Database Develop

Advanteges of Magisk?

I want to root my device.
But I'm unable to decide that I should root via supersu or Magisk.
I've read that magisk provide systemless root, but what the advanteges of systemless root/magisk?
Can someone help me that what's the use/advantage of Magisk?
is it much stable then supersu?
I don't want to risk my device as I'm app developer

akash.galaxy07 said:
I want to root my device.
But I'm unable to decide that I should root via supersu or Magisk.
I've read that magisk provide systemless root, but what the advanteges of systemless root/magisk?
Can someone help me that what's the use/advantage of Magisk?
is it much stable then supersu?
I don't want to risk my device as I'm app developer
Click to expand...
Click to collapse
If you are an app developer, use Magisk. Magisk allows you to pass google's safety tests (Safetynet) - which you should know about if you develop apps! but basically, google will not think your device is compromised is you use Magisk, but WILL think your device is compromised if you use SuperSU - even if SuperSU is installed in Systemless mode. Don't forget to enable magisk hide in the Magisk Manager app to make sure this works though.
Some app developers will check safetynet upon launching their app to see if the device is compromised, and if it is, either restrict features, or deny access entirely. A good example of this is Banking apps, though they usually use their own root detection - but that can be hidden with Magisk Hide. - No bank wants their app being used on a compromised device, where a virus with root access could collect information. The more you know

manor7777 said:
If you are an app developer, use Magisk. Magisk allows you to pass google's safety tests (Safetynet) - which you should know about if you develop apps! but basically, google will not think your device is compromised is you use Magisk, but WILL think your device is compromised if you use SuperSU - even if SuperSU is installed in Systemless mode. Don't forget to enable magisk hide in the Magisk Manager app to make sure this works though.
Some app developers will check safetynet upon launching their app to see if the device is compromised, and if it is, either restrict features, or deny access entirely. A good example of this is Banking apps, though they usually use their own root detection - but that can be hidden with Magisk Hide. - No bank wants their app being used on a compromised device, where a virus with root access could collect information. The more you know
Click to expand...
Click to collapse
Thanks bro, and, is it stable too? I mean, are there any risks involved?

akash.galaxy07 said:
Thanks bro, and, is it stable too? I mean, are there any risks involved?
Click to expand...
Click to collapse
There are risks with any kind of root on your phone, as an app developer, you should know that.
You could get a virus that takes advantage of root to encrypt all of your files.
Again, you should know this if you are an app developer, there is a difference between creating a single app, and developing applications as a whole!
Magisk is very stable though, more so on OxygenOS but it will be pretty stable with LineageOS too! I have had no problems whatsoever! I have been using android pay and all my root apps without my phone ever crashing! And if you are careful, you won't get a virus (root will not cause a virus, user stupidity gets virus') - enjoy

I'd like to add the main advantage to why I use Magisk.
All my system modifications (build.prop changes, debloating, changed/removed ui audio, etc) are still there after a system update. Even if I have to do a clean install with a wipe, all it takes is flashing a couple of extra zips and everything is right back were I want it.

Didgeridoohan said:
I'd like to add the main advantage to why I use Magisk.
All my system modifications (build.prop changes, debloating, changed/removed ui audio, etc) are still there after a system update. Even if I have to do a clean install with a wipe, all it takes is flashing a couple of extra zips and everything is right back were I want it.
Click to expand...
Click to collapse
Can you please link me to Magisk installation thread for Oneplus 3t. I can't find any on XDA. I found one thread that belongs to Magisk dev but it is very confusing with installing all the systemless SuperSU and such.

vipivj said:
Can you please link me to Magisk installation thread for Oneplus 3t. I can't find any on XDA. I found one thread that belongs to Magisk dev but it is very confusing with installing all the systemless SuperSU and such.
Click to expand...
Click to collapse
There's no specific 3T thread that I know of... It's all there in the Magisk forums. It's not as complicated as it might seem.
If you're unrooted, just flash the Magisk zip in TWRP. Done!
If you have systemless SuperSU installed and want to keep it, just flash the Magisk zip in TWRP. Done!
If you have systemless SuperSU installed and want to switch to MagiskSU, you'll need to first remove SuperSU. Use the full unroot option in the SuperSU app and say yes when asked if you want to restore the boot image backup. After that, flash the Magisk zip in TWRP. Done!
If you have any other root installed, just flash the Magisk zip in TWRP and the installation script will do it's best to remove it and install MagiskSU instead. Done!
Edit: There might be variations on the above, depending on if you're using stock ROM or not. Take a look at the link in my signature if you run into problems. I've tried to collect as much info, tips and tricks as possible in one place.

Didgeridoohan said:
There's no specific 3T thread that I know of... It's all there in the Magisk forums. It's not as complicated as it might seem.
If you're unrooted, just flash the Magisk zip in TWRP. Done!
If you have systemless SuperSU installed and want to keep it, just flash the Magisk zip in TWRP. Done!
If you have systemless SuperSU installed and want to switch to MagiskSU, you'll need to first remove SuperSU. Use the full unroot option in the SuperSU app and say yes when asked if you want to restore the boot image backup. After that, flash the Magisk zip in TWRP. Done!
If you have any other root installed, just flash the Magisk zip in TWRP and the installation script will do it's best to remove it and install MagiskSU instead. Done!
Edit: There might be variations on the above, depending on if you're using stock ROM or not. Take a look at the link in my signature if you run into problems. I've tried to collect as much info, tips and tricks as possible in one place.
Click to expand...
Click to collapse
Thanks, it is clear now. Is it possible to 100% pass safety net with Magisk? I read somewhere that it's a hit and miss.
Apart from the Magisk modules what's the benefit of rooting with Magisk instead of superSU? I saw many people still support superSU than Magisk, does it mean that Magisk has some flows or bugs?

vipivj said:
Thanks, it is clear now. Is it possible to 100% pass safety net with Magisk? I read somewhere that it's a hit and miss.
Apart from the Magisk modules what's the benefit of rooting with Magisk instead of superSU? I saw many people still support superSU than Magisk, does it mean that Magisk has some flows or bugs?
Click to expand...
Click to collapse
I've had no issues passing SafetyNet on my OP3T. It depends on what ROM you're using and if you have any other modifications that Magisk Hide can't hide. Apart from Magisk Hide and systemless modifications Magisk is also open source, if you value that kind of stuff...
There might be apps out there that use specific SuperSU stuff and won't work fully with MagiskSU. I haven't had any issues though (apart from a couple of workarounds, like for Tasker - again, see my signature) and many app developers are starting to make their apps work with MagiskSU as well. Most work out of the box though.

MagiskHide
You can use apps like Android Pay or Snapchat on a rooted device

Didgeridoohan said:
I've had no issues passing SafetyNet on my OP3T. It depends on what ROM you're using and if you have any other modifications that Magisk Hide can't hide. Apart from Magisk Hide and systemless modifications Magisk is also open source, if you value that kind of stuff...
There might be apps out there that use specific SuperSU stuff and won't work fully with MagiskSU. I haven't had any issues though (apart from a couple of workarounds, like for Tasker - again, see my signature) and many app developers are starting to make their apps work with MagiskSU as well. Most work out of the box though.
Click to expand...
Click to collapse
Another noob question, what is the difference between normal and systeless SuperSU?
Considering current known problems Magisk have , isn't it a good idea to use Magisk superSU combo and SuperSU hide?

vipivj said:
Another noob question, what is the difference between normal and systeless SuperSU?
Considering current known problems Magisk have , isn't it a good idea to use Magisk superSU combo and SuperSU hide?
Click to expand...
Click to collapse
Systemless root doesn't alter /system... If you want a more in-depth explanation I'm sure your friend Google can explain it to you.
For OP3T on OxygenOS (I'm currently on 4.1.3) I've not experienced any issues with Magisk. I don't know what those "currently known problems" are that you're worried about...

Didgeridoohan said:
Systemless root doesn't alter /system... If you want a more in-depth explanation I'm sure your friend Google can explain it to you.
For OP3T on OxygenOS (I'm currently on 4.1.3) I've not experienced any issues with Magisk. I don't know what those "currently known problems" are that you're worried about...
Click to expand...
Click to collapse
I meant those issues happens with Tasker etc. Thank you for the answers, you've been very helpful.
I started googling and reading in XDA as well but you know the doubts that comes along ?

vipivj said:
I meant those issues happens with Tasker etc. Thank you for the answers, you've been very helpful.
I started googling and reading in XDA as well but you know the doubts that comes along
Click to expand...
Click to collapse
Ah... Ok. Those kind of issues are easy to work around and the next version of Tasker will have official MagiskSU support.

Use Magisk Manager
I also used Magisk Manager in my old device at it worked fine and as magisk allow you to root Android without effecting on system files I could also install root unsupported apps as well. So i think Magisk is the best solution for you.
link deleted by Moderator due to untrustworthy site will be a help full site to gather more info about magisk from one place.

Topjohnwu has strictly stated that any website which spreads Magisk is not official and cannot be trusted. The only official place is the XDA Thread. If you see any Member promoting an external site related to Magisk, please report the post.

Can't get Android 12 + Magisk + SafetyNet, no matter what... All the guides seem outdated

So I'm trying to get Android 12 working with root and SafetyNet passing. I found that all the guides to be wrong or outdated. Problem with the latest Magisk canary is that it does not support MagiskHide. Problem with the latest stable Magisk (v23) is that it doesn't support Android 12. Here are the combinations I've tried:
Canary Magisk APK, Canary Magisk boot image, with Universal SafetyNet Fix v2.2.1 (Zygisk)
Result: No way to test if safety net passes within Magisk, but it doesn't seem to work.
Canary Magisk APK, Stable Magisk v23 boot image, with Universal SafetyNet Fix v2.1.3 (Riru)
Result: Does not work. MagiskHide automatically turns off after every reboot, probably because the canary boot image does not support it.
Stable Magisk v23 APK, Stable Magisk v23 boot image
Result: Device fails to boot. fast food indicates in an invalid signature. presumably happening because stable magisk v23 does not support Android 12.
Based on these test results these are my assumptions:
1. There is no way to run Magisk 23 on Android 12, and this article and its screenshot are fake:
https://www.droidwin.com/how-to-roo...k-on-android-12/#STEP_6_Boot_to_Fastboot_Mode
and this also does not work: https://krispitech.com/how-to-pass-safetynet-on-rooted-android-12/
OR
It was possible and Android 12 September 5th patch level but somehow not the latest December build?
There is no advantage to running mismatched Magisk APK and boot image versions
Both the Zygisk and Riru versions of the SafetyNet Fix do not work on the latest Android 12 builds.
The new DenyList system does nothing in allowing a SafetyNet bypass.
The ONLY working method That can possibly bypass safety net on Android 12 is using either of these 2 Magisk forks:
Custom Magisk by TheHitMan7 (Can’t find download link)
Alpha Magisk by vvb2060 (Can’t find download link)
Are these assumptions correct? Can someone please correct my misunderstandings?

You need Universal Safetynet Fix v2.2.0 or v2.2.1 which was just released 10 days ago.
To be honest, I haven't tried v2.2.1 yet, but I would imagine it will work. I'm on v2.2.0 right now.
Get it from here: https://github.com/kdrag0n/safetynet-fix

I have been using Magisk Canary 23016, USNF 2.2.0, and MagiskHide Props Config 6.1.2 on my Pixel 5 running the December Android 12 release. SafetyNet passes, GPay works.
I have DenyList blocking both GPay and Google Play Store..
Either you have something configured wrong, or you're having a unique issue. Others have been able to pass SafetyNet using a similar configuration.
No, Magisk Stable does not currently support Android 12. You MUST use Canary 23016; none of the previous builds properly handle the vbmeta flags in the boot image header.

I'm using the latest magisk canary, USNF 2.2.1 and no magisk hide props and am passing. I have Zygisk enabled, but that's about it. Install was flawless. Followed V0latyle's thread on going from A11 to A12 when the canary update dropped.

Thank you everyone, I got it working the way you said! I was super close.
-----------------------------------
V0latyle said:
I have been using Magisk Canary 23016, USNF 2.2.0, and MagiskHide Props Config 6.1.2 on my Pixel 5 running the December Android 12 release. SafetyNet passes, GPay works.
I have DenyList blocking both GPay and Google Play Store..
Either you have something configured wrong, or you're having a unique issue. Others have been able to pass SafetyNet using a similar configuration.
No, Magisk Stable does not currently support Android 12. You MUST use Canary 23016; none of the previous builds properly handle the vbmeta flags in the boot image header.
Click to expand...
Click to collapse
I only blocked play services with deny list and it worked.
One of the guides told me to flash stock vbmeta (idk what this is), and this bricked it until I re-flashed the ROM. But I guess that's not needed anymore.

flyoffacliff said:
Thank you everyone, I got it working the way you said! I was super close.
-----------------------------------
I only blocked play services with deny list and it worked.
One of the guides told me to flash stock vbmeta (idk what this is), and this bricked it until I re-flashed the ROM. But I guess that's not needed anymore.
Click to expand...
Click to collapse
Which guide?

V0latyle said:
Which guide?
Click to expand...
Click to collapse
How to Root Pixel Devices via Magisk on Android 12
In this comprehensive tutorial, we will show you detailed steps to root your Pixel device via Magisk running Android 12.
www.droidwin.com
On step 7. It says it's not necessary for some reason on newer devices but pixel 5 and older still require it. What does flashing this file actually do? Like what's the file made of?

flyoffacliff said:
How to Root Pixel Devices via Magisk on Android 12
In this comprehensive tutorial, we will show you detailed steps to root your Pixel device via Magisk running Android 12.
www.droidwin.com
On step 7. It says it's not necessary for some reason on newer devices but pixel 5 and older still require it. What does flashing this file actually do? Like what's the file made of?
Click to expand...
Click to collapse
Nothing needs to be done with vbmeta as long as you're using Magisk 23016.
I'll try to explain what it is and what it does as simply as I can but there isn't really a simple explanation...
Some components of Android system security, such as Verified Boot, incorporate a means by which the data being loaded from critical partitions is checked in real time as it is loaded. This is called "device-mapper verity". The raw data itself is read at the block device level and used to create a hash; this hash is then compared to a reference hash to determine the data has not been modified. The partition that contains this reference hash is vbmeta.
When the Android 12 beta was first released, Magisk had not yet been updated to properly handle Android 12 boot image headers. Verified Boot is disabled for the most part when the bootloader is unlocked; however some elements still remain to ensure you're booting a proper device boot image. Magisk did not preserve necessary information in the boot headers, so the device wouldn't boot; we would get a message in bootloader stating failed to load/verify boot images
We figured out a workaround for this: disable dm-verity and vbmeta verification altogether. This was done by flashing the vbmeta partition with those two options:
Code:
flash vbmeta vbmeta.img --disable-verity --disable-verification
The problem with this is it has some sort of safety interlock that prevents system from loading if verity/verification are disabled and /data isn't clean. So, rooting required wiping data. You probably discovered this during your "brick": you got a screen reading Cannot load Android system. Your data may be corrupt.
We also discovered that the vbmeta workaround had to be performed every time vbmeta was flashed - meaning no OTA updates, because if vbmeta was flashed without the disable options, we wouldn't be able to boot a patched boot image, and even if we re-disabled verity/verification, the device still wouldn't boot unless data was clean. The only way to update AND reroot AND keep data was to ensure that verity and verification were disabled every time the device was updated.
Fortunately, Magisk 23016 fixed all of this. We don't have to mess with vbmeta anymore. Magisk properly preserves the flags in the boot header, meaning that AVB recognizes it as a legitimate boot image, and the device is happy.

has anyone able to pass safety CTSprofile ?
Basic integrity is pass but CTSprofile Check isnt passed...
anybody able to pass in A12 (OnePlus Nord)
tried all effort but dint work, even Universal SafetyNet Fix v2.2.1 (Zygisk) isnt working..
its makes Basic Integrity Fail after Flash ( Universal SafetyNet Fix v2.2.1 (Zygisk).
I roll back to A11 then sadly....

shhahidxda said:
has anyone able to pass safety CTSprofile ?
Basic integrity is pass but CTSprofile Check isnt passed...
anybody able to pass in A12 (OnePlus Nord)
tried all effort but dint work, even Universal SafetyNet Fix v2.2.1 (Zygisk) isnt working..
its makes Basic Integrity Fail after Flash ( Universal SafetyNet Fix v2.2.1 (Zygisk).
I roll back to A11 then sadly....
Click to expand...
Click to collapse
You're doing something wrong. Don't overlook anything. I'm on Android 12.1 and pass safety net, Google pay works, Netflix works.
Have you configured the deny list in magisk?? If not do that then. I'd start fresh, don't connect to anything on first start. Hide everything about those Google apps. Then add your accounts etc etc. This is what worked for me no problem

thatsupnow said:
You're doing something wrong. Don't overlook anything. I'm on Android 12.1 and pass safety net, Google pay works, Netflix works.
Have you configured the deny list in magisk?? If not do that then. I'd start fresh, don't connect to anything on first start. Hide everything about those Google apps. Then add your accounts etc etc. This is what worked for me no problem
Click to expand...
Click to collapse
I would like to know, how you are able to pass? I mean It is passed using Universal safetynet fix by Kdragon?
or without fix?
as you mention in your screenshot that you have put all google services in denylist,
I've already done that..
anything else ? you done it? can you show screenshot of your safetynet pass??

shhahidxda said:
I would like to know, how you are able to pass? I mean It is passed using Universal safetynet fix by Kdragon?
or without fix?
as you mention in your screenshot that you have put all google services in denylist,
I've already done that..
anything else ? you done it? can you show screenshot of your safetynet pass??
Click to expand...
Click to collapse
I'm using the latest safetynet fix v2.2.1 Kdragon

thatsupnow said:
I'm using the latest safetynet fix v2.2.1 Kdragon
Click to expand...
Click to collapse
Yes, you are able to pass both .. but i am having issue with OnePlus Nord A12..
On A11 i was able to pass without Universal fix..
but as I applied OTA of A12...
I lose safetynet pass.
let me know do you have any workaround?
I've applied Universal fix by Kdragon.. but before flashing Universal fix of Zygisk I was able to pass Basic Integrity but as soon as I flash Kdragon Universal fix of Zygisk both CTS profile & Basic Integrity gets failed... !!!!
I am still looking for solution to fix this issue..!! if you have any work around.. let me know.. I will do my best.. may be i need to modify device fingerprints with Security patch.? what you say?

shhahidxda said:
Yes, you are able to pass both .. but i am having issue with OnePlus Nord A12..
On A11 i was able to pass without Universal
I've applied Universal fix by Kdragon.. but before flashing Universal fix of Zygisk I was able to pass Basic Integrity but as soon as I flash Kdragon Universal fix of Zygisk both CTS profile & Basic Integrity gets failed... !!!!
Click to expand...
Click to collapse
shhahidxda said:
Yes, you are able to pass both .. but i am having issue with OnePlus Nord A12..
On A11 i was able to pass without Universal fix..
but as I applied OTA of A12...
I lose safetynet pass.
let me know do you have any workaround?
I've applied Universal fix by Kdragon.. but before flashing Universal fix of Zygisk I was able to pass Basic Integrity but as soon as I flash Kdragon Universal fix of Zygisk both CTS profile & Basic Integrity gets failed... !!!!
I am still looking for solution to fix this issue..!! if you have any work around.. let me know.. I will do my best.. may be i need to modify device fingerprints with Security patch.? what you say?
Click to expand...
Click to collapse
You do realise that your posting on the pixel 5 forum right?? I'd maybe go checkout what they are doing on the OnePlus side of the tracks

thatsupnow said:
You do realise that your posting on the pixel 5 forum right?? I'd maybe go checkout what they are doing on the OnePlus side of the tracks
Click to expand...
Click to collapse
Yes, I knew i am posting in Pixel 5 and this topic isnt mention on Oneplus section..
I am looking for a solution of this issue.. but nobody has mention it till now.

Android 12.1 + Magisk 25.1 + Zygisk + Google Play services on enforced Denylist > Works charmingly
Note 1: Enforce Denylist for all the Google Play services modules on Magisk.
Note 2: After reboot, clear data of Google Play services and Play Store to make a fresh start.

pseudokawaii said:
Android 12.1 + Magisk 25.1 + Zygisk + Google Play services on enforced Denylist > Works charmingly
Note 1: Enforce Denylist for all the Google Play services modules on Magisk.
Note 2: After reboot, clear data of Google Play services and Play Store to make a fresh start.
Click to expand...
Click to collapse
I have the same running on a Galaxy S10, but every time I put Google Play Services on the enforce Denylist and reboot it no longer shows there. I'm trying to be able to use my banking app, it worked charmingly on magisk 24 but not anymore. Any advice?

El3ssar said:
I have the same running on a Galaxy S10, but every time I put Google Play Services on the enforce Denylist and reboot it no longer shows there. I'm trying to be able to use my banking app, it worked charmingly on magisk 24 but not anymore. Any advice?
Click to expand...
Click to collapse
What do you mean by "it no longer shows there"? Does the Google Play services disappear after putting on denylist? Did you enable the "Enforce Denylist" option? Did you do a retest of SafetyNet after reboot?

El3ssar said:
I have the same running on a Galaxy S10, but every time I put Google Play Services on the enforce Denylist and reboot it no longer shows there. I'm trying to be able to use my banking app, it worked charmingly on magisk 24 but not anymore. Any advice?
Click to expand...
Click to collapse
Yea and it won't stick I've tried that too. You don't need to add Google Play services to the deny list anyway

thatsupnow said:
Yea and it won't stick I've tried that too. You don't need to add Google Play services to the deny list anyway
Click to expand...
Click to collapse
If you're using Universal Safetynet Fix, Play Services is blocked out of the box. I had the same thing happen in one of the newer releases and thought it was an issue. It isn't. Play Services is blocked even though it doesn't show it.

Magisk Update from 2.30 to 2.4.1 Guide for dummies

The new Magisk is here and with it some major changes. One of the most important is the removal of support for "MagiskHide". There are many advanced users who have figured this all out already and few (maybe more) like me who are just kind of lost not knowing what should be exactly done to be able to update and be able to use Magisk as they were, before the update.
I was hoping that a kind soul would put up an easy step by step guide to help these users and at the same time it will avoid a lot of repetitive questions on the main thread. I personally spent a long time reading many pages and was not able to fully understand what should be done.
In my case all I want to achieve is to update and be able to hide Magisk like it was in the previous version. Should I start by un-hiding it first before doing the update?
(what and how and from where) should I add something that will replace the hiding function? Viola! these are the kind of simple questions that will help some of us get going
I hope that someone will bring his precious help

Yeah I unfortunately did my upgrade and fought with the whole process for 6 hours straight (lol) and I still don't know what I did exactly to even begin to write any instructions - other than 6 hours straight of reading and trying and hoping .....
Not sure if you have been able to refer to this which helped me.... But, I also have an very basic understanding of how my device (OnePlus 7T) works with Magisk... Hope this helps. May be see if your specific device has the instructions already posted in the device specific forum here?
Installation
The Magic Mask for Android
topjohnwu.github.io
I've not used the Magisk hide cause I haven't needed it - BUT, it's still available in the latest Magisk Manager (24.1) in the Magisk Manager settings. I'm only using the systemless hosts module (included in Magisk manager settings) for Adaway, and the universal safety net fix to get Google Play store to say my device is certified.
But I don't know what device you have nor do I know the specific ROM you are using.
Sounds like you have root already so I'm thinking that's the worst of this behind you if you've already done that much yourself. Sounds like it's a basic case of update the Magisk Manager app from itself then determine the method appropriate for root to update which could be through the Manager app or like I chose to use the boot IMG then patch that then install since my device has no working TWRP. That, and once I updated the manager app and panicked so I uninstalled it to try and downgrade to v23 .... Good luck and may be just don't update just yet if there is no specific need to at this time. Take your time and read and proceed when comfortable.
Please:
Start with your preferred method of backing up everything first.
Also, may be consider if it's necessary to update and why??? I'm on stock Andriod 11 and this Magisk update make me think it's intended to be more for those on Android 12 - but I could also assume wrongly.
[Discussion] Magisk - The Age of Zygisk.
This is a discussion and help thread for the newer versions of Magisk. The main goal of this thread is to help users migrate to Magisk v24+ SafetyNet Basic integrity Pass CTS profile match Pass Play Protect certification Device is certified...
forum.xda-developers.com
That's the thread I'm reading now...

Thanks a lot for your reply wugga3. I also on my side found two very helpful posts. They explain the basics (just to get started) and to make the update . I hope with the information gathered I will be able to do the update without messing things up!
[Discussion] Google Pay Magisk Discussion Thread
This thread is inspired by the PoGo Magisk discussion thread. It's meant to keep the clutter of "Google Pay doesn't work" posts out of the main Magisk threads. Please use this to discuss issues with Google Pay and possible solutions. There's a...
forum.xda-developers.com
[Discussion] Magisk - The Age of Zygisk.
This is a discussion and help thread for the newer versions of Magisk. The main goal of this thread is to help users migrate to Magisk v24+ SafetyNet Basic integrity Pass CTS profile match Pass Play Protect certification Device is certified...
forum.xda-developers.com

Good and good luck...
One problem and probably the only problem I really had was self inflicted for not following the instructions properly and that was to uninstall any Magisk modules first or at that the appropriate step.
Other than that... still don't know your device or rom etc. Your device specific or rom specific forums may be able to provide you with much better assistance from members that have the same rom/device as you.

wugga3 said:
Good and good luck...
One problem and probably the only problem I really had was self inflicted for not following the instructions properly and that was to uninstall any Magisk modules first or at that the appropriate step.
Other than that... still don't know your device or rom etc. Your device specific or rom specific forums may be able to provide you with much better assistance from members that have the same rom/device as youI
Click to expand...
Click to collapse
I am using LineageOS 18.1 Android 11 for Samsung Galaxy Note 3 and I have twrp as recovery. Magisk 2.30 is already installed and device is rooted. I have no modules installed and in Magisk settings I have only MagiskHide enabled. All other settings are set to default. On Samsung Note3 forum there is no talk about this (understandable as the device is very old).

Ok great and is there any discussion for lineage 18.1 and root/update?
Since it's lineage 18 and based on Andriod 11 - I have to wonder if there is even the need to update Magisk as my limited understanding is that the Magisk update is aimed at Andriod 12? Other than that... I should expect from my prior understandings of Samsung that nothing much has changed with respect to root and updates of Magisk. Not much help but hopefully enough. May be best to wait until for now and usually I do also wait until all the facts are in and the bugs are sorted out (if any...) before I update if unnecessary.

Thanks wugga3,
I disabled "Check for updates" in Magisk app and decided to keep the older 2.30 version for now. Everything is working fine and so there is no reason to fix something which is not broken. The only reason I thought That I should update was a real advantage over the older version or a security weakness being fixed in the new one.
I am even seeing some people asking for help on how to downgrade! Anyway as you said wisely, it;s not after all a bad idea to wait a little to see how things work out for those who have upgraded and have new issues fixed before taking the jump.

Moving from 23.0 to 24.1 is straightforward
1. Update app
2. Update boot (Magisk) to 24.1, reboot
3. Enable Zygisk, reboot
4. Enforce Deny List, reboot
5. Install module USNF, reboot
6. Configure Deny List. Don't worry about Play Service because USNF will take care of it. Add any app detected root into it, and reboot every time it's updated
7. Install Fox Module manager and pick module you want

mingkee said:
Moving from 23.0 to 24.1 is straightforward
1. Update app
2. Update boot to 24.1, reboot
3. Enable Zygisk, reboot
4. Enforce Deny List, reboot
5. Install module USNF, reboot
6. Configure Deny List. Don't worry about Play Service because USNF will take care of it. Add any app detected root into it, and reboot every time it's updated
7. Install Fox Module manager and pick module you want
Click to expand...
Click to collapse
Thanks a lot for your post mingkee,
I am sure many like me will be happy and appreciate reading this instead of having to go through many pages and still not be totally sure what to do
Allow me to just ask one question as I did not understand the second option of your instruction:
I update Magisk from the application itself. Once updated what do you mean by update boot to 24.1? This is to be done in Magisk itself?

rezpower said:
Thanks a lot for your post mingkee,
I am sure many like me will be happy and appreciate reading this instead of having to go through many pages and still not be totally sure what to do
Allow me to just ask one question as I did not understand the second option of your instruction:
I update Magisk from the application itself. Once updated what do you mean by update boot to 24.1? This is to be done in Magisk itself?
Click to expand...
Click to collapse
After updated app to 24.1, you will see another update on top of the app (Magisk). Direct install would be the simplest method

mingkee said:
Moving from 23.0 to 24.1 is straightforward
1. Update app
2. Update boot (Magisk) to 24.1, reboot
3. Enable Zygisk, reboot
4. Enforce Deny List, reboot
5. Install module USNF, reboot
6. Configure Deny List. Don't worry about Play Service because USNF will take care of it. Add any app detected root into it, and reboot every time it's updated
7. Install Fox Module manager and pick module you want
Click to expand...
Click to collapse
this should be pinned somewhere, very simple and worked fine on my Poco F3 using miui.eu & android 11
thanks a lot

Question Finally got my m11u, 2 more hurdles!

Hi guys, coming from a OnePlus 5t, got my m11u and finally waited the 168hrs! Following the instructions on the first post and finally got the bootloader unlocked, I found that was the hardest part, as I had to figure out on my own how to set up adb and the unlock tool etc. But thanks to YouTube I got through and now on EU 13.0.9.0 stable.
During the first week waiting for the unlock, I was hopeful of seeing if I can just enjoy the CN MIUI 13 ROM...deleted as many CN apps, installed Google Play etc and it seemed to be going well....until I noticed the huge problem w getting call and msg notifications. That was already a dealbreaker and seems like no real solution but to continue with a new ROM.
Now using the EU 13.0.9, everything seems great and working well. Except, I am trying to install Vanced youtube but cannot! On the CN ROM it was simply to turn off MIUI optimization in dev options, but xiaomi.eu has removed that option (cannot get the toggle even by pressing reset multiple times). What are my options at this point? Am I left with only option to root the device?
if so, I will try to learn to do it, but I'm hoping someone can point me towards the correct path. There is a how to thread here but it seems outdated as it refers to MIUI 12 and not 13(a12). So far from what I understand:
- a12 root is done with latest magisk v24+
- however v24 no longer use hide magisk and need to use zygisk and a deny list
- bear in mind I don't understand what the above means yet
- from my current status (newly installed EU ROM), what steps do I take?
- download magisk manager APK and install on phone
- make a patched boot.img - DO I USE THE BOOT.IMG FROM THE EXACT EU ROM I FLASHED?
- use fastboot to boot the patched boot.img?
- after this most tutorials tell me to download hide magisk and such, but v24 will be different
- where to go from here to install Vanced root version, and am I missing any steps? After root, will it affect my banking etc?
any help appreciated! Cheers

VinillaIce82 said:
Hi guys, coming from a OnePlus 5t, got my m11u and finally waited the 168hrs! Following the instructions on the first post and finally got the bootloader unlocked, I found that was the hardest part, as I had to figure out on my own how to set up adb and the unlock tool etc. But thanks to YouTube I got through and now on EU 13.0.9.0 stable.
During the first week waiting for the unlock, I was hopeful of seeing if I can just enjoy the CN MIUI 13 ROM...deleted as many CN apps, installed Google Play etc and it seemed to be going well....until I noticed the huge problem w getting call and msg notifications. That was already a dealbreaker and seems like no real solution but to continue with a new ROM.
Now using the EU 13.0.9, everything seems great and working well. Except, I am trying to install Vanced youtube but cannot! On the CN ROM it was simply to turn off MIUI optimization in dev options, but xiaomi.eu has removed that option (cannot get the toggle even by pressing reset multiple times). What are my options at this point? Am I left with only option to root the device?
if so, I will try to learn to do it, but I'm hoping someone can point me towards the correct path. There is a how to thread here but it seems outdated as it refers to MIUI 12 and not 13(a12). So far from what I understand:
- a12 root is done with latest magisk v24+
- however v24 no longer use hide magisk and need to use zygisk and a deny list
- bear in mind I don't understand what the above means yet
- from my current status (newly installed EU ROM), what steps do I take?
- download magisk manager APK and install on phone
- make a patched boot.img - DO I USE THE BOOT.IMG FROM THE EXACT EU ROM I FLASHED?
- use fastboot to boot the patched boot.img?
- after this most tutorials tell me to download hide magisk and such, but v24 will be different
- where to go from here to install Vanced root version, and am I missing any steps? After root, will it affect my banking etc?
any help appreciated! Cheers
Click to expand...
Click to collapse
- In xiaomi.eu rom, u didnt need to turn off miui opti, they already tweak the rom, so u can install vanced normally (no-root version)
how to root
Installation
The Magic Mask for Android
topjohnwu.github.io
how to hide root : 2:52
- if any app detect root, u can add it in deny list

hungragezone said:
- In xiaomi.eu rom, u didnt need to turn off miui opti, they already tweak the rom, so u can install vanced normally (no-root version)
how to root
Installation
The Magic Mask for Android
topjohnwu.github.io
how to hide root : 2:52
- if any app detect root, u can add it in deny list
Click to expand...
Click to collapse
now that you mentioned it, i went and tried to install it again. I played with some permission settings and now it does work! thank goodness now i don't have to deal with rooting.
thanks!

Question [issue] GrapheneOS, Magisk and June update [SOLVED]

The latest OTA update made my phone bootloop if i re-flash magisk patched init_boot image...
After I asked Stock users, it looks like it's a GrapheneOS june update + Magisk specific issue.
Do someone else also have this issue?
Phone boots normally, then reboot to recovery instead of reaching lock screen.
For now, I re-flashed panther-factory-2023061402 init_boot.

Have you tried Magisk canary version? or maybe GrapheneOS doesn't like june update and newest Magisk and you need to either go back down to stable Magisk or an older version of Magisk?
Actually, after re-reading your OP, a module might be the cause of the bootloop -- I've recently seen similar behavior from other members where device bootloops or crashes during/right-after loading & starting up -- if you were on the stock ROM I would suggest you loading up in Safe Mode to see if it is a module issue; I don't know anything about GrapheneOS so I don't know if it offers anything similar. I wonder if the adb command to remove modules at boot would work....

mhh, right, i don't have a lot of modules aside hosts, fdroid and busybox, but it may be module-related.
Until now, I did everything with TWRP, but now, well, let's say it's a little more difficult =)
... safe mode works with GrapheneOS, good =)
re-enabling modules one by one until i find the culprit.
... and the failing module was... Magisk built-in Busybox 1.0.5 \o/

Albirew said:
mhh, right, i don't have a lot of modules aside hosts, fdroid and busybox, but it may be module-related.
Until now, I did everything with TWRP, but now, well, let's say it's a little more difficult =)
... safe mode works with GrapheneOS, good =)
re-enabling modules one by one until i find the culprit.
... and the failing module was... Magisk built-in Busybox 1.0.5 \o/
Click to expand...
Click to collapse
knew it....
glad I helped get you there!