*/linux-*: enable CONFIG_CRYPTO_XTS

Enable CONFIG_CRYPTO_XTS for each kernel, so we can switch to using
aes-xts-plain64 as default cipher for cryptsetup (override with
"pmbootstrap --cipher"), instead of aes-cbc-plain64 (pmbootstrap#1940).

I have executed "pmbootstrap kconfig edit" on each kernel, and manually
toggled the option. The diff is not always clean, because for some
kernels it is apparently the first time, that menuconfig was executed on
the configs like that. In a few instances, it turned out that
CONFIG_ANDROID_PARANOID_NETWORK needed to be disabled too (this is
already a requirement, but as the config was incomplete, it was not
visible that this option was enabled). Very few times, I had to enable
CONFIG_EXPERIMENTAL in order to see and enable CONFIG_CRYPTO_XTS.

It would be great if we could automate such mass kconfig edits in the
future, see pmbootstrap#1942.

[skip ci]: I'll verify that this builds. CI will likely run out of time
while downloading source tarballs.

Some of the kernels that had to be adjusted were slightly broken or had weird output directories without setting _outdir. I've added patches to fix them up.

@afontain: FYI: this makes pmbootstrap kconfig edit wiko-lenny2 work again (see related patch).

Related: pmbootstrap#1940 (closed)

Setting to WIP, until I have verified that all kernels build (so far at 50/132; should be done some time tomorrow) and tested two resulting kernels with pmbootstrap --cipher aes-xts-plain64 install --fde.