Fastboot

	Fastboot text-based user interface
Original author(s)	Google LLC
Repository	android.googlesource.com
Included with	Android SDK
Available in	C++
Type	Firmware communication protocol and implementation thereof

Last updated August 29, 2024

Fastboot is a communication protocol used primarily with Android devices.^[1] It is implemented in a command-line interface tool of the same name and as a mode of the bootloader of Android devices. The tool is included with the Android SDK package and used primarily to modify the flash filesystem via a USB connection from a host computer. It requires that the device be started in Fastboot mode. If the mode is enabled, it will accept a specific set of commands,^[2] sent through USB bulk transfers. Fastboot on some devices allows unlocking the bootloader, and subsequently, enables installing custom recovery image and custom ROM on the device. Fastboot does not require USB debugging to be enabled on the device.^[3] To use fastboot, a specific combination of keys must be held during boot.^[4]

Keys pressed

The keys that have to be pressed for fastboot differ for various vendors.^[7]

HTC, Google Pixel, and Xiaomi: Power and volume down
Zebra and symbol devices: Right scan/action button
Sony: Power and volume up
Google Nexus: Power, volume up and volume down

On Samsung devices, (excluding the Nexus S and Galaxy Nexus devices), power, volume down and home has to be pressed for entering ODIN mode. This is a proprietary protocol, and tool, as an alternative to fastboot. The tool has a partial alternative.

Commands

Some of the most commonly used fastboot commands include:

flash – rewrites a partition with a binary image stored on the host computer.
flashing unlock/oem unlock *** – unlocks an OEM locked bootloader for flashing custom/unsigned ROMs. The *** is a device specific unlock key.
flashing lock/oem lock *** – locks an OEM unlocked bootloader.
erase – erases a specific partition.
reboot – reboots the device into either the main operating system, the system recovery partition or back into its boot loader.
devices – displays a list of all devices (with the serial number) connected to the host computer.
format – formats a specific partition; the file system of the partition must be recognized by the device.
oem device-info – checks the bootloader state.
getvar all – displays all information about device (IMEI, bootloader version, battery state etc.).

Implementations

The fastboot protocol has been implemented in the Android bootloader called ABOOT,^[8] the Little Kernel fork of Qualcomm,^[9] TianoCore EDK II, ^[10]^[11] and Das U-Boot.^[12]

Related Research Articles

Unified Extensible Firmware Interface is a specification that defines the architecture of the platform firmware used for booting a computer's hardware and its interface for interaction with the operating system. Examples of firmware that implement the specification are AMI Aptio, Phoenix SecureCore, TianoCore EDK II, InsydeH2O. UEFI replaces the BIOS which was present in the boot ROM of all personal computers that are IBM PC compatible, although it can provide backwards compatibility with the BIOS using CSM booting. Intel developed the original Extensible Firmware Interface (EFI) specification. Some of the EFI's practices and data formats mirror those of Microsoft Windows. In 2005, UEFI deprecated EFI 1.10.

<span class="mw-page-title-main">USB mass storage device class</span> USB device class for drives

The USB mass storage device class is a set of computing communications protocols, specifically a USB Device Class, defined by the USB Implementers Forum that makes a USB device accessible to a host computing device and enables file transfers between the host and the USB device. To a host, the USB device acts as an external hard drive; the protocol set interfaces with a number of storage devices.

The boot ROM is a type of ROM that is used for booting a computer system. There are two types: a mask boot ROM that cannot be changed afterwards and a boot EEPROM, which can contain an UEFI implementation.

A live USB is a portable USB-attached external data storage device containing a full operating system that can be booted from. The term is reminiscent of USB flash drives but may encompass an external hard disk drive or solid-state drive, though they may be referred to as "live HDD" and "live SSD" respectively. They are the evolutionary next step after live CDs, but with the added benefit of writable storage, allowing customizations to the booted operating system. Live USBs can be used in embedded systems for system administration, data recovery, or test driving, and can persistently save settings and install software packages on the USB device.

The EFIsystem partition or ESP is a partition on a data storage device that is used by computers that have the Unified Extensible Firmware Interface (UEFI). When a computer is booted, UEFI firmware loads files stored on the ESP to start operating systems and various utilities.

The Linux booting process involves multiple stages and is in many ways similar to the BSD and other Unix-style boot processes, from which it derives. Although the Linux booting process depends very much on the computer architecture, those architectures share similar stages and software components, including system startup, bootloader execution, loading and startup of a Linux kernel image, and execution of various startup scripts and daemons. Those are grouped into 4 steps: system startup, bootloader stage, kernel stage, and init process. When a Linux system is powered up or reset, its processor will execute a specific firmware/program for system initialization, such as the power-on self-test, invoking the reset vector to start a program at a known address in flash/ROM, then load the bootloader into RAM for later execution. In IBM PC–compatible personal computers (PCs), this firmware/program is either a BIOS or a UEFI monitor, and is stored in the mainboard. In embedded Linux systems, this firmware/program is called boot ROM. After being loaded into RAM, the bootloader will execute to load the second-stage bootloader. The second-stage bootloader will load the kernel image into memory, decompress and initialize it, and then pass control to this kernel image. The second-stage bootloader also performs several operation on the system such as system hardware check, mounting the root device, loading the necessary kernel modules, etc. Finally, the first user-space process starts, and other high-level system initializations are performed.

The Nexus One is an Android smartphone designed and manufactured by HTC as Google's first Nexus smartphone. The Nexus became available on January 5, 2010, and features the ability to transcribe voice to text, an additional microphone for dynamic noise suppression, and voice guided turn-by-turn navigation to drivers.

The Android Dev Phone (ADP) is a SIM-unlocked and bootloader unlocked Android device that is designed for advanced developers. While developers can use regular consumer devices purchased at retail to test and use their apps, some developers may choose not to use a retail device, preferring an unlocked or no-contract device.

Rooting is the process by which users of Android devices can attain privileged control over various subsystems of the device, usually smartphones and tablets. Because Android is based on a modified version of the Linux kernel, rooting an Android device gives similar access to administrative (superuser) permissions as on Linux or any other Unix-like operating system such as FreeBSD or macOS.

The hacking of consumer electronics is a common practice that users perform to customize and modify their devices beyond what is typically possible. This activity has a long history, dating from the days of early computer, programming, and electronics hobbyists.

The Android Debug Bridge is a programming tool used for the debugging of Android-based devices. The daemon on the Android device connects with the server on the host PC over USB or TCP, which connects to the client that is used by the end-user over TCP. Made available as open-source software under the Apache License by Google since 2007, its features include a shell and the possibility to make backups. The adb software is available for Windows, Linux and macOS. It has been misused by botnets and other malware, for which mitigations were developed such as RSA authentication and device whitelisting.

<span class="mw-page-title-main">Android software development</span> Process of writing software for Android operating system

Android software development is the process by which applications are created for devices running the Android operating system. Google states that "Android apps can be written using Kotlin, Java, and C++ languages" using the Android software development kit (SDK), while using other languages is also possible. All non-Java virtual machine (JVM) languages, such as Go, JavaScript, C, C++ or assembly, need the help of JVM language code, that may be supplied by tools, likely with restricted API support. Some programming languages and tools allow cross-platform app support. Third party tools, development environments, and language support have also continued to evolve and expand since the initial SDK was released in 2008. The official Android app distribution mechanism to end users is Google Play; it also allows staged gradual app release, as well as distribution of pre-release app versions to testers.

Team Win Recovery Project (TWRP), pronounced "twerp", is an open-source software custom recovery image for Android-based devices. It provides a touchscreen-enabled interface that allows users to install third-party firmware and back up the current system, functions usually not supported by stock recovery images. It is, therefore, often installed when flashing, installing, or rooting Android devices, although it does not require a device to be rooted before installation.

Custom firmware, also known as aftermarket firmware, is an unofficial new or modified version of firmware created by third parties on devices such as video game consoles, mobile phones, and various embedded device types to provide new features or to unlock hidden functionality. In the video game console community, the term is often written as custom firmware or simply CFW, referring to an altered version of the original system software inside a video game console such as the PlayStation Portable, PlayStation 3, PlayStation Vita/PlayStation TV, PlayStation 4, Nintendo 3DS ,Wii U and Nintendo Switch. Installing custom firmware on some devices requires bootloader unlocking.

Bootloader unlocking is the process of disabling the bootloader security that makes secure boot possible. It can make advanced customizations possible, such as installing a custom firmware. On smartphones this can be a custom Android distribution or another mobile operating system. Some bootloaders are not locked at all, others can be unlocked using a standard command, others need assistance from the manufacturer. Some do not include an unlocking method and can only be unlocked through a software exploit.

The Qualcomm Emergency Download mode, commonly known as Qualcomm EDL mode and officially known as Qualcomm HS-USB QD-Loader 9008 is a feature implemented in the boot ROM of a system on a chip by Qualcomm which can be used to recover bricked smartphones. On Google's Pixel 3, the feature was accidentally shown to users after the phone was bricked.

The Android recovery mode is a mode of Android used for installing updates and wipe data. It consists of a Linux kernel with ramdisk on a separate partition from the main Android system.

The booting process of Android devices starts at the power-on of the SoC and ends at the visibility of the home screen, or special modes like recovery and fastboot. The boot process of devices that run Android is influenced by the firmware design of the SoC manufacturers.

The Linux kernel can run on a variety of devices made by Apple, including devices where the unlocking of the bootloader is not possible with an official procedure, such as iPhones and iPads.

Thor is a communication protocol which is mainly used to communicate with the Bootloader of Samsung devices to make it write files into various partitions of the device. It is also possible to list the partitions or to reboot the phone through this protocol.

References

↑ "Fastboot Protocol Documentation". android.googlesource.com. Retrieved 2019-07-07.
↑ Ravenscraft, Eric (2014-06-13). "The Most Useful Things You Can Do with ADB and Fastboot on Android". Lifehacker. Retrieved 2019-07-07.
↑ Tamma, Rohit (2015). Learning Android forensics : a hands-on guide to Android forensics, from setting up the forensic workstation to analyzing key forensic artifacts. Donnie Tindall. Birmingham, UK. p. 113. ISBN 978-1-78217-444-8. OCLC 910639389.{{cite book}}: CS1 maint: location missing publisher (link)
↑ "How to Use ADB and Fastboot on Android (And Why You Should)". Makeuseof . 2017-01-26. Retrieved 2021-08-04.
↑ "The Easiest Way to Install Android's ADB and Fastboot Tools on Any OS". Lifehacker . 11 January 2017. Retrieved 2021-08-04.
↑ Drake, Joshua J. (2014). Android hacker's handbook. Zach Lanier, Collin Mulliner, Pau Oliva, Stephen A. Ridley, Georg Wicherski. Indianapolis, IN: Wiley. ISBN 978-1-118-60861-6. OCLC 875820167.
↑ Tahiri, Soufiane (2016). Mastering mobile forensics : develop the capacity to dig deeper into device data acquisition. Birmingham, UK. ISBN 978-1-78528-106-8. OCLC 952135850.{{cite book}}: CS1 maint: location missing publisher (link)
↑ Hay, R. (2017). fastboot oem vuln: Android bootloader vulnerabilities in vendor customizations. In 11th USENIX Workshop on Offensive Technologies (WOOT 17).
↑ "fastboot.c\aboot\app - kernel/lk -". source.codeaurora.org. Archived from the original on 2021-09-11. Retrieved 2021-09-11.
↑ "Undocumented Fastboot Oem Commands". carlo.marag.no. 2020-09-18. Retrieved 2021-09-11.
↑ "edk2/AndroidFastbootApp.c at master · tianocore/edk2". GitHub . Retrieved 2021-09-11.
↑ u-boot/u-boot, u-boot, 2023-04-15, retrieved 2023-04-15

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Fastboot Protocol Documentation". android.googlesource.com. Retrieved 2019-07-07.

[2] Ravenscraft, Eric (2014-06-13). "The Most Useful Things You Can Do with ADB and Fastboot on Android". Lifehacker. Retrieved 2019-07-07.

[3] Tamma, Rohit (2015). Learning Android forensics : a hands-on guide to Android forensics, from setting up the forensic workstation to analyzing key forensic artifacts. Donnie Tindall. Birmingham, UK. p. 113. ISBN 978-1-78217-444-8. OCLC 910639389.{{cite book}}: CS1 maint: location missing publisher (link)

[4] "How to Use ADB and Fastboot on Android (And Why You Should)". Makeuseof . 2017-01-26. Retrieved 2021-08-04.

[5] "The Easiest Way to Install Android's ADB and Fastboot Tools on Any OS". Lifehacker . 11 January 2017. Retrieved 2021-08-04.

[:0-6] Drake, Joshua J. (2014). Android hacker's handbook. Zach Lanier, Collin Mulliner, Pau Oliva, Stephen A. Ridley, Georg Wicherski. Indianapolis, IN: Wiley. ISBN 978-1-118-60861-6. OCLC 875820167.

[7] Tahiri, Soufiane (2016). Mastering mobile forensics : develop the capacity to dig deeper into device data acquisition. Birmingham, UK. ISBN 978-1-78528-106-8. OCLC 952135850.{{cite book}}: CS1 maint: location missing publisher (link)

[8] Hay, R. (2017). fastboot oem vuln: Android bootloader vulnerabilities in vendor customizations. In 11th USENIX Workshop on Offensive Technologies (WOOT 17).

[9] "fastboot.c\aboot\app - kernel/lk -". source.codeaurora.org. Archived from the original on 2021-09-11. Retrieved 2021-09-11.

[10] "Undocumented Fastboot Oem Commands". carlo.marag.no. 2020-09-18. Retrieved 2021-09-11.

[11] "edk2/AndroidFastbootApp.c at master · tianocore/edk2". GitHub . Retrieved 2021-09-11.

[12] u-boot/u-boot, u-boot, 2023-04-15, retrieved 2023-04-15

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]