Professional Documents
Culture Documents
#3 (System Boot + Project #1)
#3 (System Boot + Project #1)
#3 (System Boot + Project #1)
Operating Systems
▪ There are many steps before an OS boots on your computer (e.g., BIOS boot)
▪ Many steps are required to ensure that your OS operates correctly, e.g.,
➢ Check that the CPU/motherboard is functional (vendor-specific)
➢ Ensure the “correct” and “expected” OS kernel is booted
➢ Provide the OS with initial system configuration (e.g., RAM, devices)
Notice all components (CPU, GPU, RAM, storage) are connected to the motherboard
Typical system boot workflow on modern systems
Three important components of a typical boot, before the OS kernel is loaded
▪ Test the computer hardware ▪ Assign boot devices, set power limits,
▪ Contains diagnostic routines for initializing etc., in BIOS menu
CPU, DRAM, and peripherals
Generates Sidra
two keys
Gives the public key but Haniya
keeps the other “private”
You will learn details in a cryptography class, don’t worry for now! ☺
Secure boot with asymmetric key cryptography
▪ Then, the “correct” bootloader is signed with the private key (which is
kept on a different secure machine)
▪ BIOS uses its public key to verify the bootloader on every boot.
▪ Even if a hacker changed the bootloader, they will not be able to “sign” it with the
correct key. Hence, secure boot will fail.
Function #4: Runtime motherboard services
Complete
Basic IO OS Initial OS kernel is
System (BIOS) Bootloader Ramdisk finally loaded!
Motherboard Initial OS
initialization setup
How does the BIOS know where to load bootloader from?
The first sector of the disk (e.g., USB) is the Master Boot Record (MBR)
Verifies kernel’s
signature/integrity hash
OS OS
BIOS/UEFI
Bootloader Kernel
UEFI Bootloader
As you can see, the secure boot process is formed by a “chain of security”
Next step: Bootloader “loads” the initial ramdisk
Three important components of a typical boot, before the OS kernel is loaded
Complete Complete
Basic IO OS Initial OS kernel is
System (BIOS) Bootloader Ramdisk finally loaded!
▪ POST ▪ OS choice
▪ MB init/config ▪ Secure boot
▪ Secure boot
▪ ..
The Initial Ramdisk
▪ Boot images are files which we can use to boot into an operating
system
o Typically used for installing an OS
▪ On the virtual machine, download the files for Linux 6.6.9 from the link
provided in the project description
o Can use the wget command or Mozilla
▪ Modules that you can insert and remove while the kernel is running
▪ Kernel modules are programs which are separate from the kernel
o Compile separately from the kernel