1. When you turn on your PC, the processor does not really have anything to execute or even know where to look for it. To ensure that the PC will always boot regardless of BIOS, bot chip and BIOS manufractures developed their code so that the processor, once turned on, always starts executing at the same place, FFFF0h. This magical address is called "reset vector"
(NOTE: Similarly, every hard disk must have a consistent "starting point" where the key information is stored about the disk, such as number of partitions and their types. There also must be someplace where the BIOS can load the initial boot program that starts the process of loading the OS and this place is called Master Boot Record - MBR, also referred to as Master Boot Sector - MBS or even just Boot Sector - BS)
2. MBR is always located at cylinder 0, head 0 and sector 1, the first sector on the disk (512 bytes). When a computer starts and the BIOS boots the machine, it will always look at this first sector for instructions and information on how to proceed with the boot process and load the OS.
3. MBR contains following structures
- Master Partition Table (MPT): Small bit of code that is referred to as a table contains a complete description of the partitions that are contained on the HDD. (Alas!!.. when the developers designed the size of this MPT, they left juz enuf room for description of 4 partitions, and hence the four partition [four physical partitions] limit. Any additional partions must be logical partitions that are linked to (or are part of) one of the primary partitions.) One of these partitions is marked as active, indicating that it is the one that the computer should used to continue the boot process
- Master Boot Code (MBC): MBC is a small bit of computer code that the BIOS loads and executes to start the boot process. This code, when fully executed transfers control to boot program stored in boot (active) partition to load the operating system (NOTE: MBC is the first program executed when you turn on your PC, and is often the target of a virus)
4. BIOS however, does not care about any of this: it simply loads the contents of the MBR into memory location 0x7c00 and jumps to that location to start executing whatever code is in the MBR.
Traditionally, Microsoft MBR code takes a look at the partition table, finds the (only) partition marked as active, loads the boot sector for that partition, and runs that code. This boot sector is the first sector of a partition, as opposed to the first sector for the whole disk. If something is wrong with the partition table, you would get messages like "Invalid Partition Table" or "Missing Operating System". This message does not come from BIOS but rather from MBR code loaded from disk.
Linux boot loaders LiLo and GRUB (GRand Uniform Boot) loader can handle a wide variety of OSs, file systems and boot configurations. Their MBR code does not necessarily follow the "boot the active partition" approach described above. But functionally the process goes like this:
1. MBR itself contains the first stage of boot loader. GRUB calls this stage 1.
2. Due to its tiny size, the code in MBR does just enuf to load another sector from disk that contains additional bootstrap code. This sector might be the boot sector for a partition, but could also be a sector that was hard-coded into the MBR code when the MBR was installed.
3. MBR code plus code loaded in step 2, then read a file containing the second stage of the boot loader. In GRUB, this is GRUB Stage 2, and in Windows Server, this is C:\NTLDR. If step 2 fails in windows, you 'd get message like "NTLDR is missing". This stage 2 code then reads a boot configuration file (eg., grub.conf in GRUB, boot.ini in windows). It then presents boot choices to the user or simply goes ahead in a single-boot system.
4. At this point, the boot loader code needs to fire up a kernel. It must know enuf about file systems to read the kernel from the boot partition. In Linux, this means reading a file like "vmlinuz-2.6.22-14-server" containing the kernel, loading the file into memory and jumping to the kernel bootstrap code. In Windows Server 2003, some of the kernel start-up code is separte from the kernel image itself and is actually embedded into NTLDR. After performing several initializations, NTLDR loads the kernel image from file C:\Windows\System32\ntoskrnl.exe, just as GRUB does, jumps to kernel entry point.
No comments:
Post a Comment