diff --git a/Manifests/Manifest_LAOS-17.1.xml b/Manifests/Manifest_LAOS-17.1.xml
index 8338401d..a0060b84 100644
--- a/Manifests/Manifest_LAOS-17.1.xml
+++ b/Manifests/Manifest_LAOS-17.1.xml
@@ -96,7 +96,6 @@
-
diff --git a/Scripts/Common/Deblob.sh b/Scripts/Common/Deblob.sh
index b5c1cc79..b89a1472 100644
--- a/Scripts/Common/Deblob.sh
+++ b/Scripts/Common/Deblob.sh
@@ -327,7 +327,8 @@ echo "Deblobbing..."
#blobs=$blobs"|dbvc_atvc_property_set";
blobs=$blobs"|com.motorola.motosignature.jar|com.motorola.motosignature.xml|MotoSignatureApp.apk";
blobs=$blobs"|TriggerEnroll.apk|TriggerTrainingService.apk|com.motorola.triggerenroll.xml";
- blobs=$blobs"|audio.motvr.default.so|libmotaudioutils.so";
+ blobs=$blobs"|audio.motvr.default.so";
+ #blobs=$blobs"|libmotaudioutils.so"; #breaks phone call audio (?)
blobs=$blobs"|libcce-socketjni.so|libmotocare.so";
#blobs=$blobs"|qmi_motext_hook|libmdmcutback.so|libqmimotext.so|libmotext_inf.so"; #necessary for radio
makes=$makes"|com.motorola.cameraone.xml";
diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh
index 92b0c2cf..90a16315 100644
--- a/Scripts/Common/Functions.sh
+++ b/Scripts/Common/Functions.sh
@@ -626,7 +626,7 @@ hardenDefconfig() {
done
#Disable supported options
#Disabled: CONFIG_MSM_SMP2P_TEST, CONFIG_MAGIC_SYSRQ (breaks compile on many kernels), CONFIG_KALLSYMS (breaks boot on select devices), CONFIG_IKCONFIG (breaks recovery)
- declare -a optionsNo=("CONFIG_ACPI_APEI_EINJ" "CONFIG_ACPI_CUSTOM_METHOD" "CONFIG_ACPI_TABLE_UPGRADE" "CONFIG_AIO" "CONFIG_BINFMT_AOUT" "CONFIG_BINFMT_MISC" "CONFIG_CHECKPOINT_RESTORE" "CONFIG_COMPAT_BRK" "CONFIG_COMPAT_VDSO" "CONFIG_CP_ACCESS64" "CONFIG_DEBUG_KMEMLEAK" "CONFIG_DEVKMEM" "CONFIG_DEVMEM" "CONFIG_DEVPORT" "CONFIG_EARJACK_DEBUGGER" "CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE" "CONFIG_HARDENED_USERCOPY_FALLBACK" "CONFIG_HIBERNATION" "CONFIG_HWPOISON_INJECT" "CONFIG_IA32_EMULATION" "CONFIG_IOMMU_NON_SECURE" "CONFIG_INPUT_EVBUG" "CONFIG_IP_DCCP" "CONFIG_IP_SCTP" "CONFIG_KEXEC" "CONFIG_KEXEC_FILE" "CONFIG_KSM" "CONFIG_LDISC_AUTOLOAD" "CONFIG_LEGACY_PTYS" "CONFIG_LIVEPATCH" "CONFIG_MEM_SOFT_DIRTY" "CONFIG_MMIOTRACE" "CONFIG_MMIOTRACE_TEST" "CONFIG_MODIFY_LDT_SYSCALL" "CONFIG_MSM_BUSPM_DEV" "CONFIG_NEEDS_SYSCALL_FOR_CMPXCHG" "CONFIG_NOTIFIER_ERROR_INJECTION" "CONFIG_OABI_COMPAT" "CONFIG_PAGE_OWNER" "CONFIG_PROC_KCORE" "CONFIG_PROC_PAGE_MONITOR" "CONFIG_PROC_VMCORE" "CONFIG_RDS" "CONFIG_RDS_TCP" "CONFIG_SECURITY_SELINUX_DISABLE" "CONFIG_SECURITY_WRITABLE_HOOKS" "CONFIG_SLAB_MERGE_DEFAULT" "CONFIG_STACKLEAK_METRICS" "CONFIG_STACKLEAK_RUNTIME_DISABLE" "CONFIG_TIMER_STATS" "CONFIG_TSC" "CONFIG_TSPP2" "CONFIG_UKSM" "CONFIG_UPROBES" "CONFIG_USELIB" "CONFIG_USERFAULTFD" "CONFIG_VIDEO_VIVID" "CONFIG_WLAN_FEATURE_MEMDUMP" "CONFIG_X86_IOPL_IOPERM" "CONFIG_X86_PTDUMP" "CONFIG_X86_VSYSCALL_EMULATION" "CONFIG_ZSMALLOC_STAT");
+ declare -a optionsNo=("CONFIG_ACPI_APEI_EINJ" "CONFIG_ACPI_CUSTOM_METHOD" "CONFIG_ACPI_TABLE_UPGRADE" "CONFIG_BINFMT_AOUT" "CONFIG_BINFMT_MISC" "CONFIG_CHECKPOINT_RESTORE" "CONFIG_COMPAT_BRK" "CONFIG_COMPAT_VDSO" "CONFIG_CP_ACCESS64" "CONFIG_DEBUG_KMEMLEAK" "CONFIG_DEVKMEM" "CONFIG_DEVMEM" "CONFIG_DEVPORT" "CONFIG_EARJACK_DEBUGGER" "CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE" "CONFIG_HARDENED_USERCOPY_FALLBACK" "CONFIG_HIBERNATION" "CONFIG_HWPOISON_INJECT" "CONFIG_IA32_EMULATION" "CONFIG_IOMMU_NON_SECURE" "CONFIG_INPUT_EVBUG" "CONFIG_IP_DCCP" "CONFIG_IP_SCTP" "CONFIG_KEXEC" "CONFIG_KEXEC_FILE" "CONFIG_KSM" "CONFIG_LDISC_AUTOLOAD" "CONFIG_LEGACY_PTYS" "CONFIG_LIVEPATCH" "CONFIG_MEM_SOFT_DIRTY" "CONFIG_MMIOTRACE" "CONFIG_MMIOTRACE_TEST" "CONFIG_MODIFY_LDT_SYSCALL" "CONFIG_MSM_BUSPM_DEV" "CONFIG_NEEDS_SYSCALL_FOR_CMPXCHG" "CONFIG_NOTIFIER_ERROR_INJECTION" "CONFIG_OABI_COMPAT" "CONFIG_PAGE_OWNER" "CONFIG_PROC_KCORE" "CONFIG_PROC_PAGE_MONITOR" "CONFIG_PROC_VMCORE" "CONFIG_RDS" "CONFIG_RDS_TCP" "CONFIG_SECURITY_SELINUX_DISABLE" "CONFIG_SECURITY_WRITABLE_HOOKS" "CONFIG_SLAB_MERGE_DEFAULT" "CONFIG_STACKLEAK_METRICS" "CONFIG_STACKLEAK_RUNTIME_DISABLE" "CONFIG_TIMER_STATS" "CONFIG_TSC" "CONFIG_TSPP2" "CONFIG_UKSM" "CONFIG_UPROBES" "CONFIG_USELIB" "CONFIG_USERFAULTFD" "CONFIG_VIDEO_VIVID" "CONFIG_WLAN_FEATURE_MEMDUMP" "CONFIG_X86_IOPL_IOPERM" "CONFIG_X86_PTDUMP" "CONFIG_X86_VSYSCALL_EMULATION" "CONFIG_ZSMALLOC_STAT");
if [[ "$1" != *"kernel/htc/msm8994"* ]] && [[ "$1" != *"kernel/samsung/smdk4412"* ]] && [[ "$1" != *"kernel/htc/flounder"* ]] && [[ "$1" != *"kernel/amazon/hdx-common"* ]] && [[ "$1" != *"msm899"* ]] && [[ "$1" != *"sdm8"* ]] && [[ "$1" != *"sdm6"* ]]; then
optionsNo+=("CONFIG_DIAG_CHAR" "CONFIG_DIAG_OVER_USB" "CONFIG_USB_QCOM_DIAG_BRIDGE" "CONFIG_DIAGFWD_BRIDGE_CODE" "CONFIG_DIAG_SDIO_PIPE" "CONFIG_DIAG_HSIC_PIPE");
fi;
diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh
index f2aada76..d1057556 100644
--- a/Scripts/LineageOS-15.1/Functions.sh
+++ b/Scripts/LineageOS-15.1/Functions.sh
@@ -105,7 +105,7 @@ patchWorkspace() {
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
source build/envsetup.sh;
- repopick -i 280662 280664; #O_asb_2020-07
+ repopick -i 280662 280664 281415; #O_asb_2020-07
export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh
index 7f400816..98bb0c4e 100644
--- a/Scripts/LineageOS-15.1/Patch.sh
+++ b/Scripts/LineageOS-15.1/Patch.sh
@@ -68,7 +68,6 @@ enterAndClear "build/make";
patch -p1 < "$DOS_PATCHES_COMMON/android_build/0001-OTA_Keys.patch"; #add correct keys to recovery for OTA verification
awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk;
sed -i '57i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk;
-sed -i 's/2020-06-05/2020-07-05/' core/version_defaults.mk; #O_asb_2020-07
enterAndClear "device/lineage/sepolicy";
git revert --no-edit 9c28a0dfb91bb468515e123b1aaf3fcfc007b82f; #neverallow violation - breaks backuptool
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh
index ea366794..de76e281 100644
--- a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_essential_msm8998.sh
@@ -82,7 +82,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10614/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14037/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14041/ANY/0001.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14047/ANY/0002.patch
@@ -91,12 +90,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19054/^5.3.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19073/^5.3.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19074/^5.3.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15393/^5.7.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
-editKernelLocalversion "-dos.p98"
+editKernelLocalversion "-dos.p96"
cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8974.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8974.sh
index f517d1d8..51abc34f 100644
--- a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8974.sh
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_motorola_msm8974.sh
@@ -5,7 +5,6 @@ git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0009.patch
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0004.patch
git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
@@ -38,7 +37,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5244/^4.6.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5828/^4.6.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6480/^4.7/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5.2/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8406/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
@@ -50,7 +48,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0710/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0861/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9.13/0001.patch
#git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7373/3.4/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/^4.11.1/0001.patch
@@ -87,7 +84,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16535/^4.13.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/^4.13.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17450/^4.14.4/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/^4.14.5/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17805/^4.14.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17806/^4.14.8/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18079/^4.12.4/0001.patch
@@ -115,7 +111,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10675/^4.12.9/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10902/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10940/^4.16.6/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11939/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13053/^4.17.3/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-14634/ANY/0001.patch
@@ -123,13 +118,10 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-15594/^4.18.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-16658/^4.18.6/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-18710/^4.19/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20511/^4.18.11/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2001/^3.10/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2054/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-2101/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3459/^5.1/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/^4.20.11/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10142/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10491/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10607/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14040/ANY/0001.patch
@@ -158,5 +150,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd
git apply $DOS_PATCHES_LINUX_CVES/CVE-2012-6544/^3.6/0003.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-10622/ANY/0002.patch
-editKernelLocalversion "-dos.p158"
+editKernelLocalversion "-dos.p150"
cd "$DOS_BUILD_BASE"