• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[GUIDE] Root Pixel 5 "redfin" with Magisk

Search This thread

elong7681

Senior Member
May 23, 2015
373
118
40
US
Moto X4
Google Pixel 2 XL
No problem.

So, with DenyList, only use it on Google Play Store + any apps you wish to hide root from. Due to John Wu's role at Google working on Android Security, Magisk will no longer block things from Android System.

However, there are still modules available that will facilitate this. I have been using Universal SafetyNet Fix and MagiskHide Props Config. SafetyNet passes according to YASNAC, and GPay works. No issues with financial and DRM apps, except maybe Hulu, but that has more to do with the fact I'm almost always on a VPN.
I know we don't have to disable verity and verification but if we wanted to know if it was disabled is there any way to find out?
 

V0latyle

Forum Moderator
Staff member
I know we don't have to disable verity and verification but if we wanted to know if it was disabled is there any way to find out?
There's some way to do it using ADB but there's not really any point. The only time it would ever get disabled is if you use the options to do so when flashing. And since that's not necessary as of Magisk 23016, I don't know why anyone would.
 

elong7681

Senior Member
May 23, 2015
373
118
40
US
Moto X4
Google Pixel 2 XL
There's some way to do it using ADB but there's not really any point. The only time it would ever get disabled is if you use the options to do so when flashing. And since that's not necessary as of Magisk 23016, I don't know why anyone would.
I tried to install the Cleanslate Kernel last night using the FKM app like I always do and I ended up with the corrupted data verify boot screen and It took me forever to figure out how to get back into Android without wiping data
 

V0latyle

Forum Moderator
Staff member
I tried to install the Cleanslate Kernel last night using the FKM app like I always do and I ended up with the corrupted data verify boot screen and It took me forever to figure out how to get back into Android without wiping data
The safest way is reflash the stock boot image. That should -always- boot no matter what.
 

elong7681

Senior Member
May 23, 2015
373
118
40
US
Moto X4
Google Pixel 2 XL
The safest way is reflash the stock boot image. That should -always- boot no matter what.
I thought so to but it didn't and neither did flashing the factory image with -w removed and verity disabled but what did work was sideloading the OTA then booted into Android and then into bootloader and then booting patched.img and then direct install
 
  • Like
Reactions: andybones
No problem.

So, with DenyList, only use it on Google Play Store + any apps you wish to hide root from. Due to John Wu's role at Google working on Android Security, Magisk will no longer block things from Android System.

However, there are still modules available that will facilitate this. I have been using Universal SafetyNet Fix and MagiskHide Props Config. SafetyNet passes according to YASNAC, and GPay works. No issues with financial and DRM apps, except maybe Hulu, but that has more to do with the fact I'm almost always on a VPN.
Okay awesome, for some reason all my reading about the new version of Magisk had me thinking it was gonna be harder to use. So that's good to know, thanks for the information!
 

AquilaDroid

Senior Member
Oct 11, 2012
753
728
81
Raleigh, NC
I'm back with a mushy head and no results to get root. I successfully updated to A12, but have been unable to flash the MagiskPatched.img which I've patched twice (and matched the checksum with one posted here). The result is always the same - boot loop (stuck at "G" logo until it reboots back into fastboot mode). I am on Magisk App 23016, Magisk shows Installed N/A, Zygisk No, Ramdisk Yes (and Update Channel is Canary). Flashing the stock boot.img always gets it started again.

In an attempt to get rid of the 7 Magisk Modules I didn't uninstall I've tried lots of things, including:
C:\Platform Tools January>adb wait-for-device shell magisk --remove-modules
adb server version (39) doesn't match this client (41); killing...
* daemon started successfully
/system/bin/sh: magisk: inaccessible or not found

Here's the last output:
C:\Platform Tools January>adb devices
List of devices attached
0B101FDD40001R device
C:\Platform Tools January>adb reboot bootloader
C:\Platform Tools January>fastboot devices
0B101FDD40001R fastboot
C:\Platform Tools January>fastboot flash boot "C:\Platform Tools January\magisk_patched-23016_IZJza.img"
Sending 'boot_b' (98304 KB) OKAY [ 2.316s]
Writing 'boot_b' OKAY [ 0.370s]
Finished. Total time: 3.768s
C:\Platform Tools January> fastboot flash boot_a "C:\Platform Tools January\magisk_patched-23016_IZJza.img"
Sending 'boot_a' (98304 KB) OKAY [ 2.328s]
Writing 'boot_a' OKAY [ 0.377s]
Finished. Total time: 3.715s
C:\Platform Tools January> fastboot reboot
Rebooting OKAY [ 0.054s]
Finished. Total time: 0.061s

Would uninstalling and reinstalling Magisk help? Uninstall via the app, then what?

Any help appreciated, as always. (It's a ***** to get old!)
 

kfhughes

Senior Member
Jun 8, 2011
107
29
Stockton, CA
Google Pixel 5
I'm back with a mushy head and no results to get root. I successfully updated to A12, but have been unable to flash the MagiskPatched.img which I've patched twice (and matched the checksum with one posted here). The result is always the same - boot loop (stuck at "G" logo until it reboots back into fastboot mode). I am on Magisk App 23016, Magisk shows Installed N/A, Zygisk No, Ramdisk Yes (and Update Channel is Canary). Flashing the stock boot.img always gets it started again.

In an attempt to get rid of the 7 Magisk Modules I didn't uninstall I've tried lots of things, including:
C:\Platform Tools January>adb wait-for-device shell magisk --remove-modules
adb server version (39) doesn't match this client (41); killing...
* daemon started successfully
/system/bin/sh: magisk: inaccessible or not found

Here's the last output:
C:\Platform Tools January>adb devices
List of devices attached
0B101FDD40001R device
C:\Platform Tools January>adb reboot bootloader
C:\Platform Tools January>fastboot devices
0B101FDD40001R fastboot
C:\Platform Tools January>fastboot flash boot "C:\Platform Tools January\magisk_patched-23016_IZJza.img"
Sending 'boot_b' (98304 KB) OKAY [ 2.316s]
Writing 'boot_b' OKAY [ 0.370s]
Finished. Total time: 3.768s
C:\Platform Tools January> fastboot flash boot_a "C:\Platform Tools January\magisk_patched-23016_IZJza.img"
Sending 'boot_a' (98304 KB) OKAY [ 2.328s]
Writing 'boot_a' OKAY [ 0.377s]
Finished. Total time: 3.715s
C:\Platform Tools January> fastboot reboot
Rebooting OKAY [ 0.054s]
Finished. Total time: 0.061s

Would uninstalling and reinstalling Magisk help? Uninstall via the app, then what?

Any help appreciated, as always. (It's a ***** to get old!)
So did you wipe data when upgrading to A12? I don't think anyone has found a way to go from A11 to A12 and root without wiping data.

One other thing to try: flash the stock boot image back to boot_a, but use "fastboot flash boot_a "C:\Platform Tools January\magisk_patched-23016_IZJza.img" to boot the patched boot image, then in Magisk App do the "direct install" to get root.
 
  • Like
Reactions: AquilaDroid

V0latyle

Forum Moderator
Staff member
I thought so to but it didn't and neither did flashing the factory image with -w removed and verity disabled but what did work was sideloading the OTA then booted into Android and then into bootloader and then booting patched.img and then direct install
What you actually needed to do was simply reflash vbmeta without options, then boot the patched image and direct install.

That's essentially what you did by sideloading the OTA...just the long roundabout way.
I'm back with a mushy head and no results to get root. I successfully updated to A12, but have been unable to flash the MagiskPatched.img which I've patched twice (and matched the checksum with one posted here). The result is always the same - boot loop (stuck at "G" logo until it reboots back into fastboot mode). I am on Magisk App 23016, Magisk shows Installed N/A, Zygisk No, Ramdisk Yes (and Update Channel is Canary). Flashing the stock boot.img always gets it started again.

Would uninstalling and reinstalling Magisk help? Uninstall via the app, then what?

Any help appreciated, as always. (It's a ***** to get old!)
Are you able to live boot the patched image?

By fastboot do you mean fastbootd, recovery, or Rescue Party (corrupted data screen)?

Did you disable verity/verification? If you did, you shouldn't have. Reflash vbmeta without disable options.

Usually a Magisk issue just means you don't have root; it shouldn't prevent the device from booting. Removing
modules should not be necessary but then again I only use two. Remember that you can always disable modules in the Magisk module manger.

So did you wipe data when upgrading to A12? I don't think anyone has found a way to go from A11 to A12 and root without wiping data.
The only reason this was inevitable was because disabling verity/verification was required to boot a modified image from /boot; disabling verity/verification with /data populated requires a wipe to successfully boot...for some reason.

It should no longer be an issue because of Canary 23016. The only thing you have to do after updating is let the device boot stock and complete the update, then patch and flash the boot image.
One other thing to try: flash the stock boot image back to boot_a, but use "fastboot flash boot_a "C:\Platform Tools January\magisk_patched-23016_IZJza.img" to boot the patched boot image, then in Magisk App do the "direct install" to get root.
Incorrect - you don't use fastboot flash boot to boot a patched image; the context there is flash is the command, and boot is the partition you're specifying to flash.

To boot an image simply use fastboot boot.

Point of note: When updating via OTA, ALWAYS let your device boot the new untouched boot image first. The way the OTA update process works means that system compares the boot image and system versions. If they don't match, it assumes the OTA failed, and boot loops back to the last good slot (the one you were on when you installed the OTA).

Or, download the factory image and patch the new boot image - but at that point you may as well just dirty flash the factory image anyway.
 

V0latyle

Forum Moderator
Staff member
@V0latyle can I disable verity now without a data wipe?
No.

Unless you're trying to run a custom kernel, you don't need to; and if you do need to in order to run a custom kernel, it's because the kernel dev needs to take a page from Magisk's book and ensure the boot image headers are preserved and valid.

The requirement to wipe data after disabling verity/verification has not changed. What DID change was how Magisk patches the stock boot image, so disabling verity/verification is totally unnecessary in the first place.

I have seen a few people suggest that they might keep doing it anyway. I don't know who had that idea but it needs to stop. Will it hurt anything? Most likely not, but if it isn't necessary, just don't do it!
 
Last edited:
  • Like
Reactions: andybones

elong7681

Senior Member
May 23, 2015
373
118
40
US
Moto X4
Google Pixel 2 XL
No.

Unless you're trying to run a custom kernel, you don't need to; and if you do need to in order to run a custom kernel, it's because the kernel dev needs to take a page from Magisk's book and ensure the boot image headers are preserved and valid.

The requirement to wipe data after disabling verity/verification has not changed. What DID change was how Magisk patches the stock boot image, so disabling verity/verification is totally unnecessary in the first place.

I have seen a few people suggest that they might keep doing it anyway. I don't know who had that idea but it needs to stop. Will it hurt anything? Most likely not, but if it isn't necessary, just don't do it!
Yes it would be for the Cleanslate Kernel
 

elong7681

Senior Member
May 23, 2015
373
118
40
US
Moto X4
Google Pixel 2 XL
I think I should clarify - Android 12 uses Boot Image Header v4; any kernels built to work with stock 12 firmware should incorporate that.

For custom firmware, it shouldn't matter.
I tried to flash Cleanslate Kernel with FKM and that's how I ended up on the corrupted data screen. For the installation of the Kernel it states that verity has to be disabled before you can boot into Android so I guess the only way to install the Kernel would be a full system wipe with the disabled flags.
 

V0latyle

Forum Moderator
Staff member
I tried to flash Cleanslate Kernel with FKM and that's how I ended up on the corrupted data screen. For the installation of the Kernel it states that verity has to be disabled before you can boot into Android so I guess the only way to install the Kernel would be a full system wipe with the disabled flags.
Hmm. To be honest I don't know that much about the Android boot process but I still think that if the kernel is updated to Boot Image Header v4 and uses a valid header, disabling verity shouldn't be necessary.

As I posted in the dev's thread, I highly recommend anyone using a custom kernel stick to the dirty flash factory image method.
 

V0latyle

Forum Moderator
Staff member
  • Like
Reactions: andybones

AquilaDroid

Senior Member
Oct 11, 2012
753
728
81
Raleigh, NC
What you actually needed to do was simply reflash vbmeta without options, then boot the patched image and direct install.

That's essentially what you did by sideloading the OTA...just the long roundabout way.

Are you able to live boot the patched image?

By fastboot do you mean fastbootd, recovery, or Rescue Party (corrupted data screen)?

Did you disable verity/verification? If you did, you shouldn't have. Reflash vbmeta without disable options.

Usually a Magisk issue just means you don't have root; it shouldn't prevent the device from booting. Removing
modules should not be necessary but then again I only use two. Remember that you can always disable modules in the Magisk module manger.


The only reason this was inevitable was because disabling verity/verification was required to boot a modified image from /boot; disabling verity/verification with /data populated requires a wipe to successfully boot...for some reason.

It should no longer be an issue because of Canary 23016. The only thing you have to do after updating is let the device boot stock and complete the update, then patch and flash the boot image.

Incorrect - you don't use fastboot flash boot to boot a patched image; the context there is flash is the command, and boot is the partition you're specifying to flash.

To boot an image simply use fastboot boot.

Point of note: When updating via OTA, ALWAYS let your device boot the new untouched boot image first. The way the OTA update process works means that system compares the boot image and system versions. If they don't match, it assumes the OTA failed, and boot loops back to the last good slot (the one you were on when you installed the OTA).

Or, download the factory image and patch the new boot image - but at that point you may as well just dirty flash the factory image anyway.
Thanks for your detailed response. I remember reading something about "live boot" but am unable to find the reference now. Any further instructions?

When it fails after flashing the patched image it tries twice and goes back to fastboot (recovery) screen where I immediately flash the stock boot image.

I just tried a few more times with Fastboot boot (magisk patched image) and it still doesn't install Magisk. (What is the info below "*****......*****"???)

C:\Platform Tools January>fastboot boot "C:\Platform Tools January\magisk_patched-23016_IZJza.img"
Sending 'boot.img' (98304 KB) OKAY [ 2.268s]
Booting ******** (bootloader) boot.img missing cmdline or OS version********
OKAY [ 1.518s]
Finished. Total time: 4.195s

The last time I tried, it showed the Android Recovery screen "Cannot load Android system..." Fortunately I selected "Try again" and it came back up (still without Magisk installed).

No, I didn't disable verity/verification.

"Remember that you can always disable modules in the Magisk module manger."
Wouldn't that require having Magisk (not the app) installed?

I re-downloaded and patched the boot.img and the patched versions have the same hash.

Maybe there's something to the comment that you can't install A12 without a full wipe?
Thanks again all!
 

V0latyle

Forum Moderator
Staff member
Thanks for your detailed response. I remember reading something about "live boot" but am unable to find the reference now. Any further instructions?
"Live boot" means you're loading a boot image directly via USB instead of from the boot partition - the term comes from the "live USB" method of booting an OS such as Windows or Linux from a USB device instead of the PC's internal storage.

When you use fastboot boot <image> you're telling the device to boot the specified image via USB.: fastboot is the application, boot is the command, and <image> is the image you want to boot. This does not flash it to the device, so when the device reboots it reverts back to loading the boot image from the /boot partition. This is useful when you want to temporarily load something but you don't want to actually flash it to the boot partition; on devices supported by TWRP, this is how you initially load TWRP.

On the other hand, when you use fastboot flash boot <image> you're telling fastboot to flash the specified image to the /boot partition: fastboot is the application, flash is the command, and boot is the partition you're flashing to. This is what you DON'T want to do when installing TWRP because you then overwrite /boot with TWRP, so when the device looks for an image to boot, all it finds is TWRP, no Android kernel.
When it fails after flashing the patched image it tries twice and goes back to fastboot (recovery) screen where I immediately flash the stock boot image.
To be clear, you're talking about the recovery screen that reads Cannot load Android system. Your data may be corrupt, correct? This screen is called Rescue Party. This means that the boot image failed to boot for a reason that makes Android think something is corrupted. Before Magisk 23016, we had this problem because Magisk didn't properly handle the boot image header, so when the device checks the boot image for integrity, it would see the header was messed up. This is the same reason why custom kernels require disabling verity/verification - because developers haven't yet ensured they have a valid version 4 boot image header.
I just tried a few more times with Fastboot boot (magisk patched image) and it still doesn't install Magisk. (What is the info below "*****......*****"???)

C:\Platform Tools January>fastboot boot "C:\Platform Tools January\magisk_patched-23016_IZJza.img"
Sending 'boot.img' (98304 KB) OKAY [ 2.268s]
Booting ******** (bootloader) boot.img missing cmdline or OS version********
OKAY [ 1.518s]
Finished. Total time: 4.195s
Disregard this. It always appears when you boot an image, even an untouched factory image. It doesn't mean there is a problem.
The last time I tried, it showed the Android Recovery screen "Cannot load Android system..." Fortunately I selected "Try again" and it came back up (still without Magisk installed).

No, I didn't disable verity/verification.

"Remember that you can always disable modules in the Magisk module manger."
Wouldn't that require having Magisk (not the app) installed?
Yes, but again this shouldn't be necessary when updating.
I re-downloaded and patched the boot.img and the patched versions have the same hash.
What version of Magisk are you using? Anything other than Canary 23016 will not work.
Maybe there's something to the comment that you can't install A12 without a full wipe?
Thanks again all!
How did you initially upgrade to Android 12?
 
  • Like
Reactions: AquilaDroid

Top Liked Posts

  • 1
    @topjohnwu has been busy. He doesn't get nearly enough appreciation for all his hard work.

    Magisk Stable is still 23.0.
    Magisk Beta is now 24.0
    Canary is now 24001

    Magisk 24.0 discussion thread
  • 4
    For those who are wondering, this is how I updated my Pixel 5 (and my wife's 5a):
    1. Download and extract the factory image
    2. Extract boot.img from the factory update image
    3. Copied boot.img to device, patched in Magisk, copied patched boot image back to update folder
    4. Reboot device to bootloader
    5. Apply update:
      Code:
      fastboot update device-image-buildnumber.zip
    6. Let device boot and finish update; reboot to bootloader
    7. Boot patched image:
      Code:
      fastboot boot magisk_patched-23016_xxxxx.img
    8. Open Magisk, tap Install, Direct Install, then reboot.
    9. Done.
    You can potentially save a couple steps by using --skip-reboot when applying the update, then simply rebooting to bootloader and flashing the patched boot image.

    Note: I manually patched the boot image because I didn't have a 23016 boot image handy.
    Confirmed working

    Just applied January update like how I have always been doing on Android 11. This wouldn't be possible without Magisk version 23016
    4
    For those who are wondering, this is how I updated my Pixel 5 (and my wife's 5a):
    1. Download and extract the factory image
    2. Extract boot.img from the factory update image
    3. Copied boot.img to device, patched in Magisk, copied patched boot image back to update folder
    4. Reboot device to bootloader
    5. Apply update:
      Code:
      fastboot update device-image-buildnumber.zip
    6. Let device boot and finish update; reboot to bootloader
    7. Boot patched image:
      Code:
      fastboot boot magisk_patched-23016_xxxxx.img
    8. Open Magisk, tap Install, Direct Install, then reboot.
    9. Done.
    You can potentially save a couple steps by using --skip-reboot when applying the update, then simply rebooting to bootloader and flashing the patched boot image.

    Note: I manually patched the boot image because I didn't have a 23016 boot image handy.
    4
    Finally, a straight forward method of updating without having to edit the flash-all.bat file, etc.! (I'm getting ready to flash my P5 from A11 (Oct) to January A12.)

    Thanks @V0latyle for all your activity and guidance here!
    When upgrading from Android 11, the safest way I think would be to OTA, because it preserves and migrates everything.

    The best way is a clean start and factory flash; it's not really advisable to dirty flash Android 12 on top of Android 11, just because of the seemingly insignificant differences that can cause problems down the road. That being said, it will work.
    3
    Wow V0latyle, fantastic post and update, eternal thanks brother! I had a family tragedy and had no opportunity to do the update from 11 with M23 stable to 12, so this is great news.

    Since I'm still on 11 rooted with 23 stable, and I used to perfotm the updates with factory full images (remove -w), and patch/flash new boot.img, seems we are now able to do this again, woo! I've never used any Magisk other than stable, so canary makes me a bit nervous just because its new to me.

    Can you confirm my intended process is correct here? Pixel 5a5g, a11, M23:

    - uninstall riru and SNF 1.x (the only 2 modules installed)
    - uninstall Magisk 23 via the "uninstall" button in Magisk Manager, and reboot
    - install Magisk Canary 23016
    I believe you should be aboe to go into Magisk Settings, change your update channel to Canary, and update that way. But yes, either way will work.
    - perform update to a12 using platform-tools with factory full image for 12 using flash-all (remove -w)
    - push new v12 boot.img to phone, patch with mm 23016
    - pull patched boot.img from phone, push to phone as new boot image
    - install SNF 2.2.0(or 2.2.1 as of today)
    Voila, rooted and updated to v12 (hopefully?)

    Did I miss anything, got something wrong, or is this appropriate?
    Looks good to me. Good luck!
    Thanks again V, your dedication to XDA is beyond appreciated!
    It's what I do. :cool:
    2
    A little confused here about which method to follow for retaining root when the new update of Android 12 comes... I am already on Android 12 nonrooted and locked bootloader.
    Follow the instructions under Initial Root. All you have to do is unlock bootloader, then patch and flash the boot image. Make sure you're using Magisk Canary 23016. Links are in the OP.
  • 11
    If you are looking for my guide on a different Pixel, find it here:
    Update 1-26-22: Magisk Beta 24.0 incorporates all previous fixes from Canary.
    Discussion thread for migration to 24.0.

    DO NOT substitute Magisk Stable 23.0 as it does not yet incorporate the necessary fixes for Android 12 and your device.


    WARNING: YOU AND YOU ALONE ARE RESPONSIBLE FOR ANYTHING THAT HAPPENS TO YOUR DEVICE. THIS GUIDE IS WRITTEN WITH THE EXPRESS ASSUMPTION THAT YOU ARE FAMILIAR WITH ADB, MAGISK, ANDROID, AND ROOT. IT IS YOUR RESPONSIBILITY TO ENSURE YOU KNOW WHAT YOU ARE DOING.

    Prerequisites:

    As many of you know by now, in order to run a patched boot image on Android 12 requires disabling Android Verified Boot.

    Verified Boot on Android 12 devices, at least Pixels with the SD765G and Tensor, is tied to device encryption. Therefore, disabling Verified Boot requires a wipe, if it was not previously disabled.

    To make this clear:
    Verified Boot is disabled by flashing /vbmeta with disable flags:
    Code:
    fastboot flash vbmeta --disable-verity --disable-verification vbmeta.img
    Verified Boot is enabled by flashing /vbmeta without flags:
    Code:
    fastboot flash vbmeta vbmeta.img

    Booting the device essentially "locks" the vbmeta state.

    I know this is confusing, Bear with me:

    If you previously disabled vbmeta, you MUST ensure it is disabled again when you update, BEFORE you boot. If you do not, you will have to wipe to regain root.

    Unfortunately, the update process enables Verified Boot by default, because it writes /vbmeta without flags.

    This means that the automatic OTA, or any other update process without intervention, WILL enable Verified Boot, which will require a wipe to disable!


    ****

    Android Source - Setting up a device for development


    1. Follow these instructions to enable Developer Options and USB Debugging.
    2. Enable OEM Unlocking. If this option is grayed out, unlocking the bootloader is not possible.
    3. Connect your device to your PC, and open a command window in your Platform Tools folder.
    4. Ensure ADB sees your device:
      Code:
      adb devices
      If you don't see a device, make sure USB Debugging is enabled, reconnect the USB cable, or try a different USB cable.
      If you see "unauthorized", you need to authorize the connection on your device.
      If you see the device without "unauthorized", you're good to go.
    5. Reboot to bootloader:
      Code:
      adb reboot bootloader
    6. Unlock bootloader: THIS WILL WIPE YOUR DEVICE!
      Code:
      fastboot flashing unlock
      Select Continue on the device screen.

    1. Install Magisk on your device.
    2. Download the factory zip for your build.
    3. Inside the factory zip is the update zip: "device-image-buildnumber.zip". Open this, and extract boot.img
    4. Copy boot.img to your device.
    5. Patch boot.img with Magisk: "Install" > "Select and Patch a File"
    6. Copy the patched image back to your PC. It will be named "magisk_patched-23xxx_xxxxx.img". Rename this to "master root.img" and retain it for future updates.
    7. Reboot your device to bootloader.
    8. Flash the patched image:
      Code:
      fastboot flash boot <drag and drop master root.img here>
    9. Reboot to Android. Open Magisk to confirm root - under Magisk at the top, you should see "Installed: <Magisk build number>

    1. Take the OTA update when prompted. To check for updates manually, go to Settings > System > System Update > Check for Update
    2. Allow the update to complete. Your device will reboot without root as the OTA overwrites the patched boot image.
    3. Reboot your device to bootloader.
    4. Boot the master root image
      Code:
      fastboot boot <drag and drop master root.img here>
      Note: If you prefer, you can download the factory zip and manually patch the new boot image. Do not flash an older boot image after updating.
    5. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
    6. Reboot your device. You should now be updated with root.

    1. Download the OTA.
    2. Reboot to recovery and sideload the OTA:
      Code:
      adb reboot sideload
      Once in recovery:
      Code:
      adb sideload ota.zip
    3. When the OTA completes, you will be in recovery mode. Select "Reboot to system now".
    4. Allow system to boot and wait for the update to complete. You must let the system do this before proceeding.
    5. Reboot to bootloader.
    6. Boot the master root image (See note 1):
      Code:
      fastboot boot <drag and drop master root.img here>
      Note: If you prefer, you can download the factory zip and manually patch the new boot image. Do not flash an older boot image after updating.
    7. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
    8. Reboot your device. You should now be updated with root.

    Please note that the factory update process expects an updated bootloader and radio. If these are not up to date, the update will fail.
    1. Download the factory zip and extract the contents.
    2. Reboot to bootloader.
    3. Compare bootloader versions between phone screen and bootloader.img build number
      Code:
      fastboot flash bootloader <drag and drop new bootloader.img here>
      If bootloader is updated, reboot to bootloader.
    4. Compare baseband versions between phone screen and radio.img build number
      Code:
      fastboot flash radio <drag and drop radio.img here>
      If radio is updated, reboot to bootloader.
    5. Apply update:
      Code:
      fastboot update --skip-reboot image-codename-buildnumber.zip
      When the update completes, the device will be in fastbootd. Reboot to bootloader.
    6. Boot the master root image (See note 1):
      Code:
      fastboot boot <drag and drop master root.img here>
      Note: If you prefer, you can download the factory zip and manually patch the new boot image. Do not flash an older boot image after updating.
    7. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
    8. Reboot your device. You should now be updated with root.

    1. Follow the instructions on the Android Flash Tool to update your device. Check the "Skip reboot" box.
    2. When the update completes, the device will be in fastbootd. Reboot to bootloader.
    3. Boot the master root image (See note 1):
      Code:
      fastboot boot <drag and drop master root.img here>
      Note: If you prefer, you can download the factory zip and manually patch the new boot image. Do not flash an older boot image after updating.
    4. Your device should boot with root. Open Magisk, tap Install, and select Direct Install.
    5. Reboot your device. You should now be updated with root.

    This is my configuration that is passing Safety Net. I will not provide instructions on how to accomplish this. Attempt at your own risk.

    Zygisk + DenyList enabled
    All subcomponents of these apps hidden under DenyList:
    • Google Play Store
    • GPay
    • Any banking/financial apps
    • Any DRM media apps
    Modules:
    To check SafetyNet status:
    I do not provide support for Magisk or modules. If you need help with Magisk, here is the Magisk General Support thread.

    Points of note:
    • The boot image is NOT the bootloader image. Do not confuse the two - YOU are expected to know the difference. Flashing the wrong image to bootloader could brick your device.
    • While the Magisk app is used for patching the boot image, the app and the patch are separate. This is what you should see in Magisk for functioning root:
      screenshot_20211218-194517-png.5486339
    • "Installed" shows the version of patch in the boot image. If this says N/A, you do not have root access - the boot image is not patched, or you have a problem with Magisk.
    • "App" simply shows the version of the app itself.
    • If you do not have a patched master boot image, you will need to download the factory zip if you haven't already, extract the system update inside it, then patch boot.img.
    • If you prefer updating with the factory image, you can also extract and manually patch the boot image if desired.


    Credits:
    Thanks to @ipdev , @kdrag0n , @Didgeridoohan , and last but not least, @topjohnwu for all their hard work![/SPOILER]
    6
    Magisk Canary was updated to 23016 last night. This includes a fix for the vbmeta header issue, meaning that disabling verity/verification should no longer be required, and we should be able to root as we did before. This needs testing, make sure you back up your data and photos before you try this!

    Q: "If verity/verification are disabled, do I need to enable them now?"
    A: No. The only thing you have to do is update to Magisk 23016.
    Q: "Will enabling verity/verification wipe my data?"
    A: No.

    I will be updating the OP to reflect this.
    4
    For those who are wondering, this is how I updated my Pixel 5 (and my wife's 5a):
    1. Download and extract the factory image
    2. Extract boot.img from the factory update image
    3. Copied boot.img to device, patched in Magisk, copied patched boot image back to update folder
    4. Reboot device to bootloader
    5. Apply update:
      Code:
      fastboot update device-image-buildnumber.zip
    6. Let device boot and finish update; reboot to bootloader
    7. Boot patched image:
      Code:
      fastboot boot magisk_patched-23016_xxxxx.img
    8. Open Magisk, tap Install, Direct Install, then reboot.
    9. Done.
    You can potentially save a couple steps by using --skip-reboot when applying the update, then simply rebooting to bootloader and flashing the patched boot image.

    Note: I manually patched the boot image because I didn't have a 23016 boot image handy.
    4
    For those who are wondering, this is how I updated my Pixel 5 (and my wife's 5a):
    1. Download and extract the factory image
    2. Extract boot.img from the factory update image
    3. Copied boot.img to device, patched in Magisk, copied patched boot image back to update folder
    4. Reboot device to bootloader
    5. Apply update:
      Code:
      fastboot update device-image-buildnumber.zip
    6. Let device boot and finish update; reboot to bootloader
    7. Boot patched image:
      Code:
      fastboot boot magisk_patched-23016_xxxxx.img
    8. Open Magisk, tap Install, Direct Install, then reboot.
    9. Done.
    You can potentially save a couple steps by using --skip-reboot when applying the update, then simply rebooting to bootloader and flashing the patched boot image.

    Note: I manually patched the boot image because I didn't have a 23016 boot image handy.
    Confirmed working

    Just applied January update like how I have always been doing on Android 11. This wouldn't be possible without Magisk version 23016
    4
    @TKruzze @V0latyle If you're using USNF it doesn't matter if you add the necessary gms components to the Deny listh. The module will always remove them since keeping them on the list will actually keep USNF from doing it's thing.

    For simple SafetyNet pass Universal SafetyNet Fix is all you need (and possibly MagiskHide Props Config if you need to spoof a device fingerprint).