Magisk General Support / Discussion

Search This thread

pndwal

Senior Member
Yes. I flashed the unpatched image before the upgrade and in another try I reflashed the whole ROM just to be sure. Magisk App then didn't show any Magisk version installed. Then after flashing the patched image from that ROM (or doing a sideload) bootloops began.
Yes, device was completely clean.

So take it you restored original boot image, flashed Magisk from recovery as zip package(?) which failed, wiped data from recovery at this point (factory reset) and flashed ROM again before installing App again, patching boot.img from same ROM and rebooted --> bootloops?... PW
 
  • Like
Reactions: J.Michael

Johnassel

Senior Member
Jun 23, 2009
76
46
Dortmund
So take it you restored original boot image, flashed Magisk from recovery as zip package(?) which failed, wiped data from recovery at this point (factory reset) and flashed ROM again before installing App again, patching boot.img from same ROM and rebooted --> bootloops?... PW
Yes, that is what I did.
Now since LOS without MicroG is working without problems I assume it is a problem with the ROM itself.
 
  • Like
Reactions: J.Michael

pndwal

Senior Member
Yes, that is what I did.
Now since LOS without MicroG is working without problems I assume it is a problem with the ROM itself.
Seems so if you're sure you have boot.img matching that ROM (eg. didn't muddle these on PC)... I did suspect borked Magisk configuration .db / files in /data/adb but wipes would have sorted that...

One other possibility especially if a non-official LOS (but slim chance) is that maintaining dev is using a non LOS standard kernel... Custom kernels requiring AVB stripping using Magisk are also failing post 25.0 due to refactoring... PW
 

pndwal

Senior Member
What is MicroG? A Magisk module? An Android app?

Why isn't anyone suggesting that there is something wrong with MicroG? (There, I just did.)
MicroG implementation is gms core components + spoofing to allow use of some apps etc requiring Play Services (including S/N API) in place of GApps (Ie. a GApps substitute for those intent on 'de-Googling' Android)...

S/N implementation was broken for some 3 years, but some months ago users have again been able to pass S/N with MicroG component updates...

All this is immaterial to issues rooting ROM with Magisk however; Magisk should install on systems with or without either GApps or MicroG even if S/N API returns errors...

Issues with kernel implementation or other are the likely cause of bootloop issues etc. PW
 
  • Like
Reactions: J.Michael

zgfg

Senior Member
Oct 10, 2016
7,793
5,194
Since MagiskHide was removed from Magisk Alpha, now MagiskHide detection has gone public (see attached screenshot from Telegram channel)

Indeed, go to the GitHub and take Translate (Chrome):
 

Attachments

  • IMG_20220809_181046.jpg
    IMG_20220809_181046.jpg
    379.4 KB · Views: 36

Johnassel

Senior Member
Jun 23, 2009
76
46
Dortmund
Seems so if you're sure you have boot.img matching that ROM (eg. didn't muddle these on PC)... I did suspect borked Magisk configuration .db / files in /data/adb but wipes would have sorted that...

One other possibility especially if a non-official LOS (but slim chance) is that maintaining dev is using a non LOS standard kernel... Custom kernels requiring AVB stripping using Magisk are also failing post 25.0 due to refactoring... PW
Yes, it is strange. My solution for this is now official LOS+Magisk 25.2+microG module. Seems to work!
 

pndwal

Senior Member
Noted a post before yours
Yup... Saw yours when first posted and couldn't edit mine further due to XDA down/outage... Again!.. 🙄 ... Removed duplicate post now ...
Anyway, it could affect Magisk Delta users if/when root-fishing apps implement now the known code to their apps (probably they won't bother since MagiskHide was removed from official Magisk v24)
Guess it could... Don't know if similar detection works for denylist... Still, a fair trove of info now public... Could help modders too. PW
 

pndwal

Senior Member
Is it made public?...

Chinese info translated:

Magic Detector​

反Magic Hide​

The theoretical core of Magisk Hide is the mount namespace: magiskd waits for the mount namespace of the zygote child process to be separated from the parent process, and then unloads all Magisk mounts to the child process. Due to the nature of mount namespaces, the unmount operation will affect the child process of this child process, but not zygote. zygote is the parent process of all app processes, if zygote is handled by Magisk Hide, all apps lose root. MountModeThere is a parameter when zygote starts a new process , when it is Zygote.MOUNT_EXTERNAL_NONE, the new process does not mount the storage space, and there is no mount namespace separation step.

There are two cases, one is that the read storage space op of the application appops is ignored, and the other is that the process is an isolated process. The former application itself cannot be operated, and the latter has been supported since Android 4.1. In addition, the isolated process has an interesting feature: a random UID, which is different every time it runs. This interesting feature causes Magisk Hide to skip this process and not handle it before detecting the mount namespace.

The new version of Android system forces all zygote child processes to separate and mount namespaces, and the new version of Magisk detects isolated processes independently and supports its random UID feature. So the old method is obsolete.

The core of Magisk Hide's implementation is ptrace: magiskd tracks the zygote process, monitors fork and clone operations, that is, pays attention to the creation of child processes and their thread creation. After being triggered, read /proc/pid/cmdline and uid to determine whether it is the target process. The cmdline of the general application process is set in Java, and there are main threads and JVM virtual machine worker threads at this time. Before loading user code, there will be at least one binder call to start the binder thread, which triggers magiskhide to unload and mount. The only exception is the app zygote, which communicates over sockets like zygote without binder threads. No thread is started between setting cmdline and loading user code, so it can be detected by ptrace to determine the existence of magiskhide, even if it is not in the hidden list, as long as the function is turned on, it will be found.

Detect Magisk modules​

Although the Magisk module can be hidden on the file system, the modified content has been loaded into the process memory, which can be found by checking the maps of the process. The data displayed by maps contains the device on which the loaded file is located. The Magisk module will cause the path of some files to be in the system or vendor partitions, but the displayed device location is the data partition.

Detect MagiskSU​

Under normal circumstances, applications cannot connect to sockets not established by themselves, but Magisk modified SELinux. All applications can connect to the socket of the magisk domain. Each Magisk su process will establish a socket and try to connect all sockets. The number of sockets that are not rejected by SELinux is the number of su processes. The reliability of this detection method depends entirely on the strictness of SELinux rules. The Android version is too low to enforce SELinux, and the system greater than or equal to Android 10 does not allow sockets to be listed. So delete.

Test SELinux Policy​

SU software must pay attention to the following principles when modifying the SELinux policy, otherwise there will be security loopholes and ways to be detected.
  • The source domain and the target domain, one of which is the custom domain of the su program, it is safe to add rules;
  • Both parties are non-application domain and need to have a reasonable and necessary reason;
  • One side is the application domain, and adding rules is very dangerous. If it is the origin domain, the addition should be rejected.
Magisk has been fixed and therefore removed.

Detect init.rc modifications​

Random only works if it cannot be traversed. If it can be traversed, statistical methods can be used to find exactly what is different each time. Simply put: getprop, list init.svc.*, there will be several service names that are different every time you boot. Very boring detection, so removed.

👀 PW
 

pndwal

Senior Member
this 'R.I.P MagiskHide'

Or that girl just 'masturbate' again?
🙁
Here i tried her 'codes' (not her hands), even w/o adding it to MagiskHide's list, no detection or whatever she calls that makes 'R.I.P MagiskHide'
This:
1735a713-alpha
The original MagiskHide has been removed
... Are you using 1735a713-alpha?

According to @huskydg however, 'original MagiskHide' is just replaced with 'logcat method based MagiskHide'...
https://forum.xda-developers.com/t/...orks-by-vvb2060-support.4424845/post-87262393

Anyway, we were simply reporting the TG message re. "MagiskHide detection method and code used by momo have been made public"... And I don't use or test Alpha currently... PW
 
  • Like
Reactions: Stillhard

73sydney

Senior Member
🙁

This:

... Are you using 1735a713-alpha?

According to @huskydg however, 'original MagiskHide' is just replaced with 'logcat method based MagiskHide'...
https://forum.xda-developers.com/t/...orks-by-vvb2060-support.4424845/post-87262393

Anyway, we were simply reporting the TG message re. "MagiskHide detection method and code used by momo have been made public"... And I don't use or test Alpha currently... PW

Im just going to bake some cookies and sit back and wait for people to start posting in hysterics, like what happens when anything happens in magisk userspace...
 
  • Haha
Reactions: ipdev and Stillhard

huskydg

Senior Member
Feb 17, 2021
240
246
🙁

This:

... Are you using 1735a713-alpha?

According to @huskydg however, 'original MagiskHide' is just replaced with 'logcat method based MagiskHide'...
https://forum.xda-developers.com/t/...orks-by-vvb2060-support.4424845/post-87262393

Anyway, we were simply reporting the TG message re. "MagiskHide detection method and code used by momo have been made public"... And I don't use or test Alpha currently... PW
I hope they don't public all momo detection
If they public all detection, the community will be hard to use root
 

huskydg

Senior Member
Feb 17, 2021
240
246
@pndwal Thing you didn't know, low Android users (Android 9 and bellow) and MomoHide or other code injection users are unaffected by this detection
 

Stillhard

Senior Member
Sep 25, 2016
152
124
🙁

This:

... Are you using 1735a713-alpha?

According to @huskydg however, 'original MagiskHide' is just replaced with 'logcat method based MagiskHide'...
https://forum.xda-developers.com/t/...orks-by-vvb2060-support.4424845/post-87262393

Anyway, we were simply reporting the TG message re. "MagiskHide detection method and code used by momo have been made public"... And I don't use or test Alpha currently... PW
I too never use her/their injected telemetry releases, i was just referring to her wording 'R.I.P MagiskHide' as you quoted and tested her newest Magisk Detector v3.0 with said, but no prove that MagiskHide detected as promoted

Edited: Added the link to the source of the apk (it's inside the artifact file)
 

Attachments

  • MagiskDetector-v3.0.apk
    103.3 KB · Views: 10

huskydg

Senior Member
Feb 17, 2021
240
246
I too never use she/their injected telemetry releases, i was just referring to her wording 'R.I.P MagiskHide' as you quoted and tested her newest Magisk Detector v3.0 with said, but no prove that MagiskHide detected as promoted
For riru users, this can be bypassed with MomoHider so this detection is meanless btw
 
Last edited:

pndwal

Senior Member
I too never use her/their injected telemetry releases, i was just referring to her wording 'R.I.P MagiskHide' as you quoted and tested her newest Magisk Detector v3.0 with said, but no prove that MagiskHide detected as promoted

Edited: Added the link to the source of the apk (it's inside the artifact file)
I don't doubt that the R.I.P. comment was a nostalgic reference, but I don't think it was a comment on or promotion of detection by MagiskDetector or other! 🤪

MagiskDetector release is cleary only due to it sharing code used in Momo and the 'momo' methods made public relating specifically to MagiskDetector...

The R.I.P. comment came immediately after the latest Alpha release with the release note
1735a713-alpha
The original MagiskHide has been removed
and the remark
The MagiskHide detection method and code used by momo have been made public

In this context it's obviously just an expected and logical update to these previous notes about pending removal of MagiskHide in Alpha specifically:
Chinese translated:

Jan 15
"Alpha will remove magiskhide once all popular Riru modules have released zygisk version and magisk stable version has officially released zygisk."
https://t.me/magiskalpha/406

Latest:
June 18
"According to telemetry data, the number of zygisk users has reached 78.3%, and after more than 85%, alpha will remove magiskhide."
https://t.me/magiskalpha/511
😅 PW
 
  • Like
Reactions: rodken

Top Liked Posts

  • 2
    I have problem to update Magisk in samsung note 9 sm-n960f/ds. Please help
    View attachment 5719965
    You need to do just as the message above states; download ROM corresponding exactly with current version (especially if you took OTAs since first Magisk installation), patch the AP binary and Odin flash all 4 binaries per 'Samsung (System-as-root)' section in Installation Instruction page under 'Upgrading the OS' (even though you're not 😉 ): Flash magisk_patched.tar as AP, together with BL, CP, and HOME_CSC...

    (- Please say if you use a custom ROM... May have additional issues...)

    This is needed because refactoring of magiskinit injection in 25+ has broken Direct Install (when updating previously patched boot images) in a number of 2SI boot type devices as images w/ patched fstab (no longer done) are now incompatible with magiskboot patching... Instructions for patching / flashing Magisk from unpatched images still works fine...

    Further, since updating your legacy ramdisk boot type device to Android 10 it has been automatically updated to 2SI boot type... As such 'Samsung (System-as-root)' section (methods, precautions, warnings) has information pertinent to your device despite the message "If your Samsung device is NOT launched with Android 9.0 or higher, you are reading the wrong section". (- This was true at the time of writing however since no Sammy devices yet had A10)...

    👀 PW
    1
    yes gsi was smooth.

    google A13 and i just discovered LeOS beta based on android 13 works fine too but there are no google apps. it is very smooth. and yes i did flash all the other binaries along with the patched ap file. i also have twrp installed and vb meta disabler.tar flashed along with it. thats how i install gsi's through twrp
    oh its not about magisk the A13 image didnt even boot at all no matter what i did. this build was actually based on sooti's android 13 aosp which didnt boot on alot of devices including mine soo it makes sense. maybe some better gsi will pop up eventually. but thanks
    ... Just a couple of thoughts:

    ROM Devs properly don't distribute GApps with ROM if they care about Google's rules / licensing for proprietary code, however these are easy to 'sideload', and distributions for this purpose, ie. for personal installation by end user on certified (licenced) or Google Registered (whitelisted for custom ROM use by submitting Google Services Framework Android ID) devices, are permitted / sanctioned by Google... You should be able to install OpenGapps, BitGapps, NIKGapps or other distributions after installing a ROM lacking these...

    If you can get a fastboot type distribution of your desired ROM you may have more success, and even with a recovery ROM you should be may be able to extract vbmeta partition and flash it with the following switches:
    fastboot flash vbmeta --disable-verity --disable-verification vbmeta.img
    per official Magisk (optional) instructions:
    https://topjohnwu.github.io/Magisk/install.html#patching-images
    instead of using 3rd party vbmeta disabling methods... I really don't know if this will help, but may be worth a shot...

    🙂 PW
  • 7
    Can someone either provide actual proof that zygisk/shamiko etc does anything to GPS (i havent had a single issue and i use it daily) or i dunno, maybe stop spreading FUD because of personal gripes you have against people on other platforms that dont take part here, and therefore wont get any of the swipes youre taking at them here that only further add to the aforementioned FUD.

    We've all had our moments with those folk and its fine to mention the odd bit of spice you may come across when trying to submit an issue on github (ive done this myself), but to then to continually poison magisk proper/shamiko because of that person/persons taking part is not helping anyone. Thats a personal gripe, and shouldnt colour the entire magisk (proper) project/shamiko. What we dont need is spice here....

    Please, you know who you are...

    I think we've all had enough, now
    5
    Hello good people,

    I'm trying my luck here hoping that someone more knowledgeable with magisk can give me a hint about my issue.
    I succeed to build a Samsung S22 Ultra (S908B) rom with f2fs rw partitions (stock rom has locked ro dynamic partitions) but it boots only on permissive kernel patched with magisk 24.3, more precisely 24301. I mention that it boots ok but zygisk cannot be activated. (activation ok in magisk app settings but it says Zygisk = No on magisk app home page)
    As soon I update and patch the kernel with a higher version of magisk, the phone bootloops. Tried all v24 and v25 magisk versions and it bootloops on any version higher than 24301.

    Here are the differences between magisk 24301 (boots ok) and 24302 (bootloop).

    Diffs 24301 --> 24302

    - Support multiple CPIO concatenated
    - Use /data as tmpfs mount point in 2SI setup
    - Cleanup inheritance
    - Introduce new sepolicy injection mechanism
    - Add hijack sepolicy support for rootfs devices
    - Remove unused code
    - Reorganize magiskinit code
    - Fix #5589 (WARNING: linker: su unsupported flags DT_FLAGS_1=0x8000001 after typing su on terminal emulator)
    - Log if failed to dlopen a zygisk module
    - Use standalone magiskpolicy
    - Make magiskinit not magiskpolicy
    - SAR can also have monolithic sepolicy
    - Also hijack plat_file_contexts if necessary

    PS. On stock rooted rom magisk update to v24 and v25 is ok but all partitions are ro. Although it still need permissive kernel to boot.

    Thank you in advance for any hint/advice.
    FWIW, I found older info I posted in addition to link above re. problems getting r/w /system at least w/ stock Android 10 or later any more due to shared blocks implementation:
    https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-85049195

    ... and re. Magic Mount, the new way to 'write' to /system w/ Magisk systemlessly.

    Of course you can rebuild whole filesystem to overcome OEMs locking /system to read only (by using an automated bash script by XDA member @lebigmac to "Universally Mount System read write"... BUT (big but), you MUST be adventurous / maverick / a 'Power User' / know your stuff) as mentioned, but you should be able to make just about any needed changes to /system systemlessly using Magisk without the myriad issues/pitfalls inherent in R/W mounted /system... Of course for simple property manipulation @Didgeridoohan's MagiskHide Props Config module is probably all you need, but you can overlay /system (hence Magisk description 'The Magic Mask for Android') with just about any files / code using Magisk Tools provided.

    Interestingly, the link following refers to how John Wu has even overlayed a stock system with an entire custom ROM as Proof of Concept for a projected Universal MultiROM (Magisk powered custom ROM)... Unfortunately he didn't take that much further...

    I posted (earlier) info on these two methods here:
    https://forum.xda-developers.com/t/magisk-general-support-discussion.3432382/post-84859571

    🤠 PW
    5
    I'm sorry I didn't realize that.

    I've been so used to generic steps (boot recovery -> flash recovery -> reboot recovery -> wipe all -> flash firmware -> flash ROM -> flash GApps -> flash dm-verity disabler -> boot system -> boot recovery -> flash Magisk -> flash *Posed) that I didn't bother checking if steps have changed.

    Therefore, neither.

    Honestly I think it's too bad that we can't just flash ZIPs anymore, that was so easy.

    Anyway, thank you for your response.
    For everyone, a bit of

    Insight into Custom Recovery installation method Depreciation:

    Yup... Method was fine for old legacy ramdisk booting devices, but does rely on custom recovery compatibility, and John ended up fielding the TWRP issues; plenty from official TWRP builds not to mention broken unofficial ones... Then Dees Troy needed to attend to real life and Team Win simply couldn't adapt to Google's ever changing system architecture, boot methods etc fast enough and lagged way behind Magisk. (See John's Android Booting Shenanigans)...

    This precipitated the move to an installation solution that doesn't rely on other custom development, but wasn't the only practical consideration; 'Manager' and now 'App' patching w/ fastboot (etc) flashing meant owners of
    devices with no custom recovery can start rooting and do further modification
    https://forum.xda-developers.com/t/magisk-the-magic-mask-for-android.3473445/post-72587983
    and users can also preserve stock recovery to apply OTAs etc... Thus 'Magisk Manual Injection' was born...

    Next, support was added for patching Samsung AP firmware which recovery/zip installation couldn't achieve. Then with Project Treble came efforts to
    update Magisk to be modular and adaptive to follow Google's Pixel concept... modding a device has changed completely. I am a strong advocate of these new changes, praising the effort Google has put into designing such weird but fascinating setup despite many view this as "moves against developers".

    With the announcement of Project Treble, all devices will go through the same "Pixel-ize" treatment, so this future is inevitable. Project Treble is all about "modular", and Magisk has been rewritten to embrace this concept. I have spent extra effort to backport the changes made requires to run on these new modern devices to downward support all devices, so we do not need 2 drastically different installation methods...
    https://forum.xda-developers.com/t/magisk-the-magic-mask-for-android.3473445/post-74961572
    ... and then 'recovery mode' support for many A-only legacy SAR devices (A9 / 2018) w/ ramdisk only in recovery partition (again not supported by recovery/zip installation)... And it is now noted:
    This installation method is deprecated and is maintained with minimum effort. YOU HAVE BEEN WARNED!

    Installing using custom recoveries is only possible if your device has boot ramdisk.

    Installing Magisk through custom recoveries on modern devices is no longer recommended. If you face any issues, please use the proper Patch Image method.
    ...

    Note that even (old) legacy ramdisk boot-type devices are to be considered 'modern' once running Android 10+ as they are automatically converted to current 2SI "SAR" boot-type!...

    👀 PW
    5
    How does PixelFlasher invoke boot_patch.sh?
    Does it invoke it as an "executable", creating a new process? Or does it "source" it, so changes to the environment will survive?

    Does PixelFlasher create an environment variable named "SHA1"?

    My copy of boot_patch.sh has a compound statement that tests whether SHA1 has a non-zero length value before setting it to the sha1 of the boot image. If the environment variable is already set, it will not be overwritten. I don't know why.
    I wouldn't source. The script is supposed to be called as an executable

    Eg, my following code is rather primitive but it dumps the active Boot partition (it supports A/B and non-A/B devices), then it patches by invoking the boot_patch.sh script, finally it dumps back to the Boot partition and automatically reboots

    Ie, it updates me the Magisk and it also leaves me the patched-boot img in the Download folder

    Code:
    #!/system/bin/sh
    
    # Boot partition
    AB=$(getprop ro.boot.slot_suffix)
    BOOT_PART=/dev/block/bootdevice/by-name/boot"$AB"
    
    # Boot and patched boot images
    DOWNLOAD=/sdcard/Download/
    BOOT_IMG="$DOWNLOAD"boot.img
    PATCHED_BOOT_IMG="$DOWNLOAD"patched-boot.img
    
    # Magisk path
    MAGISK_PATH=/data/adb/magisk/
    
    # Disk-dump boot image to Download folder
    dd if="$BOOT_PART" of="$BOOT_IMG"
    
    # Patch the boot image and move to Download folder
    "$MAGISK_PATH"boot_patch.sh "$BOOT_IMG"
    mv "$MAGISK_PATH"new-boot.img "$PATCHED_BOOT_IMG"
    
    # Flash the patched boot image
    dd if="$PATCHED_BOOT_IMG" of="$BOOT_PART"
    
    # Reboot
    reboot
  • 1085
    This is the place for general support and discussion regarding "Public Releases", which includes both stable and beta releases.
    All information, including troubleshoot guides and notes, are in the Announcement Thread
    156
    Hello, I haven't given much support on XDA lately. It can be resulted from
    • University started and I have limited free time. In fact, I mostly develop during midnight
    • I live in Taiwan, which has large time zone differences between my European/American contributors/testers, which usually forces me to stay up late at night to discuss/test stuffs.
    • The new version is about to come, I don't want to spend effort on supporting old releases
    The planned update is delayed again and again, to some point I think I'll shed some light about what has been happening lately, also along with some announcements.

    New Forum!
    As you might have already discovered, Magisk got its own subforum on XDA! Many thanks to all the support you gave me, and much more information/features/support is about to come!
    **For developers supporting all the devices that are not using standard Android boot format, feel free to create threads in this section (actually, PLEASE do so) for your favorite devices after v7 is out. As I currently know, Asus devices require signing the boot image before flashing, and is model dependant; Sony devices seems to use ELF kernel that is unpatchable, or some has two ramdisks (inner + outer), both requires different workarounds; LG bootloader locked devices has to manually "BUMP" the boot image after flashing Magisk..... and there may be lots of other crazy boot image formats that haven't come up to my attention yet.
    It is impossible for me to support all these non-standard boot images, and I hope the community can collaborate to make Magisk running across all the devices. Overall, community collaboration is what XDA about :D

    The Pixel Phone
    Some of you might already know this news, that the next Pixel Phone right around the corner seems like it does not have ramdisk in boot image, which pretty much wrecked Magisk in all ways. However, it pretty much doomed root itself too. Kernel modifications is inevitable IMO, so I'll try to migrate my scripts to C programs that could possibly be included into the kernel itself. Note that I'm not familiar with linux kernel, I'm not even sure if my idea and concept is correct or not. But once the device is available, I think developers will find a way to bypass all the difficulties, and I'll do my best to learn things ;)

    Current Progress
    In the past month, I've spent quite some time learning SELinux, so that I can avoid using SuperSU's sepolicy patches. Thanks to the helps and tips from @phhusson and @Chainfire, I finally have a much clearer understanding of how SELinux works. The Magisk core parts (the scripts, boot image patches, new features, more supports) are actually done some time ago. What is causing all the delays is the Magisk Manager.
    To be completely honest, although I can code in Java without much issues, Magisk Manager is actually my first Android application, I had to reach out for assistance, and fortunately awesome developers like @DVDandroid and @digitalhigh contributed a lot, which makes the current Manager awesome.
    After the repo system and module management is mostly done, I was about to do some adjustments and release, but what we really done is decided to add another feature: auto-unroot with per-app settings. I decided to wait for it to be finished, and then do my adjustments. Due to reasons that'll be mentioned later, this feature will likely not be available for the next release (should come in future updates)

    Safety Net Disaster
    Those who are using Magisk for Safety Net bypass purposes must have known that Google recently updated the detection method of my Systemless Xposed. I still have no idea what Safety Net is detecting, so currently I cannot fix it on my side (also because I'm busy working on the next update). However, suhide developed by @Chainfire is able to hide Xposed and worked fine.
    However, only my Systemless Xposed v86.2, which is based on SuperSU's su.d, is supported using that method. v86.2 and v86.5 (latest, Magisk based) have nearly identical binaries, and the only difference is the path where the binaries are stored.
    I'm still not sure what's the real issue for it not being supported, I just hope it is not done intentionally.

    Conclusion
    Due to the fact that my Safety Net bypass is not 100% perfect now, I do not want to spend any more time waiting for auto-unroot to be polished. What I'm doing now is finishing up all the things I'd like to change in Magisk Manager (it has been a while since I last contributed to Manager, my fellow developers are doing all the heavy job), which might take a little more time, after that, packed with tons of information to be announced in Magisk Section, I'll release the long awaited update.

    Hope this lengthy post gives you the idea of the whole situation, and again thanks for all your support!!
    121
    Ah, some Chainfire bashing, I hope it is not too late for me to exercise additional villainy.

    First, let me make clear I have nothing against @topjohnwu, nor against Magisk. Magisk is an interesting project and it certainly displays @topjohnwu ingenuity and persistence. I don't doubt we will see more interesting things from his hands.

    -------------------------

    What has happened here is not all that dark and complicated, from either end. I returned from holidays, and someone pointed me at Magisk. My first thought: interesting!

    Among other things, the thread lists some issues with SuperSU, which in combination with the phrase The developer also requests users to not bug Chainfire with compatibility requests for SuperSU with Magisk from the portal article, raised my left eyebrow by nigh half an inch. The popular systemless xposed mod is apparently now based on it, and apparently it now no longer works with SuperSU, and apparently I'm not supposed to fix that, nor any of the other found issues. I found that a bit weird. So yes, I have told @topjohnwu that I was a bit surprised he was posting about issues with SuperSU without notifying me about them (I can't fix or help fix issues I'm not aware of, after all).

    He's also spreading a modified version of the SuperSU package, which is not all that uncommon, nor necessarily a problem. I have not looked into what he modified, I only ran a few quick tests on one of my devices, and found some commonly used commands run as root to be broken. I have informed him of this as well.

    It appears the tool of choice for Magisk is phh's Superuser, because of some of the mentioned issues with SuperSU. That's fine by itself, but fixing issues in that superuser by incorporating SuperSU's binaries into it is a somewhat questionable practise. After all, SuperSU is a commercial closed-source package that helps pay for my dinner, and superuser is a direct competitor. I have informed him that I was surprised he did this without asking for permission. I have expressed similar surprise on him spreading a modified version of LiveBoot (which helps pay for a snack now and then).
    @topjohnwu has also stated that Magisk's scripts are largely influenced by mine (I have not checked). Scripts based on mine are used all over the place on XDA, some people have crafted amazing things based on them, I have never made an issue of this (otherwise I would have just made them binaries). But yes, I have also stated to him that I don't think it's very nice to base something on one program, and then using that to (almost exclusively) push something directly competing with that program.

    tl;dr Towards @topjohnwu, I have:
    - expressed surprise he has issues getting Magisk to work with SuperSU, and has chosen not to inform me about those
    - expressed surprise he is using SuperSU binaries in a competing superuser without permission
    - expressed surprise he is posting a modified LiveBoot without permission
    - informed him of issues with the modified SuperSU he has posted
    - let him know I thought it wasn't very nice to be applying my scripts to benefit seemingly exclusively that same competing superuser

    To be crystal clear:
    - I have not asked for an apology
    - I have not asked for Magisk to be abandoned, neither the root hiding nor systemless module parts, and certainly not systemless xposed
    - I have not made an issue of any of this anywhere, until this post
    - I have not even specifically asked for anything to be taken down (though obviously in my opinion the other superuser package mixed with SuperSU's binaries, as well as the LiveBoot package, should go)
    - I have not reported this thread to XDA moderators for copyright violations or otherwise

    While my conversation with @topjohnwu may not win any awards for being friendly (though it may win some for brevity), I think all things considered my response has been rather mild. To be perfectly honest, until the apology post, I thought this was over with already. I think the apology post was triggered because I haven't replied to his last PM for a while - I was in the zone, it happens.

    To emphasize again, I have nothing against @topjohnwu, Magisk, or systemless xposed, and it is certainly not my goal to see any of them go. If it can be made to work together with SuperSU, great.

    I get it though: you think of something, you want to see if you can make it work, you finally get it to work, you publish it, it takes off - enthusiasm gets the better of you. Maybe in the rush some mistakes are made. That doesn't mean you have to just drop it and run. None of my stuff would make it past 0.1 if I stopped at the first big mistake :)

    Aside from said being in the zone coding, I usually regret actually responding to these sort of things the day after, which has made me hesitant to reply. Surprise me.
    76
    Thread temporarily closed so everyone sees this.

    The flood of "SafetyNet isn't working for me either!" posts are not helpful, at all. Please refrain from posting further, it will be looked into. Please do not forget that not passing SafetyNet is 100% NORMAL AND INTENDED when you have an unlocked booloader or running custom firmware. These are workarounds and they will be worked around in turn.

    The Flash
    Forum Moderator

    EDIT: Thread is reopened... I will be cleaning any SafetyNet posts for a while to keep the thread clean for real issues.
    75
    Hello everyone!

    I am aware that Google has updated Safety Net that makes Magisk itself a no go for Android Pay. In fact, I witnessed the change live while I am developing the new magiskhide, which should hide all Magisk modules and Magisk installed root.

    Google is serious about Safety Net now, clearly hunting down all possibility to run Xposed with Safety Net passed. I spend quite some time examining the new security measures last midnight, and fortunately it seems that it is possible to run Magisk and root along with Safety Net if no Xposed is running. I'm glad I removed the old root toggle at the right time lol, that is no longer feasible with the latest detection.

    So stay tuned for the next update, it will come with bug fixes, along with the new magiskhide to bypass that Safety Net.

    Google, how will a few systemless mods do any harm :p:p