Android: Partition tables

In this article, I will tell you about partition tables for MTK and QCOM devices.
Unlike the OS on computers, smartphones don’t have dynamic partition table.

Android

How to view partitions

To view the main partitions, you just need to perform one of two methods:

  1. Download Termux and enter mount command
  1. Reboot to TWRP, open terminal and enter mount command

Bootloaders

Bootloader is a low-level program which manages boot modes and then calls kernel to load the OS or recovery kernel to load recovery ramdisk.

Main partitions

To begin with, it is worth noting that information about the main partitions of the partition tables on the Internet has been outdated: after Project Treble, a vendor partition was added, and later the arm64_ab architecture was released with a new partition table and mounting the system partition to the root (SAR, System As Root). And later, the manufacturers updated A-only — they added another partition and updated the recovery partition.

  1. VENDOR is a partition containing many binaries and drivers for everything and everyone. Previously, all these binaries were in the system partition, but with the Project Treble they were separated
  2. PRODUCT is a new partition (added in 2019) containing pre-installed applications and services
  3. SYSTEM is the main system partition. It contains frameworks, a lot of props, fstabs, overlays, RROs, software for working with binaries from vendor. Previously, applications were also stored in this partition (they are stored now, but only the most important ones).
  4. USERDATA — user data partition, contains three more partitions such as DATA (this partiton is everywhere, it stores application data), CACHE (system and application cache) and STORAGE (partition where you store your photos and files, access in the explorer).
System-only partition table
Treble-compatible partition table
A/B partition table
SAR A-only partition table

SoС-specific partitions

SoC-specific partitions implement a SoC-specific low-level instructions independently of the OS.

  1. RIL (Radio Interface Layer) is a low-level partition between the OS kernel and baseband. RIL’s job is to translate all phone requests from the Android environment and map them to the modem’s AT command delivery. The AT command is used to communicate with the modem, there is a baseband processor (BP), which must have a processor on Android devices in addition to the normal processor, i.e. the application processor (AP)
  2. TZ (TrustZone) is a partition used on the ARM architecture for additional security features. It combines the user’s encryption key with a hardware key generated by the encryption processor to make it harder to compromise security
  3. RPM (Resource & Power Management), which triggers the execution of the Primary / Primitive BootLoader (PBL) in the BootROM — controls the power of the radio, modem, etc.
  4. DSP (Digital Signal Processor) is a partition on Qualcomm devices to help with things like smooth video playback (media processor and real-time sensors)
  5. HYP (HyperVisor) is a hypervisor. Required to support virtualization
  6. PERSIST is a partitio which stores the driver for Wi-Fi, Bluetooth, LTE / CDMA / GSM and Hotspot sensors
  7. RECOVERY is a partition with the recovery menu
  8. OEM is a partition that includes small adjustments of the original equipment manufacturer and mobile phone brand) during over-the-air updates
  9. FOTA is a partition where OTA updates are downloaded. In most cases, instead of fota, these updates are downloaded to the cache partition
  10. FSC partition contains modem file system cookies
  11. SSD (Secure Software Download) is a partition for storing some encrypted keys. These keys are checked when downloading OS updates
  12. FRP (Factory Reset Protection) is a special partition created to save information about the accounts of smartphone manufacturers (for example, Mi Account on Xiaomi). The trick is that when the settings are reset, FRP is not erased, so you will not be able to get rid of the login to your account on a stolen xiaomi.
  13. DEVCFG is used by TZ for updates
  14. LKSECAPP is for online checking and updating RPM components
  15. TZLIMITS is Qualcomm Limits Management Hardware driver. Stores metadata for the SBL
  16. SYSCFG is Qualcomm Core Power Reduction regulator to improve application processor performance and power saving through voltage control
  17. DIP, MDTP implement Qualcomm SafeSwitch technology to block and track stolen phones
  18. CMNLIB, KEYMASTER, SEC are used for hash load verification. If the OS hash doesn’t match the hash written in the keymaster, your phone won’t boot the OS. This is the main reason why you cannot flash custom firmware on a locked bootloader.
  19. OEMKEYSTORE refers to data Full Disc Encryption (FDE)
  20. MCFG (Modem Configuration) is used on dual SIM devices, downloads MBN files (modem binaries)
  21. SPLASH is a splash screen or boot logo that appears when the device boots up at the ABOOT stage. After it, you can see “Powered by Android” boot animation
  22. CHGLOGO is the same screen for charging a discharged phone
  23. MSADP, APDP, DPO are used for debug policy
  24. EFS is a partition containing information about IMEI, SN and IMEI SV
  25. RSADEVINFO contains a low-level information about the device, including:
is_unlocked
is_tampered
is_verified
charger_screen_enabled
display_panel
bootloader_version
radio_version

Sources

This article is based on my previously made article in VK Unix Power group.
Source

throw new NoSuchElementException("Bio is not found");