2.

Booting and Program

Execution
Privileged Mode
 Instruction Set divided partitioned as per
privilege level (protection rings); a process
can execute an instruction provided its
• User
Ring 3 • mode
Devic
priority/privilege level allows it
e  x86 architecture supports four protection
Ring 2 • driver
Devic
s
e
levels or rings
Ring 1 driver  Innermost ring or Ring 0 (Highest priority) -
•sKernel
Ring 0 mode all instructions can be executed; also
called kernel mode
 Outermost ring or Ring 3 (least priority) –
only some instructions can be executed;
also called user mode
 Most OS use only two levels – kernel mode
(supervisor / privileged mode) and user
Malaviya National Institute of Technology Jaipur
 QUIZ 2
 Minimum number of address bits required for 2GB RAM
 How many hexadecimal digits in a 32-bit address?
 If CPU is shared between 10 processes and switches to
another process after 0.5 ms in a round robin manner,
each process has to wait for how much time between
consecutive runs?
 Interface provided by OS to allow a user process to
access hardware device is called ….
 Interrupts are generated by CPU or I/O devices?
 Where are Interrupt service routines loaded?
 Firmware
 Software that is stored in a ROM (Read only memory)
 Semiconductor memory
 ROM (Read only memory) CMoS based for faster switching
 RWM (Read Write Memory)
 Both are RAM (Random Access Memory) as time to access
any memory location is same irrespective of the address.
 CPU can only read from main memory (ROM +RAM)
 Why Firmware?
 Any instruction can be executed provided
 It is stored in main memory
 PC is loaded with the address where it is stored
 A program can be executed only if
 It is brought to main memory
 PC (Program Counter) is set to address of the first
instruction of this program
 Main memory is volatile
 contents lost when system’s power is switched off
 So how to execute OS when system is switched ON
 Booting
 Loading OS when system is switched ON is called
booting.
 OS is stored on hard disk as it is non-volatile
 Needs to be copied from hard disk to main memory
 Solution is firmware stored in ROM
 When power is switched ON, the system is
programmed to execute an instruction stored in
ROM
 BIOS, the program in ROM, is executed first
 Booting Details
 OS is stored in non-volatile memory - hard disk or removable media
(USB) [or even network drive]
 On start-up PC is set to an address in ROM where BIOS (basic input
output system) is stored.
 BIOS runs POST (power on self test) to
 check if all peripheral devices [keyboard/mouse] are connected
 identify bad locations in RAM [by writing a value into a location, reading it back
and check if there is any change]
 BIOS then loads MBR (Master Boot Record), that contains a small boot
program and partition table
 MBR program loads VBR (Volume Boot Record) from selected bootable
partition
 VBR loads OS kernel
PC set to address of
BIOS in ROM. On DMA
start up,, CPU begins BIOS
to execute BIOS. ROM

PC

CPU MBR
RAM
(RWM) VBR

VBR
 BIOS runs POST i.e.
checks peripheral DMA
BIOS devices and memory
ROM locations.

PC

CPU MBR
RAM
(RWM) VBR

VBR
 Copies MBR into
RAM.
Transfer control to DMA
BIOS
ROM first instruction in
MBR
PC
MBR
CPU MBR
RAM
(RWM) VBR

VBR
 MBR code executes,
reads partition table
entries to identify
bootable partitions. DMA
BIOS
ROM If more than one,
presents menu for
user to select.
PC
MBR
CPU MBR
RAM
(RWM) VBR

VBR
 Loads VBR of
selected bootable
partition.
Transfers control to DMA
BIOS
ROM VBR.

PC
MBR
CPU MBR
RAM
(RWM) VBR

VBR
VBR
 VBR loads OS
kernel.
Kernel sets up
privilege mode, DMA
BIOS
ROM sets up device
drivers and other
initialization
PC Launches init
process which
CPU
MBR spawns into MBR
RAM other processes.
(RWM) Booting
VBR
complete.

VBR
VBR
 Master Boot Record
 Consists of code and partition table
 Partition table is a data structure that keeps information
on disk partitions
 Size of partition
 Type of partition: bootable or not
 Start and end of partition
 MBR code reads partition table & executes bootstrap
 displays bootable partitions for selection by user
 Loads boot record from selected partition and transfers
control to it
 • Checks integrity of I/O devices and RAM
BI • Loads Master Boot Record (MBR) from Hard disk and transfers control to
O bootstrap program
S
• Stores partition table; each partition <Bootable, type of OS, start and end
M of partition>
• Runs GRUB to let user select requisite OS
BR
G
R • Executes kernel
U
B
Ke • Starts init process
rn
el
• Spawns other processes
Ini
t
 Quiz 3
 LILO is abbreviation for
 In terms of disk sectors, size of a MBR is
 System starts in real mode or protected mode?

 In context of BIOS, UEFI stands for ____?

 Master Boot
Record
• Code to load boot Interrup
BIOS
program from one of t
bootable partitions Handler
s MB
• Partition table R
• 1st instruction: JMP VB
R

JMP Code VB
R
Type Size Star End
t

Type Size Star End

t
Code
Malaviya National Institute of Technology Jaipur
 Linux Boot Loaders
 Popular choice: GRUB (GRand Unified Bootloader)
which has replaced LILO (LInux LOader)
 LILO
 stores information about kernel or other operating system on
the Master Boot Record (MBR).
 Accepts one command with arguments
 Needs to be overwritten when another OS is added
 Misconfigured LILO can make system unbootable
 Not aware of disk geometry; any change in disk (especially
disk geometry of CHS translation) can affect LILO adversely.
 Porting to new systems a challenge.
 GRUB
 GRUB is more flexible,
 Accepts many commands.
 Understands drive geometry and filesystems.
 Booting not disabled by new OS and changing disk drives
 Fixing misconfigurations easy as GRUB defaults to its command
line interface where the user can boot the system manually
 Support in form of website, manual and FAQ
 Stores its data in no-man’s land
 Multi-staged: Stage 1 is generally stored in MBR, this
invokes stage 1.5 and then stage 2.0
 UEFI
Unified Extensible Firmware Interface
 UEFI
 Limitation of BIOS:
 16-bit addressing system
 could handle only four partitions and each partition could only
be 2 TB (2 x 2^20)
 UEFI: 64 bit addressing
 can handle 128 partitions; each of size Securing boot
process 18 EB (18 x 2^60)
 Supports secure boot
 Malicious booting can ensure that a malware remains
undetected by OS and AntiVirus products (installed on top of
OS)
 UEFI
 Data tables: platform-related information
 Boot and runtime services for OS loader and OS
 Partition and file system that can be shared safely between different vendors
 Set of interfaces and structures to facilitate communication between OS and
platform firmware to support OS boot process.
 UEFI Driver Model designed to access boot devices (including hardware
buses, controllers) in the preboot environment. Not a replacement for high-
performance, OS-specific drivers.
 The UEFI Driver Model is designed to support the execution of modular
pieces of code, also known as drivers, that run in the preboot environment.
These drivers may manage or control hardware buses and devices on the
platform, or they may provide some software-derived, platform-specific
service.
 UEFI Specification
 UEFI Core specification: defines the basic
architecture
 UEFI Boot Services: defines the services that UEFI
provides to the OS loader.
 UEFI Runtime Services: defines the services that
UEFI provides to the OS after it has booted.
 UEFI Shell: commands that can be used via a
command-line shell to interact with UEF
 Boot Manager Load drivers and applications
EFI EFI System Table (drivers etc.), GUID-based partitioning scheme.
Block Table A layout and set of rules for power-fail atomic write block I/O
Boot Services Definitions of fundamental services before an OS is booted.
Protocols for Device Path, Console Support, Media Access (File and File
Runtime Services systems), PCI/SCSI/USB support, debugger support, ACPI, Compression, String
Services (Unicode, regular expressions), :
EFI Byte Code virtual processor and its instruction set. EBC object files format,
EFI VM
loading and transitioning between native code to EBC code.
Firmware management through SNP/PXE/BIS/HTTP Boot protocols, Managed
Firmware Update Network protocols (ARP/DHCP/DNS/HTTP/REST/UDP) , Wi-Fi/Bluetooth
protocols, TCP/IP/FTP communication protocols

Secure Boot; Driver Signing Describes Secure Boot and a means of generating a digital signature for UEFI.

User Identity Describes services that describe the current user of the platform.
Secure Tech. Cryptographic hashing and key management.
Timestamp protocol, GUID and time formats, Status code and error handling,
Miscellaneous Protocols
etc.
 UEFI Boot Services
 This includes tasks such as finding and loading the
boot loader, initializing hardware devices, and
passing control to the operating system.
 The Boot Services also provide access to hardware
devices. This allows the operating system to
interact with the computer's hardware, such as the
hard drive, memory, and network card.
 UEFI Boot Services
 Boot services Manage the boot process, load the operating
system, and provide access to hardware devices.
 Runtime services Provide services such as date, time and
NVRAM (Non-volatile BIOS memory) access.
 Secure Boot Help to prevent malware from loading when the
computer boots up.
 Driver support: Support for a wide range of drivers.
 File system support:Support for a wide range of file systems.
 Networking support: Support for networking.
 Graphical user interface (GUI): Provide a GUI for configuring
the boot process.
 UEFI: Secure Booting
 UEFI provides an optional “Secure Boot”.
 This option can be enabled through UEFI firmware setup – this
requires user to create a password for Secure Boot database. This
database stores keys for the OS loaders that user wants to allow.
 Working of Secure Boot
• The UEFI firmware stores a list of trusted keys in the Secure Boot database.
• At time of booting, the UEFI firmware verifies the signature of the OS loader
against this list.
• Booting is allowed only if the signature is valid.
• Password for Secure Boot Database is to ensure only the authorized
user can modify it.
 BIOS/UEFI vendor can add keys.
Partition Table
• GUID partition table most common
now-a-days
• GUID: Globally Unique Identifiers
• LBA: Logical Block Addressing (CHS –
Cylinder/Head/Sector) was old
• GPT Header: Header identifier, CRC,
LBA of backup, # partitions, CRC
partition, First-Last LBA of primary
partition table, LBA of partition
entry, disk GUID
• Partition Entry: First LBA (little
endian), attributes, GUID
Thank You
Program Execution Environment