Initial Bootloader Introduction

Home , Booting, Bootloader, Boot sector, Disk partitioning, Master boot record, Partition type

Initial Bootloader

Introduction

On power-up, when a computer is turned on, the following operations are performed:

1. The computer performs a power on self test (POST) to ensure that it meets the necessary requirements and that the hardware is functioning properly.

2. A program located in the ROM BIOS, called the bootstrap loader, is executed.

3. When the bootstrap loader starts it searches for a boot sector and passes control to the boot sector's code area.

A boot sector is the first sector of a disk and has a small program in its code area, known as the initial bootstrap program, that can load an operating system. The hardware can recognise a boot sector by hexadecimal signature number AA55 which marks the last two bytes of the sector.

The bootstrap loader searches for boot sectors on a number of storage devices, including:

● floppy drives ● CD-ROM drives ● hard drives ● flash drives

In almost all computers, the BIOS can be configured to change the order storage devices are searched to control their priority. For example, floppy drives normally have higher priority than hard drives, so if a bootable floppy disk is in the drive when the computer is switched on the computer will boot from the floppy disk; otherwise it will boot from media in another storage device, such as a hard disk.

When booting from a hard disk or flash drive, the machine code in the master boot record normally examines the partition table (also in the master boot record), identifies the active partition (the partition that is marked as bootable), reads the boot sector, containing the volume boot record (VBR), from that partition, and then runs the machine code in the volume boot record in the same way code would be run from the boot sector in a floppy disk.

revision 1 initial bootloader

4. When the bootstrap loader finds the first boot sector on the primary bootable storage device, it loads it into RAM and passes control to the initial bootstrap program in its code area.

The initial bootstrap program is a small program in the boot sector's code area (small enough to fit into one sector) responsible for reading the actual operating system from the recording medium and executing it.

The initial bootstrap program has to be very small to fit into the code area and normally loads further software which will be used to load the operating system. Some operating systems, such as Windows, have software built in to load from the boot sector's code area. Unix-like operating systems on the PC, however, cannot load directly from the boot sector's code area and require a prior program, known as a bootloader.

The bootloader discussed in this article is GRUB (GRand Unified Bootloader). This is not the only bootloader available: alternatives include LILO and Syslinux.

revision 1 initial bootloader

Concepts bootloader Some operating systems, such as Unix-like operating systems, cannot load directly and require a prior program, known as a bootloader.

The bootloader discussed in this article is GRUB.

BIOS BIOS is an acronym that stands for Basic Input/Output System. It is located in ROM in a PC and contains its standard firmware.

Every PC contains a BIOS that is available as soon as it is turned on. boot sector A boot sector is the first data sector in a recording medium that contains machine code for booting a program stored elsewhere in the recording medium. code area The code area in a boot sector is the data containing the initial bootstrap program. power on self test (POST) When a computer is first turned on, it performs a power on self test to ensure that it meets the necessary system requirements and that the hardware is functioning properly.

The POST firmware is contained in the BIOS and is available as soon as the computer is turned on. bootstrap loader The bootstrap loader is firmware located in the ROM BIOS that loads the bootloader from the the primary bootable device and runs it.

After the power on self test completes, the computer runs the bootstrap loader to start the computer's software. initial bootstrap program In secondary storage a bootloader normally consists of more than one program. The first program is contained entirely in the boot sector and is known as the initial bootstrap program. The initial bootstrap program must be small enough to fit into one sector and executes the remainder of the bootloader.

In GRUB, the initial bootstrap program is stored with a file name of stage1. stage1 then loads either the remainder of GRUB: stage2, or an intermediate program: *_stage1_5.

revision 1 initial bootloader

Installation

GRUB can be run from Unix and then used to install the bootloader to the desired storage device. Once running from one storage device, GRUB is self-propagating and can be used to install itself onto another storage device. However, it cannot be installed from Windows and Unix will not run without a bootloader. The method used in this article to obtain an initial bootloader is to copy a GRUB image directly to the necessary sectors on the target medium. When the computer is then booted using the target device, GRUB will run as the bootloader and can then propagate itself correctly to another target.

Options

This article provides instructions for installing GRUB onto the following media:

● floppy disk ● flash drive

If both floppy drive and flash drive are available, the following factors should be considered when deciding which media to install the initial GRUB image to:

● Flash drives are available with a number of different capacities, and the image used to deploy GRUB initially therefore only partially populates the drive. Floppy disks, on the other hand, have a standard capacity of 1.44 MB and a single image is available that will properly populate any floppy disk.

● The 1.44 MB capacity of a floppy disk is extremely limited and very little data can be stored. Even a minimal Unix system will require a minimum of two floppy disks.

Because of the capacity issue with floppy disks, it is suggested that the initial GRUB image is deployed to a flash drive if one is available.

Terms program A computer program is a collection of instructions to perform a task or set of tasks to be carried out by a computer.

When a computer is started, it requires a program known as a bootloader to start the operating system. software A single program or a collection of programs are often referred to as software. operating system An operating system is a set of computer programs that manage the hardware and software resources of a computer.

Unix-like operating systems require a bootloader to start.

revision 1 initial bootloader central processing unit (CPU) The central processing unit (CPU) is the component in a computer that executes program instructions.

The primary activity of a computer is performed in the CPU and it is the CPU that executes all instructions from the moment it is turned on. data Data is a measurement which can be organised to become information.

The programs used to start a computer and the information these programs require are made available as data. data storage Data storage refers to retention of data used for computing for some period of time.

When a computer is started it requires programs and data to start the operating system. These programs and data are stored for use when the computer is powered up. primary storage Data in primary storage can be accessed directly by the computer's CPU.

Programs used when the computer is first turned on must be available as primary storage to be accessible to the CPU. secondary storage Data in secondary storage cannot be accessed directly by the CPU.

A bootloader is stored in secondary storage and must be retrieved into primary storage before it can be executed by the CPU. random access memory (RAM) Random access memory is primary storage that consists of memory cells. The CPU can access (read from or write to) RAM cells directly.

In a computer RAM is the working memory. When the data is no longer required it may be simply overwritten and the storage location can be used again for something else.

Random access memory is volatile: i.e. the memory contents are lost when the computer is turned off. For this reason programs used when the computer is first turned on cannot be stored in RAM.

revision 1 initial bootloader read only memory (ROM) Primary storage in the form of read only memory can be read directly by the CPU but cannot be written directly by the CPU. It is non-volatile: its contents remain unchanged when the computer is turned off.

Programs used when the computer is first turned on must be available immediately as primary storage and must therefore be stored in non-volatile read only memory. firmware Firmware is programs installed permanently in ROM.

Programs used by the computer on power-up are firmware. secondary storage device A secondary storage device, is used to access data held as secondary storage.

A bootloader is stored in secondary storage accessed via a secondary storage device. recording medium Hardware used to hold data is called a recording medium. A secondary storage device is used to access data held as secondary storage in the recording medium.

The data that constitutes a bootloader is held in a recording medium and is accessed (loaded into primary storage) via a storage device. platter A hard disk contains one or more flat disks that are used to store data in the drive. These disks are called platters. read/write head Data is written to and read from the surface of a platter by a device called a read/write head. track Tracks are the thin concentric circular strips on a floppy medium or platter surface which actually contain the magnetic regions of data written to a disk drive. A track is the intersection of a read/write head and a cylinder. cylinder A cylinder comprises all the tracks (on every usable platter surface) that can be accessed by the read/write heads while they remain stationary. geometric sector Each usable side of a platter can also be thought of as a collection of “pie slices” called geometric sectors.

revision 1 initial bootloader data sector The intersection of a track and a geometric sector is called a data sector, sometimes called simply a sector or a block. Thus sectors are identified by specifying a cylinder, read/write head and geometric sector. These sectors are the smallest geometric breakdown of a disk, and represent the smallest amount of data that can be transferred to or from a recording medium (usually 512 bytes). filesystem A filesystem is a defined structure for storing and organising data to facilitate location and access.

Data within a filesystem is stored in files. The filesystem provides access to data in a volume by maintaining the physical location of the files. cluster In a filesystem, a cluster is the unit of space allocation for files and directories. In order to reduce the overhead of managing data, the filesystem allocates data in groups of sectors, known as clusters. volume A volume is a single accessible region of data that contains a single filesystem and can therefore hold directories and files. It is either a partition in the partitioned recording medium or the unpartitioned recording medium in a data storage device. partition Partitioning is the creation of separate divisions of a hard disk, flash drive or similar recording medium. Each partition is normally a volume. active partition One partition on a recording medium can be set as the bootable partition or the active partition.

To boot from a partitioned storage device, the bootstrap loader must be located in the active partition. master boot record (MBR) A master boot record (MBR) is the boot sector of the partitioned recording medium in a data storage device such as a hard disk or a flash drive.

When booting from a partitioned storage device, the bootstrap loader runs the program in the code area of the master boot record.

revision 1 initial bootloader partition table The master boot record contains a table of four primary partitions, called the partition table.

When booting, the program in the MBR's code area normally examines the partition table and passes control to the program in the boot record of the active partition. volume boot record (VBR) A volume boot record (VBR) is the boot sector of a volume.

The code area of a VBR contains the initial bootstrap program responsible for executing the remainder of the bootloader.

LBA Logical block addressing (LBA) is a common scheme used for specifying the location of blocks of data stored in the recording medium in a storage device. The term LBA can mean either the address or the block to which it refers.

revision 1 initial bootloader

Further Comments

Sectors and Clusters

Disks are physically structured as follows:

In the context of secondary storage, a data sector is a subdivision of a track on disk media. Each sector stores a fixed amount of data. Typical formatting of disk media provides space for 512 bytes of data per sector on a magnetic disk or 2048 bytes per sector on an optical disk.

Geometrically, a sector is defined as a “pie-slice” part of a circle, or the area between two radii and the connecting arc of the circle. The sector used in a data storage context is the data sector, which refers to the intersection of a track and a geometric sector. Devices other than disk drives, such as flash drives, also use the concept of sectors to describe units of data storage.

In filesystems, a cluster is the unit of disk space allocation for files and directories. In order to reduce the overhead of managing data, the filesystem allocates data in groups of sectors, known as clusters. For example, on a disk that uses 512-byte sectors, a 512-byte cluster would contain one sector, whereas a 4-kilobyte cluster would contain eight sectors.

revision 1 initial bootloader

A cluster is the smallest amount of disk space that can be allocated to hold a file. Storing small files in a filesystem with large clusters therefore wastes disk space: the wasted space per file is statistically approximately half the cluster size. However, a larger cluster size reduces processing overhead and fragmentation, which can improve reading and writing speed. Typical cluster sizes range from 1 sector (512 B) to 128 sectors (64 KB).

A cluster need not be physically contiguous on the disk; it may span more than one track or, if sector interleaving is used, may even be discontiguous within a track.

Boot Sector

A boot sector is the first sector in a recording medium that contains machine code for booting programs (usually, but not necessarily, operating systems) stored elsewhere in the media.

On a PC-compatible computer the BIOS selects a boot device, then it reads and executes the first sector from its recording medium.

There are various kinds of boot sectors in PC-compatible storage devices, including:

master boot record (MBR) A master boot record is the first sector of the recording medium in a data storage device that has been partitioned. The MBR may contain machine code to locate the active partition and invoke its volume boot record.

volume boot record (VBR) A volume boot record is the first sector of the recording medium in a data storage device that has not been partitioned or the first sector of an individual partition on a recording medium that has been partitioned. It may contain machine code to load and invoke an operating system or a stand-alone program installed on that recording medium or within that partition.

To be a valid boot sector, the two-byte hex word AA55, called the boot sector signature, must exist at the end of the sector; otherwise, either the BIOS or MBR will report an error and halt the boot process.

Master Boot Record

A master boot record (MBR) is the boot sector of the partitioned recording medium in a data storage device such as a hard disk or a flash drive. The MBR has a number of uses, including the following:

● holding the recording medium's primary partition table

● booting operating systems, after the computer's BIOS passes execution to machine code instructions contained within the MBR

revision 1 initial bootloader

A master boot record in a recording medium partitioned with the MBR Partition Table scheme (the conventional PC partitioning scheme) is structured as follows:

Address Description Size (bytes)

Hex Dec

0000 0 code area 440

(max 446)

01B8 440 optional disk signature 4

01BC 444 usually null: 0000 hex 2

01BE 446 table of primary partitions: four 16-byte entries 64

01FE 510 55 MBR signature: AA55 hex 2

01FF 511 AA total size 512

The MBR is not located in a partition; it is located at a main boot record area in front of the first partition.

revision 1 initial bootloader

By convention, there are four primary partition table entries in the MBR.

The layout of one 16-byte entry is as follows:

Offset Field Description (hex) Length (bytes)

00 1 status:

80 hex bootable 00 hex non-bootable other invalid

01 3 sector address of first partition sector:

01 read/write head

02 sector and bits 9 - 8 of cylinder:

bits 5 - 0 sector bits 7 - 6 bits 9 - 8 of cylinder

03 bits 7 - 0 of cylinder

04 1 partition type

05 3 sector address of the last sector in the partition:

05 read/write head

06 sector and bits 9 - 8 of cylinder:

bits 5 - 0 sector

bits 7 - 6 bits 9 - 8 of cylinder

07 bits 7 - 0 of cylinder

08 4 LBA of first sector in the partition

0C 4 sectors in partition

revision 1 initial bootloader

When the MBR Partition Table scheme is used, the bootstrap loader in the BIOS loads and executes the MBR. The machine code in the MBR's code area consists of instructions which normally pass control by chain loading the volume boot record of the active partition, although some bootloaders replace the conventional instructions with their own.

The conventional MBR machine code scans its embedded partition table to find the only entry that is marked with the active flag and then loads and runs the volume boot record for that partition.

Volume Boot Record

A volume boot record (VBR) is a type of boot sector, stored in a volume (a floppy disk or a partition on a hard disk or media in a similar data storage device), that contains machine code for booting programs (usually, but not necessarily, operating systems) stored elsewhere in the volume. On non- partitioned storage devices it is the first sector of the recording medium. On partitioned storage devices, it is the first sector of an individual partition, with the first sector of the entire storage device instead being a MBR.

The machine code in a VBR is invoked either directly by the computer's firmware or indirectly by a MBR or a bootloader. Invoking a VBR via a bootloader is known as chain loading.

Operation

On PC compatible computers, the BIOS is ignorant of the distinction between VBRs and MBRs, and of partitioning. The firmware simply loads and runs the first sector of the recording medium in the storage device: the VBR on a floppy disk or the MBR on a hard disk or flash drive. It is the machine code in the MBR that understands disk partitioning and in turn is responsible for loading and executing the VBR of whichever primary partition is set as the active partition. The VBR then loads a second-stage bootloader from another location on the disk.

Whatever is stored in the boot sector of a data storage device is not required to immediately load any bootstrap software for an operating system, if ever. The BIOS merely passes control to whatever machine code exists as long as the sector contains the boot record signature (AA55) in its last two bytes. For this reason the usual bootstrap code found in a MBR can be replaced with more complex loaders or programs stored elsewhere on the recording medium that can run without an operating system.

revision 1