HL7648 Android RIL Connects then Disconnects

I am trying to connect an HL7648 to an imx8m running Android 9. I am using the latest RIL drivers. I have the modem connecting to the network, getting an ip address. About 1 sec later the modem disconnects.

Here is the logcat -b radio output. Any idea of what could be causing this?

https://pastebin.com/EfVv827p

Thanks,
Mark

seems the modem has been reset, do you see any disconnect info in dmesg?

07-12 18:17:26.964 2976 3027 I use-Rlog/RLOG-AT: — AT+CGACT?
07-12 18:17:26.964 2976 3027 I use-Rlog/RLOG-AT: AT(12)> AT+CGACT?
07-12 18:17:26.967 2976 4113 I use-Rlog/RLOG-AT: AT(12)< +CGACT: 1,1
07-12 18:17:26.967 2976 4113 I use-Rlog/RLOG-AT: AT(12)< +CGACT: 2,0
07-12 18:17:26.967 2976 4113 I use-Rlog/RLOG-AT: AT(12)< OK
07-12 18:17:26.967 2976 3027 I use-Rlog/RLOG-RIL: isDataSessionActive session state: 1
07-12 18:17:26.967 2976 3027 I use-Rlog/RLOG-RIL: dhcp.wwan0.result: ok
07-12 18:17:26.967 2976 3027 I use-Rlog/RLOG-RIL: DNS Server 1: net.wwan0.dns1 FD00:976A:0:0:0:0:0:9
07-12 18:17:27.003 2976 3027 I use-Rlog/RLOG-RIL: DNS Server 2: net.wwan0.dns2 FD00:976A:0:0:0:0:0:10
07-12 18:17:27.004 2976 3027 I use-Rlog/RLOG-RIL: Gateway: net.wwan0.gw 0000:0000:0000:0000:0000:0000:0000:0000
07-12 18:17:27.005 2976 3027 I use-Rlog/RLOG-RIL: Gateway: net.wwan0.gw 0000:0000:0000:0000:0000:0000:0000:0000
07-12 18:17:27.005 2976 3027 D use-Rlog/RLOG-RIL: dns: ‘FD00:976A:0:0:0:0:0:9 FD00:976A:0:0:0:0:0:10’ gateway: ‘0000:0000:0000:0000:0000:0000:0000:0000’
07-12 18:17:27.006 2976 3027 D use-Rlog/RLOG-RIL: polldhcptask_r12 done
07-12 18:17:39.431 4186 4186 D TDC : updateOrInsert: inserting: Modem { uuid=modem, state=0, rilModel=0, rat={}, maxActiveVoiceCall=1, maxActiveDataCall=1, maxStandby=1 }
07-12 18:17:39.432 4186 4186 D TDC : updateOrInsert: inserting: Sim { uuid=sim, modemUuid=modem, state=0 }

Here is the dmesg, there is a message about the service sierra_config_ip. Could that be it?

Blockquote
[ 171.287641] usb 1-1: new high-speed USB device number 2 using ci_hdrc
[ 171.453129] usb 1-1: New USB device found, idVendor=8087, idProduct=0716
[ 171.459854] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 174.207051] usb 1-1: USB disconnect, device number 2
[ 177.395633] usb 1-1: new high-speed USB device number 3 using ci_hdrc
[ 177.578004] usb 1-1: New USB device found, idVendor=1519, idProduct=0443
[ 177.584730] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 177.592009] usb 1-1: Product: SWIMCB71XX
[ 177.595949] usb 1-1: Manufacturer: Sierra Wireless Inc.
[ 177.601280] usb 1-1: SerialNumber: 015207000216188
[ 177.687265] cdc_acm 1-1:1.0: ttyACM0: USB ACM device
[ 177.720230] cdc_acm 1-1:1.2: ttyACM1: USB ACM device
[ 177.754377] cdc_acm 1-1:1.4: ttyACM2: USB ACM device
[ 177.810676] cdc_ncm 1-1:1.6: MAC-Address: 00:00:11:12:13:14
[ 177.816473] cdc_ncm 1-1:1.6: setting rx_max = 16384
[ 177.830119] cdc_ncm 1-1:1.6 wwan0: register ‘cdc_ncm’ at usb-ci_hdrc.1-1, Mobile Broadband Network Device (NO ARP), 00:00:11:12:13:14
[ 177.905014] cdc_ncm 1-1:1.8: MAC-Address: 00:00:11:12:13:16
[ 177.910617] cdc_ncm 1-1:1.8: setting rx_max = 16384
[ 177.921527] cdc_ncm 1-1:1.8 wwan1: register ‘cdc_ncm’ at usb-ci_hdrc.1-1, Mobile Broadband Network Device (NO ARP), 00:00:11:12:13:16
[ 177.985257] cdc_ncm 1-1:1.10: MAC-Address: 00:00:11:12:13:18
[ 177.994118] cdc_ncm 1-1:1.10: setting rx_max = 16384
[ 178.004710] cdc_ncm 1-1:1.10 wwan2: register ‘cdc_ncm’ at usb-ci_hdrc.1-1, Mobile Broadband Network Device (NO ARP), 00:00:11:12:13:18
[ 178.174636] cdc_ncm 1-1:1.12: MAC-Address: 00:00:11:12:13:1a
[ 178.180326] cdc_ncm 1-1:1.12: setting rx_max = 16384
[ 178.191629] cdc_ncm 1-1:1.12 wwan3: register ‘cdc_ncm’ at usb-ci_hdrc.1-1, Mobile Broadband Network Device (NO ARP), 00:00:11:12:13:1a
[ 180.938334] type=1400 audit(1594647674.440:45): avc: denied { map } for pid=3943 comm=4173796E635461736B202332 path="/dev/event-log-tags" dev=“tmpfs” ino=2411 scontext=u:r:untrusted_app_25:s0:c512,c768
tcontext=u:object_r:runtime_event_log_tags_file:s0 tclass=file permissive=1
[ 180.963083] type=1400 audit(1594647764.096:46): avc: denied { getattr } for pid=2991 comm=“rild” path="/dev/ttyACM0" dev=“tmpfs” ino=28815 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_
file permissive=1
[ 180.982603] type=1400 audit(1594647764.096:46): avc: denied { getattr } for pid=2991 comm=“rild” path="/dev/ttyACM0" dev=“tmpfs” ino=28815 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_
file permissive=1
[ 181.002130] type=1400 audit(1594647764.096:47): avc: denied { read write } for pid=2991 comm=“rild” name=“ttyACM0” dev=“tmpfs” ino=28815 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_fi
le permissive=1
[ 181.021471] type=1400 audit(1594647764.096:47): avc: denied { read write } for pid=2991 comm=“rild” name=“ttyACM0” dev=“tmpfs” ino=28815 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_fi
le permissive=1
[ 181.040822] type=1400 audit(1594647764.096:48): avc: denied { open } for pid=2991 comm=“rild” path="/dev/ttyACM0" dev=“tmpfs” ino=28815 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_fil
e permissive=1
[ 181.060024] type=1400 audit(1594647764.096:48): avc: denied { open } for pid=2991 comm=“rild” path="/dev/ttyACM0" dev=“tmpfs” ino=28815 scontext=u:r:rild:s0 tcontext=u:object_r:device:s0 tclass=chr_fil
e permissive=1
[ 181.079272] type=1400 audit(1594647764.100:49): avc: denied { ioctl } for pid=2991 comm=“rild” path="/dev/ttyACM0" dev=“tmpfs” ino=28815 ioctlcmd=0x5401 scontext=u:r:rild:s0 tcontext=u:object_r:device:
s0 tclass=chr_file permissive=1
[ 182.158172] type=1400 audit(1594647764.100:49): avc: denied { ioctl } for pid=2991 comm=“rild” path="/dev/ttyACM0" dev=“tmpfs” ino=28815 ioctlcmd=0x5401 scontext=u:r:rild:s0 tcontext=u:object_r:device:
s0 tclass=chr_file permissive=1
[ 182.184633] type=1400 audit(1594647765.316:50): avc: denied { dac_read_search } for pid=4122 comm=“main” capability=2 scontext=u:r:zygote:s0 tcontext=u:r:zygote:s0 tclass=capability permissive=1
[ 183.925898] IPv6: ADDRCONF(NETDEV_UP): wwan0: link is not ready
[ 183.966028] selinux: avc: denied { set } for property=dhcp.wwan0.result pid=2991 uid=1001 gid=1001 scontext=u:r:rild:s0 tcontext=u:object_r:dhcp_prop:s0 tclass=property_service permissive=1
[ 183.966028]
[ 183.969564] cdc_ncm 1-1:1.6 wwan0: 480 mbit/s downlink 480 mbit/s uplink
[ 183.993645] cdc_ncm 1-1:1.6 wwan0: network connection: connected
[ 183.995849] selinux: avc: denied { set } for property=net.dns1 pid=2991 uid=1001 gid=1001 scontext=u:r:rild:s0 tcontext=u:object_r:net_dns_prop:s0 tclass=property_service permissive=1
[ 183.995849]
[ 184.000433] IPv6: ADDRCONF(NETDEV_CHANGE): wwan0: link becomes ready
[ 184.023460] init: Received control message ‘start’ for ‘sierra_config_ip’ from pid: 2991 (/vendor/bin/hw/rild -l /vendor/lib64/libsierrahl-ril.so – -a -i wwan0)
[ 184.431086] init: Could not ctl.start for service sierra_config_ip: File /vendor/bin/init.config.ip(labeled “u:object_r:vendor_file:s0”) has incorrect label or no domain transition from u:r:init:s0 to
another SELinux domain defined. Have you configured your service correctly? https://source.android.com/security/selinux/device-policy#label_new_services_and_address_denials
[ 187.470726] type=1400 audit(1594647765.316:50): avc: denied { dac_read_search } for pid=4122 comm=“main” capability=2 scontext=u:r:zygote:s0 tcontext=u:r:zygote:s0 tclass=capability permissive=1
[ 187.470972] selinux: avc: denied { set } for property=net.wwan0.dns1 pid=2991 uid=1001 gid=1001 scontext=u:r:rild:s0 tcontext=u:object_r:system_prop:s0 tclass=property_service permissive=1
[ 187.470972]
[ 187.488089] type=1400 audit(1594647769.746:51): avc: denied { read } for pid=2991 comm=“rild” name=“u:object_r:dhcp_prop:s0” dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:object_r:dhcp_prop:s0 t
class=file permissive=1
[ 187.526569] type=1400 audit(1594647769.746:51): avc: denied { read } for pid=2991 comm=“rild” name=“u:object_r:dhcp_prop:s0” dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:object_r:dhcp_prop:s0 t
class=file permissive=1
[ 187.546535] type=1400 audit(1594647769.746:52): avc: denied { open } for pid=2991 comm=“rild” path="/dev/properties/u:object_r:dhcp_prop:s0" dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:obj
ect_r:dhcp_prop:s0 tclass=file permissive=1
[ 187.568279] type=1400 audit(1594647769.746:52): avc: denied { open } for pid=2991 comm=“rild” path="/dev/properties/u:object_r:dhcp_prop:s0" dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:obj
ect_r:dhcp_prop:s0 tclass=file permissive=1
[ 187.589965] type=1400 audit(1594647769.746:53): avc: denied { getattr } for pid=2991 comm=“rild” path="/dev/properties/u:object_r:dhcp_prop:s0" dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:
object_r:dhcp_prop:s0 tclass=file permissive=1
[ 187.611988] type=1400 audit(1594647769.746:53): avc: denied { getattr } for pid=2991 comm=“rild” path="/dev/properties/u:object_r:dhcp_prop:s0" dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:
object_r:dhcp_prop:s0 tclass=file permissive=1
[ 187.633926] type=1400 audit(1594647769.746:54): avc: denied { map } for pid=2991 comm=“rild” path="/dev/properties/u:object_r:dhcp_prop:s0" dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:obje
ct_r:dhcp_prop:s0 tclass=file permissive=1
[ 190.495375] healthd: battery l=85 v=3 t=35.0 h=2 st=2 c=400 fc=4000000 cc=32 chg=a
[ 191.348853] type=1400 audit(1594647769.746:54): avc: denied { map } for pid=2991 comm=“rild” path="/dev/properties/u:object_r:dhcp_prop:s0" dev=“tmpfs” ino=2171 scontext=u:r:rild:s0 tcontext=u:obje
ct_r:dhcp_prop:s0 tclass=file permissive=1
[ 191.370493] type=1400 audit(1594647773.626:55): avc: denied { read } for pid=4153 comm=“crash_dump64” name=“CarrierInformation.db-shm” dev=“mmcblk1p12” ino=782 scontext=u:r:crash_dump:s0 tcontext=u:obj
ect_r:radio_data_file:s0 tclass=file permissive=1
[ 191.490492] healthd: battery l=85 v=3 t=35.0 h=2 st=2 c=400 fc=4000000 cc=32 chg=a
[ 192.297502] init: Untracked pid 4153 exited with status 0
[ 192.311594] init: Untracked pid 4155 exited with status 0
[ 192.521654] cdc_ncm 1-1:1.6 wwan0: network connection: disconnected
[ 192.840018] type=1400 audit(1594647773.626:58): avc: denied { map } for pid=4153 comm=“crash_dump64” path="/data/user_de/0/com.android.providers.telephony/databases/CarrierInformation.db-shm" dev=“mmcb
lk1p12” ino=782 scontext=u:r:crash_dump:s0 tcontext=u:object_r:radio_data_file:s0 tclass=file permissive=1
[ 192.867354] type=1400 audit(1594647775.118:59): avc: denied { dac_read_search } for pid=4206 comm=“main” capability=2 scontext=u:r:zygote:s0 tcontext=u:r:zygote:s0 tclass=capability permissive=1

I think so, i think it related to SElinux.
Please download ril integration guide.
https://source.sierrawireless.com/resources/airprime/software/android-ril-integration-guide/#sthash.ZZXlFJBG.dpbs

I am running se linux in permissive mode. I am using the instructions from your RIL integration guide.

Here is the code I added to init.rc for the service. Also, the script is present in /vendor/bin

Blockquote
service sierra_config_ip /vendor/bin/init.config.ip
class main
user root
group radio cache inet misc dhcp
capabilities BLOCK_SUSPEND NET_ADMIN NET_RAW
disabled
oneshot

Can you disable the SElinux?

Besides, you can have a look on this and see if it helps.

I belive I have it disabled. It is in permissive mode.

I am also trying to add the sepolicy files from the RIL, but I am having the same issue at this.

https://forum.sierrawireless.com/t/sepolicy-in-android-9-ril/16323

Seems it is not completely disabled.

https://www.google.com/amp/s/www.thegeekdiary.com/how-to-disable-or-set-selinux-to-permissive-mode/amp/

I am unable to used disabled. I tried to pass it to the kernel, but it does not work.

I am now trying to add the sepolicy file for the service, but I get an build error. The domain name is not a member of the allowed domains.

No need to regenerate ninja file
No need to regenerate ninja file
[ 25% 29/112] Install: out/target/product/evk_8mm/vendor/lib/libfslextractor.so
-rwxrwxr-x 1 cargt cargt 74100 Jul 13 14:32 out/target/product/evk_8mm/vendor/lib/libfslextractor.so
[ 26% 30/112] Install: out/target/product/evk_8mm/vendor/lib64/libfslextractor.so
-rwxrwxr-x 1 cargt cargt 68952 Jul 13 14:32 out/target/product/evk_8mm/vendor/lib64/libfslextractor.so
[ 27% 31/112] build out/target/product/evk_8mm/obj/ETC/sepolicy.recovery_intermediates/sepolicy
out/host/linux-x86/bin/checkpolicy: loading policy configuration from out/target/product/evk_8mm/obj/ETC/sepolicy.recovery_intermediates/sepolicy.recovery.conf
out/host/linux-x86/bin/checkpolicy: policy configuration loaded
out/host/linux-x86/bin/checkpolicy: writing binary representation (version 30) to out/target/product/evk_8mm/obj/ETC/sepolicy.recovery_intermediates/sepolicy.tmp
[ 29% 33/112] build out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
FAILED: out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
/bin/bash -c “(rm -f out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows ) && (ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c 30 -o out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/policy.conf )”
libsepol.report_failure: neverallow on line 1004 of system/sepolicy/public/domain.te (or line 11248 of policy.conf) violated by allow sierra_config_ip toolbox_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1004 of system/sepolicy/public/domain.te (or line 11248 of policy.conf) violated by allow sierra_config_ip dhcp_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 1004 of system/sepolicy/public/domain.te (or line 11248 of policy.conf) violated by allow sierra_config_ip shell_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 871 of system/sepolicy/public/domain.te (or line 10997 of policy.conf) violated by allow sierra_config_ip net_data_file:dir { search };
libsepol.report_failure: neverallow on line 843 of system/sepolicy/public/domain.te (or line 10944 of policy.conf) violated by allow sierra_config_ip dhcp_data_file:file { create setattr lock map unlink rename open };
libsepol.report_failure: neverallow on line 843 of system/sepolicy/public/domain.te (or line 10944 of policy.conf) violated by allow sierra_config_ip net_data_file:file { open };
libsepol.check_assertions: 6 neverallow failures occurred
Error while expanding policy
out/host/linux-x86/bin/checkpolicy: loading policy configuration from out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/policy.conf

Do the files in \device\linaro\hikey\sepolicy help?

These are the files causing the build issue. I am currently only using siera_config_ip.te. I copied the file as is and added it to my file_contexts.

Seems you also need to have a look on system/sepolicy/public/domain.te

I don’t see this in the RIL guide. Do you have an example or instructions?

you can see my system/sepolicy/public/domain.te in Android 9.
domain.zip (11.7 KB)

Seems you need to append those neverallow rules.

Same error after updating the domain.te in /system/sepolicy/public/doman.te

Do you have an source of a successful build you can share?

FAILED: out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
/bin/bash -c “(rm -f out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows ) && (ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c 30 -o out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows out/target/product/evk_8mm/obj/ETC/sepolicy_neverallows_intermediates/policy.conf )”
libsepol.report_failure: neverallow on line 998 of system/sepolicy/public/domain.te (or line 11233 of policy.conf) violated by allow sierra_config_ip toolbox_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 998 of system/sepolicy/public/domain.te (or line 11233 of policy.conf) violated by allow sierra_config_ip dhcp_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 998 of system/sepolicy/public/domain.te (or line 11233 of policy.conf) violated by allow sierra_config_ip shell_exec:file { execute execute_no_trans };
libsepol.report_failure: neverallow on line 866 of system/sepolicy/public/domain.te (or line 10986 of policy.conf) violated by allow sierra_config_ip net_data_file:dir { search };
libsepol.report_failure: neverallow on line 839 of system/sepolicy/public/domain.te (or line 10935 of policy.conf) violated by allow sierra_config_ip dhcp_data_file:file { create setattr lock map unlink rename open };
libsepol.report_failure: neverallow on line 839 of system/sepolicy/public/domain.te (or line 10935 of policy.conf) violated by allow sierra_config_ip net_data_file:file { open };
libsepol.check_assertions: 6 neverallow failures occurred
Error while expanding policy

How did you modify domain.te?

I compared the files, and then copied your in the folder. I cleaned my build and rebuilt.

Maybe you can comment out those lines 998 866 839