While
the specifications for a mobile device tell us about the size of
internal storage, they do not tell us how the internal storage is
partitioned. While it is possible to create multiple partitions on
external storage, external SD cards normally have a single partition
that is formatted with a single FAT32 file system. Consequently, the
scope of this article is limited to internal storage. Unless you are
installing a custom version of Android on your phone, you really do not
have any choice as to the size of the partitions. Before discussing what
you can do, we need to understand the Android partition scheme.
While the mount command shows the mounted partitions, it does not show all the partitions. For a full list of partitions you can run the command: cat /proc/partitions. In addition to showing the device name, the file displays the size of each partition. The device names follow a naming format, such as mmcblk0 for the entire device. Each partition of the device then has the name such as mmcblk0p1 for the first partition on that block device. However, the device name tells you nothing about the contents of the partition. For some Android devices, you can find more information by using the following command:
ls -l /dev/block/platform/block_device_name/by-name/
For example on the Samsung Galaxy S III running Ice Cream Sandwich, the command is:
ls -l /dev/block/platform/dw_mmc/by-name/
The -l option is important as the partition name is a symbolic link to the actual device name, as shown below:
lrwxrwxrwx root root 2013-01-14 22:17 BOOT -> /dev/block/mmcblk0p5
lrwxrwxrwx root root 2013-01-14 22:17 BOTA0 -> /dev/block/mmcblk0p1
lrwxrwxrwx root root 2013-01-14 22:17 BOTA1 -> /dev/block/mmcblk0p2
lrwxrwxrwx root root 2013-01-14 22:17 CACHE -> /dev/block/mmcblk0p8
lrwxrwxrwx root root 2013-01-14 22:17 EFS -> /dev/block/mmcblk0p3
lrwxrwxrwx root root 2013-01-14 22:17 HIDDEN -> /dev/block/mmcblk0p10
lrwxrwxrwx root root 2013-01-14 22:17 OTA -> /dev/block/mmcblk0p11
lrwxrwxrwx root root 2013-01-14 22:17 PARAM -> /dev/block/mmcblk0p4e
lrwxrwxrwx root root 2013-01-14 22:17 RADIO -> /dev/block/mmcblk0p7
lrwxrwxrwx root root 2013-01-14 22:17 RECOVERY -> /dev/block/mmcblk0p6
lrwxrwxrwx root root 2013-01-14 22:17 SYSTEM -> /dev/block/mmcblk0p9
lrwxrwxrwx root root 2013-01-14 22:17 USERDATA -> /dev/block/mmcblk0p12
If the by-name directory is not present, you only know the information provided in the mount command. While every block device is represented in the /sys/block directory, there is no attribute that displays the label on the partition. Alas, CM 10 does not provide the by-name directory. However, unlike most distributions of Android, it does provide a stripped down version of the fdisk command, which provides some useful information. To view the partition layout for the internal storage, use the following command:
fdisk -l /dev/block/mmcblk0
The results of the above command for CM 10 are as follows:
The above output tells us a lot about the partition structure of
Android. Partition 1 is the primary boot loader, while partition 2 is
the alternate boot loader. Most Android devices have two boot loaders
for reasons that are beyond the scope of this article. Partition 3
contains the boot kernel image. This partition never needs to be
mounted, as the boot loader knows its location.
Android, like Linux, uses the standard MSDOS partition table, with a maximum of four primary partitions. Thus, partition 4 is the extended partition for the remaining logical partitions. The following table summarizes the information from the above commands:
If you are looking for a swap partition, there is none. The write activity to a swap partition would considerably shorten the life of the flash memory. Instead, Android uses a different technique that is actually more efficient than swapping. To understand why sdcard0 is not directly mounted, we need to understand more about the FUSE file system.
Since the file system is encrypted, the kernel uses the dm virtual device to store the unencrypted version of a file. If you look at /proc/partitions, you may see loopback (loop) and dm virtual file systems. I separate virtual file systems from pseudo file systems in that a virtual file system is the backing store, and does represent a file system in memory. Using a bit of kernel magic, Linux keeps the unencrypted version of a file in a dm file system. The init.rc file divides the files into three classes: core, main, or late-state.
When you encrypt internal storage (only the data partition is encrypted), you must use password protection. The Google Android team chose to use a single password, instead of separate passwords. Ideally there should be an option for separate passwords for maximum security, but one password is not a huge security risk. Immediately after entering the SIM pin, the mobile device prompts you for your encryption password. If you don't know it, the mobile device cannot continue the boot process, as it cannot access the data partition. Since there is no longer a USB mount, even connecting the mobile device to a PC is not going to provide access to encrypted data. Even MTP access will fail, as FUSE requires access to the data partition.
Since external storage typically uses the FAT32 file system, encryption is limited to individual file encryption. Storing sensitive files on an external SD card does represent a security risk.
Storage Analyser also shows hidden files and directories, which you do not see in File Manager. A hidden file, or directory, is one that begins with a dot (.). For example, .android_secure is hidden directory. Hidden files are not new, as they are a common convention used in Linux and Unix. To hide any file, or directory, you just need to modify its name to begin with a dot.
Advantages of Multiple Partitions
Partitions serve as a means of allocating space on physical media. While it is possible to create a single partition on internal storage, multiple partitions have the following advantages:- The two partitions that see regular change are data partition and the cache partition. The data directory stores all the Android application data, while the cache directory stores temporary data. For example, Web browsers store data from Web sites to reduce the transfer time, when accessing the same Web page. The one exception is the dalvik cache, which is part of the data directory. Java uses a JIT (Just-In-Time) compiler to translate the byte code into the machine code for the platform. By saving the compiled version in the Dalvik cache, the Dalvik VM (Virtual Machine) does not need to keep recompiling the application every time it is used. By having a separate partition, the growth of the cache directory is limited to the size of the partition. This, however, sets a limit to the number of applications that can be saved on the internal media.
- The boot partitions, there may be one or more, are only required during the boot process, and are never mounted. By the same token, the recovery partition needs to be accessed only when performing a phone recovery.
- Some partitions are mounted as read-only, such as the system partition. There is nothing in the system partition requires changing by a user. While this directory is important to the operation of an Android device, the files in this partition only change when the device is upgraded to another version of Android.
- When you encrypt your phone, only the data partition is encrypted, since this is the only directory that contains user data. It is important to note that the entire partition is encrypted, and not individual files. Mounting of the partition requires the entry of the encryption password.
Identifying the Partition Layout
While there are certain common partitions, there is no standard for partition layout or sizing. You will see different layouts in different versions of Android, and different layouts from different vendors. This article is based on the partition layouts for a Samsung Galaxy S III running Ice Cream Sandwich, an B&N Nook Color running CM 10, and a Jelly Bean emulator from the Android SDK. To explore your Android mobile device, you need to install the Android Terminal Emulator app, or use adb (Android Debug Bridge). Both require a fundamental knowledge of Linux commands.While the mount command shows the mounted partitions, it does not show all the partitions. For a full list of partitions you can run the command: cat /proc/partitions. In addition to showing the device name, the file displays the size of each partition. The device names follow a naming format, such as mmcblk0 for the entire device. Each partition of the device then has the name such as mmcblk0p1 for the first partition on that block device. However, the device name tells you nothing about the contents of the partition. For some Android devices, you can find more information by using the following command:
ls -l /dev/block/platform/block_device_name/by-name/
For example on the Samsung Galaxy S III running Ice Cream Sandwich, the command is:
ls -l /dev/block/platform/dw_mmc/by-name/
The -l option is important as the partition name is a symbolic link to the actual device name, as shown below:
lrwxrwxrwx root root 2013-01-14 22:17 BOOT -> /dev/block/mmcblk0p5
lrwxrwxrwx root root 2013-01-14 22:17 BOTA0 -> /dev/block/mmcblk0p1
lrwxrwxrwx root root 2013-01-14 22:17 BOTA1 -> /dev/block/mmcblk0p2
lrwxrwxrwx root root 2013-01-14 22:17 CACHE -> /dev/block/mmcblk0p8
lrwxrwxrwx root root 2013-01-14 22:17 EFS -> /dev/block/mmcblk0p3
lrwxrwxrwx root root 2013-01-14 22:17 HIDDEN -> /dev/block/mmcblk0p10
lrwxrwxrwx root root 2013-01-14 22:17 OTA -> /dev/block/mmcblk0p11
lrwxrwxrwx root root 2013-01-14 22:17 PARAM -> /dev/block/mmcblk0p4e
lrwxrwxrwx root root 2013-01-14 22:17 RADIO -> /dev/block/mmcblk0p7
lrwxrwxrwx root root 2013-01-14 22:17 RECOVERY -> /dev/block/mmcblk0p6
lrwxrwxrwx root root 2013-01-14 22:17 SYSTEM -> /dev/block/mmcblk0p9
lrwxrwxrwx root root 2013-01-14 22:17 USERDATA -> /dev/block/mmcblk0p12
If the by-name directory is not present, you only know the information provided in the mount command. While every block device is represented in the /sys/block directory, there is no attribute that displays the label on the partition. Alas, CM 10 does not provide the by-name directory. However, unlike most distributions of Android, it does provide a stripped down version of the fdisk command, which provides some useful information. To view the partition layout for the internal storage, use the following command:
fdisk -l /dev/block/mmcblk0
The results of the above command for CM 10 are as follows:
Disk /dev/block/mmcblk0: 7944 MB, 7944011776 bytes
255 heads, 63 sectors/track, 965 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/block/mmcblk0p1 * 1 9 72261 c Win95 FAT32 (LBA)
/dev/block/mmcblk0p2 10 18 72292+ c Win95 FAT32 (LBA)
/dev/block/mmcblk0p3 19 56 305235 83 Linux
/dev/block/mmcblk0p4 57 935 7060567+ 5 Extended
/dev/block/mmcblk0p5 57 114 465853+ 83 Linux
/dev/block/mmcblk0p6 115 236 979933+ 83 Linux
/dev/block/mmcblk0p7 237 281 361431 83 Linux
/dev/block/mmcblk0p8 282 935 5253223+ c Win95 FAT32 (LBA)
Android, like Linux, uses the standard MSDOS partition table, with a maximum of four primary partitions. Thus, partition 4 is the extended partition for the remaining logical partitions. The following table summarizes the information from the above commands:
Device name |
/dev/block | ||
---|---|---|---|
Samsung Galaxy SIII | CyanogenMod 10 | AOSP Emulator | |
boot | mmcblk0p5 | mmcblk0p1 | |
bootloader0 | mmcblk0p1 | mmcblk0boot1 | |
bootloader1 | mmcblk0p2 | mmcblk0boot2 | |
cache | mmcblk0p8 | mmcblk0p7 | mtdblock2 |
efs | mmcblk0p3 | mmcblk0p4 | |
hidden | mmcblk0p10 | ||
emmc | mmcblk0p8 | ||
data | mmcblk0p12 | mmcblk0p6 | mtdblock1 |
ota | mmcblk0p11 | ||
param | mmcblk0p4 | ||
radio | mmcblk0p7 | ||
recovery | mmcblk0p6 | mmcblk0p1 | |
rom | mmcblk0p2 | ||
system | mmcblk0p9 | mmcblk0p5 | mtdblock0 |
If you are looking for a swap partition, there is none. The write activity to a swap partition would considerably shorten the life of the flash memory. Instead, Android uses a different technique that is actually more efficient than swapping. To understand why sdcard0 is not directly mounted, we need to understand more about the FUSE file system.
The FUSE File System
Prior to the Honeycomb version of Android, sdcard0 was mounted like the other partitions, and was formatted as a FAT32 partition. While it made USB tethering to a PC easy for file transfers, it presented a number of problems:- You cannot mount a partition on two devices at the same time, as there is no shared mechanism for file locking. Thus, in versions of Android up through Gingerbread, the phone was suspended so that sdcard0 could be unmounted from the phone, and mounted to the PC, or any other device that supported USB connections.
- The Android device had to separate the data partition, which contained the Android apps, from the sdcard0 partition, which contained user data. This separation made partition sizing an issue, as the developers had to create a balance between the maximum number of applications and the maximum amount of data. A side effect of this was for Android app developers to create directories on the external SD card that did not follow any standard naming conventions, and where never removed when the app was deleted.
- The FAT32 file system is a Microsoft proprietary standard. To avoid licensing issues and patent lawsuits, a new approach was required.
- Files can be shared to other devices, while the Android device remains active. Thus, you have full use of your Android device, while transferring files. For example, you could use your phone as a media player, while talking on the phone, using GPS, or taking pictures. Instead of using USB mounts, files are transferred using MTP (Multimedia Transfer Protocol).
- FUSE allows a single partition for data and user files, as only selected files are shared via FUSE. The Samsung Galaxy S III fully implements this concept, while CM 10 still maintains separate partitions on the B&N Nook Color.
- The data partition can be formatted with any file system, as FUSE hides the original file system. Thus eliminating the need to support FAT32 for the sake of file transfer. The standard is to format the data partition with the EXT4 file system.
- The use of MTP requires a MTP compliant application on your PC. This should not be a problem with Microsoft Windows or MAC, but does present some challenges to a Linux user. In a future article, I will discuss file transfers using MTP.
- There appears to be a 1024 file limit to open files. I need to do some kernel research to find the parameter that sets this limit.
Android Data Encryption
With the move away from FAT32 for user data storage, and the consolidation of user data and application into a single partition, Android can now go beyond simple encryption of files. With the EXT4 file system, Android takes advantage of another Linux feature that allows for encryption of the entire file system. Android encryption uses the dm-crypt layer of the Linux kernel, which only works on block devices. The latter restriction excludes YAFFS as a file system, since it accesses internal storage as a character device, and not a block device.Since the file system is encrypted, the kernel uses the dm virtual device to store the unencrypted version of a file. If you look at /proc/partitions, you may see loopback (loop) and dm virtual file systems. I separate virtual file systems from pseudo file systems in that a virtual file system is the backing store, and does represent a file system in memory. Using a bit of kernel magic, Linux keeps the unencrypted version of a file in a dm file system. The init.rc file divides the files into three classes: core, main, or late-state.
When you encrypt internal storage (only the data partition is encrypted), you must use password protection. The Google Android team chose to use a single password, instead of separate passwords. Ideally there should be an option for separate passwords for maximum security, but one password is not a huge security risk. Immediately after entering the SIM pin, the mobile device prompts you for your encryption password. If you don't know it, the mobile device cannot continue the boot process, as it cannot access the data partition. Since there is no longer a USB mount, even connecting the mobile device to a PC is not going to provide access to encrypted data. Even MTP access will fail, as FUSE requires access to the data partition.
Since external storage typically uses the FAT32 file system, encryption is limited to individual file encryption. Storing sensitive files on an external SD card does represent a security risk.
Managing User Files and Directories
The pre-installed File Manager app provides a limited view of the user viewable file structure. For many user this view is sufficient. However, the Storage Analyser app provides a much more complete view of both internal and external storage. The Storage Analyser app works on both rooted and non-rooted Android devices. Even on non-rooted devices, you have the option to see all mounted partitions, even though you do not have access to partitions such as /data. At least, you get to see how much space those partitions consume.Storage Analyser also shows hidden files and directories, which you do not see in File Manager. A hidden file, or directory, is one that begins with a dot (.). For example, .android_secure is hidden directory. Hidden files are not new, as they are a common convention used in Linux and Unix. To hide any file, or directory, you just need to modify its name to begin with a dot.
No comments:
Post a Comment