THIS WORKED FOR ME FOR MAGISK v14.3
ALSO WORKS ON MAGISK v14.5
I highly not recommend to use this guide for a different device other than the Xperia Z2 D6503.
All that aside, I managed to install magisk on my Stock Xperia Z2 and still keep ctsProfile and basicIntegrity: true.
HIGHLY RECOMMEND TO BACK EVERYTHING UP BEFORE PROCEEDING
You will need:
(OPTIONAL)Marshmallow FTF Firmware Here
Magisk Manager Here
ADB and Fastboot Here
Advanced Stock Kernel Here
TWRP Sirius Here
(OPTIONAL BUT HIGHLY RECOMMENDED) Use flashtool to flash the modified version of the stock ROM from above. It worked on this version but I can't really guarantee it will work on others. Can't really guarantee it will work on this either.(after you select the file there are 2 versions. pick the modified one).
1) Extract the Rootkernel_v4.31_Windows_Linux.zip and extract from the advanced stock kernel the boot.img (Rename it from boot.img to Old_boot.img)
2) Open cmd and use cd to reach the folder in which you extracted rootkernel.
Use the command "rootkernel Old_boot.img New_boot.img"
Say Yes to everything except installing TWRP.
3) Install Magisk Manager on your phone and copy "New_boot.img" to the phone.
4) Go to Magisk Manager settings , scroll to Update Channel and select Beta
5) Select install Magisk and select modify boot image. Select "New_boot.img" from the folder you copied it to
6) Extract adb to a folder
7) After patching the boot image at step 6, copy "patched_boot.img" from internal storage/MagiskManager to the folder in which you extracted adb
8) Copy TWRP to the adb folder and rename it to TWRP.img
9) Open cmd and use cd to navigate to the folder in which you copied adb. Type in the console "fastboot flash boot New_boot.img". Turn off your phone and then hold Volume Up whil plugging it into your pc(booting it into fastboot).
10) While still in fastboot, type "fastboot flash recovery TWRP.img"
11) Disconnect your phone from the pc. Wait a few seconds and then boot into TWRP (hold power button and Volume Down). A notification will pop up and select to "Keep System Readonly" (I think something like that). Reboot into system.
If everything worked as intended, a safetynet check will reveal everything in green, allowing you to both have root access and also run apps like Netflix and Android Pay
NOTE: Magisk Modules should be flashed via TWRP. For some reason, Magisk Manager is unable to install them.
EDIT: I tried to install xposed systemlessly but Safetynet was triggered. Don't think I can figure this out.
DahakePL tried with elite kernel and it didn't work. Writing this just in case anyone tries.
This worked for me but I can't guarantee it will work for you. (Photos at the end)
Did this guide help you? If you need any help, I will do my best to answer your questions.
I am not a developer and I do not really understand why or how everything works. I came across this method that worked for me and I thought I'd share it since I couldn't find a guide for my xperia phone when I needed it.
IN CASE SAFETY NET IS TRIGGERED, the only way to restore to everything in green is to reflash the stock rom (you don't have to format everything).
Did it work out for you? Just leave a reply saying that so I can figure out if everything works.