| <html devsite> |
| <head> |
| <title>Bootloader</title> |
| <meta name="project_path" value="/_project.yaml" /> |
| <meta name="book_path" value="/_book.yaml" /> |
| </head> |
| <body> |
| <!-- |
| Copyright 2017 The Android Open Source Project |
| |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| |
| <p> |
| A bootloader is a vendor-proprietary image responsible for bringing up the |
| kernel on a device. It guards the device state and is responsible for |
| initializing the <a href="/security/trusty/">Trusted |
| Execution Environment (TEE)</a> and binding its root of trust. |
| </p> |
| <p> |
| The bootloader is comprised of many things including splash screen. To |
| start boot, the bootloader may directly flash a new image into an appropriate |
| partition or optionally use <code>recovery</code> to start the reflashing |
| process that will match how it is done for OTA. Some device manufacturers create |
| multi-part bootloaders and then combine them into a single bootloader.img file. |
| At flash time, the bootloader extracts the individual bootloaders and flashes |
| them all. |
| </p> |
| <p> |
| Most importantly, the bootloader verifies the integrity of the boot and recovery |
| partitions before moving execution to the kernel and displays the warnings |
| specified in the section <a |
| href="/security/verifiedboot/verified-boot#boot_state">Boot state</a>.</p> |
| </body> |
| </html> |