Boot process

Hardware initialisation

The host system has to self-initialise in order to get the kernel booted. Many hardware initialisation steps will be later repeated by the kernel to ensure the system is in a predictable state.

  • CPU jumps to address of BIOS or UEFI firmware.


  • Hardware test (CMOS, CPU, video, hard disk, floppies, CD/DVD, keyboard)
  • BIOS interrupt call 13H (INT 13H) locates MBRs, located in the first sector of the drive (sector 1, cylinder 0, head 0).
  • If located, copied to RAM, control yielded.


UEFI boot requires some upfront understanding:

  • GPT (GUID Partition Table) format replaces MBR/DOS partitioning.
  • EFI variables controlling the boot process are stored in NVRAM.
  • EFI system partitions are FAT12, FAT16 or FAT32 partitions labeled with the efi GPT flag to allow the firmware to locate them.
  • UEFI boot manager is a firmware policy engine (boot menu) configured with EFI variables.
  • EFI executables define a common executable format for early boot.

An example of EFI variables:

$ efibootmgr -v
BootCurrent: 0002
Timeout: 3 seconds
BootOrder: 0003,0002,0000,0004
Boot0000* CD/DVD Drive  BIOS(3,0,00)
Boot0001* Hard Drive    HD(2,0,00)
Boot0002* Fedora        HD(1,800,61800,6d98f360-cb3e-4727-8fed-5ce0c040365d)File(\EFI\fedora\grubx64.efi)
Boot0003* opensuse      HD(1,800,61800,6d98f360-cb3e-4727-8fed-5ce0c040365d)File(\EFI\opensuse\grubx64.efi)
Boot0004* Hard Drive    BIOS(2,0,00)P0: ST1500DM003-9YN16G

The process:

  • UEFI system firmware:
    • Initialises the hardware
    • Starts the UEFI boot manager
  • UEFI boot manager
    • Loads UEFI hardware drivers
    • Gets the boot configuration from EFI variables
    • Selects boot entry based on menu/BootOrder
    • Reads parent EFI system partition
    • Executes appropriate executable:
      • Architecture-specific default if given a disk and no path: \EFI\BOOT\BOOT(x64|IA32|IA64|ARM|AA64).EFI.
      • Specified path otherwise.

Secure Boot adds PKI signature verification to the loading of EFI executables, based on an allow list either hardcoded in the firmware or configurable by the end user.

EFI shim

The EFI shim is a stub loader, signed by Microsoft, designed to work around systems which don't allow configuration of secure boot keys. It validates that the next EFI application it chain-loads is signed by one of a fixed set of keys embedded in the application.

Boot loader

This section assumes use of Grub.

Under BIOS, or UEFI CSM, boot:

  • stage1, small enough to fit into the 446 byte footprint of the MBR, searches for stage1.5 between MBR and first partition. It's
  • stage1.5 is the optional intermediate loader, allowing loading stage2 where the data is not contiguous or hardware requires special handling. It looks for filesystems containing stage2 (/boot/grub).
  • stage2 loads kernel, executes it.

Grub can also be booted as a single UEFI application, removing the need for multiple stages.

Kernel initialisation

The Kernel is usually shipped in a compressed format to save space in /boot.

  • _start is the starting point:
  • main
    • Copies boot parameters into the "zeropage".
    • Initialises the console.
    • init_heap initialises the heap.
    • check_cpu validates that the CPU has the required features, checking for long mode if x86_64.
    • detect_memory maps memory.
    • keyboard_init initialises the keyboard.
    • set_video configures the video mode, optionally displaying a menu if the vga boot option wasn't set, then allocates memory in the heap.
    • go_to_protected_mode enables protected mode:
      • Disables non-maskable interrupts.
      • Opens the A20 gate.
      • Sets up the Interrupt Descriptor Table.
      • Initialises Global Descriptor Table.
      • protected_mode_jump enables protected mode.
  • startup_32
    • Enters long mode.
    • Page table initialisation:
      • 1x Page Map Level 4.
      • 1x Page Directory Pointer.
      • 4x Page Directory tables for a total of 2048 entries.
    • Enters startup_64
      • decompress_kernel decompresses the kernel to high memory.
    • start_kernel
      • Performs initialisation only on CPU0.
      • Determines CPU performance (jiffies).
      • Sets up /proc.
      • Initialises SysV Semaphores, shmem and messages.
      • check_bugs works around hardware bugs.
      • rest_init makes pid 0 the "idle" process.
      • init:
        • do_basic_setup:
          • do_initcalls:
          • prepare_namespace sets up root filesystem, mounting initial initrd, providing additional hardware/filesystem drivers.
        • Launches p.r.comp.os.linux.init (Private), either using the init=INIT kernel command line parameter, /sbin/init, /etc/init or /bin/init.

Init system

This section assumes use of systemd.

  • Reaches
    • Mounts filesystems in /etc/fstab.
    • Configures swap.
    • cryptsetups dm-crypt devices.
    • Starts low-level device services.
    • Enables VFS mounts.
  • Reaches (or
  • Reaches
    • getty.service
    • sshd.service

  1. Grub