• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

Magisk General Support / Discussion

Search This thread

pndwal

Senior Member
He showed us a screenshot of TWRP running.
Does he have to tell TWRP to protect itself?
I guess if he already booted to recovery using key combo such ROM patching is not working / occurring.

There may be a number of issues:

Enabling 'Keep system read only' prevents such patching. (I guess there may be additional issues w/ modern shared-blocks filesystem too.)

ROM may also have harder verified-image-protection to defeat. Some who found twrp fails to patch simply flashed Magisk which also prevents overwriting recovery. (Likely won't help here.)

I suspect he may also simply have booted using 'fastboot boot twrp.img'. PW
 
  • Like
Reactions: J.Michael

jons99

Senior Member
Nov 5, 2019
209
244
I guess if he already booted to recovery using key combo such ROM patching is not working / occurring.

There may be a number of issues:

Enabling 'Keep system read only' prevents such patching. (I guess there may be additional issues w/ modern shared-blocks filesystem too.)

ROM may also have harder verified-image-protection to defeat. Some who found twrp fails to patch simply flashed Magisk which also prevents overwriting recovery. (Likely won't help here.)

I suspect he may also simply have booted using 'fastboot boot twrp.img'. PW
tried the new alpha and it broke riru which broke lsposed and safetynet not recommended at least if you want to use riru I went back to previous one for now
 

zgfg

Senior Member
Oct 10, 2016
5,853
3,325

Attachments

  • IMG_20210924_213149.jpg
    IMG_20210924_213149.jpg
    135.9 KB · Views: 42
  • Like
Reactions: ipdev

PokemonTotalWar

Senior Member
Jan 29, 2014
758
209
21
OnePlus 5
OnePlus 6T
For me everything ok (I don't use and need riru): root, SN, V4A, WebView, you name it
I'm not noticing any problems either. Was just making a PSA for anybody who does use Riru that it's not going to work anymore, and it's not a bug -- it was intentionally disabled. People are freaking out in the alpha Telegram over the "bug," and I wanted to head that off over here
 

rodken

Senior Member
Jan 11, 2010
599
164
Google Pixel XL
OnePlus 8
I'm not noticing any problems either. Was just making a PSA for anybody who does use Riru that it's not going to work anymore, and it's not a bug -- it was intentionally disabled. People are freaking out in the alpha Telegram over the "bug," and I wanted to head that off over here
Could potentially become an issue for folks that rely on LSPosed?
 

J.Michael

Recognized Contributor
Jan 20, 2018
874
739
Samsung Galaxy Tab A series
nothing,i have to find a way to convert SquashFS partitions to ext4
Could you describe "nothing" in more detail? Does fastboot ignore the command? Does the device seem to try to reboot? Do you end up in recovery? Do you end up in Android with no sign of Magisk?

Why do you need to convert squashfs partitions to ext4?

Can you boot a Linux on a desktop computer? I would expect it to be straightforward to mount a squashfs image, create a new ext4 image, copy all the files. Maybe have to run as root to preserve all permissions and ownership.

If the problem is packaging the partition image, maybe you should look into Android Image Kitchen (AKA AIK).
 
Mar 25, 2012
1,053
772
31
Crete,,,Heraklio
Could you describe "nothing" in more detail? Does fastboot ignore the command? Does the device seem to try to reboot? Do you end up in recovery? Do you end up in Android with no sign of Magisk?

Why do you need to convert squashfs partitions to ext4?

Can you boot a Linux on a desktop computer? I would expect it to be straightforward to mount a squashfs image, create a new ext4 image, copy all the files. Maybe have to run as root to preserve all permissions and ownership.

If the problem is packaging the partition image, maybe you should look into Android Image Kitchen (AKA AIK).
Device try to reboot in recovery using the command, i unpack the system using macos, when i repacked was 900mb and didn't boot, the original is 2 gb, the twrp can mount system or vendor, i think something is hidden on kernel or bootloader, pioneer has done very clever system to keep the system closed
 
  • Like
Reactions: J.Michael

pndwal

Senior Member
I'm not noticing any problems either. Was just making a PSA for anybody who does use Riru that it's not going to work anymore, and it's not a bug -- it was intentionally disabled. People are freaking out in the alpha Telegram over the "bug," and I wanted to head that off over here
Yup, looks like w/ a0fe78a7-alpha (maverick 😜) users needing any Riru solutions are out of luck.

I'm guessing many of these modules will move to Zygisk base in due course.

Those using needing USNF 2.x for September Google server end change can move back to 1.2.0 and older fixes changing model props. MagiskHide Props Config module Force Basic attestation option with similar late 'device selected from list' matching OEM configured is probably the best of these option. PW

Screenshot_2021-09-25-09-21-04-544_com.topjohnwu.magisk.png
Screenshot_2021-09-25-09-25-37-464_com.topjohnwu.magisk.jpg
 
Last edited:

73sydney

Senior Member
Jul 21, 2018
1,904
1,667
Sydney
Google Pixel 2 XL
Yup, looks like w/ a0fe78a7-alpha users needing any Riru solutions are out of luck.

I'm guessing many of these modules will move to Zygisk base in due course.

Those using needing USNF 2.x for September Google server end change can move back to 1.2.0 and older fixes changing model props. MagiskHide Props Config module Force Basic attestation option with similar late 'device selected from list' matching OEM configured is probably the best of these option. PW

View attachment 5418077
View attachment 5418079


Not being able to use Riru-Momohider is a complete non-starter for me :(

Ill be using Alpha 31 for some time to come it looks like
 
  • Like
Reactions: rodken

Stillhard

Senior Member
Sep 25, 2016
60
34
Interestingly, I had such issues with 0ab31ab0-alpha with Riru enabled, but issue is gone for me in 61783ffc-alpha...

You could try disabling Riru & USNF 2.x, rebooting, checking Zygisk status / settings, then enabling again; I needed this initially - actually uninstalled USNF, disabled Riru and rebooted before installing again... No issue since on RN8T.

Of course this may be a per device issue.

John and vvb2060 are still busy with implementation of Zygisk; this may help in next builds:
https://github.com/topjohnwu/Magisk/pull/4720
... merged with Commits on Sep 24, 2021:
https://github.com/vvb2060/Magisk/commits/app_zygote
... there'll be more too. PW
I have tried w/o any modules
Toggled the zygisk button to enable, reboot, zygisk = No, but the button in settings stayed as toggled on, checked the logs, no trace of zygisk

Tried toggled on and added denylist, reboot, zygisk = No, checked the logs, still no trace of zygisk, but the denylist ran and active.

Reverting to 0ab31ab0-alpha, boom!!! zygisk = Yes, checked the logs, zygisk xhook was there.

Tried all alpha before 0ab31ab0-alpha too (with zygisk in it), all the same result with zygisk xhook ran.

...running weirdly? or it is weird that they are running?
It was weird they were running but with no zygisk
 

pndwal

Senior Member
I have tried w/o any modules
Toggled the zygisk button to enable, reboot, zygisk = No, but the button in settings stayed as toggled on, checked the logs, no trace of zygisk

Tried toggled on and added denylist, reboot, zygisk = No, checked the logs, still no trace of zygisk, but the denylist ran and active.

Reverting to 0ab31ab0-alpha, boom!!! zygisk = Yes, checked the logs, zygisk xhook was there.

Tried all alpha before 0ab31ab0-alpha too (with zygisk in it), all the same result with zygisk xhook ran.


It was weird they were running but with no zygisk
Seems mileage differs per build, per device, likely per ROM....

When I had conflict between Riru / Zygisk I had Zygisk option in settings disappear, but Enforce DenyList remained checked. PW
 

J.Michael

Recognized Contributor
Jan 20, 2018
874
739
Samsung Galaxy Tab A series
Device try to reboot in recovery using the command, i unpack the system using macos, when i repacked was 900mb and didn't boot, the original is 2 gb, the twrp can mount system or vendor, i think something is hidden on kernel or bootloader, pioneer has done very clever system to keep the system closed
I don't think you should be fiddling with "system" as part of trying to install Magisk.

Please confirm: You use Magisk app, with "Recovery" checkbox checked, to patch stock "recovery.img"; you "flash" the magisk-patched-recovery.img to the recovery partition; you try to boot towards recovery; Android comes up; the next time you check, the recovery partition contains the stock, unpatched, recovery.img?
 
Mar 25, 2012
1,053
772
31
Crete,,,Heraklio
I don't think you should be fiddling with "system" as part of trying to install Magisk.

Please confirm: You use Magisk app, with "Recovery" checkbox checked, to patch stock "recovery.img"; you "flash" the magisk-patched-recovery.img to the recovery partition; you try to boot towards recovery; Android comes up; the next time you check, the recovery partition contains the stock, unpatched, recovery.img?
Yes everything you said is correct, in twrp I spell it wrong, can't mount system or vendor
 
  • Like
Reactions: J.Michael

adehade1983

Member
Sep 27, 2017
8
0
Samsung Galaxy J3 (2016)
I have problem with magisk 23.
I try install magisk many times before root checker show me "phone is rooted".
1. All YouTube video about install magisk showing installed magisk with modules to download.
My menu/options don't show modules to download.
2. Buttons for reboot not working.
3. On device settings/security/device administrator can't see Magisk icon.
4. When I use all apks root 3-5 times ask me about permissions and I need to click again allow (I have set always).

BUT ROOT IS WORKING
Samsung j3 sm-320fn
 

zgfg

Senior Member
Oct 10, 2016
5,853
3,325
I have problem with magisk 23.
I try install magisk many times before root checker show me "phone is rooted".
1. All YouTube video about install magisk showing installed magisk with modules to download.
My menu/options don't show modules to download.
2. Buttons for reboot not working.
3. On device settings/security/device administrator can't see Magisk icon.
4. When I use all apks root 3-5 times ask me about permissions and I need to click again allow (I have set always).

BUT ROOT IS WORKING
Samsung j3 sm-320fn
Please attach your screenshot from Magisk
 
  • Like
Reactions: J.Michael

Top Liked Posts

  • 6
    Folks:

    Please realize that the "failure to load/verify boot images" message is not due to a Magisk issue.

    Android 12 introduces Verified Boot on some devices, such as the Pixel 5, which will block a modified boot image from loading.

    Two new Verified Bootfeatures implemented in Android 12 will interfere with attempts to root.

    Dm-verity (device-mapper-verity) is a method by which an image on block devices (the underlying storage layer of the file system) can be checked to determine if it matches an expected configuration, using a cryptographic hash tree. If the hash doesn't match, dm-verity prevents the stored code from loading.

    Vbmeta verification is the other half of this - it provides a cryptographically signed reference hash which is used to verify the integrity of /boot, /system, and /vendor partitions. The vbmeta image is only used to verify /boot, while vbmeta-system is used to verify /system.

    This was implemented to prevent persistent rootkits by means of a hardware level security check, to prevent "potentially harmful applications" such as Magisk from evading detection, as such applications residing within the kernel will have higher privileges than the detection applications.

    What this means is that with these two enabled, a modified boot image will cause a verification error when flashed to the device, preventing boot. Interestingly, this check is not performed against "live" boot images loaded via ADB, so with dm-verity and vbmeta verification enabled, a modified image can be booted as long as the image in /boot is intact.

    So, if you get stuck at bootloader with the failure message, this is because boot verification is not disabled.

    You can find instructions on how to disable it in my thread here (this guide is for the Pixel 5; the instructions may be similar for other devices but it is YOUR responsibility to determine the correct procedure)

    As far as failing safetynet, I used the Universal Safetynet Fix on 12 Beta 5 with no issues. I haven't updated to 12 Final yet so YMMV.
    2
    I stand to be corrected here, but I think MHPC now changes 'sensitive' props that MagiskHide used to handle to 'safe' (undetected) values by default (even if MHPC is not configured).

    This may do no harm of course, but it should be understood that MHPC is no longer 'dormant' when reset or left unconfigured.

    Also, as USNF now apparently does this also, this function may be duplicated / redundant, although I imagine this wouldn't cause any real conflict, only increase load time marginally. PW
    The sensitive props changing is active by default, yes, but only ever does anything if a prop is set to a sensitive value.
    1
    I'm on 8276a077-alpha myself. But, SN fails for me. I'm attaching screenshots of my setup. Please advise on how to get SN to pass. My device is POCO X3 (non-NFC) and I'm on the latest AICP 16.1 (A11). Thanks.
    In addition to @zgfg's advice, please see this:
    https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-85792975 👍 PW
    1
    https://github.com/topjohnwu/Magisk/issues/4343#issuecomment-947304715

    Thought I'd address this here.

    Since the enquiry (re Android 12 & fixes) continues, @osm0sis just responded:


    Couldn't agree more.

    Additionally, it IS the end of an era according to John...

    Aside from farming out Magisk Hide work, the project should become
    - More professional!
    - It will incorporate better (regression) testing!:

    Also,
    - It now has a plethora of talented contributors whose contributions have ensured vastly improved compatibliy, stability and fewer bugs already...

    I can't imagine that will change anytime soon thanks to John's model:

    https://topjohnwu.medium.com/state-of-magisk-2021-fe29fdaee458

    😀😃😄 👍 PW
    I'm not familiar with Pixel and A12, but did you see:
    @V0latyle I think I know why some people are having issues with obtaining root or maintaining root on Android 12 official release... When you use the following command,
    Code:
    fastboot --disable-verity --disable-verification flash vbmeta vbmeta.img

    I think after this command and then flashing the patched magisk boot image their might be a check on both slots. Would I be wrong suggesting for the disable vbmeta command be this instead?
    Code:
    fastboot --disable-verity --disable-verification flash --slot=all vbmeta vbmeta.img

    I was having the same issue where it was saying that the system was corrupt and having to do a factory wipe after doing the command without --slot=all for the vbmeta disable flag command.
    1
    please see my screenshots (esp. the 5th) and advise on what is to be done further. thanks.
    @pndwall gave you the link for one of the many earlier posts in this thread how to configure DenyList.
    You don't need AR services and so but only Google Play Services (you didn't expand to see which services you enabled) - see the screenshot

    After that, as said, if Basic Integrity still failing, use MHCP to spoof fingerprints as if you would be running the stock, certified ROM (custom ROMs are not certified and cannot pass)

    Finally, USNF module if CTS would be still failing.

    Check the corresponding threads, their OP posts (and the recent posts)
  • 14
    MOD ACTION:

    Enough is enough. Despite my deleting some off topic posts yesterday, the spam continues. Thread cleaned. Please check your PM inbox and avoid off topic posts.
    11
    diareuse has been MIA for a bit. Pinged him a couple times on the GitHub Issues, but no answer. Hopefully he's okay. 😕

    Mmm. Nothing on his Twitter since February... That's concerning.

    Yeah and in a week it'll be 1 full year since his last commit to Magisk too. 😕

    Good news is diareuse just reached out and is indeed alive and well, just working on multiple paying jobs in real life. 🙂
    11
    Hey all,
    As promised, I wrote up a step-by-step tutorial for the Pixel 5a (though it applies to about all the Pixels, much of it I used on my Pixel 2 over the past 4+ years):


    I know it's a book, but I wanted to make sure I put it in everyday language and tried to make it so even a first timer could go through it and feel confident moving forward and getting root, passing SafetyNet, and update with system updates in the future with confidence.

    Anyhow, it's my attempt to give something back to the community I've gained so much from and leaned on so many times for help. If it helps even one person I'll be happy.

    Thanks again to the entire community, and particularly the folks who have been here helping tirelessly and without reserve to get everyone up and going. You all know who you are and I gave proper name attribution in the tutorial thread. I'm exhausted, so I'm gonna go grab some dinner, that took hours to write! hahahahaah!!

    Be well everyone, SO happy my P5a is fully functioning, you folks are just amazing.

    hfam
    11
    Latest Alpha Magisk cb4361b7-alpha

    *** For Mavericks only! ***

    Riru / Zygisk coexistence seems to be back!
    🎉🎊⚡🥝🧀

    Chinese Translated:
    alpha update log
    Magisk (cb4361b7-alpha)


    ● [General] Based on cb4361 b7, the content that has been merged upstream is no longer listed
    ● [App] Correctly process any data from magiskd
    ● [App] Support SharedUserld
    ● [App] Delete the backup file after restoring the boot image
    ● [App] Built-in current version update log
    ● [App] Use the local version when the stub cannot be downloaded, now it can be used completely offline
    ● [App] Switch to the modern time API of Java 8
    ● [DenyList] handle suspicious props
    ● [App] Update SafetyNet extension, update snet.jar version to 18
    ● [General] Add an obsolete cgroup v2 path
    ● [Sepolicy] Add execmem to allow zygote and system_server Hook
    ● [MagiskSU] If necessary, fall back to /dev/pts
    ● [Zygisk] Fix Circumstances that may not take effect
    ● [Busybox] Cancel optimization based on undefined behavior
    ● [General] No longer automatically unlock the device block
    ● [Zygisk] From the current situation, there is no crash report to prove zygisk and riru
    Incompatible, temporarily cancel the restriction, observe the situation

    Upstream update log
    From 23.0 to cb4361b7


    ● [General] supports pure 64-bit devices
    ● [General] Support Android 12 emulator
    ● [Zygisk] Code Injection Framework
    ● [General] Remove MagiskHide
    ● [General] Support special simulator loading module
    ● [MagiskBoot] Support zImage format
    ● [MagiskBoot] Add zopfli encoder
    ● [Magisklnit] Support bootconfig
    ● [App] Repair installation function will now check the script under /data/adb/magisk/ is not updated
    ● [MagiskInit] Support some Meizu devices
    ● [MagiskSU] If the kernel supports it, use isolated devpts
    ● [MagiskSU] Fix the pts configuration code, now no extra sepolicy rules
    ●[MagiskBoot] Support v4 boot image header format
    ● [MagiskInit] Support opltus.fstab for some OnePlus and Opal devices
    ● [App] Update modules to be restarted, not allowed to be marked as pending deletion
    ● [App] Delete online warehouse
    ● [App] Add mounting information to the saved log file
    ● [App] Adapt to Android 12 API level
    ● [App] Display the waiting pop-up window when the app is hidden/restored
    ● [Stub] Open source obfuscation function
    ● [Script] Check and display the sepolicy rule folder of the module
    ● [App] Hide screen overlay for pop-up window, Android 12+ is required
    ● [App] Delete the floating bottom bar and change it to the general bottom operation bar
    ● [General] Support special compilation cache
    ● [General] Add rejection list function
    ● [App]Delete DOH
    ● [App]Delete SafetyNet
    ● [App] Allow the log page to be opened when Magisk is not installed
    ● [App] Display Zygisk status, add restart reminder
    ● [Zygisk] Correctly handle child zygote
    ● [Zygisk] Disable conflicting riru modules
    ● [Sepolicy] Fix Android 8 terminal cannot get root

    👍 PW
    10
    cb4361b7-alpha report:
    w/ RN8T, Stock MIUI, Android 10

    Two reboots needed initially.

    Zygisk & Riru w/ Universal SafetyNet Fix 2.1.1, LSPosed, Un-Share all working fine.

    SafetyNet passing w/ SafetyNet Google Play Services process denied.

    ViPER4Android FX Neon driver status normal.

    With Zygisk enabled Riru-MomoHider causes instability / system crashes even when only app_zygote_magic hiding is configured. 😕

    Great progress! 👍 PW
    Some have been waiting..
    Some have been using vvb2060's alpha builds..

    I have been sneaking a peak by running personal builds from John's master branch. :sneaky:
    Magisk - GitHub - Building and Development - Link

    A few days ago (23.Sep.2021), I was surprised when my OnePlus 6T passed SafetyNet. o_O
    It has been about three or four weeks since it passed SafetyNet.

    Problems I have run into..
    Every now and then, something misfires on boot and Magisk is not active (Installed N/A).
    Normally a reboot is all that is needed, occasionally I have to re-install magisk.

    I ran into an old issue on my 6T (clean install) installing Magisk.
    I had to flash a magisk patched image to both the active and inactive boot slot.
    Need to test again with another clean install.​

    Currently I have a few devices running these (sneak peak) build(s) and passing SafetyNet.

    OnePlus 5T
    Older device, does not have the hardware for hardware attestation.
    • Stock OnePlus OS 10.0.1 (SDK29)
    • Magisk (snapshot build)
    • MagiskHidePropsConf (Magisk Module)
      • Enable Zygisk
      • Enable DenyList
      • add com.google.android.gms.unstable to the DenyList.
        Magisk is in /sbin so only needed to Deny .unstable
      • Enable the MagiskHide props. option in the MagiskHidePropsConf module.
    Reboot in between steps as needed.

    OnePlus 6T
    • Stock OnePlus OS 11.0.0 (SDK30)
    • Magisk (snapshot build)
    • Universal SafetyNet Fix (Magisk Module)
      • Enable Zygisk
      • Enable DenyList
      • add com.google.android.gms.unstable to the DenyList.
      • add com.google.android.gms to the DenyList.
    Reboot in between steps as needed.

    Pixel 3a
    Custom rom that passes SafetyNet on it own.
    Installing Magisk breaks SafetyNet.

    • ABC Rom 11 (SDK30)
    • Magisk (snapshot build)
      • Enable Zygisk
      • Enable DenyList
      • add com.google.android.gms.unstable to the DenyList.
      • add com.google.android.gms to the DenyList.
    Reboot in between steps as needed.

    Earlier today, I setup an update channel so I could test a few more things.
    • Install update from online.
    • Repack (Hide/Restore) the Magisk app.
    All worked. :)
    Note:
    I will have to wait until the next commit(s) to see if I can update while the Magisk app is hidden. 🙃

    ---

    So far The next step of growth and development of Magisk is looking great. :)

    I am excited and eagerly waiting for the next canary build for proper testing. :D

    Cheers all. :cowboy:

    PS.
    Some screenshots from my 6T. ;)


    Edit (5.Oct.2021):
    Please see my follow up post.
    Post 48,294 - Link
  • 1067
    This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases.
    All information, including troubleshoot guides and notes, are in the Announcement Thread
    156
    Hello, I haven't given much support on XDA lately. It can be resulted from
    • University started and I have limited free time. In fact, I mostly develop during midnight
    • I live in Taiwan, which has large time zone differences between my European/American contributors/testers, which usually forces me to stay up late at night to discuss/test stuffs.
    • The new version is about to come, I don't want to spend effort on supporting old releases
    The planned update is delayed again and again, to some point I think I'll shed some light about what has been happening lately, also along with some announcements.

    New Forum!
    As you might have already discovered, Magisk got its own subforum on XDA! Many thanks to all the support you gave me, and much more information/features/support is about to come!
    **For developers supporting all the devices that are not using standard Android boot format, feel free to create threads in this section (actually, PLEASE do so) for your favorite devices after v7 is out. As I currently know, Asus devices require signing the boot image before flashing, and is model dependant; Sony devices seems to use ELF kernel that is unpatchable, or some has two ramdisks (inner + outer), both requires different workarounds; LG bootloader locked devices has to manually "BUMP" the boot image after flashing Magisk..... and there may be lots of other crazy boot image formats that haven't come up to my attention yet.
    It is impossible for me to support all these non-standard boot images, and I hope the community can collaborate to make Magisk running across all the devices. Overall, community collaboration is what XDA about :D

    The Pixel Phone
    Some of you might already know this news, that the next Pixel Phone right around the corner seems like it does not have ramdisk in boot image, which pretty much wrecked Magisk in all ways. However, it pretty much doomed root itself too. Kernel modifications is inevitable IMO, so I'll try to migrate my scripts to C programs that could possibly be included into the kernel itself. Note that I'm not familiar with linux kernel, I'm not even sure if my idea and concept is correct or not. But once the device is available, I think developers will find a way to bypass all the difficulties, and I'll do my best to learn things ;)

    Current Progress
    In the past month, I've spent quite some time learning SELinux, so that I can avoid using SuperSU's sepolicy patches. Thanks to the helps and tips from @phhusson and @Chainfire, I finally have a much clearer understanding of how SELinux works. The Magisk core parts (the scripts, boot image patches, new features, more supports) are actually done some time ago. What is causing all the delays is the Magisk Manager.
    To be completely honest, although I can code in Java without much issues, Magisk Manager is actually my first Android application, I had to reach out for assistance, and fortunately awesome developers like @DVDandroid and @digitalhigh contributed a lot, which makes the current Manager awesome.
    After the repo system and module management is mostly done, I was about to do some adjustments and release, but what we really done is decided to add another feature: auto-unroot with per-app settings. I decided to wait for it to be finished, and then do my adjustments. Due to reasons that'll be mentioned later, this feature will likely not be available for the next release (should come in future updates)

    Safety Net Disaster
    Those who are using Magisk for Safety Net bypass purposes must have known that Google recently updated the detection method of my Systemless Xposed. I still have no idea what Safety Net is detecting, so currently I cannot fix it on my side (also because I'm busy working on the next update). However, suhide developed by @Chainfire is able to hide Xposed and worked fine.
    However, only my Systemless Xposed v86.2, which is based on SuperSU's su.d, is supported using that method. v86.2 and v86.5 (latest, Magisk based) have nearly identical binaries, and the only difference is the path where the binaries are stored.
    I'm still not sure what's the real issue for it not being supported, I just hope it is not done intentionally.

    Conclusion
    Due to the fact that my Safety Net bypass is not 100% perfect now, I do not want to spend any more time waiting for auto-unroot to be polished. What I'm doing now is finishing up all the things I'd like to change in Magisk Manager (it has been a while since I last contributed to Manager, my fellow developers are doing all the heavy job), which might take a little more time, after that, packed with tons of information to be announced in Magisk Section, I'll release the long awaited update.

    Hope this lengthy post gives you the idea of the whole situation, and again thanks for all your support!!
    121
    Ah, some Chainfire bashing, I hope it is not too late for me to exercise additional villainy.

    First, let me make clear I have nothing against @topjohnwu, nor against Magisk. Magisk is an interesting project and it certainly displays @topjohnwu ingenuity and persistence. I don't doubt we will see more interesting things from his hands.

    -------------------------

    What has happened here is not all that dark and complicated, from either end. I returned from holidays, and someone pointed me at Magisk. My first thought: interesting!

    Among other things, the thread lists some issues with SuperSU, which in combination with the phrase The developer also requests users to not bug Chainfire with compatibility requests for SuperSU with Magisk from the portal article, raised my left eyebrow by nigh half an inch. The popular systemless xposed mod is apparently now based on it, and apparently it now no longer works with SuperSU, and apparently I'm not supposed to fix that, nor any of the other found issues. I found that a bit weird. So yes, I have told @topjohnwu that I was a bit surprised he was posting about issues with SuperSU without notifying me about them (I can't fix or help fix issues I'm not aware of, after all).

    He's also spreading a modified version of the SuperSU package, which is not all that uncommon, nor necessarily a problem. I have not looked into what he modified, I only ran a few quick tests on one of my devices, and found some commonly used commands run as root to be broken. I have informed him of this as well.

    It appears the tool of choice for Magisk is phh's Superuser, because of some of the mentioned issues with SuperSU. That's fine by itself, but fixing issues in that superuser by incorporating SuperSU's binaries into it is a somewhat questionable practise. After all, SuperSU is a commercial closed-source package that helps pay for my dinner, and superuser is a direct competitor. I have informed him that I was surprised he did this without asking for permission. I have expressed similar surprise on him spreading a modified version of LiveBoot (which helps pay for a snack now and then).
    @topjohnwu has also stated that Magisk's scripts are largely influenced by mine (I have not checked). Scripts based on mine are used all over the place on XDA, some people have crafted amazing things based on them, I have never made an issue of this (otherwise I would have just made them binaries). But yes, I have also stated to him that I don't think it's very nice to base something on one program, and then using that to (almost exclusively) push something directly competing with that program.

    tl;dr Towards @topjohnwu, I have:
    - expressed surprise he has issues getting Magisk to work with SuperSU, and has chosen not to inform me about those
    - expressed surprise he is using SuperSU binaries in a competing superuser without permission
    - expressed surprise he is posting a modified LiveBoot without permission
    - informed him of issues with the modified SuperSU he has posted
    - let him know I thought it wasn't very nice to be applying my scripts to benefit seemingly exclusively that same competing superuser

    To be crystal clear:
    - I have not asked for an apology
    - I have not asked for Magisk to be abandoned, neither the root hiding nor systemless module parts, and certainly not systemless xposed
    - I have not made an issue of any of this anywhere, until this post
    - I have not even specifically asked for anything to be taken down (though obviously in my opinion the other superuser package mixed with SuperSU's binaries, as well as the LiveBoot package, should go)
    - I have not reported this thread to XDA moderators for copyright violations or otherwise

    While my conversation with @topjohnwu may not win any awards for being friendly (though it may win some for brevity), I think all things considered my response has been rather mild. To be perfectly honest, until the apology post, I thought this was over with already. I think the apology post was triggered because I haven't replied to his last PM for a while - I was in the zone, it happens.

    To emphasize again, I have nothing against @topjohnwu, Magisk, or systemless xposed, and it is certainly not my goal to see any of them go. If it can be made to work together with SuperSU, great.

    I get it though: you think of something, you want to see if you can make it work, you finally get it to work, you publish it, it takes off - enthusiasm gets the better of you. Maybe in the rush some mistakes are made. That doesn't mean you have to just drop it and run. None of my stuff would make it past 0.1 if I stopped at the first big mistake :)

    Aside from said being in the zone coding, I usually regret actually responding to these sort of things the day after, which has made me hesitant to reply. Surprise me.
    76
    Thread temporarily closed so everyone sees this.

    The flood of "SafetyNet isn't working for me either!" posts are not helpful, at all. Please refrain from posting further, it will be looked into. Please do not forget that not passing SafetyNet is 100% NORMAL AND INTENDED when you have an unlocked booloader or running custom firmware. These are workarounds and they will be worked around in turn.

    The Flash
    Forum Moderator

    EDIT: Thread is reopened... I will be cleaning any SafetyNet posts for a while to keep the thread clean for real issues.
    75
    Hello everyone!

    I am aware that Google has updated Safety Net that makes Magisk itself a no go for Android Pay. In fact, I witnessed the change live while I am developing the new magiskhide, which should hide all Magisk modules and Magisk installed root.

    Google is serious about Safety Net now, clearly hunting down all possibility to run Xposed with Safety Net passed. I spend quite some time examining the new security measures last midnight, and fortunately it seems that it is possible to run Magisk and root along with Safety Net if no Xposed is running. I'm glad I removed the old root toggle at the right time lol, that is no longer feasible with the latest detection.

    So stay tuned for the next update, it will come with bug fixes, along with the new magiskhide to bypass that Safety Net.

    Google, how will a few systemless mods do any harm :p:p