Learn Android

LEARN ANDROID

This page is to help you learn what you are doing to your phone by rooting, unlocking, flashing roms, recovery, and kernels.

Read all the way to the bottom, Great stuff at the end.

First things first lets look at the partitions and boot sequence of a android device. There are mainly 6 partitions in Android phones, tablets and other Android devices. Below is the list of partition for Android File System. Note that there might be some other partitions available, it differs from Model to Model. But logically below 6 partitions can be found in any Android devices.

  • /boot
  • /system
  • /recovery
  • /data
  • /cache
  • /misc

 

     Boot.img, System.img, & recovery.img are all flashable partitions with a unlocked boot loader.     

Also Below are the for SD Card Fie System Partitions.

  • /sdcard
  • /sd-ext

Please Note: Only /sdcard partition can be found in all Android devices and SD-Ext is present only in select devices.

Now that you know the different partitions of the device, you can see what can be changed on the device and what can be wiped or deleted. Example:  If you wipe stock recovery and install TWRP recovery, you are just changing the recovery partition & thats it.

/boot

This is the boot partition of your Android device, as the name suggests. It includes the android kernel and the ramdisk.  The device will not boot without this partition. Wiping this partition from recovery should only be done if absolutely required and once done, the device must NOT be rebooted before installing a new one, which can be done by installing a ROM that includes a /boot partition.

/system

As the name suggests, this partition contains the entire Android OS, other than the kernel and the ramdisk. This includes the Android GUI and all the system applications that come pre-installed on the device. Wiping this partition will remove Android from the device without rendering it unbootable, and you will still be able to put the phone into recovery or bootloader mode to install a new ROM.

/recovery

This is specially designed for backup. The recovery partition can be considered as an alternative boot partition, that lets the device boot into a recovery console for performing advanced recovery and maintenance operations on it.

/data

Again as the name suggest, it is called userdata partition. This partition contains the user’s data like your contacts, sms, settings and all android applications that you have installed. While you are doing factory reset on your device, this partition will wipe out, Then your device will be in the state, when you use for he first time, or the way it was after the last official or custom ROM installation.

/cache

I hope you have some idea about cache, as you are expert on internet browsing. This is the partition where Android stores frequently accessed data and app components. Wiping the cache doesn’t effect your personal data but simply gets rid of the existing data there, which gets automatically rebuilt as you continue using the device.

/misc

This partition contains miscellaneous system settings in form of on/off switches. These settings may include CID (Carrier or Region ID), USB configuration and certain hardware settings etc. This is an important partition and if it is corrupt or missing, several of the device’s features will will not function normally.

Android device execute following steps when you press power switch

Android Boot Sequence / Process
Android Boot Sequence / Process
Step 1 : Power On and System StartupWhen power start Boot ROM code start execution from pre defined location which is hardwired on ROM. It load Bootloader into RAM and start executionStep 2 : BootloaderBootloader is small program which runs before Android operating system running. Bootloader is first program to run so It is specific for board and processor. Device manufacturer either use popular bootloaders like redboot,uboot, qi bootloader or they develop own bootloaders, It’s not part of Android Operating System. bootloader is the place where OEMs and Carriers put there locks and restrictions.Bootloader perform execution in two stages, first stage It to detect external RAM and load program which helps in second stage, In second stage bootloader setup network, memory, etc. which requires to run kernel, bootloader is able to provide configuration parameters or inputs to the kernel for specific purpose.Android bootloader can be found at
<Android Source>\bootable\bootloader\legacy\usbloaderlegacy loader contain two important files that need to address here.
1. init.s – Initializes stacks, zeros the BSS segments, call _main() in main.c
2. main.c – Initializes hardware (clocks, board, keypad, console), creates Linux tags
Refer this link to know more about Android bootloader :
https://motorola-global-portal.custhelp.com/app/answers/detail/a_id/86208/~/bootloader-frequently-asked-questionsStep 3: KernelAndroid kernel start similar way as desktop linux kernel starts, as kernel launch it start setup cache, protected memory, scheduling, loads drivers. When kernel finish system setup first thing it look for “init” in system files and launch root process or first process of system.Step 4: init processinit it very first process, we can say it is root process or grandmother of all processes. init process has two responsibilities 1. mount directories like /sys, /dev, /proc and 2. run init.rc script.
  • init process can be found at init : <android source>/system/core/init
  • init.rc file can be found in source tree at <android source>/system/core/rootdir/init.rc
  • readme.txt file can be found in source tree at <andorid source>/system/core/init/readme.txt


Android has specific format and rules for init.rc files. In Android we call it as “Android Init Language”

The Android Init Language consists of four broad classes of statements,which are Actions, Commands, Services, and Options.

Action : Actions are named sequences of commands.  Actions have a trigger which is used to determine when the action should occur.

Syntax
on <trigger>
<command>
<command>
<command>

Service :  Services are programs which init launches and (optionally) restarts when they exit.  Syntax

service <name> <pathname> [ <argument> ]*
<option>
<option>

Options : Options are modifiers to services.  They affect how and when init runs the service.

Let’s take a look of default init.rc file. Here I have listed only major events and services.


Action / Service Description
on early-init Set init and its forked children’s oom_adj.
Set the security context for the init process.
on init setup the global environment
Create cgroup mount point for cpu accounting
and many
on fs mount mtd partitions
on post-fs change permissions of system directories
on post-fs-data change permission of /data folders and sub folders
on boot basic network init ,Memory Management ,etc
service servicemanager start system manager to manage all native services like location, audio, shared preference etc..
service zygote start zygote as app_process


At this stage you can see “Android” logo on device screen.

Step 5: Zygote and Dalvik

In a Java, We know that separate Virtual Machine(VMs) instance will popup in memory for separate per app, In case of Android app should launch as quick as possible, If Android os launch different instance of Dalvik VM for every app then it consume lots of memory and time. so, to overcome this problem Android OS as system named “Zygote”. Zygote enable shared code across Dalvik VM, lower memory footprint and minimal startup time. Zygote is a VM process that starts at system boot time as we know in previous step. Zygote preloads and initialize core library classes.  Normally there core classes are read-only and part of Android SDK or Core frameworks. In Java VM each instance has it’s own copy of core library class files and heap objects.
Zygote loading process


1. Load ZygoteInit class,
Source Code :<Android Source> /frameworks/base/core/java/com/android/internal/os/ZygoteInit.java
2. registerZygoteSocket() –  Registers a server socket for zygote command connections
3. preloadClasses() – “preloaded-classes” is simple text file contains list of classes that need to be preloaded, you cna find “preloaded-classes” file at <Android Source>/frameworks/base
4. preloadResources() – preloadReaources means native themes and layouts, everything that include android.R file will be load using this method.

At this time you can see bootanimation


Step 6: System  Service or Services

After complete above steps, runtime request Zygote to launch system servers. System Servers are written in native and java both, System servers we can consider as process, The same system server is available as System Services in Android SDK. System server contain all system services.

 

Zygote fork new process to launch system services. You can find source code in ZygoteInit class and “startSystemServer” method.

 

Core Services:
1.     Starting Power Manager
2.     Creating Activity Manager
3.     Starting Telephony Registry
4.     Starting Package Manager
5.     Set Activity Manager Service as System Process
6.     Starting Context Manager
7.     Starting System Context Providers
8.     Starting Battery Service
9.     Starting Alarm Manager
10.   Starting Sensor Service
11.   Starting Window Manager
12.   Starting Bluetooth Service
13.   Starting Mount Service


Other services

1.    Starting Status Bar Service
2.     Starting Hardware Service
3.     Starting NetStat Service
4.     Starting Connectivity Service
5.     Starting Notification Manager
6.     Starting DeviceStorageMonitor Service
7.     Starting Location Manager
8.     Starting Search Service
9.     Starting Clipboard Service
10.   Starting Checkin Service
11.   Starting Wallpaper Service
12.   Starting Audio Service
13.   Starting HeadsetObserver
14.   Starting AdbSettingsObserver
 

Step 7 : Boot Completed

Once System Services up and running in memory, Android has completed booting process, At this time “ACTION_BOOT_COMPLETED” standard broadcast action will fire.

 
Rooting
The process of rooting varies widely by device, but usually includes exploiting a security bug(s) in the firmware (i.e. in Android) of the device, and then copying the su binary to a location in the current process’s PATH (e.g. /system/xbin/su) and granting it executable permissions with the chmod command. A supervisor application like SuperUser or SuperSU can regulate and log elevated permission requests from other applications. Many guides, tutorials, and automatic processes exist for popular Android devices facilitating a fast and easy rooting process.
 
Custom Recovery
When installed a boot strap recovery like safe strap or any of the cwm boot straps it is installed into the system partition of the device. when selected it will boot up, this means that when you wipe system to flash a rom you wipe your recovery. That being said if the flash is bad you cant get into recovery and will have to flash the firmware to get the device booting again. On the other hand if you have a unlocked boot loader and install your custom recovery to the recovery partition on the device. When you flash a rom, recovery isnt wipe and if something goes wrong you can always enter recovery from boot mode and restore a back up. This is one of the biggest perks of a unlocked boot loader. IE. a untouched recovery.

Super Fans always leave a comment :-)

25 thoughts on “Learn Android”

  1. I have a much better understanding of mobile thank you hope I retain it all lol the fact I can come back and refer to this is a game changer for me!! thank you very much been looking for a sight such as this to teach my self for a long time seen your sight before but I gave up all sights in bairley understandable English or go so fast cant keep up and leave a lot of steps out so don’t work. been attacked constantly by hacking for years hope this is the beginning of learning how to defend myself

    Reply
  2. Hello, while trying to root my tegra note with your super tool, I managed to brick my device. I can get it to apx mode but nvflash doesn’t find the device. Any of your vast wisdom on this device is greatly appreciated. No worry it’s not any fault of your super tool it’s the stupidity and ignorance of this android newbie.

    Reply

Leave a Comment

Loading Facebook Comments ...