diff --git a/Patches/Common/android_vendor_divested/overlay/common/frameworks/base/core/res/res/values/config.xml b/Patches/Common/android_vendor_divested/overlay/common/frameworks/base/core/res/res/values/config.xml
index 8b7bb1f0..06d0b933 100644
--- a/Patches/Common/android_vendor_divested/overlay/common/frameworks/base/core/res/res/values/config.xml
+++ b/Patches/Common/android_vendor_divested/overlay/common/frameworks/base/core/res/res/values/config.xml
@@ -246,4 +246,7 @@
     <!-- Boolean indicating whether or not wifi firmware debugging is enabled -->
     <bool translatable="false" name="config_wifi_enable_wifi_firmware_debugging">false</bool>
 
+    <!-- Flag indicating whether we should enable smart battery. -->
+    <bool name="config_smart_battery_available">true</bool>
+
 </resources>
diff --git a/Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch b/Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch
index 470dec5e..c746cc42 100644
--- a/Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch
+++ b/Patches/LineageOS-16.0/android_system_sepolicy/0001-LGE_Fixes.patch
@@ -16,8 +16,8 @@ index 883048fb..d0a9def1 100644
  # No domains other than install_recovery or recovery can write to recovery.
  neverallow { domain -install_recovery -recovery } recovery_block_device:blk_file { write append };
  
-++# Select devices have policies prevented by the following neverallow
-++attribute misc_block_device_exception;
++# Select devices have policies prevented by the following neverallow
++attribute misc_block_device_exception;
 +
  # No domains other than a select few can access the misc_block_device. This
  # block device is reserved for OTA use.
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
index c11cd9d3..627454aa 100644
--- a/Scripts/LineageOS-16.0/Functions.sh
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -48,12 +48,12 @@ export -f buildDeviceDebug;
 
 buildAll() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanWorkspaceForMalware; fi;
-	#userdebug because 16.0 is littered with neverallows
+	#devices using legacy qcom sepolicy must be userdebug due to neverallows
 	brunch lineage_mako-userdebug;
 	brunch lineage_bacon-userdebug;
-	brunch lineage_griffin-userdebug;
+	brunch lineage_griffin-user;
 	brunch lineage_klte-userdebug;
-	brunch lineage_shamu-userdebug; #broken - needs synced proprietary-files.txt
+	brunch lineage_shamu-user; #broken - needs synced proprietary-files.txt
 }
 export -f buildAll;
 
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index 74a39a39..5382d442 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -169,6 +169,7 @@ if [ "$DOS_HOSTS_BLOCKING" = false ]; then echo "PRODUCT_PACKAGES += $DOS_HOSTS_
 #
 enterAndClear "device/lge/mako";
 echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot
+awk -i inplace '!/TARGET_RELEASETOOLS_EXTENSIONS/' BoardConfig.mk;
 
 enterAndClear "device/oneplus/bacon";
 sed -i 's/android.hardware.nfc@1.0-impl/android.hardware.nfc@1.0-impl.so/' device-proprietary-files.txt;
@@ -192,6 +193,7 @@ find "kernel" -maxdepth 2 -mindepth 2 -type d -exec bash -c 'hardenDefconfig "$0
 cd "$DOS_BUILD_BASE";
 
 #Fix broken options enabled by hardenDefconfig()
+sed -i "s/CONFIG_DEBUG_RODATA=y/# CONFIG_DEBUG_RODATA is not set/" kernel/lge/mako/arch/arm/configs/lineageos_*_defconfig; #Breaks on compile
 sed -i "s/CONFIG_STRICT_MEMORY_RWX=y/# CONFIG_STRICT_MEMORY_RWX is not set/" kernel/motorola/msm8996/arch/arm64/configs/*_defconfig; #Breaks on compile
 #
 #END OF DEVICE CHANGES