Learn Android (Modern Android Devices, Boot Process, Rooting, and Partitions)

This guide explains how Android devices work at a lower level, including partitions, boot sequence, rooting, recoveries, ROMs, kernels, and modern Android security features. Understanding these concepts helps prevent bricking devices and explains what actually changes when you unlock, flash, or modify Android.

Android Partitions

Modern Android devices use several partitions. The exact layout varies by manufacturer and Android version, but these are the core partitions commonly found today.

Common Android Partitions

Dynamic Partitions and A/B Devices

Modern Android devices (Android 10+) often use:

• Dynamic partitions
• A/B seamless updates
• Virtual A/B
• System-as-root
• AVB (Android Verified Boot)

Because of this, partitions may not appear exactly like older Android devices.

A/B Partition Scheme

Many modern devices have duplicate slots:

• boot_a / boot_b
• system_a / system_b
• vendor_a / vendor_b

This allows Android to update one slot while the other stays active.

If an update fails, Android can switch back to the working slot automatically.

Understanding Important Partitions

/boot

Contains:

• Linux kernel
• Ramdisk/initramfs

Without a valid boot partition, Android cannot start.

Flashing custom kernels or patched Magisk images modifies this partition.

/init_boot

Introduced on newer Android versions.

This partition now contains important ramdisk/init components that were previously in /boot.

Modern rooting methods on some devices patch init_boot.img instead of boot.img.

/vendor_boot

Contains vendor-specific boot components and drivers needed during early boot.

Used heavily on newer devices with Generic Kernel Image (GKI).

/system

Contains the Android operating system:

• Framework
• System apps
• UI
• Libraries

Wiping /system removes Android itself but usually still allows access to bootloader or fastboot mode.

/vendor

Contains hardware-specific components:

• Camera drivers
• GPU libraries
• Radio interfaces
• Fingerprint HALs

A mismatch between system and vendor often causes bootloops.

/recovery

Recovery mode allows:

• Factory reset
• Sideloading updates
• Flashing ZIPs
• Creating backups

Modern recoveries include:

• TWRP
• OrangeFox Recovery

Many newer A/B devices no longer have a dedicated recovery partition. Recovery may be embedded into boot images.

/data

Stores user data:

• Installed apps
• Messages
• Settings
• Photos
• Internal storage data

Factory reset wipes this partition.

Modern Android devices encrypt /data by default using:

• File-Based Encryption (FBE)
• Hardware-backed keys

/metadata

Stores encryption metadata and boot-related information.

Critical on modern Android versions.

/persist

Stores hardware calibration data:

• Wi-Fi MAC data
• Sensors
• Fingerprint calibration
• Camera tuning

Corrupting this partition can permanently break hardware features.

Always back it up before advanced modifications.

/misc

Stores boot commands and flags used by:

• Bootloader
• Recovery
• OTA system

SD Card Partitions

/sdcard

User-accessible storage.

May refer to:

• Physical microSD card
• Internal emulated storage

/sd-ext

Older custom ROM feature used for expanding app storage to SD cards.

Rarely used on modern Android devices.

Android Boot Process

When you press the power button, Android starts through multiple stages.

Step 1 — Boot ROM

The SoC (Qualcomm, MediaTek, Exynos, Tensor, etc.) executes immutable code stored in hardware ROM.

Responsibilities:

• Initialize minimal hardware
• Verify boot chain
• Load bootloader

This code cannot normally be modified.

Step 2 — Bootloader

The bootloader initializes hardware and verifies Android images.

Common bootloader interfaces include:

• Fastboot
• Download Mode
• EDL (Emergency Download)
• Odin Mode

Manufacturers usually lock the bootloader to prevent unsigned images from booting.

Bootloader Unlocking

Unlocking the bootloader allows flashing unsigned images such as:

• Custom recovery
• Custom kernel
• Rooted boot image
• Custom ROM

However, unlocking usually:

• Wipes user data
• Disables some security protections
• May affect warranty
• May break some banking or DRM apps

Modern Android uses:

• Android Verified Boot (AVB)
• dm-verity
• Rollback protection

Step 3 — Kernel Startup

Android uses the Linux kernel.

The kernel:

• Initializes memory
• Loads drivers
• Starts SELinux
• Mounts filesystems
• Starts init process

The kernel then launches Android userspace.

Step 4 — Init Process

init is the first Android userspace process.

Responsibilities include:

• Mounting partitions
• Starting services
• Parsing .rc files
• Applying permissions
• Starting core daemons

Android init configuration files include:

• init.rc
• vendor_init.rc
• ueventd.rc

Android uses its own init language.

Example Init Syntax

on boot
    start servicemanager
    start zygote

on boot
    start servicemanager
    start zygote

Step 5 — Zygote

Zygote is one of Android’s most important processes.

Instead of launching a brand new virtual machine for every app, Android preloads common framework classes into Zygote.

When apps launch:

• Zygote forks a new process
• The app inherits preloaded resources
• Startup becomes faster
• Memory usage decreases

Modern Android uses:

• ART (Android Runtime)

Older Android versions used:

• Dalvik VM

Step 6 — System Services

Android launches core system services such as:

At this stage you typically see the Android boot animation.

Step 7 — Boot Completed

Android sends:

ACTION_BOOT_COMPLETED

ACTION_BOOT_COMPLETED

Apps registered for boot events can now start background services.

The device is fully booted.

Rooting Android

Rooting gives elevated administrative access to Android.

Older Android rooting often relied on security exploits.

Modern Android rooting is usually done by:

1. Unlocking bootloader
2. Patching boot/init_boot image
3. Flashing patched image

The most common modern root solution is:

• Magisk

Modern Rooting Notes

Modern Android rooting differs greatly from older methods:

Older Root Methods

• Modified /system
• Installed su binary directly

Modern Root Methods

• Systemless root
• Patches boot/init_boot image
• Preserves /system
• Easier OTA handling

Android Verified Boot (AVB)

Modern Android uses verified boot security.

AVB verifies:

• Boot integrity
• Partition signatures
• Rollback indexes

If verification fails:

• Device may refuse to boot
• Device may enter recovery
• Orange/red warning screens may appear

Custom Recovery

Custom recoveries provide advanced device management features.

Popular recoveries:

• TWRP
• OrangeFox Recovery

Recovery Features

• NANDroid backups
• Flashing ZIPs
• Wiping partitions
• ADB sideload
• File manager
• Terminal access

Recovery on Modern Devices

Older Android devices had a dedicated recovery partition.

Modern A/B devices may:

• Embed recovery inside boot image
• Boot recovery through fastboot
• Use fastbootd

Because of this, flashing recovery is more device-specific today.

Custom ROMs

Custom ROMs replace the stock Android operating system.

Popular projects include:

• LineageOS
• Pixel Experience
• crDroid

Custom ROMs may provide:

• Better performance
• New Android versions
• Privacy features
• Less bloatware
• More customization

Kernels

Custom kernels can modify:

• CPU governors
• GPU clocks
• Battery behavior
• I/O schedulers
• TCP/network tuning

Flashing an incompatible kernel commonly causes bootloops.

Important Modern Android Concepts

SELinux

Android uses SELinux for security enforcement.

Modes:

• Enforcing
• Permissive

Most modern devices require enforcing SELinux for stability and security.

dm-verity

Detects unauthorized modification of partitions.

Helps prevent tampering with /system.

Fastboot vs Fastbootd

Fastboot

Bootloader-level flashing mode.

Fastbootd

Userspace flashing mode introduced for dynamic partitions.

Soft Brick vs Hard Brick

Soft Brick

Device still enters:

• Fastboot
• Recovery
• Download mode

Usually recoverable.

Hard Brick

Device shows little or no signs of life.

May require:

• EDL
• ISP flashing
• JTAG repair

Important Safety Tips

Before modifying Android:

1. Backup important partitions
2. Backup /persist
3. Verify device model carefully
4. Use correct firmware version
5. Keep stock firmware available
6. Understand A/B slot behavior
7. Never interrupt flashing
8. Learn fastboot basics before rooting

Useful Android Tools

Official Android Tools

• Android Debug Bridge
• Fastboot
• Android Studio

OEM Flashing Tools

• Odin
• SP Flash Tool
• QFIL

Final Notes

Modern Android security is significantly more advanced than early Android versions. Rooting and flashing are still possible on many devices, but now involve:

• Verified boot
• Dynamic partitions
• Encryption
• A/B updates
• Stronger bootloader protections

Understanding the boot process and partition structure is one of the most important skills for safely modifying Android devices.