Boot Process

Lately lot of people have been asking about how a system boots at reall…llly low levels, I have no idea why the sudden interest in this topic. May be it's just that I read about the subject few weeks back, and it's me who is unintentionally :) prodding them to ask this question. Whatever is the reason here is my two cents’ worth on this topic.

We will talk about boot process of x86 system running Linux/Windows, though booting sequence in most of the architectures is more or less similar.

Steps to Boot a machine.

- Well as soon as machine is powered on BIOS code is copied from EPROM onto system memory, CPU looks for BIOS code at the end of system memory and executes it.

- POST (Power On Self Test) is run, initiated by the CPU and BIOS.

- BIOS looks for all the valid devices it can use to boot, it uses the boot configuration data to decide which device to check first for bootable code. A device is 'bootable' if it carries a boot sector with the byte sequence 0x55, 0xAA in bytes 511 and 512 respectively (The boot sector is generally of 512 bytes in size, this limitation is mostly not imposed by the hardware, this gives rise to some interesting possibilities to misuse the system, maybe more on it some other time). When BIOS finds such a boot sector, its code is loaded into memory at a specific location; this code is called boot loader. Execution will then transfer to this freshly loaded code.

The boot sector could be MBR i.e. Master Boot Record (for partitioned discs) or VBR i.e. Volume Boot Record (for floppy’s, CD’s or non-partitioned hard drives). For details check out wiki: MBR

Up to this point boot sequence is not dependent on the operating system, the next steps are dependent on OS and the file system.

Linux (Red Hat)

Under Red Hat Linux we have two kinds of boot loaders, GRUB and LILO. GRUB is the more advanced of the two; the major advantage of GRUB is that it can access both ext2 and ext3 file systems and it can load its own configuration file (grub.conf) at boot time.

Both the boot loaders are written in two stages the primary purpose of the first stage boot loader is two locate the more complex second stage boot loader and load part of it in the memory. The second stage loader is responsible for GUI display and mouse/keyboard control that allows the user to choose from multiple options or give commands to the loader/kernel.

Once the user decides to boot the boot loader places the corresponding RAM disk image (initrd) into memory. This is used by kernel to load required drivers. As soon as the kernel and initrd are placed in memory, loader passes the control to the kernel.

Happy booting :)

Windows NT/XP

We are talking about booting from MBR in this case as you would generally boot Windows in this setting. As mentioned earlier we are talking about boot loaders here (pay some attention!). The first three bytes of FAT loader (Win 9x) would contain a jump instruction that will skip the non-executable portion of the code and take the control to next executable block. In between are OEM ID and BPB (BIOS block parameter). These contain values for different parameters at fixed offsets (like file system type, number of cylinders and all that crap). You can read all about this on Microsoft’s support site.

Now the first stage of boot loader locates and loads NTLDR file. NTLDR, for us does the job of second stage boot loader. It reads the boot.ini file (should be at c:\ root) and presents the user with boot options as mentioned in the boot.ini file. Once selected, appropriate kernel image is loaded into memory and Vola!! We have a running system.

The purpose of ‘my two cents’ is to give a brief idea on this subject, please look up relevant resources (read Google) for details.

Comments

viagra said…
Hi, well be sensible, well-all described

Popular posts from this blog

Those Bastards - Delhi Bomb blast

Bygone days !!

If I were laid (off) :)