diff --git a/Manifests/Manifest_LAOS-17.1.xml b/Manifests/Manifest_LAOS-17.1.xml
new file mode 100644
index 00000000..51c2cade
--- /dev/null
+++ b/Manifests/Manifest_LAOS-17.1.xml
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<manifest>
+
+<!-- START OF UNNECESSARY REPO REMOVAL -->
+	<remove-project name="device/generic/goldfish-opengl" />
+	<remove-project name="device/generic/mini-emulator-arm64" />
+	<remove-project name="device/generic/mini-emulator-armv7-a-neon" />
+	<remove-project name="device/generic/mini-emulator-x86" />
+	<remove-project name="device/generic/mini-emulator-x86_64" />
+	<remove-project name="device/generic/qemu" />
+	<remove-project name="device/sample" />
+	<remove-project name="LineageOS/android_device_generic_goldfish" />
+	<remove-project name="LineageOS/android_external_ant-wireless_ant_native" />
+	<remove-project name="LineageOS/android_external_ant-wireless_ant_service" />
+	<remove-project name="LineageOS/android_external_bash" />
+	<remove-project name="LineageOS/android_external_htop" />
+	<remove-project name="LineageOS/android_external_libncurses" />
+	<remove-project name="LineageOS/android_external_nano" />
+	<remove-project name="LineageOS/android_external_openssh" />
+	<remove-project name="LineageOS/android_external_p7zip" />
+	<remove-project name="LineageOS/android_external_rsync" />
+	<remove-project name="LineageOS/android_external_unrar" />
+	<remove-project name="LineageOS/android_external_vim" />
+	<remove-project name="LineageOS/android_packages_apps_Jelly" />
+	<remove-project name="LineageOS/android_packages_apps_Stk" />
+	<remove-project name="LineageOS/android_packages_apps_StorageManager" />
+	<remove-project name="LineageOS/android_packages_apps_Terminal" />
+	<remove-project name="LineageOS/android_packages_apps_Traceur" />
+	<remove-project name="LineageOS/android_packages_providers_PartnerBookmarksProvider" />
+	<remove-project name="LineageOS/android_packages_screensavers_Basic" />
+	<remove-project name="LineageOS/android_packages_screensavers_PhotoTable" />
+	<remove-project name="LineageOS/ansible" />
+	<remove-project name="LineageOS/charter" />
+	<remove-project name="LineageOS/cm_crowdin" />
+	<remove-project name="LineageOS/contributors-cloud-generator" />
+	<remove-project name="LineageOS/cve_tracker" />
+	<remove-project name="LineageOS/hudson" />
+	<remove-project name="LineageOS/lineage_wiki" />
+	<remove-project name="LineageOS/mirror" />
+	<remove-project name="LineageOS/scripts" />
+	<remove-project name="LineageOS/slackbot" />
+	<remove-project name="LineageOS/www" />
+<!-- END OF UNNECESSARY REPO REMOVAL -->
+
+<!-- START OF BRANCH SWITCHING -->
+	<!--<remove-project name="platform/external/swiftshader" />
+	<project path="external/swiftshader" name="google/swiftshader" remote="github" revision="master" />-->
+
+	<!--<remove-project name="LineageOS/android_bootable_recovery" />
+	<project path="bootable/recovery" name="platform/bootable/recovery" groups="pdk" remote="aosp" />-->
+<!-- END OF BRANCH SWITCHING -->
+
+<!-- START OF ADDITIONAL REPOS -->
+	<project path="external/svox" name="platform/external/svox" groups="pdk" remote="aosp" revision="master" />
+	<project path="prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" name="platform/prebuilts/gcc/linux-x86/arm/arm-eabi-4.8" groups="pdk,linux,arm" clone-depth="1" remote="aosp" revision="refs/tags/android-8.1.0_r52" />
+
+	<!-- Backup
+	<remote name="stevesoltys-github" fetch="https://github.com/stevesoltys/" revision="refs/heads/master" />
+	<project path="packages/apps/Backup" name="backup" remote="stevesoltys-github" /> -->
+
+	<!-- F-Droid -->
+	<remote name="fdroid" fetch="https://gitlab.com/fdroid/" />
+
+	<!-- GrapheneOS -->
+	<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="10" />
+
+	<!-- WireGuard -->
+	<remote name="zx2c4" fetch="https://git.zx2c4.com/" />
+	<project name="android_kernel_wireguard" path="kernel/wireguard" remote="zx2c4" revision="master" sync-s="true" />
+<!-- END OF ADDITIONAL REPOS -->
+
+<!-- START OF DEVICE REPOS -->
+	<!-- Common -->
+	<project path="system/qcom" name="LineageOS/android_system_qcom" remote="github" />
+	<project path="external/bson" name="LineageOS/android_external_bson" remote="github" />
+	<project path="external/sony/boringssl-compat" name="LineageOS/android_external_sony_boringssl-compat" remote="github" />
+	<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />
+	<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />
+	<project path="kernel/google/msm" name="LineageOS/android_kernel_google_msm" remote="github" />
+
+	<!-- Essential PH-1 (mata) -->
+	<project path="device/essential/mata" name="LineageOS/android_device_essential_mata" remote="github" />
+	<project path="kernel/essential/msm8998" name="LineageOS/android_kernel_essential_msm8998" remote="github" />
+
+	<!-- Fairphone 2 (FP2) -->
+	<project path="device/fairphone/FP2" name="LineageOS/android_device_fairphone_FP2" remote="github" />
+	<project path="kernel/fairphone/msm8974" name="LineageOS/android_kernel_fairphone_msm8974" remote="github" />
+
+	<!-- Google Pixel (marlin/sailfish) -->
+	<project path="device/google/marlin" name="LineageOS/android_device_google_marlin" remote="github" />
+	<project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" />
+	<project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" />
+
+	<!-- HTC One (m8) -->
+	<project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" />
+	<project path="device/htc/m8-common" name="LineageOS/android_device_htc_m8-common" remote="github" />
+	<project path="device/htc/msm8974-common" name="LineageOS/android_device_htc_msm8974-common" remote="github" />
+	<project path="kernel/htc/msm8974" name="LineageOS/android_kernel_htc_msm8974" remote="github" />
+
+	<!-- LG G2 (d802) -->
+	<project path="device/lge/g2-common" name="LineageOS/android_device_lge_g2-common" remote="github" />
+	<project path="device/lge/d802" name="LineageOS/android_device_lge_d802" remote="github" />
+	<project path="kernel/lge/msm8974" name="LineageOS/android_kernel_lge_msm8974" remote="github" />
+
+	<!-- LG G3 (d855) -->
+	<project path="device/lge/g3-common" name="LineageOS/android_device_lge_g3-common" remote="github" />
+	<project path="device/lge/d852" name="LineageOS/android_device_lge_d852" remote="github" />
+	<project path="device/lge/d855" name="LineageOS/android_device_lge_d855" remote="github" />
+	<project path="kernel/lge/g3" name="LineageOS/android_kernel_lge_g3" remote="github" />
+
+	<!-- Moto X 2014 (victara) -->
+	<project path="device/motorola/victara" name="LineageOS/android_device_motorola_victara" remote="github" />
+	<project path="kernel/motorola/msm8974" name="LineageOS/android_kernel_motorola_msm8974" remote="github" />
+
+	<!-- Moto Z (griffin) -->
+	<project path="device/motorola/griffin" name="LineageOS/android_device_motorola_griffin" remote="github" />
+	<project path="kernel/motorola/msm8996" name="LineageOS/android_kernel_motorola_msm8996" remote="github" />
+
+        <!-- Nexus 4 (mako) -->
+        <project path="device/lge/mako" name="voron00/android_device_lge_mako" remote="github" />
+        <project path="kernel/lge/mako" name="voron00/android_kernel_lge_mako" remote="github" />
+
+	<!-- Nexus 6 (shamu) -->
+	<project path="device/moto/shamu" name="LineageOS/android_device_moto_shamu" remote="github" />
+	<project path="kernel/moto/shamu" name="LineageOS/android_kernel_moto_shamu" remote="github" />
+
+	<!-- Razer Phone (cheryl) -->
+	<project path="device/razer/cheryl" name="LineageOS/android_device_razer_cheryl" remote="github" />
+	<project path="kernel/razer/msm8998" name="LineageOS/android_kernel_razer_msm8998" remote="github" />
+
+	<!-- Samsung Common -->
+	<project path="device/samsung/qcom-common" name="LineageOS/android_device_samsung_qcom-common" remote="github" />
+	<project path="hardware/samsung" name="LineageOS/android_hardware_samsung" remote="github" />
+
+	<!-- Samsung Galaxy S4 (jfltexx) -->
+	<project path="device/samsung/jfltexx" name="LineageOS/android_device_samsung_jfltexx" remote="github" />
+	<project path="device/samsung/jf-common" name="LineageOS/android_device_samsung_jf-common" remote="github" />
+	<project path="kernel/samsung/jf" name="LineageOS/android_kernel_samsung_jf" remote="github" />
+
+	<!-- Yandex Phone (Amber) -->
+	<project path="device/yandex/Amber" name="LineageOS/android_device_yandex_Amber" remote="github" />
+	<project path="kernel/yandex/sdm660" name="LineageOS/android_kernel_yandex_sdm660" remote="github" />
+
+	<!-- Zuk Z2 Plus (z2_plus) -->
+	<project path="device/zuk/z2_plus" name="LineageOS/android_device_zuk_z2_plus" remote="github" />
+	<project path="device/zuk/msm8996-common" name="LineageOS/android_device_zuk_msm8996-common" remote="github" />
+	<project path="kernel/zuk/msm8996" name="LineageOS/android_kernel_zuk_msm8996" remote="github" />
+
+</manifest>
diff --git a/Patches/LineageOS-16.0/android_build/0001-rm_backuptool.patch b/Patches/LineageOS-16.0/android_build/0001-rm_backuptool.patch
deleted file mode 100644
index 9a5c0657..00000000
--- a/Patches/LineageOS-16.0/android_build/0001-rm_backuptool.patch
+++ /dev/null
@@ -1,173 +0,0 @@
-From db5ded424e8deb8a2a75d86e35b9079992491e85 Mon Sep 17 00:00:00 2001
-From: Tad <tad@spotco.us>
-Date: Sat, 22 Feb 2020 20:20:24 -0500
-Subject: [PATCH] Nuke backuptool
-
-Change-Id: I58d3adf67e20d9c4e49df8cd70769d9304da00c1
----
- core/Makefile                               | 14 ---------
- tools/releasetools/edify_generator.py       |  9 ------
- tools/releasetools/ota_from_target_files.py | 35 +--------------------
- 3 files changed, 1 insertion(+), 57 deletions(-)
-
-diff --git a/core/Makefile b/core/Makefile
-index 404bb5413..48778bfc1 100644
---- a/core/Makefile
-+++ b/core/Makefile
-@@ -2837,9 +2837,6 @@ ifneq (,$(INSTALLED_RECOVERYIMAGE_TARGET)$(filter true,$(BOARD_USES_RECOVERY_AS_
- 	$(hide) mkdir -p $(zip_root)/$(PRIVATE_RECOVERY_OUT)
- 	$(hide) $(call package_files-copy-root, \
- 		$(TARGET_RECOVERY_ROOT_OUT),$(zip_root)/$(PRIVATE_RECOVERY_OUT)/RAMDISK)
--	@# OTA install helpers
--	$(hide) $(call package_files-copy-root, \
--		$(PRODUCT_OUT)/install,$(zip_root)/INSTALL)
- ifdef INSTALLED_KERNEL_TARGET
- 	$(hide) cp $(INSTALLED_KERNEL_TARGET) $(zip_root)/$(PRIVATE_RECOVERY_OUT)/kernel
- endif
-@@ -3195,16 +3192,6 @@ else
-     OTA_SCRIPT_OVERRIDE_DEVICE := $(TARGET_OTA_ASSERT_DEVICE)
- endif
- 
--ifeq ($(WITH_GMS),true)
--    $(INTERNAL_OTA_PACKAGE_TARGET): backuptool := false
--else
--ifneq ($(LINEAGE_BUILD),)
--    $(INTERNAL_OTA_PACKAGE_TARGET): backuptool := true
--else
--    $(INTERNAL_OTA_PACKAGE_TARGET): backuptool := false
--endif
--endif
--
- $(INTERNAL_OTA_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) \
- 		build/make/tools/releasetools/ota_from_target_files
- 	@echo "Package OTA: $@"
-@@ -3214,7 +3201,6 @@ $(INTERNAL_OTA_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) \
- 	   --extracted_input_target_files $(patsubst %.zip,%,$(BUILT_TARGET_FILES_PACKAGE)) \
- 	   -p $(HOST_OUT) \
- 	   -k $(KEY_CERT_PAIR) \
--	   --backup=$(backuptool) \
- 	   $(if $(OEM_OTA_CONFIG), -o $(OEM_OTA_CONFIG)) \
- 	   $(BUILT_TARGET_FILES_PACKAGE) $@
- 
-diff --git a/tools/releasetools/edify_generator.py b/tools/releasetools/edify_generator.py
-index 59f9d8831..040a57b57 100644
---- a/tools/releasetools/edify_generator.py
-+++ b/tools/releasetools/edify_generator.py
-@@ -164,9 +164,6 @@ class EdifyGenerator(object):
-            ");")
-     self.script.append(self.WordWrap(cmd))
- 
--  def RunBackup(self, command):
--    self.script.append(('run_program("/tmp/install/bin/backuptool.sh", "%s");' % command))
--
-   def ShowProgress(self, frac, dur):
-     """Update the progress bar, advancing it over 'frac' over the next
-     'dur' seconds.  'dur' may be zero to advance it via SetProgress
-@@ -238,12 +235,6 @@ class EdifyGenerator(object):
-           p.mount_point, mount_flags))
-       self.mounts.add(p.mount_point)
- 
--  def Unmount(self, mount_point):
--    """Unmount the partition with the given mount_point."""
--    if mount_point in self.mounts:
--      self.mounts.remove(mount_point)
--      self.script.append('unmount("%s");' % (mount_point,))
--
-   def UnpackPackageDir(self, src, dst):
-     """Unpack a given directory from the OTA package into the given
-     destination directory."""
-diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py
-index 089e776fe..5bc022d0b 100755
---- a/tools/releasetools/ota_from_target_files.py
-+++ b/tools/releasetools/ota_from_target_files.py
-@@ -159,10 +159,6 @@ Usage:  ota_from_target_files [flags] input_target_files output_ota_package
- 
-   --override_device <device>
-       Override device-specific asserts. Can be a comma-separated list.
--
--  --backup <boolean>
--      Enable or disable the execution of backuptool.sh.
--      Disabled by default.
- """
- 
- from __future__ import print_function
-@@ -215,12 +211,11 @@ OPTIONS.extracted_input = None
- OPTIONS.key_passwords = []
- OPTIONS.skip_postinstall = False
- OPTIONS.override_device = 'auto'
--OPTIONS.backuptool = False
- 
- 
- METADATA_NAME = 'META-INF/com/android/metadata'
- POSTINSTALL_CONFIG = 'META/postinstall_config.txt'
--UNZIP_PATTERN = ['IMAGES/*', 'META/*', 'INSTALL/*']
-+UNZIP_PATTERN = ['IMAGES/*', 'META/*']
- 
- 
- class BuildInfo(object):
-@@ -721,15 +716,6 @@ def AddCompatibilityArchiveIfTrebleEnabled(target_zip, output_zip, target_info,
-   AddCompatibilityArchive(system_updated, vendor_updated)
- 
- 
--def CopyInstallTools(output_zip):
--  install_path = os.path.join(OPTIONS.input_tmp, "INSTALL")
--  for root, subdirs, files in os.walk(install_path):
--     for f in files:
--      install_source = os.path.join(root, f)
--      install_target = os.path.join("install", os.path.relpath(root, install_path), f)
--      output_zip.write(install_source, install_target)
--
--
- def WriteFullOTAPackage(input_zip, output_file):
-   target_info = BuildInfo(OPTIONS.info_dict, OPTIONS.oem_dicts)
- 
-@@ -823,16 +809,6 @@ else if get_stage("%(bcb_dev)s") == "3/3" then
-   script.AppendExtra("ifelse(is_mounted(\"/system\"), unmount(\"/system\"));")
-   device_specific.FullOTA_InstallBegin()
- 
--  CopyInstallTools(output_zip)
--  script.UnpackPackageDir("install", "/tmp/install")
--  script.SetPermissionsRecursive("/tmp/install", 0, 0, 0755, 0644, None, None)
--  script.SetPermissionsRecursive("/tmp/install/bin", 0, 0, 0755, 0755, None, None)
--
--  if OPTIONS.backuptool:
--    script.Mount("/system")
--    script.RunBackup("backup")
--    script.Unmount("/system")
--
-   system_progress = 0.75
- 
-   if OPTIONS.wipe_user_data:
-@@ -874,12 +850,6 @@ else if get_stage("%(bcb_dev)s") == "3/3" then
- 
-   device_specific.FullOTA_PostValidate()
- 
--  if OPTIONS.backuptool:
--    script.ShowProgress(0.02, 10)
--    script.Mount("/system")
--    script.RunBackup("restore")
--    script.Unmount("/system")
--
-   script.ShowProgress(0.05, 5)
-   script.WriteRawImage("/boot", "boot.img")
- 
-@@ -1872,8 +1842,6 @@ def main(argv):
-       OPTIONS.skip_postinstall = True
-     elif o in ("--override_device"):
-       OPTIONS.override_device = a
--    elif o in ("--backup"):
--      OPTIONS.backuptool = bool(a.lower() == 'true')
-     else:
-       return False
-     return True
-@@ -1905,7 +1873,6 @@ def main(argv):
-                                  "extracted_input_target_files=",
-                                  "skip_postinstall",
-                                  "override_device=",
--                                 "backup=",
-                              ], extra_option_handler=option_handler)
- 
-   if len(args) != 2:
--- 
-2.24.1
-
diff --git a/Patches/LineageOS-17.1/android_bionic/0001-HM-Use_HM.patch b/Patches/LineageOS-17.1/android_bionic/0001-HM-Use_HM.patch
new file mode 100644
index 00000000..f245f5c6
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_bionic/0001-HM-Use_HM.patch
@@ -0,0 +1,181 @@
+From 010949662f6579419dd310606bf1418dbd53a971 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 5 Dec 2018 01:51:56 -0500
+Subject: [PATCH] add hardened_malloc library
+
+---
+ libc/Android.bp                  | 38 ++++++++++++++++++++-----
+ libc/bionic/h_malloc_wrapper.cpp | 49 ++++++++++++++++++++++++++++++++
+ libc/bionic/malloc_common.h      |  8 ++++++
+ 3 files changed, 88 insertions(+), 7 deletions(-)
+ create mode 100644 libc/bionic/h_malloc_wrapper.cpp
+
+diff --git a/libc/Android.bp b/libc/Android.bp
+index 47fccde7e..7c3f57fba 100644
+--- a/libc/Android.bp
++++ b/libc/Android.bp
+@@ -52,6 +52,8 @@ libc_common_flags = [
+     // Clang's exit-time destructor registration hides __dso_handle, but
+     // __dso_handle needs to have default visibility on ARM32. See b/73485611.
+     "-Wexit-time-destructors",
++
++    "-DH_MALLOC_PREFIX",
+ ]
+ 
+ // Define some common cflags
+@@ -65,9 +67,17 @@ cc_defaults {
+     cppflags: [],
+     include_dirs: [
+         "bionic/libc/async_safe/include",
+-        "external/jemalloc_new/include",
+     ],
+ 
++    multilib: {
++        lib32: {
++            include_dirs: ["external/jemalloc_new/include"],
++        },
++        lib64: {
++            include_dirs: ["external/hardened_malloc/"],
++        },
++    },
++
+     stl: "none",
+     system_shared_libs: [],
+     sanitize: {
+@@ -92,7 +102,6 @@ cc_defaults {
+ // TLS slot.
+ 
+ cc_library_static {
+-
+     srcs: [
+         "bionic/__libc_init_main_thread.cpp",
+         "bionic/__stack_chk_fail.cpp",
+@@ -1309,6 +1318,10 @@ cc_library_static {
+     multilib: {
+         lib32: {
+             srcs: libc_common_src_files_32,
++            whole_static_libs: ["libjemalloc5"],
++        },
++        lib64: {
++            whole_static_libs: ["libhardened_malloc"],
+         },
+     },
+     arch: {
+@@ -1342,7 +1355,6 @@ cc_library_static {
+         "libc_syscalls",
+         "libc_tzcode",
+         "libm",
+-        "libjemalloc5",
+         "libstdc++",
+     ],
+ }
+@@ -1480,7 +1492,14 @@ cc_library_static {
+ // ========================================================
+ cc_library_static {
+     defaults: ["libc_defaults"],
+-    srcs: ["bionic/jemalloc_wrapper.cpp"],
++    multilib: {
++        lib32: {
++            srcs: ["bionic/jemalloc_wrapper.cpp"],
++        },
++        lib64: {
++            srcs: ["bionic/h_malloc_wrapper.cpp"],
++        },
++    },
+     cflags: ["-fvisibility=hidden"],
+ 
+     name: "libc_malloc",
+@@ -1578,9 +1597,14 @@ cc_library {
+     static_libs: [
+         "libdl_android",
+     ],
+-    whole_static_libs: [
+-        "libjemalloc5",
+-    ],
++    multilib: {
++        lib32: {
++            whole_static_libs: ["libjemalloc5"],
++        },
++        lib64: {
++            whole_static_libs: ["libhardened_malloc"],
++        },
++    },
+ 
+     nocrt: true,
+ 
+diff --git a/libc/bionic/h_malloc_wrapper.cpp b/libc/bionic/h_malloc_wrapper.cpp
+new file mode 100644
+index 000000000..5733293a9
+--- /dev/null
++++ b/libc/bionic/h_malloc_wrapper.cpp
+@@ -0,0 +1,49 @@
++#include <errno.h>
++#include <malloc.h>
++#include <sys/param.h>
++#include <unistd.h>
++
++#include <private/MallocXmlElem.h>
++
++#include "h_malloc.h"
++
++__BEGIN_DECLS
++int h_malloc_info(int options, FILE* fp);
++__END_DECLS
++
++int h_malloc_info(int options, FILE* fp) {
++  if (options != 0) {
++    errno = EINVAL;
++    return -1;
++  }
++
++  MallocXmlElem root(fp, "malloc", "version=\"jemalloc-1\"");
++
++  // Dump all of the large allocations in the arenas.
++  for (size_t i = 0; i < h_mallinfo_narenas(); i++) {
++    struct mallinfo mi = h_mallinfo_arena_info(i);
++    if (mi.hblkhd != 0) {
++      MallocXmlElem arena_elem(fp, "heap", "nr=\"%d\"", i);
++      {
++        MallocXmlElem(fp, "allocated-large").Contents("%zu", mi.ordblks);
++        MallocXmlElem(fp, "allocated-huge").Contents("%zu", mi.uordblks);
++        MallocXmlElem(fp, "allocated-bins").Contents("%zu", mi.fsmblks);
++
++        size_t total = 0;
++        for (size_t j = 0; j < h_mallinfo_nbins(); j++) {
++          struct mallinfo mi = h_mallinfo_bin_info(i, j);
++          if (mi.ordblks != 0) {
++            MallocXmlElem bin_elem(fp, "bin", "nr=\"%d\"", j);
++            MallocXmlElem(fp, "allocated").Contents("%zu", mi.ordblks);
++            MallocXmlElem(fp, "nmalloc").Contents("%zu", mi.uordblks);
++            MallocXmlElem(fp, "ndalloc").Contents("%zu", mi.fordblks);
++            total += mi.ordblks;
++          }
++        }
++        MallocXmlElem(fp, "bins-total").Contents("%zu", total);
++      }
++    }
++  }
++
++  return 0;
++}
+diff --git a/libc/bionic/malloc_common.h b/libc/bionic/malloc_common.h
+index 2176e634d..e2c1910d2 100644
+--- a/libc/bionic/malloc_common.h
++++ b/libc/bionic/malloc_common.h
+@@ -62,8 +62,16 @@ __END_DECLS
+ 
+ #else
+ 
++#ifdef __LP64__
++#include "h_malloc.h"
++#define Malloc(function)  h_ ## function
++__BEGIN_DECLS
++int h_malloc_info(int options, FILE* fp);
++__END_DECLS
++#else
+ #include "jemalloc.h"
+ #define Malloc(function)  je_ ## function
++#endif
+ 
+ #endif
+ 
diff --git a/Patches/LineageOS-17.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch b/Patches/LineageOS-17.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
new file mode 100644
index 00000000..52de3921
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
@@ -0,0 +1,34 @@
+From 41c2cb884b69e04e2e7a6404b580aafc4b2ceba7 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 12 Feb 2018 02:41:09 -0500
+Subject: [PATCH] TEMPORARY fix camera not working on user builds
+
+Change-Id: I61e8c78bfd70be7c157c049dac201de21749d4a2
+---
+ common/mediaserver.te | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/common/mediaserver.te b/common/mediaserver.te
+index 1108551..6b92565 100755
+--- a/common/mediaserver.te
++++ b/common/mediaserver.te
+@@ -13,12 +13,10 @@ binder_call(mediaserver, rild)
+ #qmux_socket(mediaserver)
+ allow mediaserver camera_data_file:sock_file w_file_perms;
+ 
+-userdebug_or_eng(`
+-  allow mediaserver camera_data_file:dir rw_dir_perms;
+-  allow mediaserver camera_data_file:file create_file_perms;
+-  # Access to audio
+-  allow mediaserver qti_debugfs:file rw_file_perms;
+-')
++allow mediaserver camera_data_file:dir rw_dir_perms;
++allow mediaserver camera_data_file:file create_file_perms;
++# Access to audio
++allow mediaserver qti_debugfs:file rw_file_perms;
+ 
+ r_dir_file(mediaserver, sysfs_esoc)
+ #allow mediaserver system_app_data_file:file rw_file_perms;
+-- 
+2.16.1
+
diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0003-SUPL_No_IMSI.patch b/Patches/LineageOS-17.1/android_frameworks_base/0003-SUPL_No_IMSI.patch
new file mode 100644
index 00000000..555b2197
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0003-SUPL_No_IMSI.patch
@@ -0,0 +1,40 @@
+From 13951789b89251be432612b288020fdcb9e079fa Mon Sep 17 00:00:00 2001
+From: MSe1969 <mse1969@posteo.de>
+Date: Mon, 29 Oct 2018 12:14:17 +0100
+Subject: [PATCH] SUPL: Don't send IMSI / Phone number to SUPL server
+
+Change-Id: I5ccc4d61e52ac11ef33f44618d0e610089885b87
+---
+ .../android/server/location/GnssLocationProvider.java    | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/services/core/java/com/android/server/location/GnssLocationProvider.java b/services/core/java/com/android/server/location/GnssLocationProvider.java
+index 342e9b8c300..537e02d8e39 100644
+--- a/services/core/java/com/android/server/location/GnssLocationProvider.java
++++ b/services/core/java/com/android/server/location/GnssLocationProvider.java
+@@ -1934,7 +1934,12 @@ public class GnssLocationProvider extends AbstractLocationProvider implements
+                 mContext.getSystemService(Context.TELEPHONY_SERVICE);
+         int type = AGPS_SETID_TYPE_NONE;
+         String setId = null;
+-
++        
++        /*
++         * We don't want to tell Google our IMSI or phone number to spy on us!
++         * As devices w/o SIM card also have working GPS, providing this data does
++         * not seem to add a lot of value, at least not for the device holder
++         *
+         int ddSubId = SubscriptionManager.getDefaultDataSubscriptionId();
+         if ((flags & AGPS_RIL_REQUEST_SETID_IMSI) == AGPS_RIL_REQUEST_SETID_IMSI) {
+             if (SubscriptionManager.isValidSubscriptionId(ddSubId)) {
+@@ -1958,7 +1963,7 @@ public class GnssLocationProvider extends AbstractLocationProvider implements
+                 // This means the framework has the SIM card.
+                 type = AGPS_SETID_TYPE_MSISDN;
+             }
+-        }
++        } */
+ 
+         native_agps_set_id(type, (setId == null) ? "" : setId);
+     }
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0004-Fingerprint_Lockout.patch b/Patches/LineageOS-17.1/android_frameworks_base/0004-Fingerprint_Lockout.patch
new file mode 100644
index 00000000..6d53de08
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0004-Fingerprint_Lockout.patch
@@ -0,0 +1,22 @@
+From 9c21f1c52b9d5f589a4bca4893e8a04fc1c42cd2 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 12 Sep 2017 01:52:11 -0400
+Subject: [PATCH] use permanent fingerprint lockout immediately
+
+---
+ .../server/biometrics/fingerprint/FingerprintService.java       | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java
+index 320e1022873..fb580ffe43c 100644
+--- a/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java
++++ b/services/core/java/com/android/server/biometrics/fingerprint/FingerprintService.java
+@@ -98,7 +98,7 @@
+     private static final String ACTION_LOCKOUT_RESET =
+             "com.android.server.biometrics.fingerprint.ACTION_LOCKOUT_RESET";
+     private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_TIMED = 5;
+-    private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_PERMANENT = 20;
++    private static final int MAX_FAILED_ATTEMPTS_LOCKOUT_PERMANENT = 3;
+     private static final long FAIL_LOCKOUT_TIMEOUT_MS = 30 * 1000;
+     private static final String KEY_LOCKOUT_RESET_USER = "lockout_reset_user";
+ 
diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0006-Disable_Analytics.patch b/Patches/LineageOS-17.1/android_frameworks_base/0006-Disable_Analytics.patch
new file mode 100644
index 00000000..433aca32
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0006-Disable_Analytics.patch
@@ -0,0 +1,37 @@
+From 5b59a2cf8028488847a5cd6ac7d4a14414972438 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 21 May 2018 04:23:40 -0400
+Subject: [PATCH] Disable/reduce functionality of various ad/analytics
+ libraries
+
+Change-Id: I84303ee26d0232e471f44ae6eff6e41a2210e42e
+---
+ core/java/android/content/pm/PackageParser.java | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
+index 8c66fb227cf..31368bf74b1 100644
+--- a/core/java/android/content/pm/PackageParser.java
++++ b/core/java/android/content/pm/PackageParser.java
+@@ -5524,6 +5524,18 @@ public class PackageParser {
+ 
+         if (data == null) {
+             data = new Bundle();
++            data.putBoolean("batch_opted_out_by_default", true);
++            data.putBoolean("com.ad4screen.no_geoloc", true);
++            data.putBoolean("com.facebook.sdk.AutoLogAppEventsEnabled", false);
++            data.putBoolean("com.mixpanel.android.MPConfig.UseIpAddressForGeolocation", false);
++            data.putBoolean("com.webengage.sdk.android.location_tracking", false);
++            data.putBoolean("firebase_analytics_collection_deactivated", true);
++            data.putBoolean("firebase_analytics_collection_enabled", false);
++            data.putBoolean("firebase_crash_collection_enabled", false);
++            data.putBoolean("firebase_performance_collection_deactivated", true);
++            data.putBoolean("google_analytics_adid_collection_enabled", false);
++            data.putString("com.ad4screen.tracking_mode", "Restricted");
++            data.putString("com.sprooki.LOCATION_SERVICES", "disable");
+         }
+ 
+         String name = sa.getNonConfigurationString(
+-- 
+2.17.0
+
diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0007-Always_Restict_Serial.patch b/Patches/LineageOS-17.1/android_frameworks_base/0007-Always_Restict_Serial.patch
new file mode 100644
index 00000000..65ecb039
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0007-Always_Restict_Serial.patch
@@ -0,0 +1,29 @@
+From d6224b1fca2bb1a32e1bf6df2de6227eddb13595 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 6 Sep 2017 21:40:48 -0400
+Subject: [PATCH] always set deprecated Build.SERIAL to UNKNOWN
+
+Only support fetching the serial number via the new Build.getSerial()
+requiring the READ_PHONE_STATE permission.
+---
+ .../java/com/android/server/am/ActivityManagerService.java | 7 +------
+ 1 file changed, 1 insertion(+), 6 deletions(-)
+
+diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
+index e8505fcb37a..7b14f5fdb1e 100644
+--- a/services/core/java/com/android/server/am/ActivityManagerService.java
++++ b/services/core/java/com/android/server/am/ActivityManagerService.java
+@@ -4971,12 +4971,7 @@ private final boolean attachApplicationLocked(IApplicationThread thread,
+                 }
+             }
+ 
+-            // We deprecated Build.SERIAL and it is not accessible to
+-            // Instant Apps and target APIs higher than O MR1. Since access to the serial
+-            // is now behind a permission we push down the value.
+-            final String buildSerial = (!appInfo.isInstantApp()
+-                    && appInfo.targetSdkVersion < Build.VERSION_CODES.P)
+-                            ? sTheRealBuildSerial : Build.UNKNOWN;
++            final String buildSerial = Build.UNKNOWN;
+ 
+             // Check if this is a secondary process that should be incorporated into some
+             // currently active instrumentation.  (Note we do this AFTER all of the profiling
diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0008-Browser_No_Location.patch b/Patches/LineageOS-17.1/android_frameworks_base/0008-Browser_No_Location.patch
new file mode 100644
index 00000000..2bb0bb89
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0008-Browser_No_Location.patch
@@ -0,0 +1,51 @@
+From cfcc7b12949e06e03a974a9dec90daf6cab50ffc Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Sun, 17 Mar 2019 19:54:30 -0400
+Subject: [PATCH] stop auto-granting location to system browsers
+
+---
+ .../DefaultPermissionGrantPolicy.java         | 24 +++++++++----------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
+index ecf66861a40..b4576b0b682 100644
+--- a/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
++++ b/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
+@@ -596,16 +596,16 @@ private void grantDefaultSystemHandlerPermissions(int userId) {
+                 userId, CONTACTS_PERMISSIONS, CALENDAR_PERMISSIONS);
+ 
+         // Browser
+-        String browserPackage = getKnownPackage(PackageManagerInternal.PACKAGE_BROWSER, userId);
+-        if (browserPackage == null) {
+-            browserPackage = getDefaultSystemHandlerActivityPackageForCategory(
+-                    Intent.CATEGORY_APP_BROWSER, userId);
+-            if (!isSystemPackage(browserPackage)) {
+-                browserPackage = null;
+-            }
+-        }
+-        grantPermissionsToPackage(browserPackage, userId, false /* ignoreSystemPackage */,
+-                true /*whitelistRestrictedPermissions*/, ALWAYS_LOCATION_PERMISSIONS);
++        //String browserPackage = getKnownPackage(PackageManagerInternal.PACKAGE_BROWSER, userId);
++        //if (browserPackage == null) {
++            //browserPackage = getDefaultSystemHandlerActivityPackageForCategory(
++                    //Intent.CATEGORY_APP_BROWSER, userId);
++            //if (!isSystemPackage(browserPackage)) {
++                //browserPackage = null;
++            //}
++        //}
++        //grantPermissionsToPackage(browserPackage, userId, false [> ignoreSystemPackage <],
++                //true [>whitelistRestrictedPermissions<], ALWAYS_LOCATION_PERMISSIONS);
+ 
+         // Voice interaction
+         if (voiceInteractPackageNames != null) {
+@@ -884,8 +884,8 @@ public void revokeDefaultPermissionsFromLuiApps(String[] packageNames, int userI
+     }
+ 
+     public void grantDefaultPermissionsToDefaultBrowser(String packageName, int userId) {
+-        Log.i(TAG, "Granting permissions to default browser for user:" + userId);
+-        grantPermissionsToSystemPackage(packageName, userId, ALWAYS_LOCATION_PERMISSIONS);
++        //Log.i(TAG, "Granting permissions to default browser for user:" + userId);
++        //grantPermissionsToSystemPackage(packageName, userId, ALWAYS_LOCATION_PERMISSIONS);
+     }
+ 
+     private String getDefaultSystemHandlerActivityPackage(String intentAction, int userId) {
diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch b/Patches/LineageOS-17.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch
new file mode 100644
index 00000000..5d6e125a
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch
@@ -0,0 +1,23 @@
+From a507f07f4b04c421400ef8382212aa38cfe37b0d Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 18 Dec 2018 08:48:14 -0500
+Subject: [PATCH] allow SystemUI to directly manage Bluetooth/WiFi
+
+---
+ packages/SystemUI/AndroidManifest.xml | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/packages/SystemUI/AndroidManifest.xml b/packages/SystemUI/AndroidManifest.xml
+index 5599b5a2837..08a8d9f504b 100644
+--- a/packages/SystemUI/AndroidManifest.xml
++++ b/packages/SystemUI/AndroidManifest.xml
+@@ -70,6 +70,9 @@
+     <uses-permission android:name="android.permission.REQUEST_NETWORK_SCORES" />
+     <uses-permission android:name="android.permission.CONTROL_VPN" />
+     <uses-permission android:name="android.permission.PEERS_MAC_ADDRESS"/>
++    <uses-permission android:name="android.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED" />
++    <uses-permission android:name="android.permission.MANAGE_WIFI_WHEN_PERMISSION_REVIEW_REQUIRED" />
++
+     <!-- Physical hardware -->
+     <uses-permission android:name="android.permission.MANAGE_USB" />
+     <uses-permission android:name="android.permission.CONTROL_DISPLAY_BRIGHTNESS" />
diff --git a/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning.patch b/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning.patch
new file mode 100644
index 00000000..38be3b76
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_base/0010-Exec_Based_Spawning.patch
@@ -0,0 +1,592 @@
+From 60e744e11be94212d0bc796d8904da4c61af60e1 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Sat, 14 Mar 2015 18:10:20 -0400
+Subject: [PATCH 01/12] add exec-based spawning support
+
+---
+ .../com/android/internal/os/ExecInit.java     | 115 ++++++++++++++++++
+ .../com/android/internal/os/WrapperInit.java  |   2 +-
+ .../android/internal/os/ZygoteConnection.java |   8 ++
+ 3 files changed, 124 insertions(+), 1 deletion(-)
+ create mode 100644 core/java/com/android/internal/os/ExecInit.java
+
+diff --git a/core/java/com/android/internal/os/ExecInit.java b/core/java/com/android/internal/os/ExecInit.java
+new file mode 100644
+index 00000000000..10edd64e0f9
+--- /dev/null
++++ b/core/java/com/android/internal/os/ExecInit.java
+@@ -0,0 +1,115 @@
++package com.android.internal.os;
++
++import android.os.Trace;
++import android.system.ErrnoException;
++import android.system.Os;
++import android.util.Slog;
++import android.util.TimingsTraceLog;
++import dalvik.system.VMRuntime;
++
++/**
++ * Startup class for the process.
++ * @hide
++ */
++public class ExecInit {
++    /**
++     * Class not instantiable.
++     */
++    private ExecInit() {
++    }
++
++    /**
++     * The main function called when starting a runtime application.
++     *
++     * The first argument is the target SDK version for the app.
++     *
++     * The remaining arguments are passed to the runtime.
++     *
++     * @param args The command-line arguments.
++     */
++    public static void main(String[] args) {
++        // Parse our mandatory argument.
++        int targetSdkVersion = Integer.parseInt(args[0], 10);
++
++        // Mimic system Zygote preloading.
++        ZygoteInit.preload(new TimingsTraceLog("ExecInitTiming",
++                Trace.TRACE_TAG_DALVIK));
++
++        // Launch the application.
++        String[] runtimeArgs = new String[args.length - 1];
++        System.arraycopy(args, 1, runtimeArgs, 0, runtimeArgs.length);
++        Runnable r = execInit(targetSdkVersion, runtimeArgs);
++
++        r.run();
++    }
++
++    /**
++     * Executes a runtime application with exec-based spawning.
++     * This method never returns.
++     *
++     * @param niceName The nice name for the application, or null if none.
++     * @param targetSdkVersion The target SDK version for the app.
++     * @param args Arguments for {@link RuntimeInit#main}.
++     */
++    public static void execApplication(String niceName, int targetSdkVersion,
++            String instructionSet, String[] args) {
++        int niceArgs = niceName == null ? 0 : 1;
++        int baseArgs = 5 + niceArgs;
++        String[] argv = new String[baseArgs + args.length];
++        if (VMRuntime.is64BitInstructionSet(instructionSet)) {
++            argv[0] = "/system/bin/app_process64";
++        } else {
++            argv[0] = "/system/bin/app_process32";
++        }
++        argv[1] = "/system/bin";
++        argv[2] = "--application";
++        if (niceName != null) {
++            argv[3] = "--nice-name=" + niceName;
++        }
++        argv[3 + niceArgs] = "com.android.internal.os.ExecInit";
++        argv[4 + niceArgs] = Integer.toString(targetSdkVersion);
++        System.arraycopy(args, 0, argv, baseArgs, args.length);
++
++        WrapperInit.preserveCapabilities();
++        try {
++            Os.execv(argv[0], argv);
++        } catch (ErrnoException e) {
++            throw new RuntimeException(e);
++        }
++    }
++
++    /**
++     * The main function called when an application is started with exec-based spawning.
++     *
++     * When the app starts, the runtime starts {@link RuntimeInit#main}
++     * which calls {@link main} which then calls this method.
++     * So we don't need to call commonInit() here.
++     *
++     * @param targetSdkVersion target SDK version
++     * @param argv arg strings
++     */
++    private static Runnable execInit(int targetSdkVersion, String[] argv) {
++        if (RuntimeInit.DEBUG) {
++            Slog.d(RuntimeInit.TAG, "RuntimeInit: Starting application from exec");
++        }
++
++        // Check whether the first argument is a "-cp" in argv, and assume the next argument is the
++        // classpath. If found, create a PathClassLoader and use it for applicationInit.
++        ClassLoader classLoader = null;
++        if (argv != null && argv.length > 2 && argv[0].equals("-cp")) {
++            classLoader = ZygoteInit.createPathClassLoader(argv[1], targetSdkVersion);
++
++            // Install this classloader as the context classloader, too.
++            Thread.currentThread().setContextClassLoader(classLoader);
++
++            // Remove the classpath from the arguments.
++            String removedArgs[] = new String[argv.length - 2];
++            System.arraycopy(argv, 2, removedArgs, 0, argv.length - 2);
++            argv = removedArgs;
++        }
++
++        // Perform the same initialization that would happen after the Zygote forks.
++        Zygote.nativePreApplicationInit();
++        return RuntimeInit.applicationInit(targetSdkVersion, argv, classLoader);
++    }
++}
+diff --git a/core/java/com/android/internal/os/WrapperInit.java b/core/java/com/android/internal/os/WrapperInit.java
+index f0e779694c9..9f41a4136db 100644
+--- a/core/java/com/android/internal/os/WrapperInit.java
++++ b/core/java/com/android/internal/os/WrapperInit.java
+@@ -183,7 +183,7 @@ public class WrapperInit {
+      *       This is acceptable here as failure will leave the wrapped app with strictly less
+      *       capabilities, which may make it crash, but not exceed its allowances.
+      */
+-    private static void preserveCapabilities() {
++    public static void preserveCapabilities() {
+         StructCapUserHeader header = new StructCapUserHeader(
+                 OsConstants._LINUX_CAPABILITY_VERSION_3, 0);
+         StructCapUserData[] data;
+diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
+index e556dd4d824..1054d2fb9b1 100644
+--- a/core/java/com/android/internal/os/ZygoteConnection.java
++++ b/core/java/com/android/internal/os/ZygoteConnection.java
+@@ -33,6 +33,7 @@ import android.net.Credentials;
+ import android.net.LocalSocket;
+ import android.os.Parcel;
+ import android.os.Process;
++import android.os.SystemProperties;
+ import android.os.Trace;
+ import android.system.ErrnoException;
+ import android.system.Os;
+@@ -596,6 +597,13 @@ class ZygoteConnection {
+             throw new IllegalStateException("WrapperInit.execApplication unexpectedly returned");
+         } else {
+             if (!isZygote) {
++                if (SystemProperties.getBoolean("sys.spawn.exec", true)) {
++                    ExecInit.execApplication(parsedArgs.mNiceName, parsedArgs.mTargetSdkVersion,
++                            VMRuntime.getCurrentInstructionSet(), parsedArgs.mRemainingArgs);
++
++                    // Should not get here.
++                    throw new IllegalStateException("ExecInit.execApplication unexpectedly returned");
++                }
+                 return ZygoteInit.zygoteInit(parsedArgs.mTargetSdkVersion,
+                         parsedArgs.mRemainingArgs, null /* classLoader */);
+             } else {
+-- 
+2.26.0
+
+
+From 148d6154d771cec6ff736d0f72abf192a5a35975 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 14 May 2019 15:11:59 -0400
+Subject: [PATCH 02/12] avoid AssetManager errors with exec spawning
+
+This causes harmless errors and wastes time spawning a process that's
+not going to succeed.
+---
+ core/jni/android_util_AssetManager.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/core/jni/android_util_AssetManager.cpp b/core/jni/android_util_AssetManager.cpp
+index 2b471fec9c8..7a29db32808 100644
+--- a/core/jni/android_util_AssetManager.cpp
++++ b/core/jni/android_util_AssetManager.cpp
+@@ -125,6 +125,10 @@ constexpr inline static ApkAssetsCookie JavaCookieToApkAssetsCookie(jint cookie)
+ 
+ // This is called by zygote (running as user root) as part of preloadResources.
+ static void NativeVerifySystemIdmaps(JNIEnv* /*env*/, jclass /*clazz*/) {
++  // avoid triggering an error with exec-based spawning
++  if (getuid() != 0) {
++    return;
++  }
+   switch (pid_t pid = fork()) {
+     case -1:
+       PLOG(ERROR) << "failed to fork for idmap";
+-- 
+2.26.0
+
+
+From 2076c38e549f2b4032448159c1478e67a72a96b5 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 21 May 2019 23:54:20 -0400
+Subject: [PATCH 03/12] disable exec spawning when using debugging options
+
+The debugging options are not yet supported probably, so disable exec
+spawning when doing debugging.
+---
+ core/java/com/android/internal/os/ZygoteConnection.java | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteConnection.java b/core/java/com/android/internal/os/ZygoteConnection.java
+index 1054d2fb9b1..b420385b1de 100644
+--- a/core/java/com/android/internal/os/ZygoteConnection.java
++++ b/core/java/com/android/internal/os/ZygoteConnection.java
+@@ -597,7 +597,8 @@ class ZygoteConnection {
+             throw new IllegalStateException("WrapperInit.execApplication unexpectedly returned");
+         } else {
+             if (!isZygote) {
+-                if (SystemProperties.getBoolean("sys.spawn.exec", true)) {
++                if (SystemProperties.getBoolean("sys.spawn.exec", true) &&
++                        (parsedArgs.mRuntimeFlags & ApplicationInfo.FLAG_DEBUGGABLE) == 0) {
+                     ExecInit.execApplication(parsedArgs.mNiceName, parsedArgs.mTargetSdkVersion,
+                             VMRuntime.getCurrentInstructionSet(), parsedArgs.mRemainingArgs);
+ 
+-- 
+2.26.0
+
+
+From 909317e350ea4c8874b01e73502dc0c7c78635ab Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 14 May 2019 14:24:21 -0400
+Subject: [PATCH 04/12] add parameter for avoiding full preload with exec
+
+---
+ core/java/com/android/internal/os/ExecInit.java   | 2 +-
+ core/java/com/android/internal/os/ZygoteInit.java | 6 +++++-
+ 2 files changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ExecInit.java b/core/java/com/android/internal/os/ExecInit.java
+index 10edd64e0f9..3ba4664ae8c 100644
+--- a/core/java/com/android/internal/os/ExecInit.java
++++ b/core/java/com/android/internal/os/ExecInit.java
+@@ -33,7 +33,7 @@ public class ExecInit {
+ 
+         // Mimic system Zygote preloading.
+         ZygoteInit.preload(new TimingsTraceLog("ExecInitTiming",
+-                Trace.TRACE_TAG_DALVIK));
++                Trace.TRACE_TAG_DALVIK), false);
+ 
+         // Launch the application.
+         String[] runtimeArgs = new String[args.length - 1];
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index 7ec8309e47d..e59cb784dc7 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -132,7 +132,7 @@ public class ZygoteInit {
+      */
+     private static ClassLoader sCachedSystemServerClassLoader = null;
+ 
+-    static void preload(TimingsTraceLog bootTimingsTraceLog) {
++    static void preload(TimingsTraceLog bootTimingsTraceLog, boolean fullPreload) {
+         Log.d(TAG, "begin preload");
+         bootTimingsTraceLog.traceBegin("BeginPreload");
+         beginPreload();
+@@ -164,6 +164,10 @@ public class ZygoteInit {
+         sPreloadComplete = true;
+     }
+ 
++    static void preload(TimingsTraceLog bootTimingsTraceLog) {
++        preload(bootTimingsTraceLog, true);
++    }
++
+     public static void lazyPreload() {
+         Preconditions.checkState(!sPreloadComplete);
+         Log.i(TAG, "Lazily preloading resources.");
+-- 
+2.26.0
+
+
+From 4ffeae4cfb2f0acbb8080ab25ca6559c7329b80c Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 11 Sep 2019 06:43:55 -0400
+Subject: [PATCH 05/12] pass through fullPreload to libcore
+
+---
+ core/java/com/android/internal/os/ZygoteInit.java | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index e59cb784dc7..22e3f549dad 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -135,7 +135,7 @@ public class ZygoteInit {
+     static void preload(TimingsTraceLog bootTimingsTraceLog, boolean fullPreload) {
+         Log.d(TAG, "begin preload");
+         bootTimingsTraceLog.traceBegin("BeginPreload");
+-        beginPreload();
++        beginPreload(fullPreload);
+         bootTimingsTraceLog.traceEnd(); // BeginPreload
+         bootTimingsTraceLog.traceBegin("PreloadClasses");
+         preloadClasses();
+@@ -157,7 +157,7 @@ public class ZygoteInit {
+         // Ask the WebViewFactory to do any initialization that must run in the zygote process,
+         // for memory sharing purposes.
+         WebViewFactory.prepareWebViewInZygote();
+-        endPreload();
++        endPreload(fullPreload);
+         warmUpJcaProviders();
+         Log.d(TAG, "end preload");
+ 
+@@ -175,14 +175,14 @@ public class ZygoteInit {
+         preload(new TimingsTraceLog("ZygoteInitTiming_lazy", Trace.TRACE_TAG_DALVIK));
+     }
+ 
+-    private static void beginPreload() {
++    private static void beginPreload(boolean fullPreload) {
+         Log.i(TAG, "Calling ZygoteHooks.beginPreload()");
+ 
+-        ZygoteHooks.onBeginPreload();
++        ZygoteHooks.onBeginPreload(fullPreload);
+     }
+ 
+-    private static void endPreload() {
+-        ZygoteHooks.onEndPreload();
++    private static void endPreload(boolean fullPreload) {
++        ZygoteHooks.onEndPreload(fullPreload);
+ 
+         Log.i(TAG, "Called ZygoteHooks.endPreload()");
+     }
+-- 
+2.26.0
+
+
+From e2166aee853fad1b84fa17936d795535eaef374b Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 14 May 2019 14:28:27 -0400
+Subject: [PATCH 06/12] disable OpenGL preloading for exec spawning
+
+---
+ core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index 22e3f549dad..37be8d97987 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -149,9 +149,11 @@ public class ZygoteInit {
+         Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
+         nativePreloadAppProcessHALs();
+         Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+-        Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadGraphicsDriver");
+-        maybePreloadGraphicsDriver();
+-        Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
++        if (fullPreload) {
++            Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadGraphicsDriver");
++            maybePreloadGraphicsDriver();
++            Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
++        }
+         preloadSharedLibraries();
+         preloadTextResources();
+         // Ask the WebViewFactory to do any initialization that must run in the zygote process,
+-- 
+2.26.0
+
+
+From dff76e1e08bf67ebc5e4da8a2dcdf57a55e0d09b Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 14 May 2019 14:28:52 -0400
+Subject: [PATCH 07/12] disable resource preloading for exec spawning
+
+---
+ core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index 37be8d97987..34c9f8530a7 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -143,9 +143,11 @@ public class ZygoteInit {
+         bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
+         cacheNonBootClasspathClassLoaders();
+         bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders
+-        bootTimingsTraceLog.traceBegin("PreloadResources");
+-        preloadResources();
+-        bootTimingsTraceLog.traceEnd(); // PreloadResources
++        if (fullPreload) {
++            bootTimingsTraceLog.traceBegin("PreloadResources");
++            preloadResources();
++            bootTimingsTraceLog.traceEnd(); // PreloadResources
++        }
+         Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
+         nativePreloadAppProcessHALs();
+         Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+-- 
+2.26.0
+
+
+From 872568d6c67a63c411e33699b969b5b1563e58ce Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 14 May 2019 14:30:59 -0400
+Subject: [PATCH 08/12] disable class preloading for exec spawning
+
+---
+ core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index 34c9f8530a7..0404ef53ca0 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -137,9 +137,11 @@ public class ZygoteInit {
+         bootTimingsTraceLog.traceBegin("BeginPreload");
+         beginPreload(fullPreload);
+         bootTimingsTraceLog.traceEnd(); // BeginPreload
+-        bootTimingsTraceLog.traceBegin("PreloadClasses");
+-        preloadClasses();
+-        bootTimingsTraceLog.traceEnd(); // PreloadClasses
++        if (fullPreload) {
++            bootTimingsTraceLog.traceBegin("PreloadClasses");
++            preloadClasses();
++            bootTimingsTraceLog.traceEnd(); // PreloadClasses
++        }
+         bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
+         cacheNonBootClasspathClassLoaders();
+         bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders
+-- 
+2.26.0
+
+
+From 230080cd158ef27c8fa3647dfa6f4c2cff4c70dd Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 14 May 2019 14:31:29 -0400
+Subject: [PATCH 09/12] disable WebView reservation for exec spawning
+
+---
+ core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index 0404ef53ca0..94e58405ce6 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -160,9 +160,11 @@ public class ZygoteInit {
+         }
+         preloadSharedLibraries();
+         preloadTextResources();
+-        // Ask the WebViewFactory to do any initialization that must run in the zygote process,
+-        // for memory sharing purposes.
+-        WebViewFactory.prepareWebViewInZygote();
++        if (fullPreload) {
++            // Ask the WebViewFactory to do any initialization that must run in the zygote process,
++            // for memory sharing purposes.
++            WebViewFactory.prepareWebViewInZygote();
++        }
+         endPreload(fullPreload);
+         warmUpJcaProviders();
+         Log.d(TAG, "end preload");
+-- 
+2.26.0
+
+
+From f822fe138d5841cde0b154fa6f3a3d3200b58c07 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 14 May 2019 14:34:32 -0400
+Subject: [PATCH 10/12] disable JCA provider warm up for exec spawning
+
+---
+ .../com/android/internal/os/ZygoteInit.java   | 22 ++++++++++---------
+ 1 file changed, 12 insertions(+), 10 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index 94e58405ce6..dbd24ef27d2 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -166,7 +166,7 @@ public class ZygoteInit {
+             WebViewFactory.prepareWebViewInZygote();
+         }
+         endPreload(fullPreload);
+-        warmUpJcaProviders();
++        warmUpJcaProviders(fullPreload);
+         Log.d(TAG, "end preload");
+ 
+         sPreloadComplete = true;
+@@ -230,7 +230,7 @@ public class ZygoteInit {
+      * By doing it here we avoid that each app does it when requesting a service from the provider
+      * for the first time.
+      */
+-    private static void warmUpJcaProviders() {
++    private static void warmUpJcaProviders(boolean fullPreload) {
+         long startTime = SystemClock.uptimeMillis();
+         Trace.traceBegin(
+                 Trace.TRACE_TAG_DALVIK, "Starting installation of AndroidKeyStoreProvider");
+@@ -242,15 +242,17 @@ public class ZygoteInit {
+                 + (SystemClock.uptimeMillis() - startTime) + "ms.");
+         Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+ 
+-        startTime = SystemClock.uptimeMillis();
+-        Trace.traceBegin(
+-                Trace.TRACE_TAG_DALVIK, "Starting warm up of JCA providers");
+-        for (Provider p : Security.getProviders()) {
+-            p.warmUpServiceProvision();
++        if (fullPreload) {
++            startTime = SystemClock.uptimeMillis();
++            Trace.traceBegin(
++                    Trace.TRACE_TAG_DALVIK, "Starting warm up of JCA providers");
++            for (Provider p : Security.getProviders()) {
++                p.warmUpServiceProvision();
++            }
++            Log.i(TAG, "Warmed up JCA providers in "
++                    + (SystemClock.uptimeMillis() - startTime) + "ms.");
++            Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+         }
+-        Log.i(TAG, "Warmed up JCA providers in "
+-                + (SystemClock.uptimeMillis() - startTime) + "ms.");
+-        Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
+     }
+ 
+     /**
+-- 
+2.26.0
+
+
+From 430a93910f4a555e4e6f06b4f1634acb45e9d501 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 11 Sep 2019 06:57:24 -0400
+Subject: [PATCH 11/12] disable preloading classloaders for exec spawning
+
+---
+ core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index dbd24ef27d2..bf6234b565e 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -142,9 +142,11 @@ public class ZygoteInit {
+             preloadClasses();
+             bootTimingsTraceLog.traceEnd(); // PreloadClasses
+         }
+-        bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
+-        cacheNonBootClasspathClassLoaders();
+-        bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders
++        if (fullPreload) {
++            bootTimingsTraceLog.traceBegin("CacheNonBootClasspathClassLoaders");
++            cacheNonBootClasspathClassLoaders();
++            bootTimingsTraceLog.traceEnd(); // CacheNonBootClasspathClassLoaders
++        }
+         if (fullPreload) {
+             bootTimingsTraceLog.traceBegin("PreloadResources");
+             preloadResources();
+-- 
+2.26.0
+
+
+From fc75b053f8bcd15a019915f06d9ddea6c46abcec Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 11 Sep 2019 06:58:51 -0400
+Subject: [PATCH 12/12] disable preloading HALs for exec spawning
+
+---
+ core/java/com/android/internal/os/ZygoteInit.java | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
+index bf6234b565e..b00fd9969a5 100644
+--- a/core/java/com/android/internal/os/ZygoteInit.java
++++ b/core/java/com/android/internal/os/ZygoteInit.java
+@@ -152,9 +152,11 @@ public class ZygoteInit {
+             preloadResources();
+             bootTimingsTraceLog.traceEnd(); // PreloadResources
+         }
+-        Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
+-        nativePreloadAppProcessHALs();
+-        Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
++        if (fullPreload) {
++            Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadAppProcessHALs");
++            nativePreloadAppProcessHALs();
++            Trace.traceEnd(Trace.TRACE_TAG_DALVIK);
++        }
+         if (fullPreload) {
+             Trace.traceBegin(Trace.TRACE_TAG_DALVIK, "PreloadGraphicsDriver");
+             maybePreloadGraphicsDriver();
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch b/Patches/LineageOS-17.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch
new file mode 100644
index 00000000..3d1483c6
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_frameworks_opt_net_ims/0001-Fix_Calling.patch
@@ -0,0 +1,54 @@
+From 9b44570bfb806930b33227e9a89467e2aeca490f Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Tue, 14 Apr 2020 16:59:46 -0400
+Subject: [PATCH] Fix calling after VoLTE is removed from devices that had it
+ previously enabled
+
+Change-Id: I34cc1b7786446927751950386ebe729b43fa53f1
+---
+ src/java/com/android/ims/ImsManager.java | 22 +---------------------
+ 1 file changed, 1 insertion(+), 21 deletions(-)
+
+diff --git a/src/java/com/android/ims/ImsManager.java b/src/java/com/android/ims/ImsManager.java
+index 7c24c7d..058624d 100644
+--- a/src/java/com/android/ims/ImsManager.java
++++ b/src/java/com/android/ims/ImsManager.java
+@@ -466,12 +466,6 @@ public class ImsManager {
+      * {@link #isEnhanced4gLteModeSettingEnabledByUser()} instead.
+      */
+     public static boolean isEnhanced4gLteModeSettingEnabledByUser(Context context) {
+-        ImsManager mgr = ImsManager.getInstance(context,
+-                SubscriptionManager.getDefaultVoicePhoneId());
+-        if (mgr != null) {
+-            return mgr.isEnhanced4gLteModeSettingEnabledByUser();
+-        }
+-        loge("isEnhanced4gLteModeSettingEnabledByUser: ImsManager null, returning default value.");
+         return false;
+     }
+ 
+@@ -486,21 +480,7 @@ public class ImsManager {
+      * return the default value.
+      */
+     public boolean isEnhanced4gLteModeSettingEnabledByUser() {
+-        int setting = SubscriptionManager.getIntegerSubscriptionProperty(
+-                getSubId(), SubscriptionManager.ENHANCED_4G_MODE_ENABLED,
+-                SUB_PROPERTY_NOT_INITIALIZED, mContext);
+-        boolean onByDefault = getBooleanCarrierConfig(
+-                CarrierConfigManager.KEY_ENHANCED_4G_LTE_ON_BY_DEFAULT_BOOL);
+-
+-        // If Enhanced 4G LTE Mode is uneditable, hidden or not initialized, we use the default
+-        // value
+-        if (!getBooleanCarrierConfig(CarrierConfigManager.KEY_EDITABLE_ENHANCED_4G_LTE_BOOL)
+-                || getBooleanCarrierConfig(CarrierConfigManager.KEY_HIDE_ENHANCED_4G_LTE_BOOL)
+-                || setting == SUB_PROPERTY_NOT_INITIALIZED) {
+-            return onByDefault;
+-        } else {
+-            return (setting == ProvisioningManager.PROVISIONING_VALUE_ENABLED);
+-        }
++        return false;
+     }
+ 
+     /**
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_libcore/0001-Exec_Preload.patch b/Patches/LineageOS-17.1/android_libcore/0001-Exec_Preload.patch
new file mode 100644
index 00000000..c9f4574b
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_libcore/0001-Exec_Preload.patch
@@ -0,0 +1,47 @@
+From d087128e25112c35cc9ca2694b503710fc43222d Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 11 Sep 2019 06:46:38 -0400
+Subject: [PATCH] add parameter for avoiding full preload with exec
+
+---
+ dalvik/src/main/java/dalvik/system/ZygoteHooks.java     | 4 ++--
+ mmodules/core_platform_api/api/platform/current-api.txt | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
+index 13769e137..af3b9cfe8 100644
+--- a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
++++ b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
+@@ -47,7 +47,7 @@ private ZygoteHooks() {
+      * Called when the zygote begins preloading classes and data.
+      */
+     @libcore.api.CorePlatformApi
+-    public static void onBeginPreload() {
++    public static void onBeginPreload(boolean fullPreload) {
+         // Pin ICU data in memory from this point that would normally be held by soft references.
+         // Without this, any references created immediately below or during class preloading
+         // would be collected when the Zygote GC runs in gcAndFinalize().
+@@ -64,7 +64,7 @@ public static void onBeginPreload() {
+      * Called when the zygote has completed preloading classes and data.
+      */
+     @libcore.api.CorePlatformApi
+-    public static void onEndPreload() {
++    public static void onEndPreload(boolean fullPreload) {
+         // All cache references created by ICU from this point will be soft.
+         CacheValue.setStrength(CacheValue.Strength.SOFT);
+     }
+diff --git a/mmodules/core_platform_api/api/platform/current-api.txt b/mmodules/core_platform_api/api/platform/current-api.txt
+index b2b81df41..cca689158 100644
+--- a/mmodules/core_platform_api/api/platform/current-api.txt
++++ b/mmodules/core_platform_api/api/platform/current-api.txt
+@@ -854,8 +854,8 @@ package dalvik.system {
+ 
+   public final class ZygoteHooks {
+     method public static void gcAndFinalize();
+-    method public static void onBeginPreload();
+-    method public static void onEndPreload();
++    method public static void onBeginPreload(boolean);
++    method public static void onEndPreload(boolean);
+     method public static void postForkChild(int, boolean, boolean, String);
+     method public static void postForkCommon();
+     method public static void postForkSystemServer();
diff --git a/Patches/LineageOS-17.1/android_libcore/0002-Exec_Based_Spawning.patch b/Patches/LineageOS-17.1/android_libcore/0002-Exec_Based_Spawning.patch
new file mode 100644
index 00000000..cac459e7
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_libcore/0002-Exec_Based_Spawning.patch
@@ -0,0 +1,53 @@
+From ad05afeefb51c74813daf3a99eca2b23fc553c7c Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Wed, 11 Sep 2019 06:47:11 -0400
+Subject: [PATCH] disable ICU cache pinning for exec spawning
+
+---
+ .../main/java/dalvik/system/ZygoteHooks.java  | 26 +++++++++++--------
+ 1 file changed, 15 insertions(+), 11 deletions(-)
+
+diff --git a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
+index af3b9cfe8..35e880558 100644
+--- a/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
++++ b/dalvik/src/main/java/dalvik/system/ZygoteHooks.java
+@@ -48,15 +48,17 @@ private ZygoteHooks() {
+      */
+     @libcore.api.CorePlatformApi
+     public static void onBeginPreload(boolean fullPreload) {
+-        // Pin ICU data in memory from this point that would normally be held by soft references.
+-        // Without this, any references created immediately below or during class preloading
+-        // would be collected when the Zygote GC runs in gcAndFinalize().
+-        CacheValue.setStrength(CacheValue.Strength.STRONG);
+-
+-        // Explicitly exercise code to cache data apps are likely to need.
+-        ULocale[] localesToPin = { ULocale.ROOT, ULocale.US, ULocale.getDefault() };
+-        for (ULocale uLocale : localesToPin) {
+-            new DecimalFormatSymbols(uLocale);
++        if (fullPreload) {
++            // Pin ICU data in memory from this point that would normally be held by soft references.
++            // Without this, any references created immediately below or during class preloading
++            // would be collected when the Zygote GC runs in gcAndFinalize().
++            CacheValue.setStrength(CacheValue.Strength.STRONG);
++
++            // Explicitly exercise code to cache data apps are likely to need.
++            ULocale[] localesToPin = { ULocale.ROOT, ULocale.US, ULocale.getDefault() };
++            for (ULocale uLocale : localesToPin) {
++                new DecimalFormatSymbols(uLocale);
++            }
+         }
+     }
+ 
+@@ -65,8 +67,10 @@ public static void onBeginPreload(boolean fullPreload) {
+      */
+     @libcore.api.CorePlatformApi
+     public static void onEndPreload(boolean fullPreload) {
+-        // All cache references created by ICU from this point will be soft.
+-        CacheValue.setStrength(CacheValue.Strength.SOFT);
++        if (fullPreload) {
++            // All cache references created by ICU from this point will be soft.
++            CacheValue.setStrength(CacheValue.Strength.SOFT);
++        }
+     }
+ 
+     /**
diff --git a/Patches/LineageOS-17.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch b/Patches/LineageOS-17.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
new file mode 100644
index 00000000..68fa6e6d
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
@@ -0,0 +1,143 @@
+From 3f84183f612d5654645575c9969f58bfe2fccb8c Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Tue, 14 Apr 2020 17:03:26 -0400
+Subject: [PATCH] Remove analytics
+
+Change-Id: I7f17bfdf094e0c1a9c15b28c72936de67eec235e
+---
+ AndroidManifest.xml           | 25 -------------------------
+ proguard.flags                |  1 -
+ res/values/config.xml         |  3 ---
+ res/values/strings.xml        | 22 ----------------------
+ res/xml/parts_catalog.xml     |  5 -----
+ res/xml/trust_preferences.xml |  3 ---
+ 6 files changed, 59 deletions(-)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index 0d36683..8c5fe86 100644
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -231,31 +231,6 @@
+                 android:resource="@string/summary_empty" />
+         </activity-alias>
+ 
+-        <!-- Anonymous Statistics -->
+-        <receiver android:name=".lineagestats.ReportingServiceManager"
+-            android:enabled="true"
+-            android:exported="false"
+-            android:label="ReportingServiceManager">
+-            <intent-filter>
+-                <action android:name="android.intent.action.BOOT_COMPLETED" />
+-                <action android:name="org.lineageos.lineageparts.action.TRIGGER_REPORT_METRICS" />
+-            </intent-filter>
+-        </receiver>
+-
+-        <service android:label="ReportingService"
+-            android:enabled="true"
+-            android:exported="false"
+-            android:name=".lineagestats.ReportingService">
+-        </service>
+-
+-        <service android:name=".lineagestats.StatsUploadJobService"
+-                 android:permission="android.permission.BIND_JOB_SERVICE" />
+-
+-        <service android:name=".lineagestats.ReportingService"
+-                 android:label="ReportingService"
+-                 android:enabled="true"
+-                 android:exported="false" />
+-
+         <!-- Weather settings -->
+         <activity-alias
+             android:name=".weather.WeatherServiceSettings"
+diff --git a/proguard.flags b/proguard.flags
+index 6724bc5..3a1c85b 100644
+--- a/proguard.flags
++++ b/proguard.flags
+@@ -7,7 +7,6 @@
+ -keep class org.lineageos.lineageparts.gestures.*
+ -keep class org.lineageos.lineageparts.hardware.*
+ -keep class org.lineageos.lineageparts.input.*
+--keep class org.lineageos.lineageparts.lineagestats.*
+ -keep class org.lineageos.lineageparts.livedisplay.*
+ -keep class org.lineageos.lineageparts.notificationlight.*
+ -keep class org.lineageos.lineageparts.power.*
+diff --git a/res/values/config.xml b/res/values/config.xml
+index 4236b27..eed044a 100644
+--- a/res/values/config.xml
++++ b/res/values/config.xml
+@@ -17,9 +17,6 @@
+ 
+ <resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
+ 
+-    <!-- Metrics server endpoint -->
+-    <string name="stats_lineage_url">https://stats.lineageos.org/api/v1/stats</string>
+-
+     <!-- When true, weather options will be displayed in settings dashboard -->
+     <bool name="config_showWeatherMenu">true</bool>
+ 
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 418b478..d109e14 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -511,28 +511,6 @@
+                  <b>Total commits:</b> <xliff:g id="total_commits">%2$s</xliff:g><br/><br/>
+                  <b>Last update:</b> <xliff:g id="date">%3$s</xliff:g>]]></string>
+ 
+-    <!-- Anonymous Statistics #Lineage -->
+-    <!-- About device screen, list item title. Takes the user to the screen about opting in or out of anonymous statistics. -->
+-    <string name="anonymous_statistics_title">LineageOS statistics</string>
+-    <string name="anonymous_statistics_summary">Help make LineageOS better by opting into anonymous statistics reporting</string>
+-    <string name="anonymous_statistics_warning_title">About</string>
+-    <string name="anonymous_statistics_warning">Opting into LineageOS Statistics will allow non-personal data to be submitted to the
+-        developers of LineageOS to track unique installations across devices. The information submitted includes an unique identifier,
+-        which does not compromise your privacy or personal data. The data is submitted during each boot.\n\nFor an example of the data that is submitted, tap on Preview Data.</string>
+-    <string name="enable_reporting_title">Enable reporting</string>
+-    <string name="preview_data_title">Preview data</string>
+-    <string name="view_stats_title">View stats</string>
+-    <string name="anonymous_learn_more">Learn more</string>
+-
+-    <!-- Anonymous Statistics - Preview -->
+-    <string name="preview_id_title">Unique ID</string>
+-    <string name="preview_device_title">Device</string>
+-    <string name="preview_version_title">Version</string>
+-    <string name="preview_country_title">Country</string>
+-    <string name="preview_carrier_title">Carrier</string>
+-    <string name="stats_collection_title">Stats collection</string>
+-    <string name="stats_collection_summary">Allow installation metrics and device statistics to be collected</string>
+-
+     <!-- Display : Rotation  -->
+     <string name="accelerometer_title">Auto-rotate screen</string>
+     <string name="display_rotation_title">Rotation settings</string>
+diff --git a/res/xml/parts_catalog.xml b/res/xml/parts_catalog.xml
+index a4346c7..ec04e60 100644
+--- a/res/xml/parts_catalog.xml
++++ b/res/xml/parts_catalog.xml
+@@ -70,11 +70,6 @@
+           android:fragment="org.lineageos.lineageparts.statusbar.StatusBarSettings"
+           lineage:xmlRes="@xml/status_bar_settings" />
+ 
+-    <part android:key="lineagestats"
+-          android:title="@string/anonymous_statistics_title"
+-          android:fragment="org.lineageos.lineageparts.lineagestats.AnonymousStats"
+-          lineage:xmlRes="@xml/anonymous_stats" />
+-
+     <part android:key="power_menu"
+           android:title="@string/power_menu_title"
+           android:fragment="org.lineageos.lineageparts.input.PowerMenuActions"
+diff --git a/res/xml/trust_preferences.xml b/res/xml/trust_preferences.xml
+index bdb1aa7..0097a52 100644
+--- a/res/xml/trust_preferences.xml
++++ b/res/xml/trust_preferences.xml
+@@ -45,9 +45,6 @@
+             android:summary="@string/trust_restrict_usb_summary"
+             android:defaultValue="false" />
+ 
+-        <org.lineageos.internal.lineageparts.LineagePartsPreference
+-            android:key="lineagestats" />
+-
+         <ListPreference
+             android:key="sms_security_check_limit"
+             android:defaultValue="30"
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch b/Patches/LineageOS-17.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
new file mode 100644
index 00000000..80eb4f55
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
@@ -0,0 +1,186 @@
+From 54452d84d52cd5ac376e308e97517c514f7b4ee8 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 28 Feb 2018 08:12:03 -0500
+Subject: [PATCH] Remove analytics
+
+Change-Id: I189e9362c828569512e819cf655b03bfa3436830
+---
+ res/layout/setup_lineage_settings.xml         | 36 -------------------
+ .../lineageos/setupwizard/FinishActivity.java | 12 -------
+ .../setupwizard/LineageSettingsActivity.java  | 31 ----------------
+ .../lineageos/setupwizard/SetupWizardApp.java |  1 -
+ 4 files changed, 80 deletions(-)
+
+diff --git a/res/layout/setup_lineage_settings.xml b/res/layout/setup_lineage_settings.xml
+index b75af3c..15c2755 100644
+--- a/res/layout/setup_lineage_settings.xml
++++ b/res/layout/setup_lineage_settings.xml
+@@ -51,42 +51,6 @@
+                     android:text="@string/services_explanation"
+                     android:clickable="true"/>
+ 
+-                <!-- Whether or not to enable metrics -->
+-                <LinearLayout
+-                    android:id="@+id/metrics"
+-                    android:orientation="horizontal"
+-                    android:layout_width="match_parent"
+-                    android:layout_height="wrap_content"
+-                    android:paddingLeft="@dimen/location_margin_left"
+-                    android:paddingRight="@dimen/content_margin_right"
+-                    android:background="?android:attr/selectableItemBackground"
+-                    android:clickable="true">
+-
+-
+-                    <CheckBox
+-                        android:id="@+id/enable_metrics_checkbox"
+-                        android:layout_width="wrap_content"
+-                        android:layout_height="wrap_content"
+-                        android:layout_gravity="top"
+-                        android:layout_marginTop="5dp"
+-                        android:duplicateParentState="true"
+-                        android:clickable="false"/>
+-
+-                    <TextView
+-                        android:id="@+id/enable_metrics_summary"
+-                        android:layout_width="0px"
+-                        android:layout_height="wrap_content"
+-                        android:layout_weight="1"
+-                        android:textSize="15sp"
+-                        android:lineSpacingExtra="@dimen/setup_line_spacing"
+-                        android:gravity="top"
+-                        android:layout_marginLeft="@dimen/location_text_margin_left"
+-                        android:layout_marginRight="@dimen/location_text_margin_right"
+-                        android:paddingBottom="@dimen/content_margin_bottom"
+-                        android:text="@string/services_metrics_label"/>
+-
+-                </LinearLayout>
+-
+                 <!-- Checkbox for using on-screen nav keys -->
+                 <LinearLayout
+                     android:id="@+id/nav_keys"
+diff --git a/src/org/lineageos/setupwizard/FinishActivity.java b/src/org/lineageos/setupwizard/FinishActivity.java
+index 39b8562..e727a42 100644
+--- a/src/org/lineageos/setupwizard/FinishActivity.java
++++ b/src/org/lineageos/setupwizard/FinishActivity.java
+@@ -19,7 +19,6 @@ package org.lineageos.setupwizard;
+ 
+ import static org.lineageos.setupwizard.SetupWizardApp.DISABLE_NAV_KEYS;
+ import static org.lineageos.setupwizard.SetupWizardApp.KEY_BUTTON_BACKLIGHT;
+-import static org.lineageos.setupwizard.SetupWizardApp.KEY_SEND_METRICS;
+ import static org.lineageos.setupwizard.SetupWizardApp.LOGV;
+ 
+ import android.animation.Animator;
+@@ -168,7 +167,6 @@ public class FinishActivity extends BaseSetupWizardActivity {
+         if (mEnableAccessibilityController != null) {
+             mEnableAccessibilityController.onDestroy();
+         }
+-        handleEnableMetrics(mSetupWizardApp);
+         handleNavKeys(mSetupWizardApp);
+         final WallpaperManager wallpaperManager =
+                 WallpaperManager.getInstance(mSetupWizardApp);
+@@ -179,16 +177,6 @@ public class FinishActivity extends BaseSetupWizardActivity {
+         startActivityForResult(intent, NEXT_REQUEST);
+     }
+ 
+-    private static void handleEnableMetrics(SetupWizardApp setupWizardApp) {
+-        Bundle privacyData = setupWizardApp.getSettingsBundle();
+-        if (privacyData != null
+-                && privacyData.containsKey(KEY_SEND_METRICS)) {
+-            LineageSettings.Secure.putInt(setupWizardApp.getContentResolver(),
+-                    LineageSettings.Secure.STATS_COLLECTION, privacyData.getBoolean(KEY_SEND_METRICS)
+-                            ? 1 : 0);
+-        }
+-    }
+-
+     private static void handleNavKeys(SetupWizardApp setupWizardApp) {
+         if (setupWizardApp.getSettingsBundle().containsKey(DISABLE_NAV_KEYS)) {
+             writeDisableNavkeysOption(setupWizardApp,
+diff --git a/src/org/lineageos/setupwizard/LineageSettingsActivity.java b/src/org/lineageos/setupwizard/LineageSettingsActivity.java
+index dfe4bde..e179ecb 100644
+--- a/src/org/lineageos/setupwizard/LineageSettingsActivity.java
++++ b/src/org/lineageos/setupwizard/LineageSettingsActivity.java
+@@ -18,7 +18,6 @@
+ package org.lineageos.setupwizard;
+ 
+ import static org.lineageos.setupwizard.SetupWizardApp.DISABLE_NAV_KEYS;
+-import static org.lineageos.setupwizard.SetupWizardApp.KEY_SEND_METRICS;
+ 
+ import android.app.Activity;
+ import android.content.Context;
+@@ -55,17 +54,10 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+ 
+     private SetupWizardApp mSetupWizardApp;
+ 
+-    private CheckBox mMetrics;
+     private CheckBox mNavKeys;
+ 
+     private boolean mSupportsKeyDisabler = false;
+ 
+-    private View.OnClickListener mMetricsClickListener = view -> {
+-        boolean checked = !mMetrics.isChecked();
+-        mMetrics.setChecked(checked);
+-        mSetupWizardApp.getSettingsBundle().putBoolean(KEY_SEND_METRICS, checked);
+-    };
+-
+     private View.OnClickListener mNavKeysClickListener = view -> {
+         boolean checked = !mNavKeys.isChecked();
+         mNavKeys.setChecked(checked);
+@@ -101,19 +93,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+         privacyPolicy.setMovementMethod(LinkMovementMethod.getInstance());
+         privacyPolicy.setText(ss);
+ 
+-        View metricsRow = findViewById(R.id.metrics);
+-        metricsRow.setOnClickListener(mMetricsClickListener);
+-        String metricsHelpImproveLineage =
+-                getString(R.string.services_help_improve_cm, getString(R.string.os_name));
+-        String metricsSummary = getString(R.string.services_metrics_label,
+-                metricsHelpImproveLineage, getString(R.string.os_name));
+-        final SpannableStringBuilder metricsSpan = new SpannableStringBuilder(metricsSummary);
+-        metricsSpan.setSpan(new android.text.style.StyleSpan(android.graphics.Typeface.BOLD),
+-                0, metricsHelpImproveLineage.length(), Spannable.SPAN_EXCLUSIVE_EXCLUSIVE);
+-        TextView metrics = (TextView) findViewById(R.id.enable_metrics_summary);
+-        metrics.setText(metricsSpan);
+-        mMetrics = (CheckBox) findViewById(R.id.enable_metrics_checkbox);
+-
+         View navKeysRow = findViewById(R.id.nav_keys);
+         navKeysRow.setOnClickListener(mNavKeysClickListener);
+         mNavKeys = (CheckBox) findViewById(R.id.nav_keys_checkbox);
+@@ -130,7 +109,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+     public void onResume() {
+         super.onResume();
+         updateDisableNavkeysOption();
+-        updateMetricsOption();
+     }
+ 
+     @Override
+@@ -164,15 +142,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+         return R.drawable.ic_features;
+     }
+ 
+-    private void updateMetricsOption() {
+-        final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle();
+-        boolean metricsChecked =
+-                !myPageBundle.containsKey(KEY_SEND_METRICS) || myPageBundle
+-                        .getBoolean(KEY_SEND_METRICS);
+-        mMetrics.setChecked(metricsChecked);
+-        myPageBundle.putBoolean(KEY_SEND_METRICS, metricsChecked);
+-    }
+-
+     private void updateDisableNavkeysOption() {
+         if (mSupportsKeyDisabler) {
+             final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle();
+diff --git a/src/org/lineageos/setupwizard/SetupWizardApp.java b/src/org/lineageos/setupwizard/SetupWizardApp.java
+index 538c298..4e5b0ed 100644
+--- a/src/org/lineageos/setupwizard/SetupWizardApp.java
++++ b/src/org/lineageos/setupwizard/SetupWizardApp.java
+@@ -60,7 +60,6 @@ public class SetupWizardApp extends Application {
+     public static final String EXTRA_PREFS_SET_BACK_TEXT = "extra_prefs_set_back_text";
+ 
+     public static final String KEY_DETECT_CAPTIVE_PORTAL = "captive_portal_detection_enabled";
+-    public static final String KEY_SEND_METRICS = "send_metrics";
+     public static final String DISABLE_NAV_KEYS = "disable_nav_keys";
+     public static final String KEY_BUTTON_BACKLIGHT = "pre_navbar_button_backlight";
+ 
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_packages_apps_Updater/0001-Server.patch b/Patches/LineageOS-17.1/android_packages_apps_Updater/0001-Server.patch
new file mode 100644
index 00000000..94d4def5
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_packages_apps_Updater/0001-Server.patch
@@ -0,0 +1,36 @@
+From 3ef68d192b4c53db09111ee16246199757c4066b Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Thu, 20 Sep 2018 16:43:46 -0400
+Subject: [PATCH] Switch to our update server
+
+Change-Id: I26dc2942736cf0cfe4e7b92ddfdd04b9d74dbae5
+---
+ src/org/lineageos/updater/misc/Utils.java | 11 ++---------
+ 1 file changed, 2 insertions(+), 9 deletions(-)
+
+diff --git a/src/org/lineageos/updater/misc/Utils.java b/src/org/lineageos/updater/misc/Utils.java
+index caf80c9..048d865 100644
+--- a/src/org/lineageos/updater/misc/Utils.java
++++ b/src/org/lineageos/updater/misc/Utils.java
+@@ -154,16 +154,9 @@ public class Utils {
+         String incrementalVersion = SystemProperties.get(Constants.PROP_BUILD_VERSION_INCREMENTAL);
+         String device = SystemProperties.get(Constants.PROP_NEXT_DEVICE,
+                 SystemProperties.get(Constants.PROP_DEVICE));
+-        String type = SystemProperties.get(Constants.PROP_RELEASE_TYPE).toLowerCase(Locale.ROOT);
++        String server = "0OTA_SERVER_CLEARNET0";
+ 
+-        String serverUrl = SystemProperties.get(Constants.PROP_UPDATER_URI);
+-        if (serverUrl.trim().isEmpty()) {
+-            serverUrl = context.getString(R.string.updater_server_url);
+-        }
+-
+-        return serverUrl.replace("{device}", device)
+-                .replace("{type}", type)
+-                .replace("{incr}", incrementalVersion);
++        return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion;
+     }
+ 
+     public static String getUpgradeBlockedURL(Context context) {
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_packages_apps_Updater/0002-Tor_Support.patch b/Patches/LineageOS-17.1/android_packages_apps_Updater/0002-Tor_Support.patch
new file mode 100644
index 00000000..1e9443cb
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_packages_apps_Updater/0002-Tor_Support.patch
@@ -0,0 +1,384 @@
+From 14bd0c11762e842c876c7c22c2f82ee1002e7186 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Thu, 20 Sep 2018 21:44:53 -0400
+Subject: [PATCH] Add support for routing over Tor
+
+Change-Id: Ibfe080c3d801af34fb64fda1b6b8f4f39a2b1ccf
+---
+ res/layout/preferences_dialog.xml             |  8 +++
+ res/values/strings.xml                        |  2 +
+ .../lineageos/updater/UpdatesActivity.java    | 12 ++++
+ .../updater/UpdatesCheckReceiver.java         |  4 ++
+ .../updater/controller/UpdaterController.java |  8 +++
+ .../updater/download/DownloadClient.java      |  8 ++-
+ .../download/HttpURLConnectionClient.java     | 27 ++++++--
+ src/org/lineageos/updater/misc/Constants.java |  1 +
+ src/org/lineageos/updater/misc/Utils.java     | 65 +++++++++++++++++++
+ 9 files changed, 130 insertions(+), 5 deletions(-)
+
+diff --git a/res/layout/preferences_dialog.xml b/res/layout/preferences_dialog.xml
+index e30c117..f5f3170 100644
+--- a/res/layout/preferences_dialog.xml
++++ b/res/layout/preferences_dialog.xml
+@@ -29,6 +29,14 @@
+             android:entries="@array/menu_auto_updates_check_interval_entries" />
+     </LinearLayout>
+ 
++    <Switch
++        android:id="@+id/preferences_onion_routing"
++        android:layout_width="match_parent"
++        android:layout_height="wrap_content"
++        android:layout_marginBottom="16dp"
++        android:text="@string/menu_onion_routing"
++        android:textSize="16sp" />
++
+     <Switch
+         android:id="@+id/preferences_auto_delete_updates"
+         android:layout_width="match_parent"
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 34f2fd3..e2a3e09 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -70,6 +70,7 @@
+     <string name="menu_auto_updates_check_interval_weekly">Once a week</string>
+     <string name="menu_auto_updates_check_interval_monthly">Once a month</string>
+     <string name="menu_auto_updates_check_interval_never">Never</string>
++    <string name="menu_onion_routing">Perform requests over Tor</string>
+     <string name="menu_auto_delete_updates">Delete updates when installed</string>
+     <string name="menu_delete_update">Delete</string>
+     <string name="menu_copy_url">Copy URL</string>
+@@ -85,6 +86,7 @@
+     <string name="snack_download_failed">The download failed. Please check your internet connection and try again later.</string>
+     <string name="snack_download_verification_failed">The update verification failed.</string>
+     <string name="snack_download_verified">Download completed.</string>
++    <string name="snack_orbot_not_available">Orbot is not installed, disabling Tor routing!</string>
+ 
+     <string name="snack_update_not_installable">This update can\'t be installed on top of the current build.</string>
+ 
+diff --git a/src/org/lineageos/updater/UpdatesActivity.java b/src/org/lineageos/updater/UpdatesActivity.java
+index ad001c8..4bebc17 100644
+--- a/src/org/lineageos/updater/UpdatesActivity.java
++++ b/src/org/lineageos/updater/UpdatesActivity.java
+@@ -343,10 +343,14 @@ public class UpdatesActivity extends UpdatesListActivity {
+ 
+         final DownloadClient downloadClient;
+         try {
++            if(Utils.isOnionRoutingEnabled(getApplicationContext())) {
++                Utils.requestStartOrbot(getApplicationContext());
++            }
+             downloadClient = new DownloadClient.Builder()
+                     .setUrl(url)
+                     .setDestination(jsonFileTmp)
+                     .setDownloadCallback(callback)
++                    .setUseOnionRouting(Utils.isOnionRoutingEnabled(getApplicationContext()))
+                     .build();
+         } catch (IOException exception) {
+             Log.e(TAG, "Could not build download client");
+@@ -411,6 +415,7 @@ public class UpdatesActivity extends UpdatesListActivity {
+         View view = LayoutInflater.from(this).inflate(R.layout.preferences_dialog, null);
+         Spinner autoCheckInterval =
+                 view.findViewById(R.id.preferences_auto_updates_check_interval);
++        Switch onionRouting = view.findViewById(R.id.preferences_onion_routing);
+         Switch autoDelete = view.findViewById(R.id.preferences_auto_delete_updates);
+         Switch dataWarning = view.findViewById(R.id.preferences_mobile_data_warning);
+         Switch abPerfMode = view.findViewById(R.id.preferences_ab_perf_mode);
+@@ -421,6 +426,7 @@ public class UpdatesActivity extends UpdatesListActivity {
+ 
+         SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
+         autoCheckInterval.setSelection(Utils.getUpdateCheckSetting(this));
++        onionRouting.setChecked(prefs.getBoolean(Constants.PREF_ONION_ROUTING, false));
+         autoDelete.setChecked(prefs.getBoolean(Constants.PREF_AUTO_DELETE_UPDATES, false));
+         dataWarning.setChecked(prefs.getBoolean(Constants.PREF_MOBILE_DATA_WARNING, true));
+         abPerfMode.setChecked(prefs.getBoolean(Constants.PREF_AB_PERF_MODE, false));
+@@ -432,6 +438,8 @@ public class UpdatesActivity extends UpdatesListActivity {
+                     prefs.edit()
+                             .putInt(Constants.PREF_AUTO_UPDATES_CHECK_INTERVAL,
+                                     autoCheckInterval.getSelectedItemPosition())
++                            .putBoolean(Constants.PREF_ONION_ROUTING,
++                                    onionRouting.isChecked() && Utils.isOrbotInstalled(getApplicationContext()))
+                             .putBoolean(Constants.PREF_AUTO_DELETE_UPDATES,
+                                     autoDelete.isChecked())
+                             .putBoolean(Constants.PREF_MOBILE_DATA_WARNING,
+@@ -447,6 +455,10 @@ public class UpdatesActivity extends UpdatesListActivity {
+                         UpdatesCheckReceiver.cancelUpdatesCheck(this);
+                     }
+ 
++                    if(onionRouting.isChecked() && !Utils.isOrbotInstalled(getApplicationContext())) {
++                        showSnackbar(R.string.snack_orbot_not_available, Snackbar.LENGTH_LONG);
++                    }
++
+                     if (Utils.isABDevice()) {
+                         boolean enableABPerfMode = abPerfMode.isChecked();
+                         mUpdaterService.getUpdaterController().setPerformanceMode(enableABPerfMode);
+diff --git a/src/org/lineageos/updater/UpdatesCheckReceiver.java b/src/org/lineageos/updater/UpdatesCheckReceiver.java
+index 288cd1a..5769a21 100644
+--- a/src/org/lineageos/updater/UpdatesCheckReceiver.java
++++ b/src/org/lineageos/updater/UpdatesCheckReceiver.java
+@@ -110,10 +110,14 @@ public class UpdatesCheckReceiver extends BroadcastReceiver {
+         };
+ 
+         try {
++            if(Utils.isOnionRoutingEnabled(context)) {
++                Utils.requestStartOrbot(context);
++            }
+             DownloadClient downloadClient = new DownloadClient.Builder()
+                     .setUrl(url)
+                     .setDestination(jsonNew)
+                     .setDownloadCallback(callback)
++                    .setUseOnionRouting(Utils.isOnionRoutingEnabled(context))
+                     .build();
+             downloadClient.start();
+         } catch (IOException e) {
+diff --git a/src/org/lineageos/updater/controller/UpdaterController.java b/src/org/lineageos/updater/controller/UpdaterController.java
+index 62f8ca7..07f9a61 100644
+--- a/src/org/lineageos/updater/controller/UpdaterController.java
++++ b/src/org/lineageos/updater/controller/UpdaterController.java
+@@ -358,12 +358,16 @@ public class UpdaterController {
+         update.setFile(destination);
+         DownloadClient downloadClient;
+         try {
++            if(Utils.isOnionRoutingEnabled(mContext)) {
++                Utils.requestStartOrbot(mContext);
++            }
+             downloadClient = new DownloadClient.Builder()
+                     .setUrl(update.getDownloadUrl())
+                     .setDestination(update.getFile())
+                     .setDownloadCallback(getDownloadCallback(downloadId))
+                     .setProgressListener(getProgressListener(downloadId))
+                     .setUseDuplicateLinks(true)
++                    .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext))
+                     .build();
+         } catch (IOException exception) {
+             Log.e(TAG, "Could not build download client");
+@@ -398,6 +402,9 @@ public class UpdaterController {
+             verifyUpdateAsync(downloadId);
+             notifyUpdateChange(downloadId);
+         } else {
++            if(Utils.isOnionRoutingEnabled(mContext)) {
++                Utils.requestStartOrbot(mContext);
++            }
+             DownloadClient downloadClient;
+             try {
+                 downloadClient = new DownloadClient.Builder()
+@@ -406,6 +413,7 @@ public class UpdaterController {
+                         .setDownloadCallback(getDownloadCallback(downloadId))
+                         .setProgressListener(getProgressListener(downloadId))
+                         .setUseDuplicateLinks(true)
++                        .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext))
+                         .build();
+             } catch (IOException exception) {
+                 Log.e(TAG, "Could not build download client");
+diff --git a/src/org/lineageos/updater/download/DownloadClient.java b/src/org/lineageos/updater/download/DownloadClient.java
+index 6a2a490..374e017 100644
+--- a/src/org/lineageos/updater/download/DownloadClient.java
++++ b/src/org/lineageos/updater/download/DownloadClient.java
+@@ -64,6 +64,7 @@ public interface DownloadClient {
+         private DownloadClient.DownloadCallback mCallback;
+         private DownloadClient.ProgressListener mProgressListener;
+         private boolean mUseDuplicateLinks;
++        private boolean mOnionRouting;
+ 
+         public DownloadClient build() throws IOException {
+             if (mUrl == null) {
+@@ -74,7 +75,7 @@ public interface DownloadClient {
+                 throw new IllegalStateException("No download callback defined");
+             }
+             return new HttpURLConnectionClient(mUrl, mDestination, mProgressListener, mCallback,
+-                    mUseDuplicateLinks);
++                    mUseDuplicateLinks, mOnionRouting);
+         }
+ 
+         public Builder setUrl(String url) {
+@@ -101,5 +102,10 @@ public interface DownloadClient {
+             mUseDuplicateLinks = useDuplicateLinks;
+             return this;
+         }
++
++        public Builder setUseOnionRouting(boolean onionRouting) {
++            mOnionRouting = onionRouting;
++            return this;
++        }
+     }
+ }
+diff --git a/src/org/lineageos/updater/download/HttpURLConnectionClient.java b/src/org/lineageos/updater/download/HttpURLConnectionClient.java
+index 2b7c80e..caeaf66 100644
+--- a/src/org/lineageos/updater/download/HttpURLConnectionClient.java
++++ b/src/org/lineageos/updater/download/HttpURLConnectionClient.java
+@@ -18,12 +18,16 @@ package org.lineageos.updater.download;
+ import android.os.SystemClock;
+ import android.util.Log;
+ 
++import org.lineageos.updater.misc.Utils;
++
+ import java.io.File;
+ import java.io.FileOutputStream;
+ import java.io.IOException;
+ import java.io.InputStream;
+ import java.io.OutputStream;
+ import java.net.HttpURLConnection;
++import java.net.InetSocketAddress;
++import java.net.Proxy;
+ import java.net.URL;
+ import java.util.Comparator;
+ import java.util.List;
+@@ -42,6 +46,7 @@ public class HttpURLConnectionClient implements DownloadClient {
+     private final DownloadClient.ProgressListener mProgressListener;
+     private final DownloadClient.DownloadCallback mCallback;
+     private final boolean mUseDuplicateLinks;
++    private final boolean mUseOnionRouting;
+ 
+     private DownloadThread mDownloadThread;
+ 
+@@ -60,8 +65,14 @@ public class HttpURLConnectionClient implements DownloadClient {
+     HttpURLConnectionClient(String url, File destination,
+             DownloadClient.ProgressListener progressListener,
+             DownloadClient.DownloadCallback callback,
+-            boolean useDuplicateLinks) throws IOException {
+-        mClient = (HttpURLConnection) new URL(url).openConnection();
++            boolean useDuplicateLinks, boolean useOnionRouting) throws IOException {
++        mUseOnionRouting = useOnionRouting;
++        if(mUseOnionRouting) {
++            Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050));
++            mClient = (HttpURLConnection) new URL(url).openConnection(orbot);
++        } else {
++            mClient = (HttpURLConnection) new URL(url).openConnection();
++        }
+         mDestination = destination;
+         mProgressListener = progressListener;
+         mCallback = callback;
+@@ -169,7 +180,12 @@ public class HttpURLConnectionClient implements DownloadClient {
+         private void changeClientUrl(URL newUrl) throws IOException {
+             String range = mClient.getRequestProperty("Range");
+             mClient.disconnect();
+-            mClient = (HttpURLConnection) newUrl.openConnection();
++            if(mUseOnionRouting) {
++                Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050));
++                mClient = (HttpURLConnection) newUrl.openConnection(orbot);
++            } else {
++                mClient = (HttpURLConnection) newUrl.openConnection();
++            }
+             if (range != null) {
+                 mClient.setRequestProperty("Range", range);
+             }
+@@ -224,7 +240,7 @@ public class HttpURLConnectionClient implements DownloadClient {
+                     }
+                     Log.d(TAG, "Downloading from " + newUrl);
+                     changeClientUrl(url);
+-                    mClient.setConnectTimeout(5000);
++                    mClient.setConnectTimeout(mUseOnionRouting ? 45000 : 5000);
+                     mClient.connect();
+                     if (!isSuccessCode(mClient.getResponseCode())) {
+                         throw new IOException("Server replied with " + mClient.getResponseCode());
+@@ -246,6 +262,9 @@ public class HttpURLConnectionClient implements DownloadClient {
+         @Override
+         public void run() {
+             try {
++                if(mUseOnionRouting) {
++                    Utils.waitUntilOrbotIsAvailable();
++                }
+                 mClient.setInstanceFollowRedirects(!mUseDuplicateLinks);
+                 mClient.connect();
+                 int responseCode = mClient.getResponseCode();
+diff --git a/src/org/lineageos/updater/misc/Constants.java b/src/org/lineageos/updater/misc/Constants.java
+index 81e7c1a..46d8666 100644
+--- a/src/org/lineageos/updater/misc/Constants.java
++++ b/src/org/lineageos/updater/misc/Constants.java
+@@ -30,6 +30,7 @@ public final class Constants {
+ 
+     public static final String PREF_LAST_UPDATE_CHECK = "last_update_check";
+     public static final String PREF_AUTO_UPDATES_CHECK_INTERVAL = "auto_updates_check_interval";
++    public static final String PREF_ONION_ROUTING = "onion_routing";
+     public static final String PREF_AUTO_DELETE_UPDATES = "auto_delete_updates";
+     public static final String PREF_AB_PERF_MODE = "ab_perf_mode";
+     public static final String PREF_MOBILE_DATA_WARNING = "pref_mobile_data_warning";
+diff --git a/src/org/lineageos/updater/misc/Utils.java b/src/org/lineageos/updater/misc/Utils.java
+index 048d865..d1b5a74 100644
+--- a/src/org/lineageos/updater/misc/Utils.java
++++ b/src/org/lineageos/updater/misc/Utils.java
+@@ -45,6 +45,7 @@ import java.io.BufferedReader;
+ import java.io.File;
+ import java.io.FileReader;
+ import java.io.IOException;
++import java.net.Socket;
+ import java.util.ArrayList;
+ import java.util.Enumeration;
+ import java.util.HashSet;
+@@ -150,11 +151,75 @@ public class Utils {
+         return updates;
+     }
+ 
++    //Credit: https://stackoverflow.com/a/6758962
++    public static boolean isPackageInstalled(Context context, String packageID) {
++        PackageManager pm = context.getPackageManager();
++        try {
++            pm.getPackageInfo(packageID, PackageManager.GET_META_DATA);
++        } catch(PackageManager.NameNotFoundException e) {
++            return false;
++        }
++        return true;
++    }
++
++    public static boolean isOrbotInstalled(Context context) {
++        return isPackageInstalled(context, "org.torproject.android");
++    }
++
++    public static boolean isOnionRoutingEnabled(Context context) {
++        SharedPreferences preferences = PreferenceManager.getDefaultSharedPreferences(context);
++        return preferences.getBoolean(Constants.PREF_ONION_ROUTING, false);
++    }
++
++    //Credit: OrbotHelper/NetCipher
++    public static void requestStartOrbot(Context context) {
++        Intent intent = new Intent("org.torproject.android.intent.action.START");
++        intent.setPackage("org.torproject.android");
++        intent.putExtra("org.torproject.android.intent.extra.PACKAGE_NAME", context.getPackageName());
++        context.sendBroadcast(intent);
++    }
++
++    //Credit: https://www.geekality.net/2013/04/30/java-simple-check-to-see-if-a-server-is-listening-on-a-port/
++    public static boolean isPortListening(String host, int port) {
++        Socket s = null;
++        try {
++            s = new Socket(host, port);
++            return true;
++        } catch(Exception e) {
++            return false;
++        } finally {
++            if (s != null) {
++                try {
++                    s.close();
++                } catch(Exception e1) {
++                }
++            }
++        }
++    }
++
++    public static boolean waitUntilOrbotIsAvailable() {
++        int tries = 0;
++        boolean listening;
++        while(!(listening = isPortListening("127.0.0.1", 9050)) && tries <= 60) {
++            tries++;
++            try {
++                Thread.sleep(1000);
++            } catch(Exception e) {
++
++            }
++        }
++        return listening;
++    }
++
+     public static String getServerURL(Context context) {
+         String incrementalVersion = SystemProperties.get(Constants.PROP_BUILD_VERSION_INCREMENTAL);
+         String device = SystemProperties.get(Constants.PROP_NEXT_DEVICE,
+                 SystemProperties.get(Constants.PROP_DEVICE));
+         String server = "0OTA_SERVER_CLEARNET0";
++        String serverOnion = "0OTA_SERVER_ONION0";
++        if(serverOnion.toLowerCase().startsWith("http") && isOnionRoutingEnabled(context)) {
++            server = serverOnion;
++        }
+ 
+         return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion;
+     }
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_system_core/0001-Harden.patch b/Patches/LineageOS-17.1/android_system_core/0001-Harden.patch
new file mode 100644
index 00000000..f699db50
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_system_core/0001-Harden.patch
@@ -0,0 +1,57 @@
+From 29240bc6aa37804757682d100fcf7484c8fb1122 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Mon, 12 Feb 2018 03:29:58 -0500
+Subject: [PATCH] Harden
+
+Change-Id: Idd2da6d9989ec554ce5b0841781d323fdcd9eb87
+---
+ init/first_stage_init.cpp | 6 +++---
+ rootdir/init.rc           | 9 +++++++++
+ 2 files changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/init/first_stage_init.cpp b/init/first_stage_init.cpp
+index 2b899408a..84c2735c2 100644
+--- a/init/first_stage_init.cpp
++++ b/init/first_stage_init.cpp
+@@ -120,15 +120,15 @@ int FirstStageMain(int argc, char** argv) {
+     CHECKCALL(mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755"));
+     CHECKCALL(mkdir("/dev/pts", 0755));
+     CHECKCALL(mkdir("/dev/socket", 0755));
+-    CHECKCALL(mount("devpts", "/dev/pts", "devpts", 0, NULL));
++    CHECKCALL(mount("devpts", "/dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, NULL));
+ #define MAKE_STR(x) __STRING(x)
+-    CHECKCALL(mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC)));
++    CHECKCALL(mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, "hidepid=2,gid=" MAKE_STR(AID_READPROC)));
+ #undef MAKE_STR
+     // Don't expose the raw commandline to unprivileged processes.
+     CHECKCALL(chmod("/proc/cmdline", 0440));
+     gid_t groups[] = {AID_READPROC};
+     CHECKCALL(setgroups(arraysize(groups), groups));
+-    CHECKCALL(mount("sysfs", "/sys", "sysfs", 0, NULL));
++    CHECKCALL(mount("sysfs", "/sys", "sysfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL));
+     CHECKCALL(mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL));
+ 
+     CHECKCALL(mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11)));
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index 58a83e091..a28db476b 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -140,6 +140,15 @@ on init
+     write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
+     write /proc/sys/kernel/sched_child_runs_first 0
+ 
++    write /proc/sys/kernel/dmesg_restrict 1
++    write /proc/sys/kernel/kptr_restrict 2
++    write /proc/sys/fs/protected_hardlinks 1
++    write /proc/sys/fs/protected_symlinks 1
++    write /proc/sys/fs/protected_fifos 1
++    write /proc/sys/fs/protected_regular 1
++    write /proc/sys/net/ipv4/tcp_sack 0
++    write /proc/sys/net/ipv6/conf/all/use_tempaddr 2
++    write /proc/sys/net/ipv6/conf/default/use_tempaddr 2
+     write /proc/sys/kernel/randomize_va_space 2
+     write /proc/sys/vm/mmap_min_addr 32768
+     write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
+-- 
+2.26.0
+
diff --git a/Patches/LineageOS-17.1/android_system_core/0002-HM-Increase_vm_mmc.patch b/Patches/LineageOS-17.1/android_system_core/0002-HM-Increase_vm_mmc.patch
new file mode 100644
index 00000000..fa402f9e
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_system_core/0002-HM-Increase_vm_mmc.patch
@@ -0,0 +1,22 @@
+From 95dc082ad7556e88bc10fc48cb19364fce1ae9ae Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Thu, 13 Dec 2018 09:26:25 -0500
+Subject: [PATCH] increase max_map_count for hardened malloc
+
+---
+ rootdir/init.rc | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index 0fa9febdd3c..c38761021b6 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -671,6 +671,8 @@ on boot
+     chown root system /sys/block/zram0/writeback
+     chmod 0664 /sys/block/zram0/writeback
+ 
++    write /proc/sys/vm/max_map_count 524240
++
+     # Tweak background writeout
+     write /proc/sys/vm/dirty_expire_centisecs 200
+     write /proc/sys/vm/dirty_background_ratio  5
diff --git a/Patches/LineageOS-17.1/android_system_extras/0001-ext4_pad_filenames.patch b/Patches/LineageOS-17.1/android_system_extras/0001-ext4_pad_filenames.patch
new file mode 100644
index 00000000..7fcfddd2
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_system_extras/0001-ext4_pad_filenames.patch
@@ -0,0 +1,69 @@
+From 57f23bfb5c1d256a69684d07e2787a9b71621698 Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Thu, 15 Dec 2016 17:22:41 -0500
+Subject: [PATCH] fscrypt: pad filenames to 32 bytes, not 16 or 4
+
+This is done in a way that's backwards compatible with old installations
+by leaving them with the previous padding settings until factory reset.
+---
+ libfscrypt/fscrypt.cpp | 26 ++++++++++++++++++++++++--
+ 1 file changed, 24 insertions(+), 2 deletions(-)
+
+diff --git a/libfscrypt/fscrypt.cpp b/libfscrypt/fscrypt.cpp
+index adeb66aa..7b707b9f 100644
+--- a/libfscrypt/fscrypt.cpp
++++ b/libfscrypt/fscrypt.cpp
+@@ -118,7 +118,7 @@ static bool is_dir_empty(const char *dirname, bool *is_empty)
+     return true;
+ }
+ 
+-static uint8_t fscrypt_get_policy_flags(int filenames_encryption_mode) {
++static uint8_t fscrypt_get_policy_flags_old(int filenames_encryption_mode) {
+     if (filenames_encryption_mode == FS_ENCRYPTION_MODE_AES_256_CTS) {
+         // Use legacy padding with our original filenames encryption mode.
+         return FS_POLICY_FLAGS_PAD_4;
+@@ -135,6 +135,18 @@ static uint8_t fscrypt_get_policy_flags(int filenames_encryption_mode) {
+     return FS_POLICY_FLAGS_PAD_16;
+ }
+ 
++static uint8_t fscrypt_get_policy_flags(int filenames_encryption_mode) {
++    if (filenames_encryption_mode == FS_ENCRYPTION_MODE_ADIANTUM) {
++        return FS_POLICY_FLAGS_PAD_32 | FS_POLICY_FLAG_DIRECT_KEY;
++    }
++    return FS_POLICY_FLAGS_PAD_32;
++}
++
++static bool fscrypt_policy_check(const char *directory, const char *policy,
++                                 size_t policy_length,
++                                 int contents_encryption_mode,
++                                 int filenames_encryption_mode);
++
+ static bool fscrypt_policy_set(const char *directory, const char *policy,
+                                size_t policy_length,
+                                int contents_encryption_mode,
+@@ -153,6 +165,14 @@ static bool fscrypt_policy_set(const char *directory, const char *policy,
+     }
+ 
+     fscrypt_policy fp;
++    memset(&fp, 0, sizeof(fscrypt_policy));
++
++    if (ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY, &fp) == 0) {
++        close(fd);
++        return fscrypt_policy_check(directory, policy, policy_length,
++                                    contents_encryption_mode, filenames_encryption_mode);
++    }
++
+     fp.version = 0;
+     fp.contents_encryption_mode = contents_encryption_mode;
+     fp.filenames_encryption_mode = filenames_encryption_mode;
+@@ -200,7 +220,9 @@ static bool fscrypt_policy_get(const char *directory, char *policy,
+             || (fp.contents_encryption_mode != contents_encryption_mode)
+             || (fp.filenames_encryption_mode != filenames_encryption_mode)
+             || (fp.flags !=
+-                fscrypt_get_policy_flags(filenames_encryption_mode))) {
++                fscrypt_get_policy_flags(filenames_encryption_mode) &&
++                fp.flags !=
++                fscrypt_get_policy_flags_old(filenames_encryption_mode))) {
+         LOG(ERROR) << "Failed to find matching encryption policy for " << directory;
+         return false;
+     }
diff --git a/Patches/LineageOS-17.1/android_system_sepolicy/0001-LGE_Fixes.patch b/Patches/LineageOS-17.1/android_system_sepolicy/0001-LGE_Fixes.patch
new file mode 100644
index 00000000..09d44df2
--- /dev/null
+++ b/Patches/LineageOS-17.1/android_system_sepolicy/0001-LGE_Fixes.patch
@@ -0,0 +1,35 @@
+From acf37ef4f2f187641d1f0a8bd5a313ee46135ef9 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Tue, 14 Apr 2020 17:16:42 -0400
+Subject: [PATCH] Fix -user builds for many LGE devices
+
+Change-Id: I7d7e366f51d376ccba01fda9a2d5276c20cf77f4
+---
+ public/domain.te | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/public/domain.te b/public/domain.te
+index 6f3a19cd..87ca0e6c 100644
+--- a/public/domain.te
++++ b/public/domain.te
+@@ -597,6 +597,9 @@ neverallow {
+   -update_engine
+ } system_block_device:blk_file { write append };
+ 
++# Select devices have policies prevented by the following neverallow
++attribute misc_block_device_exception;
++
+ # No domains other than a select few can access the misc_block_device. This
+ # block device is reserved for OTA use.
+ # Do not assert this rule on userdebug/eng builds, due to some devices using
+@@ -614,6 +617,7 @@ neverallow {
+   -vold
+   -recovery
+   -ueventd
++  -misc_block_device_exception
+ } misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
+ 
+ # Only (hw|vnd|)servicemanager should be able to register with binder as the context manager
+-- 
+2.26.0
+
diff --git a/Scripts/Common/Deblob.sh b/Scripts/Common/Deblob.sh
index b0d0c230..fdad9044 100644
--- a/Scripts/Common/Deblob.sh
+++ b/Scripts/Common/Deblob.sh
@@ -689,6 +689,9 @@ find device -maxdepth 2 -mindepth 2 -type d -exec bash -c 'deblobDevice "$0"' {}
 #find device -maxdepth 3 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'deblobSepolicy "{}"'; #Deblob all device sepolicy directories XXX: Breaks builds when other sepolicy files reference deleted ones
 #find kernel -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'deblobKernel "{}"'; #Deblob all kernel directories
 find vendor -name "*endor*.mk" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'deblobVendor "{}"'; #Deblob all makefiles
+find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/apk.*("$blobs").*/apk: \"proprietary\/priv-app\/qcrilmsgtunnel\/qcrilmsgtunnel.apk\", enabled: false,/g" "{}"';
+find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/jars.*("$blobs").*/jars: \[\"proprietary\/system\/framework\/qcrilhook.jar\"\], enabled: false,/g" "{}"';
+find vendor -name "Android.bp" -type f -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'sed -i -E "s/srcs.*("$blobs").*/srcs: \[\"proprietary\/vendor\/lib\/libtime_genoff.so\"\], enabled: false,/g" "{}"';
 deblobVendors; #Deblob entire vendor directory
 rm -rf frameworks/av/drm/mediadrm/plugins/clearkey; #Remove ClearKey
 rm -rf vendor/samsung/nodevice;
diff --git a/Scripts/LineageOS-14.1/Rebrand.sh b/Scripts/LineageOS-14.1/Rebrand.sh
index cecc8d13..62b12b9d 100644
--- a/Scripts/LineageOS-14.1/Rebrand.sh
+++ b/Scripts/LineageOS-14.1/Rebrand.sh
@@ -21,7 +21,7 @@
 echo "Rebranding...";
 
 enter "bootable/recovery";
-sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./*_ui.cpp;
+sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./*ui.cpp;
 
 enter "build";
 sed -i 's|echo "ro.build.user=$USER"|echo "ro.build.user=emy"|' tools/buildinfo.sh; #Override build user
diff --git a/Scripts/LineageOS-15.1/Rebrand.sh b/Scripts/LineageOS-15.1/Rebrand.sh
index 3beb0eff..83d6abb4 100644
--- a/Scripts/LineageOS-15.1/Rebrand.sh
+++ b/Scripts/LineageOS-15.1/Rebrand.sh
@@ -27,7 +27,7 @@ rm res*/images/logo_image.png; #Remove logo images
 mogrify -format png -fill "#FF5722" -opaque "#167C80" -fuzz 10% res-*/images/*sel.png; #Recolor icons
 sed -i 's|grid_h \* 2 / 3|grid_h * 0.25|' screen_ui.cpp; #Center icons
 sed -i 's|0x16, 0x7c, 0x80|0x03, 0xa9, 0xf4|' screen_ui.cpp; #Recolor text
-sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./*_ui.cpp;
+sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./*ui.cpp;
 sed -i 's|LineageOS|'"$DOS_BRANDING_NAME"'|' ui.cpp;
 
 enter "build/make";
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index e85ac5b7..eff5ad6f 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -30,9 +30,6 @@
 #buildDevice [device]
 #buildAll
 
-#Generate firmware deblobber
-#mka firmware_deblobber
-
 #
 #START OF PREPRATION
 #
@@ -75,17 +72,11 @@ git revert --no-edit 271f6ffa045064abcac066e97f2cb53ccb3e5126 61f7ee9386be426fd4
 patch -p1 < "$DOS_PATCHES_COMMON/android_build/0001-OTA_Keys.patch"; #add correct keys to recovery for OTA verification
 awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk;
 sed -i '74i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk;
-#git revert --no-edit 47a0539fcce53cdcab3ee00afd6810acab26950b 3836ed2b2a7c2da6c9eae66700c7c6fabc0c5b9c ab0b2ca6a0d0d24131bcb779f1eb882bf97afd3c; #remove backuptool
-#patch -p1 < "$DOS_PATCHES/android_build/0001-rm_backuptool.patch";
 
 enterAndClear "device/qcom/sepolicy-legacy";
 patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
 echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices
 
-enterAndClear "external/ppp";
-git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/60/270360/1 && git cherry-pick FETCH_HEAD; #CVE-2020-8597_lineage-16.0
-git fetch "https://github.com/LineageOS/android_external_ppp" refs/changes/61/270361/1 && git cherry-pick FETCH_HEAD;
-
 enterAndClear "external/svox";
 git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
 sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie
@@ -187,7 +178,6 @@ if [ "$DOS_HOSTS_BLOCKING" = true ]; then awk -i inplace '!/50-lineage.sh/' conf
 awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' config/common.mk; #Remove extra keys
 awk -i inplace '!/security\/lineage/' config/common.mk; #Remove extra keys
 awk -i inplace '!/WeatherProvider/' config/common.mk;
-#awk -i inplace '!/backuptool/' config/common.mk; #remove backuptool
 awk -i inplace '!/def_backup_transport/' overlay/common/frameworks/base/packages/SettingsProvider/res/values/defaults.xml;
 if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/AudioFX/' config/common.mk; fi;
 if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then sed -i '/Google provider/!b;n;s/com.google.android.gms/org.microg.nlp/' overlay/common/frameworks/base/core/res/res/values/config.xml; fi;
diff --git a/Scripts/LineageOS-16.0/Rebrand.sh b/Scripts/LineageOS-16.0/Rebrand.sh
index a5cba0a7..cffc837d 100644
--- a/Scripts/LineageOS-16.0/Rebrand.sh
+++ b/Scripts/LineageOS-16.0/Rebrand.sh
@@ -27,7 +27,7 @@ rm res*/images/logo_image.png; #Remove logo images
 mogrify -format png -fill "#FF5722" -opaque "#167C80" -fuzz 10% res-*/images/*sel.png; #Recolor icons
 sed -i 's|grid_h \* 2 / 3|grid_h * 0.25|' screen_ui.cpp; #Center icons
 sed -i 's|0x16, 0x7c, 0x80|0x03, 0xa9, 0xf4|' screen_ui.cpp; #Recolor text
-sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./*_ui.cpp;
+sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./*ui.cpp;
 sed -i 's|LineageOS|'"$DOS_BRANDING_NAME"'|' ui.cpp;
 
 enter "build/make";
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh
new file mode 100644
index 00000000..6574978c
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh
@@ -0,0 +1,97 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/essential/msm8998"
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0018.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18306/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9711/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11273/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11818/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11919/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11984/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11986/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11988/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12010/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13912/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13914/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13920/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5896/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5905/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5906/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5908/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5909/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5910/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10494/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10515/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10555/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10567/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10584/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10614/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2264/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p93"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh
new file mode 100644
index 00000000..a6a1217a
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh
@@ -0,0 +1,107 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/fairphone/msm8974"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p103"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_google_marlin.sh
new file mode 100644
index 00000000..49fe85f8
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_google_marlin.sh
@@ -0,0 +1,176 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/google/marlin"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0019.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0021.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0022.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0023.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0024.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0040.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0041.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0042.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0043.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0044.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0045.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0046.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0048.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0049.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0050.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5257/^4.2.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7884/^4.3.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7885/^4.3.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8104/^4.2.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8844/^4.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8845/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8953/^4.2.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2069/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2782/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3672/^4.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3906/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5345/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5854/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5856/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5858/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5867/3.18/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5870/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6130/^4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6694/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8483/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8646/^4.3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9191/3.11-^4.8.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0537/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0622/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0866/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000371/^4.11.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11034/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11036/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11039/ANY/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13220/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15827/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18150/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18161/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18165/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/^4.9.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7371/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7372/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9707/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10555/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10567/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10614/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/^4.1/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/^5.1.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/^5.0.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14049/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14055/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15666/^5.0.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19052/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2290/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-0040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5853/3.18/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p172"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_google_msm.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_google_msm.sh
new file mode 100644
index 00000000..3af93ed9
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_google_msm.sh
@@ -0,0 +1,152 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/google/msm"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.4/3.4-Backport.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3224/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4738/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13.8/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10902/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-5d89eb01c93d8a62998e3bdccae28a7732e3bd51.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a523207486701b2d34607137558066f.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+editKernelLocalversion "-dos.p148"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_htc_msm8974.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_htc_msm8974.sh
new file mode 100644
index 00000000..f8b66b51
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_htc_msm8974.sh
@@ -0,0 +1,142 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/htc/msm8974"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.4/3.4-Backport.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11039/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13.8/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8266/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10902/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p138"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_g3.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_g3.sh
new file mode 100644
index 00000000..25ea6c38
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_g3.sh
@@ -0,0 +1,120 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/lge/g3"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3224/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6640/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3892/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p116"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_mako.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_mako.sh
new file mode 100644
index 00000000..253760c0
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_mako.sh
@@ -0,0 +1,141 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/lge/mako"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6704/^3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4738/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2384/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5829/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6828/^4.7.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8399/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8650/^4.8.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9604/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9793/^4.8.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9794/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-2671/^4.10.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6951/^3.14.79/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+editKernelLocalversion "-dos.p137"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_msm8974.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_msm8974.sh
new file mode 100644
index 00000000..2fe6af0e
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_lge_msm8974.sh
@@ -0,0 +1,121 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/lge/msm8974"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3224/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0806/prima/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6751/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p117"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_moto_shamu.sh
new file mode 100644
index 00000000..ad6b8f7f
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_moto_shamu.sh
@@ -0,0 +1,141 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/moto/shamu"
+git apply $DOS_PATCHES_LINUX_CVES/0002-Misc_Fixes/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0004-No_dir-relax.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0015.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-2898/^3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4129/^3.10.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4129/^3.10.3/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9730/^3.18.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1420/3.2-^3.19.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4170/3.10-^3.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-4177/^4.0.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5307/^4.2.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8215/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8955/^4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8967/^4.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0758/^4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5870/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8464/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0537/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0824/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11600/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18255/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18257/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14734/^4.17.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0003/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p137"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8974.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8974.sh
new file mode 100644
index 00000000..78eadc37
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8974.sh
@@ -0,0 +1,162 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/motorola/msm8974"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.4/3.4-Backport.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6545/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2543/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11000/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13.8/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7373/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8266/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9684/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10902/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p158"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8996.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
new file mode 100644
index 00000000..bc338bee
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8996.sh
@@ -0,0 +1,194 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/motorola/msm8996"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/3.18/3.18.0121-0122.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0019.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0022.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0023.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0040.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0041.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0042.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0043.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0045.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0046.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0050.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1339/^4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-5257/^4.2.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7884/^4.3.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7885/^4.3.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8104/^4.2.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8844/^4.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8845/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8953/^4.2.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2069/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/^4.5.1/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2782/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3140/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3672/^4.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6130/^4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8646/^4.3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000371/^4.11.5/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.18/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13220/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15102/^4.8.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15853/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16914/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17762/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/^4.9.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6001/^4.9.7/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8251/3.18/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8924/^4.10.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8925/^4.10.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13914/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18021/^4.18.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19985/^4.19.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5825/3.18/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5864/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5865/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8087/^4.15.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10486/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10503/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10524/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10529/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10555/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10567/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10638/^4.1/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/^5.1.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/^5.0.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/^4.20.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14070/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15666/^5.0.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15916/^5.0.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15927/^4.20.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17133/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19052/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19966/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-1999/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3460/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+editKernelLocalversion "-dos.p190"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_razer_msm8998.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_razer_msm8998.sh
new file mode 100644
index 00000000..632fb53f
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_razer_msm8998.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/razer/msm8998"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0209-0210.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+editKernelLocalversion "-dos.p51"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_samsung_jf.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_samsung_jf.sh
new file mode 100644
index 00000000..efea6f36
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_samsung_jf.sh
@@ -0,0 +1,157 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/samsung/jf"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3225/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3227/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3228/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3229/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3231/^3.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4737/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8746/^4.2.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8812/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10233/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-10318/^4.7.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2085/^4.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2185/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2186/^4.5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3854/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4485/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4580/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4913/^4.5.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8646/^4.3.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0430/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0573/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0706/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0791/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000111/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000251/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000363/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-10663/^4.12.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11015/prima/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11089/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11176/^4.11.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/^4.12.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12762/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13215/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13292/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15868/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13.8/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18257/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18360/^4.11.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7645/^4.10.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9984/^4.11.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10902/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15926/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-17052/^5.3.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-18806/^5.3.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19066/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19524/^5.3.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19527/^5.2.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20054/^5.0.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+editKernelLocalversion "-dos.p153"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_yandex_sdm660.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_yandex_sdm660.sh
new file mode 100644
index 00000000..2f0e7ea5
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_yandex_sdm660.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/yandex/sdm660"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0209-0210.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+editKernelLocalversion "-dos.p51"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_zuk_msm8996.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_zuk_msm8996.sh
new file mode 100644
index 00000000..b4a13ab9
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_zuk_msm8996.sh
@@ -0,0 +1,57 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/zuk/msm8996"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0209-0210.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16994/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19965/^5.4.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20096/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-8649/^5.5.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-9383/^5.5.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+editKernelLocalversion "-dos.p53"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/Defaults.sh b/Scripts/LineageOS-17.1/Defaults.sh
new file mode 100644
index 00000000..014ed1cb
--- /dev/null
+++ b/Scripts/LineageOS-17.1/Defaults.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2017-2020 Divested Computing Group
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Changes various default settings
+#Last verified: 2020-04-14
+
+#Useful commands
+#nano $(find . -name "config.xml" | grep "values/" | grep -v "device" | grep -v "tests")
+#nano $(find . -name "defaults.xml" | grep "values/" | grep -v "device")
+
+echo "Changing default settings...";
+
+enter "packages/apps/Dialer";
+sed -i 's/ENABLE_FORWARD_LOOKUP, 1)/ENABLE_FORWARD_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable FLP
+sed -i 's/ENABLE_PEOPLE_LOOKUP, 1)/ENABLE_PEOPLE_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable PLP
+sed -i 's/ENABLE_REVERSE_LOOKUP, 1)/ENABLE_REVERSE_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable RLP
+
+enter "packages/apps/Nfc";
+sed -i 's/boolean NFC_ON_DEFAULT = true;/boolean NFC_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NFC
+sed -i 's/boolean NDEF_PUSH_ON_DEFAULT = true;/boolean NDEF_PUSH_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NDEF Push
+
+enter "packages/apps/Settings";
+sed -i 's/INSTANT_APPS_ENABLED, 1/INSTANT_APPS_ENABLED, 0/' src/com/android/settings/applications/managedomainurls/InstantAppWebActionPreferenceController.java; #Disable "Instant Apps"
+sed -i 's/DEFAULT_VALUE = 1;/DEFAULT_VALUE = 0.5f;/' src/com/android/settings/development/*ScalePreferenceController.java; #Always reset animation scales to 0.5
+
+enter "vendor/lineage";
+sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common.mk;
+sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common.mk;
+
+cd "$DOS_BUILD_BASE";
+echo "Default settings changed!";
diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh
new file mode 100644
index 00000000..96aebe02
--- /dev/null
+++ b/Scripts/LineageOS-17.1/Functions.sh
@@ -0,0 +1,142 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2017-2020 Divested Computing Group
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Last verified: 2020-04-14
+
+patchAllKernels() {
+	startPatcher "kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_google_marlin kernel_google_msm kernel_htc_msm8974 kernel_lge_g3 kernel_lge_mako kernel_lge_msm8974 kernel_moto_shamu kernel_motorola_msm8974 kernel_motorola_msm8996 kernel_razer_msm8998 kernel_samsung_jf kernel_yandex_sdm660 kernel_zuk_msm8996";
+}
+export -f patchAllKernels;
+
+resetWorkspace() {
+	repo forall -c 'git add -A && git reset --hard' && rm -rf out && repo sync -j20 --force-sync;
+}
+export -f resetWorkspace;
+
+scanWorkspaceForMalware() {
+	local scanQueue="$DOS_BUILD_BASE/android $DOS_BUILD_BASE/art $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/compatibility $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/platform_testing $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
+	scanQueue=$scanQueue" $DOS_BUILD_BASE/lineage-sdk $DOS_BUILD_BASE/vendor/lineage";
+	scanForMalware true "$scanQueue";
+}
+export -f scanWorkspaceForMalware;
+
+buildDevice() {
+	export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1";
+	brunch "lineage_$1-user" && processRelease $1 true $2;
+}
+export -f buildDevice;
+
+buildDeviceUserDebug() {
+	export OTA_KEY_OVERRIDE_DIR="$DOS_SIGNING_KEYS/$1";
+	brunch "lineage_$1-userdebug" && processRelease $1 true $2;
+}
+export -f buildDeviceUserDebug;
+
+buildDeviceDebug() {
+	unset OTA_KEY_OVERRIDE_DIR;
+	brunch "lineage_$1-eng";
+}
+export -f buildDeviceDebug;
+
+buildAll() {
+	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
+	if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi;
+	#SDS4P
+	buildDevice mako;
+	#SD600
+	buildDevice jfltexx;
+	#SD800
+	buildDevice d802;
+	#SD801
+	buildDevice d852;
+	buildDevice d855;
+	buildDevice FP2;
+	buildDevice m8;
+	buildDevice victara;
+	#SD805
+	buildDevice shamu verity;
+	#SD820
+	buildDevice griffin;
+	buildDevice z2_plus verity; #broken
+	#SD821
+	buildDevice marlin verity;
+	buildDevice sailfish verity;
+	#SD835
+	buildDevice cheryl;
+	buildDevice mata verity;
+	#SD660
+	buildDevice Amber verity;
+}
+export -f buildAll;
+
+patchWorkspace() {
+	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
+
+	source build/envsetup.sh;
+	repopick 271078; #update webview
+
+	source "$DOS_SCRIPTS/Patch.sh";
+	source "$DOS_SCRIPTS/Defaults.sh";
+	source "$DOS_SCRIPTS/Rebrand.sh";
+	if [ "$DOS_OVERCLOCKS_ENABLED" = true ]; then source "$DOS_SCRIPTS_COMMON/Overclock.sh"; fi;
+	source "$DOS_SCRIPTS_COMMON/Optimize.sh";
+	source "$DOS_SCRIPTS_COMMON/Deblob.sh";
+	source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
+	source build/envsetup.sh;
+
+	#Deblobbing fixes
+	##setup-makefiles doesn't execute properly for some devices, running it twice seems to fix whatever is wrong
+	cd device/google/marlin/marlin && ./setup-makefiles.sh && cd "$DOS_BUILD_BASE";
+	cd device/google/marlin/sailfish && ./setup-makefiles.sh && cd "$DOS_BUILD_BASE";
+}
+export -f patchWorkspace;
+
+enableDexPreOpt() {
+	cd "$DOS_BUILD_BASE$1";
+	#Some devices won't compile, or have too small of a /system partition, or Wi-Fi breaks
+	if [ "$1" != "device/amazon/thor" ] && [ "$1" != "device/samsung/i9100" ] && [ "$1" != "device/samsung/maguro" ] && [ "$1" != "device/samsung/toro" ] && [ "$1" != "device/samsung/toroplus" ] && [ "$1" != "device/samsung/tuna" ] && [ "$1" != "device/lge/h850" ] && [ "$1" != "device/lge/mako" ] && [ "$1" != "device/asus/grouper" ]; then
+		if [ -f BoardConfig.mk ]; then
+			echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
+			echo "WITH_DEXPREOPT_PIC := true" >> BoardConfig.mk;
+			echo "WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := true" >> BoardConfig.mk;
+			echo "Enabled dexpreopt for $1";
+		fi;
+	fi;
+	cd "$DOS_BUILD_BASE";
+}
+export -f enableDexPreOpt;
+
+enableDexPreOptFull() {
+	cd "$DOS_BUILD_BASE$1";
+	if [ -f BoardConfig.mk ]; then
+		sed -i "s/WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := true/WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := false/" BoardConfig.mk;
+		echo "Enabled full dexpreopt for $1";
+	fi;
+	cd "$DOS_BUILD_BASE";
+}
+export -f enableDexPreOptFull;
+
+enableLowRam() {
+	cd "$DOS_BUILD_BASE$1";
+	#if [ -f lineage.mk ]; then echo '$(call inherit-product, $(SRC_TARGET_DIR)/product/go_defaults.mk)' >> lineage.mk; fi;
+	if [ -f lineage.mk ]; then echo '$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage.mk; fi;
+	if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi;
+	if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi;
+	echo "Enabled lowram for $1";
+	cd "$DOS_BUILD_BASE";
+}
+export -f enableLowRam;
diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh
new file mode 100644
index 00000000..3ef69034
--- /dev/null
+++ b/Scripts/LineageOS-17.1/Patch.sh
@@ -0,0 +1,257 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2015-2020 Divested Computing Group
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Last verified: 2020-04-14
+
+#Initialize aliases
+#source ../../Scripts/init.sh
+
+#Delete Everything and Sync
+#resetWorkspace
+
+#Apply all of our changes
+#patchWorkspace
+
+#Build!
+#buildDevice [device]
+#buildAll
+
+#
+#START OF PREPRATION
+#
+#Download some (non-executable) out-of-tree files for use later on
+cd "$DOS_TMP_DIR";
+if [ "$DOS_HOSTS_BLOCKING" = true ]; then $DOS_TOR_WRAPPER wget "$DOS_HOSTS_BLOCKING_LIST" -N; fi;
+cd "$DOS_BUILD_BASE";
+
+#Accept all SDK licences, not normally needed but Gradle managed apps fail without it
+mkdir -p "$ANDROID_HOME/licenses";
+echo -e "\n8933bad161af4178b1185d1a37fbf41ea5269c55\nd56f5187479451eabf01fb78af6dfcb131a6481e" > "$ANDROID_HOME/licenses/android-sdk-license";
+echo -e "\n84831b9409646a918e30573bab4c9c91346d8abd" > "$ANDROID_HOME/licenses/android-sdk-preview-license";
+#
+#END OF PREPRATION
+#
+
+#
+#START OF ROM CHANGES
+#
+
+#top dir
+cp -r "$DOS_PREBUILT_APPS""Backup" "$DOS_BUILD_BASE""packages/apps/";
+cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
+gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
+cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
+cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
+
+enterAndClear "bionic";
+if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_bionic/0001-HM-Use_HM.patch"; fi; #(GrapheneOS)
+
+enterAndClear "bootable/recovery";
+#git revert --no-edit 4d361ff13b5bd61d5a6a5e95063b24b8a37a24ab; #Always enforcing #XXX 17REBASE
+#git revert --no-edit 37d729bf; #Fix USB on most devices #XXX 17REBASE
+#git revert --no-edit fe2901b144c515c5a90b547198aed37c209b5a82; #Resurrect dm-verity #XXX 17REBASE
+
+enterAndClear "build/make";
+#git revert --no-edit 271f6ffa045064abcac066e97f2cb53ccb3e5126 61f7ee9386be426fd4eadc2c8759362edb5bef8; #Add back PicoTTS and language files
+patch -p1 < "$DOS_PATCHES_COMMON/android_build/0001-OTA_Keys.patch"; #add correct keys to recovery for OTA verification
+awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk;
+sed -i '75i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk;
+
+enterAndClear "device/qcom/sepolicy-legacy";
+patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
+echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices
+
+enterAndClear "external/svox";
+git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
+sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie
+sed -i 's/about to delete/unable to delete/' pico/src/com/svox/pico/LangPackUninstaller.java;
+awk -i inplace '!/deletePackage/' pico/src/com/svox/pico/LangPackUninstaller.java;
+
+enterAndClear "frameworks/base";
+hardenLocationFWB "$DOS_BUILD_BASE"; #XXX 17REBASE
+sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
+sed -i 's/DEFAULT_MAX_FILES_LOWRAM = 300;/DEFAULT_MAX_FILES_LOWRAM = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
+sed -i 's/(notif.needNotify)/(true)/' location/java/com/android/internal/location/GpsNetInitiatedHandler.java; #Notify user when location is requested via SUPL
+sed -i 's/entry == null/entry == null || true/' core/java/android/os/RecoverySystem.java; #Skip update compatibiltity check XXX: TEMPORARY FIX
+sed -i 's/!Build.isBuildConsistent()/false/' services/core/java/com/android/server/wm/ActivityTaskManagerService.java; #Disable fingerprint mismatch warning XXX: TEMPORARY FIX
+#if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0002-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) #XXX 17REBASE
+#if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key #XXX 17REBASE
+changeDefaultDNS;
+patch -p1 < "$DOS_PATCHES/android_frameworks_base/0006-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries
+patch -p1 < "$DOS_PATCHES/android_frameworks_base/0007-Always_Restict_Serial.patch"; #always restrict access to Build.SERIAL (GrapheneOS)
+patch -p1 < "$DOS_PATCHES/android_frameworks_base/0008-Browser_No_Location.patch"; #don't grant location permission to system browsers (GrapheneOS)
+patch -p1 < "$DOS_PATCHES/android_frameworks_base/0009-SystemUI_No_Permission_Review.patch"; #allow SystemUI to directly manage Bluetooth/WiFi (GrapheneOS)
+if [ "$DOS_GRAPHENE_EXEC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0010-Exec_Based_Spawning.patch"; fi; #add exec-based spawning support (GrapheneOS)
+patch -p1 < "$DOS_PATCHES/android_frameworks_base/0003-SUPL_No_IMSI.patch"; #don't send IMSI to SUPL (MSe)
+patch -p1 < "$DOS_PATCHES/android_frameworks_base/0004-Fingerprint_Lockout.patch"; #enable fingerprint failed lockout after 5 attempts (GrapheneOS)
+rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps
+
+if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ]; then
+enterAndClear "frameworks/opt/net/ims";
+patch -p1 < "$DOS_PATCHES/android_frameworks_opt_net_ims/0001-Fix_Calling.patch"; #Fix calling when IMS is removed
+fi
+
+if enter "kernel/wireguard"; then
+if [ "$DOS_WIREGUARD_INCLUDED" = false ]; then rm Android.mk; fi;
+#Remove system information from HTTP requests
+awk -i inplace '!/USER_AGENT=/' fetch.sh;
+sed -i '3iUSER_AGENT="WireGuard-AndroidROMBuild/0.2"' fetch.sh;
+fi;
+
+enterAndClear "libcore";
+if [ "$DOS_GRAPHENE_EXEC" = true ]; then patch -p1 < "$DOS_PATCHES/android_libcore/0001-Exec_Preload.patch"; fi; #add exec-based spawning support (GrapheneOS)
+if [ "$DOS_GRAPHENE_EXEC" = true ]; then patch -p1 < "$DOS_PATCHES/android_libcore/0002-Exec_Based_Spawning.patch"; fi; #add exec-based spawning support (GrapheneOS)
+
+enterAndClear "lineage-sdk";
+awk -i inplace '!/LineageWeatherManagerService/' lineage/res/res/values/config.xml; #Disable Weather
+if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAudioService/' lineage/res/res/values/config.xml; fi;
+
+enterAndClear "packages/apps/Contacts";
+patch -p1 < "$DOS_PATCHES_COMMON/android_packages_apps_Contacts/0001-No_Google_Links.patch"; #Remove Privacy Policy and Terms of Service links (GrapheneOS)
+
+enterAndClear "packages/apps/LineageParts";
+rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml; #Nuke part of the analytics
+patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics
+
+enterAndClear "packages/apps/Settings";
+git revert --no-edit 486980cfecce2ca64267f41462f9371486308e9d; #don't hide oem unlock
+sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 48;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase max password length (GrapheneOS)
+sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service
+if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/backup/PrivacySettingsUtils.java; fi; #microG doesn't support Backup, hide the options
+
+enterAndClear "packages/apps/SetupWizard";
+patch -p1 < "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics
+
+enterAndClear "packages/apps/Trebuchet";
+cp $DOS_BUILD_BASE/vendor/divested/overlay/common/packages/apps/Trebuchet/res/xml/default_workspace_*.xml res/xml/; #XXX: TEMPORARY FIX
+
+enterAndClear "packages/apps/Updater";
+patch -p1 < "$DOS_PATCHES/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server
+patch -p1 < "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support
+sed -i 's/PROP_BUILD_VERSION_INCREMENTAL);/PROP_BUILD_VERSION_INCREMENTAL).replaceAll("\\\\.", "");/' src/org/lineageos/updater/misc/Utils.java; #Remove periods from incremental version
+#TODO: Remove changelog
+
+enterAndClear "packages/inputmethods/LatinIME";
+patch -p1 < "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voice.patch"; #Remove voice input key
+
+enterAndClear "packages/services/Telephony";
+#patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #XXX 17REBASE
+#patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; #XXX 17REBASE
+
+enterAndClear "system/extras"
+patch -p1 < "$DOS_PATCHES/android_system_extras/0001-ext4_pad_filenames.patch"; #FBE: pad filenames more (GrapheneOS)
+
+enterAndClear "system/core";
+if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
+git revert --no-edit bd4142eab8b3cead0c25a2e660b4b048d1315d3c; #Always update recovery
+patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden.patch"; #Harden mounts with nodev/noexec/nosuid + misc sysfs changes (GrapheneOS)
+if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_system_core/0002-HM-Increase_vm_mmc.patch"; fi; #(GrapheneOS)
+
+enterAndClear "system/sepolicy";
+#patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices #XXX 17REBASE
+awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user
+
+enterAndClear "vendor/lineage";
+rm build/target/product/security/lineage.x509.pem;
+rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics
+rm -rf verity_tool; #Resurrect dm-verity
+rm -rf overlay/common/frameworks/base/core/res/res/drawable-*/default_wallpaper.png;
+if [ "$DOS_HOSTS_BLOCKING" = true ]; then awk -i inplace '!/50-lineage.sh/' config/common.mk; fi; #Make sure our hosts is always used
+awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' config/common.mk; #Remove extra keys
+awk -i inplace '!/security\/lineage/' config/common.mk; #Remove extra keys
+awk -i inplace '!/WeatherProvider/' config/common.mk;
+awk -i inplace '!/def_backup_transport/' overlay/common/frameworks/base/packages/SettingsProvider/res/values/defaults.xml;
+if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/AudioFX/' config/common.mk; fi;
+if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then sed -i '/Google provider/!b;n;s/com.google.android.gms/org.microg.nlp/' overlay/common/frameworks/base/core/res/res/values/config.xml; fi;
+sed -i 's/LINEAGE_BUILDTYPE := UNOFFICIAL/LINEAGE_BUILDTYPE := dos/' config/common.mk; #Change buildtype
+if [ "$DOS_NON_COMMERCIAL_USE_PATCHES" = true ]; then sed -i 's/LINEAGE_BUILDTYPE := dos/LINEAGE_BUILDTYPE := dosNC/' config/common.mk; fi;
+echo 'include vendor/divested/divestos.mk' >> config/common.mk; #Include our customizations
+
+enter "vendor/divested";
+#echo "PRODUCT_PACKAGES += Backup" >> packages.mk;
+if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then echo "PRODUCT_PACKAGES += GmsCore GsfProxy FakeStore" >> packages.mk; fi;
+if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_BLOCKING_APP" >> packages.mk; fi;
+echo "PRODUCT_PACKAGES += vendor.lineage.trust@1.0-service" >> packages.mk; #All of our kernels have deny USB patch added
+#
+#END OF ROM CHANGES
+#
+
+#
+#START OF DEVICE CHANGES
+#
+
+enterAndClear "device/google/marlin";
+git revert --no-edit 777dafa35f185b1f501e3c80b8ab495191583444; #remove some carrier blobs
+
+enterAndClear "device/lge/g2-common";
+sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
+
+enterAndClear "device/lge/g3-common";
+sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.te;
+sed -i '1itypeattribute wcnss_service misc_block_device_exception;' sepolicy/wcnss_service.te;
+
+enterAndClear "device/lge/mako";
+#git revert ; #restore releasetools #TODO
+#smallerSystem;
+#sed -i 's/1333788672/880803840/' BoardConfig.mk; #don't touch partitions! DOS -user fits with 40M free
+awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfig.mk;
+
+#enterAndClear "device/moto/shamu";
+#git revert --no-edit 05fb49518049440f90423341ff25d4f75f10bc0c; #restore releasetools #TODO
+
+enterAndClear "kernel/google/marlin";
+git revert --no-edit dd4a454f080f60cc7c4f5cc281a48cba80947baf; #Resurrect dm-verity
+
+enter "vendor/google";
+echo "" > atv/atv-common.mk;
+
+#Make changes to all devices
+cd "$DOS_BUILD_BASE";
+if [ "$DOS_LOWRAM_ENABLED" = true ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'enableLowRam "{}"'; fi;
+find "hardware/qcom/gps" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -name "gps\.conf" -type f -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationConf "{}"';
+find "device" -type d -name "overlay" -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenLocationFWB "{}"';
+find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'enableDexPreOpt "{}"';
+find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenUserdata "{}"';
+find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'hardenBootArgs "{}"';
+if [ "$DOS_STRONG_ENCRYPTION_ENABLED" = true ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'enableStrongEncryption "{}"'; fi;
+find "kernel" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 4 -I {} bash -c 'hardenDefconfig "{}"';
+cd "$DOS_BUILD_BASE";
+deblobAudio;
+
+#Verity
+cat "$DOS_SIGNING_KEYS/Amber/verity.x509.pem" >> "kernel/yandex/sdm660/certs/verity.x509.pem";
+cat "$DOS_SIGNING_KEYS/cheryl/verity.x509.pem" >> "kernel/razer/msm8998/certs/verity.x509.pem";
+cat "$DOS_SIGNING_KEYS/mata/verity.x509.pem" >> "kernel/essential/msm8998/certs/verity.x509.pem";
+cat "$DOS_SIGNING_KEYS/z2_plus/verity.x509.pem" >> "kernel/zuk/msm8996/certs/verity.x509.pem";
+cp "$DOS_SIGNING_KEYS/Amber/verifiedboot_relkeys.der.x509" "kernel/yandex/sdm660/verifiedboot_Amber_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/cheryl/verifiedboot_relkeys.der.x509" "kernel/razer/msm8998/verifiedboot_cheryl_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/griffin/verifiedboot_relkeys.der.x509" "kernel/motorola/msm8996/verifiedboot_griffin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/marlin/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_marlin_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/sailfish/verifiedboot_relkeys.der.x509" "kernel/google/marlin/verifiedboot_sailfish_dos_relkeys.der.x509";
+cp "$DOS_SIGNING_KEYS/z2_plus/verifiedboot_relkeys.der.x509" "kernel/zuk/msm8996/verifiedboot_z2_plus_dos_relkeys.der.x509";
+
+#Fix broken options enabled by hardenDefconfig()
+sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/google/msm/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
+sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/lge/mako/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
+sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/motorola/msm8974/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
+sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile
+
+sed -i 's/YYLTYPE yylloc;/extern YYLTYPE yylloc;/' kernel/*/*/scripts/dtc/dtc-lexer.l*; #Fix builds with GCC 10
+#
+#END OF DEVICE CHANGES
+#
diff --git a/Scripts/LineageOS-17.1/Rebrand.sh b/Scripts/LineageOS-17.1/Rebrand.sh
new file mode 100644
index 00000000..5646ccd5
--- /dev/null
+++ b/Scripts/LineageOS-17.1/Rebrand.sh
@@ -0,0 +1,68 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2017-2020 Divested Computing Group
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Updates select user facing strings
+#Last verified: 2020-04-14
+
+echo "Rebranding...";
+
+enter "bootable/recovery";
+git revert --no-edit 7e46bc14b15fdeabfd16871137f403f89486b83c;
+#patch -p1 < "$DOS_PATCHES_COMMON/android_bootable_recovery/0001-Remove_Logo.patch"; #Remove logo rendering code #XXX 17REBASE
+#rm res*/images/logo_image.png; #Remove logo images
+mogrify -format png -fill "#FF5722" -opaque "#167C80" -fuzz 10% res-*/images/*sel.png; #Recolor icons
+sed -i 's|0x16, 0x7c, 0x80|0x03, 0xa9, 0xf4|' recovery_ui/*ui.cpp; #Recolor text
+sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' recovery_ui/*ui.cpp;
+sed -i 's|LineageOS|'"$DOS_BRANDING_NAME"'|' recovery_ui/*ui.cpp;
+
+enter "build/make";
+sed -i 's|echo "ro.build.user=$BUILD_USERNAME"|echo "ro.build.user=emy"|' tools/buildinfo.sh; #Override build user
+sed -i 's|echo "ro.build.host=$BUILD_HOSTNAME"|echo "ro.build.host=dosbm"|' tools/buildinfo.sh; #Override build host
+
+enter "frameworks/base";
+generateBootAnimationMask "$DOS_BRANDING_NAME" "$DOS_BRANDING_BOOTANIMATION_FONT" core/res/assets/images/android-logo-mask.png;
+generateBootAnimationShine "$DOS_BRANDING_BOOTANIMATION_COLOR" "$DOS_BRANDING_BOOTANIMATION_STYLE" core/res/assets/images/android-logo-shine.png;
+
+enter "lineage-sdk";
+sed -i '/.*lineage_version/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml;
+sed -i '/.*lineage_updates/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml;
+sed -i '/.*lineageos_system_label/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml;
+
+enter "packages/apps/LineageParts";
+sed -i '/.*trust_feature_security_patches_explain/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml;
+
+enter "packages/apps/Settings";
+sed -i '/.*lineagelicense_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml;
+
+enter "packages/apps/SetupWizard";
+sed -i 's|http://lineageos.org/legal|'"$DOS_BRANDING_LINK_PRIVACY"'|' src/org/lineageos/setupwizard/LineageSettingsActivity.java;
+sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml;
+sed -i '/.*services_explanation/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml;
+
+enter "packages/apps/Updater";
+sed -i 's|0OTA_SERVER_CLEARNET0|'"$DOS_BRANDING_SERVER_OTA"'|' src/org/lineageos/updater/misc/Utils.java;
+sed -i 's|0OTA_SERVER_ONION0|'"$DOS_BRANDING_SERVER_OTA_ONION"'|' src/org/lineageos/updater/misc/Utils.java;
+sed -i 's|>LineageOS|>'"$DOS_BRANDING_NAME"'|' res/values*/strings.xml;
+
+enter "vendor/lineage";
+sed -i 's|https://lineageos.org/legal|'"$DOS_BRANDING_LINK_ABOUT"'|' build/core/main_version.mk
+sed -i '/.*ZIPPATH=/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' build/envsetup.sh;
+sed -i '/LINEAGE_TARGET_PACKAGE/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' build/tasks/bacon.mk;
+rm -rf bootanimation;
+
+cd "$DOS_BUILD_BASE";
+echo "Rebranding complete!";