In computing, booting is a process that starts operating systems when the user turns on a computer system. a boot sequence is the initial set of operations that the computer performs when power is switched on. The boot loader typically loads the main OS for the computer.
When we press the computer power to make the computer starts, and Windows XP Professional operating system to start, we call this period the pre-boot (Pre-Boot) stage, at this stage, the computer first run Power On Self Test (POST ), POST test the system’s total memory and other hardware equipment, the status quo. If the computer system BIOS (basic input / output system) is a plug and play, then the computer hardware equipment will be tested, as well as complete the configuration. The computer’s basic input / output system (BIOS) to locate the computer’s boot device, and then MBR (Master Boot Record) is loaded and run. In the pre-boot phase, the computer to load Windows XP, NTLDR file.
b) guided phase
Windows XP Professional boot phase consisted of four small stage.
First of all, the computer has to go through the initial boot loader phase (Initial Boot Loader), in this phase, NTLDR computer microprocessors from real mode to 32-bit flat memory model. In real mode, the system for MS-DOS reserved 640kb of memory, the remaining memory as extended memory, and in the 32-bit flat memory mode, the system (Windows XP Professional) depends on all the memory available memory. Then, NTLDR starts the built-in mini-file system drivers, through this step, so that NTLDR can identify each of a file system using NTFS or FAT formatted partition in order to detect and load the Windows XP Professional, here, the initial boot loader phase is over.
Then the system came to the operating system selection phase, if the computer is installed on more than one operating system (that is, multi-system), and the boot.ini is set correctly so that system under the conditions of the operating system of choice, the computer monitor will show an operating system menu, This is the NTLDR reads the boot.ini results.
In the boot.ini, mainly includes the following:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=”Microsoft Windows XP Professional” /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINNT=”Windows Windows 2000 Professional”
In it, multi (0) mean disk controller, disk (0) rdisk (0) mean disk, partition (x) is partition. from here NTLDR will find the location of Windows XP Professional system files.If the boot.ini is only one operating system option, or the timeout value is set to 0, then the system does not appear the operating system selection menu and directly into the system or the default system. When start Windows XP Professional, the operating system selection phase is completed.
In hardware detection phase,ntdetect.com will collect information about computer hardware list and return it to the NTLDR, the purpose of doing this is to add the hardware information into the registry under the HKEY_LOCAL_MACHINE.
Hardware detection is complete, enter the configuration options stage. If the computer contains multiple hardware profiles list, you can press the down button to select. If there is only one hardware profile, the computer does not display this screen but directly using the default configuration file to load Windows XP Professional.
End of the guide period. In the boot stage, the system should use those file: NTLDR, Boot.ini, ntdetect.com, ntokrnl.exe, Ntbootdd.sys, bootsect.dos (optional).
c) loaded the kernel stage
Loaded kernel stage, ntldr load known as the Windows XP kernel ntokrnl.exe. System loaded Windows XP kernel but did not initialize it. Then ntldr loads the hardware abstraction layer (HAL, hal.dll), then the system continues to load HKEY_LOCAL_MACHINE \ system keys, NTLDR reads the select button to determine which Control Set will be loaded. Control set that contains the device drivers and the need to load the service. NTLDR loads HKEY_LOCAL_MACHINE \ system \ service \ … Next start key value is 0 the lowest device driver. When a Control Set the Current Control Set the mirror is loaded, ntldr to pass control to the kernel, the kernel initialization phase begins.
In the kernel initialization stage,the color logo of Windows XP as well as the progress bar displayed in the center of the screen, at this stage, the system completed its start four tasks:
The kernel used in the hardware detection data collected to create the HKEY_LOCAL_MACHINE \ HARDWARE key.
Kernel by reference HKEY_LOCAL_MACHINE \ system \ Current Copy Control Set the default values to create a Clone Control Set. Clone Control Set configuration backup of computer data, not including the initiation of the changed and will not be modified.
System complete initialization, and loading device drivers, kernel initialization phase of those who load the kernel is loaded the bottom of the driver, and then the kernel scanner HKEY_LOCAL_MACHINE \ system \ CurrentControlSet \ service \ … device driver which key value is 1. These device drivers are loaded when the initialization has completed, if an error occurs, the kernel used ErrorControl key to determine how to deal with a value of 3, the error flag for the crisis / critical,at first time the system will restart encountered LastKnownGood Control if there is an error, if you are using LastKnownGood Control Set to start is still an error, the system fails to start,it will report the error message and the system stop start; a value of 2 as a serious error condition, the system fails to start and to restart the LastKnownGood Control Set , if the system starts already in use LastKnownGood value, it will ignore the error and continue to start;.
Session Manager start Windows XP Advanced Subsystem and services, Session Manager control all input and output devices, and access to display screen as well as the Win32 subsystem Winlogon process, initialize the kernel is completed.
d) landing
Winlogon.exe start Local Security Authority, while Windows XP Professional visit the Welcome Screen and dialog box is displayed, at this time,the system may continue deal with driver which has not completed in the background.
Prompted to enter a valid user name or password.
Service Controller finally scan HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servives to check whether there are service needs loads, Service Controller check start key 2 or more of service, service will loading in accordance with start values and the values of DependOnGroup and DepandOnService.
Only after the user successfully logged on to the computer, Windows XP startup can be considered complete, after a successful landing, the system copies Clone Control Set to LastKnownGood Control Set, complete this step, the system has been successfully guided.
When you hit the power button on your computer a whole lot of stuff happens. We call this the boot process. In the days when I first started using computers there was literally a "boot disk", a floppy (5.25" not a 3.5") disk that told the system where to go and what to do so that the operating system would start up. Since then the boot sequence has become somewhat more complicated. So let me take you thru the steps the computer takes to get started. For my example I'm going to use a Windows XP system.
- First is the POST, this stands for Power On Self Test, for the computer. This process tests memory as well as a number of other subsystems. You can usually monitor this as it runs each test. After that is complete the system will run POST for any device that has a BIOS (Basic Input-Output System). An AGP has its own BIOS, as do some network cards and various other devices.
- Once the POST is complete and the BIOS is sure that everything is working properly, the BIOS will then attempt to read the MBR (Master Boot Record). This is the first sector of the first hard drive (called the Master or HD0). When the MBR takes over it means that Windows is now in control.
- The MBR looks at the BOOT SECTOR (the first sector of the active partition). That is where NTLDR is located, NTLDR is the BOOT LOADER for Windows XP. NTLDR will allow memory addressing, initiate the file system, read the boot.ini and load the boot menu. NTLDR has to be in the root of the active partition as do NTDETECT.COM, BOOT.INI, BOOTSECT.DOS (for multi-OS booting) and NTBOOTDD.SYS (if you have SCSI adapters)
- Once XP is selected from the Boot Menu, NTLDR will run NTDETECT.COM, BOOT.INI and BOOTSECT.DOS to get the proper OS selected and loaded. The system starts in 16-bit real mode and then moves into 32-bit protected mode.
- NTLDR will then load NTOSKRNL.EXE and HAL.DLL. Effectively, these two files are windows XP. They must be located in %SystemRoot%System32.
- NTLDR reads the registry, chooses a hardware profile and authorizes device drivers, in that exact order.
- At this point NTOSKRNL.EXE takes over. It starts WINLOGON.EXE that in turn starts LSASS.EXE, this is the program that display the Logon screen so that you can logon.
No comments:
Post a Comment