CSE 330:

Operating Systems

Vikram Ramaswamy (stand-in)

Lecture #3: Short intro to system boot, Project #1
 The need to understand system boot process
Why not simply jump to the OS kernel when the system starts?

▪ There are many steps before an OS boots on your computer (e.g., BIOS boot)

▪ Many steps are required to ensure that your OS operates correctly, e.g.,
➢ Check that the CPU/motherboard is functional (vendor-specific)
➢ Ensure the “correct” and “expected” OS kernel is booted
➢ Provide the OS with initial system configuration (e.g., RAM, devices)

▪ Understanding these steps is vital to running an OS in modern computers, e.g.,

➢ Asahi Linux team spent months understanding (i.e., reverse-engineering) Apple
M1’s boot process to boot Linux on Apple Silicon machines
 Let’s quickly look at different parts of a computer

Notice all components (CPU, GPU, RAM, storage) are connected to the motherboard
 Typical system boot workflow on modern systems
Three important components of a typical boot, before the OS kernel is loaded

Basic IO OS Initial OS kernel is

System (BIOS) Bootloader Ramdisk finally loaded!

Motherboard Select kernel/OS Initial OS

initialization to boot setup
Hence, first step: initialize motherboard through BIOS

▪ BIOS → Basic Input/Output System

▪ Replaced by “UEFI” in modern systems (basically, BIOS++)

▪ Consider the BIOS to be an “initial OS for the motherboard” written

by the motherboard vendor (e.g., Apple, HP, Dell, etc.)

▪ Four important duties of BIOS:

✓ Identify and test hardware (POST)

✓ Configure initial hardware settings (BIOS menu)
✓ Ensure “correct” OS bootloader boots (Secure boot)
✓ Intermediary between OS and motherboard (Runtime)
 Important BIOS functions during boot

Function #1: Power-On Self-Test (POST) Function #2: Hardware configuration

▪ Test the computer hardware ▪ Assign boot devices, set power limits,
▪ Contains diagnostic routines for initializing etc., in BIOS menu
CPU, DRAM, and peripherals

▪ Ever heard a loud beep when you start

your PC? That’s the POST!

▪ Simply used to diagnose hardware

problems and prevent boot
▪ Catastrophic if your hardware boots up
 Function #3: Secure Boot

▪ Hackers might install a malicious kernel bootloader and try to trick

your system into booting from it
▪ Basically, this allows them to install any malicious kernel on your computer

▪ UEFI secure boot is designed to prevent such attacks!

▪ Basic idea: “verify” that the bootloader was installed by an authorized

individual (e.g., a system administrator)
Let’s first try to understand asymmetric key cryptography

Establish identity of an individual over insecure channel (e.g., internet)

Generates Sidra
two keys
Gives the public key but Haniya
keeps the other “private”

Private Public Public

Sensitive Signed Send “signed” message

message message Public
Private
Use the public key to tell that
the message was from Sidra

You will learn details in a cryptography class, don’t worry for now! ☺
 Secure boot with asymmetric key cryptography

▪ System administrator first installs their “public key” into BIOS/UEFI by

physically accessing the computer

▪ Then, the “correct” bootloader is signed with the private key (which is
kept on a different secure machine)

▪ BIOS uses its public key to verify the bootloader on every boot.

▪ Even if a hacker changed the bootloader, they will not be able to “sign” it with the
correct key. Hence, secure boot will fail.
 Function #4: Runtime motherboard services

▪ Recall that the BIOS is basically the “OS of the motherboard”

▪ OS depends on the motherboard for several functionality at runtime:

(a) CPU power state change → idle, performance, etc.
(b) Plug-and-play device enumeration (e.g., USB, Audio, etc.)

▪ Ask your instructor in office hours how this works, if interested! ☺

 Next step: BIOS loads the OS bootloader
Three important components of a typical boot, before the OS kernel is loaded

Complete
Basic IO OS Initial OS kernel is
System (BIOS) Bootloader Ramdisk finally loaded!

Motherboard Initial OS
initialization setup
How does the BIOS know where to load bootloader from?

The first sector of the disk (e.g., USB) is the Master Boot Record (MBR)

What does the MBR typically contain?

(a) Disc sector partition information
(b) Location of the bootloader if disk is “bootable”
 The OS Bootloader

▪ User-supplied code on a bootable disk (e.g., USB)

▪ Two important functionalities provided by the bootloader:

✓ Let users decide which OS or kernel to load

▪ E.g., when you dual-boot Windows or Linux

✓ Verify that a “correct” OS kernel is being loaded

Let’s take an example of the Linux GRUB bootloader
 Verifying the OS kernel at the bootloader stage

Important not to load an incorrect or malicious kernel image

Verifies kernel’s
signature/integrity hash
OS OS
BIOS/UEFI
Bootloader Kernel

UEFI Bootloader

As you can see, the secure boot process is formed by a “chain of security”
 Next step: Bootloader “loads” the initial ramdisk
Three important components of a typical boot, before the OS kernel is loaded

Complete Complete
Basic IO OS Initial OS kernel is
System (BIOS) Bootloader Ramdisk finally loaded!

▪ POST ▪ OS choice
▪ MB init/config ▪ Secure boot
▪ Secure boot
▪ ..
 The Initial Ramdisk

▪ Before the actual filesystem is loaded, Linux loads a temporary filesystem

into memory (for several functionalities) using the initial ramdisk

Why is the initial ramdisk needed?

▪ Some OS tasks are only needed at boot (e.g., device identification, root
file system mounting, kernel memory randomization using KASLR, etc.)

▪ Bloating the actual kernel with these task handlers is inefficient

▪ Initial ramdisk handles these menial tasks for the kernel

Let’s quickly look at project #1
 Virtual Machines
What is a virtual machine?

▪ A virtual machine is a nested computer!

▪ Software vs Hardware

▪ Host machine vs Guest Machine

▪ Hardware resources are allocated to the virtual machine (VM) by a hypervisor

▪ Hypervisors are a software component which manages virtual machines
 Create a new Virtual Machine!

▪ There are many different virtualization platforms

1. VirtualBox
2. UTM: Universal Turing Machine

▪ Both UTM and VirtualBox are hypervisors

 Boot Images

▪ Boot images are files which we can use to boot into an operating
system
o Typically used for installing an OS

▪ Follows the boot procedures discussed previously

Ubuntu Boot Image
 Boot images

Ubuntu boot image file

 Installing a new kernel

▪ After installing Ubuntu, install a new kernel into your VM

▪ On the virtual machine, download the files for Linux 6.6.9 from the link
provided in the project description
o Can use the wget command or Mozilla

▪ Follow the directions in project 1 to build and compile the kernel!

 Updating GRUB

▪ GRUB: GRand Unified Bootloader

o Allows for the booting of multiple operating systems from one
system

▪ GRUB's configuration file will require a change to be seen on start-up

▪ Running update-grub will cause GRUB to search and catalog each

bootable operating system and place them in the list
 GRUB Operating System List

Select Advanced Options for Ubuntu to find your kernel

GRUB Operating System List
 Initramfs

Initial Ramdisk (File System)

 System Calls

▪ Asking the kernel to do something for you!

▪ Calling a function available in the kernel

▪ Examples of system calls

o Read, Write, Open, etc.
 Modules

▪ Asking the kernel to do something for you!

▪ Modules that you can insert and remove while the kernel is running

▪ Compiled against the kernel to ensure compatibility

 System Calls vs Kernel Modules

▪ Are they the same thing? No!

o They both provide very similar functionality

▪ Kernel modules are programs which are separate from the kernel
o Compile separately from the kernel

▪ System calls are part of the kernel

o The kernel must be recompiled to add system call functionality

▪ Both provide kernel level access to functions

See you in the next class!