[Pie/10/11] [System-as-root] Multidisabler: disables encryption, Vaultkeeper, auto-flash of stock recovery, proca, wsm, cass, etc.

Search This thread
By:
Advanced…
ianmacd

ianmacd

Senior Member
Jan 5, 2016
2,358
3,863
Amsterdam
localhost
Samsung Galaxy Tab S7 / S7 Plus
Google Pixel 6 Pro
The multi-disabler started life on the Exynos S10 range, the first Samsung devices to launch with Android 9 (Pie). Since then, it has grown to support a great many Samsung devices running either Android 9, 10 or 11, and with either an Exynos or a Qualcomm SoC at their core. This includes the S10 and S20 series, the N10 and N20 series, the A10 - A70 series, the Tab A and Tab S series, Z Flip and (Z) Fold devices, and many more.

When flashed onto a compatible device, the multi-disabler will semi-permanently disable a number of device protection features and services that become problematic on a rooted device. Some pose a threat to the rooted state of the device, while others become dysfunctional and generate a flood of log messages. Semi-permanently in this context means that the disablement will persist until re-enabled by the user, for example as a side-effect of flashing new firmware with Odin. You will therefore need to reflash the multi-disabler every time you perform a system-wide firmware update.

The methodology of the multi-disabler is the path of least intervention. This means that for any given device, only those services that must be disabled to ensure the smooth operation of the device will be tackled.

The following is a list of features disabled by the multi-disabler on Samsung devices launched in 2019:

  • FBE (file-based encryption): Until this is disabled, most versions of TWRP — all for Exynos devices and many for Qualcomm — cannot read files on /data (the userdata partition). You must format /data to actually remove FBE after disabling it. Back up your data first!
  • Vaultkeeper: Magisk now dynamically disables this during boot, but if you boot outside of Magisk, it will return with a vengeance on some devices.
  • Process authentication (a.k.a. proca): This service must be disabled on some devices in order to use a custom kernel without problems. Note that all 2019 devices with TWRP utilise a custom kernel for Android, because the same kernel is shared by Magisk to boot the system. This does not apply to devices lauched in 2020 and later.
  • Stock recovery auto-restoration: In certain circumstances, your device will automatically restore its stock recovery partition, overwriting your custom recovery (TWRP). Magisk now also provides dynamic protection against this, but again, this will not save you if you boot outside of Magisk.
  • wsm: On Android 10 and 11, this service prevents Samsung smartwatches from connecting to the Galaxy Wearable app.
  • Extra services are disabled as needed per device.

Furthermore, when the ZIP file is renamed to contain the string _btfix somewhere in the name and the file is then flashed on a supported Android 10 device, the system's libbluetooth.so library will be patched in situ to prevent the loss of Bluetooth pairings across reboots. This is a recurring issue with many rooted Samsung devices manufactured before 2020 and updated to Android 10. Devices launched in 2020 and later do not need this patch.

The multi-disabler's support for this solution is limited to a relatively small number of Samsung devices and is deprecated as of v3.0. It will be removed in a future release.

If you find that patching fails on your device, please refer to Arthur Trouillot's superior libbluetooth patcher, which supports a much wider variety of devices.

The multi-disabler is written in Bourne shell, so you can — and ideally should — audit the code yourself to ensure its safe operation. It's performing open-heart surgery on the software of your device, so you should not simply trust it. Apart from anything else, bugs can creep in from time to time, despite or sometimes even because of my refactoring of the code.

The multi-disabler is idempotent, which means you can safely flash it multiple times without incurring unintended side-effects.

The package is attached to this posting and the code is available on GitHub.
 

Attachments

  • multidisabler-samsung-3.1.zip
    3.9 KB · Views: 71,188
Last edited:
  • Like
  • Love
Reactions: Stephanizgo, elswerky, wowegoo and 154 others
ianmacd

ianmacd

Senior Member
Jan 5, 2016
2,358
3,863
Amsterdam
localhost
Samsung Galaxy Tab S7 / S7 Plus
Google Pixel 6 Pro
Change log

v3.1 (2020-12-30)

  • Fix failure to detect a Samsung device on some versions of TWRP.
  • Make deprecated libbluetooth patching also work on devices originally launched on Android 9 and later updated to Android 11.

v3.0 (2020-12-29)

  • Add support for Android 11.
  • All Samsung devices running Android 9 or later are now implicitly supported.
  • Fix bug that caused disablement of stock recovery auto-reflash to fail on Android 10 devices.
  • Improve progress and error reporting.

v2.6 (2020-10-05)

  • Add support for the North American Z Fold2 (F916U/U1).
  • Add support for the A71 (A715F).
  • Add support for the Note10 Lite (N770F).

v2.5 (2020-09-14)

  • Fix issue of 2019 devices upgraded to OneUI 2.5 (DTH firmware) not booting after flashing.
  • Add failsafe logic for robust mounting of System partition by devices using very recent TWRP builds from the Android 10 branch (e.g. S20, N20, Tab S7 and Z Fold2).
  • Disable cass service on S10 and N10 series devices (required for OneUI 2.5).
  • Added an extra path to files searched for Vaultkeeper service disabling.
  • Added an extra path to files searched for cass service disabling.
  • Added support for the Z Fold2 (F916B/N and F9160).

v2.4 (2020-09-10)

  • Added support for many new 2020 devices, such as the S20 and Note20 ranges, as well as the Tab S7 and Tab S7+ ranges.
  • Fixed mode of patched Bluetooth library to match original.
  • Other minor bug fixes.

v2.3 (2020-04-11)

  • Support Snapdragon-based devices that have been upgraded to Android 10, such as the F900[FN] (Fold), F907[BN] (Fold 5G), T860 (Tab S6) and T865 (Tab S6 LTE), as well as Asian S10 and Note10 models.
  • Improve robustness of libbluetooth patching.

v2.2 (2019-12-13)

  • Disable wsm service to allow Samsung smartwatches to connect to Galaxy Wearable app (thanks to Andrei Seitan).
  • Support optional patching of system libbluetooth.so for retention of Bluetooth pairings across reboots (thanks to Arthur Trouillot).
  • Remove undocumented interactive mode.

v2.1 (2019-12-04)

  • Fix disabling of Vaultkeeper and proca in the vendor interface manifest.
  • Add support for N971N (Korean N10 5G).

v2.0 (2019-11-30)

  • Add support for Exynos-based devices upgraded to Android 10.
  • Add support for T72[05].

v1.7 (2019-10-20)

  • Add generic support for Qualcomm devices.
  • Support the Qualcomm S10 (G9700, G9730 and G9750), Note10 (N9700, N9750 and N9760), Tab S6 (T860 and T865) and Fold (F900F and F907B) ranges.
  • Add support for more Korean (N type) variants.

v1.6 (2019-09-18)

  • Add support for more variants of A50: A505([YG]N|G).
  • Fix A205G detection.

v1.5 (2019-09-13)

  • Added support for A10 - A50 and Tab A 10.1.

v1.41 (2019-08-28)

  • Added support for N976B (Note 10+ 5G).

v1.4 (2019-08-28)

  • Changed regex that caused too much of $ANDROID_ROOT/init.rc to be commented out by some versions of sed(1).

v1.3 (2019-08-18)

  • Updated to work with TWRP 3.3.1-6_ianmacd and later for the S10 range.
  • Added support for Note 10 and Note 10+ F and N model devices.

v1.2 (2019-06-17)

  • Added support for G977B (S10 5G) model devices.

v1.1 (2019-04-22)

  • Fixed stock recovery auto-reflash prevention.
  • Added support for N (Korean) model S10 devices.

v1.0 (2019-04-09)

  • Initial version, supporting F model S10 devices.
 
Last edited:
  • Like
Reactions: [email protected], VHFG22, beanbean50 and 23 others
PiCkLeS

PiCkLeS

Senior Member
Mar 30, 2006
408
170
Kristianstad
Samsung Galaxy Z Fold2
Will this in some way remedy the problem that when powering off the S10, it wont listen to they keycombo to boot into TWRP anymore?

If one is in system, and do a reboot all is fine, it will heed the keycombo and let you into TWRP to do what you want and then reboot->recovery to start system with root.

But as soon as the device is turned completely off, it breaks.
 
  • Like
Reactions: Meteor100 and german2you
ianmacd

ianmacd

Senior Member
Jan 5, 2016
2,358
3,863
Amsterdam
localhost
Samsung Galaxy Tab S7 / S7 Plus
Google Pixel 6 Pro
Nextasy said:
Just a question: is this to be flashed after rooting with johnwu magisk root process or which rooting method would u advice?
Click to expand...
Click to collapse

If rooting with Magisk alone and in accordance with John Wu's instructions, this disabler isn't needed. If you're going to use a rooted TWRP image instead of stock recovery, however, then you're probably going to want to flash it.
 
  • Like
Reactions: destan4503, All-In-One, german2you and 8 others
Nextasy

Nextasy

Senior Member
Jan 1, 2006
260
50
Berlin and Toronto
Samsung Galaxy Z Fold3
So this basically would work for and with the "TWRP for Galaxy S10 Magisk Prepatched by geiti94" and not with John's!?...
After applying this patch and everytime l reboot my devoce it will reboot directly to rooted magisk environment without me going thru' the hassles associated with Johnwu magisk boot procedures?

Thanks for ur time to reply and the mod.

cheers
 
Last edited:
  • Like
Reactions: german2you
ianmacd

ianmacd

Senior Member
Jan 5, 2016
2,358
3,863
Amsterdam
localhost
Samsung Galaxy Tab S7 / S7 Plus
Google Pixel 6 Pro
Nextasy said:
So this basically would work for and with the "TWRP for Galaxy S10 Magisk Prepatched by geiti94" and not with John's!?...
After applying this patch and everytime l reboot my devoce it will reboot directly to rooted magisk environment without me going thru' the hassles associated with Johnwu magisk boot procedures?
Click to expand...
Click to collapse

No, this disabler has no effect on the need to hold down keys to boot the recovery partition.
 
  • Like
Reactions: destan4503, german2you and Brkge
T

tensux

Senior Member
Nov 18, 2011
1,069
294
boston
ianmacd said:
This one effectively supersedes the one in the TWRP thread, because that one disables only FBE encryption, while this disables several other things.
Click to expand...
Click to collapse

thanks, i am going to try it again. i have been able to get into twrp on the first try, but it always reboots after the Samsung logo comes up and it looks like its going to boot
 
  • Like
Reactions: german2you
D

dr4go

Senior Member
Dec 17, 2010
473
395
Vienna
tensux said:
thanks, i am going to try it again. i have been able to get into twrp on the first try, but it always reboots after the Samsung logo comes up and it looks like its going to boot
Click to expand...
Click to collapse
Same here... twrp+multi disabler+format data+wipe cache+soldier's zip (in that order). Everything was fine until I pressed power off. Needed to go all over again... and am wondering if it really pays off of having twrp......
 
T

tensux

Senior Member
Nov 18, 2011
1,069
294
boston
dr4go said:
Same here... twrp+multi disabler+format data+wipe cache+soldier's zip (in that order). Everything was fine until I pressed power off. Needed to go all over again... and am wondering if it really pays off of having twrp......
Click to expand...
Click to collapse

seems like only a very small amount of people have been able to get it to work. the procedures are more complicated than with past phones, but i wonder if there could be a very specific version of bootloader we need to have flashed, not just any of the ASCA's
 
PiCkLeS

PiCkLeS

Senior Member
Mar 30, 2006
408
170
Kristianstad
Samsung Galaxy Z Fold2
dr4go said:
Same here... twrp+multi disabler+format data+wipe cache+soldier's zip (in that order). Everything was fine until I pressed power off. Needed to go all over again... and am wondering if it really pays off of having twrp......
Click to expand...
Click to collapse

And, really, I think at this point that ppl saying it working for them actuallly never tried a true power down.

I still think therefore that all have the same problem. If you shutdown your phone manually or run out of battery, you are screwed.
 
  • Like
Reactions: dr4go
D

drago122

Senior Member
Dec 26, 2014
95
13
PiCkLeS said:
And, really, I think at this point that ppl saying it working for them actuallly never tried a true power down.

I still think therefore that all have the same problem. If you shutdown your phone manually or run out of battery, you are screwed.
Click to expand...
Click to collapse



What I didn't understand is what happens once you turn off the phone ?? Brick unrecoverable ??
Or it must be redone all starting from download mode and stock firmware, what interests me to know is only if the phone is easily recoverable or you risk big.
 
PiCkLeS

PiCkLeS

Senior Member
Mar 30, 2006
408
170
Kristianstad
Samsung Galaxy Z Fold2
drago122 said:
What I didn't understand is what happens once you turn off the phone ?? Brick unrecoverable ??
Or it must be redone all starting from download mode and stock firmware, what interests me to know is only if the phone is easily recoverable or you risk big.
Click to expand...
Click to collapse
What I mean is that few ppl actually turn off their phones. But if they do they are stuck with no way to boot system at all or able to boot into twrp recovery .

Most just reboot and there the keycombo works fine.

So if you have the twrp solution done, and power down your phone (off, not reboot) yes you probably must start over from the beginning.
 
  • Like
Reactions: drago122
D

drago122

Senior Member
Dec 26, 2014
95
13
PiCkLeS said:
What I mean is that few ppl actually turn off their phones. But if they do they are stuck with no way to boot system at all or able to boot into twrp recovery .

Most just reboot and there the keycombo works fine.

So if you have the twrp solution done, and power down your phone (off, not reboot) yes you probably must start over from the beginning.
Click to expand...
Click to collapse



Ok but you don't risk a hard brick, you have to start again from the download mode and the stock firmware must be put back and then everything else, correct?
 
You must log in or register to reply here.

Similar threads

corsicanu
[ROM][10] hadesRom Q Stock v2.0 for Exynos S10e/S10/S10+ [12.04.2020]
Replies
469
Views
114K
M
madeyongki
corsicanu
[ROM][OneUI] hadesRom Pie Stock v2.5 for Exynos S10e/S10/S10+ [28.11.2019]
Replies
296
Views
82K
zogoibi
zogoibi
corsicanu
[RECOVERY][OFFICIAL][3.6.1-x] TWRP for Galaxy S10/e/+/5G Exynos
Replies
487
Views
132K
patrykat
patrykat
geiti94
[RECOVERY][UNOFFICIAL] TWRP for Galaxy S10e/S10/S10+
Replies
471
Views
133K
Niroshft
Niroshft
O
[ROM][DISCONTINUED][OFFICIAL][12][Galaxy S10/e/+/5G] PixelExperience [AOSP][ENCRYPTION]
Replies
170
Views
34K
P
panchoyamut

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 157
    ianmacd
    ianmacd
    The multi-disabler started life on the Exynos S10 range, the first Samsung devices to launch with Android 9 (Pie). Since then, it has grown to support a great many Samsung devices running either Android 9, 10 or 11, and with either an Exynos or a Qualcomm SoC at their core. This includes the S10 and S20 series, the N10 and N20 series, the A10 - A70 series, the Tab A and Tab S series, Z Flip and (Z) Fold devices, and many more.

    When flashed onto a compatible device, the multi-disabler will semi-permanently disable a number of device protection features and services that become problematic on a rooted device. Some pose a threat to the rooted state of the device, while others become dysfunctional and generate a flood of log messages. Semi-permanently in this context means that the disablement will persist until re-enabled by the user, for example as a side-effect of flashing new firmware with Odin. You will therefore need to reflash the multi-disabler every time you perform a system-wide firmware update.

    The methodology of the multi-disabler is the path of least intervention. This means that for any given device, only those services that must be disabled to ensure the smooth operation of the device will be tackled.

    The following is a list of features disabled by the multi-disabler on Samsung devices launched in 2019:

    • FBE (file-based encryption): Until this is disabled, most versions of TWRP — all for Exynos devices and many for Qualcomm — cannot read files on /data (the userdata partition). You must format /data to actually remove FBE after disabling it. Back up your data first!
    • Vaultkeeper: Magisk now dynamically disables this during boot, but if you boot outside of Magisk, it will return with a vengeance on some devices.
    • Process authentication (a.k.a. proca): This service must be disabled on some devices in order to use a custom kernel without problems. Note that all 2019 devices with TWRP utilise a custom kernel for Android, because the same kernel is shared by Magisk to boot the system. This does not apply to devices lauched in 2020 and later.
    • Stock recovery auto-restoration: In certain circumstances, your device will automatically restore its stock recovery partition, overwriting your custom recovery (TWRP). Magisk now also provides dynamic protection against this, but again, this will not save you if you boot outside of Magisk.
    • wsm: On Android 10 and 11, this service prevents Samsung smartwatches from connecting to the Galaxy Wearable app.
    • Extra services are disabled as needed per device.

    Furthermore, when the ZIP file is renamed to contain the string _btfix somewhere in the name and the file is then flashed on a supported Android 10 device, the system's libbluetooth.so library will be patched in situ to prevent the loss of Bluetooth pairings across reboots. This is a recurring issue with many rooted Samsung devices manufactured before 2020 and updated to Android 10. Devices launched in 2020 and later do not need this patch.

    The multi-disabler's support for this solution is limited to a relatively small number of Samsung devices and is deprecated as of v3.0. It will be removed in a future release.

    If you find that patching fails on your device, please refer to Arthur Trouillot's superior libbluetooth patcher, which supports a much wider variety of devices.

    The multi-disabler is written in Bourne shell, so you can — and ideally should — audit the code yourself to ensure its safe operation. It's performing open-heart surgery on the software of your device, so you should not simply trust it. Apart from anything else, bugs can creep in from time to time, despite or sometimes even because of my refactoring of the code.

    The multi-disabler is idempotent, which means you can safely flash it multiple times without incurring unintended side-effects.

    The package is attached to this posting and the code is available on GitHub.
    View
    26
    ianmacd
    ianmacd
    Change log

    v3.1 (2020-12-30)

    • Fix failure to detect a Samsung device on some versions of TWRP.
    • Make deprecated libbluetooth patching also work on devices originally launched on Android 9 and later updated to Android 11.

    v3.0 (2020-12-29)

    • Add support for Android 11.
    • All Samsung devices running Android 9 or later are now implicitly supported.
    • Fix bug that caused disablement of stock recovery auto-reflash to fail on Android 10 devices.
    • Improve progress and error reporting.

    v2.6 (2020-10-05)

    • Add support for the North American Z Fold2 (F916U/U1).
    • Add support for the A71 (A715F).
    • Add support for the Note10 Lite (N770F).

    v2.5 (2020-09-14)

    • Fix issue of 2019 devices upgraded to OneUI 2.5 (DTH firmware) not booting after flashing.
    • Add failsafe logic for robust mounting of System partition by devices using very recent TWRP builds from the Android 10 branch (e.g. S20, N20, Tab S7 and Z Fold2).
    • Disable cass service on S10 and N10 series devices (required for OneUI 2.5).
    • Added an extra path to files searched for Vaultkeeper service disabling.
    • Added an extra path to files searched for cass service disabling.
    • Added support for the Z Fold2 (F916B/N and F9160).

    v2.4 (2020-09-10)

    • Added support for many new 2020 devices, such as the S20 and Note20 ranges, as well as the Tab S7 and Tab S7+ ranges.
    • Fixed mode of patched Bluetooth library to match original.
    • Other minor bug fixes.

    v2.3 (2020-04-11)

    • Support Snapdragon-based devices that have been upgraded to Android 10, such as the F900[FN] (Fold), F907[BN] (Fold 5G), T860 (Tab S6) and T865 (Tab S6 LTE), as well as Asian S10 and Note10 models.
    • Improve robustness of libbluetooth patching.

    v2.2 (2019-12-13)

    • Disable wsm service to allow Samsung smartwatches to connect to Galaxy Wearable app (thanks to Andrei Seitan).
    • Support optional patching of system libbluetooth.so for retention of Bluetooth pairings across reboots (thanks to Arthur Trouillot).
    • Remove undocumented interactive mode.

    v2.1 (2019-12-04)

    • Fix disabling of Vaultkeeper and proca in the vendor interface manifest.
    • Add support for N971N (Korean N10 5G).

    v2.0 (2019-11-30)

    • Add support for Exynos-based devices upgraded to Android 10.
    • Add support for T72[05].

    v1.7 (2019-10-20)

    • Add generic support for Qualcomm devices.
    • Support the Qualcomm S10 (G9700, G9730 and G9750), Note10 (N9700, N9750 and N9760), Tab S6 (T860 and T865) and Fold (F900F and F907B) ranges.
    • Add support for more Korean (N type) variants.

    v1.6 (2019-09-18)

    • Add support for more variants of A50: A505([YG]N|G).
    • Fix A205G detection.

    v1.5 (2019-09-13)

    • Added support for A10 - A50 and Tab A 10.1.

    v1.41 (2019-08-28)

    • Added support for N976B (Note 10+ 5G).

    v1.4 (2019-08-28)

    • Changed regex that caused too much of $ANDROID_ROOT/init.rc to be commented out by some versions of sed(1).

    v1.3 (2019-08-18)

    • Updated to work with TWRP 3.3.1-6_ianmacd and later for the S10 range.
    • Added support for Note 10 and Note 10+ F and N model devices.

    v1.2 (2019-06-17)

    • Added support for G977B (S10 5G) model devices.

    v1.1 (2019-04-22)

    • Fixed stock recovery auto-reflash prevention.
    • Added support for N (Korean) model S10 devices.

    v1.0 (2019-04-09)

    • Initial version, supporting F model S10 devices.
    View
    11
    ianmacd
    ianmacd
    Version 2.2 released.

    Change log

    v2.2 (2019-12-13)

    • Disable wsm service to allow Samsung smartwatches to connect to Galaxy Wearable app (thanks to Andrei Seitan).
    • Support optional patching of system libbluetooth.so for retention of Bluetooth pairings across reboots (thanks to Arthur Trouillot).
    • Remove undocumented interactive mode.

    See the OP for details of how to indicate that you want libbluetooth.so to be patched.
    View
    11
    ianmacd
    ianmacd
    Nextasy said:
    Just a question: is this to be flashed after rooting with johnwu magisk root process or which rooting method would u advice?
    Click to expand...
    Click to collapse

    If rooting with Magisk alone and in accordance with John Wu's instructions, this disabler isn't needed. If you're going to use a rooted TWRP image instead of stock recovery, however, then you're probably going to want to flash it.
    View
    11
    ianmacd
    ianmacd
    Version 2.0 released.

    This major version bump heralds the addition of support for Android 10.

    Earlier this week, the S10 series became the first Samsung devices to receive an official production release of Android 10. It's a fitting development for the product line that was also Samsung's first to come with Android 9 earlier this year. Indeed, those devices are what inspired the multi-disabler project that has since expanded to so many other devices.

    Change log

    v2.0 (2019-11-30)

    • Add support for Android 10.
    • Add support for T72[05].
    View

New posts