Building an Android ROM

Maybe it’s in the wrong place , it’s not really a tutorial what you’re about to read. It’s more a simple explanation on how an Android ROM is built. I’m going to discuss several parts that can’t be absent if you want a fully functional Android phone, from the software point of view that is.

Here’s a brief summary :

  • Kernel
  • Libraries (and modules)
  • Bootloader
  • Recovery
  • Radio
  • Apps, framework, core, android-runtime, etc…

Kernel

A kernel is a critical component of every Operating System. It can be seen as a sort of bridge between the applications and the actual hardware of a device. Usually the data processing part is done at hardware level, furthermore the kernel is the most low-level abstraction layer for the resources.

There exist several types of kernels, but I am only discussing the one that is important for the Android ROM. The kernel for the Android ROM is a hybrid kernel, it is based on the Linux kernel. Devices can differ in RAM memory, ROM memory, hardware parts and so on. So it’s really important you have a kernel for your type of device, an HTC Wildfire kernel won’t work on a Nexus One for example.

It is possible to overclock a kernel. What the hell is overclocking you may wonder? Every CPU is designed to work at a certain clock speed. For the HTC Wildfire the Qualcomm ARMv6 processor operates at 528 mHz; This is a limit that is coded in to the kernel because they can’t guarantee a good cooling if you go over this limit. My Wildfire runs at 652.8 mHz, it can go till 768 mHz but it can cause freezes. When you overclock the kernel , the CPU will be instructed to do more calculations per second and will so increase the performance. When you overclock the CPU of your desktop machine it needs extra cooling, it’s not necessary for a smartphone. However keep in mind this will degenerate your CPU more quickly. To overclock an Android phone you must root first, and than install SetCPU from the market , it is a paid app but it’s worth it. Further you have to flash an overclockable kernel , I prefer the OC Kernel of HCDR.Jacob, at XDA-forums (see links right). If you have done these 3 things you’re ready to OC!

Libraries

Imagine you want to program an application for your phone that uses the camera. It can take a picture and turn on the flash LED on. These are things not only your own application will use, there can be tons of applications that have a button , that when you press it , it will take a photo. So think about if they always have to write the machine code for the phone , that it instructs the phone to put on the camera. It would be a lot of code duplication and would make an application slow. Instead for functions like the camera, or loudspeakers, they developped libraries. These are chunk of codes that can be executed by calling them trough a call-method (in java : import somelibrarie.someclass;), these are already pre-written and ready to use. It saves a lot of coding work and keeps the source code small. Libraries in the Windows OS for example are the so called .dll files (Dynamic Linked Libraries) , on your Android ROM or Linux OS these are the .so files (Shared Object), when coding in Java you import .jar libraries before the class signature. On your Android phone you have particular libraries that can’t be absent, or else your ROM won’t even boot.

Bootloader

A bootloader in general is the first bytes of code that a machine executes that will tell the bootsequence and will load the operating system into the RAM. On an Android phone this is the so called HBoot, from here you can go to the recovery partition, the system or data partition,.. If you simple press the power button Hboot will load the OS into your RAM. But if you want to access these partitions it is possible by pressing, if you have a Wildfire, the volume-down button and simultaneously the power button. This will bring up the Hboot menu. The bootloader is used as exploit for rooting an Android phone. Once rooted you can flash custom roms , like ImPrOS, or just edit system files. (for a how-to , check tutorials under Android).

Recovery

When you use a one-click-root application, like Unrevoked3 , it will install a modded recovery. With this modded recovery it is possible to flash a new kernel, radio image (see below), custom rom, install applications (not the best way though),nandroid backup,.. The modded recovery that is flashed by Unrevoked3 is called ClockworkMod.

Radio

The lowest part of software layer is the radio, this is the very first thing that boots even before the bootloader. This handles the GPS-antenna,GSM antenna ,fires up the CPU, everything what Hboot needs to load the OS. This is also upgradeable by flashing a new radio image trough ClockworkMod. However this is not recommended : flashing a new ROM can’t brick your phone but if anything goes wrong when you flash a ROM with a new radio image this can brick your phone. So unless you experience bad reception or battery drainage, don’t touch the radio!!

Applications, framework, android-runtime,..

Now we have the fundamental software layers, we have to decorate our ROM, it has to have some interface trough where it can communicate with the user. We can install applications like a keyboard, a phone application, a calculator. And last but not least the android-runtime. This is a package of code that represents the Android Virtual Machine. The Android programming language is based on xml and Java (mostly Java) , like every programming language has some sort of virtual machine, (Java has JVM = Java Virtual Machine) Android has android-runtime.

Well, now you know enough about the core software as I like to call this whole package. To create your own ROM you have to tweak or to rewrite the last section , but not the android-runtime (unless you have a lot lot lot lot lot free time :p) , so start developing and ask me for help if you need !

Grtz h4oxer

Advertisements

27 comments

  1. Hi. I’m just curious how radios are handled within the android OS. Say I wanted to add support for a radio present on my device but not usable by my current rom (in my case, a 4G radio). Where would I begin?

  2. This is a real vague question you’re asking.Basically if I understand your question you need to write a RIL from scratch (http://en.wikipedia.org/wiki/Radio_Interface_Layer) Either by reverse engineering an existing one or by writing it using information provided by the vendor. However this is not recommended. Why do you think that you don’t have support ? Also wich 4G are we talking about (HSPA, WiMAX, LTE)

    The RIL is a very dangerous component to rewrite, a single error can brick your device. Be sure you know what you’re doing !

      1. I see, thanx for the info on hex editing.
        Well im still new for android development so not quite sure where to begin with. But lately ive been trying to get my head around 3g on the acer a500 tablet. but how i can find the related files to a particular component.
        For example let’s say its about 3g, then how can i find out which files are needed to get this running. I found out that libmbm-ril.so inside the lib folder is required and apart from this i am not sure what other files are needed. Do you have some best practice which you could share?

      2. For this, Google is the best place. In order to determine which library serves which hardware you can either search it on the internet or try to figure it out by trial and error. For example to see what library xy.so does, you can delete it from your ROM and reflash this. Than you go over a checklist of actions and if your applications force close or something you can determine which function this library is responsible for. (Very time expensive, but not really an other way..)

  3. Hello buddy! ; )

    Thanks for a great article.

    I’m a bit confused as to what the actual ROM contains. Are the boot-loader and radio parts of it? I assume the kernel, libraries and some basic applications are, but I’m not sure about that either. ; )

    1. The bootloader isn’t part of a ROM. If you flash official ROMs updated by for example HTC these contain a Radio Image. However on rooted phones you can flash ROMs without a radio image in it. What can’t be absent in a ROM : Kernel, Libraries, Android Runtime and Applications. Hope this helps you!

      1. u said, when we update our firmware officially OTA from device manufacturer, the radio image is overwritten with their updated one.
        But when we insert custom ROM in rooted phone, we don’t normally overwrite the radio image.
        How come?

        Isn’t radio image a part of firmware?
        If we customize firmware & insert in phone, doesn’t the radio image also get overwritten? So it shud brick the phone. Rt? I’m really confused abt these things…plz help me with full details. I’ve been reading & reading & reading abt these stuffs but get to nowhere!!! 😦

        One more Question:-
        What exactly gets rooted? The kernel, bootloader, android runtime, ….exactly what?
        And why rooting exactly that thing helps us customizing our phone?

  4. Ok so if I wanted to start learning to code my own rom what programs do you suggest using? I am new to Java but not programing as I have used other languages before like VB and HTML. I am looking for a good starting point. Thanks

    1. First things first : Learn Java. It’s not as easy as VB and HTML 🙂 After that, read my article on setting op your Android environment, and start with the articles you can find on the official Google Android development site. Great tutorials over there! Also consider signing up on xda-forums ! If you have any questions you can pm me there : username : h4oxer ! Happy coding!

  5. Thank you h4oxer for this simple beautiful article about Android components.I like to add to hannes question above,to please elaborate more how these components Kernels,Radios,Rails and Roms are laid out on mobile phones HDD like on the same partition or different partitions,and the order of the boot sequence like what gets to load first and afterwords. Also this is a separate question , can I install any ROMs like cm or Aokp ROMs to any phone or do I’ve to get specific ROM for the phone. Thank you.

  6. H4oxer, I’ll rephrase my questions to include what is Bootloader why do people want unlock it, how do Radio kernel Rails and ROM are laid out on phones HDD means,file structure and the boot sequence. And second question is Radios are they hardware specific or firmware specific (froyo,gingerbread or ice cream sandwich) and what is the difference between firmware and ROM.
    These questions been answered on many different sites but not in one complete article, this help many curious newbies to get their feet wet in greatest phenomenon the Android. Thankyou

  7. Please strike above two posts by me cause I’ll make this one complete question.
    H4oxer, I’ll rephrase my questions to include what is Bootloader why does people want unlock it as ive learned that Rooting gives full super user access to android file system and one can modify it in any way so why unlock bootloader?, how do Radio kernel Rails and ROM are laid out on phones HDD means,file structure and the boot sequence. And second question is Radios are they hardware specific or firmware specific (froyo,gingerbread or ice cream sandwich) and what is the difference between firmware and ROM.
    These questions been answered on many different sites but not in one complete article, this help many curious newbies to take a starting plunge in greatest phenomenon the Android. Thankyou.

    1. After 7 days of relentless research here I come to answers to my questions,only for the benefit of others who landed on this page for answer.

      Your android phone comes inlaid with a Boot loader and 6 or more partitions namely,boot,system,recover,data,cache and misc .
      When u power on phone the cpu’s Clockwire gets power on and it starts some low level work like setting up some registers and initialize internal memory and start looking at specified address for Boot loader,boot loader is like a BIOS of a motherboard, loads and execute boot loader program whose main functions are to initialize external or phone RAM, load Kernel into memory beside other things establish telephony services like radio interface, that is why u have to be very careful before updating radios! Because a wrong move can brick ur phone. Boot loader also beside loading kernel detects what combinations of keys were pressed and based on that loads Recovery or system partitions. Eventually kernel, which is a goto guy between hardware and operating system, mount system image ,where your os or firmware is laid out and your phone starts up.
      After unlocking bootloader u can install custom recover onto your recovery partition hence wiping factory recovery image,custom recover gives you lots of options namely installing new ROM,radio,kernel etc.
      Root access gives u super user access to your /system image means u can modify your system party ion only.
      Froyo ,ICS,jellybean all are system update that goes in /system partition or may be called firmware*. ROM is your system partition and kernal both.

      H4oxer please at least correct me if I’m mistaken.

      1. Sorry for late reply, but your comment is completely correct. You understand it. But the part where the phone starts up should be : The bootloader gets fired up, not Clockwire (and I think you mean ClockWorkdMOD ?). What happens exactly : There exist sometimes 3 bootloaders. 2 secure bootloaders and one final bootloader. The 2 first bootloaders calculated hashes and check if the firmware that is currently present is a valid one that is signed by the vendor (HTC, Samsung, etc) When this is true the third bootloader will fire up the kernel , radio level and all RAM memory components. Rooting or unlocking a device is preventing the bootloader from checking the signed ROMs. Once this is done you can flash whatever ROM you want.

  8. u said, when we update our firmware officially OTA from device manufacturer, the radio image is overwritten with their updated one.
    But when we insert custom ROM in rooted phone, we don’t normally overwrite the radio image.
    How come?

    Isn’t radio image a part of firmware?
    If we customize firmware & insert in phone, doesn’t the radio image also get overwritten? So it shud brick the phone. Rt? I’m really confused abt these things…plz help me with full details. I’ve been reading & reading & reading abt these stuffs but get to nowhere!!! 😦

    One more Question:-
    What exactly gets rooted? The kernel, bootloader, android runtime, ….exactly what?
    And why rooting exactly that thing helps us customizing our phone?

      1. Radio is not a fixed part of a ROM. There are ways to extract the radio image from a ROM .zip file. This is always done when you flash a custom ROM. Radio images shouldn’t be flashed every time. Only when one experiences : battery drainage, bad gps fix, weak WiFi signal etc..

      2. There are differences between rooting and unlocking.

        Rooting : Getting root privileges (in other words : Installing the SuperUser.apk)

        Unlocking : Preventing the bootloader from checking the ROM if it is correctly signed by the vendor. See replies above.

  9. Question is theres a way to figure out what libs(.so) are licked to what apps(apk).
    I use a custom rom and delete all apks I dont want to free up internal memory. But Im also sure that I can also delete the libs associated with the app. But they are not named the same and was wondering if there was a way to fugure out what lib belongs to what app?

    1. Hi Reinaldo,

      Good question, however it’s not wise to delete libraries. The “.so” libraries are provided by Android. These are part of the Android framework. Developers who write applications know these libs ship standard with the Android Framework. Every library that’s specific for a certain application will be removed when uninstalling this application. Hence, it’s unnecessary for you to manually delete libraries you think are associated with an app. Hope this answers your question.

      Kind regards,

      h4

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s