Boot process
Hardware initialisation
The host system has to self-initialise in order to get the kernel booted. Many hardware initialisation steps will be later repeated by the kernel to ensure the system is in a predictable state.
- CPU jumps to address of BIOS or UEFI firmware.
BIOS
- Hardware test (CMOS, CPU, video, hard disk, floppies, CD/DVD, keyboard)
- BIOS interrupt call 13H (INT 13H) locates MBRs, located in the first sector of the drive (sector 1, cylinder 0, head 0).
- If located, copied to RAM, control yielded.
UEFI
UEFI boot requires some upfront understanding:
- GPT (GUID Partition Table) format replaces MBR/DOS partitioning.
- EFI variables controlling the boot process are stored in NVRAM.
- EFI system partitions are FAT12, FAT16 or FAT32 partitions labeled with the
efi
GPT flag to allow the firmware to locate them. - UEFI boot manager is a firmware policy engine (boot menu) configured with EFI variables.
- EFI executables define a common executable format for early boot.
An example of EFI variables:
$ efibootmgr -v
BootCurrent: 0002
Timeout: 3 seconds
BootOrder: 0003,0002,0000,0004
Boot0000* CD/DVD Drive BIOS(3,0,00)
Boot0001* Hard Drive HD(2,0,00)
Boot0002* Fedora HD(1,800,61800,6d98f360-cb3e-4727-8fed-5ce0c040365d)File(\EFI\fedora\grubx64.efi)
Boot0003* opensuse HD(1,800,61800,6d98f360-cb3e-4727-8fed-5ce0c040365d)File(\EFI\opensuse\grubx64.efi)
Boot0004* Hard Drive BIOS(2,0,00)P0: ST1500DM003-9YN16G
The process:
- UEFI system firmware:
- Initialises the hardware
- Starts the UEFI boot manager
- UEFI boot manager
- Loads UEFI hardware drivers
- Gets the boot configuration from EFI variables
- Selects boot entry based on menu/
BootOrder
- Reads parent EFI system partition
- Executes appropriate executable:
- Architecture-specific default if given a disk and no path:
\EFI\BOOT\BOOT(x64|IA32|IA64|ARM|AA64).EFI
. - Specified path otherwise.
- Architecture-specific default if given a disk and no path:
Secure Boot adds PKI signature verification to the loading of EFI executables, based on an allow list either hardcoded in the firmware or configurable by the end user.
EFI shim
The EFI shim is a stub loader, signed by Microsoft, designed to work around systems which don't allow configuration of secure boot keys. It validates that the next EFI application it chain-loads is signed by one of a fixed set of keys embedded in the application.
Boot loader
This section assumes use of Grub.
Under BIOS, or UEFI CSM, boot:
stage1
, small enough to fit into the 446 byte footprint of the MBR, searches forstage1.5
between MBR and first partition. It'sstage1.5
is the optional intermediate loader, allowing loadingstage2
where the data is not contiguous or hardware requires special handling. It looks for filesystems containingstage2
(/boot/grub
).stage2
loads kernel, executes it.
Grub can also be booted as a single UEFI application, removing the need for multiple stages.
Kernel initialisation
The Kernel is usually shipped in a compressed format to save space in /boot
.
_start
is the starting point:- Aligns the segment registers.
- Initialises the stack and BSS.
main
- Copies boot parameters into the "zeropage".
- Initialises the console.
init_heap
initialises the heap.check_cpu
validates that the CPU has the required features, checking for long mode if x86_64.detect_memory
maps memory.keyboard_init
initialises the keyboard.set_video
configures the video mode, optionally displaying a menu if thevga
boot option wasn't set, then allocates memory in the heap.go_to_protected_mode
enables protected mode:- Disables non-maskable interrupts.
- Opens the A20 gate.
- Sets up the Interrupt Descriptor Table.
- Initialises Global Descriptor Table.
protected_mode_jump
enables protected mode.
startup_32
- Enters long mode.
- Page table initialisation:
- 1x Page Map Level 4.
- 1x Page Directory Pointer.
- 4x Page Directory tables for a total of 2048 entries.
- Enters
startup_64
decompress_kernel
decompresses the kernel to high memory.
start_kernel
- Performs initialisation only on CPU0.
- Determines CPU performance (jiffies).
- Sets up
/proc
. - Initialises SysV Semaphores, shmem and messages.
check_bugs
works around hardware bugs.rest_init
makes pid 0 the "idle" process.init
:do_basic_setup
:do_initcalls
:prepare_namespace
sets up root filesystem, mounting initial initrd, providing additional hardware/filesystem drivers.
- Launches p.r.comp.os.linux.init (Private), either using the
init=INIT
kernel command line parameter,/sbin/init
,/etc/init
or/bin/init
.
Init system
This section assumes use of systemd.
- Reaches
sysinit.target
- Mounts filesystems in
/etc/fstab
. - Configures swap.
cryptsetup
s dm-crypt devices.- Starts low-level device services.
- Enables VFS mounts.
- Mounts filesystems in
- Reaches
basic.target
(orrescue.target
).sockets.target
paths.target
timers.target
- Reaches
multi-user.target
:getty.service
sshd.service
Children
Backlinks