From afe719ffc4e0d4d53c808f2971846b7216d8b61c Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 4 Mar 2019 02:04:36 -0500
Subject: [PATCH] 16.0: Initial bringup

- 14.1/15.1: Remove @ValdikSS' bluetooth patches
- 15.1: Cleanup
---
 Manifests/Manifest_LAOS-16.0.xml              |   1 -
 .../0001-Improve_Quality.patch                |  57 ---
 .../0001-Improve_Quality.patch                |  74 ----
 .../0003-Deny_USB-Aggressive.patch            |  27 --
 .../0001-Automated_Build_Signing.patch        | 103 +++++
 .../0001-Camera_Fix.patch                     |  34 ++
 .../0005-Connectivity.patch                   |  34 ++
 .../0006-Disable_Analytics.patch              |  37 ++
 .../0001-Fix_Calling.patch                    |  52 +++
 .../0001-Remove_Analytics.patch               | 143 +++++++
 .../0001-Remove_Analytics.patch               | 187 +++++++++
 .../0002-Tor_Support.patch                    | 385 ++++++++++++++++++
 .../0001-PREREQ_Handle_All_Modes.patch        | 141 +++++++
 .../0002-More_Preferred_Network_Modes.patch   | 262 ++++++++++++
 .../0001-Harden_Mounts.patch                  |  48 +++
 .../0001-LGE_Fixes.patch                      |  35 ++
 Scripts/LineageOS-14.1/Patch.sh               |   3 -
 Scripts/LineageOS-15.1/Defaults.sh            |  14 -
 Scripts/LineageOS-15.1/Patch.sh               |  11 +-
 .../CVE_Patchers/android_kernel_moto_shamu.sh |  69 ++++
 .../android_kernel_motorola_msm8996.sh        |  81 ++++
 .../android_kernel_oppo_msm8974.sh            |  55 +++
 .../android_kernel_samsung_msm8974.sh         |  29 ++
 Scripts/LineageOS-16.0/Defaults.sh            |  45 ++
 Scripts/LineageOS-16.0/Functions.sh           | 107 +++++
 Scripts/LineageOS-16.0/Patch.sh               | 195 +++++++++
 Scripts/LineageOS-16.0/Rebrand.sh             |  62 +++
 Scripts/init.sh                               |   2 +-
 28 files changed, 2109 insertions(+), 184 deletions(-)
 delete mode 100644 Patches/LineageOS-14.1/android_system_bt/0001-Improve_Quality.patch
 delete mode 100644 Patches/LineageOS-15.1/android_system_bt/0001-Improve_Quality.patch
 delete mode 100644 Patches/LineageOS-15.1/android_system_core/0003-Deny_USB-Aggressive.patch
 create mode 100644 Patches/LineageOS-16.0/android_build/0001-Automated_Build_Signing.patch
 create mode 100644 Patches/LineageOS-16.0/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
 create mode 100644 Patches/LineageOS-16.0/android_frameworks_base/0005-Connectivity.patch
 create mode 100644 Patches/LineageOS-16.0/android_frameworks_base/0006-Disable_Analytics.patch
 create mode 100644 Patches/LineageOS-16.0/android_frameworks_opt_net_ims/0001-Fix_Calling.patch
 create mode 100644 Patches/LineageOS-16.0/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
 create mode 100644 Patches/LineageOS-16.0/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
 create mode 100644 Patches/LineageOS-16.0/android_packages_apps_Updater/0002-Tor_Support.patch
 create mode 100644 Patches/LineageOS-16.0/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch
 create mode 100644 Patches/LineageOS-16.0/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch
 create mode 100644 Patches/LineageOS-16.0/android_system_core/0001-Harden_Mounts.patch
 create mode 100644 Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8996.sh
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh
 create mode 100644 Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_msm8974.sh
 create mode 100644 Scripts/LineageOS-16.0/Defaults.sh
 create mode 100644 Scripts/LineageOS-16.0/Functions.sh
 create mode 100644 Scripts/LineageOS-16.0/Patch.sh
 create mode 100644 Scripts/LineageOS-16.0/Rebrand.sh

diff --git a/Manifests/Manifest_LAOS-16.0.xml b/Manifests/Manifest_LAOS-16.0.xml
index 4e0a3600..516db50d 100644
--- a/Manifests/Manifest_LAOS-16.0.xml
+++ b/Manifests/Manifest_LAOS-16.0.xml
@@ -76,7 +76,6 @@
 	<project path="external/sony/boringssl-compat" name="LineageOS/android_external_sony_boringssl-compat" remote="github" />
 	<project path="hardware/sony/thermanager" name="LineageOS/android_hardware_sony_thermanager" remote="github" />
 	<project path="hardware/sony/timekeep" name="LineageOS/android_hardware_sony_timekeep" remote="github" />
-	<project path="kernel/google/msm" name="LineageOS/android_kernel_google_msm" remote="github" />
 	<project path="packages/apps/FlipFlap" name="LineageOS/android_packages_apps_FlipFlap" remote="github" />
 
 	<!-- Moto Z (griffin) -->
diff --git a/Patches/LineageOS-14.1/android_system_bt/0001-Improve_Quality.patch b/Patches/LineageOS-14.1/android_system_bt/0001-Improve_Quality.patch
deleted file mode 100644
index c7da29ef..00000000
--- a/Patches/LineageOS-14.1/android_system_bt/0001-Improve_Quality.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From 93e456e4a21bdb0a03050001b02f9e2dba653306 Mon Sep 17 00:00:00 2001
-From: Tad <tad@spotco.us>
-Date: Thu, 23 Aug 2018 22:23:28 -0400
-Subject: [PATCH] Improve Bluetooth audio quality, credit @ValdikSS
-
-Change-Id: Ia6282d5e76ea7df0d8e0c56559f71c333d6b04eb
-See: https://forum.xda-developers.com/android/software-hacking/improve-bluetooth-audio-quality-t3832615
----
- btif/co/bta_av_co.c        | 8 ++++----
- btif/src/btif_media_task.c | 2 +-
- 2 files changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/btif/co/bta_av_co.c b/btif/co/bta_av_co.c
-index 39a8ebfa..1d86469d 100644
---- a/btif/co/bta_av_co.c
-+++ b/btif/co/bta_av_co.c
-@@ -130,7 +130,7 @@ const tA2D_SBC_CIE bta_av_co_sbc_sink_caps =
- const tA2D_SBC_CIE btif_av_sbc_default_config =
- {
-     BTIF_AV_SBC_DEFAULT_SAMP_FREQ,   /* samp_freq */
--    A2D_SBC_IE_CH_MD_JOINT,         /* ch_mode */
-+    A2D_SBC_IE_CH_MD_DUAL,         /* ch_mode */
-     A2D_SBC_IE_BLOCKS_16,           /* block_len */
-     A2D_SBC_IE_SUBBAND_8,           /* num_subbands */
-     A2D_SBC_IE_ALLOC_MD_L,          /* alloc_mthd */
-@@ -566,12 +566,12 @@ void bta_av_build_src_cfg (UINT8 *p_pref_cfg, UINT8 *p_src_cap)
-     else if (src_cap.samp_freq & A2D_SBC_IE_SAMP_FREQ_44)
-         pref_cap.samp_freq = A2D_SBC_IE_SAMP_FREQ_44;
- 
--    if (src_cap.ch_mode & A2D_SBC_IE_CH_MD_JOINT)
-+    if (src_cap.ch_mode & A2D_SBC_IE_CH_MD_DUAL)
-+        pref_cap.ch_mode = A2D_SBC_IE_CH_MD_DUAL;
-+    else if (src_cap.ch_mode & A2D_SBC_IE_CH_MD_JOINT)
-         pref_cap.ch_mode = A2D_SBC_IE_CH_MD_JOINT;
-     else if (src_cap.ch_mode & A2D_SBC_IE_CH_MD_STEREO)
-         pref_cap.ch_mode = A2D_SBC_IE_CH_MD_STEREO;
--    else if (src_cap.ch_mode & A2D_SBC_IE_CH_MD_DUAL)
--        pref_cap.ch_mode = A2D_SBC_IE_CH_MD_DUAL;
-     else if (src_cap.ch_mode & A2D_SBC_IE_CH_MD_MONO)
-         pref_cap.ch_mode = A2D_SBC_IE_CH_MD_MONO;
- 
-diff --git a/btif/src/btif_media_task.c b/btif/src/btif_media_task.c
-index 977d2668..a8ad735c 100644
---- a/btif/src/btif_media_task.c
-+++ b/btif/src/btif_media_task.c
-@@ -214,7 +214,7 @@ enum {
- #define BTIF_A2DP_NON_EDR_MAX_RATE 237
- #endif
- #else
--#define BTIF_A2DP_DEFAULT_BITRATE 328
-+#define BTIF_A2DP_DEFAULT_BITRATE 512
- 
- #ifndef BTIF_A2DP_NON_EDR_MAX_RATE
- #define BTIF_A2DP_NON_EDR_MAX_RATE 229
--- 
-2.18.0
-
diff --git a/Patches/LineageOS-15.1/android_system_bt/0001-Improve_Quality.patch b/Patches/LineageOS-15.1/android_system_bt/0001-Improve_Quality.patch
deleted file mode 100644
index b184d627..00000000
--- a/Patches/LineageOS-15.1/android_system_bt/0001-Improve_Quality.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From 133e43eb4f5339e584dc2dcc3f02a34711c93571 Mon Sep 17 00:00:00 2001
-From: Tad <tad@spotco.us>
-Date: Thu, 23 Aug 2018 22:16:42 -0400
-Subject: [PATCH] Improve Bluetooth audio quality, credit @ValdikSS
-
-Change-Id: I98f5b84982aaf446e5adfb622993ee11f4592f64
-See: https://forum.xda-developers.com/android/software-hacking/improve-bluetooth-audio-quality-t3832615
----
- stack/a2dp/a2dp_sbc.cc         | 14 +++++++-------
- stack/a2dp/a2dp_sbc_encoder.cc |  2 +-
- 2 files changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/stack/a2dp/a2dp_sbc.cc b/stack/a2dp/a2dp_sbc.cc
-index cfdaad4c..1416d4c3 100644
---- a/stack/a2dp/a2dp_sbc.cc
-+++ b/stack/a2dp/a2dp_sbc.cc
-@@ -55,7 +55,7 @@ typedef struct {
- /* SBC SRC codec capabilities */
- static const tA2DP_SBC_CIE a2dp_sbc_caps = {
-     A2DP_SBC_IE_SAMP_FREQ_44,                           /* samp_freq */
--    (A2DP_SBC_IE_CH_MD_MONO | A2DP_SBC_IE_CH_MD_JOINT), /* ch_mode */
-+    (A2DP_SBC_IE_CH_MD_MONO | A2DP_SBC_IE_CH_MD_JOINT | A2DP_SBC_IE_CH_MD_DUAL), /* ch_mode */
-     (A2DP_SBC_IE_BLOCKS_16 | A2DP_SBC_IE_BLOCKS_12 | A2DP_SBC_IE_BLOCKS_8 |
-      A2DP_SBC_IE_BLOCKS_4),            /* block_len */
-     A2DP_SBC_IE_SUBBAND_8,             /* num_subbands */
-@@ -82,7 +82,7 @@ static const tA2DP_SBC_CIE a2dp_sbc_sink_caps = {
- /* Default SBC codec configuration */
- const tA2DP_SBC_CIE a2dp_sbc_default_config = {
-     A2DP_SBC_IE_SAMP_FREQ_44,          /* samp_freq */
--    A2DP_SBC_IE_CH_MD_JOINT,           /* ch_mode */
-+    A2DP_SBC_IE_CH_MD_DUAL,           /* ch_mode */
-     A2DP_SBC_IE_BLOCKS_16,             /* block_len */
-     A2DP_SBC_IE_SUBBAND_8,             /* num_subbands */
-     A2DP_SBC_IE_ALLOC_MD_L,            /* alloc_method */
-@@ -1154,6 +1154,11 @@ static bool select_audio_bits_per_sample(
- //
- static bool select_best_channel_mode(uint8_t ch_mode, tA2DP_SBC_CIE* p_result,
-                                      btav_a2dp_codec_config_t* p_codec_config) {
-+  if (ch_mode & A2DP_SBC_IE_CH_MD_DUAL) {
-+    p_result->ch_mode = A2DP_SBC_IE_CH_MD_DUAL;
-+    p_codec_config->channel_mode = BTAV_A2DP_CODEC_CHANNEL_MODE_STEREO;
-+    return true;
-+  }
-   if (ch_mode & A2DP_SBC_IE_CH_MD_JOINT) {
-     p_result->ch_mode = A2DP_SBC_IE_CH_MD_JOINT;
-     p_codec_config->channel_mode = BTAV_A2DP_CODEC_CHANNEL_MODE_STEREO;
-@@ -1164,11 +1169,6 @@ static bool select_best_channel_mode(uint8_t ch_mode, tA2DP_SBC_CIE* p_result,
-     p_codec_config->channel_mode = BTAV_A2DP_CODEC_CHANNEL_MODE_STEREO;
-     return true;
-   }
--  if (ch_mode & A2DP_SBC_IE_CH_MD_DUAL) {
--    p_result->ch_mode = A2DP_SBC_IE_CH_MD_DUAL;
--    p_codec_config->channel_mode = BTAV_A2DP_CODEC_CHANNEL_MODE_STEREO;
--    return true;
--  }
-   if (ch_mode & A2DP_SBC_IE_CH_MD_MONO) {
-     p_result->ch_mode = A2DP_SBC_IE_CH_MD_MONO;
-     p_codec_config->channel_mode = BTAV_A2DP_CODEC_CHANNEL_MODE_MONO;
-diff --git a/stack/a2dp/a2dp_sbc_encoder.cc b/stack/a2dp/a2dp_sbc_encoder.cc
-index e4c20499..8b3731d1 100644
---- a/stack/a2dp/a2dp_sbc_encoder.cc
-+++ b/stack/a2dp/a2dp_sbc_encoder.cc
-@@ -39,7 +39,7 @@
- #define A2DP_SBC_ENCODER_INTERVAL_MS 20
- 
- /* High quality quality setting @ 44.1 khz */
--#define A2DP_SBC_DEFAULT_BITRATE 328
-+#define A2DP_SBC_DEFAULT_BITRATE 512
- 
- #define A2DP_SBC_NON_EDR_MAX_RATE 229
- 
--- 
-2.18.0
-
diff --git a/Patches/LineageOS-15.1/android_system_core/0003-Deny_USB-Aggressive.patch b/Patches/LineageOS-15.1/android_system_core/0003-Deny_USB-Aggressive.patch
deleted file mode 100644
index 5a2904bf..00000000
--- a/Patches/LineageOS-15.1/android_system_core/0003-Deny_USB-Aggressive.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 3c31c1f1188e1c550f02d838daa8e7c2e55e6f56 Mon Sep 17 00:00:00 2001
-From: Tad <tad@spotco.us>
-Date: Mon, 23 Apr 2018 02:39:35 -0400
-Subject: [PATCH] deny all new usb devices until after boot
-
-Change-Id: I7a3dad49610eb4010dc13a3acaffb6fd91cdc89c
----
- rootdir/init.rc | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/rootdir/init.rc b/rootdir/init.rc
-index c1bd58eba..38f3bab9f 100644
---- a/rootdir/init.rc
-+++ b/rootdir/init.rc
-@@ -18,6 +18,9 @@ on early-init
-     # Disable sysrq from keyboard
-     write /proc/sys/kernel/sysrq 0
- 
-+    # Deny all new USB devices until after boot
-+    write /proc/sys/kernel/deny_new_usb 1
-+
-     # Set the security context of /adb_keys if present.
-     restorecon /adb_keys
- 
--- 
-2.17.0
-
diff --git a/Patches/LineageOS-16.0/android_build/0001-Automated_Build_Signing.patch b/Patches/LineageOS-16.0/android_build/0001-Automated_Build_Signing.patch
new file mode 100644
index 00000000..f14f679a
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_build/0001-Automated_Build_Signing.patch
@@ -0,0 +1,103 @@
+From b5ad740f0a0930081b8056eaf6e83873fa0b41ef Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Tue, 3 Apr 2018 14:12:55 -0400
+Subject: [PATCH] Add optional automated signing
+
+Change-Id: I9ebd044c4c2f76688f7921b991055c57ec574986
+---
+ core/Makefile | 42 +++++++++++++++++++++++++++++++++++++++---
+ 1 file changed, 39 insertions(+), 3 deletions(-)
+
+diff --git a/core/Makefile b/core/Makefile
+index 9498b47d4..a99677116 100644
+--- a/core/Makefile
++++ b/core/Makefile
+@@ -612,6 +612,10 @@ $(call dist-for-goals,droidcore,$(PGO_PROFILE_MISSING))
+ # exist with the suffixes ".x509.pem" and ".pk8".
+ DEFAULT_KEY_CERT_PAIR := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
+ 
++ifneq ($(SIGNING_KEY_DIR),)
++    KEY_CERT_DIR := $(SIGNING_KEY_DIR)
++    DEFAULT_KEY_CERT_PAIR := $(SIGNING_KEY_DIR)/releasekey
++endif
+ 
+ # Rules that need to be present for the all targets, even
+ # if they don't do anything.
+@@ -1412,6 +1416,16 @@ endif
+ # substitute other keys for this one.
+ OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
+ 
++ifneq ($(SIGNING_KEY_DIR),)
++    OTA_PUBLIC_KEYS := $(SIGNING_KEY_DIR)/releasekey.x509.pem
++    PRODUCT_EXTRA_RECOVERY_KEYS += $(SIGNING_KEY_DIR)/extra
++else
++    ifneq ($(OTA_PACKAGE_SIGNING_KEY),)
++	OTA_PUBLIC_KEYS := $(OTA_PACKAGE_SIGNING_KEY).x509.pem
++	PRODUCT_EXTRA_RECOVERY_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
++    endif
++endif
++
+ # Generate a file containing the keys that will be read by the
+ # recovery binary.
+ RECOVERY_INSTALL_OTA_KEYS := \
+@@ -2682,6 +2696,13 @@ $(BUILT_TARGET_FILES_PACKAGE): intermediates := $(intermediates)
+ $(BUILT_TARGET_FILES_PACKAGE): \
+ 		zip_root := $(intermediates)/$(name)
+ 
++SIGNED_TARGET_FILES_PACKAGE := $(intermediates)/signed-$(name).zip
++MAYBE_SIGNED_TARGET_FILES_PACKAGE := $(BUILT_TARGET_FILES_PACKAGE)
++
++ifneq ($(SIGNING_KEY_DIR),)
++  MAYBE_SIGNED_TARGET_FILES_PACKAGE := $(SIGNED_TARGET_FILES_PACKAGE)
++endif
++
+ # $(1): Directory to copy
+ # $(2): Location to copy it to
+ # The "ls -A" is to prevent "acp s/* d" from failing if s is empty.
+@@ -3148,6 +3169,12 @@ else
+     OTA_SCRIPT_OVERRIDE_DEVICE := $(TARGET_OTA_ASSERT_DEVICE)
+ endif
+ 
++ifeq ($(TARGET_RELEASETOOL_SIGN_TARGET_SCRIPT),)
++    SIGN_TARGET_SCRIPT := ./build/tools/releasetools/sign_target_files_apks
++else
++    SIGN_TARGET_SCRIPT := $(TARGET_RELEASETOOL_SIGN_TARGET_SCRIPT)
++endif
++
+ ifeq ($(WITH_GMS),true)
+     $(INTERNAL_OTA_PACKAGE_TARGET): backuptool := false
+ else
+@@ -3158,18 +3185,27 @@ else
+ endif
+ endif
+ 
+-$(INTERNAL_OTA_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) \
++$(SIGNED_TARGET_FILES_PACKAGE): $(BUILT_TARGET_FILES_PACKAGE) \
++		build/tools/releasetools/sign_target_files_apks
++	@echo "$(SIGN_TARGET_SCRIPT)" > $(PRODUCT_OUT)/sign_script_path
++	@echo -e ${CL_YLW}"Sign target files:"${CL_RST}" $@"
++	$(hide) $(SIGN_TARGET_SCRIPT) \
++	   -d $(KEY_CERT_DIR) \
++	   -o \
++	   $(BUILT_TARGET_FILES_PACKAGE) \
++	   $(SIGNED_TARGET_FILES_PACKAGE)
++
++$(INTERNAL_OTA_PACKAGE_TARGET): $(MAYBE_SIGNED_TARGET_FILES_PACKAGE) \
+ 		build/make/tools/releasetools/ota_from_target_files
+ 	@echo "Package OTA: $@"
+ 	$(hide) PATH=$(foreach p,$(INTERNAL_USERIMAGES_BINARY_PATHS),$(p):)$$PATH MKBOOTIMG=$(MKBOOTIMG) \
+ 	   build/make/tools/releasetools/ota_from_target_files -v \
+ 	   --block \
+-	   --extracted_input_target_files $(patsubst %.zip,%,$(BUILT_TARGET_FILES_PACKAGE)) \
+ 	   -p $(HOST_OUT) \
+ 	   -k $(KEY_CERT_PAIR) \
+ 	   --backup=$(backuptool) \
+ 	   $(if $(OEM_OTA_CONFIG), -o $(OEM_OTA_CONFIG)) \
+-	   $(BUILT_TARGET_FILES_PACKAGE) $@
++	   $(MAYBE_SIGNED_TARGET_FILES_PACKAGE) $@
+ 
+ .PHONY: otapackage
+ otapackage: $(INTERNAL_OTA_PACKAGE_TARGET)
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch b/Patches/LineageOS-16.0/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
new file mode 100644
index 00000000..52de3921
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch
@@ -0,0 +1,34 @@
+From 41c2cb884b69e04e2e7a6404b580aafc4b2ceba7 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 12 Feb 2018 02:41:09 -0500
+Subject: [PATCH] TEMPORARY fix camera not working on user builds
+
+Change-Id: I61e8c78bfd70be7c157c049dac201de21749d4a2
+---
+ common/mediaserver.te | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/common/mediaserver.te b/common/mediaserver.te
+index 1108551..6b92565 100755
+--- a/common/mediaserver.te
++++ b/common/mediaserver.te
+@@ -13,12 +13,10 @@ binder_call(mediaserver, rild)
+ #qmux_socket(mediaserver)
+ allow mediaserver camera_data_file:sock_file w_file_perms;
+ 
+-userdebug_or_eng(`
+-  allow mediaserver camera_data_file:dir rw_dir_perms;
+-  allow mediaserver camera_data_file:file create_file_perms;
+-  # Access to audio
+-  allow mediaserver qti_debugfs:file rw_file_perms;
+-')
++allow mediaserver camera_data_file:dir rw_dir_perms;
++allow mediaserver camera_data_file:file create_file_perms;
++# Access to audio
++allow mediaserver qti_debugfs:file rw_file_perms;
+ 
+ r_dir_file(mediaserver, sysfs_esoc)
+ #allow mediaserver system_app_data_file:file rw_file_perms;
+-- 
+2.16.1
+
diff --git a/Patches/LineageOS-16.0/android_frameworks_base/0005-Connectivity.patch b/Patches/LineageOS-16.0/android_frameworks_base/0005-Connectivity.patch
new file mode 100644
index 00000000..a2317aa5
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_frameworks_base/0005-Connectivity.patch
@@ -0,0 +1,34 @@
+From 883366830fc3af50d2232fc0b6d885f92c5d53ce Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Tue, 8 May 2018 20:53:07 -0400
+Subject: [PATCH] Change connectivity check URLs to ours
+
+Change-Id: I2dac7210f9c7e953d5ee88e2871bd26c234dfce6
+---
+ .../com/android/server/connectivity/NetworkMonitor.java   | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/services/core/java/com/android/server/connectivity/NetworkMonitor.java b/services/core/java/com/android/server/connectivity/NetworkMonitor.java
+index d3a93542c74..32918aa3cdc 100644
+--- a/services/core/java/com/android/server/connectivity/NetworkMonitor.java
++++ b/services/core/java/com/android/server/connectivity/NetworkMonitor.java
+@@ -91,12 +91,12 @@ public class NetworkMonitor extends StateMachine {
+     // Default configuration values for captive portal detection probes.
+     // TODO: append a random length parameter to the default HTTPS url.
+     // TODO: randomize browser version ids in the default User-Agent String.
+-    private static final String DEFAULT_HTTPS_URL     = "https://www.google.com/generate_204";
++    private static final String DEFAULT_HTTPS_URL     = "https://divestos.xyz/gen204.php";
+     private static final String DEFAULT_HTTP_URL      =
+-            "http://connectivitycheck.gstatic.com/generate_204";
+-    private static final String DEFAULT_FALLBACK_URL  = "http://www.google.com/gen_204";
++            "http://divestos.xyz/gen204.php";
++    private static final String DEFAULT_FALLBACK_URL  = "https://www.google.com/generate_204";
+     private static final String DEFAULT_OTHER_FALLBACK_URLS =
+-            "http://play.googleapis.com/generate_204";
++            "http://connectivitycheck.gstatic.com/generate_204";
+     private static final String DEFAULT_USER_AGENT    = "Mozilla/5.0 (X11; Linux x86_64) "
+                                                       + "AppleWebKit/537.36 (KHTML, like Gecko) "
+                                                       + "Chrome/60.0.3112.32 Safari/537.36";
+-- 
+2.17.0
+
diff --git a/Patches/LineageOS-16.0/android_frameworks_base/0006-Disable_Analytics.patch b/Patches/LineageOS-16.0/android_frameworks_base/0006-Disable_Analytics.patch
new file mode 100644
index 00000000..433aca32
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_frameworks_base/0006-Disable_Analytics.patch
@@ -0,0 +1,37 @@
+From 5b59a2cf8028488847a5cd6ac7d4a14414972438 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 21 May 2018 04:23:40 -0400
+Subject: [PATCH] Disable/reduce functionality of various ad/analytics
+ libraries
+
+Change-Id: I84303ee26d0232e471f44ae6eff6e41a2210e42e
+---
+ core/java/android/content/pm/PackageParser.java | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java
+index 8c66fb227cf..31368bf74b1 100644
+--- a/core/java/android/content/pm/PackageParser.java
++++ b/core/java/android/content/pm/PackageParser.java
+@@ -5524,6 +5524,18 @@ public class PackageParser {
+ 
+         if (data == null) {
+             data = new Bundle();
++            data.putBoolean("batch_opted_out_by_default", true);
++            data.putBoolean("com.ad4screen.no_geoloc", true);
++            data.putBoolean("com.facebook.sdk.AutoLogAppEventsEnabled", false);
++            data.putBoolean("com.mixpanel.android.MPConfig.UseIpAddressForGeolocation", false);
++            data.putBoolean("com.webengage.sdk.android.location_tracking", false);
++            data.putBoolean("firebase_analytics_collection_deactivated", true);
++            data.putBoolean("firebase_analytics_collection_enabled", false);
++            data.putBoolean("firebase_crash_collection_enabled", false);
++            data.putBoolean("firebase_performance_collection_deactivated", true);
++            data.putBoolean("google_analytics_adid_collection_enabled", false);
++            data.putString("com.ad4screen.tracking_mode", "Restricted");
++            data.putString("com.sprooki.LOCATION_SERVICES", "disable");
+         }
+ 
+         String name = sa.getNonConfigurationString(
+-- 
+2.17.0
+
diff --git a/Patches/LineageOS-16.0/android_frameworks_opt_net_ims/0001-Fix_Calling.patch b/Patches/LineageOS-16.0/android_frameworks_opt_net_ims/0001-Fix_Calling.patch
new file mode 100644
index 00000000..a76a5fa1
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_frameworks_opt_net_ims/0001-Fix_Calling.patch
@@ -0,0 +1,52 @@
+From 694d9c522cb92a80ca975ad3a5e95a802592890f Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Mon, 12 Feb 2018 02:59:01 -0500
+Subject: [PATCH] Fix calling after VoLTE is removed from devices that had it
+ previously enabled
+
+Change-Id: I2417cac6313de8d5110106be23ec2048b4562561
+---
+ src/java/com/android/ims/ImsManager.java | 20 +-------------------
+ 1 file changed, 1 insertion(+), 19 deletions(-)
+
+diff --git a/src/java/com/android/ims/ImsManager.java b/src/java/com/android/ims/ImsManager.java
+index 3dc12f4..afec29e 100644
+--- a/src/java/com/android/ims/ImsManager.java
++++ b/src/java/com/android/ims/ImsManager.java
+@@ -423,12 +423,6 @@ public class ImsManager {
+      * {@link #isEnhanced4gLteModeSettingEnabledByUser()} instead.
+      */
+     public static boolean isEnhanced4gLteModeSettingEnabledByUser(Context context) {
+-        ImsManager mgr = ImsManager.getInstance(context,
+-                SubscriptionManager.getDefaultVoicePhoneId());
+-        if (mgr != null) {
+-            return mgr.isEnhanced4gLteModeSettingEnabledByUser();
+-        }
+-        loge("isEnhanced4gLteModeSettingEnabledByUser: ImsManager null, returning default value.");
+         return false;
+     }
+ 
+@@ -442,19 +436,7 @@ public class ImsManager {
+      * return the default value.
+      */
+     public boolean isEnhanced4gLteModeSettingEnabledByUser() {
+-        int setting = SubscriptionManager.getIntegerSubscriptionProperty(
+-                getSubId(), SubscriptionManager.ENHANCED_4G_MODE_ENABLED,
+-                SUB_PROPERTY_NOT_INITIALIZED, mContext);
+-        boolean onByDefault = getBooleanCarrierConfig(
+-                CarrierConfigManager.KEY_ENHANCED_4G_LTE_ON_BY_DEFAULT_BOOL);
+-
+-        // If Enhanced 4G LTE Mode is uneditable or not initialized, we use the default value
+-        if (!getBooleanCarrierConfig(CarrierConfigManager.KEY_EDITABLE_ENHANCED_4G_LTE_BOOL)
+-                || setting == SUB_PROPERTY_NOT_INITIALIZED) {
+-            return onByDefault;
+-        } else {
+-            return (setting == ImsConfig.FeatureValueConstants.ON);
+-        }
++        return false;
+     }
+ 
+     /**
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_packages_apps_LineageParts/0001-Remove_Analytics.patch b/Patches/LineageOS-16.0/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
new file mode 100644
index 00000000..e3d53461
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_packages_apps_LineageParts/0001-Remove_Analytics.patch
@@ -0,0 +1,143 @@
+From 8ba726b35be8f00da453c514c57c33a75a8f2984 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Thu, 19 Apr 2018 20:46:02 -0400
+Subject: [PATCH] Remove analytics
+
+Change-Id: Idcc15bfeda4805b305423534663429942abd1bcf
+---
+ AndroidManifest.xml           | 25 -------------------------
+ proguard.flags                |  1 -
+ res/values/config.xml         |  3 ---
+ res/values/strings.xml        | 22 ----------------------
+ res/xml/parts_catalog.xml     |  5 -----
+ res/xml/trust_preferences.xml |  3 ---
+ 6 files changed, 59 deletions(-)
+
+diff --git a/AndroidManifest.xml b/AndroidManifest.xml
+index dba419a..af4765f 100644
+--- a/AndroidManifest.xml
++++ b/AndroidManifest.xml
+@@ -226,31 +226,6 @@
+                 android:resource="@string/expanded_desktop_settings_summary" />
+         </activity-alias>
+ 
+-        <!-- Anonymous Statistics -->
+-        <receiver android:name=".lineagestats.ReportingServiceManager"
+-            android:enabled="true"
+-            android:exported="false"
+-            android:label="ReportingServiceManager">
+-            <intent-filter>
+-                <action android:name="android.intent.action.BOOT_COMPLETED" />
+-                <action android:name="org.lineageos.lineageparts.action.TRIGGER_REPORT_METRICS" />
+-            </intent-filter>
+-        </receiver>
+-
+-        <service android:label="ReportingService"
+-            android:enabled="true"
+-            android:exported="false"
+-            android:name=".lineagestats.ReportingService">
+-        </service>
+-
+-        <service android:name=".lineagestats.StatsUploadJobService"
+-                 android:permission="android.permission.BIND_JOB_SERVICE" />
+-
+-        <service android:name=".lineagestats.ReportingService"
+-                 android:label="ReportingService"
+-                 android:enabled="true"
+-                 android:exported="false" />
+-
+         <!-- Weather settings -->
+         <activity-alias
+             android:name=".weather.WeatherServiceSettings"
+diff --git a/proguard.flags b/proguard.flags
+index 85e774a..db3507c 100644
+--- a/proguard.flags
++++ b/proguard.flags
+@@ -3,7 +3,6 @@
+ -keep class org.lineageos.lineageparts.*Picker
+ -keep class org.lineageos.lineageparts.*Settings
+ 
+--keep class org.lineageos.lineageparts.lineagestats.*
+ -keep class org.lineageos.lineageparts.contributors.*
+ -keep class org.lineageos.lineageparts.hardware.*
+ -keep class org.lineageos.lineageparts.input.*
+diff --git a/res/values/config.xml b/res/values/config.xml
+index 4236b27..eed044a 100644
+--- a/res/values/config.xml
++++ b/res/values/config.xml
+@@ -17,9 +17,6 @@
+ 
+ <resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
+ 
+-    <!-- Metrics server endpoint -->
+-    <string name="stats_lineage_url">https://stats.lineageos.org/api/v1/stats</string>
+-
+     <!-- When true, weather options will be displayed in settings dashboard -->
+     <bool name="config_showWeatherMenu">true</bool>
+ 
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index 684cbee..b60e87e 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -536,28 +536,6 @@
+                  <b>Total commits:</b> <xliff:g id="total_commits">%2$s</xliff:g><br/><br/>
+                  <b>Last update:</b> <xliff:g id="date">%3$s</xliff:g>]]></string>
+ 
+-    <!-- Anonymous Statistics #Lineage -->
+-    <!-- About device screen, list item title. Takes the user to the screen about opting in or out of anonymous statistics. -->
+-    <string name="anonymous_statistics_title">LineageOS statistics</string>
+-    <string name="anonymous_statistics_summary">Help make LineageOS better by opting into anonymous statistics reporting</string>
+-    <string name="anonymous_statistics_warning_title">About</string>
+-    <string name="anonymous_statistics_warning">Opting into LineageOS Statistics will allow non-personal data to be submitted to the
+-        developers of LineageOS to track unique installations across devices. The information submitted includes an unique identifier,
+-        which does not compromise your privacy or personal data. The data is submitted during each boot.\n\nFor an example of the data that is submitted, tap on Preview Data.</string>
+-    <string name="enable_reporting_title">Enable reporting</string>
+-    <string name="preview_data_title">Preview data</string>
+-    <string name="view_stats_title">View stats</string>
+-    <string name="anonymous_learn_more">Learn more</string>
+-
+-    <!-- Anonymous Statistics - Preview -->
+-    <string name="preview_id_title">Unique ID</string>
+-    <string name="preview_device_title">Device</string>
+-    <string name="preview_version_title">Version</string>
+-    <string name="preview_country_title">Country</string>
+-    <string name="preview_carrier_title">Carrier</string>
+-    <string name="stats_collection_title">Stats collection</string>
+-    <string name="stats_collection_summary">Allow installation metrics and device statistics to be collected</string>
+-
+     <!-- Display : Rotation  -->
+     <string name="accelerometer_title">Auto-rotate screen</string>
+     <string name="display_rotation_title">Rotation settings</string>
+diff --git a/res/xml/parts_catalog.xml b/res/xml/parts_catalog.xml
+index 2ad4fdb..5a227cc 100644
+--- a/res/xml/parts_catalog.xml
++++ b/res/xml/parts_catalog.xml
+@@ -69,11 +69,6 @@
+           android:fragment="org.lineageos.lineageparts.statusbar.StatusBarSettings"
+           lineage:xmlRes="@xml/status_bar_settings" />
+ 
+-    <part android:key="lineagestats"
+-          android:title="@string/anonymous_statistics_title"
+-          android:fragment="org.lineageos.lineageparts.lineagestats.AnonymousStats"
+-          lineage:xmlRes="@xml/anonymous_stats" />
+-
+     <part android:key="power_menu"
+           android:title="@string/power_menu_title"
+           android:fragment="org.lineageos.lineageparts.input.PowerMenuActions"
+diff --git a/res/xml/trust_preferences.xml b/res/xml/trust_preferences.xml
+index 6833cfe..d06175e 100644
+--- a/res/xml/trust_preferences.xml
++++ b/res/xml/trust_preferences.xml
+@@ -52,9 +52,6 @@
+             android:summary="@string/trust_restrict_usb_summary"
+             android:defaultValue="false" />
+ 
+-        <org.lineageos.internal.lineageparts.LineagePartsPreference
+-            android:key="lineagestats" />
+-
+         <ListPreference
+             android:key="sms_security_check_limit"
+             android:defaultValue="30"
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch b/Patches/LineageOS-16.0/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
new file mode 100644
index 00000000..8ddc00e5
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch
@@ -0,0 +1,187 @@
+From 9b423969aab33875fbddf194dde0162f7bebbdc8 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Wed, 28 Feb 2018 08:12:03 -0500
+Subject: [PATCH] Remove analytics
+
+Change-Id: I189e9362c828569512e819cf655b03bfa3436830
+---
+ res/layout/setup_lineage_settings.xml         | 36 -------------------
+ .../lineageos/setupwizard/FinishActivity.java | 12 -------
+ .../setupwizard/LineageSettingsActivity.java  | 31 ----------------
+ .../lineageos/setupwizard/SetupWizardApp.java |  1 -
+ 4 files changed, 80 deletions(-)
+
+diff --git a/res/layout/setup_lineage_settings.xml b/res/layout/setup_lineage_settings.xml
+index 42b4c2d..5792c06 100644
+--- a/res/layout/setup_lineage_settings.xml
++++ b/res/layout/setup_lineage_settings.xml
+@@ -51,42 +51,6 @@
+                     android:text="@string/services_explanation"
+                     android:clickable="true"/>
+ 
+-                <!-- Whether or not to enable metrics -->
+-                <LinearLayout
+-                    android:id="@+id/metrics"
+-                    android:orientation="horizontal"
+-                    android:layout_width="match_parent"
+-                    android:layout_height="wrap_content"
+-                    android:paddingLeft="@dimen/location_margin_left"
+-                    android:paddingRight="@dimen/content_margin_right"
+-                    android:background="?android:attr/selectableItemBackground"
+-                    android:clickable="true">
+-
+-
+-                    <CheckBox
+-                        android:id="@+id/enable_metrics_checkbox"
+-                        android:layout_width="wrap_content"
+-                        android:layout_height="wrap_content"
+-                        android:layout_gravity="top"
+-                        android:layout_marginTop="5dp"
+-                        android:duplicateParentState="true"
+-                        android:clickable="false"/>
+-
+-                    <TextView
+-                        android:id="@+id/enable_metrics_summary"
+-                        android:layout_width="0px"
+-                        android:layout_height="wrap_content"
+-                        android:layout_weight="1"
+-                        android:textSize="15sp"
+-                        android:lineSpacingExtra="@dimen/setup_line_spacing"
+-                        android:gravity="top"
+-                        android:layout_marginLeft="@dimen/location_text_margin_left"
+-                        android:layout_marginRight="@dimen/location_text_margin_right"
+-                        android:paddingBottom="@dimen/content_margin_bottom"
+-                        android:text="@string/services_metrics_label"/>
+-
+-                </LinearLayout>
+-
+                 <!-- Checkbox for using on-screen nav keys -->
+                 <LinearLayout
+                     android:id="@+id/nav_keys"
+diff --git a/src/org/lineageos/setupwizard/FinishActivity.java b/src/org/lineageos/setupwizard/FinishActivity.java
+index 3455868..8efee9c 100644
+--- a/src/org/lineageos/setupwizard/FinishActivity.java
++++ b/src/org/lineageos/setupwizard/FinishActivity.java
+@@ -20,7 +20,6 @@ package org.lineageos.setupwizard;
+ import static org.lineageos.setupwizard.SetupWizardApp.DISABLE_NAV_KEYS;
+ import static org.lineageos.setupwizard.SetupWizardApp.KEY_BUTTON_BACKLIGHT;
+ import static org.lineageos.setupwizard.SetupWizardApp.KEY_PRIVACY_GUARD;
+-import static org.lineageos.setupwizard.SetupWizardApp.KEY_SEND_METRICS;
+ import static org.lineageos.setupwizard.SetupWizardApp.LOGV;
+ 
+ import android.animation.Animator;
+@@ -170,7 +169,6 @@ public class FinishActivity extends BaseSetupWizardActivity {
+             mEnableAccessibilityController.onDestroy();
+         }
+         handlePrivacyGuard(mSetupWizardApp);
+-        handleEnableMetrics(mSetupWizardApp);
+         handleNavKeys(mSetupWizardApp);
+         final WallpaperManager wallpaperManager =
+                 WallpaperManager.getInstance(mSetupWizardApp);
+@@ -181,16 +179,6 @@ public class FinishActivity extends BaseSetupWizardActivity {
+         startActivityForResult(intent, NEXT_REQUEST);
+     }
+ 
+-    private static void handleEnableMetrics(SetupWizardApp setupWizardApp) {
+-        Bundle privacyData = setupWizardApp.getSettingsBundle();
+-        if (privacyData != null
+-                && privacyData.containsKey(KEY_SEND_METRICS)) {
+-            LineageSettings.Secure.putInt(setupWizardApp.getContentResolver(),
+-                    LineageSettings.Secure.STATS_COLLECTION, privacyData.getBoolean(KEY_SEND_METRICS)
+-                            ? 1 : 0);
+-        }
+-    }
+-
+     private static void handlePrivacyGuard(SetupWizardApp setupWizardApp) {
+         Bundle mPrivacyData = setupWizardApp.getSettingsBundle();
+         if (mPrivacyData != null && mPrivacyData.containsKey(KEY_PRIVACY_GUARD)) {
+diff --git a/src/org/lineageos/setupwizard/LineageSettingsActivity.java b/src/org/lineageos/setupwizard/LineageSettingsActivity.java
+index 985037d..dc6f8f3 100644
+--- a/src/org/lineageos/setupwizard/LineageSettingsActivity.java
++++ b/src/org/lineageos/setupwizard/LineageSettingsActivity.java
+@@ -19,7 +19,6 @@ package org.lineageos.setupwizard;
+ 
+ import static org.lineageos.setupwizard.SetupWizardApp.DISABLE_NAV_KEYS;
+ import static org.lineageos.setupwizard.SetupWizardApp.KEY_PRIVACY_GUARD;
+-import static org.lineageos.setupwizard.SetupWizardApp.KEY_SEND_METRICS;
+ 
+ import android.app.Activity;
+ import android.content.Context;
+@@ -56,18 +55,11 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+ 
+     private SetupWizardApp mSetupWizardApp;
+ 
+-    private CheckBox mMetrics;
+     private CheckBox mNavKeys;
+     private CheckBox mPrivacyGuard;
+ 
+     private boolean mSupportsKeyDisabler = false;
+ 
+-    private View.OnClickListener mMetricsClickListener = view -> {
+-        boolean checked = !mMetrics.isChecked();
+-        mMetrics.setChecked(checked);
+-        mSetupWizardApp.getSettingsBundle().putBoolean(KEY_SEND_METRICS, checked);
+-    };
+-
+     private View.OnClickListener mNavKeysClickListener = view -> {
+         boolean checked = !mNavKeys.isChecked();
+         mNavKeys.setChecked(checked);
+@@ -109,19 +101,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+         privacyPolicy.setMovementMethod(LinkMovementMethod.getInstance());
+         privacyPolicy.setText(ss);
+ 
+-        View metricsRow = findViewById(R.id.metrics);
+-        metricsRow.setOnClickListener(mMetricsClickListener);
+-        String metricsHelpImproveLineage =
+-                getString(R.string.services_help_improve_cm, getString(R.string.os_name));
+-        String metricsSummary = getString(R.string.services_metrics_label,
+-                metricsHelpImproveLineage, getString(R.string.os_name));
+-        final SpannableStringBuilder metricsSpan = new SpannableStringBuilder(metricsSummary);
+-        metricsSpan.setSpan(new android.text.style.StyleSpan(android.graphics.Typeface.BOLD),
+-                0, metricsHelpImproveLineage.length(), Spannable.SPAN_EXCLUSIVE_EXCLUSIVE);
+-        TextView metrics = (TextView) findViewById(R.id.enable_metrics_summary);
+-        metrics.setText(metricsSpan);
+-        mMetrics = (CheckBox) findViewById(R.id.enable_metrics_checkbox);
+-
+         View navKeysRow = findViewById(R.id.nav_keys);
+         navKeysRow.setOnClickListener(mNavKeysClickListener);
+         mNavKeys = (CheckBox) findViewById(R.id.nav_keys_checkbox);
+@@ -144,7 +123,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+     public void onResume() {
+         super.onResume();
+         updateDisableNavkeysOption();
+-        updateMetricsOption();
+         updatePrivacyGuardOption();
+     }
+ 
+@@ -179,15 +157,6 @@ public class LineageSettingsActivity extends BaseSetupWizardActivity {
+         return R.drawable.ic_features;
+     }
+ 
+-    private void updateMetricsOption() {
+-        final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle();
+-        boolean metricsChecked =
+-                !myPageBundle.containsKey(KEY_SEND_METRICS) || myPageBundle
+-                        .getBoolean(KEY_SEND_METRICS);
+-        mMetrics.setChecked(metricsChecked);
+-        myPageBundle.putBoolean(KEY_SEND_METRICS, metricsChecked);
+-    }
+-
+     private void updateDisableNavkeysOption() {
+         if (mSupportsKeyDisabler) {
+             final Bundle myPageBundle = mSetupWizardApp.getSettingsBundle();
+diff --git a/src/org/lineageos/setupwizard/SetupWizardApp.java b/src/org/lineageos/setupwizard/SetupWizardApp.java
+index 1a9318d..e362841 100644
+--- a/src/org/lineageos/setupwizard/SetupWizardApp.java
++++ b/src/org/lineageos/setupwizard/SetupWizardApp.java
+@@ -60,7 +60,6 @@ public class SetupWizardApp extends Application {
+     public static final String EXTRA_PREFS_SET_BACK_TEXT = "extra_prefs_set_back_text";
+ 
+     public static final String KEY_DETECT_CAPTIVE_PORTAL = "captive_portal_detection_enabled";
+-    public static final String KEY_SEND_METRICS = "send_metrics";
+     public static final String DISABLE_NAV_KEYS = "disable_nav_keys";
+     public static final String KEY_BUTTON_BACKLIGHT = "pre_navbar_button_backlight";
+     public static final String KEY_PRIVACY_GUARD = "privacy_guard_default";
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_packages_apps_Updater/0002-Tor_Support.patch b/Patches/LineageOS-16.0/android_packages_apps_Updater/0002-Tor_Support.patch
new file mode 100644
index 00000000..28f98f1b
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_packages_apps_Updater/0002-Tor_Support.patch
@@ -0,0 +1,385 @@
+From 315dba9fbc687da50f6217ff3db20bb14c11a1a4 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Thu, 20 Sep 2018 21:44:53 -0400
+Subject: [PATCH] Add support for routing over Tor
+
+Change-Id: Ibfe080c3d801af34fb64fda1b6b8f4f39a2b1ccf
+---
+ res/layout/preferences_dialog.xml             |  8 +++
+ res/values/strings.xml                        |  2 +
+ .../lineageos/updater/UpdatesActivity.java    | 12 ++++
+ .../updater/UpdatesCheckReceiver.java         |  4 ++
+ .../updater/controller/UpdaterController.java |  8 +++
+ .../updater/download/DownloadClient.java      |  8 ++-
+ .../download/HttpURLConnectionClient.java     | 27 ++++++--
+ src/org/lineageos/updater/misc/Constants.java |  1 +
+ src/org/lineageos/updater/misc/Utils.java     | 65 +++++++++++++++++++
+ 9 files changed, 130 insertions(+), 5 deletions(-)
+
+diff --git a/res/layout/preferences_dialog.xml b/res/layout/preferences_dialog.xml
+index e30c117..f5f3170 100644
+--- a/res/layout/preferences_dialog.xml
++++ b/res/layout/preferences_dialog.xml
+@@ -29,6 +29,14 @@
+             android:entries="@array/menu_auto_updates_check_interval_entries" />
+     </LinearLayout>
+ 
++    <Switch
++        android:id="@+id/preferences_onion_routing"
++        android:layout_width="match_parent"
++        android:layout_height="wrap_content"
++        android:layout_marginBottom="16dp"
++        android:text="@string/menu_onion_routing"
++        android:textSize="16sp" />
++
+     <Switch
+         android:id="@+id/preferences_auto_delete_updates"
+         android:layout_width="match_parent"
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index b3ce44e..48d8a81 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -68,6 +68,7 @@
+     <string name="menu_auto_updates_check_interval_weekly">Once a week</string>
+     <string name="menu_auto_updates_check_interval_monthly">Once a month</string>
+     <string name="menu_auto_updates_check_interval_never">Never</string>
++    <string name="menu_onion_routing">Perform requests over Tor</string>
+     <string name="menu_auto_delete_updates">Delete updates when installed</string>
+     <string name="menu_delete_update">Delete</string>
+     <string name="menu_copy_url">Copy URL</string>
+@@ -83,6 +84,7 @@
+     <string name="snack_download_failed">The download failed. Please check your internet connection and try again later.</string>
+     <string name="snack_download_verification_failed">The update verification failed.</string>
+     <string name="snack_download_verified">Download completed.</string>
++    <string name="snack_orbot_not_available">Orbot is not installed, disabling Tor routing!</string>
+ 
+     <string name="snack_update_not_installable">This update can\'t be installed on top of the current build.</string>
+ 
+diff --git a/src/org/lineageos/updater/UpdatesActivity.java b/src/org/lineageos/updater/UpdatesActivity.java
+index efea969..6e61129 100644
+--- a/src/org/lineageos/updater/UpdatesActivity.java
++++ b/src/org/lineageos/updater/UpdatesActivity.java
+@@ -341,10 +341,14 @@ public class UpdatesActivity extends UpdatesListActivity {
+ 
+         final DownloadClient downloadClient;
+         try {
++            if(Utils.isOnionRoutingEnabled(getApplicationContext())) {
++                Utils.requestStartOrbot(getApplicationContext());
++            }
+             downloadClient = new DownloadClient.Builder()
+                     .setUrl(url)
+                     .setDestination(jsonFileTmp)
+                     .setDownloadCallback(callback)
++                    .setUseOnionRouting(Utils.isOnionRoutingEnabled(getApplicationContext()))
+                     .build();
+         } catch (IOException exception) {
+             Log.e(TAG, "Could not build download client");
+@@ -409,6 +413,7 @@ public class UpdatesActivity extends UpdatesListActivity {
+         View view = LayoutInflater.from(this).inflate(R.layout.preferences_dialog, null);
+         Spinner autoCheckInterval =
+                 view.findViewById(R.id.preferences_auto_updates_check_interval);
++        Switch onionRouting = view.findViewById(R.id.preferences_onion_routing);
+         Switch autoDelete = view.findViewById(R.id.preferences_auto_delete_updates);
+         Switch dataWarning = view.findViewById(R.id.preferences_mobile_data_warning);
+         Switch abPerfMode = view.findViewById(R.id.preferences_ab_perf_mode);
+@@ -419,6 +424,7 @@ public class UpdatesActivity extends UpdatesListActivity {
+ 
+         SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
+         autoCheckInterval.setSelection(Utils.getUpdateCheckSetting(this));
++        onionRouting.setChecked(prefs.getBoolean(Constants.PREF_ONION_ROUTING, false));
+         autoDelete.setChecked(prefs.getBoolean(Constants.PREF_AUTO_DELETE_UPDATES, false));
+         dataWarning.setChecked(prefs.getBoolean(Constants.PREF_MOBILE_DATA_WARNING, true));
+         abPerfMode.setChecked(prefs.getBoolean(Constants.PREF_AB_PERF_MODE, false));
+@@ -430,6 +436,8 @@ public class UpdatesActivity extends UpdatesListActivity {
+                     prefs.edit()
+                             .putInt(Constants.PREF_AUTO_UPDATES_CHECK_INTERVAL,
+                                     autoCheckInterval.getSelectedItemPosition())
++                            .putBoolean(Constants.PREF_ONION_ROUTING,
++                                    onionRouting.isChecked() && Utils.isOrbotInstalled(getApplicationContext()))
+                             .putBoolean(Constants.PREF_AUTO_DELETE_UPDATES,
+                                     autoDelete.isChecked())
+                             .putBoolean(Constants.PREF_MOBILE_DATA_WARNING,
+@@ -445,6 +453,10 @@ public class UpdatesActivity extends UpdatesListActivity {
+                         UpdatesCheckReceiver.cancelUpdatesCheck(this);
+                     }
+ 
++                    if(onionRouting.isChecked() && !Utils.isOrbotInstalled(getApplicationContext())) {
++                        showSnackbar(R.string.snack_orbot_not_available, Snackbar.LENGTH_LONG);
++                    }
++
+                     boolean enableABPerfMode = abPerfMode.isChecked();
+                     mUpdaterService.getUpdaterController().setPerformanceMode(enableABPerfMode);
+                 })
+diff --git a/src/org/lineageos/updater/UpdatesCheckReceiver.java b/src/org/lineageos/updater/UpdatesCheckReceiver.java
+index d0769cf..b6d32f9 100644
+--- a/src/org/lineageos/updater/UpdatesCheckReceiver.java
++++ b/src/org/lineageos/updater/UpdatesCheckReceiver.java
+@@ -112,10 +112,14 @@ public class UpdatesCheckReceiver extends BroadcastReceiver {
+         };
+ 
+         try {
++            if(Utils.isOnionRoutingEnabled(context)) {
++                Utils.requestStartOrbot(context);
++            }
+             DownloadClient downloadClient = new DownloadClient.Builder()
+                     .setUrl(url)
+                     .setDestination(jsonNew)
+                     .setDownloadCallback(callback)
++                    .setUseOnionRouting(Utils.isOnionRoutingEnabled(context))
+                     .build();
+             downloadClient.start();
+         } catch (IOException e) {
+diff --git a/src/org/lineageos/updater/controller/UpdaterController.java b/src/org/lineageos/updater/controller/UpdaterController.java
+index 8fd5760..f89c7fd 100644
+--- a/src/org/lineageos/updater/controller/UpdaterController.java
++++ b/src/org/lineageos/updater/controller/UpdaterController.java
+@@ -357,12 +357,16 @@ public class UpdaterController {
+         update.setFile(destination);
+         DownloadClient downloadClient;
+         try {
++            if(Utils.isOnionRoutingEnabled(mContext)) {
++                Utils.requestStartOrbot(mContext);
++            }
+             downloadClient = new DownloadClient.Builder()
+                     .setUrl(update.getDownloadUrl())
+                     .setDestination(update.getFile())
+                     .setDownloadCallback(getDownloadCallback(downloadId))
+                     .setProgressListener(getProgressListener(downloadId))
+                     .setUseDuplicateLinks(true)
++                    .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext))
+                     .build();
+         } catch (IOException exception) {
+             Log.e(TAG, "Could not build download client");
+@@ -397,6 +401,9 @@ public class UpdaterController {
+             verifyUpdateAsync(downloadId);
+             notifyUpdateChange(downloadId);
+         } else {
++            if(Utils.isOnionRoutingEnabled(mContext)) {
++                Utils.requestStartOrbot(mContext);
++            }
+             DownloadClient downloadClient;
+             try {
+                 downloadClient = new DownloadClient.Builder()
+@@ -405,6 +412,7 @@ public class UpdaterController {
+                         .setDownloadCallback(getDownloadCallback(downloadId))
+                         .setProgressListener(getProgressListener(downloadId))
+                         .setUseDuplicateLinks(true)
++                        .setUseOnionRouting(Utils.isOnionRoutingEnabled(mContext))
+                         .build();
+             } catch (IOException exception) {
+                 Log.e(TAG, "Could not build download client");
+diff --git a/src/org/lineageos/updater/download/DownloadClient.java b/src/org/lineageos/updater/download/DownloadClient.java
+index 6a2a490..374e017 100644
+--- a/src/org/lineageos/updater/download/DownloadClient.java
++++ b/src/org/lineageos/updater/download/DownloadClient.java
+@@ -64,6 +64,7 @@ public interface DownloadClient {
+         private DownloadClient.DownloadCallback mCallback;
+         private DownloadClient.ProgressListener mProgressListener;
+         private boolean mUseDuplicateLinks;
++        private boolean mOnionRouting;
+ 
+         public DownloadClient build() throws IOException {
+             if (mUrl == null) {
+@@ -74,7 +75,7 @@ public interface DownloadClient {
+                 throw new IllegalStateException("No download callback defined");
+             }
+             return new HttpURLConnectionClient(mUrl, mDestination, mProgressListener, mCallback,
+-                    mUseDuplicateLinks);
++                    mUseDuplicateLinks, mOnionRouting);
+         }
+ 
+         public Builder setUrl(String url) {
+@@ -101,5 +102,10 @@ public interface DownloadClient {
+             mUseDuplicateLinks = useDuplicateLinks;
+             return this;
+         }
++
++        public Builder setUseOnionRouting(boolean onionRouting) {
++            mOnionRouting = onionRouting;
++            return this;
++        }
+     }
+ }
+diff --git a/src/org/lineageos/updater/download/HttpURLConnectionClient.java b/src/org/lineageos/updater/download/HttpURLConnectionClient.java
+index 2b7c80e..caeaf66 100644
+--- a/src/org/lineageos/updater/download/HttpURLConnectionClient.java
++++ b/src/org/lineageos/updater/download/HttpURLConnectionClient.java
+@@ -18,12 +18,16 @@ package org.lineageos.updater.download;
+ import android.os.SystemClock;
+ import android.util.Log;
+ 
++import org.lineageos.updater.misc.Utils;
++
+ import java.io.File;
+ import java.io.FileOutputStream;
+ import java.io.IOException;
+ import java.io.InputStream;
+ import java.io.OutputStream;
+ import java.net.HttpURLConnection;
++import java.net.InetSocketAddress;
++import java.net.Proxy;
+ import java.net.URL;
+ import java.util.Comparator;
+ import java.util.List;
+@@ -42,6 +46,7 @@ public class HttpURLConnectionClient implements DownloadClient {
+     private final DownloadClient.ProgressListener mProgressListener;
+     private final DownloadClient.DownloadCallback mCallback;
+     private final boolean mUseDuplicateLinks;
++    private final boolean mUseOnionRouting;
+ 
+     private DownloadThread mDownloadThread;
+ 
+@@ -60,8 +65,14 @@ public class HttpURLConnectionClient implements DownloadClient {
+     HttpURLConnectionClient(String url, File destination,
+             DownloadClient.ProgressListener progressListener,
+             DownloadClient.DownloadCallback callback,
+-            boolean useDuplicateLinks) throws IOException {
+-        mClient = (HttpURLConnection) new URL(url).openConnection();
++            boolean useDuplicateLinks, boolean useOnionRouting) throws IOException {
++        mUseOnionRouting = useOnionRouting;
++        if(mUseOnionRouting) {
++            Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050));
++            mClient = (HttpURLConnection) new URL(url).openConnection(orbot);
++        } else {
++            mClient = (HttpURLConnection) new URL(url).openConnection();
++        }
+         mDestination = destination;
+         mProgressListener = progressListener;
+         mCallback = callback;
+@@ -169,7 +180,12 @@ public class HttpURLConnectionClient implements DownloadClient {
+         private void changeClientUrl(URL newUrl) throws IOException {
+             String range = mClient.getRequestProperty("Range");
+             mClient.disconnect();
+-            mClient = (HttpURLConnection) newUrl.openConnection();
++            if(mUseOnionRouting) {
++                Proxy orbot = new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 9050));
++                mClient = (HttpURLConnection) newUrl.openConnection(orbot);
++            } else {
++                mClient = (HttpURLConnection) newUrl.openConnection();
++            }
+             if (range != null) {
+                 mClient.setRequestProperty("Range", range);
+             }
+@@ -224,7 +240,7 @@ public class HttpURLConnectionClient implements DownloadClient {
+                     }
+                     Log.d(TAG, "Downloading from " + newUrl);
+                     changeClientUrl(url);
+-                    mClient.setConnectTimeout(5000);
++                    mClient.setConnectTimeout(mUseOnionRouting ? 45000 : 5000);
+                     mClient.connect();
+                     if (!isSuccessCode(mClient.getResponseCode())) {
+                         throw new IOException("Server replied with " + mClient.getResponseCode());
+@@ -246,6 +262,9 @@ public class HttpURLConnectionClient implements DownloadClient {
+         @Override
+         public void run() {
+             try {
++                if(mUseOnionRouting) {
++                    Utils.waitUntilOrbotIsAvailable();
++                }
+                 mClient.setInstanceFollowRedirects(!mUseDuplicateLinks);
+                 mClient.connect();
+                 int responseCode = mClient.getResponseCode();
+diff --git a/src/org/lineageos/updater/misc/Constants.java b/src/org/lineageos/updater/misc/Constants.java
+index 81e7c1a..46d8666 100644
+--- a/src/org/lineageos/updater/misc/Constants.java
++++ b/src/org/lineageos/updater/misc/Constants.java
+@@ -30,6 +30,7 @@ public final class Constants {
+ 
+     public static final String PREF_LAST_UPDATE_CHECK = "last_update_check";
+     public static final String PREF_AUTO_UPDATES_CHECK_INTERVAL = "auto_updates_check_interval";
++    public static final String PREF_ONION_ROUTING = "onion_routing";
+     public static final String PREF_AUTO_DELETE_UPDATES = "auto_delete_updates";
+     public static final String PREF_AB_PERF_MODE = "ab_perf_mode";
+     public static final String PREF_MOBILE_DATA_WARNING = "pref_mobile_data_warning";
+diff --git a/src/org/lineageos/updater/misc/Utils.java b/src/org/lineageos/updater/misc/Utils.java
+index 65d6ec7..06838ef 100644
+--- a/src/org/lineageos/updater/misc/Utils.java
++++ b/src/org/lineageos/updater/misc/Utils.java
+@@ -45,6 +45,7 @@ import java.io.BufferedReader;
+ import java.io.File;
+ import java.io.FileReader;
+ import java.io.IOException;
++import java.net.Socket;
+ import java.util.ArrayList;
+ import java.util.Enumeration;
+ import java.util.HashSet;
+@@ -146,12 +147,76 @@ public class Utils {
+         return updates;
+     }
+ 
++    //Credit: https://stackoverflow.com/a/6758962
++    public static boolean isPackageInstalled(Context context, String packageID) {
++        PackageManager pm = context.getPackageManager();
++        try {
++            pm.getPackageInfo(packageID, PackageManager.GET_META_DATA);
++        } catch(PackageManager.NameNotFoundException e) {
++            return false;
++        }
++        return true;
++    }
++
++    public static boolean isOrbotInstalled(Context context) {
++        return isPackageInstalled(context, "org.torproject.android");
++    }
++
++    public static boolean isOnionRoutingEnabled(Context context) {
++        SharedPreferences preferences = PreferenceManager.getDefaultSharedPreferences(context);
++        return preferences.getBoolean(Constants.PREF_ONION_ROUTING, false);
++    }
++
++    //Credit: OrbotHelper/NetCipher
++    public static void requestStartOrbot(Context context) {
++        Intent intent = new Intent("org.torproject.android.intent.action.START");
++        intent.setPackage("org.torproject.android");
++        intent.putExtra("org.torproject.android.intent.extra.PACKAGE_NAME", context.getPackageName());
++        context.sendBroadcast(intent);
++    }
++
++    //Credit: https://www.geekality.net/2013/04/30/java-simple-check-to-see-if-a-server-is-listening-on-a-port/
++    public static boolean isPortListening(String host, int port) {
++        Socket s = null;
++        try {
++            s = new Socket(host, port);
++            return true;
++        } catch(Exception e) {
++            return false;
++        } finally {
++            if (s != null) {
++                try {
++                    s.close();
++                } catch(Exception e1) {
++                }
++            }
++        }
++    }
++
++    public static boolean waitUntilOrbotIsAvailable() {
++        int tries = 0;
++        boolean listening;
++        while(!(listening = isPortListening("127.0.0.1", 9050)) && tries <= 60) {
++            tries++;
++            try {
++                Thread.sleep(1000);
++            } catch(Exception e) {
++
++            }
++        }
++        return listening;
++    }
++
+     public static String getServerURL(Context context) {
+         String incrementalVersion = SystemProperties.get(Constants.PROP_BUILD_VERSION_INCREMENTAL);
+         String device = SystemProperties.get(Constants.PROP_NEXT_DEVICE,
+                 SystemProperties.get(Constants.PROP_DEVICE));
+ 
+         String server = "0OTA_SERVER_CLEARNET0";
++        String serverOnion = "0OTA_SERVER_ONION0";
++        if(serverOnion.toLowerCase().startsWith("http") && isOnionRoutingEnabled(context)) {
++            server = serverOnion;
++        }
+ 
+         return server + "?base=LineageOS&device=" + device + "&inc=" + incrementalVersion;
+     }
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch b/Patches/LineageOS-16.0/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch
new file mode 100644
index 00000000..1008e302
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch
@@ -0,0 +1,141 @@
+From 0b47472891efb2b151e8a02783193846dc48be3e Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Fri, 28 Dec 2018 21:18:47 -0500
+Subject: [PATCH] Change UpdateEnabledNetworksValueAndSummary to handle all
+ modes
+
+Change-Id: I92fe694627a90b619be21466da0b49cff39826c8
+---
+ .../android/phone/MobileNetworkSettings.java  | 50 ++++---------------
+ 1 file changed, 11 insertions(+), 39 deletions(-)
+
+diff --git a/src/com/android/phone/MobileNetworkSettings.java b/src/com/android/phone/MobileNetworkSettings.java
+index 0ea4702b4..4bf0f9e9a 100644
+--- a/src/com/android/phone/MobileNetworkSettings.java
++++ b/src/com/android/phone/MobileNetworkSettings.java
+@@ -1423,35 +1423,31 @@ public class MobileNetworkSettings extends Activity  {
+         }
+ 
+         private void UpdateEnabledNetworksValueAndSummary(int NetworkMode) {
++            boolean invalidMode = false;
+             switch (NetworkMode) {
+                 case Phone.NT_MODE_TDSCDMA_WCDMA:
+                 case Phone.NT_MODE_TDSCDMA_GSM_WCDMA:
+                 case Phone.NT_MODE_TDSCDMA_GSM:
+-                    mButtonEnabledNetworks.setValue(
+-                            Integer.toString(Phone.NT_MODE_TDSCDMA_GSM_WCDMA));
++                case Phone.NT_MODE_TDSCDMA_CDMA_EVDO_GSM_WCDMA:
++                case Phone.NT_MODE_CDMA:
++                case Phone.NT_MODE_EVDO_NO_CDMA:
++                case Phone.NT_MODE_GLOBAL:
++                case Phone.NT_MODE_TDSCDMA_ONLY:
+                     mButtonEnabledNetworks.setSummary(R.string.network_3G);
+                     break;
+                 case Phone.NT_MODE_WCDMA_ONLY:
+                 case Phone.NT_MODE_GSM_UMTS:
+                 case Phone.NT_MODE_WCDMA_PREF:
+                     if (!mIsGlobalCdma) {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_WCDMA_PREF));
+                         mButtonEnabledNetworks.setSummary(R.string.network_3G);
+                     } else {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_LTE_CDMA_EVDO_GSM_WCDMA));
+                         mButtonEnabledNetworks.setSummary(R.string.network_global);
+                     }
+                     break;
+                 case Phone.NT_MODE_GSM_ONLY:
+                     if (!mIsGlobalCdma) {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_GSM_ONLY));
+                         mButtonEnabledNetworks.setSummary(R.string.network_2G);
+                     } else {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_LTE_CDMA_EVDO_GSM_WCDMA));
+                         mButtonEnabledNetworks.setSummary(R.string.network_global);
+                     }
+                     break;
+@@ -1466,13 +1462,9 @@ public class MobileNetworkSettings extends Activity  {
+                 case Phone.NT_MODE_LTE_ONLY:
+                 case Phone.NT_MODE_LTE_WCDMA:
+                     if (!mIsGlobalCdma) {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_LTE_GSM_WCDMA));
+                         mButtonEnabledNetworks.setSummary((mShow4GForLTE == true)
+                                 ? R.string.network_4G : R.string.network_lte);
+                     } else {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_LTE_CDMA_EVDO_GSM_WCDMA));
+                         mButtonEnabledNetworks.setSummary(R.string.network_global);
+                     }
+                     break;
+@@ -1483,33 +1475,12 @@ public class MobileNetworkSettings extends Activity  {
+                         controlCdmaOptions(true);
+                         controlGsmOptions(false);
+                     } else {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_LTE_CDMA_AND_EVDO));
+                         mButtonEnabledNetworks.setSummary(R.string.network_lte);
+                     }
+                     break;
+-                case Phone.NT_MODE_TDSCDMA_CDMA_EVDO_GSM_WCDMA:
+-                    mButtonEnabledNetworks.setValue(
+-                            Integer.toString(Phone.NT_MODE_TDSCDMA_CDMA_EVDO_GSM_WCDMA));
+-                    mButtonEnabledNetworks.setSummary(R.string.network_3G);
+-                    break;
+-                case Phone.NT_MODE_CDMA:
+-                case Phone.NT_MODE_EVDO_NO_CDMA:
+-                case Phone.NT_MODE_GLOBAL:
+-                    mButtonEnabledNetworks.setValue(
+-                            Integer.toString(Phone.NT_MODE_CDMA));
+-                    mButtonEnabledNetworks.setSummary(R.string.network_3G);
+-                    break;
+                 case Phone.NT_MODE_CDMA_NO_EVDO:
+-                    mButtonEnabledNetworks.setValue(
+-                            Integer.toString(Phone.NT_MODE_CDMA_NO_EVDO));
+                     mButtonEnabledNetworks.setSummary(R.string.network_1x);
+                     break;
+-                case Phone.NT_MODE_TDSCDMA_ONLY:
+-                    mButtonEnabledNetworks.setValue(
+-                            Integer.toString(Phone.NT_MODE_TDSCDMA_ONLY));
+-                    mButtonEnabledNetworks.setSummary(R.string.network_3G);
+-                    break;
+                 case Phone.NT_MODE_LTE_TDSCDMA_GSM:
+                 case Phone.NT_MODE_LTE_TDSCDMA_GSM_WCDMA:
+                 case Phone.NT_MODE_LTE_TDSCDMA:
+@@ -1517,16 +1488,12 @@ public class MobileNetworkSettings extends Activity  {
+                 case Phone.NT_MODE_LTE_TDSCDMA_CDMA_EVDO_GSM_WCDMA:
+                 case Phone.NT_MODE_LTE_CDMA_EVDO_GSM_WCDMA:
+                     if (isSupportTdscdma()) {
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_LTE_TDSCDMA_CDMA_EVDO_GSM_WCDMA));
+                         mButtonEnabledNetworks.setSummary(R.string.network_lte);
+                     } else {
+                         if (isWorldMode()) {
+                             controlCdmaOptions(true);
+                             controlGsmOptions(false);
+                         }
+-                        mButtonEnabledNetworks.setValue(
+-                                Integer.toString(Phone.NT_MODE_LTE_CDMA_EVDO_GSM_WCDMA));
+                         if (mPhone.getPhoneType() == PhoneConstants.PHONE_TYPE_CDMA ||
+                                 mIsGlobalCdma ||
+                                 isWorldMode()) {
+@@ -1538,10 +1505,15 @@ public class MobileNetworkSettings extends Activity  {
+                     }
+                     break;
+                 default:
++                    invalidMode = true;
+                     String errMsg = "Invalid Network Mode (" + NetworkMode + "). Ignore.";
+                     loge(errMsg);
+                     mButtonEnabledNetworks.setSummary(errMsg);
+             }
++            if (!invalidMode) {
++                mButtonEnabledNetworks.setValue(
++                        Integer.toString(NetworkMode));
++            }
+         }
+ 
+         @Override
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch b/Patches/LineageOS-16.0/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch
new file mode 100644
index 00000000..631800ee
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch
@@ -0,0 +1,262 @@
+From 3433e3f518dc572fa65056276cec79eadd4fb2d2 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Fri, 28 Dec 2018 21:22:20 -0500
+Subject: [PATCH] More preferred network modes
+
+Change-Id: I6ff09db51fcd64829c24509740ed9a52c3d104cb
+---
+ res/values/strings.xml                        | 47 +++++++++++++++++++
+ .../android/phone/MobileNetworkSettings.java  | 31 ++++++++++--
+ 2 files changed, 74 insertions(+), 4 deletions(-)
+
+diff --git a/res/values/strings.xml b/res/values/strings.xml
+index c3939697d..b220a2331 100644
+--- a/res/values/strings.xml
++++ b/res/values/strings.xml
+@@ -476,6 +476,8 @@
+     <string name="preferred_network_mode_cdma_evdo_gsm_wcdma_summary">Preferred network mode: CDMA/EvDo/GSM/WCDMA</string>
+     <!-- LTE  -->
+     <string name="preferred_network_mode_lte_summary">Preferred network mode: LTE </string>
++    <!-- LTE only -->
++    <string name="preferred_network_mode_lte_only_summary">Preferred network mode: LTE only</string>
+     <!-- GSM/WCDMA/LTE -->
+     <string name="preferred_network_mode_lte_gsm_wcdma_summary">Preferred network mode: GSM/WCDMA/LTE</string>
+     <!-- CDMA+LTE/EVDO -->
+@@ -484,6 +486,8 @@
+     <string name="preferred_network_mode_global_summary">Preferred network mode: Global</string>
+     <!-- LTE / WCDMA -->
+     <string name="preferred_network_mode_lte_wcdma_summary">Preferred network mode: LTE / WCDMA</string>
++    <!-- LTE / WCDMA only -->
++    <string name="preferred_network_mode_lte_wcdma_only_summary">Preferred network mode: LTE / WCDMA only</string>
+     <!-- LTE / GSM / UMTS -->
+     <string name="preferred_network_mode_lte_gsm_umts_summary">Preferred network mode: LTE / GSM / UMTS</string>
+     <!-- LTE / CDMA -->
+@@ -502,6 +506,8 @@
+     <string name="preferred_network_mode_tdscdma_gsm_wcdma_summary">Preferred network mode: TDSCDMA/GSM/WCDMA</string>
+     <!-- LTE/TDSCDMA/WCDMA -->
+     <string name="preferred_network_mode_lte_tdscdma_wcdma_summary">Preferred network mode: LTE/TDSCDMA/WCDMA</string>
++    <!-- LTE/TDSCDMA/WCDMA only -->
++    <string name="preferred_network_mode_lte_tdscdma_wcdma_only_summary">Preferred network mode: LTE/TDSCDMA/WCDMA only</string>
+     <!-- LTE/TDSCDMA/GSM/WCDMA -->
+     <string name="preferred_network_mode_lte_tdscdma_gsm_wcdma_summary">Preferred network mode: LTE/TDSCDMA/GSM/WCDMA</string>
+     <!-- TDSCDMA/CDMA/EvDo/GSM/WCDMA -->
+@@ -723,96 +729,137 @@
+     <string name="multi_category_enable">Multi-category enabled</string>
+     <string name="multi_category_disable">Multi-category disabled</string>
+ 
++    <string name="network_3G_lte_only">LTE/3G only</string>
++    <string name="network_lte_only">LTE only</string>
+     <string name="network_lte">LTE (recommended)</string>
++    <string name="network_3G_4G_only">4G/3G only</string>
++    <string name="network_4G_only">4G only</string>
+     <string name="network_4G">4G (recommended)</string>
++    <string name="network_3G_only">3G only</string>
+     <string name="network_3G" translatable="false">3G</string>
+     <string name="network_2G" translatable="false">2G</string>
+     <string name="network_1x" translatable="false">1x</string>
+     <string name="network_global">Global</string>
+ 
+     <string-array name="enabled_networks_except_gsm_choices" translatable="false">
++        <item>@string/network_3G_lte_only</item>
++        <item>@string/network_lte_only</item>
+         <item>@string/network_lte</item>
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+     </string-array>
+     <string-array name="enabled_networks_except_gsm_4g_choices" translatable="false">
++        <item>@string/network_3G_4G_only</item>
++        <item>@string/network_4G_only</item>
+         <item>@string/network_4G</item>
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+     </string-array>
+     <string-array name="enabled_networks_except_gsm_values" translatable="false">
++        <item>"12"</item>
++        <item>"11"</item>
+         <item>"9"</item>
++        <item>"2"</item>
+         <item>"0"</item>
+     </string-array>
+ 
+     <string-array name="enabled_networks_except_lte_choices" translatable="false">
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+         <item>@string/network_2G</item>
+     </string-array>
+     <string-array name="enabled_networks_except_lte_values" translatable="false">
++        <item>"2"</item>
+         <item>"0"</item>
+         <item>"1"</item>
+     </string-array>
+ 
+     <string-array name="enabled_networks_except_gsm_lte_choices" translatable="false">
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+     </string-array>
+     <string-array name="enabled_networks_except_gsm_lte_values" translatable="false">
++        <item>"2"</item>
+         <item>"0"</item>
+     </string-array>
+ 
+     <string-array name="enabled_networks_choices" translatable="false">
++        <item>@string/network_3G_lte_only</item>
++        <item>@string/network_lte_only</item>
+         <item>@string/network_lte</item>
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+         <item>@string/network_2G</item>
+     </string-array>
+     <string-array name="enabled_networks_4g_choices" translatable="false">
++        <item>@string/network_3G_4G_only</item>
++        <item>@string/network_4G_only</item>
+         <item>@string/network_4G</item>
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+         <item>@string/network_2G</item>
+     </string-array>
+     <string-array name="enabled_networks_values" translatable="false">
++        <item>"12"</item>
++        <item>"11"</item>
+         <item>"9"</item>
++        <item>"2"</item>
+         <item>"0"</item>
+         <item>"1"</item>
+     </string-array>
+ 
+     <string-array name="enabled_networks_cdma_choices" translatable="false">
++        <item>@string/network_lte_only</item>
+         <item>@string/network_lte</item>
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+         <item>@string/network_1x</item>
+         <item>@string/network_global</item>
+     </string-array>
+     <string-array name="enabled_networks_cdma_values" translatable="false">
++        <item>"11"</item>
+         <item>"8"</item>
++        <item>"6"</item>
+         <item>"4"</item>
+         <item>"5"</item>
+         <item>"10"</item>
+     </string-array>
+ 
+     <string-array name="enabled_networks_cdma_no_lte_choices" translatable="false">
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+         <item>@string/network_1x</item>
+     </string-array>
+     <string-array name="enabled_networks_cdma_no_lte_values" translatable="false">
++        <item>"6"</item>
+         <item>"4"</item>
+         <item>"5"</item>
+     </string-array>
+ 
+     <string-array name="enabled_networks_cdma_only_lte_choices" translatable="false">
++        <item>@string/network_lte_only</item>
+         <item>@string/network_lte</item>
+         <item>@string/network_global</item>
+     </string-array>
+     <string-array name="enabled_networks_cdma_only_lte_values" translatable="false">
++        <item>"11"</item>
+         <item>"8"</item>
+         <item>"10"</item>
+     </string-array>
+ 
+     <string-array name="enabled_networks_tdscdma_choices" translatable="false">
++        <item>@string/network_3G_lte_only</item>
++        <item>@string/network_lte_only</item>
+         <item>@string/network_lte</item>
++        <item>@string/network_3G_only</item>
+         <item>@string/network_3G</item>
+         <item>@string/network_2G</item>
+     </string-array>
+     <string-array name="enabled_networks_tdscdma_values" translatable="false">
++        <item>"19"</item>
++        <item>"11"</item>
+         <item>"22"</item>
++        <item>"14"</item>
+         <item>"18"</item>
+         <item>"1"</item>
+     </string-array>
+diff --git a/src/com/android/phone/MobileNetworkSettings.java b/src/com/android/phone/MobileNetworkSettings.java
+index 36b65e77c..968ec96bc 100644
+--- a/src/com/android/phone/MobileNetworkSettings.java
++++ b/src/com/android/phone/MobileNetworkSettings.java
+@@ -1318,8 +1318,11 @@ public class MobileNetworkSettings extends Activity  {
+                     int modemNetworkMode;
+                     // if new mode is invalid ignore it
+                     switch (buttonNetworkMode) {
++                        case Phone.NT_MODE_WCDMA_ONLY:
+                         case Phone.NT_MODE_WCDMA_PREF:
+                         case Phone.NT_MODE_GSM_ONLY:
++                        case Phone.NT_MODE_LTE_ONLY:
++                        case Phone.NT_MODE_LTE_WCDMA:
+                         case Phone.NT_MODE_LTE_GSM_WCDMA:
+                         case Phone.NT_MODE_LTE_CDMA_EVDO_GSM_WCDMA:
+                         case Phone.NT_MODE_CDMA:
+@@ -1548,7 +1551,7 @@ public class MobileNetworkSettings extends Activity  {
+                     break;
+                 case Phone.NT_MODE_LTE_ONLY:
+                     mButtonPreferredNetworkMode.setSummary(
+-                            R.string.preferred_network_mode_lte_summary);
++                            R.string.preferred_network_mode_lte_only_summary);
+                     break;
+                 case Phone.NT_MODE_LTE_TDSCDMA_GSM:
+                     mButtonPreferredNetworkMode.setSummary(
+@@ -1595,11 +1598,11 @@ public class MobileNetworkSettings extends Activity  {
+                     break;
+                 case Phone.NT_MODE_LTE_TDSCDMA_WCDMA:
+                     mButtonPreferredNetworkMode.setSummary(
+-                            R.string.preferred_network_mode_lte_tdscdma_wcdma_summary);
++                            R.string.preferred_network_mode_lte_tdscdma_wcdma_only_summary);
+                     break;
+                 case Phone.NT_MODE_LTE_WCDMA:
+                     mButtonPreferredNetworkMode.setSummary(
+-                            R.string.preferred_network_mode_lte_wcdma_summary);
++                            R.string.preferred_network_mode_lte_wcdma_only_summary);
+                     break;
+                 default:
+                     mButtonPreferredNetworkMode.setSummary(
+@@ -1621,6 +1624,12 @@ public class MobileNetworkSettings extends Activity  {
+                     mButtonEnabledNetworks.setSummary(R.string.network_3G);
+                     break;
+                 case Phone.NT_MODE_WCDMA_ONLY:
++                    if (!mIsGlobalCdma) {
++                        mButtonEnabledNetworks.setSummary(R.string.network_3G_only);
++                    } else {
++                        mButtonEnabledNetworks.setSummary(R.string.network_global);
++                    }
++                    break;
+                 case Phone.NT_MODE_GSM_UMTS:
+                 case Phone.NT_MODE_WCDMA_PREF:
+                     if (!mIsGlobalCdma) {
+@@ -1644,11 +1653,25 @@ public class MobileNetworkSettings extends Activity  {
+                         controlGsmOptions(true);
+                         break;
+                     }
++                    if (!mIsGlobalCdma) {
++                        mButtonEnabledNetworks.setSummary((mShow4GForLTE == true)
++                                ? R.string.network_4G : R.string.network_lte);
++                    } else {
++                        mButtonEnabledNetworks.setSummary(R.string.network_global);
++                    }
++                    break;
+                 case Phone.NT_MODE_LTE_ONLY:
++                    if (!mIsGlobalCdma) {
++                        mButtonEnabledNetworks.setSummary((mShow4GForLTE == true)
++                                ? R.string.network_4G_only : R.string.network_lte_only);
++                    } else {
++                        mButtonEnabledNetworks.setSummary(R.string.network_global);
++                    }
++                    break;
+                 case Phone.NT_MODE_LTE_WCDMA:
+                     if (!mIsGlobalCdma) {
+                         mButtonEnabledNetworks.setSummary((mShow4GForLTE == true)
+-                                ? R.string.network_4G : R.string.network_lte);
++                                ? R.string.network_3G_4G_only : R.string.network_3G_lte_only);
+                     } else {
+                         mButtonEnabledNetworks.setSummary(R.string.network_global);
+                     }
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_system_core/0001-Harden_Mounts.patch b/Patches/LineageOS-16.0/android_system_core/0001-Harden_Mounts.patch
new file mode 100644
index 00000000..a8c36353
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_system_core/0001-Harden_Mounts.patch
@@ -0,0 +1,48 @@
+From 25424eca15c98eeabb8c150cc0f25895a638e56e Mon Sep 17 00:00:00 2001
+From: Daniel Micay <danielmicay@gmail.com>
+Date: Mon, 12 Feb 2018 03:29:58 -0500
+Subject: [PATCH] Harden mounts
+
+Change-Id: Idd2da6d9989ec554ce5b0841781d323fdcd9eb87
+---
+ init/init.cpp   | 6 +++---
+ rootdir/init.rc | 1 +
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/init/init.cpp b/init/init.cpp
+index 74e81e4b5..782d87968 100644
+--- a/init/init.cpp
++++ b/init/init.cpp
+@@ -576,14 +576,14 @@ int main(int argc, char** argv) {
+         mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755");
+         mkdir("/dev/pts", 0755);
+         mkdir("/dev/socket", 0755);
+-        mount("devpts", "/dev/pts", "devpts", 0, NULL);
++        mount("devpts", "/dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, NULL);
+         #define MAKE_STR(x) __STRING(x)
+-        mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC));
++        mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, "hidepid=2,gid=" MAKE_STR(AID_READPROC));
+         // Don't expose the raw commandline to unprivileged processes.
+         chmod("/proc/cmdline", 0440);
+         gid_t groups[] = { AID_READPROC };
+         setgroups(arraysize(groups), groups);
+-        mount("sysfs", "/sys", "sysfs", 0, NULL);
++        mount("sysfs", "/sys", "sysfs", MS_NOSUID|MS_NODEV|MS_NOEXE, NULL);
+         mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
+ 
+         mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11));
+diff --git a/rootdir/init.rc b/rootdir/init.rc
+index 970b3f8d0..14e69da79 100644
+--- a/rootdir/init.rc
++++ b/rootdir/init.rc
+@@ -120,6 +120,7 @@ on init
+     write /proc/sys/kernel/sched_wakeup_granularity_ns 2000000
+     write /proc/sys/kernel/sched_child_runs_first 0
+ 
++    write /proc/sys/kernel/dmesg_restrict 1
+     write /proc/sys/kernel/randomize_va_space 2
+     write /proc/sys/vm/mmap_min_addr 32768
+     write /proc/sys/net/ipv4/ping_group_range "0 2147483647"
+-- 
+2.20.1
+
diff --git a/Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch b/Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch
new file mode 100644
index 00000000..470dec5e
--- /dev/null
+++ b/Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch
@@ -0,0 +1,35 @@
+From 3d7d3ace3a1cb5a4e31b3fe335128de56049d419 Mon Sep 17 00:00:00 2001
+From: Tad <tad@spotco.us>
+Date: Thu, 12 Apr 2018 08:05:32 -0400
+Subject: [PATCH] Fix -user builds for many LGE devices
+
+Change-Id: I46c4191b1171055cbdb5b23e8714d24676fc48bb
+---
+ public/domain.te | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/public/domain.te b/public/domain.te
+index 883048fb..d0a9def1 100644
+--- a/public/domain.te
++++ b/public/domain.te
+@@ -597,6 +597,9 @@ neverallow { domain -recovery -update_engine } system_block_device:blk_file { wr
+ # No domains other than install_recovery or recovery can write to recovery.
+ neverallow { domain -install_recovery -recovery } recovery_block_device:blk_file { write append };
+ 
+++# Select devices have policies prevented by the following neverallow
+++attribute misc_block_device_exception;
++
+ # No domains other than a select few can access the misc_block_device. This
+ # block device is reserved for OTA use.
+ # Do not assert this rule on userdebug/eng builds, due to some devices using
+@@ -612,6 +615,7 @@ neverallow {
+   -vold
+   -recovery
+   -ueventd
++  -misc_block_device_exception
+ } misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
+ 
+ # Only (hw|vnd|)servicemanager should be able to register with binder as the context manager
+-- 
+2.20.1
+
diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh
index 3cebd4a0..0ceb33ad 100644
--- a/Scripts/LineageOS-14.1/Patch.sh
+++ b/Scripts/LineageOS-14.1/Patch.sh
@@ -151,9 +151,6 @@ enterAndClear "packages/services/Telephony";
 patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch";
 patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
 
-enterAndClear "system/bt";
-patch -p1 < "$DOS_PATCHES/android_system_bt/0001-Improve_Quality.patch"; #Improve Bluetooth audio quality, credit @ValdikSS
-
 enterAndClear "system/core";
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert 0217dddeb5c16903c13ff6c75213619b79ea622b d7aa1231b6a0631f506c0c23816f2cd81645b15f; #Always update recovery XXX: This doesn't seem to work
diff --git a/Scripts/LineageOS-15.1/Defaults.sh b/Scripts/LineageOS-15.1/Defaults.sh
index f7d906d4..a4370681 100644
--- a/Scripts/LineageOS-15.1/Defaults.sh
+++ b/Scripts/LineageOS-15.1/Defaults.sh
@@ -24,17 +24,6 @@
 
 echo "Changing default settings...";
 
-enter "lineage-sdk";
-#sed -i 's/VOLBTN_MUSIC_CONTROLS, 1/VOLBTN_MUSIC_CONTROLS, 0/' sdk/src/java/org/lineageos/internal/buttons/LineageButtons.java; #FIXME
-
-enter "frameworks/base";
-#sed -i 's/PRIVACY_GUARD_NOTIFICATION, 1/PRIVACY_GUARD_NOTIFICATION, 0/' services/core/java/com/android/server/am/ActivityRecord.java;
-#sed -i 's/VOLUME_KEYS_CONTROL_RING_STREAM, 1/VOLUME_KEYS_CONTROL_RING_STREAM, 0/' services/core/java/com/android/server/audio/AudioService.java; #FIXME
-#sed -i 's/TORCH_LONG_PRESS_POWER_GESTURE, 0/TORCH_LONG_PRESS_POWER_GESTURE, 1/' services/core/java/com/android/server/policy/PhoneWindowManager.java; #FIXME
-#sed -i 's/TORCH_LONG_PRESS_POWER_TIMEOUT, 0/TORCH_LONG_PRESS_POWER_TIMEOUT, 120/' services/core/java/com/android/server/policy/PhoneWindowManager.java; #FIXME
-#sed -i 's/CAMERA_DOUBLE_TAP_POWER_GESTURE_DISABLED, 0/CAMERA_DOUBLE_TAP_POWER_GESTURE_DISABLED, 1/' services/core/java/com/android/server/GestureLauncherService.java; #FIXME
-#sed -i 's/NAVIGATION_BAR_MENU_ARROW_KEYS, 0/NAVIGATION_BAR_MENU_ARROW_KEYS, 1/' packages/SystemUI/src/com/android/systemui/statusbar/phone/NavigationBarView.java; #FIXME
-
 enter "packages/apps/Dialer";
 sed -i 's/ENABLE_FORWARD_LOOKUP, 1)/ENABLE_FORWARD_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable FLP
 sed -i 's/ENABLE_PEOPLE_LOOKUP, 1)/ENABLE_PEOPLE_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable PLP
@@ -51,9 +40,6 @@ sed -i 's/Float.parseFloat(newValue.toString()) : 1;/Float.parseFloat(newValue.t
 enter "packages/apps/Trebuchet";
 sed -i 's/"pref_predictive_apps", true/"pref_predictive_apps", false/' src/com/android/launcher3/Launcher.java;
 
-enter "packages/inputmethods/LatinIME";
-#sed -i 's/PREF_KEY_USE_PERSONALIZED_DICTS, true/PREF_KEY_USE_PERSONALIZED_DICTS, false/' java/src/com/android/inputmethod/latin/settings/SettingsValues.java; #FIXME
-
 enter "vendor/lineage";
 sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common.mk;
 sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common.mk;
diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh
index 8c2ef252..aa6dcdd4 100644
--- a/Scripts/LineageOS-15.1/Patch.sh
+++ b/Scripts/LineageOS-15.1/Patch.sh
@@ -80,8 +80,8 @@ git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
 
 enterAndClear "frameworks/base";
 hardenLocationFWB "$DOS_BUILD_BASE";
-#git revert https://review.lineageos.org/#/c/202875/ #re-enable doze on devices without gms
 sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
+sed -i 's/DEFAULT_MAX_FILES_LOWRAM = 300;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
 sed -i 's/(notif.needNotify)/(true)/' location/java/com/android/internal/location/GpsNetInitiatedHandler.java; #Notify user when location is requested via SUPL
 if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0002-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG)
 if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key
@@ -115,7 +115,7 @@ awk -i inplace '!/WeatherManagerServiceBroker/' lineage/res/res/values/config.xm
 if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAudioService/' lineage/res/res/values/config.xml; fi;
 
 enterAndClear "packages/apps/LineageParts";
-rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml #Nuke part of the analytics
+rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml; #Nuke part of the analytics
 patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics
 
 enterAndClear "packages/apps/Settings";
@@ -130,7 +130,6 @@ enterAndClear "packages/apps/SetupWizard";
 patch -p1 < "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics
 
 enterAndClear "packages/apps/Updater";
-#sed -i 's/Constants.AUTO_UPDATES_CHECK_INTERVAL_WEEKLY);/Constants.AUTO_UPDATES_CHECK_INTERVAL_DAILY);/' src/org/lineageos/updater/misc/Utils.java; #Revert to daily update checks
 patch -p1 < "$DOS_PATCHES_COMMON/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server
 patch -p1 < "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support
 #TODO: Remove changelog
@@ -148,9 +147,6 @@ enterAndClear "packages/services/Telephony";
 patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch";
 patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
 
-enterAndClear "system/bt";
-patch -p1 < "$DOS_PATCHES/android_system_bt/0001-Improve_Quality.patch"; #Improve Bluetooth audio quality, credit @ValdikSS
-
 enterAndClear "system/core";
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert a6a4ce8e9a6d63014047a447c6bb3ac1fa90b3f4; #Always update recovery
@@ -163,10 +159,11 @@ enterAndClear "system/vold";
 patch -p1 < "$DOS_PATCHES/android_system_vold/0001-AES256.patch"; #Add a variable for enabling AES-256 bit encryption
 
 enterAndClear "vendor/lineage";
-rm -rf overlay/common/vendor/lineage-sdk/packages; #Remove analytics
+rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then awk -i inplace '!/50-lineage.sh/' config/common.mk; fi; #Make sure our hosts is always used
 awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' config/common.mk; #Remove extra keys
 awk -i inplace '!/security\/lineage/' config/common.mk; #Remove extra keys
+awk -i inplace '!/WeatherProvider/' config/common.mk;
 if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/AudioFX/' config/common.mk; fi;
 if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then sed -i '/Google provider/!b;n;s/com.google.android.gms/org.microg.nlp/' overlay/common/frameworks/base/core/res/res/values/config.xml; fi;
 sed -i 's/LINEAGE_BUILDTYPE := UNOFFICIAL/LINEAGE_BUILDTYPE := dos/' config/common.mk; #Change buildtype
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh
new file mode 100644
index 00000000..f378ad4f
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_moto_shamu.sh
@@ -0,0 +1,69 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/moto/shamu"
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0004-No_dir-relax.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0011.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0012.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0013.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0014.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0015.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0016.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0017.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.10/0018.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-1420/3.2-^3.19/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8215/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8955/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-8967/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0758/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3865/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3894/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-5870/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6695/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8464/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-9576/3.10/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0404/^3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0537/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0627/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0824/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000410/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11600/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13245/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16538/^4.13/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16645/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11286/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0003/3.10/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-check-in-pm_ops-unregister.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+editKernelLocalversion "-dos.p65"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8996.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8996.sh
new file mode 100644
index 00000000..7e138812
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_motorola_msm8996.sh
@@ -0,0 +1,81 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/motorola/msm8996"
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0019.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0020.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0022.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0023.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0025.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0026.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0027.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0028.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0029.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0030.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0031.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0032.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0033.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0034.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0035.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0036.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0037.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0040.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0041.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0042.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0043.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0045.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0046.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/3.18/0050.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-2041/^3.19/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2015-7515/^4.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2188/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2549/^4.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3136/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3137/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3138/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3140/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-3857/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8394/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0007.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0008.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-GadgetFS/ANY/0010.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13162/3.18/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13218/3.18/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13246/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15853/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17558/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-17762/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5669/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6001/^4.9/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6348/^4.9/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8251/3.18/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-13914/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5825/3.18/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5864/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5865/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-5897/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9415/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-9515/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6693/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14883/ANY/0001.patch
+editKernelLocalversion "-dos.p77"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh
new file mode 100644
index 00000000..2ff33fa8
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_oppo_msm8974.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/oppo/msm8974"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9781/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9880/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0774/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-0801/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2443/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6672/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-7117/^4.5/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-8404/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0510/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0524/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0610/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0648/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0751/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0786/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-1000380/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11000/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11019/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11039/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11090/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-12153/3.2-^3.16/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-13080/ANY/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-15265/^4.14/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-18161/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8247/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9684/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9706/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0003.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+editKernelLocalversion "-dos.p51"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_msm8974.sh b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_msm8974.sh
new file mode 100644
index 00000000..dc0da5a2
--- /dev/null
+++ b/Scripts/LineageOS-16.0/CVE_Patchers/android_kernel_samsung_msm8974.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+cd "$DOS_BUILD_BASE""kernel/samsung/msm8974"
+git apply $DOS_PATCHES_LINUX_CVES/0003-syskaller-Misc/ANY/0009.patch
+git apply $DOS_PATCHES_LINUX_CVES/0006-Copperhead-Kernel_Hardening/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-4578/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0611/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-11473/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16526/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16532/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16537/^4.13/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16650/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0005.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-16USB/ANY/0006.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8246/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-8254/3.4/0002.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.4/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2019-8912/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-01/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
+git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
+git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
+editKernelLocalversion "-dos.p25"
+cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-16.0/Defaults.sh b/Scripts/LineageOS-16.0/Defaults.sh
new file mode 100644
index 00000000..973cdcc5
--- /dev/null
+++ b/Scripts/LineageOS-16.0/Defaults.sh
@@ -0,0 +1,45 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2017-2018 Divested Computing, Inc.
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Changes various default settings
+#Last verified: 2019-03-04
+
+#Useful commands
+#nano $(find . -name "config.xml" | grep "values/" | grep -v "device" | grep -v "tests")
+#nano $(find . -name "defaults.xml" | grep "values/" | grep -v "device")
+
+echo "Changing default settings...";
+
+enter "packages/apps/Dialer";
+sed -i 's/ENABLE_FORWARD_LOOKUP, 1)/ENABLE_FORWARD_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable FLP
+sed -i 's/ENABLE_PEOPLE_LOOKUP, 1)/ENABLE_PEOPLE_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable PLP
+sed -i 's/ENABLE_REVERSE_LOOKUP, 1)/ENABLE_REVERSE_LOOKUP, 0)/' java/com/android/dialer/lookup/LookupSettings*.java; #Disable RLP
+
+enter "packages/apps/Nfc";
+sed -i 's/boolean NFC_ON_DEFAULT = true;/boolean NFC_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NFC
+sed -i 's/boolean NDEF_PUSH_ON_DEFAULT = true;/boolean NDEF_PUSH_ON_DEFAULT = false;/' src/com/android/nfc/NfcService.java; #Disable NDEF Push
+
+enter "packages/apps/Settings";
+sed -i 's/INSTANT_APPS_ENABLED, 1/INSTANT_APPS_ENABLED, 0/' src/com/android/settings/applications/ManageDomainUrls.java; #Disable "Instant Apps"
+sed -i 's/DEFAULT_VALUE = 1;/DEFAULT_VALUE = 0.5f;/' src/com/android/settings/development/*ScalePreferenceController.java; #Always reset animation scales to 0.5
+
+enter "vendor/lineage";
+sed -i 's/ro.config.notification_sound=Argon.ogg/ro.config.notification_sound=Pong.ogg/' config/common.mk;
+sed -i 's/ro.config.alarm_alert=Hassium.ogg/ro.config.alarm_alert=Alarm_Buzzer.ogg/' config/common.mk;
+
+cd "$DOS_BUILD_BASE";
+echo "Default settings changed!";
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
new file mode 100644
index 00000000..a17cf5f3
--- /dev/null
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -0,0 +1,107 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2017-2018 Divested Computing, Inc.
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Last verified: 2018-04-27
+
+patchAllKernels() {
+	startPatcher "kernel_moto_shamu kernel_motorola_msm8996 kernel_oppo_msm8974 kernel_samsung_msm8974";
+}
+export -f patchAllKernels;
+
+resetWorkspace() {
+	repo forall -c 'git add -A && git reset --hard' && rm -rf out && repo sync -j20 --force-sync;
+}
+export -f resetWorkspace;
+
+scanWorkspaceForMalware() {
+	scanQueue="$DOS_BUILD_BASE/android $DOS_BUILD_BASE/art $DOS_BUILD_BASE/bionic $DOS_BUILD_BASE/bootable $DOS_BUILD_BASE/build $DOS_BUILD_BASE/compatibility $DOS_BUILD_BASE/dalvik $DOS_BUILD_BASE/device $DOS_BUILD_BASE/hardware $DOS_BUILD_BASE/libcore $DOS_BUILD_BASE/libnativehelper $DOS_BUILD_BASE/packages $DOS_BUILD_BASE/pdk $DOS_BUILD_BASE/platform_testing $DOS_BUILD_BASE/sdk $DOS_BUILD_BASE/system";
+	scanQueue=$scanQueue" $DOS_BUILD_BASE/lineage-sdk $DOS_BUILD_BASE/vendor/lineage";
+	scanForMalware true $scanQueue;
+}
+export -f scanWorkspaceForMalware;
+
+buildDevice() {
+	brunch "lineage_$1-user";
+}
+export -f buildDevice;
+
+buildDeviceDebug() {
+	unset SIGNING_KEY_DIR;
+	unset OTA_PACKAGE_SIGNING_KEY;
+	brunch "lineage_$1-eng";
+}
+export -f buildDeviceDebug;
+
+buildAll() {
+	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
+	brunch lineage_bacon-user;
+	brunch lineage_klte-user;
+	brunch lineage_shamu-user;
+}
+export -f buildAll;
+
+patchWorkspace() {
+	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
+
+	#source build/envsetup.sh;
+
+	source "$DOS_SCRIPTS/Patch.sh";
+	source "$DOS_SCRIPTS/Defaults.sh";
+	source "$DOS_SCRIPTS/Rebrand.sh";
+	if [ "$DOS_OVERCLOCKS_ENABLED" = true ]; then source "$DOS_SCRIPTS_COMMON/Overclock.sh"; fi;
+	source "$DOS_SCRIPTS_COMMON/Optimize.sh";
+	source "$DOS_SCRIPTS_COMMON/Deblob.sh";
+	source "$DOS_SCRIPTS_COMMON/Patch_CVE.sh";
+	source build/envsetup.sh;
+}
+export -f patchWorkspace;
+
+enableDexPreOpt() {
+	cd "$DOS_BUILD_BASE$1";
+	#Some devices won't compile, or have too small of a /system partition, or Wi-Fi breaks
+	if [ "$1" != "device/amazon/thor" ] && [ "$1" != "device/samsung/i9100" ] && [ "$1" != "device/samsung/maguro" ] && [ "$1" != "device/samsung/toro" ] && [ "$1" != "device/samsung/toroplus" ] && [ "$1" != "device/samsung/tuna" ] && [ "$1" != "device/lge/h850" ] && [ "$1" != "device/lge/mako" ] && [ "$1" != "device/asus/grouper" ]; then
+		if [ -f BoardConfig.mk ]; then
+			echo "WITH_DEXPREOPT := true" >> BoardConfig.mk;
+			echo "WITH_DEXPREOPT_PIC := true" >> BoardConfig.mk;
+			echo "WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := true" >> BoardConfig.mk;
+			echo "Enabled dexpreopt for $1";
+		fi;
+	fi;
+	cd "$DOS_BUILD_BASE";
+}
+export -f enableDexPreOpt;
+
+enableDexPreOptFull() {
+	cd "$DOS_BUILD_BASE$1";
+	if [ -f BoardConfig.mk ]; then
+		sed -i "s/WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := true/WITH_DEXPREOPT_BOOT_IMG_AND_SYSTEM_SERVER_ONLY := false/" BoardConfig.mk;
+		echo "Enabled full dexpreopt for $1";
+	fi;
+	cd "$DOS_BUILD_BASE";
+}
+export -f enableDexPreOptFull;
+
+enableLowRam() {
+	cd "$DOS_BUILD_BASE$1";
+	#if [ -f lineage.mk ]; then echo '$(call inherit-product, $(SRC_TARGET_DIR)/product/go_defaults.mk)' >> lineage.mk; fi;
+	if [ -f lineage.mk ]; then echo '$(call inherit-product, vendor/divested/build/target/product/lowram.mk)' >> lineage.mk; fi;
+	if [ -f BoardConfig.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfig.mk; fi;
+	if [ -f BoardConfigCommon.mk ]; then echo 'MALLOC_SVELTE := true' >> BoardConfigCommon.mk; fi;
+	echo "Enabled lowram for $1";
+	cd "$DOS_BUILD_BASE";
+}
+export -f enableLowRam;
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
new file mode 100644
index 00000000..2ad0b7ac
--- /dev/null
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -0,0 +1,195 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2015-2018 Divested Computing, Inc.
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Last verified: 2019-03-04
+
+#Initialize aliases
+#source ../../Scripts/init.sh
+
+#Delete Everything and Sync
+#resetWorkspace
+
+#Apply all of our changes
+#patchWorkspace
+
+#Build!
+#buildDevice [device]
+#buildAll
+
+#Generate an incremental
+#./build/tools/releasetools/ota_from_target_files --block -t 8 -i old.zip new.zip update.zip
+
+#Generate firmware deblobber
+#mka firmware_deblobber
+
+#
+#START OF PREPRATION
+#
+#Download some (non-executable) out-of-tree files for use later on
+cd "$DOS_TMP_DIR";
+if [ "$DOS_HOSTS_BLOCKING" = true ]; then $DOS_TOR_WRAPPER wget "$DOS_HOSTS_BLOCKING_LIST" -N; fi;
+cd "$DOS_BUILD_BASE";
+
+#Accept all SDK licences, not normally needed but Gradle managed apps fail without it
+mkdir -p "$ANDROID_HOME/licenses";
+echo -e "\n8933bad161af4178b1185d1a37fbf41ea5269c55\nd56f5187479451eabf01fb78af6dfcb131a6481e" > "$ANDROID_HOME/licenses/android-sdk-license";
+echo -e "\n84831b9409646a918e30573bab4c9c91346d8abd" > "$ANDROID_HOME/licenses/android-sdk-preview-license";
+#
+#END OF PREPRATION
+#
+
+#
+#START OF ROM CHANGES
+#
+
+#top dir
+cp -r "$DOS_PREBUILT_APPS""Fennec_DOS-Shim" "$DOS_BUILD_BASE""packages/apps/"; #Add a shim to install Fennec DOS without actually including the large APK
+gpgVerifyDirectory "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/packages";
+cp -r "$DOS_PREBUILT_APPS""android_vendor_FDroid_PrebuiltApps/." "$DOS_BUILD_BASE""vendor/fdroid_prebuilt/"; #Add the prebuilt apps
+cp -r "$DOS_PATCHES_COMMON""android_vendor_divested/." "$DOS_BUILD_BASE""vendor/divested/"; #Add our vendor files
+
+enterAndClear "build/make";
+patch -p1 < "$DOS_PATCHES/android_build/0001-Automated_Build_Signing.patch"; #Automated build signing (CopperheadOS-13.0)
+awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' core/product.mk;
+sed -i '74i$(my_res_package): PRIVATE_AAPT_FLAGS += --auto-add-overlay' core/aapt2.mk;
+
+enterAndClear "device/qcom/sepolicy-legacy";
+patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
+
+enterAndClear "external/svox";
+git revert 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
+
+enterAndClear "frameworks/base";
+hardenLocationFWB "$DOS_BUILD_BASE";
+sed -i 's/DEFAULT_MAX_FILES = 1000;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
+sed -i 's/DEFAULT_MAX_FILES_LOWRAM = 300;/DEFAULT_MAX_FILES = 0;/' services/core/java/com/android/server/DropBoxManagerService.java; #Disable DropBox
+sed -i 's/(notif.needNotify)/(true)/' location/java/com/android/internal/location/GpsNetInitiatedHandler.java; #Notify user when location is requested via SUPL
+#if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0002-Signature_Spoofing.patch"; fi; #Allow packages to spoof their signature (microG) #TODO: REBASE-16.0
+#if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_base/0003-Harden_Sig_Spoofing.patch"; fi; #Restrict signature spoofing to system apps signed with the platform key #TODO: REBASE-16.0
+changeDefaultDNS;
+#patch -p1 < "$DOS_PATCHES/android_frameworks_base/0005-Connectivity.patch"; #Change connectivity check URLs to ours
+patch -p1 < "$DOS_PATCHES/android_frameworks_base/0006-Disable_Analytics.patch"; #Disable/reduce functionality of various ad/analytics libraries
+rm -rf packages/PrintRecommendationService; #App that just creates popups to install proprietary print apps
+
+if [ "$DOS_DEBLOBBER_REMOVE_IMS" = true ]; then
+enterAndClear "frameworks/opt/net/ims";
+patch -p1 < "$DOS_PATCHES/android_frameworks_opt_net_ims/0001-Fix_Calling.patch"; #Fix calling when IMS is removed
+fi
+
+enterAndClear "frameworks/opt/net/wifi";
+#Fix an issue when permision review is enabled that prevents using the Wi-Fi quick tile
+#See https://github.com/CopperheadOS/platform_frameworks_opt_net_wifi/commit/c2a2f077a902226093b25c563e0117e923c7495b
+sed -i 's/boolean mPermissionReviewRequired/boolean mPermissionReviewRequired = false/' service/java/com/android/server/wifi/WifiServiceImpl.java;
+awk -i inplace '!/mPermissionReviewRequired = Build.PERMISSIONS_REVIEW_REQUIRED/' service/java/com/android/server/wifi/WifiServiceImpl.java;
+awk -i inplace '!/\|\| context.getResources\(\).getBoolean\(/' service/java/com/android/server/wifi/WifiServiceImpl.java;
+awk -i inplace '!/com.android.internal.R.bool.config_permissionReviewRequired/' service/java/com/android/server/wifi/WifiServiceImpl.java;
+
+if enter "kernel/wireguard"; then
+if [ "$DOS_WIREGUARD_INCLUDED" = false ]; then rm Android.mk; fi;
+#Remove system information from HTTP requests
+awk -i inplace '!/USER_AGENT=/' fetch.sh;
+sed -i '3iUSER_AGENT="WireGuard-AndroidROMBuild/0.2"' fetch.sh;
+fi;
+
+enterAndClear "lineage-sdk";
+awk -i inplace '!/LineageWeatherManagerService/' lineage/res/res/values/config.xml; #Disable Weather
+if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/LineageAudioService/' lineage/res/res/values/config.xml; fi;
+
+enterAndClear "packages/apps/LineageParts";
+rm -rf src/org/lineageos/lineageparts/lineagestats/ res/xml/anonymous_stats.xml res/xml/preview_data.xml; #Nuke part of the analytics
+patch -p1 < "$DOS_PATCHES/android_packages_apps_LineageParts/0001-Remove_Analytics.patch"; #Remove analytics
+
+enterAndClear "packages/apps/Settings";
+#patch -p1 < "$DOS_PATCHES/android_packages_apps_Settings/0001-Captive_Portal_Toggle.patch"; #Add option to disable captive portal checks, credit @MSe1969
+sed -i 's/private int mPasswordMaxLength = 16;/private int mPasswordMaxLength = 48;/' src/com/android/settings/password/ChooseLockPassword.java; #Increase max password length
+sed -i 's/if (isFullDiskEncrypted()) {/if (false) {/' src/com/android/settings/accessibility/*AccessibilityService*.java; #Never disable secure start-up when enabling an accessibility service
+if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then sed -i 's/GSETTINGS_PROVIDER = "com.google.settings";/GSETTINGS_PROVIDER = "com.google.oQuae4av";/' src/com/android/settings/PrivacySettings.java; fi; #microG doesn't support Backup, hide the options
+
+enterAndClear "packages/apps/SetupWizard";
+patch -p1 < "$DOS_PATCHES/android_packages_apps_SetupWizard/0001-Remove_Analytics.patch"; #Remove analytics
+
+enterAndClear "packages/apps/Updater";
+patch -p1 < "$DOS_PATCHES_COMMON/android_packages_apps_Updater/0001-Server.patch"; #Switch to our server
+patch -p1 < "$DOS_PATCHES/android_packages_apps_Updater/0002-Tor_Support.patch"; #Add Tor support
+#TODO: Remove changelog
+
+enterAndClear "packages/apps/WallpaperPicker";
+#TODO: Add back wallpapers
+sed -i 's/req.touchEnabled = touchEnabled;/req.touchEnabled = true;/' src/com/android/wallpaperpicker/WallpaperCropActivity.java; #Allow scrolling
+sed -i 's/mCropView.setTouchEnabled(req.touchEnabled);/mCropView.setTouchEnabled(true);/' src/com/android/wallpaperpicker/WallpaperCropActivity.java;
+sed -i 's/WallpaperUtils.EXTRA_WALLPAPER_OFFSET, 0);/WallpaperUtils.EXTRA_WALLPAPER_OFFSET, 0.5f);/' src/com/android/wallpaperpicker/WallpaperPickerActivity.java; #Center aligned by default
+
+enterAndClear "packages/inputmethods/LatinIME";
+patch -p1 < "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voice.patch"; #Remove voice input key
+
+enterAndClear "packages/services/Telephony";
+patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch";
+patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
+
+enterAndClear "system/core";
+if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
+git revert b3609d82999d23634c5e6db706a3ecbc5348309a; #Always update recovery
+patch -p1 < "$DOS_PATCHES/android_system_core/0001-Harden_Mounts.patch"; #Harden mounts with nodev/noexec/nosuid (CopperheadOS-13.0)
+
+enterAndClear "system/sepolicy";
+patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch"; #Fix -user builds for LGE devices
+
+enterAndClear "vendor/lineage";
+rm -rf overlay/common/lineage-sdk/packages/LineageSettingsProvider/res/values/defaults.xml; #Remove analytics
+if [ "$DOS_HOSTS_BLOCKING" = true ]; then awk -i inplace '!/50-lineage.sh/' config/common.mk; fi; #Make sure our hosts is always used
+awk -i inplace '!/PRODUCT_EXTRA_RECOVERY_KEYS/' config/common.mk; #Remove extra keys
+awk -i inplace '!/security\/lineage/' config/common.mk; #Remove extra keys
+awk -i inplace '!/WeatherProvider/' config/common.mk;
+if [ "$DOS_DEBLOBBER_REMOVE_AUDIOFX" = true ]; then awk -i inplace '!/AudioFX/' config/common.mk; fi;
+if [ "$DOS_MICROG_INCLUDED" = "NLP" ]; then sed -i '/Google provider/!b;n;s/com.google.android.gms/org.microg.nlp/' overlay/common/frameworks/base/core/res/res/values/config.xml; fi;
+sed -i 's/LINEAGE_BUILDTYPE := UNOFFICIAL/LINEAGE_BUILDTYPE := dos/' config/common.mk; #Change buildtype
+if [ "$DOS_NON_COMMERCIAL_USE_PATCHES" = true ]; then sed -i 's/LINEAGE_BUILDTYPE := dos/LINEAGE_BUILDTYPE := dosNC/' config/common.mk; fi;
+echo 'include vendor/divested/divestos.mk' >> config/common.mk; #Include our customizations
+
+enter "vendor/divested";
+if [ "$DOS_MICROG_INCLUDED" = "FULL" ]; then echo "PRODUCT_PACKAGES += GmsCore GsfProxy FakeStore" >> packages.mk; fi;
+if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_BLOCKING_APP" >> packages.mk; fi;
+#
+#END OF ROM CHANGES
+#
+
+#
+#START OF DEVICE CHANGES
+#
+enterAndClear "device/oppo/msm8974-common";
+sed -i "s/TZ.BF.2.0-2.0.0134/TZ.BF.2.0-2.0.0134|TZ.BF.2.0-2.0.0137/" board-info.txt; #Suport new TZ firmware https://review.lineageos.org/#/c/178999/
+
+enter "vendor/google";
+echo "" > atv/atv-common.mk;
+
+#Make changes to all devices
+cd "$DOS_BUILD_BASE";
+if [ "$DOS_LOWRAM_ENABLED" = true ]; then find "device" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'enableLowRam "$0"' {} \;; fi;
+find "hardware/qcom/gps" -name "gps\.conf" -type f -exec bash -c 'hardenLocationConf "$0"' {} \;;
+find "device" -name "gps\.conf" -type f -exec bash -c 'hardenLocationConf "$0"' {} \;;
+find "device" -type d -name "overlay" -exec bash -c 'hardenLocationFWB "$0"' {} \;;
+find "device" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'enableDexPreOpt "$0"' {} \;;
+find "device" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'hardenUserdata "$0"' {} \;;
+if [ "$DOS_STRONG_ENCRYPTION_ENABLED" = true ]; then find "device" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'enableStrongEncryption "$0"' {} \;; fi;
+find "kernel" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'hardenDefconfig "$0"' {} \;;
+cd "$DOS_BUILD_BASE";
+
+#Fix broken options enabled by hardenDefconfig()
+sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile
+#
+#END OF DEVICE CHANGES
+#
diff --git a/Scripts/LineageOS-16.0/Rebrand.sh b/Scripts/LineageOS-16.0/Rebrand.sh
new file mode 100644
index 00000000..fd6d7e45
--- /dev/null
+++ b/Scripts/LineageOS-16.0/Rebrand.sh
@@ -0,0 +1,62 @@
+#!/bin/bash
+#DivestOS: A privacy oriented Android distribution
+#Copyright (c) 2017-2018 Divested Computing, Inc.
+#
+#This program is free software: you can redistribute it and/or modify
+#it under the terms of the GNU General Public License as published by
+#the Free Software Foundation, either version 3 of the License, or
+#(at your option) any later version.
+#
+#This program is distributed in the hope that it will be useful,
+#but WITHOUT ANY WARRANTY; without even the implied warranty of
+#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#GNU General Public License for more details.
+#
+#You should have received a copy of the GNU General Public License
+#along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+#Updates select user facing strings
+#Last verified: 2019-03-04
+
+echo "Rebranding...";
+
+enter "bootable/recovery";
+sed -i 's|Android Recovery|'"$DOS_BRANDING_NAME"' Recovery|' ./*_ui.cpp;
+
+enter "build/make";
+sed -i 's|echo "ro.build.user=$USER"|echo "ro.build.user=emy"|' tools/buildinfo.sh; #Override build user
+sed -i 's|echo "ro.build.host=`hostname`"|echo "ro.build.host=dosbm"|' tools/buildinfo.sh; #Override build host
+
+enter "frameworks/base";
+generateBootAnimationMask "$DOS_BRANDING_NAME" "$DOS_BRANDING_BOOTANIMATION_FONT" core/res/assets/images/android-logo-mask.png;
+generateBootAnimationShine "$DOS_BRANDING_BOOTANIMATION_COLOR" "$DOS_BRANDING_BOOTANIMATION_STYLE" core/res/assets/images/android-logo-shine.png;
+
+enter "lineage-sdk";
+sed -i '/.*lineage_version/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml;
+sed -i '/.*lineage_updates/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml;
+sed -i '/.*lineageos_system_label/s/LineageOS/'"$DOS_BRANDING_NAME"'/' lineage/res/res/values*/strings.xml;
+
+enter "packages/apps/LineageParts";
+sed -i '/.*trust_feature_security_patches_explain/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml;
+
+enter "packages/apps/Settings";
+sed -i '/.*lineagelicense_title/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/cm_strings.xml;
+
+enter "packages/apps/SetupWizard";
+sed -i 's|http://lineageos.org/legal|'"$DOS_BRANDING_LINK_PRIVACY"'|' src/org/lineageos/setupwizard/LineageSettingsActivity.java;
+sed -i '/.*setup_services/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml;
+sed -i '/.*services_explanation/s/LineageOS/'"$DOS_BRANDING_NAME"'/' res/values*/strings.xml;
+
+enter "packages/apps/Updater";
+sed -i 's|0OTA_SERVER_CLEARNET0|'"$DOS_BRANDING_SERVER_OTA"'|' src/org/lineageos/updater/misc/Utils.java;
+sed -i 's|0OTA_SERVER_ONION0|'"$DOS_BRANDING_SERVER_OTA_ONION"'|' src/org/lineageos/updater/misc/Utils.java;
+sed -i 's|>LineageOS|>'"$DOS_BRANDING_NAME"'|' res/values*/strings.xml;
+
+enter "vendor/lineage";
+sed -i 's|https://lineageos.org/legal|'"$DOS_BRANDING_LINK_ABOUT"'|' build/core/main_version.mk
+sed -i '/.*ZIPPATH=/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' build/envsetup.sh;
+sed -i '/LINEAGE_TARGET_PACKAGE/s/lineage/'"$DOS_BRANDING_ZIP_PREFIX"'/' build/tasks/bacon.mk;
+rm -rf bootanimation;
+
+cd "$DOS_BUILD_BASE";
+echo "Rebranding complete!";
diff --git a/Scripts/init.sh b/Scripts/init.sh
index 63aa5cb4..5334d6fc 100644
--- a/Scripts/init.sh
+++ b/Scripts/init.sh
@@ -44,7 +44,7 @@ export DOS_HOSTS_BLOCKING_APP="DNS66"; #App installed when built-in blocking is
 export DOS_HOSTS_BLOCKING_LIST="https://divestos.xyz/hosts"; #Must be in the format "127.0.0.1 bad.domain.tld"
 export DOS_OVERCLOCKS_ENABLED=false; #Switch to false to disable overclocks #XXX: Most devices have their processors directly under their RAM, heatsinking is mostly into the ground plane, potentially inflicting damage to RAM and the processor itself
 export DOS_LOWRAM_ENABLED=false; #Switch to true to enable low_ram on all devices
-export DOS_STRONG_ENCRYPTION_ENABLED=false; #Switch to true to enable AES-256bit encryption XXX: THIS WILL **DESTROY** EXISTING INSTALLS!
+export DOS_STRONG_ENCRYPTION_ENABLED=false; #Switch to true to enable AES-256bit encryption on 14.1+15.1 XXX: THIS WILL **DESTROY** EXISTING INSTALLS!
 export DOS_NON_COMMERCIAL_USE_PATCHES=false; #Switch to false to prevent inclusion of non-commercial use patches XXX: Unused, see 1dc9247
 
 export DOS_BRANDING_NAME="DivestOS";