
From the Bootloader to the Kernel - lrsjng
https://0xax.gitbooks.io/linux-insides/Booting/linux-bootstrap-1.html
======
JdeBP
This article is another case of regurgitated received folk wisdom that is
wrong and that has been wrong for years if not decades.

> _The processor starts working in real mode._

Intel CPUs have not started in real mode since the 80286. The 80386 and later
start in _unreal_ mode. The whole explanation of real mode addressing, based
upon not realizing that the 80386 and later _always_ use the segment registers
and do not do that real mode address calculation using the value of the
selector, is irrelevant. Futhermore: In some scenarios nowadays, CPUs _never_
run in real mode, going straight from unreal mode to protected mode and,
because they then run a protected mode EFI bootstrap, staying there.

> _When attempting to boot from a hard drive, the BIOS tries to find a boot
> sector._

PC systems have not necessarily loaded the MBR and run it for more than a
decade, now. Systems bootstrap the EFI way, and this is nowadays fairly common
and mainstream.

> _The core image begins with diskboot.img, which is usually stored
> immediately after the first sector in the unused space before the first
> partition._

This "boot virus area" does not exist on modern systems with EFI partitioning.
That is also common and mainstream nowadays, too.

* [https://superuser.com/a/347115/38062](https://superuser.com/a/347115/38062)

* [https://superuser.com/a/345333/38062](https://superuser.com/a/345333/38062)

* [http://jdebp.eu./FGA/efi-boot-process.html](http://jdebp.eu./FGA/efi-boot-process.html)

* [http://rodsbooks.com./efi-bootloaders/index.html](http://rodsbooks.com./efi-bootloaders/index.html)

~~~
hhjj
[https://www.intel.com/content/www/us/en/support/articles/000...](https://www.intel.com/content/www/us/en/support/articles/000007194/processors.html)

~~~
xx8866-6644
Quoting directly from the manual "Intel® 64 and IA-32 Architectures Software
Developer’s Manual Volume 3"

" 9.1.4 First Instruction Executed The first instruction that is fetched and
executed following a hardware reset is located at physical address FFFFFFF0H.
This address is 16 bytes below the processor’s uppermost physical address. The
EPROM containing the software-initialization code must be located at this
address. The address FFFFFFF0H is beyond the 1-MByte addressable range of the
processor while in real-address mode. The processor is initialized to this
starting address as follows. The CS register has two parts: the visible
segment selector part and the hidden base address part. In real-address mode,
the base address is normally formed by shifting the 16-bit segment selector
value 4 bits to the left to produce a 20-bit base address. However, during a
hardware reset, the segment selector in the CS register is loaded with F000H
and the base address is loaded with FFFF0000H. The starting address is thus
formed by adding the base address to the value in the EIP register (that is,
FFFF0000 + FFF0H = FFFFFFF0H). The first time the CS register is loaded with a
new value after a hardware reset, the processor will follow the normal rule
for address translation in real-address mode (that is, [CS base address = CS
segment selector * 16]). To insure that the base address in the CS register
remains unchanged until the EPROM based software-initialization code is
completed, the code must not contain a far jump or far call or allow an
interrupt to occur (which would cause the CS selector value to be changed). "

------
scott_s
What this looked like in 2004: [https://www.scott-a-s.com/the-linux-boot-
process-of-2004/](https://www.scott-a-s.com/the-linux-boot-process-of-2004/)

