From f02363ecb45b13468f34a8a88d022863313c9a2b Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Thu, 4 Mar 2021 12:55:50 -0500
Subject: [PATCH] March 2021 Security Updates

---
 Misc/Missing_CVEs.txt               | 59 ++++++++++++++---------------
 Misc/Potentially_Missed_CVEs.txt    | 21 +++++-----
 Misc/aosp-cves/cve_list-qc.txt      |  2 +-
 Misc/aosp-cves/cve_list.txt         | 35 ++++++++++++++++-
 Misc/aosp-cves/gen_cve_list-qc.sh   |  1 +
 Misc/aosp-cves/gen_cve_list.sh      |  2 +
 Patches/Linux                       |  2 +-
 PrebuiltApps                        |  2 +-
 Scripts/LineageOS-14.1/Functions.sh |  1 +
 Scripts/LineageOS-14.1/Patch.sh     |  3 ++
 Scripts/LineageOS-15.1/Functions.sh |  3 +-
 Scripts/LineageOS-15.1/Patch.sh     |  6 +++
 Scripts/LineageOS-16.0/Functions.sh |  3 +-
 Scripts/LineageOS-16.0/Patch.sh     |  9 +++++
 Scripts/LineageOS-17.1/Functions.sh |  3 +-
 Scripts/LineageOS-17.1/Patch.sh     | 16 ++++++++
 16 files changed, 120 insertions(+), 48 deletions(-)

diff --git a/Misc/Missing_CVEs.txt b/Misc/Missing_CVEs.txt
index ce003dce..a8cbc596 100644
--- a/Misc/Missing_CVEs.txt
+++ b/Misc/Missing_CVEs.txt
@@ -1,29 +1,32 @@
+Last checked 2021-03-02
+https://nvd.nist.gov/vuln/detail/CVE-2017-6247 	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2017-6248 	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2019-15126	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2019-20794	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2019-9501 	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2019-9502 	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2020-0068 	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-0220 	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-0221 	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2020-0261 	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-10708	- withdrawn
+https://nvd.nist.gov/vuln/detail/CVE-2020-10774	- not found
+https://nvd.nist.gov/vuln/detail/CVE-2020-11147	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-11148	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-11201	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2020-11202	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2020-11206	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2020-11207	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2020-11208	- vendor shenanigans
+https://nvd.nist.gov/vuln/detail/CVE-2020-11211	- not found
+https://nvd.nist.gov/vuln/detail/CVE-2020-11223	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-11277	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-11305	- not found
+https://nvd.nist.gov/vuln/detail/CVE-2020-27066	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-3623 	- no links
+https://nvd.nist.gov/vuln/detail/CVE-2020-3648 	- vendor shenanigans
+
 https://github.com/bobfuzzer/CVE
-https://nvd.nist.gov/vuln/detail/CVE-2017-6247
-https://nvd.nist.gov/vuln/detail/CVE-2017-6248
-https://nvd.nist.gov/vuln/detail/CVE-2019-12881
-https://nvd.nist.gov/vuln/detail/CVE-2019-15126
-https://nvd.nist.gov/vuln/detail/CVE-2019-20794
-https://nvd.nist.gov/vuln/detail/CVE-2019-9501
-https://nvd.nist.gov/vuln/detail/CVE-2019-9502
-https://nvd.nist.gov/vuln/detail/CVE-2020-0068
-https://nvd.nist.gov/vuln/detail/CVE-2020-0220
-https://nvd.nist.gov/vuln/detail/CVE-2020-0221
-https://nvd.nist.gov/vuln/detail/CVE-2020-0261
-https://nvd.nist.gov/vuln/detail/CVE-2020-10708
-https://nvd.nist.gov/vuln/detail/CVE-2020-10774
-https://nvd.nist.gov/vuln/detail/CVE-2020-11201
-https://nvd.nist.gov/vuln/detail/CVE-2020-11202
-https://nvd.nist.gov/vuln/detail/CVE-2020-11206
-https://nvd.nist.gov/vuln/detail/CVE-2020-11207
-https://nvd.nist.gov/vuln/detail/CVE-2020-11208
-https://nvd.nist.gov/vuln/detail/CVE-2020-11211
-https://nvd.nist.gov/vuln/detail/CVE-2020-3623
-https://nvd.nist.gov/vuln/detail/CVE-2020-3648
-https://nvd.nist.gov/vuln/detail/CVE-2020-25639
-https://nvd.nist.gov/vuln/detail/CVE-2020-27066
-https://nvd.nist.gov/vuln/detail/CVE-2020-11148
-https://nvd.nist.gov/vuln/detail/CVE-2020-27067
 
 andi34 cve typos
 CVE-2014-0169 -> CVE-2014-0196
@@ -32,9 +35,3 @@ CVE-2015-8492 -> CVE-2015-8942
 CVE-2016-0430 -> CVE-2017-0430
 CVE-2016-0510 -> CVE-2017-0510
 CVE-2016-0525 -> CVE-2017-0525
-
-https://nvd.nist.gov/vuln/detail/CVE-2020-3625
-https://nvd.nist.gov/vuln/detail/CVE-2020-0423
-CVE-2020-11277
-CVE-2020-11147
-CVE-2020-11223
diff --git a/Misc/Potentially_Missed_CVEs.txt b/Misc/Potentially_Missed_CVEs.txt
index 0d91ef54..4e42b19d 100644
--- a/Misc/Potentially_Missed_CVEs.txt
+++ b/Misc/Potentially_Missed_CVEs.txt
@@ -1,11 +1,12 @@
-CVE-2017-15841
-CVE-2017-18131
-CVE-2017-18157
-CVE-2017-18173
-CVE-2017-18274
-CVE-2017-18275
-CVE-2017-18276
-CVE-2017-18278
-CVE-2017-18279
+https://nvd.nist.gov/vuln/detail/CVE-2017-15841	- these are likely all vendor blobs
+https://nvd.nist.gov/vuln/detail/CVE-2017-18131
+https://nvd.nist.gov/vuln/detail/CVE-2017-18157
+https://nvd.nist.gov/vuln/detail/CVE-2017-18173
+https://nvd.nist.gov/vuln/detail/CVE-2017-18274
+https://nvd.nist.gov/vuln/detail/CVE-2017-18275
+https://nvd.nist.gov/vuln/detail/CVE-2017-18276
+https://nvd.nist.gov/vuln/detail/CVE-2017-18278
+https://nvd.nist.gov/vuln/detail/CVE-2017-18279
 
-https://source.android.com/security/bulletin/pixel/2019-09-01
+https://source.android.com/security/bulletin/pixel/2019-09-01	- lots of missing links
+https://source.android.com/security/bulletin/pixel/2021-03-01
diff --git a/Misc/aosp-cves/cve_list-qc.txt b/Misc/aosp-cves/cve_list-qc.txt
index 8bc1a3fa..c7ea6e8a 100644
--- a/Misc/aosp-cves/cve_list-qc.txt
+++ b/Misc/aosp-cves/cve_list-qc.txt
@@ -1,4 +1,4 @@
-#Last checked 2021/02/03
+#Last checked 2021/03/04
 CVE-2015-0235
 	Link - https://source.codeaurora.org/quic/le//oe/recipes/commit/?id=6025569cb2a156bb6765dc14d66cb83f46a8c338
 CVE-2015-3847
diff --git a/Misc/aosp-cves/cve_list.txt b/Misc/aosp-cves/cve_list.txt
index c781a420..3b5795d5 100644
--- a/Misc/aosp-cves/cve_list.txt
+++ b/Misc/aosp-cves/cve_list.txt
@@ -1,4 +1,4 @@
-#Last checked 2021/02/03
+#Last checked 2021/03/04
 CVE-2014-9028
 	Link - external/flac - https://android.googlesource.com/platform/external/flac/+/fe03f73d86bb415f5d5145f0de091834d89ae3a9
 	Link - external/flac - https://android.googlesource.com/platform/external/flac/+/5859ae22db0a2d16af3e3ca19d582de37daf5eb6
@@ -973,6 +973,8 @@ CVE-2017-13322
 	Link - packages/services/Telephony - https://android.googlesource.com/platform/packages/services/Telephony/+/25b3a8b0af2e479b5eaca40ec5c82a1c7971580a
 CVE-2017-13323
 	Link - system/core - https://android.googlesource.com/platform/system/core/+/8257766e842074adf0fb39ca0c9db12463fe59a2
+CVE-2017-14491
+	Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/10ba39da6b98043989b1a604f533d5b647ee7bda
 CVE-2017-14496
 	Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/ff755ca73c98a1f2706fe86996e4bf6215054834
 	Link - external/dnsmasq - https://android.googlesource.com/platform/external/dnsmasq/+/68a974de72b5091ce608815a349daaeb05cdeab5
@@ -2069,6 +2071,8 @@ CVE-2020-11167
 CVE-2020-11183
 	Link - https://source.codeaurora.org/quic/le/platform/hardware/qcom/display/commit/?id=7fd40cc33e2cbb0d20d28c73d648fb65889ad108
 	Link - https://source.codeaurora.org/quic/le/platform/hardware/qcom/display/commit/?id=593f37dcf1c6e9d1adcb2dfbfb84daaa840aab4b
+CVE-2020-11308
+	Link - https://source.codeaurora.org/quic/le/abl/tianocore/edk2/commit/?id=c468f18421e113057ba72b83edf985c53fe4705d
 CVE-2020-12856
 	Link - packages/apps/Bluetooth - https://android.googlesource.com/platform/packages/apps/Bluetooth/+/81c1c7d2d1681434413a615eea532e85fee43db0
 	Link - system/bt - https://android.googlesource.com/platform/system/bt/+/73b4e5c4ba4c0c96a26ec84564cd9653da50a26c
@@ -2240,5 +2244,34 @@ CVE-2021-0340
 CVE-2021-0341
 	Link - external/okhttp - https://android.googlesource.com/platform/external/okhttp/+/ddc934efe3ed06ce34f3724d41cfbdcd7e7358fc
 	Link - libcore - https://android.googlesource.com/platform/libcore/+/4076be9a99bad5ff7651540df976c57462c3b8ce
+CVE-2021-0390
+	Link - frameworks/opt/net/wifi - https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/23685b8604571ec623e539f4f9c66db65c9dde81
+CVE-2021-0391
+	Link - frameworks/base - https://android.googlesource.com/platform/frameworks/base/+/169f089a26b322b297e8b224e3a7274bc18a986a
+CVE-2021-0392
+	Link - system/connectivity/wificond - https://android.googlesource.com/platform/system/connectivity/wificond/+/93eaaa88bd5820b27ad7c158981c5f8e635b79c2
+CVE-2021-0393
+	Link - external/v8 - https://android.googlesource.com/platform/external/v8/+/a91d71434065cde21f480f5d92432b9a4f2f3521
+CVE-2021-0394
+	Link - art - https://android.googlesource.com/platform/art/+/1358c9faa9766fd470ab2ba002a73479ccf54154
+	Link - art - https://android.googlesource.com/platform/art/+/4b56bb8ce224408acfef7f2b2c2cee2abd938c9a
+	Link - art - https://android.googlesource.com/platform/art/+/6444277041f41294d98adac4bb585183e56587f6
+	Link - art - https://android.googlesource.com/platform/art/+/69fc841b8460943c2b2224f61585942cbc9f3f40
+	Link - art - https://android.googlesource.com/platform/art/+/7dd48b90bd0968375cba8dffa2141cc9973329f9
+	Link - art - https://android.googlesource.com/platform/art/+/8c6653177204bfd6ccf03e1b4b3b72d96e362628
+	Link - art - https://android.googlesource.com/platform/art/+/d0b940349294a363e6d578adf58db8222c425669
+	Link - art - https://android.googlesource.com/platform/art/+/ed4b3e0958d3de6a92d82abb9f81e49e84d5c673
+	Link - frameworks/native - https://android.googlesource.com/platform/frameworks/native/+/58f5cfa56d5282e69a7580dc4bb97603c409f003
+	Link - frameworks/native - https://android.googlesource.com/platform/frameworks/native/+/61d0f84881cfc1bbac513ccd156c56603a48cc90
+	Link - system/tools/hidl - https://android.googlesource.com/platform/system/tools/hidl/+/e8544d4fae9e8b7f1b31068c1bbd817c792315c7
+	Link - system/tools/hidl - https://android.googlesource.com/platform/system/tools/hidl/+/f9a784013d8b6d519e66c2bee6384ad8a713ac25
+CVE-2021-0395
+	Link - system/core - https://android.googlesource.com/platform/system/core/+/71bd926bf0cbd8d823507f341cef9b71812afa66
+CVE-2021-0396
+	Link - external/v8 - https://android.googlesource.com/platform/external/v8/+/8daf19b2c8cf7b9325b53e9b93b1eac878759f23
+CVE-2021-0397
+	Link - system/bt - https://android.googlesource.com/platform/system/bt/+/437adc1a143f22fd7792d033d1ff64a364888f44
+CVE-2021-0398
+	Link - frameworks/base - https://android.googlesource.com/platform/frameworks/base/+/86bd39db3595842bae77abe7e768226e412591c8
 CVE-0000-0000
 #The above line must be the last line
diff --git a/Misc/aosp-cves/gen_cve_list-qc.sh b/Misc/aosp-cves/gen_cve_list-qc.sh
index 577f1cf4..e96fae81 100644
--- a/Misc/aosp-cves/gen_cve_list-qc.sh
+++ b/Misc/aosp-cves/gen_cve_list-qc.sh
@@ -1,3 +1,4 @@
+java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin" >> cve_list-qc.txt
 java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin" >> cve_list-qc.txt
 java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/january-2021-bulletin" >> cve_list-qc.txt
 
diff --git a/Misc/aosp-cves/gen_cve_list.sh b/Misc/aosp-cves/gen_cve_list.sh
index 13dca2ca..13fbc99b 100644
--- a/Misc/aosp-cves/gen_cve_list.sh
+++ b/Misc/aosp-cves/gen_cve_list.sh
@@ -1,6 +1,8 @@
+java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-03-01" >> cve_list.txt
 java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-02-01" >> cve_list.txt
 java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/2021-01-01" >> cve_list.txt
 
+java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-03-01" >> cve_list.txt
 java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-02-01" >> cve_list.txt
 java -jar $DOS_BINARY_PATCHER scraper "https://source.android.com/security/bulletin/pixel/2021-01-01" >> cve_list.txt
 
diff --git a/Patches/Linux b/Patches/Linux
index 52d5acd9..8a30c3c6 160000
--- a/Patches/Linux
+++ b/Patches/Linux
@@ -1 +1 @@
-Subproject commit 52d5acd9656bc31f62e0f83c8d8edafa1ac3d68f
+Subproject commit 8a30c3c68eac84cc595f5a5a7f4fcd2eb7d795e5
diff --git a/PrebuiltApps b/PrebuiltApps
index 3ee1e182..6a941364 160000
--- a/PrebuiltApps
+++ b/PrebuiltApps
@@ -1 +1 @@
-Subproject commit 3ee1e1826d713ba204c7d51f2e4cbeade64345a1
+Subproject commit 6a941364ec6493da24247389bbf0745fb090b7d3
diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh
index cc21ddad..f93dd27b 100644
--- a/Scripts/LineageOS-14.1/Functions.sh
+++ b/Scripts/LineageOS-14.1/Functions.sh
@@ -125,6 +125,7 @@ patchWorkspace() {
 	repopick -it n_asb_09-2018-qcom; #TODO: move in tree
 	#repopick -it bt-sbc-hd-dualchannel-nougat;
 	repopick -it tzdb2021a_N;
+	repopick -it n-asb-2021-03;
 
 	export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
 
diff --git a/Scripts/LineageOS-14.1/Patch.sh b/Scripts/LineageOS-14.1/Patch.sh
index 3248db86..b05e447a 100644
--- a/Scripts/LineageOS-14.1/Patch.sh
+++ b/Scripts/LineageOS-14.1/Patch.sh
@@ -76,6 +76,9 @@ enterAndClear "device/qcom/sepolicy";
 patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/248649.patch"; #msm_irqbalance: Allow read for stats and interrupts
 patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on user builds XXX: REMOVE THIS TRASH
 
+enterAndClear "external/chromium-webview";
+git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
+
 enterAndClear "external/sqlite";
 patch -p1 < "$DOS_PATCHES/android_external_sqlite/0001-Secure_Delete.patch"; #Enable secure_delete by default (AndroidHardening-13.0)
 
diff --git a/Scripts/LineageOS-15.1/Functions.sh b/Scripts/LineageOS-15.1/Functions.sh
index a041c905..6d5d1e19 100644
--- a/Scripts/LineageOS-15.1/Functions.sh
+++ b/Scripts/LineageOS-15.1/Functions.sh
@@ -115,7 +115,8 @@ export -f buildAll;
 patchWorkspace() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
 
-	#source build/envsetup.sh;
+	source build/envsetup.sh;
+	repopick -it O_asb_2021-03;
 
 	export DOS_GRAPHENE_MALLOC=false; #patches apply, compile fails
 
diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh
index 8e6393bb..588f2f7f 100644
--- a/Scripts/LineageOS-15.1/Patch.sh
+++ b/Scripts/LineageOS-15.1/Patch.sh
@@ -78,6 +78,12 @@ git revert --no-edit c9b0d95630b82cd0ad1a0fc633c6d59c2cb8aad7 37422f7df389f3ae5a
 enterAndClear "device/qcom/sepolicy";
 patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
 
+enterAndClear "external/chromium-webview";
+git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
+
+enterAndClear "external/dnsmasq";
+git pull "https://github.com/LineageOS/android_external_dnsmasq" refs/changes/10/305010/1; #O_asb_2021-03
+
 enterAndClear "external/svox";
 git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
 
diff --git a/Scripts/LineageOS-16.0/Functions.sh b/Scripts/LineageOS-16.0/Functions.sh
index ee434405..ff408706 100644
--- a/Scripts/LineageOS-16.0/Functions.sh
+++ b/Scripts/LineageOS-16.0/Functions.sh
@@ -132,8 +132,9 @@ export -f buildAll;
 patchWorkspace() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
 
-	#source build/envsetup.sh;
+	source build/envsetup.sh;
 	#repopick -it pie-firewall;
+	repopick -it P_asb_2021-03;
 
 	source "$DOS_SCRIPTS/Patch.sh";
 	source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
diff --git a/Scripts/LineageOS-16.0/Patch.sh b/Scripts/LineageOS-16.0/Patch.sh
index 94653ba2..86e623a1 100644
--- a/Scripts/LineageOS-16.0/Patch.sh
+++ b/Scripts/LineageOS-16.0/Patch.sh
@@ -77,6 +77,12 @@ enterAndClear "device/qcom/sepolicy-legacy";
 patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
 echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices
 
+enterAndClear "external/chromium-webview";
+git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
+
+enterAndClear "external/dnsmasq";
+git pull "https://github.com/LineageOS/android_external_dnsmasq" refs/changes/00/305000/1; #P_asb_2021-03
+
 enterAndClear "external/svox";
 git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
 sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie
@@ -183,6 +189,9 @@ git revert --no-edit 99564aaf0417c9ddf7d6aeb10d326e5b24fa8f55;
 patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch";
 patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch";
 
+enterAndClear "system/connectivity/wificond";
+git pull "https://github.com/LineageOS/android_system_connectivity_wificond" refs/changes/08/305008/1; #P_asb_2021-03
+
 enterAndClear "system/core";
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert --no-edit b3609d82999d23634c5e6db706a3ecbc5348309a; #Always update recovery
diff --git a/Scripts/LineageOS-17.1/Functions.sh b/Scripts/LineageOS-17.1/Functions.sh
index 1ad9e4e9..c2c17d56 100644
--- a/Scripts/LineageOS-17.1/Functions.sh
+++ b/Scripts/LineageOS-17.1/Functions.sh
@@ -130,8 +130,9 @@ export -f buildAll;
 patchWorkspace() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
 
-	#source build/envsetup.sh;
+	source build/envsetup.sh;
 	#repopick -it ten-firewall;
+	repopick -it Q_asb_2021-03;
 
 	source "$DOS_SCRIPTS/Patch.sh";
 	source "$DOS_SCRIPTS_COMMON/Copy_Keys.sh";
diff --git a/Scripts/LineageOS-17.1/Patch.sh b/Scripts/LineageOS-17.1/Patch.sh
index 8351cd73..ca9efae2 100644
--- a/Scripts/LineageOS-17.1/Patch.sh
+++ b/Scripts/LineageOS-17.1/Patch.sh
@@ -75,12 +75,22 @@ enterAndClear "device/qcom/sepolicy-legacy";
 patch -p1 < "$DOS_PATCHES/android_device_qcom_sepolicy-legacy/0001-Camera_Fix.patch"; #Fix camera on -user builds XXX: REMOVE THIS TRASH
 echo "SELINUX_IGNORE_NEVERALLOWS := true" >> sepolicy.mk; #necessary for -user builds of legacy devices
 
+enterAndClear "external/chromium-webview";
+git pull "https://github.com/LineageOS/android_external_chromium-webview" refs/changes/30/304330/1; #update webview
+
+enterAndClear "external/dnsmasq";
+git pull "https://github.com/LineageOS/android_external_dnsmasq" refs/changes/66/304966/1; #Q_asb_2021-03
+
 enterAndClear "external/svox";
 git revert --no-edit 1419d63b4889a26d22443fd8df1f9073bf229d3d; #Add back Makefiles
 sed -i '12iLOCAL_SDK_VERSION := current' pico/Android.mk; #Fix build under Pie
 sed -i 's/about to delete/unable to delete/' pico/src/com/svox/pico/LangPackUninstaller.java;
 awk -i inplace '!/deletePackage/' pico/src/com/svox/pico/LangPackUninstaller.java;
 
+enterAndClear "external/v8";
+git pull "https://github.com/LineageOS/android_external_v8" refs/changes/70/304970/1; #Q_asb_2021-03
+git pull "https://github.com/LineageOS/android_external_v8" refs/changes/71/304971/1;
+
 enterAndClear "frameworks/av";
 if [ "$DOS_GRAPHENE_MALLOC" = true ]; then patch -p1 < "$DOS_PATCHES/android_frameworks_av/0001-HM_A2DP_Fix.patch"; fi; #(GrapheneOS)
 
@@ -183,6 +193,9 @@ patch -p1 < "$DOS_PATCHES_COMMON/android_packages_inputmethods_LatinIME/0001-Voi
 #patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0001-PREREQ_Handle_All_Modes.patch"; #XXX 17REBASE
 #patch -p1 < "$DOS_PATCHES/android_packages_services_Telephony/0002-More_Preferred_Network_Modes.patch"; #XXX 17REBASE
 
+enterAndClear "system/connectivity/wificond";
+git pull "https://github.com/LineageOS/android_system_connectivity_wificond" refs/changes/75/304975/1; #Q_asb_2021-03
+
 enterAndClear "system/core";
 if [ "$DOS_HOSTS_BLOCKING" = true ]; then cat "$DOS_HOSTS_FILE" >> rootdir/etc/hosts; fi; #Merge in our HOSTS file
 git revert --no-edit 3032c7aa5ce90c0ae9c08fe271052c6e0304a1e7 01266f589e6deaef30b782531ae14435cdd2f18e; #insanity
@@ -201,6 +214,9 @@ patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --direct
 patch -p1 < "$DOS_PATCHES/android_system_sepolicy/0001-LGE_Fixes.patch" --directory="prebuilts/api/26.0";
 awk -i inplace '!/true cannot be used in user builds/' Android.mk; #Allow ignoring neverallows under -user
 
+enterAndClear "system/tools/hidl";
+git pull "https://github.com/LineageOS/android_system_tools_hidl" refs/changes/76/304976/1; #Q_asb_2021-03
+
 enterAndClear "system/update_engine";
 git revert --no-edit c68499e3ff10f2a31f913e14f66aafb4ed94d42d; #Do not skip payload signature verification