From d3d924bd91b78436c9eda14be7bf919106002f6c Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Thu, 21 Mar 2019 12:19:26 -0400
Subject: [PATCH] 16.0: add marlin/sailfish and ether

---
 Manifests/Manifest_LAOS-16.0.xml              |   9 ++
 Scripts/LineageOS-15.1/Functions.sh           |   8 +-
 .../android_kernel_google_marlin.sh           | 103 ++++++++++++++++
 .../android_kernel_nextbit_msm8992.sh         | 113 ++++++++++++++++++
 Scripts/LineageOS-16.0/Functions.sh           |   5 +-
 Scripts/LineageOS-16.0/Patch.sh               |   3 +-
 6 files changed, 235 insertions(+), 6 deletions(-)
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_nextbit_msm8992.sh

diff --git a/Manifests/Manifest_LAOS-16.0.xml b/Manifests/Manifest_LAOS-16.0.xml
index ce0de6ee..c6a7332a 100644
--- a/Manifests/Manifest_LAOS-16.0.xml
+++ b/Manifests/Manifest_LAOS-16.0.xml
@@ -80,10 +80,19 @@
 	<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />
 	<project path="packages/apps/FlipFlap" name="LineageOS/android_packages_apps_FlipFlap" remote="github" />
 
+	<!-- Google Pixel (marlin/sailfish) -->
+	<project path="device/google/marlin" name="LineageOS/android_device_google_marlin" remote="github" />
+	<project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" />
+	<project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" />
+
 	<!-- Moto Z (griffin) -->
 	<project path="device/motorola/griffin" name="LineageOS/android_device_motorola_griffin" remote="github" />
 	<project path="kernel/motorola/msm8996" name="LineageOS/android_kernel_motorola_msm8996" remote="github" />
 
+	<!-- Nextbit Robin (ether) -->
+	<project path="device/nextbit/ether" name="LineageOS/android_device_nextbit_ether" remote="github" />
+	<project path="kernel/nextbit/msm8992" name="LineageOS/android_kernel_nextbit_msm8992" remote="github" />
+
         <!-- Nexus 4 (mako) -->
         <project path="device/lge/mako" name="voron00/android_device_lge_mako" remote="github" />
         <project path="kernel/lge/mako" name="voron00/android_kernel_lge_mako" remote="github" />
diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh
index b1d50b82..83b27ace 100644
--- a/Scripts/LineageOS-15.1/Functions.sh
+++ b/Scripts/LineageOS-15.1/Functions.sh
@@ -54,19 +54,15 @@ buildAll() {
 	brunch lineage_d802-user;
 	brunch lineage_d855-user;
 	brunch lineage_dragon-user;
-	brunch lineage_ether-user;
 	brunch lineage_flo-user;
 	brunch lineage_flounder-user;
 	brunch lineage_FP2-user;
 	brunch lineage_fugu-user;
-	brunch lineage_griffin-user;
 	brunch lineage_h850-user;
 	brunch lineage_hammerhead-user;
 	brunch lineage_klte-user; #broken
 	brunch lineage_m8-user;
-	brunch lineage_marlin-user;
 	brunch lineage_mata-user;
-	brunch lineage_sailfish-user;
 	brunch lineage_shamu-user;
 	brunch lineage_starlte-user; #broken - device/samsung/universal9810-common/audio: MODULE.TARGET.SHARED_LIBRARIES.libshim_audio_32 already defined by device/samsung/star-common/audio
 	brunch lineage_us996-user;
@@ -75,7 +71,11 @@ buildAll() {
 
 	#The following are all superseded, and should only be enabled if the newer version is broken (not building/booting/etc.)
 	#brunch lineage_bacon-user;
+	#brunch lineage_ether-user;
+	#brunch lineage_griffin-user;
 	#brunch lineage_mako-user;
+	#brunch lineage_marlin-user;
+	#brunch lineage_sailfish-user;
 }
 export -f buildAll;
 
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh
new file mode 100644
index 00000000..913dae67
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_marlin.sh
@@ -0,0 +1,103 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/google/marlin"
+git apply $DOS_PATCHES_LINUX_CVES/0005-Copperhead-Deny_USB/3.18/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0019.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0021.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0022.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0023.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0024.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0040.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0041.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0042.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0043.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0044.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0045.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0046.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0048.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0049.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0050.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3906/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5345/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5854/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5856/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5858/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5867/3.18/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5870/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6694/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8483/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9191/3.11-^4.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0537/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0579/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0622/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0866/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11034/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11036/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11039/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15827/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18150/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18161/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18165/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7371/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7372/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9707/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10876/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11818/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12011/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0002-ozwpan-Use-unsigned-ints-to-prevent-heap-overflow.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0005-tcp-fix-zero-cwnd-in-tcp_cwnd_reduction.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5853/3.18/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+editKernelLocalversion "-dos.p99"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_nextbit_msm8992.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_nextbit_msm8992.sh
new file mode 100644
index 00000000..3f262526
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_nextbit_msm8992.sh
@@ -0,0 +1,113 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/nextbit/msm8992"
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0004-No_dir-relax.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0015.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9904/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0862/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000410/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11600/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13163/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13168/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.10/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13305/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15837/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16531/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16534/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16643/3.5+/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16939/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17762/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18153/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18161/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18306/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7533/3.10/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8243/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8281/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8281/3.10/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9711/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9723/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.10/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10881/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11265/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11273/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11286/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11919/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12011/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3563/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/ANY/0001.patch
+#git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3585/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3597/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5390/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5390/3.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5825/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5858/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5864/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5904/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5908/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9383/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9389/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9518/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0003/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+editKernelLocalversion "-dos.p109"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
index 494bc062..483de84e 100644
--- a/Scripts/LineageOS-16.0/Functions.sh
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -18,7 +18,7 @@
 #Last verified: 2018-04-27
 
 patchAllKernels() {
-	startPatcher "kernel_lge_mako kernel_moto_shamu kernel_motorola_msm8996 kernel_oppo_msm8974 kernel_samsung_msm8974";
+	startPatcher "kernel_google_marlin kernel_lge_mako kernel_moto_shamu kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_samsung_msm8974";
 }
 export -f patchAllKernels;
 
@@ -50,8 +50,11 @@ buildAll() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
 	brunch lineage_mako-user;
 	brunch lineage_bacon-user;
+	brunch lineage_ether-user;
 	brunch lineage_griffin-user;
 	brunch lineage_klte-user;
+	brunch lineage_marlin-user;
+	brunch lineage_sailfish-user;
 	brunch lineage_shamu-user; #broken - needs synced proprietary-files.txt
 }
 export -f buildAll;
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index d82e155a..813165f4 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -178,10 +178,11 @@ if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_
 #START OF DEVICE CHANGES
 #
 enterAndClear "device/lge/mako";
+git revert 218f7442874f7b7d494f265286a2151e2f81bb6e 31a1cb251d5e35d8954cec6f373840f14ba96df9; #disable dexpreopt full and switch back to -mini
 echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot
 echo "allow system_server sensors_data_file:dir search;" >> sepolicy/system_server.te; #Fix qcom_sensors log spam
 echo "allow system_server sensors_data_file:dir r_file_perms;" >> sepolicy/system_server.te;
-sed -i 's/1333788672/880803840/' BoardConfig.mk; #don't touch partitions! DOS -user fits with 70M free
+sed -i 's/1333788672/880803840/' BoardConfig.mk; #don't touch partitions! DOS -user fits with 60M free
 awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfig.mk;
 
 enterAndClear "device/oneplus/bacon";