4 bytes by passing it to a function which indexes it with argument "16U" at byte position 15

Patches/LineageOS-17.1/android_frameworks_base/399413.patch

@@ -1,7 +1,7 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From 5c4218a6ed99e78a1c1b34fbecda7a9b4457f655 Mon Sep 17 00:00:00 2001
 From: Guojing Yuan <guojing@google.com>
 Date: Thu, 14 Dec 2023 19:30:04 +0000
-Subject: [PATCH] Check permissions for CDM shell commands
+Subject: [PATCH] [BACKPORT] Check permissions for CDM shell commands
 
 Override handleShellCommand instead of onShellCommand because
 Binder.onShellCommand checks the necessary permissions of the caller.
@@ -23,10 +23,10 @@ Change-Id: I5539b3594feb5544c458c0fd1061b51a0a808900
  1 file changed, 5 insertions(+)
 
 diff --git a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
-index 73b8ff7067ef..4377ee6145d8 100644
+index 73b8ff7067ef9..4377ee6145d8f 100644
 --- a/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
 +++ b/services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java
-@@ -366,6 +366,11 @@ public class CompanionDeviceManagerService extends SystemService implements Bind
+@@ -366,6 +366,11 @@ private void checkUsesFeature(String pkg, int userId) {
          public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err,
                  String[] args, ShellCallback callback, ResultReceiver resultReceiver)
                  throws RemoteException {

Patches/LineageOS-17.1/android_frameworks_base/399414.patch

@@ -1,4 +1,4 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From db3da396bd7fc0c1a6abc288b3098840742f8d16 Mon Sep 17 00:00:00 2001
 From: Riddle Hsu <riddlehsu@google.com>
 Date: Tue, 6 Feb 2024 17:19:37 +0800
 Subject: [PATCH] Hide window immediately if itself doesn't run hide animation
@@ -21,10 +21,10 @@ Change-Id: Iafc2b2c2a24d8fc8d147354ef2f0b4afeeb510c5
  2 files changed, 24 insertions(+), 2 deletions(-)
 
 diff --git a/services/core/java/com/android/server/wm/WindowState.java b/services/core/java/com/android/server/wm/WindowState.java
-index 18cdc943b8c8..cca14d884cdd 100644
+index 18cdc943b8c85..cca14d884cdd8 100644
 --- a/services/core/java/com/android/server/wm/WindowState.java
 +++ b/services/core/java/com/android/server/wm/WindowState.java
-@@ -2698,8 +2698,10 @@ class WindowState extends WindowContainer<WindowState> implements WindowManagerP
+@@ -2698,8 +2698,10 @@ boolean hideLw(boolean doAnimation, boolean requestAnim) {
              return false;
          }
          if (doAnimation) {
@@ -38,10 +38,10 @@ index 18cdc943b8c8..cca14d884cdd 100644
              }
          }
 diff --git a/services/tests/wmtests/src/com/android/server/wm/WindowStateTests.java b/services/tests/wmtests/src/com/android/server/wm/WindowStateTests.java
-index 3a8d3b74c08f..15d0fd90ef77 100644
+index 3a8d3b74c08f8..15d0fd90ef774 100644
 --- a/services/tests/wmtests/src/com/android/server/wm/WindowStateTests.java
 +++ b/services/tests/wmtests/src/com/android/server/wm/WindowStateTests.java
-@@ -213,6 +213,26 @@ public class WindowStateTests extends WindowTestsBase {
+@@ -213,6 +213,26 @@ public void testIsOnScreen_hiddenByPolicy() {
          assertTrue(window.isOnScreen());
          window.hideLw(false /* doAnimation */);
          assertFalse(window.isOnScreen());

Patches/Linux

@@ -1 +1 @@
-Subproject commit 58b833c43591da6ba3d1f8e8b2873b2838ba1d4a
+Subproject commit 924506928be57039b571c599985f4492c5680ab5

Scripts/LineageOS-14.1/Patch.sh

@@ -82,7 +82,7 @@ sed -i '50i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aap
 sed -i '296iLOCAL_AAPT_FLAGS += --auto-add-overlay' core/package_internal.mk;
 awk -i inplace '!/Email/' target/product/core.mk; #Remove Email
 awk -i inplace '!/Exchange2/' target/product/core.mk;
-sed -i 's/2021-06-05/2024-07-05/' core/version_defaults.mk; #Bump Security String #n-asb-2024-07 #XXX
+sed -i 's/2021-06-05/2024-08-05/' core/version_defaults.mk; #Bump Security String #n-asb-2024-08 #XXX
 fi;
 
 if enterAndClear "device/qcom/sepolicy"; then
@@ -200,6 +200,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_av/373035.patch"; #n-asb-2023-11 Fix
 applyPatch "$DOS_PATCHES/android_frameworks_av/381852.patch"; #n-asb-2024-02 Update mtp packet buffer
 applyPatch "$DOS_PATCHES/android_frameworks_av/385240.patch"; #n-asb-2024-03 Fix out of bounds read and write in onQueueFilled in outQueue
 applyPatch "$DOS_PATCHES/android_frameworks_av/385243.patch"; #n-asb-2024-03 Validate OMX Params for VPx encoders
+applyPatch "$DOS_PATCHES/android_frameworks_av/399268.patch"; #n-asb-2024-08 StagefrightRecoder: Disabling B-frame support
 #if [ "$DOS_GRAPHENE_MALLOC_STAGING" = true ]; then applyPatch "$DOS_PATCHES/android_frameworks_av/0001-HM-No_RLIMIT_AS.patch"; fi; #(GrapheneOS)
 fi;
 
@@ -288,6 +289,8 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/393647.patch"; #n-asb-2024-06 A
 applyPatch "$DOS_PATCHES/android_frameworks_base/393648.patch"; #n-asb-2024-06 Check hidden API exemptions
 applyPatch "$DOS_PATCHES/android_frameworks_base/393649.patch"; #n-asb-2024-06 AccessibilityManagerService: remove uninstalled services from enabled list after service update.
 applyPatch "$DOS_PATCHES/android_frameworks_base/396611.patch"; #n-asb-2024-07 Verify UID of incoming Zygote connections.
+applyPatch "$DOS_PATCHES/android_frameworks_base/399269.patch"; #n-asb-2024-08 Restrict USB poups while setup is in progress
+applyPatch "$DOS_PATCHES/android_frameworks_base/399270.patch"; #n-asb-2024-08 Added throttle when reporting shortcut usage
 git revert --no-edit 0326bb5e41219cf502727c3aa44ebf2daa19a5b3; #Re-enable doze on devices without gms
 applyPatch "$DOS_PATCHES/android_frameworks_base/248599.patch"; #Make SET_TIME_ZONE permission match SET_TIME (AOSP)
 applyPatch "$DOS_PATCHES/android_frameworks_base/0001-Reduced_Resolution.patch"; #Allow reducing resolution to save power TODO: Add 800x480 (DivestOS)
@@ -588,6 +591,7 @@ applyPatch "$DOS_PATCHES/android_system_bt/385237.patch"; #n-asb-2024-03 Fix an
 applyPatch "$DOS_PATCHES/android_system_bt/385238.patch"; #n-asb-2024-03 Fix an OOB write bug in attp_build_value_cmd
 applyPatch "$DOS_PATCHES/android_system_bt/385239.patch"; #n-asb-2024-03 Fix a security bypass issue in access_secure_service_from_temp_bond
 applyPatch "$DOS_PATCHES/android_system_bt/396612.patch"; #n-asb-2024-07 Fix an authentication bypass bug in SMP
+applyPatch "$DOS_PATCHES/android_system_bt/399271.patch"; #n-asb-2024-08 Fix heap-buffer overflow in sdp_utils.cc
 applyPatch "$DOS_PATCHES/android_system_bt/229574.patch"; #bt-sbc-hd-dualchannel-nougat: Increase maximum Bluetooth SBC codec bitrate for SBC HD (ValdikSS)
 applyPatch "$DOS_PATCHES/android_system_bt/229575.patch"; #bt-sbc-hd-dualchannel-nougat: Explicit SBC Dual Channel (SBC HD) support (ValdikSS)
 applyPatch "$DOS_PATCHES/android_system_bt/242134.patch"; #avrc_bld_get_attrs_rsp - fix attribute length position off by one (cprhokie)

Scripts/LineageOS-17.1/Patch.sh

@@ -300,7 +300,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/399074.patch"; #Q_asb_2024-06 V
 applyPatch "$DOS_PATCHES/android_frameworks_base/399075.patch"; #Q_asb_2024-06 Added throttle when reporting shortcut usage
 applyPatch "$DOS_PATCHES/android_frameworks_base/399076.patch"; #Q_asb_2024-06 Prevend user spoofing in isRequestPinItemSupported
 applyPatch "$DOS_PATCHES/android_frameworks_base/399077.patch"; #Q_asb_2024-06 Check for NLS bind permission when rebinding services
-applyPatch "$DOS_PATCHES/android_frameworks_base/394557-backport.patch"; #R_asb_2024-06 Hide window immediately if itself doesn't run hide animation
+applyPatch "$DOS_PATCHES/android_frameworks_base/399414.patch"; #Q_asb_2024-06 Hide window immediately if itself doesn't run hide animation
 applyPatch "$DOS_PATCHES/android_frameworks_base/399078.patch"; #Q_asb_2024-06 Fix error handling for non-dynamic permissions
 applyPatch "$DOS_PATCHES/android_frameworks_base/399079.patch"; #Q_asb_2024-06 Add more checkKeyIntent checks to AccountManagerService.
 applyPatch "$DOS_PATCHES/android_frameworks_base/399080.patch"; #Q_asb_2024-06 [Autofill Framework] Add in check for intent filter when setting/updating service
@@ -310,7 +310,7 @@ applyPatch "$DOS_PATCHES/android_frameworks_base/399083.patch"; #Q_asb_2024-06 A
 applyPatch "$DOS_PATCHES/android_frameworks_base/399084.patch"; #Q_asb_2024-06 Explicitly take flags in createContextAsUser()
 applyPatch "$DOS_PATCHES/android_frameworks_base/399085.patch"; #Q_asb_2024-06 Resolve message/conversation image Uris with the correct user id
 applyPatch "$DOS_PATCHES/android_frameworks_base/399086.patch"; #Q_asb_2024-06 AccessibilityManagerService: remove uninstalled services from enabled list after service update.
-applyPatch "$DOS_PATCHES/android_frameworks_base/394882.patch"; #P_asb_2024-06 Check permissions for CDM shell commands
+applyPatch "$DOS_PATCHES/android_frameworks_base/399413.patch"; #Q_asb_2024-06 Check permissions for CDM shell commands
 applyPatch "$DOS_PATCHES/android_frameworks_base/399088.patch"; #Q_asb_2024-07 Verify UID of incoming Zygote connections.
 applyPatch "$DOS_PATCHES/android_frameworks_base/399089.patch"; #Q_asb_2024-07 Fix security vulnerability of non-dynamic permission removal
 #applyPatch "$DOS_PATCHES/android_frameworks_base/272645.patch"; #ten-bt-sbc-hd-dualchannel: Add CHANNEL_MODE_DUAL_CHANNEL constant (ValdikSS)

Scripts/LineageOS-20.0/Functions.sh

@@ -162,7 +162,8 @@ patchWorkspaceReal() {
 			verifyAllPlatformTags;
 			gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
 
-			#source build/envsetup.sh;
+			source build/envsetup.sh;
+			repopick -it T_asb_2024-08;
 
 			sh "$DOS_SCRIPTS/Patch.sh";
 			sh "$DOS_SCRIPTS_COMMON/Enable_Verity.sh";