Magisk General Support / Discussion

Search This thread

wafna

Member
Jan 13, 2012
20
6
If the point of this procedure is to disable modules: Did you try booting to Safe Mode?

Safe Mode is an Android notion, some button combination for your phone. I don't think it matters whether Magisk is active in Safe Mode. The next boot after Safe Mode, you do need to get Magisk to activate, but if you do, Magisk will disable all modules for that one boot.

aaahhh thanks, I had forgotten about safe mode, maybe it would have worked :)

I have no idea how to get it in a Note 10+ :)

Also Android 11 seems to be making fun of the users, it says "Super Fast Charging 2.0" :-D there is FAST and SUPER FAST but also SUPER FAST 2.0

Next will be a charger that is REALLY SUPER FAST!

and in settings it shows hashtags before the search such as #notifications and #security, I thing they are being ironic at this point

But thanks for the reminder about safe mode, also Magisk loads without a cable being attached luckily :)
 
  • Like
Reactions: J.Michael

Didgeridoohan

Senior Moderator / Dev Committee / Dev Relations
Staff member
May 31, 2012
11,630
12,370
Gothenburg
Google Nexus 4
Nexus 6
yes... for the beginning
this is a new method i am sure of it.
Apps detecting the Magisk app even when it's hidden is not new, not even with the stub hiding method. I've had a mention about that in my guide for some time:
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hide_the_Magisk_app

There are several ways of detecting Magisk that can't currently be circumvented.

If you can figure out exactly what the app in question is detecting in the stub, with logs and everything, you could open an issue ticket on GitHub and possibly help make Magisk's hiding methods even more robust.
 
  • Like
Reactions: J.Michael

whitewallman

Senior Member
  • May 1, 2010
    119
    27
    It's been well explained, but did you notice that version number only appears in App - Latest, as per your screenshot? This indicates clearly that it's not installed (so there's no need to disengage it).

    If you do use 'Hide the Magisk app' function in App settings, you'll see it both in App - Latest and in App - Installed. In this case it is clear that it is installed (and that Magisk App has been repackaged as an unknown, ie hidden, app using different app signing key). 'Hide the Magisk app' function will also change to 'Reatore the Magisk app'.

    Usage details here:
    https://www.didgeridoohan.com/magisk/MagiskHide#
    Scroll down to 'Hiding the Magisk app'

    👍 PW
    Thank you for clearing that up! Yes, I noticed the latest vs installed. Which is why I posted the question. Thanks for sharing your expertise. 👍
     
    • Like
    Reactions: pndwal

    chrcol

    Senior Member
    Jan 17, 2012
    1,049
    165
    UK
    guys, I see the latest magisk seems way more complicated than it needs to be requiring patching method, and checks for ramdisk support.

    Does anyone here still do it the good old easy way inside twrp and works ok for you?

    If it really is not reccomended now I may stick with 21.4 and older.
     

    zgfg

    Senior Member
  • Oct 10, 2016
    5,287
    2,592
    guys, I see the latest magisk seems way more complicated than it needs to be requiring patching method, and checks for ramdisk support.

    Does anyone here still do it the good old easy way inside twrp and works ok for you?

    If it really is not reccomended now I may stick with 21.4 and older.
    You should ask specifically for which device/ROM and which TWRP - e.g., you may have A11 and your TWRP might not be properly compatible with, etc

    On the other side, patching is not that complicated at all, you just need to learn it first time. Particularly, ask/discover which image you need to patch (again, depending on your device/ROM) and next time you will just repeat the same procedure

    Check also on XDA forum for your device

    By your profile, seems you have OnePlus device - I'm pretty sure they have been covered here in the previous posts, questions, answers (I have Xiaomi and cannot help you)
     

    Didgeridoohan

    Senior Moderator / Dev Committee / Dev Relations
    Staff member
    May 31, 2012
    11,630
    12,370
    Gothenburg
    Google Nexus 4
    Nexus 6
    guys, I see the latest magisk seems way more complicated than it needs to be requiring patching method, and checks for ramdisk support.

    Does anyone here still do it the good old easy way inside twrp and works ok for you?

    If it really is not reccomended now I may stick with 21.4 and older.
    Nothing has changed regarding installation methods between Magisk v21.4 and later releases (currently v23.0). If you could install Magisk v21.4 through TWRP you can do the same with v23.0 (generally, there are some internal changes that may cause incompatibilities but most devices should be unaffected by that). John hasn't recommended installation through TWRP for a long time, way before v21.4.

    The main difference (regarding installation) between v21.4 and later releases is that there's no separate zip file. Everything is contained in the apk now and if you want to install through TWRP you just rename the .apk to .zip. But this has been covered many times since the release of v22, so if you want more details you can surely find those here in the thread...
     

    DomeNinchen

    Member
  • Apr 19, 2019
    21
    4
    Samsung Galaxy S10+
    Good day dear community,
    I have a question regarding the use of the app S-pushTAN(https://play.google.com/store/apps/details?id=com.starfinanz.mobile.android.pushtan) and the Magisk Manager.
    I have hidden the app in MagiskHide and renamed Magisk. There is no file/folder named Magisk, root or TWRP in my memory, yet the app does not work based on root detection according to the message. What can I do? Does anyone have any ideas? The picture shows the current Magisk version I am using.

    Many thanks already

    Screenshot_20210514-100405.jpg

    Translated with www.DeepL.com/Translator (free version)
     

    Attachments

    • Screenshot_20210514-100405.jpg
      Screenshot_20210514-100405.jpg
      445.9 KB · Views: 32

    ValeV008

    Senior Member
    Jun 5, 2016
    65
    9
    Hi all. What do you think I should do if magisk manager doesn't start and just hangs?

    Basically my Magisk Manager notified me of new update, so i went to menu (where all apps are shown) and clicked on Manegr (i changed the name of Magisk Manager). Sadly app didn't start, and android OS became almost not responding, it kinda crashed. This happens everytime i want to run magisk manager.

    I am thinking of uninstalling magisk manager and reinstalling it, but i'm not sure how that will affect the root, and also because it has different name (Manegr). My other idea is dirty installing it over the current one, but same problems could arise.

    Anyone got similar problem?
     

    DomeNinchen

    Member
  • Apr 19, 2019
    21
    4
    Samsung Galaxy S10+
    Hi all. What do you think I should do if magisk manager doesn't start and just hangs?

    Basically my Magisk Manager notified me of new update, so i went to menu (where all apps are shown) and clicked on Manegr (i changed the name of Magisk Manager). Sadly app didn't start, and android OS became almost not responding, it kinda crashed. This happens everytime i want to run magisk manager.

    I am thinking of uninstalling magisk manager and reinstalling it, but i'm not sure how that will affect the root, and also because it has different name (Manegr). My other idea is dirty installing it over the current one, but same problems could arise.

    Anyone got similar problem?
    Hello,
    I had the same problem. Just uninstall the app, download the latest version from github, then reinstall and change the name again. All the settings you made should be retained, that's how it was for me.

    Kind regards
     
    • Like
    Reactions: J.Michael

    unknowndrop

    Member
    Sep 9, 2012
    12
    1
    Hello.

    I am planning to install Proton to my Pixel 2 XL over stock rom. Since I am really out of rooting 'scene'. Does magisk bypass safetynet and snapchat or mcdonalds app work while magisk is installed?
     

    pndwal

    Senior Member
    Jun 23, 2016
    2,383
    1,671
    Sydney
    Xiaomi Redmi Note 7
    guys, I see the latest magisk seems way more complicated than it needs to be requiring patching method, and checks for ramdisk support.
    Covered, but just wanted to add that while methods for Magisk Installation (especially initial install) on modern devices have certainly become more complex due to device architecture changes, John has only been keeping up with / accomodating current needs. Patching method is very much needed were TWRP support is lacking / broken / impossible. Ramdisk support is actually ALWAYS needed to install Magisk, but where support for Ramdisk in boot partition is missing (and Magisk is Installed in Recovery partition ramdisk), installing from Custom Recovery has NEVER worked. Devices with ramdisk in custom partitions (eg Huawei Ramdisk partitions) also require new methods.

    John Wu himself takes pains not only to update, improve and keep Magisk device compatibility way ahead of practically any other software solution (currently supports any device with unlocked bootloader from Android 5 to present), but also to keep anyone interested informed about progress / what it means / how it works / how it affects existing users.

    Of course, many changes have had to be introduced to add compatibility with so many changes in OEM system architecture, as well as Google's requirements to move to higher API levels. But, as stated, John has purposely retained legacy Custom Recovery zip Installation support for devices with compatible TWRP (Nb. latest v. 3.5.2 does not yet support Android 11+). But he states:
    This installation method is deprecated and is maintained with minimum effort. YOU HAVE BEEN WARNED!

    It is very difficult to accurately detect the device’s information in custom recovery environments. Due to this reason, installing Magisk through custom recoveries on modern devices is no longer recommended. If you face any issues, please use the Patch Image method as it is guaranteed to work 100% of the time.
    https://topjohnwu.github.io/Magisk/install.html#custom-recovery

    Regarding challenges overcome making Magisk compatible with evolving Android architecture, see:
    https://topjohnwu.github.io/Magisk/boot.html

    This lists four distinct Android Device types using various Boot methods, the first being "Good old legacy ramdisk boot", the next three requiring major innovation to accommodate System As Root, A/B partitions, Dynamic Partitions, Two Stage Init, USES_RECOVERY_AS_BOOT, Recovery partition ramdisk only, etc. Great technical read.

    Incidentally, for anyone interested in general Magisk history:
    https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-83707709 PW
     
    Last edited:

    pndwal

    Senior Member
    Jun 23, 2016
    2,383
    1,671
    Sydney
    Xiaomi Redmi Note 7
    Hello.

    I am planning to install Proton to my Pixel 2 XL over stock rom. Since I am really out of rooting 'scene'. Does magisk bypass safetynet
    Yes, at present time in combination with Universal SafetyNet Fix Magisk module, and, if Rom does not include a Google Certified fingerprint, MagiskHide Props Config module w/ a certified fingerprint selected.
    and snapchat
    Someone else?
    or mcdonalds app work while magisk is installed?
    Works fine if checked in MagiskHide list. (May need to clear data after hiding root.)

    PW
     

    pndwal

    Senior Member
    Jun 23, 2016
    2,383
    1,671
    Sydney
    Xiaomi Redmi Note 7
    Hi all. What do you think I should do if magisk manager doesn't start and just hangs?

    Basically my Magisk Manager notified me of new update, so i went to menu (where all apps are shown) and clicked on Manegr (i changed the name of Magisk Manager). Sadly app didn't start, and android OS became almost not responding, it kinda crashed. This happens everytime i want to run magisk manager.

    I am thinking of uninstalling magisk manager and reinstalling it, but i'm not sure how that will affect the root, and also because it has different name (Manegr). My other idea is dirty installing it over the current one, but same problems could arise.

    Anyone got similar problem?
    Good advice above.

    New Magisk App is not compatible with old Magisk Manager. It should be unhidden (restored) or removed before new App is installed.
    https://topjohnwu.github.io/Magisk/releases/22000.html

    Your general Magisk settings / modules etc will be preserved if you do it afterward too (remove App AND Manager if both installed before new Install), as uninstalling Manager / App only does not remove these from data/adb/ 👍 PW
     
    • Like
    Reactions: J.Michael

    pndwal

    Senior Member
    Jun 23, 2016
    2,383
    1,671
    Sydney
    Xiaomi Redmi Note 7
    Good day dear community,
    I have a question regarding the use of the app S-pushTAN(https://play.google.com/store/apps/details?id=com.starfinanz.mobile.android.pushtan) and the Magisk Manager.
    I have hidden the app in MagiskHide and renamed Magisk. There is no file/folder named Magisk, root or TWRP in my memory, yet the app does not work based on root detection according to the message. What can I do? Does anyone have any ideas? The picture shows the current Magisk version I am using.

    Many thanks already

    Translated with www.DeepL.com/Translator (free version)
    Don't know the app, but generally:

    Check you have full SafetyNet pass. If not, see my post above:
    https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-85013583

    Check Google Play Services as well as your app is in MagiskHide list. If not, toggle MagiskHide off then on again in Magisk App Settings and check again.

    Next, clear your apps data (to reset flags) and try it again.

    More here:
    https://www.didgeridoohan.com/magisk/MagiskHideHidingRoot# 👍 PW
     
    • Like
    Reactions: J.Michael

    Elmarigo

    Senior Member
    Jun 13, 2014
    192
    72
    On my my Galaxy A40 Magisk shows "A/B" as "No", despite the phone being partitioned as A/B (but with B partition unused).
    I wonder if that's the reason, why te last Magisk update killed my phone into a state, where only an complete Odin stock reflash could recover.
    Not even restoring the all partition backup I had through TWRP could help around the issue.
     

    73sydney

    Senior Member
    Jul 21, 2018
    1,513
    1,241
    Sydney
    Google Pixel 2 XL
    Hello.

    I am planning to install Proton to my Pixel 2 XL over stock rom. Since I am really out of rooting 'scene'. Does magisk bypass safetynet and snapchat or mcdonalds app work while magisk is installed?

    Just a quick FYI, when i tested the most recent Proton for Pixel 2XL, it did not pass SafetyNet

    Dev is aware. (Dev is also dev of https://forum.xda-developers.com/t/magisk-module-universal-safetynet-fix-1-1-0.4217823/ , which is built into his Proton ROMs and now built into others as well)

    The older build: proton-aosp_taimen-ota_11.3.3.zip did pass fine, and from memory it passed out of the box, no fiddling needed, other than the standard install of the latest version of Magisk (v23) and Magiskhide toggled on in Magisk Manager > Settings.

    You can grab the previous 11.3.3 taimen (Pixel 2XL) builds (G-Apps included or G-Apps free) here:


    OR

    Dev has a web based installer (Chrome best) here: https://protonaosp.kdrag0n.dev/install/web/

    Though ive never used it, so i cant tell if you that earlier 11.3.3 is a choice via that method.

    If you get stuck either way, manually, or via the web installer, reply in the Proton thread.

    I used 11.3.3 for a long while, and waiting for the dev to fix the recent issues before i go back to it
     

    beejkitsune

    Senior Member
    May 2, 2015
    113
    23
    31
    Durham, England
    Google Pixel 5
    I've searched the thread to no avail and wondered if anyone could advise.

    After updating to the latest version, upon rebooting my phone gets stuck at "Phone is starting" message and doesn't progress further no matter how long I leave it. I had to then flash the original boot img and even trying to flash a patched img, I still get the same error message.

    My only other resort would be to completely wipe and start from fresh but if anyone could suggest something else I could try first I would be very grateful. TIA!
     

    Top Liked Posts

    • 1
      I described it in detail earlier, sorry.
      What could be really helpful is a working url for creating a user defined channel for Magisk 20.4 inside Magisk Manager. I can download the zip but there is no way to flash it. Next time I'll keep working Magisk_patched.img for sure, but at the moment I have to create one.
      Stable json for 20.4 is here:
      https://github.com/topjohnwu/magisk_files/tree/63555595ffa9b079f3a411dd2c00a80a3d985ccc

      Need address for raw file:
      https://raw.githubusercontent.com/t...5ffa9b079f3a411dd2c00a80a3d985ccc/stable.json

      This address and path should work in custom Channel, but I'd assume newer App does not have full backward compatibility with older Magisk in any case. (I'm fairly sure you'll need to enter json path in old Manager Custom Channel setting; newer App only uses channel setting to update/change App). I do know 'Hide The Magisk App' option is incompatible with older method for instance.

      Incidentally, issue with duplicated App/Manager arises from failing to Unhide/Restore App/Manager in App settings before updating, NOT reverting MagiskHide which is something quite different.

      If you didn't and you had hidden app (often named simply "Settings", etc), you will necessarily see Magisk Installed: N/A, and have other issues. You'll likely need to find it in device settings App list, and uninstall.

      Nb. This is expected coming from incompatible pre 21406, but in practice it is an issue even with current builds:
      https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-85078241

      Hope it helps. 🤠 PW
    • 14
      Before anyone freaks out, Google has given John the ok to keep working on Magisk.

      Edit: hmm... John has deleted the tweet stating that he's got the green light from Google in regards to Magisk. Maybe bad news, maybe no news. We'll just have to wait and see...

      Ref:
      https://www.xda-developers.com/magisk-developer-topjohnwu-leaves-apple-joins-google/

      12
      The man needs a break.

      He certainly deserves one in my book. Not a lynch mob.
      John Wu, 2h

      I understand that being the developer of a popular open source project, people are *longing* for an explanation.

      However, the speculation and conspiracy theories are getting out of hand, there are even attempts to sabotage my employment in the name of "saving the community"...

      This is putting extreme strain on me mentally, so let me get the facts straight: nobody really knows exactly how things will go in the future.

      I tweeted an assumption caused by miscommunication; I was informed it to be non factual; I deleted the tweet. That's all, really.

      So please, PLEASE, put down your tinfoil hats and pitchforks, and allow me to handle the situation privately. I will update you once there is a conclusion.

      Nobody is hired to kill off a project.
      I did not join Google for money.
      And of course, I have not betrayed the community.
      www.twitter.com/topjohnwu/status/1394835335096406023

      PW
      8
      Just want to point out that sharing screenshots of a private conversation isn't cool. The damage is already done and it's out there, but let John himself be the one to break the news.
      8
      From what John has said on Reddit and behind the scenes, recanting on some made statements, he can not touch magisk at all not speak on it anymore.
      Most here are aware of that quote, and as has been pointed out, it was private, he didn't 'say it on Reddit', it was only part of a much longer communication and the 'leak' was not appreciated, but my guess is that many colaborators will be in the loop.
      Since he does own the repositories for magisk so we could see them just disappear. He can't push an update which only he can do, so it's either fork it and go that route, which he knows all the ins and outs of magisk and now works for Google(2+2 says he will spilling the beans on the background to block it), I believe they have him on a gag because conflict of interest with magisk sidestepping their security system.
      I don't think G needs him to spill the beans on 'blocking' Magisk; they're quite aware of how it works. It's source is open, after all...

      But if you meant blocking attestation spoofing / bypassing (MagiskHide, some modules, and other), they already know how to make this foolproof. It does require compliant hardware to implement however, and it seems that when some target percentage of devices have launched with tee, a switch will be flipped, and spoofing attestation, and hence MagiskHide at least outside of userspace (ie bootloader Unlocked / verified boot, will become impossible for practical purposes for most users.

      MagiskHide will still be able to hide root from apps within userspace, but these can still check secure boot status through tee attestation, and will likely report 'root/jailbreak' but actually mean 'insecure boot environment'.

      Expect the pool of those still able to hide bootloader status to be reduced, for practical purposes, to those running custom OSs with inbuilt spoofing or Magisk on devices with launch version < or = to Android 7 (last version without requisite keymaster 3) overnight. (Nb. Hardware-backed Keystore began to be hardened from Android 6)
      https://source.android.com/security/keystore

      Hardware TEE of course, stands for Trusted Execution Environment, and it is not just implemented by Google.

      It actually facilities security in RISC, IBM, AMD, Intel, Apple, as well as Qualcomm, MediaTek, Samsung and Huawei SOCs running various systems. Here's an article focussing on ARM implementation:
      https://embeddedbits.org/introduction-to-trusted-execution-environment-tee-arm-trustzone/

      Interestingly, it states:
      TEE is not the solution to all of our security problems. It is just another layer to make it harder to exploit a vulnerability in the operating system. But nothing is 100% secure.
      You can't work for somewhere and have an ap they completely bypasses their OS without a amjor conflict of interest.
      Well, it doesn't bypass it; it gives superuser access as well as ways to overlay mods on an OS, and both things are certainly allowed by design if bootloader is unlocked.

      There are ways to prevent such unlocking, but Google doesn't do that. That's not to say they don't know how however. That would be laughable; It is their system (both open source Android framework and proprietary apps). They simply leave that to OEMs to implement, and, of course, a number take such measures.
      https://support.google.com/accounts/answer/9211246?hl=en
      Google doesn't even want you using a "modified system" to access your Google account. Google has major issue with root.
      They NEVER said that.

      They have protected their proprietary apps by forbidding bundling GApps with custom ROMs, originally ordering Steve Kondik to 'cease and desist' bundling with CyanogenMod, but offered an olive branch in quick succession when he assumed project was dead, allowing individual users to sideload the same, and sites like OpenGApps to host them.

      They have also expressly stated they DON'T oppose either root or custom ROMs, even recently. Eg from Tech Lead for Android hardware-backed security subsystems:
      Shawn Willden, May 19

      The Platform Security team has never been opposed to modding/rooting (and most of us are firm believers in users' right to own their devices), but remains firmly focused on maximizing security for the 99.99% of users who don't. Root weakens the security model.
      www.twitter.com/shawnwillden/status/1394665579076743175

      In line with the above, they state clearly that if you choose to mod your device, "you lose some of the security protection provided by Google", and they do have recommendations, including "Use a different device for important accounts & sensitive data"
      https://support.google.com/accounts...s-with-modified-rooted-android-versions?hl=en

      Also, rather than prevent their own proprietary apps from running in custom modded systems, they allow these to appear on PlayStore and be used freely. Very few are restricted at all, unless for good (security, corporate partners requirements etc) reason. GPay comes to mind here.

      They could, of course, prevent this (especially when HKA is fully functional), simply by requiring PlayProtect Certified Device, but so far they have PURPOSELY allowed custom modders even with uncertified (Chinese etc) devices to add their devices to their online White List that allows them to run the very GApps (without spoofing) that they were prevented from using w/ stock ROMs.

      This sets an example to others (wish likes of Maccas would wake up), but SafetyNet API and PlayProtect certification are available for apps / code deemed a security risk... Of course, SafetyNet Implementation can be abused, but Google's stance is that the code's author has the right to be informed about the execution environments status and make such decisions.

      Interestingly, it seems not only that Google is unopposed to custom ROMs, but they are not averse to the idea of certifying these / issuing appropriate signing keys so bootloader can be locked to allow full SafetyNet pass (with no spoofing), and GApps can be included legitimately. Of course, this solution evidently precludes root.

      The spiritual successor of CyanogenMod, LineageOS, is in a good position to get such an agreement as they already take pains not to 'subvert Google's security model', never bundling GApps, pre-root, signature spoofing (MicroG would come unstuck here 😉) or any other spoofing mods or techniques. Note this conversation between Shawn and Luca Stefani ('Director for LineageAndroid & Developer'):
      www.twitter.com/shawnwillden/status/1238161446200127488

      That ones been a while (time of initial Google Hardware Key Attestation testing), but I hope we see more on the front. 😛

      In short, Google is against subverting their security model, which includes SafetyNet implementation which ALLOWS code to run in insecure environments (even with superuser privileges) WITHOUT subverting it, by making TEE attestation results available to interested parties. Hardware TEE just ensures that the attestation is accurate... And Google didn't invent it either!

      Here's a bit I posted re. mainstream influence on Google's decision to implement Hardware backed attestation for for verified boot and Trusted Execution Environment:
      https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-83280363

      I don't want to take sides in this; only to give perspective. There's certainly room for many viewpoints. Take what John said on the subject just 4 months ago:
      https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-84398495

      ... I wonder what he's thinking now! 😜 PW
      8
      That is the most wrong statement. If Google didn't has no issues with having root, there would not magsikhide. Just that statement alone conflicts with itself. MagiskHide hides root... Google has a problem with hiding root and not root, then why hide it? Why is there basic attention and cts profile check? Now a hardware check? Root, on Android is what they don't want, or else there would be no need for a modified kernel, we would all have root like on Linux desktop... Any terminal on desktop has root instantly, Android doesn't.. They did pretty damn good job of taking something away they wanted to have all along right? Wow.
      This whole discussion took a bit of a turn, and I'm not gonna get further into that. But, you might want to reread what I said again: "Google has no interest in preventing root". That statement doesn't say anything on how Google think about root in security terms (and I'm talking about the Google security team here, which John now is a part of).

      We're talking about different things, I believe...

      You're talking about the security aspect, which Google cracks down on (since generally, rooting a device compromises the systems security), and I'm talking about just being able to root your device regardless of if SafetyNet triggers or not.

      If they wanted to, Google could make it so much harder (impossible?) to root your Android device... From statements I've seen from Google security team members, that's not on their agenda. But of course, beefing up the security on Android in general might have the unfortunate side effect of accomplishing the same thing.
    • 1050
      This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases.
      All information, including troubleshoot guides and notes, are in the Announcement Thread
      156
      Hello, I haven't given much support on XDA lately. It can be resulted from
      • University started and I have limited free time. In fact, I mostly develop during midnight
      • I live in Taiwan, which has large time zone differences between my European/American contributors/testers, which usually forces me to stay up late at night to discuss/test stuffs.
      • The new version is about to come, I don't want to spend effort on supporting old releases
      The planned update is delayed again and again, to some point I think I'll shed some light about what has been happening lately, also along with some announcements.

      New Forum!
      As you might have already discovered, Magisk got its own subforum on XDA! Many thanks to all the support you gave me, and much more information/features/support is about to come!
      **For developers supporting all the devices that are not using standard Android boot format, feel free to create threads in this section (actually, PLEASE do so) for your favorite devices after v7 is out. As I currently know, Asus devices require signing the boot image before flashing, and is model dependant; Sony devices seems to use ELF kernel that is unpatchable, or some has two ramdisks (inner + outer), both requires different workarounds; LG bootloader locked devices has to manually "BUMP" the boot image after flashing Magisk..... and there may be lots of other crazy boot image formats that haven't come up to my attention yet.
      It is impossible for me to support all these non-standard boot images, and I hope the community can collaborate to make Magisk running across all the devices. Overall, community collaboration is what XDA about :D

      The Pixel Phone
      Some of you might already know this news, that the next Pixel Phone right around the corner seems like it does not have ramdisk in boot image, which pretty much wrecked Magisk in all ways. However, it pretty much doomed root itself too. Kernel modifications is inevitable IMO, so I'll try to migrate my scripts to C programs that could possibly be included into the kernel itself. Note that I'm not familiar with linux kernel, I'm not even sure if my idea and concept is correct or not. But once the device is available, I think developers will find a way to bypass all the difficulties, and I'll do my best to learn things ;)

      Current Progress
      In the past month, I've spent quite some time learning SELinux, so that I can avoid using SuperSU's sepolicy patches. Thanks to the helps and tips from @phhusson and @Chainfire, I finally have a much clearer understanding of how SELinux works. The Magisk core parts (the scripts, boot image patches, new features, more supports) are actually done some time ago. What is causing all the delays is the Magisk Manager.
      To be completely honest, although I can code in Java without much issues, Magisk Manager is actually my first Android application, I had to reach out for assistance, and fortunately awesome developers like @DVDandroid and @digitalhigh contributed a lot, which makes the current Manager awesome.
      After the repo system and module management is mostly done, I was about to do some adjustments and release, but what we really done is decided to add another feature: auto-unroot with per-app settings. I decided to wait for it to be finished, and then do my adjustments. Due to reasons that'll be mentioned later, this feature will likely not be available for the next release (should come in future updates)

      Safety Net Disaster
      Those who are using Magisk for Safety Net bypass purposes must have known that Google recently updated the detection method of my Systemless Xposed. I still have no idea what Safety Net is detecting, so currently I cannot fix it on my side (also because I'm busy working on the next update). However, suhide developed by @Chainfire is able to hide Xposed and worked fine.
      However, only my Systemless Xposed v86.2, which is based on SuperSU's su.d, is supported using that method. v86.2 and v86.5 (latest, Magisk based) have nearly identical binaries, and the only difference is the path where the binaries are stored.
      I'm still not sure what's the real issue for it not being supported, I just hope it is not done intentionally.

      Conclusion
      Due to the fact that my Safety Net bypass is not 100% perfect now, I do not want to spend any more time waiting for auto-unroot to be polished. What I'm doing now is finishing up all the things I'd like to change in Magisk Manager (it has been a while since I last contributed to Manager, my fellow developers are doing all the heavy job), which might take a little more time, after that, packed with tons of information to be announced in Magisk Section, I'll release the long awaited update.

      Hope this lengthy post gives you the idea of the whole situation, and again thanks for all your support!!
      121
      Ah, some Chainfire bashing, I hope it is not too late for me to exercise additional villainy.

      First, let me make clear I have nothing against @topjohnwu, nor against Magisk. Magisk is an interesting project and it certainly displays @topjohnwu ingenuity and persistence. I don't doubt we will see more interesting things from his hands.

      -------------------------

      What has happened here is not all that dark and complicated, from either end. I returned from holidays, and someone pointed me at Magisk. My first thought: interesting!

      Among other things, the thread lists some issues with SuperSU, which in combination with the phrase The developer also requests users to not bug Chainfire with compatibility requests for SuperSU with Magisk from the portal article, raised my left eyebrow by nigh half an inch. The popular systemless xposed mod is apparently now based on it, and apparently it now no longer works with SuperSU, and apparently I'm not supposed to fix that, nor any of the other found issues. I found that a bit weird. So yes, I have told @topjohnwu that I was a bit surprised he was posting about issues with SuperSU without notifying me about them (I can't fix or help fix issues I'm not aware of, after all).

      He's also spreading a modified version of the SuperSU package, which is not all that uncommon, nor necessarily a problem. I have not looked into what he modified, I only ran a few quick tests on one of my devices, and found some commonly used commands run as root to be broken. I have informed him of this as well.

      It appears the tool of choice for Magisk is phh's Superuser, because of some of the mentioned issues with SuperSU. That's fine by itself, but fixing issues in that superuser by incorporating SuperSU's binaries into it is a somewhat questionable practise. After all, SuperSU is a commercial closed-source package that helps pay for my dinner, and superuser is a direct competitor. I have informed him that I was surprised he did this without asking for permission. I have expressed similar surprise on him spreading a modified version of LiveBoot (which helps pay for a snack now and then).
      @topjohnwu has also stated that Magisk's scripts are largely influenced by mine (I have not checked). Scripts based on mine are used all over the place on XDA, some people have crafted amazing things based on them, I have never made an issue of this (otherwise I would have just made them binaries). But yes, I have also stated to him that I don't think it's very nice to base something on one program, and then using that to (almost exclusively) push something directly competing with that program.

      tl;dr Towards @topjohnwu, I have:
      - expressed surprise he has issues getting Magisk to work with SuperSU, and has chosen not to inform me about those
      - expressed surprise he is using SuperSU binaries in a competing superuser without permission
      - expressed surprise he is posting a modified LiveBoot without permission
      - informed him of issues with the modified SuperSU he has posted
      - let him know I thought it wasn't very nice to be applying my scripts to benefit seemingly exclusively that same competing superuser

      To be crystal clear:
      - I have not asked for an apology
      - I have not asked for Magisk to be abandoned, neither the root hiding nor systemless module parts, and certainly not systemless xposed
      - I have not made an issue of any of this anywhere, until this post
      - I have not even specifically asked for anything to be taken down (though obviously in my opinion the other superuser package mixed with SuperSU's binaries, as well as the LiveBoot package, should go)
      - I have not reported this thread to XDA moderators for copyright violations or otherwise

      While my conversation with @topjohnwu may not win any awards for being friendly (though it may win some for brevity), I think all things considered my response has been rather mild. To be perfectly honest, until the apology post, I thought this was over with already. I think the apology post was triggered because I haven't replied to his last PM for a while - I was in the zone, it happens.

      To emphasize again, I have nothing against @topjohnwu, Magisk, or systemless xposed, and it is certainly not my goal to see any of them go. If it can be made to work together with SuperSU, great.

      I get it though: you think of something, you want to see if you can make it work, you finally get it to work, you publish it, it takes off - enthusiasm gets the better of you. Maybe in the rush some mistakes are made. That doesn't mean you have to just drop it and run. None of my stuff would make it past 0.1 if I stopped at the first big mistake :)

      Aside from said being in the zone coding, I usually regret actually responding to these sort of things the day after, which has made me hesitant to reply. Surprise me.
      76
      Thread temporarily closed so everyone sees this.

      The flood of "SafetyNet isn't working for me either!" posts are not helpful, at all. Please refrain from posting further, it will be looked into. Please do not forget that not passing SafetyNet is 100% NORMAL AND INTENDED when you have an unlocked booloader or running custom firmware. These are workarounds and they will be worked around in turn.

      The Flash
      Forum Moderator

      EDIT: Thread is reopened... I will be cleaning any SafetyNet posts for a while to keep the thread clean for real issues.
      75
      Hello everyone!

      I am aware that Google has updated Safety Net that makes Magisk itself a no go for Android Pay. In fact, I witnessed the change live while I am developing the new magiskhide, which should hide all Magisk modules and Magisk installed root.

      Google is serious about Safety Net now, clearly hunting down all possibility to run Xposed with Safety Net passed. I spend quite some time examining the new security measures last midnight, and fortunately it seems that it is possible to run Magisk and root along with Safety Net if no Xposed is running. I'm glad I removed the old root toggle at the right time lol, that is no longer feasible with the latest detection.

      So stay tuned for the next update, it will come with bug fixes, along with the new magiskhide to bypass that Safety Net.

      Google, how will a few systemless mods do any harm :p:p
    Our Apps
    Get our official app!
    The best way to access XDA on your phone
    Nav Gestures
    Add swipe gestures to any Android
    One Handed Mode
    Eases uses one hand with your phone