Next Android version: even more breakage
Posted on 2014-05-18, 68 comments, 833 +1's, imported from Google+/Chainfire

NOTICE: This content was originally posted to Google+, then imported here. Some formatting may be lost, links may be dead, and images may be missing.

A while ago, I already reported on the state of AOSP and its repercussions for root apps -

With 4.4.3 (or 4.5, or ...) expected to be released very soon, it was time to take another look at the state of AOSP, and it appears there are changes aplenty! Of course, current AOSP is not the same as stock 4.4.3, so some things may yet change - though I don't really expect them to.


Let's get this out of the way first - I have built a new version of SuperSU (v1.97) with all the massive changes required to work on the latest AOSP builds. It is linked in the box below, or you can click here -

I am not spreading this version through Play just yet, but I encourage all tech-savvy users to give it a shot and report back issues, not just for AOSP builds but also for older common firmwares.

I have tested this build on over a dozen devices running various Android revisions in various states, and it all worked for me. The first rule of Android development thus guarantees that there will be a lot of breakage and it will crash for absolutely everyone - so don't forget to report those problems.

The XDA thread for SuperSU can be found here - - and is the preferred location for feedback. G+ comments do not work as well for bug reports.

Of course, my How-To SU guide - - has also been updated with the changes, and aside from the rest of this post, I would urge every developer to re-read the SELinux section.

SELinux on steroids

In my previous post on this subject, I already mentioned the need for root apps to switch contexts for certain situations. The method I used then no longer works on AOSP (it was already broken on Samsung's latest 4.4 stock firmwares as well), but the relevant code for the -cn/--context su parameter has been replaced with a version that does work again - and is much, much more complex.

Context switching is becoming much more important for root apps, as SELinux policies have been made significantly more secure. For example, executing code in /data as root doesn't work in the default context, and calling Java-based code (like 'am' and 'pm') should no longer be done from the default context either, as things will break in new and exciting ways; apps contacting daemons using sockets as IPC mechanism no longer work out-of-the-box; the list goes on - the How-To SU guide has details on these issues and on how to switch contexts to solve them.

Thanks to these changes, SuperSU has gained some more binaries in its installation, so if you are doing custom ROMs with integrated SuperSU, be sure to look at the new flashable ZIP and copy the changes/additions.

Additionally, the SuperSU daemon now must run as the init context (not the init_shell or whatever context), or things will not work correctly. This was always the way it was meant to be, but I know this is not the case on some custom ROMs.


It seems ART is now the default setting in AOSP. It remains to be seen if that is carried over to production firmwares, but it creates some issues for root apps.

Above I detailed the need to call Java-based code like 'am' and 'pm' from a different context. Of course, existing root apps don't yet do this. If you're running Dalvik, some of the 'am' and 'pm' options still work without issue, and some simply don't work at all. If you're running ART though, the combination of SELinux restrictions and the immaturity of ART can cause crashes that take down the entire system.

That's right - the wrong call to for example 'am' will crash Android entirely and ultimately lead to a reboot. Not to mention that it will then also have to re-optimize all the packages (snore). Maybe this will be fixed before official release of 4.4.3, but I wouldn't count on it, as these crashes never happen outside of root apps.

As such, I would advise early adopters of root apps on 4.4.3 to run Dalvik for the moment, and for developers to make haste testing with ART on current AOSP builds.


It also appears PIE (Position-Independent Executable) is now a requirement. Non-statically built executables must be PIE, or they will not run at all (even if switched to the right context).

PIE has been supported since Android 4.1. So this means that if you are not using statically built executables, you need to provide a PIE and a non-PIE version if you want to support both pre-4.1 and post-4.4.2.

Note that the NDK's's APP_PIE option can be used to enable building your executable as a PIE.

For a lot of root apps this is not a problem, as they come with statically linked executables (if any), which still work. But some apps will definitely choke on this.


This version of SuperSU took quite a bit longer to update than I had expected. For most apps, work-arounds (if needed) will not be very complicated. Unfortunately, most of the simple work-arounds were not viable for SuperSU and all it's edge cases - they would seem to mostly work, but then I'd run into a needed case where it didn't - repeatedly. Granted, I didn't know that much about SELinux when I started out - and now I feel I know more about it than any sane person could want ... live and learn!

Either way, these additional changes made in AOSP since the last time I looked mean that a lot more root apps will need updating than I initially thought - still by no means all of them, but certainly a lot of them.

Let's get to it!

SuperSU Download

Zoheb M. commented on 2014-05-18 at 20:22:
Tim Bremer commented on 2014-05-18 at 20:28:
John Hallanger commented on 2014-05-18 at 20:36:

Thanks for all of your great work. Flashing v. 1.97 on my Gnex right now

Julio Lagara commented on 2014-05-18 at 20:36:

Thank you for the heads up.

[ 10tacleBoy ] commented on 2014-05-18 at 20:39:


Matheus Castro commented on 2014-05-18 at 20:53:

Isn't 4.4.3 already out? You are talking about 4.5 right?

Bruno Iannelli commented on 2014-05-18 at 20:56:

We can't flash it on 4.4.2?

Matheus Castro commented on 2014-05-18 at 20:57:

+Allen Edmonds i thought it went live for Nexus 5 the very next day 4.4.2 came out for it. Some people even joked Google was doing nightlies now. Hahahahaha.

John Hallanger commented on 2014-05-18 at 21:01:

+Bruno Iannelli I just flashed this on my Gnex running 4.4.2 (PA ROM.)

Bruno Iannelli commented on 2014-05-18 at 21:03:

Could I flash it on aosp 4.4. 2? Or must to wait for 4.4.3 imperative?

John Hallanger commented on 2014-05-18 at 21:04:

+Bruno Iannelli OK to flash on aosp 4.4.2. Just make a backup first.

Bruno Iannelli commented on 2014-05-18 at 21:05:

+john hallanger

I'm afraid of! ! Are you sure? Really

Nuno Pedro Vicente commented on 2014-05-18 at 21:05:

+Chainfire your eyes must be square.

Matheus Castro commented on 2014-05-18 at 21:05:
Bruno Iannelli commented on 2014-05-18 at 21:07:

Ok so it's like before

Daniela Okafor commented on 2014-05-18 at 21:14:

sounds like xposed framework will cause headaches in android 4.5

Alex M commented on 2014-05-18 at 22:10:

+Chainfire Thanx for all your hard work man!!!

Tyler Raber commented on 2014-05-18 at 22:39:

+Daniela Okafor xposed ALWAYS causes headaches. For devs and users

Andrew Dodd commented on 2014-05-18 at 22:39:

I'm guessing a lot of AOSP master commits won't show up in 4.4.3, but will show up in a future release.

Lucien L commented on 2014-05-18 at 22:39:

+Daniela Okafor ya hence I probably won't be rooting my s5 until new Android is out and released by Samsung

Lucien L commented on 2014-05-18 at 22:44:

I got a feeling if 64bit doesn't come out with but Android version. Would be the one after and that would change things up entirely!

Ādi-Kartā Dāsa commented on 2014-05-18 at 22:51:

Thank you so much for this. +1'000.000

marduk Kurious commented on 2014-05-18 at 23:24:
Ramon Gonzales commented on 2014-05-18 at 23:50:

Thank u so much for making this so easy and convenient for nooks like me. Don't know what I would do without you.

Walter Francis commented on 2014-05-19 at 00:24:

This is why people should buy the SuperSU Donation package.  The next Android release issues with su are mostly solved before it's even released.  Thanks Chainfire :)

Michael Harmon commented on 2014-05-19 at 03:39:


Scott Sparling commented on 2014-05-19 at 06:45:

This is great info and thanks for sharing. That said, I'm just a user (now) and wanna scream from the hilltops how much you are appreciated.

Stephen Ball commented on 2014-05-19 at 08:46:

Installed on Note 3 running CivZ_FlexKat REv 2.8 with 3.4.39-SneakyKat-Rev 1.8- 4.4.2. No issues, many thx dude.

Jorrit Jongma commented on 2014-05-19 at 09:24:

+Edward K Lewandowski which Xposed modules did you have installed?

Sway La commented on 2014-05-19 at 10:23:

Chainfire is AMAZING. I went pro with this app the minute I read the full description....... best money I ever spent!!!!! Thank you so much

John C. commented on 2014-05-19 at 10:31:

+Chainfire I lost root when I flashed this.

chris mellor commented on 2014-05-19 at 13:08:


Rabin Yasharzadehe commented on 2014-05-19 at 13:35:

Thank you,

+Chainfire, you and +Daniel Walsh are probobly can have a nice long talk about SELinux :)

Андрей Погибелев commented on 2014-05-19 at 13:59:

Я уже как месяц им пользуюсь Update скачал,и никаких проблем.Скачивал с XDA,спасибо им большое.Аминь.

jean-christophe manciot commented on 2014-05-19 at 15:33:

Fantastic job +Chainfire ; I understand Google is trying to clean things up and improve Android's performance and security.

Per Erik Skille commented on 2014-05-19 at 20:10:

Thanks ?

Josh C commented on 2014-05-19 at 20:43:

You're a wizard.

Ks Burn commented on 2014-05-19 at 22:27:

Dont forget for +Chainfire for hard work.

Vinicius Linhares commented on 2014-05-19 at 22:47:

hey man.. HAVE ROOT FOR S5 G900A ??

Vinicius Linhares commented on 2014-05-19 at 22:47:
Josh C commented on 2014-05-19 at 23:02:

+Sajador Skolotaié i don't have any complains about KitKat , in fact it is the most supported Android version i've saw before , it currently has like 10 roms already including CyanogenMod , and it's not slow it's preety fast

Yue Ma commented on 2014-05-20 at 00:01:

I couldn't flash it on my Nexus 7 2013 running stock 4.4.2, while I did it successfully on my Nexus 4.

Koushik Dutta commented on 2014-05-20 at 00:07:

An approach I've been taking is to app_process my own apk and run a Main class. No need for binaries.

Андрей Погибелев commented on 2014-05-20 at 00:28:

Я русский,и по английски no tolk.Но SuperSu-это 5+.Мой Samsung Ace Duos GT-S6802 and Alcatel One Touch все на нем.Пользуюсь Tы красава,успехов тебе!

John Hallanger commented on 2014-05-20 at 00:42:

Kept root on my Gnex running PA Beta4, Android 4.4.2. Running flawlessly

Vinicius Linhares commented on 2014-05-20 at 00:44:

Heyyy root g900a galaxy 5 plss

Ks Burn commented on 2014-05-20 at 00:56:

Flash SuperSu (1.97)with CWM.. note 3 LTE custom rom issue...thanks +Chainfire..☆☆☆☆☆

Wilfredo Rodríguez commented on 2014-05-20 at 01:45:

Thanks....keep going with your amazing job!

Josh C commented on 2014-05-20 at 01:46:

You solved me a ton of problems with CyanogenMod , thanks for the update

J. Schmitt commented on 2014-05-20 at 04:17:


Christian Koch commented on 2014-05-20 at 05:35:


As I said already on another thread: for some people it would be useful if the donation package would be available through the amazon app store. While some people got Amazon Coins and would love to spend them for this. :-)

Daniel Gifkins commented on 2014-05-20 at 06:32:

Thanks. Your work is certainly appreciated.

Chainfire commented on 2014-05-20 at 09:32:

+Koushik Dutta I've been doing that for a small number of apps as well. It's a neat solution, but not a viable one for every situation/app. Still, you might need to switch contexts beforehand to prevent issues...

+Christian Koch Amazon is being annoying for me as they don't have a presence in my country yet. Perhaps in the future.

Jon George commented on 2014-05-20 at 13:13:

Want to update to new SuperSU but really dont want to get stuck In a bootloop mentioned in comments above..Note 3 n900t running X-Note v13 international with CivZ SnapKat kernel & newest Twrp..was reading on xda about restore issues with Twrp & im pretty scared to try a restore...anyone have a hltetmo with Twrp having issues with backup & restore? Any feedback would be greatly appreciated

Chainfire commented on 2014-05-20 at 17:11:

Any of you who lost root with the v1.97 version, please try the v1.98 version -

Wilfredo Rodríguez commented on 2014-05-20 at 17:15:

Can I ask you a question here?

Anthony TSE commented on 2014-05-21 at 05:48:


Borja Oxangoiti commented on 2014-05-21 at 16:24:

I also lost root in N7.2 (deb) with v1.97, but v1.99 works just fine.

Dietmar Schröder commented on 2014-05-21 at 22:03:

+Chainfire okay. What a pitty. Then we have to wait. ☺

Brandi Wiedeman commented on 2014-05-22 at 11:34:


Scott commented on 2014-05-23 at 13:33:

I'm looking for any experiences of using Survival Mode, going from JB to KK, specifically, 4.1.2 to 4.4.2. I have read root will survive this update, however, will lose R/W capability...can anyone confirm this, or otherwise?

Abdullahi Usman commented on 2014-05-23 at 20:58:

SuperSu 1.99 install successfully on my MTK 6572 based 4.2.2 stock rom, via cwm . but always request to update su binary on every launch.

ll이요한ll commented on 2014-05-24 at 03:28:

I installed supersu too.

Adam J Elliott commented on 2014-05-25 at 06:55:

Genius ,if the rest of app devs would follow we could see a more efficient running root apks that run or can run executables and or change default values

ll이요한ll commented on 2014-05-25 at 09:59:

But, I unstalled supersu

Blurry Face commented on 2014-05-28 at 23:28:

Great but you have to add a new version for samsung galaxy beam

ll이요한ll commented on 2014-05-29 at 05:36:

I have galaxy s4 Mini

Chainfire commented on 2014-05-30 at 22:31:
This post is over a month old, commenting has been disabled.