Custom firmware is also the only way you can install newer versions of Android on devices that are no longer supported by their manufacturers. Unless you own a device that belongs to the Nexus or Android One series, I'm sure you knew that already.
In this article, I help you understand what Android firmware really is and how an Android device uses it. I also introduce you to the tools you can use to replace a device's firmware.
A Word of Caution
Replacing firmware is a risky operation that can potentially make your device unusable. In most cases it also voids your device's warranty. Make sure that you have a backup of your data and a copy of your device's factory image handy before you go ahead and experiment with flashing custom firmware.
1. What Is Android Firmware?
Originally, firmware was a term used to refer to tiny, mission-critical programs installed in the read-only memory, or ROM, of an electronic device. Modifying firmware was either impossible or required special equipment that was usually out of the reach of ordinary end users.
Android firmware, however, is very different. It includes the entire Android operating system and it is stored in a writable form of memory called NAND flash memory, the same type of memory that is used in storage devices, such as USB sticks and SD cards. The word firmware is used only because device manufacturers didn't bother to come up with a new word for it.
Android firmware is also often referred to as Android ROM because, by default, it is not possible for users to directly write to it.
2. What Does Android Firmware Contain?
Firmware installed on an Android device by its manufacturer contains a build of the Android operating system and two additional closed source programs that are usually irreplaceable, a bootloader and radio firmware.
Understanding Bootloaders
An Android bootloader is a small piece of proprietary code that is responsible for starting the Android operating system when an Android device is powered on. However, the bootloader almost always performs one more task. It checks if the operating system it is starting is authentic.
How does it decide what is authentic? It checks if the boot partition has been signed using a unique OEM key, which is short for Original Equipment Manufacturer key. The OEM key, of course, belongs to the device manufacturer, is private, and there is no way you can know what it is.
Because of the authenticity check, you cannot directly install a custom ROM on an Android device. Thankfully, these days, most device manufacturers allow users to disable the check. In Android jargon, they allow users to unlock the bootloader.
The exact procedure you need to follow in order to unlock the bootloader depends on your device. Some manufacturers, such as Sony and HTC, expect you to provide a secret unlock token. Others just expect you to run a fixed set of commands using a terminal.
Usually, a tool called fastboot, which is a part of the Android SDK, is used to run the unlock commands. For example, if you own a Nexus device, you can unlock its bootloader by running the following command:
- fastboot flashing unlock
Understanding Radio Firmware
It might come as a surprise to you, but your Android smartphone actually runs another operating system on an independent processor called a baseband processor. Radio firmware refers to the operating system that runs on the baseband processor.
Usually, it is an RTOS, which short for real-time operating system, and is responsible for managing the cellular radio capabilities of the device. In other words, it is what allows your device to make calls and connect to the internet using wireless technologies such 2G, 3G, and 4G LTE.
The RTOS is a proprietary piece of code and popular baseband processor manufacturers, such as Qualcomm, MediaTek, and Spreadtrum, make sure that its internal workings stay a secret. The Android operating system usually communicates with the RTOS using sockets and callbacks.
Generally, it is not a good idea to replace the radio firmware of your device.
Understanding Android Builds
The Android build is the only part of the firmware that is created from open source code. Consequently, this is the only part that you can modify and extend. When you hear Android enthusiasts say "I flashed a new ROM on my device", you can be sure that they are talking about a new Android build.
An Android build is usually shared in the form of a ZIP file that can be used by fastboot. It has the following contents:
update.zip
- |-- android-info.txt
- |-- boot.img
- |-- recovery.img
- |-- system.img
- `-- userdata.img
- require board=herring
- require version-bootloader=I9020XXJK1
- require version-baseband=I9020XXKD1
The ramdisk, on the other hand, is a read-only filesystem that is mounted by the kernel during the boot process. It contains the well known init process, the first process started by any Linux-based operating system. It also contains various daemons such as adbd and healthd, which are started by the init process. Here is what the directory tree of the ramdisk looks like:
- ramdisk/
- |-- charger -> /sbin/healthd
- |-- data
- |-- default.prop
- |-- dev
- |-- file_contexts
- |-- fstab.grouper
- |-- init
- |-- init.environ.rc
- |-- init.grouper.rc
- |-- init.grouper.usb.rc
- |-- init.rc
- |-- init.recovery.grouper.rc
- |-- init.trace.rc
- |-- init.usb.rc
- |-- init.zygote32.rc
- |-- proc
- |-- property_contexts
- |-- sbin
- | |-- adbd
- | |-- healthd
- | |-- ueventd -> ../init
- | `-- watchdogd -> ../init
- |-- seapp_contexts
- |-- selinux_version
- |-- sepolicy
- |-- service_contexts
- |-- sys
- |-- system
- |-- ueventd.grouper.rc
- `-- ueventd.rc
The system image is also the file that makes most Android users develop an interest in flashing custom firmware. System image files provided by device manufacturers are often full of unnecessary apps and customizations, informally called bloatware. The only way to remove the bloatware is to replace the manufacturer's system image with a more desirable system image.
userdata.img is a partition image that will be mounted on the empty data directory you can see in the ramdisk directory tree. When you download a custom ROM, this image is usually blank and it is used to reset the contents of the data directory.
recovery.img is very similar to boot.img. It has a boot executable kernel file the bootloader can use and a ramdisk. Consequently, the recovery image too can be used to start an Android device. When it is used, instead of Android, a very limited operating system is started that allows the user to perform administrative operations, such as resetting the device's user data, installing new firmware, and creating backups.
The procedure you need to follow in order to boot up using the recovery image is device specific. Usually, it involves entering the bootloader mode, also called fastboot mode, by pressing a combination of hardware keys present on the device, and then selecting the Recovery option. For example, on a Nexus device you need to press and hold the power button in combination with the volume down button.
Alternatively, you can use adb, a tool included in the Android SDK, to directly enter recovery mode.
- adb reboot recovery
The easiest way to flash new firmware on your device is to use the fastboot tool. fastboot follows the fastboot protocol to communicate with an Android device. However, it can only do this when the device has been started in fastboot mode. The quickest way to enter fastboot mode is by using adb:
- adb reboot bootloader
- fastboot update update.zip
- fastboot flash system system.img
- fastboot flash boot boot.img
- fastboot boot twrp.img
Conclusion
You now know what Android firmware is and how to replace it. I want you to understand that replacing firmware is a risky operation that can potentially make your device unusable. In most cases it also voids your device's warranty. Make sure that you have a backup of your data and a copy of your device's factory image handy before you go ahead and experiment with flashing custom firmware.
Written by Ashraff Hathibelagal
If you found this post interesting, follow and support us.
Suggest for you:
Android Application Programming - Build 20+ Android Apps
The Complete Android Developer Course: Beginner To Advanced!
Android: From Beginner to Paid Professional
The Complete Android Developer Course - Build 14 Apps
Ionic by Example: Create Mobile Apps in HTML5
No comments:
Post a Comment