x86 Bootloaders | Background

x86 Bootloaders | Background

It seems like magic that every time you press the power button on your computer, that everything just loads and works perfectly every time (well mostly every time). But what is actually happening under the hood that allows your computer to boot up into your operating system? I certainly do not pretend to know all the details, but I will describe what I do know at a high level and hopefully after reading this, the boot process will seem less magical and more of a logical step-by-step process.

The first thing that you do when you want to turn on a computer is press the power button. This button is a switch and when it’s pressed, it completes a circuit and a signal is sent down the wire that is connected to the button and eventually winds up at the PSU (Power Supply Unit). The PSU reacts to this electrical signal by generating enough power to run the computer. It usually takes a small amount of time before the power output is stable and then the PSU signals the BIOS on the motherboard that the power is stable and that it can begin POST (Power-On Self-Test). The POST tests the hardware on the motherboard and makes sure there are no errors, and then it loads the BIOS (Basic Input Output System) from ROM (Read Only Memory) to RAM (Random Access Memory) at a high location.

When the BIOS is loaded, it does some of its own tests and then sets up the IVT (Interrupt Vector Table) at the very beginning of the RAM. Then the BIOS searches for a bootable device, it does this by by calling interrupt Ox19. This interrupt will go through a list of devices that it can boot from and looks at the last 2 bytes in the 1st sector of a device. If the last 2 bytes in the 1st sector are OxAA55, then that 1st sector (512 bytes) of that device is loaded into RAM at the location Ox7COO. Then the BIOS jumps to that location and the bootloader that was just transferred to RAM is in charge of bringing up the system. However, since this is very hard to do in just 512 bytes, there is usually a second stage bootloader that is loaded into RAM from the filesystem. The 1st stage bootloader does this by calling BIOS interrupts to load parts of the filesystem (usually the metadata) from the disk into RAM. It uses this information to find where the 2nd stage bootloader file is located on disk and then loads that file into RAM. The 1st stage bootloader is now done and jumps to the 2nd stage bootloader code. The 2nd stage bootloader will first have to transfer from REAL mode to PROTECTED mode. When the CPU first starts, it is in REAL mode which means it is in 16 bit mode. This happens for backward compatibility reasons. However, REAL mode is very limiting and in order to gain more power, you need to switch to PROTECTED 32 bit mode. The only downside to switching to PROTECTED mode is that you lose the BIOS interrupts. There are ways around this however by going into UNREAL mode or V86 mode (I will go into more detail about these modes later when they come up in future articles). So, finally after the 2nd stage bootloader has switched to PROTECTED mode, it then parses the file system data structures again to find the kernel file, and then it loads the kernel file into RAM and jumps to that location in RAM where it was loaded.

Below, is a great high level diagram that shows the boot process for *UNIX machines that I found online.


Hopefully this has helped a little to better understand what happens when you turn your computer on. As I learn more detail about this process I will be updating this page, so hopefully it will become more detailed as time goes on.

Comments are closed.