From db572efa89c828b93d537984909f7838ec13d15c Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 2 Sep 2019 20:00:39 -0400
Subject: [PATCH] Many changes

- processRelease: Support AVB
- sort device build order by SoC

Additions:
- taimen/muskie: 15.1, 16.0
- crosshatch/blueline: 16.0
- bonito/sargo: 16.0
---
 Manifests/Manifest_LAOS-14.1.xml              |   8 +-
 Manifests/Manifest_LAOS-15.1.xml              |  12 +-
 Manifests/Manifest_LAOS-16.0.xml              |  17 ++
 Patches/Linux                                 |   2 +-
 Scripts/Common/Deblob.sh                      |  18 +-
 Scripts/Common/Functions.sh                   |  12 +-
 Scripts/LineageOS-11.0/Functions.sh           |   4 +-
 Scripts/LineageOS-14.1/Functions.sh           |  55 +++---
 .../android_kernel_google_wahoo.sh            | 187 ++++++++++++++++++
 Scripts/LineageOS-15.1/Functions.sh           |  36 ++--
 .../android_kernel_essential_msm8998.sh       |  24 ++-
 .../android_kernel_google_bonito.sh           | 107 ++++++++++
 .../android_kernel_google_crosshatch.sh       | 100 ++++++++++
 .../android_kernel_google_wahoo.sh            | 108 ++++++++++
 .../CVE_Patchers/android_kernel_lge_mako.sh   |   3 +-
 .../CVE_Patchers/android_kernel_moto_shamu.sh |   8 +-
 .../CVE_Patchers/android_kernel_samsung_jf.sh |   5 +-
 .../android_kernel_zuk_msm8996.sh             |  16 +-
 Scripts/LineageOS-16.0/Functions.sh           |  50 +++--
 19 files changed, 688 insertions(+), 84 deletions(-)
 create mode 100644 Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_wahoo.sh
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_bonito.sh
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_crosshatch.sh
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_wahoo.sh

diff --git a/Manifests/Manifest_LAOS-14.1.xml b/Manifests/Manifest_LAOS-14.1.xml
index a39c7e1d..bbbc2f5b 100644
--- a/Manifests/Manifest_LAOS-14.1.xml
+++ b/Manifests/Manifest_LAOS-14.1.xml
@@ -99,15 +99,15 @@
 	<project path="device/fairphone/FP2" name="LineageOS/android_device_fairphone_FP2" remote="github" />
 	<project path="kernel/fairphone/msm8974" name="LineageOS/android_kernel_fairphone_msm8974" remote="github" />
 
+	<!-- Google Pixel C (dragon) -->
+	<project path="device/google/dragon" name="LineageOS/android_device_google_dragon" remote="github" />
+	<project path="kernel/google/dragon" name="LineageOS/android_kernel_google_dragon" remote="github" />
+
 	<!-- Google Pixel (marlin/sailfish) -->
 	<project path="device/google/marlin" name="LineageOS/android_device_google_marlin" remote="github" />
 	<project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" />
 	<project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" />
 
-	<!-- Google Pixel C (dragon) -->
-	<project path="device/google/dragon" name="LineageOS/android_device_google_dragon" remote="github" />
-	<project path="kernel/google/dragon" name="LineageOS/android_kernel_google_dragon" remote="github" />
-
 	<!-- HTC One (m8) -->
 	<project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" />
 	<project path="device/htc/m8-common" name="LineageOS/android_device_htc_m8-common" remote="github" />
diff --git a/Manifests/Manifest_LAOS-15.1.xml b/Manifests/Manifest_LAOS-15.1.xml
index 4e54ac9b..be6f1aa0 100644
--- a/Manifests/Manifest_LAOS-15.1.xml
+++ b/Manifests/Manifest_LAOS-15.1.xml
@@ -96,14 +96,20 @@
 	<project path="device/fairphone/FP2" name="LineageOS/android_device_fairphone_FP2" remote="github" />
 	<project path="kernel/fairphone/msm8974" name="LineageOS/android_kernel_fairphone_msm8974" remote="github" />
 
+	<!-- Google Pixel C (dragon) -->
+	<project path="device/google/dragon" name="LineageOS/android_device_google_dragon" remote="github" />
+	<project path="kernel/google/dragon" name="LineageOS/android_kernel_google_dragon" remote="github" />
+
 	<!-- Google Pixel (marlin/sailfish) -->
 	<project path="device/google/marlin" name="LineageOS/android_device_google_marlin" remote="github" />
 	<project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" />
 	<project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" />
 
-	<!-- Google Pixel C (dragon) -->
-	<project path="device/google/dragon" name="LineageOS/android_device_google_dragon" remote="github" />
-	<project path="kernel/google/dragon" name="LineageOS/android_kernel_google_dragon" remote="github" />
+	<!-- Google Pixel 2 (taimen/walleye) -->
+	<project path="device/google/taimen" name="LineageOS/android_device_google_taimen" remote="github" />
+	<project path="device/google/muskie" name="LineageOS/android_device_google_muskie" remote="github" />
+	<project path="device/google/wahoo" name="LineageOS/android_device_google_wahoo" remote="github" />
+	<project path="kernel/google/wahoo" name="LineageOS/android_kernel_google_wahoo" remote="github" />
 
 	<!-- HTC One (m8) -->
 	<project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" />
diff --git a/Manifests/Manifest_LAOS-16.0.xml b/Manifests/Manifest_LAOS-16.0.xml
index d25a2116..a220faa9 100644
--- a/Manifests/Manifest_LAOS-16.0.xml
+++ b/Manifests/Manifest_LAOS-16.0.xml
@@ -98,6 +98,23 @@
 	<project path="device/google/sailfish" name="LineageOS/android_device_google_sailfish" remote="github" />
 	<project path="kernel/google/marlin" name="LineageOS/android_kernel_google_marlin" remote="github" />
 
+	<!-- Google Pixel 2 (taimen/walleye) -->
+	<project path="device/google/taimen" name="LineageOS/android_device_google_taimen" remote="github" />
+	<project path="device/google/muskie" name="LineageOS/android_device_google_muskie" remote="github" />
+	<project path="device/google/walleye" name="LineageOS/android_device_google_walleye" remote="github" />
+	<project path="device/google/wahoo" name="LineageOS/android_device_google_wahoo" remote="github" />
+	<project path="kernel/google/wahoo" name="LineageOS/android_kernel_google_wahoo" remote="github" />
+
+	<!-- Google Pixel 3 (crosshatch/blueline) -->
+	<project path="device/google/crosshatch" name="LineageOS/android_device_google_crosshatch" remote="github" />
+	<project path="device/google/blueline" name="LineageOS/android_device_google_blueline" remote="github" />
+	<project path="kernel/google/crosshatch" name="LineageOS/android_kernel_google_crosshatch" remote="github" />
+
+	<!-- Google Pixel 3a (bonito/sargo) -->
+	<project path="device/google/bonito" name="LineageOS/android_device_google_bonito" remote="github" />
+	<project path="device/google/sargo" name="LineageOS/android_device_google_sargo" remote="github" />
+	<project path="kernel/google/bonito" name="LineageOS/android_kernel_google_bonito" remote="github" />
+
 	<!-- HTC One (m8) -->
 	<project path="device/htc/m8" name="LineageOS/android_device_htc_m8" remote="github" />
 	<project path="device/htc/m8-common" name="LineageOS/android_device_htc_m8-common" remote="github" />
diff --git a/Patches/Linux b/Patches/Linux
index d63087ce..31d20b67 160000
--- a/Patches/Linux
+++ b/Patches/Linux
@@ -1 +1 @@
-Subproject commit d63087ceb6c0f1aea77b6b91b212463900966dbe
+Subproject commit 31d20b67debe3d03960036610da0349c1bb1209b
diff --git a/Scripts/Common/Deblob.sh b/Scripts/Common/Deblob.sh
index 717c46ce..5b4d3033 100644
--- a/Scripts/Common/Deblob.sh
+++ b/Scripts/Common/Deblob.sh
@@ -299,8 +299,9 @@ echo "Deblobbing..."
 	#Misc
 	blobs=$blobs"|libjni_latinime.so|libuiblur.so|libwifiscanner.so";
 
-	#Misc [Google]
-	blobs=$blobs"|EaselServicePrebuilt.apk";
+	#Music Detection [Google]
+	blobs=$blobs"|AmbientSensePrebuilt.apk";
+	blobs=$blobs"|dnd.descriptor|dnd.sound_model|music_detector.descriptor|music_detector.sound_model";
 
 	#[Motorola] #See: http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html
 	blobs=$blobs"|AppDirectedSMSProxy.apk|BuaContactAdapter.apk|com.motorola.DirectedSMSProxy.xml|com.motorola.msimsettings.xml";
@@ -322,7 +323,7 @@ echo "Deblobbing..."
 	blobs=$blobs"|libdme_main.so|libwbxmlparser.so|libprovlib.so";
 	blobs=$blobs"|dm_agent|dm_agent_binder";
 	blobs=$blobs"|npsmobex"; #Samsung?
-	blobs=$blobs"|ConnMO.apk|OmaDmclient.apk|com.android.omadm.service.xml|DCMO.apk|DiagMon.apk|DMConfigUpdate.apk|DMService.apk|libdmengine.so|libdmjavaplugin.so|SprintDM.apk|SDM.apk|whitelist_com.android.omadm.service.xml|com.android.sdm.plugins.connmo.xml|com.android.sdm.plugins.sprintdm.xml"; #Sprint
+	blobs=$blobs"|ConnMO.apk|OmaDmclient.apk|com.android.omadm.service.xml|DCMO.apk|DiagMon.apk|DMConfigUpdate.apk|DMService.apk|libdmengine.so|libdmjavaplugin.so|SprintDM.apk|SDM.apk|whitelist_com.android.omadm.service.xml|com.android.sdm.plugins.connmo.xml|com.android.sdm.plugins.sprintdm.xml|com.google.omadm.trigger.xml"; #Sprint
 
 	#OpenMobileAPI [SIM Alliance]
 	#This is open source, but rarely used
@@ -343,6 +344,11 @@ echo "Deblobbing..."
 	#blobs=$blobs"|libperipheral_client.so|libspcom.so";
 	#blobs=$blobs"|pm-proxy|pm-service|spdaemon";
 
+	#Pixel Visual Core [Google]
+	#blobs=$blobs"|easelmanagerd";
+	#blobs=$blobs"|EaselServicePrebuilt.apk";
+	#blobs=$blobs"|libeaselcomm.so|libeaselcontrol.amber.so";
+
 	#Playready (DRM) [Microsoft]
 	blobs=$blobs"|prapp|scranton_RD";
 	blobs=$blobs"|libtzplayready.so|libdrmprplugin.so|libprdrmdecrypt.so|libprmediadrmdecrypt.so|libprmediadrmplugin.so|libseppr_hal.so";
@@ -408,11 +414,11 @@ echo "Deblobbing..."
 	#[Verizon]
 	blobs=$blobs"|libmotricity.so|libakuaf.so";
 	blobs=$blobs"|com.qualcomm.location.vzw_library.jar|com.verizon.hardware.telephony.ehrpd.jar|com.verizon.hardware.telephony.lte.jar|com.verizon.ims.jar|qti-vzw-ims-internal.jar|VerizonUnifiedSettings.jar";
-	blobs=$blobs"|CarrierSetup.apk|OemDmTrigger.apk|appdirectedsmspermission.apk|VerizonSSOEngine.apk|VZWAPNLib.apk|vzwapnpermission.apk|VZWAPNService.apk|VZWAVS.apk|VzwLcSilent.apk|vzw_msdc_api.apk|VzwOmaTrigger.apk|VerizonAuthDialog.apk|MyVerizonServices.apk|WfcActivation.apk|obdm_stub.apk|QAS_DVC_MSP.apk";
-	blobs=$blobs"|com.android.vzwomatrigger.xml|vzw_mvs_permissions.xml|obdm_permissions.xml|com.verizon.services.xml|features-verizon.xml|com.qualcomm.location.vzw_library.xml|com.verizon.apn.xml|com.verizon.embms.xml|com.verizon.hardware.telephony.ehrpd.xml|com.verizon.hardware.telephony.lte.xml|com.verizon.ims.xml|com.verizon.provider.xml|com.vzw.vzwapnlib.xml|qti-vzw-ims-internal.xml|vzw_sso_permissions.xml|com.vzw.hardware.lte.xml|com.vzw.hardware.ehrpd.xml|verizon_config_params.txt";
+	blobs=$blobs"|CarrierSetup.apk|OemDmTrigger.apk|appdirectedsmspermission.apk|VerizonSSOEngine.apk|VZWAPNLib.apk|vzwapnpermission.apk|VZWAPNService.apk|VZWAVS.apk|VzwLcSilent.apk|vzw_msdc_api.apk|VzwOmaTrigger.apk|VerizonAuthDialog.apk|MyVerizonServices.apk|WfcActivation.apk|obdm_stub.apk|QAS_DVC_MSP.*.apk";
+	blobs=$blobs"|com.android.vzwomatrigger.xml|vzw_mvs_permissions.xml|obdm_permissions.xml|com.verizon.services.xml|features-verizon.xml|com.qualcomm.location.vzw_library.xml|com.verizon.apn.xml|com.verizon.embms.xml|com.verizon.hardware.telephony.ehrpd.xml|com.verizon.hardware.telephony.lte.xml|com.verizon.ims.xml|com.verizon.provider.xml|com.vzw.vzwapnlib.xml|qti-vzw-ims-internal.xml|vzw_sso_permissions.xml|com.vzw.hardware.lte.xml|com.vzw.hardware.ehrpd.xml|verizon_config_params.txt|com.verizon.llkagent.xml";
 
 	#Voice Recognition
-	blobs=$blobs"|libadpcmdec.so|liblistenhardware.so|liblistenjni.so|liblisten.so|liblistensoundmodel.so|libqvop-service.so|librecoglib.so|libsmwrapper.so|libsupermodel.so|libtrainingcheck.so|sound_trigger.primary.*.so|libgcs.*.so";
+	blobs=$blobs"|libadpcmdec.so|liblistenhardware.so|liblistenjni.so|liblisten.so|liblistensoundmodel.*.so|libqvop-service.so|librecoglib.so|libsmwrapper.so|libsupermodel.so|libtrainingcheck.so|sound_trigger.primary.*.so|libgcs.*.so";
 	blobs=$blobs"|audiomonitor|qvop-daemon";
 	blobs=$blobs"|HotwordEnrollment.apk|HotwordEnrollment.*.apk";
 	blobs=$blobs"|aonvr1.bin|aonvr2.bin|es305_fw.bin";
diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh
index 42cb3b77..56a21cfa 100644
--- a/Scripts/Common/Functions.sh
+++ b/Scripts/Common/Functions.sh
@@ -158,10 +158,16 @@ processRelease() {
 	if [ "$BLOCK" != false ]; then
 		BLOCK_SWITCHES="--block";
 	fi;
-	if [ "$VERITY" = true ]; then
+	if [[ "$VERITY" == "verity" ]]; then
 		VERITY_SWITCHES=(--replace_verity_public_key "$KEY_DIR/verity_key.pub" \
 			--replace_verity_private_key "$KEY_DIR/verity" \
 			--replace_verity_keyid "$KEY_DIR/verity.x509.pem");
+	elif [[ "$VERITY" == "avb" ]]; then
+		VERITY_SWITCHES=(--avb_vbmeta_key "$KEY_DIR/avb.pem" \
+			--avb_vbmeta_algorithm SHA256_RSA2048 \
+			--avb_system_key "$KEY_DIR/avb.pem" \
+			--avb_system_algorithm SHA256_RSA2048);
+		AVB_PKMD="$KEY_DIR/avb_pkmd.bin";
 	fi;
 
 	#Target Files
@@ -483,7 +489,9 @@ hardenDefconfig() {
 
 	#Enable supported options
 	#Disabled: CONFIG_DEBUG_SG (bootloops - https://patchwork.kernel.org/patch/8989981)
-	declare -a optionsYes=("CONFIG_ARM64_SW_TTBR0_PAN" "CONFIG_BUG" "CONFIG_BUG_ON_DATA_CORRUPTION" "CONFIG_CC_STACKPROTECTOR" "CONFIG_CC_STACKPROTECTOR_STRONG" "CONFIG_STACKPROTECTOR" "CONFIG_STACKPROTECTOR_STRONG" "CONFIG_CPU_SW_DOMAIN_PAN" "CONFIG_DEBUG_CREDENTIALS" "CONFIG_DEBUG_KERNEL" "CONFIG_DEBUG_LIST" "CONFIG_DEBUG_NOTIFIERS" "CONFIG_DEBUG_RODATA" "CONFIG_DEBUG_WX" "CONFIG_FORTIFY_SOURCE" "CONFIG_GCC_PLUGIN_LATENT_ENTROPY" "CONFIG_GCC_PLUGIN_RANDSTRUCT" "CONFIG_GCC_PLUGINS" "CONFIG_GCC_PLUGIN_STRUCTLEAK" "CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL" "CONFIG_HARDENED_USERCOPY" "CONFIG_IO_STRICT_DEVMEM" "CONFIG_KAISER" "CONFIG_LEGACY_VSYSCALL_NONE" "CONFIG_PAGE_POISONING" "CONFIG_PAGE_POISONING_NO_SANITY" "CONFIG_PAGE_POISONING_ZERO" "CONFIG_PAGE_TABLE_ISOLATION" "CONFIG_PANIC_ON_OOPS" "CONFIG_RANDOMIZE_BASE" "CONFIG_REFCOUNT_FULL" "CONFIG_RETPOLINE" "CONFIG_SCHED_STACK_END_CHECK" "CONFIG_SECCOMP" "CONFIG_SECCOMP_FILTER" "CONFIG_SECURITY" "CONFIG_SECURITY_PERF_EVENTS_RESTRICT" "CONFIG_SECURITY_YAMA" "CONFIG_SECURITY_YAMA_STACKED" "CONFIG_SLAB_FREELIST_RANDOM" "CONFIG_SLAB_HARDENED" "CONFIG_SLUB_DEBUG" "CONFIG_STRICT_DEVMEM" "CONFIG_STRICT_KERNEL_RWX" "CONFIG_STRICT_MEMORY_RWX" "CONFIG_SYN_COOKIES" "CONFIG_UNMAP_KERNEL_AT_EL0" "CONFIG_VMAP_STACK" "CONFIG_SECURITY_DMESG_RESTRICT" "CONFIG_SLAB_FREELIST_HARDENED" "CONFIG_GCC_PLUGINS" "CONFIG_GCC_PLUGIN_LATENT_ENTROPY" "CONFIG_GCC_PLUGIN_STRUCTLEAK" "CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL" "CONFIG_GCC_PLUGIN_RANDSTRUCT" "CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE" "CONFIG_IPV6_PRIVACY" "CONFIG_HARDEN_BRANCH_PREDICTOR" "CONFIG_IOMMU_API" "CONFIG_IOMMU_SUPPORT" "CONFIG_IOMMU_HELPER" "CONFIG_INTEL_IOMMU_DEFAULT_ON" "CONFIG_ARM_SMMU" "CONFIG_QCOM_IOMMU" "CONFIG_MSM_IOMMU" "CONFIG_MSM_TZ_SMMU" "CONFIG_KGSL_PER_PROCESS_PAGE_TABLE" "CONFIG_MSM_KGSL_MMU_PAGE_FAULT" "CONFIG_IOMMU_PGTABLES_L2" "CONFIG_TEGRA_IOMMU_SMMU" "CONFIG_TEGRA_IOMMU_GART" "CONFIG_MTK_IOMMU" "CONFIG_EXYNOS_IOMMU" "CONFIG_OMAP_IOMMU" "CONFIG_OF_IOMMU" "CONFIG_DM_VERITY" "CONFIG_DM_VERITY_FEC" "CONFIG_DM_ANDROID_VERITY" "CONFIG_ASYMMETRIC_KEY_TYPE" "CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE" "CONFIG_X509_CERTIFICATE_PARSER" "CONFIG_PKCS7_MESSAGE_PARSER" "CONFIG_SYSTEM_TRUSTED_KEYRING" "CONFIG_MMC_SECDISCARD")
+	declare -a optionsYes=("CONFIG_ARM64_SW_TTBR0_PAN" "CONFIG_ARM_SMMU" "CONFIG_ASYMMETRIC_KEY_TYPE" "CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE" "CONFIG_BUG" "CONFIG_BUG_ON_DATA_CORRUPTION" "CONFIG_CC_STACKPROTECTOR" "CONFIG_CC_STACKPROTECTOR_STRONG" "CONFIG_CPU_SW_DOMAIN_PAN" "CONFIG_DEBUG_CREDENTIALS" "CONFIG_DEBUG_KERNEL" "CONFIG_DEBUG_LIST" "CONFIG_DEBUG_NOTIFIERS" "CONFIG_DEBUG_RODATA" "CONFIG_DEBUG_WX" "CONFIG_DM_ANDROID_VERITY" "CONFIG_DM_VERITY" "CONFIG_DM_VERITY_FEC" "CONFIG_EXYNOS_IOMMU" "CONFIG_FORTIFY_SOURCE" "CONFIG_HARDEN_BRANCH_PREDICTOR" "CONFIG_HARDENED_USERCOPY" "CONFIG_INTEL_IOMMU_DEFAULT_ON" "CONFIG_IOMMU_API" "CONFIG_IOMMU_HELPER" "CONFIG_IOMMU_PGTABLES_L2" "CONFIG_IOMMU_SUPPORT" "CONFIG_IO_STRICT_DEVMEM" "CONFIG_IPV6_PRIVACY" "CONFIG_KAISER" "CONFIG_KGSL_PER_PROCESS_PAGE_TABLE" "CONFIG_LEGACY_VSYSCALL_NONE" "CONFIG_MMC_SECDISCARD" "CONFIG_MSM_IOMMU" "CONFIG_MSM_KGSL_MMU_PAGE_FAULT" "CONFIG_MSM_TZ_SMMU" "CONFIG_MTK_IOMMU" "CONFIG_OF_IOMMU" "CONFIG_OMAP_IOMMU" "CONFIG_PAGE_POISONING" "CONFIG_PAGE_POISONING_NO_SANITY" "CONFIG_PAGE_POISONING_ZERO" "CONFIG_PAGE_TABLE_ISOLATION" "CONFIG_PANIC_ON_OOPS" "CONFIG_PKCS7_MESSAGE_PARSER" "CONFIG_QCOM_IOMMU" "CONFIG_RANDOMIZE_BASE" "CONFIG_REFCOUNT_FULL" "CONFIG_RETPOLINE" "CONFIG_SCHED_STACK_END_CHECK" "CONFIG_SECCOMP" "CONFIG_SECCOMP_FILTER" "CONFIG_SECURITY" "CONFIG_SECURITY_DMESG_RESTRICT" "CONFIG_SECURITY_PERF_EVENTS_RESTRICT" "CONFIG_SECURITY_YAMA" "CONFIG_SECURITY_YAMA_STACKED" "CONFIG_SLAB_FREELIST_HARDENED" "CONFIG_SLAB_FREELIST_RANDOM" "CONFIG_SLAB_HARDENED" "CONFIG_SLUB_DEBUG" "CONFIG_STACKPROTECTOR" "CONFIG_STACKPROTECTOR_STRONG" "CONFIG_STRICT_DEVMEM" "CONFIG_STRICT_KERNEL_RWX" "CONFIG_STRICT_MEMORY_RWX" "CONFIG_SYN_COOKIES" "CONFIG_SYSTEM_TRUSTED_KEYRING" "CONFIG_TEGRA_IOMMU_GART" "CONFIG_TEGRA_IOMMU_SMMU" "CONFIG_UNMAP_KERNEL_AT_EL0" "CONFIG_VMAP_STACK" "CONFIG_X509_CERTIFICATE_PARSER")
+	#optionsYes+=("CONFIG_GCC_PLUGINS" "CONFIG_GCC_PLUGIN_LATENT_ENTROPY" "CONFIG_GCC_PLUGIN_RANDSTRUCT" "CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE" "CONFIG_GCC_PLUGIN_STRUCTLEAK" "CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL");
+	#optionsYes+=("CONFIG_PAGE_SANITIZE" "CONFIG_SLAB_CANARY" "CONFIG_SLUB_SANITIZE");
 	#if [ "$DOS_DEBLOBBER_REPLACE_TIME" = true ]; then optionsYes+=("CONFIG_RTC_DRV_MSM" "CONFIG_RTC_DRV_PM8XXX" "CONFIG_RTC_DRV_MSM7X00A" "CONFIG_RTC_DRV_QPNP"); fi;
 	for option in "${optionsYes[@]}"
 	do
diff --git a/Scripts/LineageOS-11.0/Functions.sh b/Scripts/LineageOS-11.0/Functions.sh
index 82e06961..15caa4a8 100644
--- a/Scripts/LineageOS-11.0/Functions.sh
+++ b/Scripts/LineageOS-11.0/Functions.sh
@@ -35,7 +35,7 @@ scanWorkspaceForMalware() {
 export -f scanWorkspaceForMalware;
 
 buildDevice() {
-	brunch "cm_$1-user" && processRelease $1 false false;
+	brunch "cm_$1-user" && processRelease $1 false;
 }
 export -f buildDevice;
 
@@ -48,7 +48,7 @@ export -f buildDeviceDebug;
 buildAll() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
 	if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi;
-	brunch lineage_nex-user && processRelease nex false false;
+	brunch lineage_nex-user && processRelease nex false;
 }
 export -f buildAll;
 
diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh
index 85b1bf19..50145b5a 100644
--- a/Scripts/LineageOS-14.1/Functions.sh
+++ b/Scripts/LineageOS-14.1/Functions.sh
@@ -54,55 +54,56 @@ buildAll() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
 	if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi;
 	#Select devices are userdebug due to SELinux policy issues
+	buildDevice osprey;
 	buildDeviceUserDebug thor;
+	buildDevice Z00T;
 	buildDevice clark;
-	buildDevice grouper; #needs manual patching - one-repo vendor blob patch
 	buildDevice h815;
-	buildDevice herolte;
 	buildDevice himaul;
+	buildDevice manta;
+	buildDevice n7100; #device/samsung/n7100/selinux/device.te:5:ERROR 'duplicate declaration of type/attribute' at token ';': type hpd_device, dev_type; type mfc_device, dev_type;
 	buildDeviceUserDebug i9100;
 	buildDeviceUserDebug i9300;
 	buildDevice i9305;
-	buildDevice maguro;
-	buildDevice manta;
 	buildDevice n5110;
-	buildDevice n7100; #device/samsung/n7100/selinux/device.te:5:ERROR 'duplicate declaration of type/attribute' at token ';': type hpd_device, dev_type; type mfc_device, dev_type;
-	buildDevice osprey;
+	buildDevice herolte;
+	buildDevice maguro;
 	buildDevice toro;
 	buildDevice toroplus;
-	buildDevice Z00T;
+	buildDevice grouper; #needs manual patching - one-repo vendor blob patch
+
 
 	#The following are all superseded, and should only be enabled if the newer version is broken (not building/booting/etc.)
 	if [ "$DOS_BUILDALL_SUPERSEDED" = true ]; then
-		buildDevice angler true;
-		buildDevice axon7;
-		buildDevice bullhead true;
-		buildDevice bacon;
+		buildDevice flo;
+		buildDevice mako;
 		buildDevice crackling;
+		buildDevice jfltexx; #broken - drivers/video/msm/mdp.c:401:1: warning: the frame size of 1032 bytes is larger than 1024 bytes [-Wframe-larger-than=]
 		buildDevice d802;
+		buildDevice hammerhead;
+		buildDevice bacon;
 		buildDevice d852;
 		buildDevice d855;
-		buildDevice dragon true;
-		buildDevice ether;
-		buildDevice flo;
-		buildDevice flounder true;
 		buildDevice FP2;
-		buildDevice fugu;
-		buildDevice griffin;
-		buildDevice h850;
 		buildDevice ham;
-		buildDevice hammerhead;
-		buildDevice jfltexx; #broken - drivers/video/msm/mdp.c:401:1: warning: the frame size of 1032 bytes is larger than 1024 bytes [-Wframe-larger-than=]
-		buildDevice kipper;
 		buildDevice klte;
 		buildDevice m8;
-		buildDevice mako;
-		buildDevice marlin true;
-		buildDevice sailfish true;
-		buildDevice shamu true;
-		buildDevice us996;
-		buildDevice us997;
 		buildDevice victara; #needs manual patching - fwb xml: fused: dangling tag
+		buildDevice shamu verity;
+		buildDevice bullhead verity;
+		buildDevice ether;
+		buildDevice angler verity;
+		buildDevice kipper;
+		buildDevice axon7;
+		buildDevice griffin;
+		buildDevice h850;
+		buildDevice us996;
+		buildDevice marlin verity;
+		buildDevice sailfish verity;
+		buildDevice us997;
+		buildDevice flounder verity;
+		buildDevice dragon verity;
+		buildDevice fugu;
 	fi;
 }
 export -f buildAll;
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_wahoo.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_wahoo.sh
new file mode 100644
index 00000000..f9b41061
--- /dev/null
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_wahoo.sh
@@ -0,0 +1,187 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/google/wahoo"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0181-0182.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0183-0184.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000405/4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000410/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11065/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11091/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11472/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/^4.13.3/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12192/^4.13.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12193/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13293/4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13695/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14051/^4.12.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14106/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14156/^4.12.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14489/^4.13.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14886/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15115/^4.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15299/^4.13.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15649/^4.13.6/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15827/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16525/^4.13.8/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16533/^4.13.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13.11/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16646/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16649/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16914/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18061/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18203/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18208/^4.14.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18216/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18222/^4.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18255/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18306/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8824/^4.14.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9699/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9711/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000204/3.18-^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10021/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10087/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10124/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1068/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1087/^4.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/4.4+/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10881/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/^4.15.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10938/4.0-^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11265/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11273/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1130/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11818/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11842/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11905/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11919/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11960/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11963/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11987/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12010/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12011/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13405/3.16-^4.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13406/^4.17.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13912/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13917/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13920/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14734/^4.17.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16276/^4.17.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18021/^4.18.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18386/^4.14.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19824/^4.19.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/^4.19.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3574/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3575/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5332/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5333/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5344/^4.14.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5750/^4.14.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5902/4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5903/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5905/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5906/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5908/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5909/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5910/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-6412/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7492/^4.14.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7757/^4.15.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8087/^4.15.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8781/^4.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8897/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9462/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9463/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9518/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9519/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9568/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10538/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11810/^5.0.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/^5.1.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/^5.0.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/^4.20.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13272/^5.1.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15219/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2024/^4.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2263/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2290/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2345/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+editKernelLocalversion "-dos.p183"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh
index 2d2cc3b8..dc10fe3b 100644
--- a/Scripts/LineageOS-15.1/Functions.sh
+++ b/Scripts/LineageOS-15.1/Functions.sh
@@ -18,7 +18,7 @@
 #Last verified: 2018-04-27
 
 patchAllKernels() {
-	startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_cyanogen_msm8974 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_google_dragon kernel_google_marlin kernel_google_msm kernel_htc_flounder kernel_htc_msm8974 kernel_huawei_angler kernel_lge_bullhead kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8974 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_samsung_msm8974 kernel_samsung_universal9810 kernel_zte_msm8996";
+	startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_cyanogen_msm8974 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_google_dragon kernel_google_marlin kernel_google_msm kernel_google_wahoo kernel_htc_flounder kernel_htc_msm8974 kernel_huawei_angler kernel_lge_bullhead kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_lge_msm8996 kernel_moto_shamu kernel_motorola_msm8974 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_samsung_msm8974 kernel_samsung_universal9810 kernel_zte_msm8996";
 }
 export -f patchAllKernels;
 
@@ -48,39 +48,41 @@ export -f buildDeviceDebug;
 buildAll() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
 	if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi;
-	buildDevice angler true;
-	buildDevice axon7; #broken
-	buildDevice bullhead true;
-	buildDevice dragon true;
 	buildDevice flo;
-	buildDevice flounder true;
+	buildDevice bullhead verity;
+	buildDevice angler verity;
+	buildDevice axon7; #broken
 	buildDevice h850;
-	buildDevice starlte; #broken - device/samsung/universal9810-common/audio: MODULE.TARGET.SHARED_LIBRARIES.libshim_audio_32 already defined by device/samsung/star-common/audio
 	buildDevice us996;
 	buildDevice us997;
+	buildDevice flounder verity;
+	buildDevice dragon verity;
+	buildDevice starlte; #broken - device/samsung/universal9810-common/audio: MODULE.TARGET.SHARED_LIBRARIES.libshim_audio_32 already defined by device/samsung/star-common/audio
 
 	#The following are all superseded, and should only be enabled if the newer version is broken (not building/booting/etc.)
-	buildDevice fugu;
 	buildDevice hammerhead;
+	buildDevice fugu;
 	if [ "$DOS_BUILDALL_SUPERSEDED" = true ]; then
-		buildDevice bacon;
+		buildDevice mako;
 		buildDevice crackling;
 		buildDevice d802;
+		buildDevice bacon;
 		buildDevice d852;
 		buildDevice d855;
-		buildDevice ether;
 		buildDevice FP2;
-		buildDevice griffin;
 		buildDevice ham;
-		buildDevice kipper;
 		buildDevice klte;
 		buildDevice m8;
-		buildDevice mako;
-		buildDevice marlin true;
-		buildDevice mata true;
-		buildDevice sailfish true;
-		buildDevice shamu true;
 		buildDevice victara;
+		buildDevice shamu verity;
+		buildDevice ether;
+		buildDevice kipper;
+		buildDevice griffin;
+		buildDevice marlin verity;
+		buildDevice sailfish verity;
+		buildDevice mata verity;
+		buildDevice taimen avb;
+		buildDevice walleye avb;
 	fi;
 }
 export -f buildAll;
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_essential_msm8998.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_essential_msm8998.sh
index d44d46c5..58d08439 100644
--- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_essential_msm8998.sh
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_essential_msm8998.sh
@@ -1,9 +1,28 @@
 #!/bin/bash
 cd "$DOS_BUILD_BASE""kernel/essential/msm8998"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0187-0188.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
 git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
@@ -24,6 +43,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18306/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/^4.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9711/4.4/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11273/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11818/ANY/0002.patch
@@ -56,6 +76,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0011.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0012.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2264/ANY/0001.patch
@@ -67,5 +89,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11274/ANY/0001.patch
-editKernelLocalversion "-dos.p67"
+editKernelLocalversion "-dos.p89"
 cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_bonito.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_bonito.sh
new file mode 100644
index 00000000..a6fc8761
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_bonito.sh
@@ -0,0 +1,107 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/google/bonito"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0125-0126.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0133-0134.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0137-0138.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0150-0151.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0168-0169.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0181-0182.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0183-0184.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0024.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/^4.10.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000026/4.8+/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10938/4.0-^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12232/^4.17.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13899/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13899/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14611/^4.17.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14633/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18021/^4.18.12/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-19824/^4.19.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20169/^4.19.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9462/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9519/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10538/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11810/^5.0.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/^5.1.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/^5.0.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/^4.20.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13272/^5.1.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13648/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15219/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15538/^5.2.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2279/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2284/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2287/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2301/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2308/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2314/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2330/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2345/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3846/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3846/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-6974/^4.20.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7222/^4.20.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+editKernelLocalversion "-dos.p103"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_crosshatch.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_crosshatch.sh
new file mode 100644
index 00000000..36df0dbe
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_crosshatch.sh
@@ -0,0 +1,100 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/google/crosshatch"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0149-0150.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0150-0151.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0156-0157.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0168-0169.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0172-0173.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0181-0182.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.9/4.9.0183-0184.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0024.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.9/0038.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7477/^4.10.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1000026/4.8+/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11817/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11919/4.9/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12232/^4.17.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13097/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13899/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13899/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13912/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9462/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9519/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11810/^5.0.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/^5.1.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/^5.0.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/^4.20.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13272/^5.1.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13648/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15219/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15538/^5.2.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2279/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2284/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2287/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2301/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2314/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2345/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3846/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3846/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-6974/^4.20.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7222/^4.20.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+editKernelLocalversion "-dos.p96"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_wahoo.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_wahoo.sh
new file mode 100644
index 00000000..733ff15b
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_google_wahoo.sh
@@ -0,0 +1,108 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/google/wahoo"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0170-0171.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0181-0182.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0183-0184.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0015.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0019.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0021.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0022.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0023.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6187/^4.6.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000252/^4.13.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11065/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11091/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13693/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13694/^4.12.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14886/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15827/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18061/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9699/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11818/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11919/4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12010/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-12011/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13912/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13913/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18690/^4.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20836/^4.20/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3575/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5902/4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5906/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-7273/^4.15.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-8043/^4.15.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10538/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11810/^5.0.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11833/^5.1.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11884/^5.0.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12818/^4.20.15/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12819/^5.0/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13272/^5.1.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15214/^5.0.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15219/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2263/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2330/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2333/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2341/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2345/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-7222/^4.20.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+editKernelLocalversion "-dos.p104"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh
index 314ed224..f7229cca 100644
--- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_lge_mako.sh
@@ -17,7 +17,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4470/^3.12/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-4738/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-3688/^3.17.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-7975/^3.17/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2042/^3.19/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-6937/^4.2.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7566/^4.4.1/0001.patch
@@ -126,5 +125,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-5d89eb01c93d8a
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-7be3e08d7a523207486701b2d34607137558066f.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
-editKernelLocalversion "-dos.p126"
+editKernelLocalversion "-dos.p125"
 cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh
index e0aa50b7..b166aa06 100644
--- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh
@@ -107,8 +107,12 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11486/^5.0.8/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15212/^5.1.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0003/3.10/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
@@ -116,5 +120,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-ch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
-editKernelLocalversion "-dos.p116"
+editKernelLocalversion "-dos.p120"
 cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_jf.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_jf.sh
index 43ee3f30..33d5bd70 100644
--- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_jf.sh
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_jf.sh
@@ -6,6 +6,7 @@ git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3076/^3.9/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2013-3222/^3.9/0001.patch
@@ -132,6 +133,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9416/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9439/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9516/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15216/^5.0.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15807/^5.1.13/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
@@ -141,5 +144,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-sy
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
-editKernelLocalversion "-dos.p141"
+editKernelLocalversion "-dos.p144"
 cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_zuk_msm8996.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_zuk_msm8996.sh
index 80eb24c8..ab0ce5a3 100644
--- a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_zuk_msm8996.sh
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_zuk_msm8996.sh
@@ -1,10 +1,20 @@
 #!/bin/bash
 cd "$DOS_BUILD_BASE""kernel/zuk/msm8996"
 git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0183-0184.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0187-0188.patch --exclude=Makefile
 git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
 git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0005.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0010.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0012.patch
+#git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.4/0018.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-1583/^4.6.3/0001.patch
@@ -24,6 +34,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18174/^4.7/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18204/^4.14.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18509/^4.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9211/^4.11.2/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13094/^4.17.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
@@ -35,11 +46,14 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12614/^5.1.6/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13272/^5.1.17/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-13631/^5.2.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14763/^4.16.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15098/^5.2.8/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15213/^5.2.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
-editKernelLocalversion "-dos.p41"
+editKernelLocalversion "-dos.p55"
 cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
index 1757dec4..913f7c35 100644
--- a/Scripts/LineageOS-16.0/Functions.sh
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -18,7 +18,7 @@
 #Last verified: 2018-04-27
 
 patchAllKernels() {
-	startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_cyanogen_msm8974 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_google_marlin kernel_htc_msm8974 kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_moto_shamu kernel_motorola_msm8974 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_razer_msm8998 kernel_samsung_jf kernel_samsung_msm8974 kernel_zuk_msm8996";
+	startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_cyanogen_msm8974 kernel_essential_msm8998 kernel_fairphone_msm8974 kernel_google_bonito kernel_google_crosshatch kernel_google_marlin kernel_google_wahoo kernel_htc_msm8974 kernel_lge_g3 kernel_lge_hammerhead kernel_lge_mako kernel_lge_msm8974 kernel_moto_shamu kernel_motorola_msm8974 kernel_motorola_msm8996 kernel_nextbit_msm8992 kernel_oppo_msm8974 kernel_razer_msm8998 kernel_samsung_jf kernel_samsung_msm8974 kernel_zuk_msm8996";
 }
 export -f patchAllKernels;
 
@@ -48,29 +48,49 @@ export -f buildDeviceDebug;
 buildAll() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
 	if [ "$DOS_OPTIMIZE_IMAGES" = true ]; then optimizeImagesRecursive "$DOS_BUILD_BASE"; fi;
+	#SDS4P
 	buildDevice mako;
-	buildDevice sailfish true;
+	#SD410
+	buildDevice crackling; #broken
+	#SD600
+	buildDevice jfltexx;
+	#SD800
+	buildDevice d802;
+	buildDevice hammerhead; #broken
+	#SD801
 	buildDevice bacon;
 	buildDevice d852;
-	buildDevice cheryl; #broken
-	buildDevice crackling; #broken
-	buildDevice d802;
 	buildDevice d855;
-	buildDevice ether;
 	buildDevice FP2;
-	buildDevice fugu; #broken
-	buildDevice griffin;
 	buildDevice ham;
-	buildDevice hammerhead; #broken
-	buildDevice jfltexx;
-	buildDevice kipper; #broken
 	buildDevice klte;
 	buildDevice m8;
-	buildDevice marlin true;
-	buildDevice mata true;
-	buildDevice shamu true;
 	buildDevice victara;
-	buildDevice z2_plus true; #broken
+	#SD805
+	buildDevice shamu verity;
+	#SD808
+	buildDevice ether;
+	#SD615
+	buildDevice kipper; #broken
+	#SD820
+	buildDevice griffin;
+	buildDevice z2_plus verity; #broken
+	#SD821
+	buildDevice marlin verity;
+	buildDevice sailfish verity;
+	#SD835
+	buildDevice cheryl; #broken
+	buildDevice mata verity;
+	buildDevice taimen avb;
+	buildDevice walleye avb;
+	#SD845
+	buildDevice crosshatch avb;
+	buildDevice blueline avb;
+	#SD670
+	buildDevice bonito avb;
+	buildDevice sargo avb;
+	#Intel
+	buildDevice fugu; #broken
 }
 export -f buildAll;