Boot Process in Linux
Linux booting process is an essential part of every Linux user/administration which will give you a clear picture of how Linux Operating system works. In this post we will see what happens when a Linux OS boots i.e. after powering on the machine to the user login prompt. Below image will give you clear idea what will happen in Linux booting process.
A quick view of booting sequence:
Power on
CPU jumps to BIOS
BIOS runs POST
Finds first bootable device
Load and execute MBR
Load OS
User prompt
CPU jumps to BIOS
BIOS runs POST
Finds first bootable device
Load and execute MBR
Load OS
User prompt
1. System Startup (BIOS)
This is the first stage is booting process. When you power on/Restart your machine the power is supplied to SMPS (switched-mode power supply) which converts AC to DC. The DC power is supplied to all the devices connected to that machine such as Motherboard HDD's, CD/DVD-ROM, Mouse, keyboard etc. The most intelligent device in the computer is Processor(CPU), when supplied with power will start running its sequence operations stored in its memory. The first instruction it will run is to pass control to BIOS(Basic Input/Output System) to do POST(Power On Self Test). Once the control goes to BIOS it will take care of two things.
- Run POST operation.
- Selecting first Boot device.
Post operation: The POST will check all hardware connected to system working correctly or not.
Selecting Boot device: Once POST completes, it flushes from the memory, but the BIOS runtime services remain and it searches for devices for bootable disk, ( It will select the first boot device and gives back the control to Processor(CPU). Suppose if it does not find first boot device, it will check for next boot device, if not third and so on. If BIOS do not find any boot device it will alert user stating "No boot device found".) that order of preference defined in the complementary metal oxide semiconductor (CMOS) settings. A boot device can be a floppy disk, a CD-ROM, a partition on a hard disk, a device on the network, or even a USB flash memory stick. Once BIOS detects the bootable device then it executes the MBR (Master Boot Recorder).
2. Second Stage ( MBR) Selecting Boot device: Once POST completes, it flushes from the memory, but the BIOS runtime services remain and it searches for devices for bootable disk, ( It will select the first boot device and gives back the control to Processor(CPU). Suppose if it does not find first boot device, it will check for next boot device, if not third and so on. If BIOS do not find any boot device it will alert user stating "No boot device found".) that order of preference defined in the complementary metal oxide semiconductor (CMOS) settings. A boot device can be a floppy disk, a CD-ROM, a partition on a hard disk, a device on the network, or even a USB flash memory stick. Once BIOS detects the bootable device then it executes the MBR (Master Boot Recorder).
Once the BIOS gives control back to CPU, it will try to load MBR of the first boot device(We will consider it as HDD). MBR is a small part of Hard Disk with just a size of 512 Bytes, This MBR resides at the starting of HDD or end of HDD depending on manufacturer.
What is MBR? ( 1st Stage of the Boot Loader.)
MBR(Master Boot recorder) is a location on disk which have details about.
- Primary boot loader code(This is of 446 Bytes)
- Partition table information(64 Bytes)
- Magic number(2 Bytes)
Primary Boot loader code: This code provides boot loader information and location details of actual boot loader code on the hard disk. This is helpful for CPU to load second stage of Boot loader.
Partition table: MBR contains 64 bytes of data which stores Partition table information such as what is the start and end of each partition, size of partition, type of partition(Whether it's a primary or extended etc). As we all know HDD support only 4 partitions, this is because of the limitation of its information in MBR. For a partition to represent in MBR, it requires 16 Bytes of space in it so at most we will get 4 partitions. to know more about this. ( http://www.linuxnix.com/2009/05/why-we-can-create-only-up-to-4-primary-partations.html)
Magic Number: The magic number service as validation check for MBR. If MBR gets corrupted this magic number is used to retrieve it. What to take backup of your MBR.
http://www.linuxnix.com/2009/11/how-to-take-the-backup-of-mbrmaster-boot-recorder.html
Now the MBR Loads in to RAM.
First Stage of the boot loader loads it-self in to memory, & finds the second stage boot loader, this is done by looking through the active partition table. When it finds an active partition, it scans the remaining partitions in the table to ensure that they are all inactive. After this verification the active partition’s boot record is reads from the RAM, and it will execute it.
First Stage of the boot loader loads it-self in to memory, & finds the second stage boot loader, this is done by looking through the active partition table. When it finds an active partition, it scans the remaining partitions in the table to ensure that they are all inactive. After this verification the active partition’s boot record is reads from the RAM, and it will execute it.
In simple MBR loads the GRUB (Grand Unified Boot loader) from 1st sector of the 1st bootable partition(HDD).
3. Third stage Bootloader stage2 ( GRUB loader ).
Once the Bootloader stage 1 is completed and able to find the actual bootloader location, Stage 1 bootloader start second stage by loading Bootloader into memory. In this stage GRUB(Grand Unified Bootloader) which is located in the first 30 kilobytes of hard disk immediately following the MBR is loaded into RAM for reading its configuration and displays the GRUB boot menu (where the user can manually specify the boot parameters) to the user. GRUB loads the user-selected (or default) kernel into memory and passes control on to the kernel. If user do not select the OS, after a defined timeout GRUB will load the default kernel in the memory for starting it.
GRUB has the knowledge of the file system, but older Linux loader LILO didn’t understand filesystem.4. Fourth Stage ( kernel)
Once the control is given to kernel which is the central part of all your OS and act as a mediator of hardware and software components. Kernel once loaded into to RAM it always resides on RAM until the machine is shutdown. Once the Kernel starts its operations the first thing it do is executing INIT process.
During the boot of the kernel, the initial-RAM disk (initrd) that was loaded into memory by the stage 2 boot loader is copied into RAM and mounted. This initrd serves as a temporary root file system in RAM and allows the kernel to fully boot without having to mount any physical disks. Since the necessary modules needed to interface with peripherals can be part of the initrd, the kernel can be very small, but still support a large number of possible hardware configurations. After the kernel is booted, the root file system is pivoted (via pivot_root) where the initrd root file system is unmounted and the real root file system is mounted.
5. Stage (INIT)
init(initialization) process is the root/parent process of all the process which run under Linux/Unix. The first process it runs is a script at /etc/rc.d/rc.sysinit which check all the system properties, hardware, display, SElinux, load kernel modules, file system check, file system mounting etc. Based on the appropriate run-level, scripts are executed to start/stop various processes to run the system and make it functional. INIT process read /etc/inittab which is an initialization table which defines starting of system programs. INIT will start each run level one after the other and start executing scripts corresponds to that runlevel. Know more about runlevels here. The script information is stored in different folders in /etc/ folder
/etc/rc0.d/ –Contain Start/Kill scripts which should be run in Runlevel 0
/etc/rc1.d/ –Contain Start/Kill scripts which should be run in Runlevel 1
/etc/rc2.d/ –Contain Start/Kill scripts which should be run in Runlevel 2
/etc/rc3.d/ –Contain Start/Kill scripts which should be run in Runlevel 3
/etc/rc4.d/ –Contain Start/Kill scripts which should be run in Runlevel 4
/etc/rc5.d/ –Contain Start/Kill scripts which should be run in Runlevel 5
/etc/rc6.d/ –Contain Start/Kill scripts which should be run in Runlevel 6
/etc/rc1.d/ –Contain Start/Kill scripts which should be run in Runlevel 1
/etc/rc2.d/ –Contain Start/Kill scripts which should be run in Runlevel 2
/etc/rc3.d/ –Contain Start/Kill scripts which should be run in Runlevel 3
/etc/rc4.d/ –Contain Start/Kill scripts which should be run in Runlevel 4
/etc/rc5.d/ –Contain Start/Kill scripts which should be run in Runlevel 5
/etc/rc6.d/ –Contain Start/Kill scripts which should be run in Runlevel 6
Once the initialization process completes mandatory run level and reach to default runlevel set in /etc/inittab, init process run one more file /etc/rc.local which are the last commands run in initialization process or even booting process. Once everything is completed the control is given back to the kernel.
6. Stage ( User Prompt )
This is actually not part of booting process but thought of including it here for better understating. Once the Kernel get the control it start multiple instances of "getty" which waits for console logins which spawn one's user shell process and gives you user prompt to login.
