COMP075-OS2. COMP075 OS2 My name: Professor Baker Email:...
-
Upload
bethany-anderson -
Category
Documents
-
view
232 -
download
12
Transcript of COMP075-OS2. COMP075 OS2 My name: Professor Baker Email:...
COMP075-OS2
COMP075 OS2
• My name: Professor Baker
• Email: [email protected]
• Or: [email protected]
• Course web page: http://fleming0.flemingc.on.ca/~chbaker/comp075
• Lecture notes and lab assignments will be posted on the course web page
• Students are expected to follow the lab report guidelines posted here: http://fleming0.flemingc.on.ca/~chbaker/LabReports.doc
Course Outline
• Assessments
– Two written test @ 10% 20%• Weeks 7 and 15
– Two lab tests @ 10% 20%• Weeks 7 and 15
– Ten labs at 5% 50%
– Professionalism and comprehension
10%
Course Content
• More operating system concepts, following on OS1
• Windows and linux platforms, emphasis on linux
• Focus on command line utilities
• Scripting with bash and power shell
Boot Process
Booting
• Booting is the process that loads an operating system into memory and activates it
• Every device that has an OS has a boot process
– Servers, laptops, phones, tablets, routers, appliances
• Some are very simple and rigid, others are complex and flexible – even scriptable
• All seem like they start from nothing
Boot Strap
• The term “Booting” derives from an old admonition to “Pull yourself up by your boot straps”
• Physically impossible, but illustrates the virtue of self reliance
• Programs can't load themselves, because they would have to be loaded to do that
• So how do we get started?
Pre-Boot Loader Days
• In the days before boot loaders, switches on the front of computers allowed programmers to load binary values at arbitrary selected memory locations
• In this tedious manner software could be manually loaded and then run via a run button
• This was flexible, but error prone and tedious
• More desirable to have the computer do this using a boot loader program
The Boot Loader Problem
• The fundamental problem of using boot loader software to load the OS is that the boot loader itself has to get loaded
• Typically this is accomplished by pre-loading the bootloader into some kind of non-volatile memory
• This non-volatile memory may be executable, like the ROM BIOS in IBM PC computers
• Or may be something that can be transferred to main memory using simple circuitry
Examples• Atari computers ran the OS from ROM
– ROM is slower than RAM, so not a good option for modern OS
– But embedded devices do this to avoid boot delay
• IBM PC has BIOS in ROM. BIOS can load OS to RAM from other sources
• Some early mainframes copied drum based OS to RAM using hard wired circuitry
• PDP11 booted from a matrix of diodes. They were all 1's when shipped but could be programed by cutting off diodes for zeroes
Examples
• PDP8 used front panel switches to program the boot loader
– Very simple loader obviously
Boot Loader Functions• Basic function is to load an OS and start it
• Most also perform a hardware test to ensure that the system is functioning properly
– Power On Self Test or POST
– Usually involves memory test
• Some load a secondary loader
– It may be larger and more sophisticated
– Able to offer boot options to users such as multi-boot
– Results in multi-stage boot process
• Boot loader may load another primary boot loader
– Chain loading
Current Era, Cisco IOS
• Cisco IOS boot loader is called ROMmon
– ROM monitor • Remember early OS were sometimes called
monitors
• When powered on runs POST, looks for OS in Flash, ROM or network, then looks for config in NVRAM
Booting IOS
Booting Apple iOS
• Multi-stage boot process
• Starts with small loader in ROM (BootROM)
– Subsequent stages loaded from flash
• Boot ROM verifies RSA signature of first level boot loader LLB, and loads it
• LLB verifies RSA signature of second level boot loader iBoot, and loads it
• iBoot verifies signature of kernel and NAND flash memory and loads them
iOS Boot Modes
• Normal mode is used if no problems are encountered during boot
• Recovery mode is invoked if problems occur
• DFU (device firmware update) mode can be invoked by holding certain buttons during boot process
• Used for obvious purpose but also to jailbreak the phone
• And for forensic analysis
Apple iOS Boot ModesNormal Boot Sequence
DFU Boot Sequence
IBM PC Boot History
• IBM PC introduced in August 1981
• Basically the same boot process was retained until very recently
• Newer PCs follow the UEFI specification
– But that can emulate the original BIOS based process
• BIOS based process has many limitations because of the antiquity of the design
• But it survived a long time because of flexibility that allowed limitations to be mitigated
PC BIOS Boot Sequence
• On power up control transfers to the ROM BIOS
• BIOS conducts POST then looks for source of operating system
• BIOS includes portions of the OS that conduct basic IO, so it is capable of looking at devices to locate one that is bootable
• These instructions run in limited memory and with limited instruction set
– As if on the original PC hardware
Bootable Devices
• System setup stores a boot sequence in BIOS
– ie CD, USB, Hard drive
• First bootable device from sequence is attempted
– Readable and with AA55h at end of first sector
• If none found control returns to BIOS
• BIOS may then attempt network boot or ROM BASIC
– Original IBM PC with no disk drives could boot into a basic interpreter on ROM
Booting from Bootable Disk
• First sector on disk called Master Boot Record
• MBR contains OS independent boot code and partition table
• Conventionally looks for partition marked “active”, loads its first sector (VBR)
• VBR may be OS specific
• Windows VBR knows about file systems and can locate next stage loader in file system
• Linux systems put GRUB stage 1 in MBR
File System Based Booting
• The GNU GRUB boot loader stores stage 1.5 in unused sectors between MBR and first partition
– First partition starts in sector 63
• This allows it to access file systems for configuration, menus, kernel images etc
• Space available in MBR is quite limited because of partition table and other things so code contained there must be very simple
• Conventional MBR loads VBR which can be more complex because space is less limited
Booting without File System Access
• Problem then is how do you find the next boot stage, configuration files, or kernel
• Early windows loaders required stage 2 to be at fixed location in partition and kernel files to be in first two directory entries
– SYS command put them there
• Before GRUB the LILO boot loader had a similar problem
• LILO had an install command that stored the address of the kernel in the MBR or VBR
Booting Windows
• As is usual with windows, the sequence varies depending on the windows version
• All versions install a conventional OS independent loader in the MBR, which chains to an OS dependent loader in the VBR
• The VBR loader has a minimal FS implementation for FAT and NTFS to allow the next stage loaders to be located
Booting XP
• Also applies to NT, S2000, and S2003
• MBR has been loaded and causes VBR to be loaded and run.
• VBR locates ntldr and gives it control.
• Ntldr:
– Changes to 32 bit mode
– Looks for boot.ini in the root of the filesystem
– May contain info for multi-boot menu
– Runs ntdetect.com to detect hardware and profiles
Booting XP (cont.)
• ntldr:
– Loads hardware abstraction layer (hal.dll and halx.dll)
– Also reads HKEY_LOCAL_ MACHINE\SYSTEM registry file and others
– Finally loads ntoskrnl.exe (the kernel)
– Kernel creates HKEY_LOCAL_MACHINE\HARDWARE registry key based on info from ntldr
– At this point system is ready to start services and allow logon
Booting Vista (etc.)
• Applies to 7, 8, S2008 and S2012
• As usual BIOS has loaded MBR and it has located and started VBR
• VBR starts bootmngr
• Bootmngr loads BCD (boot configuration database) from /boot in active partition
– BCD is a registry file that gets loaded into HKEY_LOCAL_MACHINE\HARDWARE
• BCD may call for multi-boot in which case a menu is displayed
Booting Vista (etc.)
• Once OS is selected, VBR for its partition may get loaded or ntldr for older MS OS
• When ready, winload.exe is invoked to load the actual OS kernel ntoskrnl.exe and device drivers
• Or winresume.exe
• For windows versions capable of using bitlocker drive encryption the active partition is an unencrypted hidden system partition
– Bootmnger and BCD are loaded from this partition, so decryption can be set up for the encrypted windows partition
GNU GRUB
• Grand Unified Boot Loader
• Linux and Solaris on x86
• Free and open source
• Includes a command line shell used to install grub from a running system
– Commands to identify partitions and assist with installation of GRUB
– Has search function to find partition containing kernel
• Multi-stage boot process
GRUB Stages
• Stage 1 is installed on the MBR (or a VBR)
• Stage 1.5 occupies the remaining unused sectors before the start of partition zero
– First partition starts on sector 63
• Stage 1.5 has file system code so that configuration and next boot stages can be obtained from a file system on any of the disk's partitions (/boot/grub directory)
• Stage 2 presents a menu based on configuration file to allow user to select OS to boot
GRUB Actions
• Normally user selection boots a linux kernel with parameters from the GRUB configuration
• User can override these options at run time – for example to start in run level 1
• Or user can access a GRUB command prompt
• To boot a Windows system GRUB passes control to the VBR from the windows partition
– Windows loader then takes over the boot process
Linux Startup
• Windows had multi-stage loaders from the VBR, BCD files and other devices to mitigate the bootstrap problems in getting an OS started:
– The OS has to have drivers to access disks and filesystems, but the drivers are in the filesystems on the disk
• Linux kernels have statically compiled drivers for accessing a RAM disk
• When linux is installed a custom ram disk image called initrd is created with the drivers needed to access the installed hardware and filesystems
• Linux kernel mounts this image as root (/), loads the needed drivers from it and uses them to mount the real root filesystem
References
• http://www.mossywell.com/boot-sequence/
• http://sysadmin-e.com/bitlocker-win7
• http://technet.microsoft.com/en-us/library/cc721886%28v=ws.10%29.aspx
• http://social.technet.microsoft.com/wiki/contents/articles/11341.the-windows-7-boot-process-sbsl.aspx
• http://technet.microsoft.com/en-us/library/bb457123.aspx
• http://en.wikipedia.org/wiki/GNU_GRUB
• http://download.intel.com/support/motherboards/desktop/sb/specscdrom.pdf
• http://www.syslinux.org/wiki/index.php/The_Syslinux_Project
• http://msdn.microsoft.com/en-us/library/ms932879%28v=WinEmbedded.5%29.aspx
• http://www.debian-administration.org/articles/478
• http://technet.microsoft.com/en-us/library/cc739412%28WS.10%29.aspx#w2k3tr_basic_how_fgkm
• http://www.uefi.org/specifications
• http://www.rodsbooks.com/efi-bootloaders/secureboot.html
• http://technet.microsoft.com/en-us/library/hh824987.aspx