The BootROM loads several other components, each from a dedicated partition. (modem, DSP, etc) Android BootLoader aboot partition Linux Kernel boot partition (bootimg) InitRamFS: /init + rc files Frameworks GUI, etc. Nonetheless, they can be generalized in the following figure: Figure 1: The generalized Android Boot Process (from ACC, Chap.
The exact details of the firmware boot vary between devices and specific architectures (e.g. Recap: Dramatis Personae of the Android Boot ProcessĪndroid's boot process starts with the firmware *, which loads from a ROM. What follows is a discussion of ARM-architecture specifics, and then additional observations I've found thus far.
Hopper disassembler read memory heap how to#
I then continue to discuss how to reverse engineer the binary, which comes in especially handy when handling the proprietary loaders. This is said article.įor those of you who haven't read the book, I recap the key points from the Boot chapter here. There's obviously great benefit in the more advanced techniques, however, so the discussion is deferred to the companion article on the book's web site. In an effort to keep things simple, however, I stop shy of reverse engineering and disassembly - largely because the first part of the book is aimed at power users, and less at developers or hackers. The Confectioner's Cookbook devotes an entire chapter to the boot process, wherein I touch (among other things) on the boot loader format and structure. Most device modders generally leave it be, and (given an unlocked bootloader) start off with the boot.img (kernel + ramdisk) and follow on to various modifications in /system.
What little is known is largely due to partial open source, and for some devices - notably Amazon's and Samsung's - even that isn't available. Reverse Engineering Android's Aboot Jonathan Levin, Īndroid's boot loader is a fairly uncharted area of the landscape.
0 kommentar(er)
