[BUG-BOUNTY][MTK6753] ALLDOCUBE POWER M3 - No Network/Signal Issue on ALL GSI ROMs

[dumle11]

Hi guys,

I have an issue, with No Network/Service, as soon as I flash custom GSI ROM.

If I flash back to Stock 8.1, everything is working again. Whenever I flash any GSI ROM, for example AOSP 9 (also tried building from source and then flashing), I can see 2 IMEIs but the tablet cannot register with the network.

I don't know if this is related, but In APN settings it automatically has Vodafone (Vodafone IE, Vodafone MISP - which I cannot remove or edit and Vodafone IE-MMS), while I use Postmobile SIM (also tried 3 Ireland SIM) - also tried adding Postmobile APN manually and switching to it.

I also had to patch/mod my stock boot.img, otherwise Tablet doesn't boot with custom rom (goes to bootloop).

Device: ALLDOCUBE Power M3 (MTK6753) Baseband version: MOLY.LR9.W1444.MD.LWTG.MP.V188,MOLY.LR9.W1444.MD.LWTH.MP.V188 Kernel Version: 3.18.79+ #6 Mon Dec 10 20:53:54 CST 2018 ROM: AOSP 9.0 v110 (Tested both release and self-compiled from source) TWRP: M3.TWRP.3.2.1.x64.oreo.8.1.img (tried also stock recovery, could this be my issue?) Sim/Network: Tested on Postmobile Ireland and 3 Ireland Steps I did to flash:

1. Flash boot and system through fastboot (unlocked bootloader).
2. Tried clean wipe of data, cache, dalvik, system then flash through bootloader and boot up.
3. I made Recovery ZIP and tried installing through TWRP, but same problem with phone.

logcat -b all: logcat.txt

shell mount: mount.txt

Let me know if you need anything else or have any idea what could possibly fix this problem.

[BUG BOUNTY] For anyone who is able to help me fix this problem / Find a solution: TOTAL : €20.00

[dumle11]

I have added bounty to this bug as it is very important for us to have a GSI ROM with Phone functional (Network with Mobile).

[bigrammy]

I have added bounty to this bug as it is very important for us to have a GSI ROM with Phone functional (Network with Mobile). Just to be clear on this you get No Signal bars showing at all??

I have tried to explain this before. see this tool here https://forum.xda-developers.com/android/software/universal-dm-verity-forceencrypt-t3817389 Then Check and Modify all fstab's to read the same in vendor/etc, /nvdata, maybe /nvram too as the tool will likely miss those.

To start with leave your /data to be encrypted!! as muxreport does a getprop to check that before it starts the radio.

[dumle11]

I have added bounty to this bug as it is very important for us to have a GSI ROM with Phone functional (Network with Mobile). Just to be clear on this you get No Signal bars showing at all??

I have tried to explain this before. see this tool here https://forum.xda-developers.com/android/software/universal-dm-verity-forceencrypt-t3817389 Then Check and Modify all fstab's to read the same in vendor/etc, /nvdata, maybe /nvram too as the tool will likely miss those.

To start with leave your /data to be encrypted!! as muxreport does a getprop to check that before it starts the radio.

Thanks for the reply. I will try that later on today.

I also forgot to mention that I was patching my 8.1 stock boot.img using ClassyKitchen - Remove DM-Verity / ForceEncryption - but maybe it missed something.

[bigrammy]

Thanks for the reply. I will try that later on today.

I also forgot to mention that I was patching my 8.1 stock boot.img using ClassyKitchen - Remove DM-Verity / ForceEncryption - but maybe it missed something.

For me most kitchen's seem to break the boot.img's although not used that one as I tend to do most stuff myself nowadays. boot to TWRP Format Data Reboot Recovery Flash the verity .zip using said tool Then install magisk Then boot to system and use a root file explorer to find any .fstb files possibly in /nvram /nvdata and maybe even /protect f /protect s or oem partitions Then edit any found accordingly (Remove only verify) safe all and reboot and hopefully you should have your signal now. Be sure to remain encrypted until you get all working then try google to see if there is some way to get around that but the best solution is to build a working TWRP that can handle the encryption side of things. good luck BTW no need to offer any bounty's :1st_place_medal:

[dumle11]

I think I am doing something wrong here. Sorry, if it is something simple/stupid.

I boot to TWRP, format data, reboot recovery, adb sideload of:

• Disable_Dm-Verity_ForceEncrypt_02.04.2019.zip and also tried Disable_Dm-Verity.zip and then:
• Magisk-v18.1.zip,

Reboot and I am ending up in a bootloop (1st boot img, tablet restarts). No errors during sideload.

[bigrammy]

Do not disable ForceEncrypt. The .zip should named Disable_Dm-Verity_02.04.2019.zip

Also try use SuperSU instead of Magisk. I seem to remember I had to use a older version of Magisk for the same reason so I will have a look for it and let you know when I find it. (I thought that would be fixed by now as I did report it)

[phhusson]

For debugging, please use stock unmodified boot.img no encrypt patch, no magisk, no supersu, nothing. If you really need to, use a dm-verity patch, but nothing else.

[bigrammy]

@phhusson He needs to first edit the hidden .fastb's device side /vendor /nvdata and maybe else where or it will fail the system verify checks and refuse to boot the GSI. After those are edited I agree nothing else should need be done.

[phhusson]

That's not supposed to happen I've never seen a device where such a hack is needed. (and I have 15 devices)

[bigrammy]

It's Like that on the Nokia 3 and I had the same exact issue's "no radio signal" till I figured it out. The .fstab in /nvram was simply replacing the one in /vendor/etc at boot time. Also as said running unencrypted cause "muxreport" not to start the modem. This is all dependent on OEM implementation of course so may not be the same for everyone.

[dumle11]

After flashing "Disable_Dm-Verity_02.04.2019.zip", goes back to bootloop.

Here is adb sideload log:

- Mounting /system, /vendor
- Target image: /dev/block/mmcblk-p7
- Boot image is signed with AVB 1.0
- Creating modifying .magisk and .supersu files...
- Unpacking boot image
- Disabling selections in vendor fstabs...
- Patching: /system/vendor/etc/fstab.mt6735
- Patching ramdisk
- Repacking boot image
- Flashing new boot image
- Sign image with test keys
- Unmounting partitions
- Done

I have tried with both clear cache/dalvik and without it.

[phhusson]

please get me /proc/last_kmsg

Le mar. 5 mars 2019 à 15:36, dumle11 notifications@github.com a écrit :

After flashing "Disable_Dm-Verity_02.04.2019.zip", goes back to bootloop.

Here is adb sideload log:

• Mountying /system, /vendor
• Target image: /dev/block/mmcblk-p7
• Boot image is signed with AVB 1.0
• Creating modifying .magisk and .supersu files...
• Unpacking boot image
• Disabling selections in vendor fstabs...
• Patching: /system/vendor/etc/fstab.mt6735
• Patching ramdisk
• Repacking boot image
• Flashing new boot image
• Sign image with test keys
• Unmounting partitions
• Done

I have tried with both clear cache/dalvik and without it.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/phhusson/treble_experimentations/issues/419#issuecomment-469702551, or mute the thread https://github.com/notifications/unsubscribe-auth/AAAOOtOUm14wKXFxev-V83FpKP_MucBnks5vToDRgaJpZM4bb9Ov .

[bigrammy]

After flashing "Disable_Dm-Verity_02.04.2019.zip", goes back to bootloop. I have tried with both clear cache/dalvik and without it.

Try flash this V16 Magisk https://mega.nz/#!eBBnkKzZ!_jtIndDIlYr8APhA7XjYy-qyO83tA_5PhGVD7w97kR0

Follow the instructions I posted here without variation. https://github.com/phhusson/treble_experimentations/issues/419#issuecomment-469602570

PS: on first boot it should reboot then leave it alone for 10mins to boot up if you do not see it reboot once you may need to force power off then restart and it should be fine.

[phhusson]

The .fstab in /nvram was simply replacing the one in /vendor/etc at boot time.

And? What's wrong with the fstab in nvram?

Also as said running unencrypted cause "muxreport" not to start the modem.

Yeah that's why I said stock unmodified boot.img.

[bigrammy]

The .fstab in /nvram was simply replacing the one in /vendor/etc at boot time. And? What's wrong with the fstab in nvram?

Also as said running unencrypted cause "muxreport" not to start the modem. Yeah that's why I said stock unmodified boot.img.

It's got the system verity flag on it still.

[phhusson]

It's got the system verity flag on it still.

Hum ok. So, can I get /proc/last_kmsg when booting without no-verity?

[dumle11]

/proc/last_kmsg

Went back to stock rom with SP Flash Tool (Format all + download), Recovered IMEI with SN Writer, flashed AOSP release, boot (on first boot Android restarts). Here is last_kmsg (after successful boot to AOSP with stock boot.img):

last_kmsg.txt

[bigrammy]

Went back to stock rom with SP Flash Tool (Format all + download), Recovered IMEI with SN Writer, flashed AOSP release, boot (on first boot Android restarts). Here is last_kmsg (after successful boot to AOSP with stock boot.img):

(Format all + download) is a bit extreme but at least you know how to recover it. BTW my instruction were ment to be carried out while on full stock. So I take it you still have no signal?

[dumle11]

Went back to stock rom with SP Flash Tool (Format all + download), Recovered IMEI with SN Writer, flashed AOSP release, boot (on first boot Android restarts). Here is last_kmsg (after successful boot to AOSP with stock boot.img):

(Format all + download) is a bit extreme but at least you know how to recover it. BTW my instruction were ment to be carried out while on full stock. So I take it you still have no signal?

Oh, I was trying this out on GSI. I'll try it again now on stock rom and will let you know how it went. Should I flash the GSI after I patch all fstab and then reboot? In stock rom (after flashing with sp flash tool) I have Network, no IMEI until I recover with SN Writer - then everything works.

[bigrammy]

Oh, I was trying this out on GSI. I'll try it again now on stock rom and will let you know how it went. Should I flash the GSI after I patch all fstab and then reboot? In stock rom (after flashing with sp flash tool) I have Network, no IMEI until I recover with SN Writer - then everything works.

I never use (Format all + download) unless the device is bricked. Download or Firmware Upgrade is all that ever normally needed. Yes make the changes on stock once all is good and working on stock then flash the GSI.

[bigrammy]

@phhusson is hw_status: 2 at the top of the last_kmsg a tamper flag?

[dumle11]

Oh, I was trying this out on GSI. I'll try it again now on stock rom and will let you know how it went. Should I flash the GSI after I patch all fstab and then reboot? In stock rom (after flashing with sp flash tool) I have Network, no IMEI until I recover with SN Writer - then everything works.

I never use (Format all + download) unless the device is bricked. Download or Firmware Upgrade is all that ever normally needed. Yes make the changes on stock once all is good and working on stock then flash the GSI.

Same problem on stock rom. Tried Magisk 16 that you have provided after flashing Disable_Dm-Verity.zip. Then I reboot system and goes to a bootloop.

[bigrammy]

Hmm, I am at a loss unless they built the boot.img using mtk kernel headers which Magisk seems to have a issue with. Upload the stock boot.img and link it so I can take a look when I can some free time.

[dumle11]

Here is a archive with boot.img and boot-verified.img from Stock ROM: Y5352.CUBE.T1001.MID.2+32.Neutral.8.1.V01.01.20190116user

https://mega.nz/#!sFsngSLY!pzSa3LoiM8eCQXQ1r53yhKxVP993kzP9Uss9PXQKLiU

Let me know if the whole ROM would be any helpful and again big Thank You for trying to help me out. I really appreciate it!

Edit: I was able to flash Magisk 16 (but without flashing dm-verity). I'll try edit those files now - If I don't need dm-verity?

[dumle11]

On Stock ROM now I flashed Magisk 16, Then booted to system, copied over /vendor/etc/fstab.mt6735 and /vendor/nvdata/fstab.mt6735 to my linux box to edit them (I used wxHexEditor) - remove "verify". Then replaced the files with now patched, flashed GSI and again "No Service".

Is it possible I have missied some fstab files? I only found 2 so far, that have "verify" in them. The OEM folder is empty (do I have to mount it as rw like vendor?)

adb shell output:

phhgsi_arm64_a:/vendor # find . -name "*fstab*"
./etc/fstab.mt6735
./nvdata/fstab.mt6735

`

[bigrammy]

Let me know if the whole ROM would be any helpful and again big Thank You for trying to help me out. I really appreciate it!

Unpacked and verify removed from system and vendor then repacked no other mods. flash and see if they boot or flash Magisk V16 and see https://mega.nz/#!WIISRaTa!VP5IoU7cp1NM4U_1BIHbzms25eP3Gah8YRz4wLDKxC4

[dumle11]

Let me know if the whole ROM would be any helpful and again big Thank You for trying to help me out. I really appreciate it!

Unpacked and verify removed from system and vendor then repacked no other mods. flash and see if they boot or flash Magisk V16 and see https://mega.nz/#!WIISRaTa!VP5IoU7cp1NM4U_1BIHbzms25eP3Gah8YRz4wLDKxC4

After flashing both verified boot.img and boot.img provided by you, I get black screen/tablet is not respoding to anything, no boot logo, no fastboot/recovery, just pure black. Only way to get it back is with SP Flash Tool.

[bigrammy]

Hmmm Sorry about that It's almost like your bootloader is locked :( Sorry I can't do anymore really without the devices in my hands. I hope you manage to work it all out. You can get me xda developers@bigrammy if you need anything else

[dumle11]

Hmmm Sorry about that It's almost like your bootloader is locked :( Sorry I can't do anymore really without the devices in my hands. I hope you manage to work it all out. You can get me xda developers@bigrammy if you need anything else

I'll try again tomorrow. Thanks a milion for all the help and time man. I will let you know how I managed.

[morfii83]

The bootloader can be unlocked using the ADBrun program. On his phone mtk 6753 unlocked this program. We have the same problems with GSI. But only there is no incoming call

[dumle11]

ADBrun

I don't understand what you mean here.

Is there some other way/special requirements to unlock bootloader on this device? What I did, was went to Settings -> Developer Options -> OEM Unlocking. Then went to fastboot and did fastboot oem unlock. After that, I get success message and then on tablet restart it says the tablet is unlocked and it is in Orange State. I can then flash any system/boot image through fastboot, if I don't unlock it that way, only SP Flash Tool works.

[morfii83]

Meant via fastboot

[bigrammy]

I don't understand what you mean here.

Is there some other way/special requirements to unlock bootloader on this device? What I did, was went to Settings -> Developer Options -> OEM Unlocking. Then went to fastboot and did fastboot oem unlock. After that, I get success message and then on tablet restart it says the tablet is unlocked and it is in Orange State. I can then flash any system/boot image through fastboot, if I don't unlock it that way, only SP Flash Tool works.

I thought I would take another look at your problem. The boot "init" looks for and reads the fstab in these places. fstab.dt (encoded in the boot.img it's self dtb and ,verify flags removed by me already) /fstab.xxxx (In the root of the ramdisk but this does not exist I already checked) Pull all existing fstab's below and edit them to remove ,verify only for now. /etc/recovery.fstab (If this on your device check it and do as below) /odm/etc/fstab.xxxxx (If this on your device check it and do as below) /vendor/etc/fstab (This will exist so remove this ,verify note the comma needs to go too) /nvdata/fstab.xxxxx (This will exist so remove this ,verify note the comma needs to go too)

Now using SPFlashtool flash your entire stock ROM in Firmware Upgrade mode but replace your stock recovery with TWRP. When the flash is complete boot straight to TWRP/recovery swipe to allow and copy your modified fstab's back to their respective places. (Note the /nvdata fstab should not exist now so no need to flash it as it will be re-populated on boot with the one in /vendor, /odm and or recovery.fstab) Now that's done flash Magisk and the stock recovery.img now reboot to system Hopefully Orange state warning will be gone and your cell signal stays on. If all is good try flash twrp with dd and reboot to see if the Orange state message returns if it does not your good to go if it does check the signal if it's still on you should be OK to proceed. Now you can try get treble working with the mediatek ril but I suspect you will the same issues as others do. Boot.img's here: https://mega.nz/#!HdBhxKrD!bhid4ztqpzp92Si8iwfxLDwnULLOc2URpBT83XEL8-w

[dumle11]

I don't understand what you mean here. Is there some other way/special requirements to unlock bootloader on this device? What I did, was went to Settings -> Developer Options -> OEM Unlocking. Then went to fastboot and did fastboot oem unlock. After that, I get success message and then on tablet restart it says the tablet is unlocked and it is in Orange State. I can then flash any system/boot image through fastboot, if I don't unlock it that way, only SP Flash Tool works.

I thought I would take another look at your problem. The boot "init" looks for and reads the fstab in these places. fstab.dt (encoded in the boot.img it's self dtb and ,verify flags removed by me already) /fstab.xxxx (In the root of the ramdisk but this does not exist I already checked) Pull all existing fstab's below and edit them to remove ,verify only for now. /etc/recovery.fstab (If this on your device check it and do as below) /odm/etc/fstab.xxxxx (If this on your device check it and do as below) /vendor/etc/fstab (This will exist so remove this ,verify note the comma needs to go too) /nvdata/fstab.xxxxx (This will exist so remove this ,verify note the comma needs to go too)

Now using SPFlashtool flash your entire stock ROM in Firmware Upgrade mode but replace your stock recovery with TWRP. When the flash is complete boot straight to TWRP/recovery swipe to allow and copy your modified fstab's back to their respective places. (Note the /nvdata fstab should not exist now so no need to flash it as it will be re-populated on boot with the one in /vendor, /odm and or recovery.fstab) Now that's done flash Magisk and the stock recovery.img now reboot to system Hopefully Orange state warning will be gone and your cell signal stays on. If all is good try flash twrp with dd and reboot to see if the Orange state message returns if it does not your good to go if it does check the signal if it's still on you should be OK to proceed. Now you can try get treble working with the mediatek ril but I suspect you will the same issues as others do. Boot.img's here: https://mega.nz/#!HdBhxKrD!bhid4ztqpzp92Si8iwfxLDwnULLOc2URpBT83XEL8-w

Hello again. Didn't think there would be anyone coming back with more solutions/suggestions, so I am positively surprised that you are still trying. Thank you, means a lot!

To be honest, we have currently moved away from the AOSP as time is/was key. I will try to come back to this ROM and have a look at your suggested solution soon, if we don't solve our last problem.

Since the connectivity issues with this rom, I have started modifying stock rom that we have for our tablet. Most of the things I can get done easly, but I am stuck again with another issue. Maybe you would be available for a chat one of the days if you wouldn't mind?

[bigrammy]

Hello again. Didn't think there would be anyone coming back with more solutions/suggestions, so I am positively surprised that you are still trying. Thank you, means a lot!

To be honest, we have currently moved away from the AOSP as time is/was key. I will try to come back to this ROM and have a look at your suggested solution soon, if we don't solve our last problem.

Since the connectivity issues with this rom, I have started modifying stock rom that we have for our tablet. Most of the things I can get done easly, but I am stuck again with another issue. Maybe you would be available for a chat one of the days if you wouldn't mind? Sure no problem I work shifts so maybe patchy help wise. Are you on xda with this device if not I recommend you start a thread there so others can help out too?? I just googled your device and it says it's Android 7.0 did they update it to 8.0 + or give you the kernel source? They may still be using the older baseband scheme if that's the case which will explains a lot.

[dumle11]

Sure no problem I work shifts so maybe patchy help wise. Are you on xda with this device if not I recommend you start a thread there so others can help out too?? I just googled your device and it says it's Android 7.0 did they update it to 8.0 + or give you the kernel source? They may still be using the older baseband scheme if that's the case which will explains a lot.

This ROM build is part of my job at the moment, so I am flexible with time through the day. I have an account on xda (dMe1337 - forgot my old one), but never use it to post (usually I google or solve the problem by myself).

We have number of batches of this tablet. Some of them came originally with Android 7, while some with different builds of Android 8.1.

Throughout the past few months, I was able to collect 4 stock ROMs (1 Android 7, 3 Android 8.1).

I do not have the kernel source for this device, but was thinking about compiling some customs' ROM kernel, that is targeted at MTK6753 (Also found the ProjectConfig.mk in the vendor partition, but didn't try to use it).

We would stick with the stock rom, but there are number of problems that I am trying to fix.

I am attaching a file with the partitions list on the 8.1 build: dev-block.txt

[bigrammy]

OK. Have you got any thing set up on github or any other place to share and discuss things as this thread is not really appropriate for general stuff. You can pm me on xda I will send you one so you can reply there. At work all day today though through to 8pm UK time

[morfii83]

bigrammy Hello tell me what you did with boot.img. I have the same problem with this processor