AOSP Insider
AOSP Foundations
2 min read

The recovery Partition

Understand the dedicated failsafe environment used for factory resets, OTA updates, and emergency rescue.

Android devices are remarkably resilient. If a rogue system update corrupts the main operating system, the device needs a highly reliable fallback environment to rescue itself. This environment is known as Recovery, and it resides either in its own dedicated partition or hidden securely within the boot ramdisk.

What is Recovery?

Recovery is a standalone, miniature operating system. It consists of a customized Linux kernel and a highly stripped-down user space. It has no Java virtual machine, no graphics compositor (SurfaceFlinger), and no complex audio drivers.

Its sole purpose is to run a simple, robust C++ program (the recovery UI) that allows the user or the system to:

  • Perform a secure cryptographic wipe of the /data partition (Factory Reset).
  • Read an Over-The-Air (OTA) update .zip file from the cache, verify its digital signature, and write the new OS directly to the system partitions.
// A simplified view of the C++ Recovery logic (bootable/recovery/recovery.cpp)
if (should_wipe_data) {
    WipeData(device);
} else if (update_package != nullptr) {
    InstallPackage(update_package, &should_wipe_cache, true);
}

Dedicated Partition vs. Recovery-as-Ramdisk

How recovery is stored on the physical flash memory depends entirely on whether the device supports modern A/B Seamless Updates.

Non-A/B Devices (Dedicated Partition)

On older devices (or low-end devices where manufacturers opted out of A/B updates to save storage space), there is a physical partition explicitly named recovery.

  • It contains recovery.img, which is a complete package holding both the recovery kernel and the recovery ramdisk.
  • When you select "Reboot to Recovery" in the bootloader, the device physically boots from this partition instead of the boot partition.

A/B Devices (Recovery-as-Ramdisk)

On modern A/B devices, the physical recovery partition was completely eliminated.

  • Instead of a dedicated partition, the recovery environment is compiled as a secondary ramdisk and placed directly inside the main boot partition alongside the normal OS ramdisk.
  • When the bootloader is instructed to enter recovery mode, it loads the main kernel but tells it to mount the recovery ramdisk instead of the normal Android ramdisk.
# Triggering recovery mode from a live Android session
adb reboot recovery

This architectural shift saved hundreds of megabytes of physical flash storage, allowing that valuable space to be reallocated directly to the user.

Previous Lesson
vendor_boot Partition
Next Lesson
system, vendor, product, odm Partitions