The booting process of Android devices starts at the power-on of the SoC (system on a chip) and ends at the visibility of the home screen, or special modes like recovery and fastboot.[a] The boot process of devices that run Android is influenced by the firmware design of the SoC manufacturers.
As of 2018, 90% of the SoCs of the Android market are supplied by either Qualcomm, Samsung or MediaTek.[1] Other vendors include Rockchip, Marvell, Nvidia and previously Texas Instruments.
Verified boot was introduced with Android KitKat.[2]
The Primary Bootloader (PBL), which is stored in the Boot ROM[3] is the first stage of the boot process. This code is written by the chipset manufacturer.[4]
The PBL verifies the authenticly of the next stage.
On Samsung smartphones, the Samsung Secure Boot Key (SSBK) is used by the boot ROM to verify the next stages.[5]
On SoCs from Qualcomm, it is possible to enter the Qualcomm Emergency Download Mode from the primary bootloader.
If the verification of the secondary bootloader fails, it will enter EDL.[6][better source needed]
Because the space in the boot ROM is limited, a secondary bootloader on the eMMC or eUFS is used.[7] The secondary bootloader initializes TrustZone.[7][8]
On the Qualcomm MSM8960 for example, the Secondary Bootloader 1 loads the Secondary Bootloader 2. The Secondary Bootloader 2 loads TrustZone and the Secondary Bootloader 3.[9]
The SBL is now called XBL by Qualcomm and uses UEFI to be cross compatible for booting operating systems other than Android in the second stage.
Qualcomm uses Little Kernel, MediaTek uses Das U-Boot.[1] Little Kernel is a microkernel for embedded devices, which has been modified by Qualcomm to use it as an Android bootloader.[10] The Android Bootloader (Aboot), which implements the fastboot interface (which is absent in Samsung devices). Aboot verifies the authenticity of the boot and recovery partitions.[4] By pressing a specific key combination, devices can also boot in recovery mode. Aboot then transfers control to the Linux kernel.
See also: Booting process of Linux |
The initramfs is a gzip'ed cpio archive that contains a small root file system. It contains init, which is executed. The Android kernel is a modified version of the Linux kernel. Init does mount the partitions. dm-verity verifies the integrity of the partitions that are specified in the fstab file. dm-verity is a Linux kernel module that was introduced by Google in Android since version 4.4. The stock implementation only supports block based verification, but Samsung has added support for files.[8]
See also: Bionic (software) § Components |
Zygote is spawned by the init process, which is responsible for starting Android applications and service processes. It loads and initializes classes that are supposed to be used very often into the heap. For example, dex data structures of libraries. After Zygote has started, it listens for commands on a socket. When a new applications starts, a command is sent to Zygote which executes a fork() system call.[citation needed]
The Android system is divided across different partitions.[11]
The Qualcomm platform makes use of the GUID partition table. Although this specification is part of the UEFI specification, it does not depend on UEFI.[12]