diff --git a/Manifests/Manifest_LAOS-17.1.xml b/Manifests/Manifest_LAOS-17.1.xml
index 583c6160..fc555192 100644
--- a/Manifests/Manifest_LAOS-17.1.xml
+++ b/Manifests/Manifest_LAOS-17.1.xml
@@ -149,4 +149,10 @@
+
+
+
+
+
+
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
index 386faf80..d46f2c03 100644
--- a/Scripts/LineageOS-16.0/Functions.sh
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -73,8 +73,9 @@ patchWorkspace() {
umask 0022;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
- #source build/envsetup.sh;
+ source build/envsetup.sh;
#repopick -it pie-firewall;
+ repopick -it P_asb_2021-09;
source "$DOS_SCRIPTS/Patch.sh";
source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
diff --git a/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_xiaomi_sm6150.sh b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_xiaomi_sm6150.sh
new file mode 100644
index 00000000..81786401
--- /dev/null
+++ b/Scripts/LineageOS-17.1/CVE_Patchers/android_kernel_xiaomi_sm6150.sh
@@ -0,0 +1,162 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/xiaomi/sm6150"
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0213-0214.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0216-0217.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.14/4.14.0219-0220.patch --exclude=Makefile
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0003-syzkaller-Misc2/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0057.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0058.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0059.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0060.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0061.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0062.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0067.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0069.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0070.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0071.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0072.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0073.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0074.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0075.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0076.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0077.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0078.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0079.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0081.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0082.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0083.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0084.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/4.14/0085.patch
+git apply $DOS_PATCHES_LINUX_CVES/0008-Graphene-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7837/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18232/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-20855/^4.18.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-3874/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-9444/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-11191/^5.0.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12378/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12455/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-12456/^5.1.5/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-14104/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-15291/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-16921/^4.17/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19051/4.14/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19060/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19068/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-19602/^5.4.2/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-20908/^5.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.14/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.14/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.14/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.14/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-3702/4.14/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11146/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11151/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11261/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11267/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11282/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-11608/^5.6.1/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-12352/ANY/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-15780/^5.7.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-16119/^5.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24588/4.14/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24588/^5.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25670/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25671/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25672/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-25673/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26139/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26147/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-26558/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27170/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27171/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-27825/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-28374/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29372/^5.7/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-29374/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-BleedingToothExtras/^5.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-0512/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1927/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1940/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1941/qca-wifi-host-cmn/0001.patch --directory=drivers/staging/qca-wifi-host-cmn
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1945/qca-wifi-host-cmn/0001.patch --directory=drivers/staging/qca-wifi-host-cmn
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1961/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-1963/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.14/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.14/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.14/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.14/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.14/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.14/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3347/4.14/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3348/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3428/4.14/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3428/4.14/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3428/4.14/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3483/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3493/^5.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3564/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3573/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3609/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3612/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3653/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3655/4.14/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3655/4.14/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3655/^5.13/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3656/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3659/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3679/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3732/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-3753/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-21781/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-22555/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-23133/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-23134/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26930/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.14/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26931/4.14/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-26932/4.14/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27363/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-27365/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28038/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28039/^5.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28660/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28688/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28964/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28971/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-28972/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29154/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29647/^5.12/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-29650/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-30002/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31829/4.14/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-31916/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-32399/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33033/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33034/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-33909/4.14/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-34693/4.14/0004.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-37576/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-38160/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-38198/4.14/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-38204/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-38205/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-38208/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2021-38209/4.14/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2020-24586/4.14/0003.patch
+editKernelLocalversion "-dos.p158"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh
index 6f73b4a8..32453704 100644
--- a/Scripts/LineageOS-17.1/Functions.sh
+++ b/Scripts/LineageOS-17.1/Functions.sh
@@ -18,7 +18,7 @@
#Last verified: 2020-04-14
patchAllKernels() {
- startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_google_marlin kernel_google_msm-4.9 kernel_google_yellowstone kernel_htc_msm8974 kernel_motorola_msm8916 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_oneplus_msm8994 kernel_oneplus_sm7250 kernel_oneplus_sm8150 kernel_yandex_sdm660 kernel_zuk_msm8996";
+ startPatcher "kernel_asus_fugu kernel_cyanogen_msm8916 kernel_google_marlin kernel_google_msm-4.9 kernel_google_yellowstone kernel_htc_msm8974 kernel_motorola_msm8916 kernel_motorola_msm8992 kernel_motorola_msm8996 kernel_oneplus_msm8994 kernel_oneplus_sm7250 kernel_oneplus_sm8150 kernel_xiaomi_sm6150 kernel_yandex_sdm660 kernel_zuk_msm8996";
}
export -f patchAllKernels;
@@ -70,6 +70,8 @@ buildAll() {
#SD821
buildDevice marlin verity;
buildDevice sailfish verity;
+ #SD730
+ buildDevice davinci avb;
#SD855
buildDevice guacamoleb avb;
#SD660
@@ -90,8 +92,9 @@ patchWorkspace() {
umask 0022;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
- #source build/envsetup.sh;
+ source build/envsetup.sh;
#repopick -it ten-firewall;
+ repopick -it Q_asb_2021-09;
source "$DOS_SCRIPTS/Patch.sh";
source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh
index 36df0805..828e72b2 100644
--- a/Scripts/LineageOS-17.1/Patch.sh
+++ b/Scripts/LineageOS-17.1/Patch.sh
@@ -335,6 +335,10 @@ if enterAndClear "kernel/google/marlin"; then
git revert --no-edit dd4a454f080f60cc7c4f5cc281a48cba80947baf; #Resurrect dm-verity
fi;
+if enterAndClear "device/xiaomi/sm6150-common"; then
+enableVerity; #Resurrect dm-verity
+fi;
+
#Make changes to all devices
cd "$DOS_BUILD_BASE";
if [ "$DOS_LOWRAM_ENABLED" = true ]; then find "device" -maxdepth 2 -mindepth 2 -type d -print0 | xargs -0 -n 1 -P 8 -I {} bash -c 'enableLowRam "{}"'; fi;
diff --git a/Scripts/LineageOS-18.1/Functions.sh b/Scripts/LineageOS-18.1/Functions.sh
index e754c4f7..fd337321 100644
--- a/Scripts/LineageOS-18.1/Functions.sh
+++ b/Scripts/LineageOS-18.1/Functions.sh
@@ -108,7 +108,7 @@ buildAll() {
buildDevice coral avb;
buildDevice flame avb;
#buildDevice raphael avb; #unb + missing vendor
- #buildDevice vayu avb; #TODO
+ buildDevice vayu avb;
#SD765
buildDevice bramble avb;
buildDevice redfin avb;