Re: Magisk 23.0 Apk
Eda Chatagnier
Magisk's support for Android Lollipop has been pretty broken for a while without it being noticed. Also, none of the active developers of Magisk have actual hardware to run Android Lollipop. We rely on using the official Android emulator for regression testing on older platforms, however Google never shipped a Lollipop emulator image with SELinux support, leaving us with no option but to drop Lollipop support since we don't feel comfortable supporting Android Lollipop without adequate testing.
Magic Mount, the feature that make modules modify partitions, has gone through a major rewrite. The existing implementation doesn't work well with OEMs injecting overlays into their system using overlayfs. The new implementation fundamentally changes how filesystem mirrors are created, giving us a more accurate clone of the unmodified filesystem.
Magisk allows modules to provide custom SELinux patches by including the file sepolicy.rule. Due to the complicated nature of SELinux patching, the compatibility of this functionality has been pretty spotty; many devices are not supported. In this release, a brand new pre-init partition detection mechanism has been designed to support even more devices. Due to complicated reasons, this detection mechanism cannot be performed in a custom recovery environment.
The new Zygisk API v4 is now live! It comes with new features and a refined PLT function hook API. The implementaton of Zygisk has also gone through some major refactoring, including new code loading/unloading mechanisms and a new PLT function hook implementation.
A significant portion of magiskinit (the critical software that runs before your device boots up) is completely rewritten from scratch. Ever since Android introduced Project Treble in Android 8.0, Magisk has been constantly fighting against the increasingly complex partitioning and early mount setups of all kinds of devices, sometimes with weird OEM specific implementations. It got to a point that magiskinit had become so complicated that few people (including myself!) were aware of every detail, and maintaining this piece of software like this was clearly not sustainable. After many months of planning (yes, this whole re-architecture has been in my head for a long time) and some help from external contributors, a whole new sepolicy injection mechanism is introduced into Magisk, solving the "SELinux Problem" once and for all.
Since this is a full paradigm shift on how Magisk hot-patch the device at boot, several behaviors that many developers implicitly relied on might not exist. For example, Magisk no longer patches fstabs in most scenarios, which means AVB will remain intact; some custom kernels rely on AVB being stripped out for them by Magisk.
Many might not realize, but using a trusted, unmodified Magisk app is really important. Magisk's root daemon treats the Magisk app differently and gives it blanket root access without any restrictions. A modded Magisk app can potentially backdoor your device.
And in case some of you are about to put on your tin foil hats, this is not designed to "vendor lock-in"; the goal is to make sure your root management app comes from the same developer of the underlying root implementation. Magisk's build system allows custom distributors to use its own signing keys, and in addition, I am also providing official debug builds which skips any signature verification for development.
I've read in another answer that on Android the su binaries avoid needing to be setuid by using filesystem capabilities like cap_setuid. But then I tried to check this, and to my surprise, I found no capabilities set on my Magisk-enabled Android 8.0 system.
Note that in the output above, after we exit the superuser shell and re-enter it, parent PID still remains the same (2606 in this session), but not equal to the PID of the original non-root shell (27699 in this session). Moreover, parent PID of magiskd is 1, i.e. init, which is one more confirmation that it's not what we started from our non-root shell.
There are a few different ways to install Magisk. If you're already rooted and you just want access to Magisk modules, you can use Magisk Manager to install the Magisk framework. Or, if you want to pass SafetyNet on a rooted device, you can switch from SuperSU to Magisk SU. But the best way to do it is to start fresh by installing Magisk on a non-rooted phone using TWRP.
The main reason we prefer this method is because it's the cleanest. No need to remove old root binaries, just flash the Magisk ZIP and you'll be good to go. In doing so, you'll actually root your phone and install Magisk in one shot, plus you're far more likely to pass SafetyNet's CTS Profile check this way.
This method works by flashing the Magisk ZIP in TWRP, so you'll need to install the custom recovery before you begin. Much like Magisk itself, there are multiple ways to install TWRP. If you're rooted, you can use this method, but note that you'll have to do a full unroot in SuperSU after you're done.
If your phone does not have a Fastboot interface, the instructions for installing TWRP will vary. We've covered many of these methods in separate tutorials that are linked out in the following guide, so this is a perfect place to start:
Once you've got TWRP installed successfully, boot into Android and install the Magisk Manager app. This isn't the Magisk framework, which provides root access and the ability to install Magisk modules. It's simply an app for downloading and updating the Magisk framework and managing modules.
The Magisk Manager app is no longer available on the Play Store, so you'll need to have "Unknown Sources" enabled to install it. Other than that, just head to the following link, which will show you all available versions of the Magisk Manager app. Download the newest version, then when that's finished, tap the Download complete notification to launch the APK. Finally, press "Install" when prompted.
Next, open the Magisk Manager app. You'll get a popup asking if you'd like to install the Magisk framework. Tap "Install" here, then hit "Download Zip Only" on the subsequent popup. Wait until you see a message at the bottom of the app's main menu stating that the file has been downloaded.
Next, boot your phone into recovery mode, then tap the "Install" button in TWRP's main menu. From there, navigate to your device's Download folder, then select the Magisk ZIP. After that, just swipe the slider at the bottom of the screen to install Magisk, then tap "Reboot System."
Next, go ahead and open the Magisk Manager app. If everything went off without a hitch, you'll see a message towards the top of the screen that says "MAGISKSU (topjohnwu)" with a green check mark next to it. This means your phone is now officially rooted, and since it was done with Magisk, it's a systemless root.
03c5feb9e7