The Booting process involved a
well organized procedure to perform all system checks and loads all necessary
files to bring the computer to an operable state. This process is also known as
bootstrap. Generally there are two types of booting. First one is Cold boot
which is used when you turn the computer on from an off position and the other
is Warm boot is used when you reset a computer that is already on. Most of the
people are not aware about the processes involved in the Booting. In this
article I will let you know all the processes in detail manner. Following
processes are involved in booting:
- First
of all BIOS (Basic Input Output System) comes into picture which is the first
code executed by computer when power supply is switched on. When power is
turned on, POST (Power-On Self-Test) is the diagnostic testing sequence which
is performed by computer to determine if the peripheral devices like computer
keyboard, disk drives and other hardware are working correctly. If
the POST is a failure the system halts with a beep sound.
- Then
BIOS checks the boot priority.
We can set the boot priority as CD drive, hard disk or flash memory.
- The
next duty of BIOS is to read the MBR (Master Boot Record).The first sector on a
hard disk. MBR contains the partition loader and boot loader.
Function
of Partition table:
- The partition loader code which accesses the partition
table to identify the primary partition, extended partitions and active
partition which is needed to determine the file system and locate the operating
system loader file - NTLDR.
- NTLDR will
call upon the boot.ini file which is located at the root directory to determine
the location and entries of the operating system boot partition. NTLDR will
pass all information from the Windows registry and Boot.ini file into
Ntoskrnl.exe.
Function
of Bootloader:
Then Boot
loader performs tasks of loading operating system in the memory. Generally two
terms are used the Cold boot is used when you turn the computer on from an off
position and the Warm boot is used when you reset a computer that is already
on. The two stages are involved in the boot loader, stage 1 boot loader and
stage 2 bootloader. MBR contains the stage 1 boot loader and stage 1 boot
loader is a link to the stage 2 boot loader. The stage 2 boot loader resides in
the boot partition and it loads the kernel to the computer memory.
Boot
files and functions:
There are
three boot files in a Windows operating system and they are found in the active
partition of hard disk and its normally C drive:
1.NTLDR: - NTLDR stands for NT
Loader and it’s the second stage bootloader.
2.Boot.ini: - Boot.ini contains the
configuration files of NTLDR. When the operating system is loaded we cannot
pass any arguments to kernel, so those arguments are passed through boot.ini.
3.NTDETECT.COM: - This file detects
hardware's and passes information to NTLDR to create a hardware key for
hardware detection. A new hardware key is generated after each reboot of the
operating system and that's why system asks to reboot after installation of a
new hardware.
Kernel and its functions:
After
executing the functions of boot files the control is passed to Kernel.
Ntoskrnal.exe is the kernel file in a
Windows machine. Kernel acts as a layer between software and hardware. The
library file hal.dll helps Kernel to interact with hardware's. HAL stands for
Hardware Abstraction Layer and this hal.dll file is machine specific. Now the
drivers for hardware's are loaded from the file and the Kernel is loaded to
primary memory.
Services
and log in procedure:
When
kernel is loaded in the primary memory services for each process is started and
the registry entry occurs. Winlogon.exe starts the log in procedures of windows
machine. It first calls the library file msgina.dll which provides the log in
window. Now msginal.dll passes the control to LSA (Local Security Authority),
it verifies the username and password from the SAM file. SAM file contains
information about all users of that install Window operating system.
