• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

Magisk General Support / Discussion

Search This thread

zgfg

Senior Member
Oct 10, 2016
6,070
3,575
could you please look at post #48711and tell me which?
Don't phone about True Phone Stub but your V4A version looks suspicious.
Most of the others I use(d) and they would not

Disable, reboot and check

I use another V4A - screenshot, it was (still is) available on the Repo and my phone never switches to Permissive (not even when playing)
 

Attachments

  • IMG_20211027_071421.jpg
    IMG_20211027_071421.jpg
    108.7 KB · Views: 57
  • Like
Reactions: Eng.Raman

Makishima

Senior Member
Jun 3, 2013
258
42
Xiaomi Mi A3
Google Pixel 4a
Any way to pass SN with the latest Magisk Canary on Pixel 4a now that Riru and USNF do not work? I denied gms and gms.unstable and cleared storage etc. and it seems I pass the basic integrity check but not CTS.
 

pndwal

Senior Member
With or without setns I have no difference. For me only isolated works (hiding su from the path)

With setns but without isolated - su is visible again in the path

Sticking with isolated - it worked to me with all flavours and Magisk versions (of course, without Zygisk and with Riru)
Yeah, as I said, you must set both to get setns (setns now doing the job faster etc instead of isolated). With setns but without isolated, nothing is working. 😜 PW
 

pndwal

Senior Member
Any way to pass SN with the latest Magisk Canary on Pixel 4a now that Riru and USNF do not work? I denied gms and gms.unstable and cleared storage etc. and it seems I pass the basic integrity check but not CTS.
Back to USNF 1.x series + MHPC Force Basic if affected by September Google server end changes.

Use test2 Shim-the-keystore USNF or other modified version for Samsung, Android 12 etc. PW
 

zgfg

Senior Member
Oct 10, 2016
6,070
3,575
Yeah, as I said, you must set both to get setns (setns now doing the job faster etc instead of isolated). With setns but without isolated, nothing is working. 😜 PW
As I wrote, isolated without setns works excellent, I never had any problem

However, with isolated + setns (or just setns) the phone looses fluidity

Hence again, for me setns does not bring any value, but brings troubles (isolated does not and makes the job)

Hence excellent, you can quote the author (I read myself, too), but setns is no use for me
 
  • Like
Reactions: 73sydney

Makishima

Senior Member
Jun 3, 2013
258
42
Xiaomi Mi A3
Google Pixel 4a
Back to USNF 1.x series + MHPC Force Basic if affected by September Google server end changes.

Use test2 Shim-the-keystore USNF or other modified version for Samsung, Android 12 etc. PW
I flashed the test2 USNF module and it still fails. I'm unsure what the September Google server end changes are. I have stable Android 12 and it worked fine with the previous canary without zygisk + Riru + latest USNF, Google Pay and everything worked.
 

pndwal

Senior Member
Do anyone know what can trigger ART parameters are abnormal in momo?
I have one app that seem to detect root no matter what I do, so I temporarily moved over to magisk alpha to try and use old magisk hide, Riru and Riru-momohider. To try and make momo don't detect root and see if that fixed the app, before I start decompiling the app to figure out what sort of root detection it does.

Update: the cause for art parameters are abnormal, was lsposed. Disabled lsposed and now momo are happy. Didn't fix my other app though, so back to drawing board I guess.

View attachment 5442733
Which app?
 

pndwal

Senior Member
I flashed the test2 USNF module and it still fails. I'm unsure what the September Google server end changes are. I have stable Android 12 and it worked fine with the previous canary without zygisk + Riru + latest USNF, Google Pay and everything worked.
Fix for September changes was added to 2.x, so if affected 1.x series incl. test versions may actually be working, but you will need MHPC fix in addition to see results. PW
 

pulpf

Member
Aug 25, 2011
21
3
OnePlus 7T
Generally, Riru cannot help you for SafetyNet. If you properly enabled Zygisk rebooted, Configured DenyList (GMS and GMS unstable), rebooted, you should pass SN.
If not, then you would need USNF and/or MHPC

As mentioned several times here, Riru is broken with Zygisk. And in your Canary, you need Zygisk for DenyList (hence for SN).
Therefore, if you really want Riru, you would need to switch to Alpha or Custom (many posts here how/where/what, etc) and use them as: Zygisk No, MagiskHide Yes (not the new DenyList)

And to avoid troubles when switching the Magisk flavour, better completely uninstall Magisk before you go
 

pulpf

Member
Aug 25, 2011
21
3
OnePlus 7T
thanks it seems to work.
i will try a payment tomorrow
root beer is not full, is this normal?
and magisk detector i don't know either? are there other modules needed?
 

Attachments

  • Screenshot_20211027-224534.jpg
    Screenshot_20211027-224534.jpg
    238.1 KB · Views: 90
  • Screenshot_20211027-225226.jpg
    Screenshot_20211027-225226.jpg
    250 KB · Views: 81
  • Screenshot_20211027-224438.jpg
    Screenshot_20211027-224438.jpg
    262 KB · Views: 80
  • Screenshot_20211027-225127.jpg
    Screenshot_20211027-225127.jpg
    278.3 KB · Views: 84
  • Screenshot_20211027-224404.jpg
    Screenshot_20211027-224404.jpg
    311.8 KB · Views: 91

pndwal

Senior Member
As I wrote, isolated without setns works excellent, I never had any problem

However, with isolated + setns (or just setns) the phone looses fluidity

Hence again, for me setns does not bring any value, but brings troubles (isolated does not and makes the job)

Hence excellent, you can quote the author (I read myself, too), but setns is no use for me
Well I didn't say you had a problem.

My comment was to make other user aware that Isolated "feature is deprecated because it will unmount Magisk modified files for every isolated processes, and the unmounting time cannot be well controlled, which may cause some modules to not work", and that setns is a "Faster new way to hide Magisk in isolated processes" but "Requires config "isolated" is enabled."

Seems you may not be running any affected modules nor facing isolated process related unmounting of modified files, but clearly mileage varys depending on setup.

Thanks for observation about fluidity w/ setns. - Different responsiveness shows something is active at least even if slower, but issues Dev mentioned may be more concerning for some... I hadn't noticed fluidity issues personally. PW
 

pndwal

Senior Member
Thank you for your quick answer! I Just -mmmh - I am not on stock, I am running a Custom Rom; to flash all AP files means being forced to flash all the other stock rom files - as far as I understand the installation guide. Are you sure? I tried different apk and different zip - only the old magisk23 apk did finiish (direct method and patching img), no other apk did manage that. Maybe the attached logs are clearer than me to show the difference. I can get Magisk classic, AND i would like to understand WHY it fails to run everything POST-magisk classic
Yup, it was a hurried / not fully considered reply. 🤪

I'm not a Sammy user so others will be better positioned to advise.

Seems John doesn't consider custom ROM variations on stock setup either.

Given the above, it seems you will need some of the sammy-specific methods since device is Android 9 LV. Eg, doubt you can use Fastboot, so must use Odin... I don't know if your custom Sammy ROM uses .tar files etc, or if "flash magisk_patched.tar as AP, together with BL, CP, and CSC (NOT HOME_CSC because we want to wipe data) from the original firmware" can be done with custom ROMs, but you may need to flash all ROM components (w/ patched boot image) in Odin incl. CSC or other method to wipe data for first root on Sammy (could be factory reset achieves same result w/ custom ROM?), I'm not sure.

Either way, look for clues to uniquely Sammy methods in John's instructions.

I'd read OP's in a few custom ROM threads for Sammy devices (information from threads for other models should help too); some are bound to give blow by blow root instructions... PW
 
Last edited:

m0han

Senior Member
Apr 30, 2012
4,479
1,629
setns works only when the config isolated is enabled...the 4 configs worked for me in both magisk custom and alpha...
i'm on the latest alpha. i have only gravitybox module in lsposed v1.6.2 (6152). screenshots of my other modules are here. i added setns and initrc, so i have isolated+setns+initrc now. on the github page i read initrc config would 'hide' the modified traces of init.rc. but, magisk detector continues to show init.rc has been modified by Magisk.
 

Attachments

  • Screenshot_20211028-100022_MiXplorer.png
    Screenshot_20211028-100022_MiXplorer.png
    113.7 KB · Views: 45
  • Screenshot_20211028-100854_Magisk_Detector.png
    Screenshot_20211028-100854_Magisk_Detector.png
    116.1 KB · Views: 41

zgfg

Senior Member
Oct 10, 2016
6,070
3,575
i'm on the latest alpha. i have only gravitybox module in lsposed v1.6.2 (6152). screenshots of my other modules are here. i added setns and initrc, so i have isolated+setns+initrc now. on the github page i read initrc config would 'hide' the modified traces of init.rc. but, magisk detector continues to show init.rc has been modified by Magisk.
Delete Cache and Data for Magisk Detector and test again - once it helped me, but only for a short time

Important: Be aware that detecting init.tc modifications by Magisk Detector is not reliable (false-positive results):

That has been mentioned here by @pndwall couple of times - search through the thread
 

pndwal

Senior Member
I'm on the latest alpha build. In my device OP8P, enabling Zygisk causes SN to fail and disabling it passes SN. Anything I'm doing wrong here.
Are you using USNF 2.x? These need Riru to work, and that is disabled in recent TJW and vvb2060 builds if Zygisk is enabled due to conflicts arising from last changes to make Zygisk compatible with LSPosed.

USNF 1.x series is working with Zygisk, but you may need MHPC Force Basic (or other) solution in addition. PW
 

Top Liked Posts

  • 1
    Anyone seen Happy Momo before?

    Hiding Zygisk may be possible! 😀 ...

    IMG_20211202_071617_752.jpg


    Translated:
    "The environment is normal, no changes to the environment have been found"

    Seems Shamico may be the answer, but early days... (according to this user / dev: nu11ptr)

    I know nothing about anime, Manga, demon-girl characters etc, and this may or may not be relavent:

    Does Momo like Shamiko?

    Throughout the series, Momo enjoys helping Shamiko become stronger in all aspects despite Shamiko's goal of defeating her. She has a strong passion for cute things (like cats and Tamasakura-chan) though she never admits it and avoid or derails any subject regarding herself
    https://machikado-mazoku.fandom.com/wiki/Momo_Chiyoda

    Anyway, looks like a genuine POC FWIW.

    🤪 😝 PW 😋
  • 30
    I've been following the thread for a long time now, and I think some users are still confused regarding the differences between the different variants of Magisk that are available for use. I'm going to try and summarize them here, which should be helpful for everyone:

    Magisk Variant​
    Stable​
    Canary​
    Alpha​
    Custom​
    Release
    Official​
    Official​
    Unofficial​
    Unofficial​
    Maintainer
    topjohnwu​
    topjohnwu​
    vvb2060​
    TheHitMan7​
    Project Link
    Zygisk
    No​
    Yes​
    Yes​
    Yes​
    DenyList
    No​
    Yes​
    Yes​
    No​
    MagiskHide
    Yes​
    No​
    Yes*​
    Yes​
    Modules Repo
    Yes​
    No​
    No​
    Yes​
    Download Link

    *If you turn off Zygisk in Alpha, then DenyList will act like MagiskHide. So essentially, you can have Zygisk On + DenyList or Zygisk Off + DenyList running as MagiskHide.

    In case I've gotten something wrong, or can add more information, please let me know. :) Cheers!
    14
    For those who use Alpha or new Canary and miss the old Modules Repo:

    Download and install their root app that will act like the old Modules tab with the integrated connection to the Repo

    Actually, two Repositories - the old 'official' one plus the alternative new Repo (the old/original TJW's Repo is closed for submission of any new modules - only the modules that were admitted previously could still be updated to the old 'official' Repo)
    13
    Great guide, thanks... I think I followed a similar guide from you a while back, but forgot full path requirement... Pinged you as I thought you'd come through! 👍

    I didn't say MagiskBoot was part of Magisk binary however... I clearly said 'magiskboot * binary * isn't working for me'. 😜 ...

    Thanks for the method. PW
    This one might be a bit more confusing. ;)

    Not sure I can operate Magiskboot before I flash it to the device. Once I flash Magisk, I have access to fastboot through recovery, and that's it.
    While catching up last night, I missed that you are not rooted. :oops:

    ---

    Without root, you need a directory with heightened permissions that you can access.

    You should be able to use the /data/local/tmp/ directory.

    Unzip the Magisk apk file and push the appropriate architecture to the device.
    Then set the permissions to be executable.

    Linux/Mac command line example.
    Make the appropriate changes if you use Windows.​
    • Unpack the lib directory from the Magisk apk file.
      unzip app-debug.apk lib*
    • Push the matching Magisk architecture to the device.
      adb push lib/YourDeviceArchitecture/* /data/local/tmp/
    • Push the boot image you want to modify to the device.
      adb push boot.img /data/local/tmp/
    • Set permissions.
      adb shell chmod 0755 /data/local/tmp/*.so
    • Enter adb shell and change directories.
      adb shell
      cd /data/local/tmp/
    • Run the commands using the ./ prefix.
      ./libmagiskboot.so

    Make the changes you want, exit the shell and pull the new-boot image to the computer.
    Reboot into bootloader and boot the new-boot image.

    Note:
    /data/local/tmp/ should be an empty directory.
    You should clear the directory after you are done using it. ;)


    Quick example just unpacking and repacking a boot image without root.
    Magiskboot Example - Pastebin - Link

    Hope it helps more than confuse. 🙃

    Cheers. :cowboy:
    12
    Hi all. :D

    I do not use twitter so, I am out of the loop at times. :confused:
    Links to a few tweets were noted in an issue on USNF github earlier today.

    Seemed to be appropriate to mention here.

    From John Wu.
    PSA: MagiskHide of Magisk v23.0 no longer passes SafetyNet, even with BASIC evalType. Tested on my Pixel 4 XL running stock Android 12 with vanilla Magisk v23.0.

    MagiskHide is *officially* dead. If you need any kind of root hiding, it's the perfect time to find alternatives.
    There are already plenty of "root hiding" modules out there that I'm aware of, some even utilizing the latest features of Magisk canary.

    I'm obligated to distance myself from any tamper detection circumvention, so I will not assist/promote any modules. Do your own research 🙃

    From osm0sis
    *Cough* @kdrag0n's Universal SafetyNet Fix (USNF) *Cough* 😘
    To be specific, Magisk Canary, Zygisk and DenyList enabled, and USNF v2.2.0+ is the way forward. 🤘

    Cheers all. :cowboy:
    10
    Gents, as grateful I am for all above substantial contributions I hope you allow me to express my "wonder"... As you all know off-topic posts (unless violating forum rules) are only removed on request of the threadowner, I'm just surprised that extremely experienced and knowledgable XDA users allow this thread to deviate from its subject.
    Just as an idea for similar "occasions" in future, hadn't it been better to simply point somebody to the well known subject matter related ad blocker threads? Okay, unexperienced members should certainly question themselves why they post off-topic in a thread. After the initial serious problems with the in-XDA-search, I meanwhile must say it's working excellent for me.

    And by the way: I've removed the link to paid applications as not being accepted on XDA. Please don't mind.

    Regards
    Oswald Boelcke
    Senior Moderator
  • 1069
    This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases.
    All information, including troubleshoot guides and notes, are in the Announcement Thread
    156
    Hello, I haven't given much support on XDA lately. It can be resulted from
    • University started and I have limited free time. In fact, I mostly develop during midnight
    • I live in Taiwan, which has large time zone differences between my European/American contributors/testers, which usually forces me to stay up late at night to discuss/test stuffs.
    • The new version is about to come, I don't want to spend effort on supporting old releases
    The planned update is delayed again and again, to some point I think I'll shed some light about what has been happening lately, also along with some announcements.

    New Forum!
    As you might have already discovered, Magisk got its own subforum on XDA! Many thanks to all the support you gave me, and much more information/features/support is about to come!
    **For developers supporting all the devices that are not using standard Android boot format, feel free to create threads in this section (actually, PLEASE do so) for your favorite devices after v7 is out. As I currently know, Asus devices require signing the boot image before flashing, and is model dependant; Sony devices seems to use ELF kernel that is unpatchable, or some has two ramdisks (inner + outer), both requires different workarounds; LG bootloader locked devices has to manually "BUMP" the boot image after flashing Magisk..... and there may be lots of other crazy boot image formats that haven't come up to my attention yet.
    It is impossible for me to support all these non-standard boot images, and I hope the community can collaborate to make Magisk running across all the devices. Overall, community collaboration is what XDA about :D

    The Pixel Phone
    Some of you might already know this news, that the next Pixel Phone right around the corner seems like it does not have ramdisk in boot image, which pretty much wrecked Magisk in all ways. However, it pretty much doomed root itself too. Kernel modifications is inevitable IMO, so I'll try to migrate my scripts to C programs that could possibly be included into the kernel itself. Note that I'm not familiar with linux kernel, I'm not even sure if my idea and concept is correct or not. But once the device is available, I think developers will find a way to bypass all the difficulties, and I'll do my best to learn things ;)

    Current Progress
    In the past month, I've spent quite some time learning SELinux, so that I can avoid using SuperSU's sepolicy patches. Thanks to the helps and tips from @phhusson and @Chainfire, I finally have a much clearer understanding of how SELinux works. The Magisk core parts (the scripts, boot image patches, new features, more supports) are actually done some time ago. What is causing all the delays is the Magisk Manager.
    To be completely honest, although I can code in Java without much issues, Magisk Manager is actually my first Android application, I had to reach out for assistance, and fortunately awesome developers like @DVDandroid and @digitalhigh contributed a lot, which makes the current Manager awesome.
    After the repo system and module management is mostly done, I was about to do some adjustments and release, but what we really done is decided to add another feature: auto-unroot with per-app settings. I decided to wait for it to be finished, and then do my adjustments. Due to reasons that'll be mentioned later, this feature will likely not be available for the next release (should come in future updates)

    Safety Net Disaster
    Those who are using Magisk for Safety Net bypass purposes must have known that Google recently updated the detection method of my Systemless Xposed. I still have no idea what Safety Net is detecting, so currently I cannot fix it on my side (also because I'm busy working on the next update). However, suhide developed by @Chainfire is able to hide Xposed and worked fine.
    However, only my Systemless Xposed v86.2, which is based on SuperSU's su.d, is supported using that method. v86.2 and v86.5 (latest, Magisk based) have nearly identical binaries, and the only difference is the path where the binaries are stored.
    I'm still not sure what's the real issue for it not being supported, I just hope it is not done intentionally.

    Conclusion
    Due to the fact that my Safety Net bypass is not 100% perfect now, I do not want to spend any more time waiting for auto-unroot to be polished. What I'm doing now is finishing up all the things I'd like to change in Magisk Manager (it has been a while since I last contributed to Manager, my fellow developers are doing all the heavy job), which might take a little more time, after that, packed with tons of information to be announced in Magisk Section, I'll release the long awaited update.

    Hope this lengthy post gives you the idea of the whole situation, and again thanks for all your support!!
    121
    Ah, some Chainfire bashing, I hope it is not too late for me to exercise additional villainy.

    First, let me make clear I have nothing against @topjohnwu, nor against Magisk. Magisk is an interesting project and it certainly displays @topjohnwu ingenuity and persistence. I don't doubt we will see more interesting things from his hands.

    -------------------------

    What has happened here is not all that dark and complicated, from either end. I returned from holidays, and someone pointed me at Magisk. My first thought: interesting!

    Among other things, the thread lists some issues with SuperSU, which in combination with the phrase The developer also requests users to not bug Chainfire with compatibility requests for SuperSU with Magisk from the portal article, raised my left eyebrow by nigh half an inch. The popular systemless xposed mod is apparently now based on it, and apparently it now no longer works with SuperSU, and apparently I'm not supposed to fix that, nor any of the other found issues. I found that a bit weird. So yes, I have told @topjohnwu that I was a bit surprised he was posting about issues with SuperSU without notifying me about them (I can't fix or help fix issues I'm not aware of, after all).

    He's also spreading a modified version of the SuperSU package, which is not all that uncommon, nor necessarily a problem. I have not looked into what he modified, I only ran a few quick tests on one of my devices, and found some commonly used commands run as root to be broken. I have informed him of this as well.

    It appears the tool of choice for Magisk is phh's Superuser, because of some of the mentioned issues with SuperSU. That's fine by itself, but fixing issues in that superuser by incorporating SuperSU's binaries into it is a somewhat questionable practise. After all, SuperSU is a commercial closed-source package that helps pay for my dinner, and superuser is a direct competitor. I have informed him that I was surprised he did this without asking for permission. I have expressed similar surprise on him spreading a modified version of LiveBoot (which helps pay for a snack now and then).
    @topjohnwu has also stated that Magisk's scripts are largely influenced by mine (I have not checked). Scripts based on mine are used all over the place on XDA, some people have crafted amazing things based on them, I have never made an issue of this (otherwise I would have just made them binaries). But yes, I have also stated to him that I don't think it's very nice to base something on one program, and then using that to (almost exclusively) push something directly competing with that program.

    tl;dr Towards @topjohnwu, I have:
    - expressed surprise he has issues getting Magisk to work with SuperSU, and has chosen not to inform me about those
    - expressed surprise he is using SuperSU binaries in a competing superuser without permission
    - expressed surprise he is posting a modified LiveBoot without permission
    - informed him of issues with the modified SuperSU he has posted
    - let him know I thought it wasn't very nice to be applying my scripts to benefit seemingly exclusively that same competing superuser

    To be crystal clear:
    - I have not asked for an apology
    - I have not asked for Magisk to be abandoned, neither the root hiding nor systemless module parts, and certainly not systemless xposed
    - I have not made an issue of any of this anywhere, until this post
    - I have not even specifically asked for anything to be taken down (though obviously in my opinion the other superuser package mixed with SuperSU's binaries, as well as the LiveBoot package, should go)
    - I have not reported this thread to XDA moderators for copyright violations or otherwise

    While my conversation with @topjohnwu may not win any awards for being friendly (though it may win some for brevity), I think all things considered my response has been rather mild. To be perfectly honest, until the apology post, I thought this was over with already. I think the apology post was triggered because I haven't replied to his last PM for a while - I was in the zone, it happens.

    To emphasize again, I have nothing against @topjohnwu, Magisk, or systemless xposed, and it is certainly not my goal to see any of them go. If it can be made to work together with SuperSU, great.

    I get it though: you think of something, you want to see if you can make it work, you finally get it to work, you publish it, it takes off - enthusiasm gets the better of you. Maybe in the rush some mistakes are made. That doesn't mean you have to just drop it and run. None of my stuff would make it past 0.1 if I stopped at the first big mistake :)

    Aside from said being in the zone coding, I usually regret actually responding to these sort of things the day after, which has made me hesitant to reply. Surprise me.
    76
    Thread temporarily closed so everyone sees this.

    The flood of "SafetyNet isn't working for me either!" posts are not helpful, at all. Please refrain from posting further, it will be looked into. Please do not forget that not passing SafetyNet is 100% NORMAL AND INTENDED when you have an unlocked booloader or running custom firmware. These are workarounds and they will be worked around in turn.

    The Flash
    Forum Moderator

    EDIT: Thread is reopened... I will be cleaning any SafetyNet posts for a while to keep the thread clean for real issues.
    75
    Hello everyone!

    I am aware that Google has updated Safety Net that makes Magisk itself a no go for Android Pay. In fact, I witnessed the change live while I am developing the new magiskhide, which should hide all Magisk modules and Magisk installed root.

    Google is serious about Safety Net now, clearly hunting down all possibility to run Xposed with Safety Net passed. I spend quite some time examining the new security measures last midnight, and fortunately it seems that it is possible to run Magisk and root along with Safety Net if no Xposed is running. I'm glad I removed the old root toggle at the right time lol, that is no longer feasible with the latest detection.

    So stay tuned for the next update, it will come with bug fixes, along with the new magiskhide to bypass that Safety Net.

    Google, how will a few systemless mods do any harm :p:p