COMP075-OS2

COMP075 OS2

• My name: Professor Baker

• Email: charles.baker@flemingcollege.ca

• Or: cmb-ssfc@fivefortyfour.com

• Course web page: http://fleming0.flemingc.on.ca/~chbaker/comp075

• Lecture notes and lab assignments will be posted on the course web page

• Students are expected to follow the lab report guidelines posted here: http://fleming0.flemingc.on.ca/~chbaker/LabReports.doc

Course Outline

• Assessments

– Two written test @ 10% 20%• Weeks 7 and 15

– Two lab tests @ 10% 20%• Weeks 7 and 15

– Ten labs at 5% 50%

– Professionalism and comprehension

10%

Course Content

• More operating system concepts, following on OS1

• Windows and linux platforms, emphasis on linux

• Focus on command line utilities

• Scripting with bash and power shell

Boot Process

Booting

• Booting is the process that loads an operating system into memory and activates it

• Every device that has an OS has a boot process

– Servers, laptops, phones, tablets, routers, appliances

• Some are very simple and rigid, others are complex and flexible – even scriptable

• All seem like they start from nothing

Boot Strap

• The term “Booting” derives from an old admonition to “Pull yourself up by your boot straps”

• Physically impossible, but illustrates the virtue of self reliance

• Programs can't load themselves, because they would have to be loaded to do that

• So how do we get started?

Pre-Boot Loader Days

• In the days before boot loaders, switches on the front of computers allowed programmers to load binary values at arbitrary selected memory locations

• In this tedious manner software could be manually loaded and then run via a run button

• This was flexible, but error prone and tedious

• More desirable to have the computer do this using a boot loader program

The Boot Loader Problem

• The fundamental problem of using boot loader software to load the OS is that the boot loader itself has to get loaded

• Typically this is accomplished by pre-loading the bootloader into some kind of non-volatile memory

• This non-volatile memory may be executable, like the ROM BIOS in IBM PC computers

• Or may be something that can be transferred to main memory using simple circuitry

Examples• Atari computers ran the OS from ROM

– ROM is slower than RAM, so not a good option for modern OS

– But embedded devices do this to avoid boot delay

• IBM PC has BIOS in ROM. BIOS can load OS to RAM from other sources

• Some early mainframes copied drum based OS to RAM using hard wired circuitry

• PDP11 booted from a matrix of diodes. They were all 1's when shipped but could be programed by cutting off diodes for zeroes

Examples

• PDP8 used front panel switches to program the boot loader

– Very simple loader obviously

Boot Loader Functions• Basic function is to load an OS and start it

• Most also perform a hardware test to ensure that the system is functioning properly

– Power On Self Test or POST

– Usually involves memory test

• Some load a secondary loader

– It may be larger and more sophisticated

– Able to offer boot options to users such as multi-boot

– Results in multi-stage boot process

• Boot loader may load another primary boot loader

– Chain loading

Current Era, Cisco IOS

• Cisco IOS boot loader is called ROMmon

– ROM monitor • Remember early OS were sometimes called

monitors

• When powered on runs POST, looks for OS in Flash, ROM or network, then looks for config in NVRAM

Booting IOS

Booting Apple iOS

• Multi-stage boot process

• Starts with small loader in ROM (BootROM)

– Subsequent stages loaded from flash

• Boot ROM verifies RSA signature of first level boot loader LLB, and loads it

• LLB verifies RSA signature of second level boot loader iBoot, and loads it

• iBoot verifies signature of kernel and NAND flash memory and loads them

iOS Boot Modes

• Normal mode is used if no problems are encountered during boot

• Recovery mode is invoked if problems occur

• DFU (device firmware update) mode can be invoked by holding certain buttons during boot process

• Used for obvious purpose but also to jailbreak the phone

• And for forensic analysis

Apple iOS Boot ModesNormal Boot Sequence

DFU Boot Sequence

IBM PC Boot History

• IBM PC introduced in August 1981

• Basically the same boot process was retained until very recently

• Newer PCs follow the UEFI specification

– But that can emulate the original BIOS based process

• BIOS based process has many limitations because of the antiquity of the design

• But it survived a long time because of flexibility that allowed limitations to be mitigated

PC BIOS Boot Sequence

• On power up control transfers to the ROM BIOS

• BIOS conducts POST then looks for source of operating system

• BIOS includes portions of the OS that conduct basic IO, so it is capable of looking at devices to locate one that is bootable

• These instructions run in limited memory and with limited instruction set

– As if on the original PC hardware

Bootable Devices

• System setup stores a boot sequence in BIOS

– ie CD, USB, Hard drive

• First bootable device from sequence is attempted

– Readable and with AA55h at end of first sector

• If none found control returns to BIOS

• BIOS may then attempt network boot or ROM BASIC

– Original IBM PC with no disk drives could boot into a basic interpreter on ROM

Booting from Bootable Disk

• First sector on disk called Master Boot Record

• MBR contains OS independent boot code and partition table

• Conventionally looks for partition marked “active”, loads its first sector (VBR)

• VBR may be OS specific

• Windows VBR knows about file systems and can locate next stage loader in file system

• Linux systems put GRUB stage 1 in MBR

File System Based Booting

• The GNU GRUB boot loader stores stage 1.5 in unused sectors between MBR and first partition

– First partition starts in sector 63

• This allows it to access file systems for configuration, menus, kernel images etc

• Space available in MBR is quite limited because of partition table and other things so code contained there must be very simple

• Conventional MBR loads VBR which can be more complex because space is less limited

Booting without File System Access

• Problem then is how do you find the next boot stage, configuration files, or kernel

• Early windows loaders required stage 2 to be at fixed location in partition and kernel files to be in first two directory entries

– SYS command put them there

• Before GRUB the LILO boot loader had a similar problem

• LILO had an install command that stored the address of the kernel in the MBR or VBR

Booting Windows

• As is usual with windows, the sequence varies depending on the windows version

• All versions install a conventional OS independent loader in the MBR, which chains to an OS dependent loader in the VBR

• The VBR loader has a minimal FS implementation for FAT and NTFS to allow the next stage loaders to be located

Booting XP

• Also applies to NT, S2000, and S2003

• MBR has been loaded and causes VBR to be loaded and run.

• VBR locates ntldr and gives it control.

• Ntldr:

– Changes to 32 bit mode

– Looks for boot.ini in the root of the filesystem

– May contain info for multi-boot menu

– Runs ntdetect.com to detect hardware and profiles

Booting XP (cont.)

• ntldr:

– Loads hardware abstraction layer (hal.dll and halx.dll)

– Also reads HKEY_LOCAL_ MACHINE\SYSTEM registry file and others

– Finally loads ntoskrnl.exe (the kernel)

– Kernel creates HKEY_LOCAL_MACHINE\HARDWARE registry key based on info from ntldr

– At this point system is ready to start services and allow logon

Booting Vista (etc.)

• Applies to 7, 8, S2008 and S2012

• As usual BIOS has loaded MBR and it has located and started VBR

• VBR starts bootmngr

• Bootmngr loads BCD (boot configuration database) from /boot in active partition

– BCD is a registry file that gets loaded into HKEY_LOCAL_MACHINE\HARDWARE

• BCD may call for multi-boot in which case a menu is displayed

Booting Vista (etc.)

• Once OS is selected, VBR for its partition may get loaded or ntldr for older MS OS

• When ready, winload.exe is invoked to load the actual OS kernel ntoskrnl.exe and device drivers

• Or winresume.exe

• For windows versions capable of using bitlocker drive encryption the active partition is an unencrypted hidden system partition

– Bootmnger and BCD are loaded from this partition, so decryption can be set up for the encrypted windows partition

GNU GRUB

• Grand Unified Boot Loader

• Linux and Solaris on x86

• Free and open source

• Includes a command line shell used to install grub from a running system

– Commands to identify partitions and assist with installation of GRUB

– Has search function to find partition containing kernel

• Multi-stage boot process

GRUB Stages

• Stage 1 is installed on the MBR (or a VBR)

• Stage 1.5 occupies the remaining unused sectors before the start of partition zero

– First partition starts on sector 63

• Stage 1.5 has file system code so that configuration and next boot stages can be obtained from a file system on any of the disk's partitions (/boot/grub directory)

• Stage 2 presents a menu based on configuration file to allow user to select OS to boot

GRUB Actions

• Normally user selection boots a linux kernel with parameters from the GRUB configuration

• User can override these options at run time – for example to start in run level 1

• Or user can access a GRUB command prompt

• To boot a Windows system GRUB passes control to the VBR from the windows partition

– Windows loader then takes over the boot process

Linux Startup

• Windows had multi-stage loaders from the VBR, BCD files and other devices to mitigate the bootstrap problems in getting an OS started:

– The OS has to have drivers to access disks and filesystems, but the drivers are in the filesystems on the disk

• Linux kernels have statically compiled drivers for accessing a RAM disk

• When linux is installed a custom ram disk image called initrd is created with the drivers needed to access the installed hardware and filesystems

• Linux kernel mounts this image as root (/), loads the needed drivers from it and uses them to mount the real root filesystem

References

• http://www.mossywell.com/boot-sequence/

• http://sysadmin-e.com/bitlocker-win7

• http://technet.microsoft.com/en-us/library/cc721886%28v=ws.10%29.aspx

• http://social.technet.microsoft.com/wiki/contents/articles/11341.the-windows-7-boot-process-sbsl.aspx

• http://technet.microsoft.com/en-us/library/bb457123.aspx

• http://en.wikipedia.org/wiki/GNU_GRUB

• http://download.intel.com/support/motherboards/desktop/sb/specscdrom.pdf

• http://www.syslinux.org/wiki/index.php/The_Syslinux_Project

• http://msdn.microsoft.com/en-us/library/ms932879%28v=WinEmbedded.5%29.aspx

• http://www.debian-administration.org/articles/478

• http://technet.microsoft.com/en-us/library/cc739412%28WS.10%29.aspx#w2k3tr_basic_how_fgkm

• http://www.uefi.org/specifications

• http://www.rodsbooks.com/efi-bootloaders/secureboot.html

• http://technet.microsoft.com/en-us/library/hh824987.aspx