When flashed onto a compatible device, the multi-disabler will semi-permanently disable a number of device protection features and services that become problematic on a rooted device. Some pose a threat to the rooted state of the device, while others become dysfunctional and generate a flood of log messages. Semi-permanently in this context means that the disablement will persist until re-enabled by the user, for example as a side-effect of flashing new firmware with Odin. You will therefore need to reflash the multi-disabler every time you perform a system-wide firmware update.
The methodology of the multi-disabler is the path of least intervention. This means that for any given device, only those services that must be disabled in order for the device to run smoothly will be tackled.
The following is a list of features disabled by the multi-disabler on Samsung devices launched in 2019:
- FBE (file-based encryption): Until this is disabled, most versions of TWRP — all for Exynos devices and many for Qualcomm — cannot read files on /data (the userdata partition). You must format /data after disabling FBE. Back up your data first!
- Vaultkeeper: Magisk now dynamically disables this during boot, but if you boot outside of Magisk, it will return with a vengeance.
- Process authentication (a.k.a. proca): This service must be disabled in order to use a custom kernel without problems. All devices with TWRP utilise a custom kernel for Android, because the same kernel is shared by Magisk to boot the system.
- Stock recovery auto-restoration: In certain circumstances, your device will automatically restore its stock recovery partition, overwriting your custom recovery (TWRP). Magisk now also provides dynamic protection against this, but this will not save you if you boot outside of Magisk.
- wsm: On Android 10, this service prevents Samsung smartwatches from connecting to the Galaxy Wearable app.
- Extra services are disabled on an as needed per device basis.
Furthermore, when the ZIP file is renamed to contain the string _btfix somewhere in the name and the file is then flashed on a supported Android 10 device, the system's libbluetooth.so library will be patched in situ to prevent the loss of Bluetooth pairings across reboots. This is a recurring issue with rooted Samsung devices. If you apply this feature, then there is no need to use the libsecure_storage companion Magisk module any more. Note that the multi-disabler's support for this solution is limited to a relatively small number of Samsung devices. If you find that patching fails on your device, please refer to Arthur Trouillot's libbluetooth patcher, which supports a wider variety of devices. Note that this patch does not need to be applied to any Samsung device launched with Android 10 in 2020, and any such attempt will be ignored.
The multi-disabler is written in Bourne shell, so you can — and should — audit the code yourself to ensure its safe operation. It's operating on the very heart of your device, so you should not simply trust it.
The code has been written to be idempotent, which means you can safely flash the multi-disabler multiple times without fear of unintended side-effects.
The package is attached to this posting and the code is available on GitHub.