diff --git a/Manifests/Manifest_LAOS-18.1.xml b/Manifests/Manifest_LAOS-18.1.xml
index aa777a0b..a47bb297 100644
--- a/Manifests/Manifest_LAOS-18.1.xml
+++ b/Manifests/Manifest_LAOS-18.1.xml
@@ -70,6 +70,11 @@
+
+
+
+
diff --git a/Patches/Common/android_system_core/0001-HM-Increase_vm_mmc.patch b/Patches/LineageOS-16.0/android_system_core/0002-HM-Increase_vm_mmc.patch
similarity index 100%
rename from Patches/Common/android_system_core/0001-HM-Increase_vm_mmc.patch
rename to Patches/LineageOS-16.0/android_system_core/0002-HM-Increase_vm_mmc.patch
diff --git a/Patches/LineageOS-18.1/android_bionic/0001-HM-Use_HM.patch b/Patches/LineageOS-18.1/android_bionic/0001-HM-Use_HM.patch
new file mode 100644
index 00000000..566d4ea9
--- /dev/null
+++ b/Patches/LineageOS-18.1/android_bionic/0001-HM-Use_HM.patch
@@ -0,0 +1,161 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Daniel Micay
+Date: Wed, 5 Dec 2018 01:51:56 -0500
+Subject: [PATCH] use Scudo on 32-bit and hardened_malloc on 64-bit
+
+Co-authored-by: anupritaisno1
+Signed-off-by: anupritaisno1
+Change-Id: Ib26dd69ff3bdcf4703ad51541ccb422e31a7c92d
+[tad@spotco.us]: disabled scudo for 32-bit like Lineage
+---
+ libc/Android.bp | 36 +++++++++++++---------
+ libc/bionic/h_malloc_wrapper.cpp | 51 ++++++++++++++++++++++++++++++++
+ libc/bionic/malloc_common.h | 8 +++++
+ 3 files changed, 81 insertions(+), 14 deletions(-)
+ create mode 100644 libc/bionic/h_malloc_wrapper.cpp
+
+diff --git a/libc/Android.bp b/libc/Android.bp
+index ce714054a..78a7ef23c 100644
+--- a/libc/Android.bp
++++ b/libc/Android.bp
+@@ -50,6 +50,8 @@ libc_common_flags = [
+
+ // GWP-ASan requires platform TLS.
+ "-fno-emulated-tls",
++
++ "-DH_MALLOC_PREFIX",
+ ]
+
+ // Define some common cflags
+@@ -122,20 +124,18 @@ libc32_scudo_product_variables = {
+ // ========================================================
+ cc_defaults {
+ name: "libc_native_allocator_defaults",
+-
+- whole_static_libs: [
+- "libjemalloc5",
+- "libc_jemalloc_wrapper",
+- ],
+- header_libs: ["gwp_asan_headers"],
++ whole_static_libs: ["libc_jemalloc_wrapper"],
+ multilib: {
+- lib64: {
+- product_variables: libc_scudo_product_variables,
+- },
+ lib32: {
+ product_variables: libc32_scudo_product_variables,
+- }
++ },
++ lib64: {
++ cflags: ["-DH_MALLOC_PREFIX"],
++ whole_static_libs: ["libhardened_malloc"],
++ },
+ },
++
++ header_libs: ["gwp_asan_headers"],
+ }
+
+ // Functions not implemented by jemalloc directly, or that need to
+@@ -143,12 +143,20 @@ cc_defaults {
+ cc_library_static {
+ name: "libc_jemalloc_wrapper",
+ defaults: ["libc_defaults"],
+- srcs: ["bionic/jemalloc_wrapper.cpp"],
++ multilib: {
++ lib32: {
++ // Used to pull in the jemalloc/hardened_malloc include directory so that if the
++ // library is removed, the include directory is also removed.
++ srcs: ["bionic/jemalloc_wrapper.cpp"],
++ static_libs: ["libjemalloc5"],
++ },
++ lib64: {
++ srcs: ["bionic/h_malloc_wrapper.cpp"],
++ static_libs: ["libhardened_malloc"],
++ },
++ },
+ cflags: ["-fvisibility=hidden"],
+
+- // Used to pull in the jemalloc include directory so that if the
+- // library is removed, the include directory is also removed.
+- static_libs: ["libjemalloc5"],
+ }
+
+ // ========================================================
+diff --git a/libc/bionic/h_malloc_wrapper.cpp b/libc/bionic/h_malloc_wrapper.cpp
+new file mode 100644
+index 000000000..5fb0968c2
+--- /dev/null
++++ b/libc/bionic/h_malloc_wrapper.cpp
+@@ -0,0 +1,51 @@
++#include
++#include
++#include
++#include
++
++#include
++
++#include "h_malloc.h"
++
++__BEGIN_DECLS
++int h_malloc_info(int options, FILE* fp);
++__END_DECLS
++
++int h_malloc_info(int options, FILE* fp) {
++ if (options != 0) {
++ errno = EINVAL;
++ return -1;
++ }
++
++ fflush(fp);
++ int fd = fileno(fp);
++ MallocXmlElem root(fd, "malloc", "version=\"jemalloc-1\"");
++
++ // Dump all of the large allocations in the arenas.
++ for (size_t i = 0; i < h_mallinfo_narenas(); i++) {
++ struct mallinfo mi = h_mallinfo_arena_info(i);
++ if (mi.hblkhd != 0) {
++ MallocXmlElem arena_elem(fd, "heap", "nr=\"%d\"", i);
++ {
++ MallocXmlElem(fd, "allocated-large").Contents("%zu", mi.ordblks);
++ MallocXmlElem(fd, "allocated-huge").Contents("%zu", mi.uordblks);
++ MallocXmlElem(fd, "allocated-bins").Contents("%zu", mi.fsmblks);
++
++ size_t total = 0;
++ for (size_t j = 0; j < h_mallinfo_nbins(); j++) {
++ struct mallinfo mi = h_mallinfo_bin_info(i, j);
++ if (mi.ordblks != 0) {
++ MallocXmlElem bin_elem(fd, "bin", "nr=\"%d\"", j);
++ MallocXmlElem(fd, "allocated").Contents("%zu", mi.ordblks);
++ MallocXmlElem(fd, "nmalloc").Contents("%zu", mi.uordblks);
++ MallocXmlElem(fd, "ndalloc").Contents("%zu", mi.fordblks);
++ total += mi.ordblks;
++ }
++ }
++ MallocXmlElem(fd, "bins-total").Contents("%zu", total);
++ }
++ }
++ }
++
++ return 0;
++}
+diff --git a/libc/bionic/malloc_common.h b/libc/bionic/malloc_common.h
+index 4afcc4a8d..cca9e5202 100644
+--- a/libc/bionic/malloc_common.h
++++ b/libc/bionic/malloc_common.h
+@@ -67,8 +67,16 @@ __END_DECLS
+
+ #else
+
++#ifdef __LP64__
++#include "h_malloc.h"
++#define Malloc(function) h_ ## function
++__BEGIN_DECLS
++int h_malloc_info(int options, FILE* fp);
++__END_DECLS
++#else
+ #include "jemalloc.h"
+ #define Malloc(function) je_ ## function
++#endif
+
+ #endif
+
diff --git a/Patches/LineageOS-18.1/android_build_soong/0002-hm_apex.patch b/Patches/LineageOS-18.1/android_build_soong/0002-hm_apex.patch
new file mode 100644
index 00000000..748c6a81
--- /dev/null
+++ b/Patches/LineageOS-18.1/android_build_soong/0002-hm_apex.patch
@@ -0,0 +1,21 @@
+From 4e6320c247b78f456a83a0393360e7be1105eb5a Mon Sep 17 00:00:00 2001
+From: anupritaisno1
+Date: Sun, 13 Sep 2020 09:35:41 +0000
+Subject: [PATCH] make hardened malloc available to apexes
+
+---
+ apex/apex.go | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/apex/apex.go b/apex/apex.go
+index 7da8e1cf2..66534426a 100644
+--- a/apex/apex.go
++++ b/apex/apex.go
+@@ -570,6 +570,7 @@ func makeApexAvailableBaseline() map[string][]string {
+ "libdexfile_support",
+ "libdexfile_support_static",
+ "libdl_static",
++ "libhardened_malloc",
+ "libjemalloc5",
+ "liblinker_main",
+ "liblinker_malloc",
diff --git a/Patches/LineageOS-18.1/android_system_core/0003-HM-Increase_vm_mmc.patch b/Patches/LineageOS-18.1/android_system_core/0003-HM-Increase_vm_mmc.patch
new file mode 100644
index 00000000..ece79ff4
--- /dev/null
+++ b/Patches/LineageOS-18.1/android_system_core/0003-HM-Increase_vm_mmc.patch
@@ -0,0 +1,22 @@
+From 8c0f3c0e04d279daf9f0e9a338c698ed95a026b6 Mon Sep 17 00:00:00 2001
+From: Daniel Micay
+Date: Thu, 13 Dec 2018 09:26:25 -0500
+Subject: [PATCH] increase max_map_count for hardened malloc
+
+---
+ rootdir/init.rc | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index a9af0b094da..9dd54445781 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -854,6 +854,8 @@ on boot
+ chown root system /sys/block/zram0/writeback
+ chmod 0664 /sys/block/zram0/writeback
+
++ write /proc/sys/vm/max_map_count 1048576
++
+ # Tweak background writeout
+ write /proc/sys/vm/dirty_expire_centisecs 200
+ write /proc/sys/vm/dirty_background_ratio 5
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index 469898d1..b956952f 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -301,7 +301,7 @@ if enterAndClear "system/core"; then
if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
git revert --no-edit b3609d82999d23634c5e6db706a3ecbc5348309a; #Always update recovery
applyPatch "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysctl changes (GrapheneOS)
-if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES_COMMON/android_system_core/0001-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
+if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_system_core/0002-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
fi;
if enterAndClear "system/extras"; then
diff --git a/Scripts/LineageOS-18.1/Patch.sh b/Scripts/LineageOS-18.1/Patch.sh
index 5aed3f81..5ba58058 100644
--- a/Scripts/LineageOS-18.1/Patch.sh
+++ b/Scripts/LineageOS-18.1/Patch.sh
@@ -59,6 +59,10 @@ if enterAndClear "art"; then
if [ "$DOS_GRAPHENE_CONSTIFY" = true ]; then applyPatch "$DOS_PATCHES/android_art/0001-constify_JNINativeMethod.patch"; fi; #Constify JNINativeMethod tables (GrapheneOS)
fi;
+#if enterAndClear "bionic"; then
+#if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_bionic/0001-HM-Use_HM.patch"; fi; #(GrapheneOS) #XXX: needs to be verified
+#fi;
+
if enterAndClear "bootable/recovery"; then
applyPatch "$DOS_PATCHES/android_bootable_recovery/0001-No_SerialNum_Restrictions.patch"; #Abort package installs if they are specific to a serial number (GrapheneOS)
fi;
@@ -76,6 +80,7 @@ fi;
if enterAndClear "build/soong"; then
applyPatch "$DOS_PATCHES/android_build_soong/0001-Enable_fwrapv.patch"; #Use -fwrapv at a minimum (GrapheneOS)
+#if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_bionic/0002-hm_apex.patch"; fi; #(GrapheneOS)
fi;
if enterAndClear "device/qcom/sepolicy-legacy"; then
@@ -317,6 +322,7 @@ if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/h
git revert --no-edit e8dcabaf6b55ec55eb73c4585501ddbafc04fc9b 79f606ece6b74652d374eb4f79de309a0aa81360; #insanity
applyPatch "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysctl changes (GrapheneOS)
if [ "$DOS_GRAPHENE_PTRACE_SCOPE" = true ]; then applyPatch "$DOS_PATCHES/android_system_core/0002-ptrace_scope.patch"; fi; #Add a property for controlling ptrace_scope (GrapheneOS)
+#if [ "$DOS_GRAPHENE_MALLOC" = true ]; then applyPatch "$DOS_PATCHES/android_system_core/0003-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
fi;
if enterAndClear "system/extras"; then
diff --git a/Scripts/init.sh b/Scripts/init.sh
index d3466d43..2aeeca6b 100644
--- a/Scripts/init.sh
+++ b/Scripts/init.sh
@@ -58,8 +58,8 @@ export DOS_DEBLOBBER_REPLACE_TIME=false; #Set true to replace Qualcomm Time Serv
#Features
export DOS_GPS_GLONASS_FORCED=false; #Enables GLONASS on all devices
export DOS_GRAPHENE_CONSTIFY=true; #Enables 'Constify JNINativeMethod tables' patchset on 16.0+17.1+18.1
-export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms on 16.0+17.1
-export DOS_GRAPHENE_EXEC=false; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1 XXX: broken (just on 17.1?)
+export DOS_GRAPHENE_MALLOC=true; #Enables use of GrapheneOS' hardened memory allocator on 64-bit platforms on 16.0+17.1+18.1
+export DOS_GRAPHENE_EXEC=false; #Enables use of GrapheneOS' exec spawning feature on 16.0+17.1+18.1 XXX: broken (just on 17.1?)
export DOS_GRAPHENE_PTRACE_SCOPE=true; #Enables the ptrace_scope toggle patchset on 18.1
export DOS_GRAPHENE_NETWORK_PERM=true; #Enables use of GrapheneOS' NETWORK permission on 17.1+18.1
export DOS_HOSTS_BLOCKING=true; #Set false to prevent inclusion of a HOSTS file