diff --git a/Logs/resetWorkspace-LineageOS-18.1.txt b/Logs/resetWorkspace-LineageOS-18.1.txt
index 081bad7a..8d293a91 100644
--- a/Logs/resetWorkspace-LineageOS-18.1.txt
+++ b/Logs/resetWorkspace-LineageOS-18.1.txt
@@ -217,7 +217,7 @@ external/guava f68acb20fe2dbfb31dd6259fd0cf161f09d51701
external/guice 341b3654f990734fccc4f8bdda401862f1aea696
external/gwp_asan 76e2fecf2dd8449ab4d636dc3e55f1be1d7a56d0
external/hamcrest c24f6249abf1583a60f7b33ea29e321e8f15c586
-external/hardened_malloc 9823dcad79b5dc735720790d27770231ec90fee8
+external/hardened_malloc 749640c274d54e084505a24fa758bcb5f96a25ef
external/harfbuzz_ng ab5e62fefce126b4f299430f1327b33c9fe526e1
external/honggfuzz 03bc7e514aac0c4c64a5bb978454aa2020695ac3
external/hyphenation-patterns ac87c57f7beddbf5d5a50462508ce182f4fe72e8
diff --git a/Manifests/Manifest_LAOS-18.1.xml b/Manifests/Manifest_LAOS-18.1.xml
index 59f9af96..2f1f3d72 100644
--- a/Manifests/Manifest_LAOS-18.1.xml
+++ b/Manifests/Manifest_LAOS-18.1.xml
@@ -74,7 +74,7 @@
-
+
diff --git a/Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras-1.patch b/Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras-1.patch
new file mode 100644
index 00000000..480bbf54
--- /dev/null
+++ b/Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras-1.patch
@@ -0,0 +1,102 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Daniel Micay
+Date: Tue, 1 Jan 2019 14:45:27 -0500
+Subject: [PATCH] workarounds for Pixel 3 SoC era camera driver bugs
+
+---
+ h_malloc.c | 33 ++++++++++++++++++++++++++++-----
+ 1 file changed, 28 insertions(+), 5 deletions(-)
+
+diff --git a/h_malloc.c b/h_malloc.c
+index 15be0a2..3fa9ed7 100644
+--- a/h_malloc.c
++++ b/h_malloc.c
+@@ -80,6 +80,9 @@ static union {
+ #ifdef MEMTAG
+ bool is_memtag_disabled;
+ #endif
++ bool zero_on_free;
++ bool purge_slabs;
++ bool region_quarantine_protect;
+ };
+ char padding[PAGE_SIZE];
+ } ro __attribute__((aligned(PAGE_SIZE)));
+@@ -465,7 +468,7 @@ static void *slot_pointer(size_t size, void *slab, size_t slot) {
+ }
+
+ static void write_after_free_check(const char *p, size_t size) {
+- if (!WRITE_AFTER_FREE_CHECK) {
++ if (!WRITE_AFTER_FREE_CHECK || !ro.zero_on_free) {
+ return;
+ }
+
+@@ -812,7 +815,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
+ }
+ #endif
+
+- if (ZERO_ON_FREE && !skip_zero) {
++ if (ro.zero_on_free && !skip_zero) {
+ memset(p, 0, size - canary_size);
+ }
+ }
+@@ -890,7 +893,7 @@ static inline void deallocate_small(void *p, const size_t *expected_size) {
+
+ if (c->empty_slabs_total + slab_size > max_empty_slabs_total) {
+ int saved_errno = errno;
+- if (!memory_map_fixed(slab, slab_size)) {
++ if (ro.purge_slabs && !memory_map_fixed(slab, slab_size)) {
+ label_slab(slab, slab_size, class);
+ stats_slab_deallocate(c, slab_size);
+ enqueue_free_slab(c, metadata);
+@@ -976,7 +979,7 @@ static void regions_quarantine_deallocate_pages(void *p, size_t size, size_t gua
+ return;
+ }
+
+- if (unlikely(memory_map_fixed(p, size))) {
++ if (!ro.region_quarantine_protect || unlikely(memory_map_fixed(p, size))) {
+ memory_purge(p, size);
+ } else {
+ memory_set_name(p, size, "malloc large quarantine");
+@@ -1192,6 +1195,21 @@ static inline void enforce_init(void) {
+ }
+ }
+
++COLD static void handle_bugs(void) {
++ char path[256];
++ if (readlink("/proc/self/exe", path, sizeof(path)) == -1) {
++ return;
++ }
++
++ // Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL camera provider
++ const char camera_provider[] = "/vendor/bin/hw/android.hardware.camera.provider@2.4-service_64";
++ if (strcmp(camera_provider, path) == 0) {
++ ro.zero_on_free = false;
++ ro.purge_slabs = false;
++ ro.region_quarantine_protect = false;
++ }
++}
++
+ static struct mutex init_lock = MUTEX_INITIALIZER;
+
+ COLD static void init_slow_path(void) {
+@@ -1207,6 +1225,11 @@ COLD static void init_slow_path(void) {
+ ro.metadata_pkey = pkey_alloc(0, 0);
+ #endif
+
++ ro.purge_slabs = true;
++ ro.zero_on_free = ZERO_ON_FREE;
++ ro.region_quarantine_protect = true;
++ handle_bugs();
++
+ if (unlikely(sysconf(_SC_PAGESIZE) != PAGE_SIZE)) {
+ fatal_error("runtime page size does not match compile-time page size which is not supported");
+ }
+@@ -1491,7 +1514,7 @@ EXPORT void *h_calloc(size_t nmemb, size_t size) {
+ }
+ total_size = adjust_size_for_canary(total_size);
+ void *p = alloc(total_size);
+- if (!ZERO_ON_FREE && likely(p != NULL) && total_size && total_size <= max_slab_size_class) {
++ if (!ro.zero_on_free && likely(p != NULL) && total_size && total_size <= max_slab_size_class) {
+ memset(p, 0, total_size - canary_size);
+ }
+ #ifdef HAS_ARM_MTE
diff --git a/Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras.patch b/Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras-2.patch
similarity index 86%
rename from Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras.patch
rename to Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras-2.patch
index 34a710ec..191d455e 100644
--- a/Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras.patch
+++ b/Patches/LineageOS-18.1/android_external_hardened_malloc/0001-Broken_Cameras-2.patch
@@ -10,16 +10,16 @@ Change-Id: I23513ec0379bbb10829f989690334e9704fd20e2
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/h_malloc.c b/h_malloc.c
-index a6e1a7c..1b574e4 100644
+index 3fa9ed7..0308d73 100644
--- a/h_malloc.c
+++ b/h_malloc.c
-@@ -1070,7 +1070,8 @@ COLD static void handle_bugs(void) {
+@@ -1203,7 +1203,8 @@ COLD static void handle_bugs(void) {
// Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL camera provider
const char camera_provider[] = "/vendor/bin/hw/android.hardware.camera.provider@2.4-service_64";
- if (strcmp(camera_provider, path) == 0) {
+ // Any camera executable on system partition
-+ if (strcmp(camera_provider, path) == 0 || (strstr(path, "camera") != NULL && (strncmp("/system", path, 7) == 0 || strncmp("/vendor", path, 7) == 0))) {
++ if (strcmp(camera_provider, path) == 0 || (strstr(path, "camera") != NULL && (strncmp("/system", path, 7) == 0 || strncmp("/vendor", path, 7) == 0 || strncmp("/apex", path, 5) == 0))) {
ro.zero_on_free = false;
ro.purge_slabs = false;
ro.region_quarantine_protect = false;
diff --git a/Patches/LineageOS-18.1/android_external_hardened_malloc/0002-Broken_Displays.patch b/Patches/LineageOS-18.1/android_external_hardened_malloc/0002-Broken_Displays.patch
new file mode 100644
index 00000000..f645f1a9
--- /dev/null
+++ b/Patches/LineageOS-18.1/android_external_hardened_malloc/0002-Broken_Displays.patch
@@ -0,0 +1,31 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Tad
+Date: Tue, 22 Nov 2022 07:23:10 -0500
+Subject: [PATCH] Add workaround for OnePlus 8 & 9 display driver crash
+
+Change-Id: Ie7a0ca79bb629814e57958d57546f85030b67048
+Signed-off-by: Tad
+---
+ h_malloc.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/h_malloc.c b/h_malloc.c
+index 0308d73..6c3b148 100644
+--- a/h_malloc.c
++++ b/h_malloc.c
+@@ -1209,6 +1209,15 @@ COLD static void handle_bugs(void) {
+ ro.purge_slabs = false;
+ ro.region_quarantine_protect = false;
+ }
++
++ // OnePlus 8 & 9 display composer
++ // https://gitlab.com/divested-mobile/divestos-build/-/issues/19
++ const char hwc[] = "/vendor/bin/hw/vendor.qti.hardware.display.composer-service";
++ if (strcmp(hwc, path) == 0) {
++ ro.zero_on_free = false;
++ ro.purge_slabs = false;
++ ro.region_quarantine_protect = false;
++ }
+ }
+
+ static struct mutex init_lock = MUTEX_INITIALIZER;
diff --git a/Scripts/Common/Fix_CVE_Patchers.sh b/Scripts/Common/Fix_CVE_Patchers.sh
index 3009400b..8aa33eca 100644
--- a/Scripts/Common/Fix_CVE_Patchers.sh
+++ b/Scripts/Common/Fix_CVE_Patchers.sh
@@ -133,7 +133,7 @@ done
declare -a threeDotEighteen=("${threeDotTen[@]}" "android_kernel_samsung_universal8890.sh" "android_kernel_google_dragon.sh" "android_kernel_zte_msm8996.sh" "android_kernel_asus_msm8953.sh" "android_kernel_google_marlin.sh" "android_kernel_motorola_msm8996.sh" "android_kernel_oneplus_msm8996.sh");
for script in "${threeDotEighteen[@]}"
do
- commentPatches $script "0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch" "CVE-2018-16597/4.4" "CVE-2019-19319/4.4" "CVE-2020-0305/4.4" "CVE-2020-0429/4.4" "CVE-2020-8992/4.4" "CVE-2021-1048/4.4" "CVE-2021-3428/4.4" "CVE-2021-20265/4.4" "CVE-2022-1184/4.4/0014.patch" "CVE-2022-1184/4.9/0007.patch" "CVE-2022-40768/4.9/0007.patch" "CVE-2022-40768/4.4/0008.patch" "CVE-2022-47929/4.4" "CVE-2023-0458";
+ commentPatches $script "0008-Graphene-Kernel_Hardening-slub/4.4/0002.patch" "CVE-2018-16597/4.4" "CVE-2019-19319/4.4" "CVE-2020-0305/4.4" "CVE-2020-0429/4.4" "CVE-2020-8992/4.4" "CVE-2021-1048/4.4" "CVE-2021-3428/4.4" "CVE-2021-20265/4.4" "CVE-2022-1184/4.4/0014.patch" "CVE-2022-1184/4.9/0007.patch" "CVE-2022-40768/4.9/0007.patch" "CVE-2022-40768/4.4/0008.patch" "CVE-2022-47929/4.4" "CVE-2023-0458" "CVE-2024-26889";
done
#4.4
declare -a fourDotFour=("${threeDotEighteen[@]}" "android_kernel_essential_msm8998.sh" "android_kernel_fxtec_msm8998.sh" "android_kernel_lge_msm8996.sh" "android_kernel_zuk_msm8996.sh" "android_kernel_xiaomi_sdm660.sh" "android_kernel_sony_sdm660.sh" "android_kernel_razer_msm8998.sh" "android_kernel_oneplus_msm8998.sh" "android_kernel_google_wahoo.sh" "android_kernel_yandex_sdm660.sh" "android_kernel_zuk_msm8996.sh");
diff --git a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh
index e8abd32f..c232f525 100644
--- a/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh
+++ b/Scripts/LineageOS-14.1/CVE_Patchers/android_kernel_samsung_universal8890.sh
@@ -860,7 +860,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_dragon.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_dragon.sh
index db16b582..e244dbb7 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_dragon.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_dragon.sh
@@ -822,7 +822,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_zte_msm8996.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_zte_msm8996.sh
index be385947..52fd97e1 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_zte_msm8996.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_zte_msm8996.sh
@@ -812,7 +812,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_marlin.sh
index af3132d7..2f3823b9 100644
--- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_marlin.sh
+++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_google_marlin.sh
@@ -629,7 +629,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_motorola_msm8996.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
index e46af6b0..96276dde 100644
--- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
+++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
@@ -645,7 +645,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
diff --git a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh
index 725fe7d3..62b1deb6 100644
--- a/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh
+++ b/Scripts/LineageOS-18.1/CVE_Patchers/android_kernel_oneplus_msm8996.sh
@@ -633,7 +633,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26816/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26840/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26851/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26875/4.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26889/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26894/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26901/4.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2024-26955/4.4/0001.patch
diff --git a/Scripts/LineageOS-18.1/Patch.sh b/Scripts/LineageOS-18.1/Patch.sh
index 97270ec1..7bf3e9e9 100644
--- a/Scripts/LineageOS-18.1/Patch.sh
+++ b/Scripts/LineageOS-18.1/Patch.sh
@@ -120,7 +120,14 @@ fi;
if [ "$DOS_GRAPHENE_MALLOC" = true ]; then
if enterAndClear "external/hardened_malloc"; then
-applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras.patch"; #Expand workaround to all camera executables (DivestOS)
+applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras-1.patch"; #Workarounds for Pixel 3 SoC era camera driver bugs (GrapheneOS)
+applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0001-Broken_Cameras-2.patch"; #Expand workaround to all camera executables (DivestOS)
+applyPatch "$DOS_PATCHES/android_external_hardened_malloc/0002-Broken_Displays.patch"; #Add workaround for OnePlus 8 & 9 display driver crash (DivestOS)
+sed -i 's/34359738368/2147483648/' Android.bp; #revert 48-bit address space requirement
+sed -i -e '76,78d;' Android.bp; #fix compile under A13
+sed -i -e '22,24d;' androidtest/Android.bp; #fix compile under A12
+awk -i inplace '!/vendor_ramdisk_available/' Android.bp; #fix compile under A11
+rm -rfv androidtest;
fi;
fi;
diff --git a/Scripts/init.sh b/Scripts/init.sh
index 94402f49..0a697c74 100644
--- a/Scripts/init.sh
+++ b/Scripts/init.sh
@@ -205,3 +205,5 @@ source "$DOS_SCRIPTS/Functions.sh";
[[ -f "$DOS_BUILD_BASE/.repo/local_manifests/roomservice.xml" ]] && echo "roomservice manifest found! Please fix your manifests before continuing!";
[[ -f "$DOS_BUILD_BASE/DOS_PATCHED_FLAG" ]] && echo "NOTE: THIS WORKSPACE IS ALREADY PATCHED, PLEASE RESET BEFORE PATCHING AGAIN!";
+
+if grep -sq "orphan_file" "/etc/mke2fs.conf"; then echo "NOTE: YOU MUST REMOVE orphan_file AND metadata_csum_seed FROM /etc/mke2fs.conf"; fi;