写一点关于minix引导过程的文章,从无系统状态下的引导写起。
硬盘的第一个扇区称为master boot block(系统主引导区),用于存放主引导程序。当系统起动的时候系统BIOS把起动盘的第一个扇区的内容装进内存的固定位置(0x7C00),然后程序跳转到地址0x7C00处运行。硬盘的第一个扇区上的内容就是master boot recod(简称MBR,中文为系统主引导),它是系统的第一段引导程序,也是除BIOS以外CPU运行的第一段代码。
除了主引导程序,所有硬盘分区的第一个扇区上也同样递归的存储着引导程序。这样就存在三种不同的引导区:硬盘的第一个扇区、有系统的分区、无系统的分区。MINIX为这三种情况准备了三种不同的引导程序:masterboot、jumpboot和bootblock。这三段代码存在的位置分别是:
在一个没有分区的硬盘上,硬盘的第一个分区上直接存放的是一个用来加载系统引导程序的主引导程序(bootblock)。但是如果硬盘有分区,硬盘第一个扇区上存放的主引导程序就是masterboot。masterboot开始执行后会先把自己移动到另一段内存空间,然后读取分区表,根据分区表找到分区,它的行为和BIOS很类似:把分区当作一个独立一硬盘,读取分区的第一个扇区(masterboot或jumpboot或bootblock)到首地址为0x7C00的内存空间并执行它。一个MINIX分区有和一个没有分区的硬盘一样的结构,每个分区的第一个扇区都是一个引导扇区可以用来加载系统引导程序,或者如果该分区没有安装系统就是一段跳到下一个分区引导的程序。
下面进入源码:
! masterboot 2.0 - Master boot block code Author: Kees J. Bot
!
! This code may be placed in the first sector (the boot sector) of a floppy,
! hard disk or hard disk primary partition. There it will perform the
! following actions at boot time:
!
! - If the booted device is a hard disk and one of the partitions is active
! then the active partition is booted.
!
! - Otherwise the next floppy or hard disk device is booted, trying them one
! by one.
! 这里介绍了masterbootd存在的位置和功能。
! To make things a little clearer, the boot path might be:
! /dev/fd0 - Floppy disk containing data, tries fd1 then d0
! [/dev/fd1] - Drive empty
! /dev/c0d0 - Master boot block, selects active partition 2
! /dev/c0d0p2 - Submaster, selects active subpartition 0
! /dev/c0d0p2s0 - Minix bootblock, reads Boot Monitor /boot
! Minix - Started by /boot from a kernel image in /minix
LOADOFF = 0x7C00 ! 0×0000:LOADOFF is where this code is loaded
! LOADOFF是BIOS加载引导扇区时使用的内存地址,
! 也是masterboot下次加载引导扇区时的内存地址
BUFFER = 0×0600 ! First free memory
! masterboot加载引导扇区时会先把自己移动到BUFFER空间
PART_TABLE = 446 ! Location of partition table within this code
PENTRYSIZE = 16 ! Size of one partition table entry
MAGIC = 510 ! Location of the AA55 magic number
! .h:
bootind = 0
sysind = 4
lowsec = 8
.text
! Find active (sub)partition, load its first sector, run it.
master:
xor ax, ax
mov ds, ax
mov es, ax ! set 0 to ds and es
cli ! Clear Interrupt Flag. Operation: IF := 0.
! cli指令是关中断,下面修改堆栈断要关中断,cli的资料在下面这个网址:
! http://pdos.csail.mit.edu/6.828/2006/readings/i386/CLI.htm
mov ss, ax ! ds = es = ss = Vector segment
mov sp, #LOADOFF
sti ! Set Interrupt Flag. Operation: IF := 1.
! sti开中断:http://pdos.csail.mit.edu/6.828/2006/readings/i386/STI.htm
mov si, sp ! si = start of this code
! ESI, EDI, SI, DI is called Index Register stores the offset of a val in particular segment
push si ! Also where we’ll return to eventually
! ds = es = ss = 0;
! si = #LOADOFF; sp = #LOADOFF -1; (sp) = #LOADOFF;
! 这里ds,es,ss三个段寄存器都设为0,这样段地址空间和绝对地址空间一致了,堆栈段栈顶为#LOADOFF
! 把#LOADOFF压栈了一次,在加载完下一个引导区后全用ret,将会回到#LOADOFF开始执行
! si当前值为#LOADOFF,下面一步把,di设置为#BUFFER,然后复制一个扇区大小的内存,再跳到新的位置执行
! 这样#LOADOFF位置就空出来了,用来装下一个引导
!—————————————————————————————————
! Copy this code to safety, then jump to it.
mov di, #BUFFER ! Buffer area
mov cx, #512/2 ! One sector
cld ! Clear Direction Flag. Operation: DF := 0
rep movs ! rep Repeat Following String Operation
jmpf BUFFER+migrate, 0 ! To safety. jump far.
! jmpf callf是MINIX中搞的两个汇编,远程跳或者远程调用:
! http://www.woodhull.com/newfaq/faq/MinixAsMn.html
! di = #BUFFER
! cx = 512/2; one sector
! move one sector from where this code is loaded to the first free memory which begins at 0×0600 then jump to migrage
! the code was first loaded at LOADOFF than moved to BUFFER
!—————————————————————————————————
! jcc 关于跳转的资料可以在这里查:http://pdos.csail.mit.edu/6.828/2005/readings/i386/Jcc.htm
migrate:
! Find the active partition
findactive:
testb dl, dl ! dl and dl; test if dl is negtive or positive. if dl is 0×00 means it is booted from first floopy
! dl stores the current device number 0×00 indicate first floopy 0×01 indicate second floopy 0×80…indicate disk
! http://publib.boulder.ibm.com/iseries/v5r2/ic2924/books/c0925083728.htm
jns nextdisk ! dl is positive means it was boot from floopy, jump to nextdisk. No bootable partitions on floppies, jump to nextdisk.
mov si, #BUFFER+PART_TABLE
find: cmpb sysind(si), #0 ! Partition type, nonzero when in use
jz nextpart
testb bootind(si), #0×80 ! Active partition flag in bit 7
jz nextpart ! It’s not active
loadpart:
call load ! Load partition bootstrap. 开始加载了
jc error1 ! Not supposed to fail
bootstrap:
ret ! Jump to the master bootstrap
! where to return? when copy this code to safety, pushed si, which was pointing to LOADOFF, into the stack.
! 返回到哪?返回的地址在代码开始执行的时候就做好了。返回到#LOADOFF开始执行!
nextpart:! 找分区过程
add si, #PENTRYSIZE
cmp si, #BUFFER+PART_TABLE+4*PENTRYSIZE
jb find
! No active partition, tell ‘em
call print
.ascii “No active partition\0″
jmp reboot
! There are no active partitions on this drive, try the next drive.
nextdisk:! 找盘过程
incb dl ! Increment dl for the next drive
testb dl, dl
js nexthd ! Hard disk if negative
int 0×11 ! Get equipment configuration
shl ax, #1 ! Highest floppy drive # in bits 6-7
shl ax, #1 ! Now in bits 0-1 of ah
andb ah, #0×03 ! Extract bits
cmpb dl, ah ! Must be dl <= ah for drive to exist
ja nextdisk ! Otherwise try disk 0 eventually
call load0 ! Read the next floppy bootstrap
jc nextdisk ! It failed, next disk please
ret ! Jump to the next master bootstrap
nexthd: call load0 ! Read the hard disk bootstrap
error1: jc error ! No disk?
ret
! Load sector 0 from the current device. It’s either a floppy bootstrap or
! a hard disk master bootstrap.
load0:
mov si, #BUFFER+zero-lowsec ! si = where lowsec(si) is zero
!jmp load
! Load sector lowsec(si) from the current device. The obvious head, sector,
! and cylinder numbers are ignored in favour of the more trustworthy absolute
! start of partition.
load:
mov di, #3 ! Three retries for floppy spinup
retry: push dx ! Save drive code
push es
push di ! Next call destroys es and di
movb ah, #0×08 ! Code for drive parameters
int 0×13 ! int 0×13中断可以读或写磁盘扇区,可以得到磁盘参数:http://en.wikipedia.org/wiki/INT_13
pop di
pop es
andb cl, #0x3F ! cl = max sector number (1-origin)
incb dh ! dh = 1 + max head number (0-origin)
movb al, cl ! al = cl = sectors per track
mulb dh ! dh = heads, ax = heads * sectors
mov bx, ax ! bx = sectors per cylinder = heads * sectors
mov ax, lowsec+0(si)
mov dx, lowsec+2(si)! dx:ax = sector within drive
cmp dx, #[1024*255*63-255]>>16 ! Near 8G limit?
jae bigdisk ! 读到磁盘参数后计算这个磁盘是大盘还是小盘,区分就是于8GB,这就是在移动硬盘上分区装LINUX的时候建议分区小于8G的理由吧,8G更容易得到支持,起动成功率更大
smalldisk: ! add by me.这是我加的标签,小容量磁盘运行这段代码
div bx ! ax = cylinder, dx = sector within cylinder
xchg ax, dx ! ax = sector within cylinder, dx = cylinder
movb ch, dl ! ch = low 8 bits of cylinder
divb cl ! al = head, ah = sector (0-origin)
xorb dl, dl ! About to shift bits 8-9 of cylinder into dl
shr dx, #1
shr dx, #1 ! dl[6..7] = high cylinder
orb dl, ah ! dl[0..5] = sector (0-origin)
movb cl, dl ! cl[0..5] = sector, cl[6..7] = high cyl
incb cl ! cl[0..5] = sector (1-origin)
pop dx ! Restore drive code in dl. dx is pushed at the begining of load.
movb dh, al ! dh = al = head
mov bx, #LOADOFF ! es:bx = where sector is loaded
mov ax, #0×0201 ! Code for read, just one sector
int 0×13 ! Call the BIOS for a read
jmp rdeval ! Evaluate read result
bigdisk:!大容量磁盘运行这段代码
mov bx, dx ! bx:ax = dx:ax = sector to read
pop dx ! Restore drive code in dl. dx is pushed at the begining of load.
push si ! Save si
mov si, #BUFFER+ext_rw ! si = extended read/write parameter packet
mov 8(si), ax ! Starting block number = bx:ax
mov 10(si), bx
movb ah, #0×42 ! Extended read
int 0×13
pop si ! Restore si to point to partition entry
!jmp rdeval
rdeval:!大小容量都回归到这里,相当于分支语句完成
jnc rdok ! Read succeeded
cmpb ah, #0×80 ! Disk timed out? (Floppy drive empty)
je rdbad
dec di
jl rdbad ! Retry count expired
xorb ah, ah
int 0×13 ! Reset
jnc retry ! Try again
rdbad: stc ! Set carry flag
ret
rdok: cmp LOADOFF+MAGIC, #0xAA55
jne nosig ! Error if signature wrong
ret ! Return with carry still clear
! end of load. 加载完闭,回归
nosig: call print
.ascii “Not bootable\0″
jmp reboot
! A read error occurred, complain and hang
error:
mov si, #LOADOFF+errno+1
prnum: movb al, ah ! Error number in ah
andb al, #0x0F ! Low 4 bits
cmpb al, #10 ! A-F?
jb digit ! 0-9!
addb al, #7 ! ‘A’ – ‘:’
digit: addb (si), al ! Modify ’0′ in string
dec si
movb cl, #4 ! Next 4 bits
shrb ah, cl
jnz prnum ! Again if digit > 0
call print
.ascii “Read error ”
errno: .ascii “00\0″
!jmp reboot
reboot:! 故障大了,重起
call print
.ascii “. Hit any key to reboot.\0″
xorb ah, ah ! Wait for keypress
int 0×16
call print
.ascii “\r\n\0″
int 0×19
! Print a message.打印信息,不重要的先不细看,用的BIOS 0×10中断
print: pop si ! si = String following ‘call print’
prnext: lodsb ! al = *si++ is char to be printed
testb al, al ! Null marks end
jz prdone
movb ah, #0x0E ! Print character in teletype mode
mov bx, #0×0001 ! Page 0, foreground color
int 0×10
jmp prnext
prdone: jmp (si) ! Continue after the string
.data
! Extended read/write commands require a parameter packet.
ext_rw:
.data1 0×10 ! Length of extended r/w packet
.data1 0 ! Reserved
.data2 1 ! Blocks to transfer (just one)
.data2 LOADOFF ! Buffer address offset
.data2 0 ! Buffer address segment
.data4 0 ! Starting block number low 32 bits (tbfi)
zero: .data4 0 ! Starting block number high 32 bits
相关参考:
minix引导程序剖析之masterboot:http://simohayha.javaeye.com/blog/317089
boot sequence overview:http://simohayha.javaeye.com/blog/269093
32位Intel CPU所含有的寄存器:http://blog.csdn.net/yizhu2000/archive/2008/12/18/3548528.aspx
Instruction Format:http://pdos.csail.mit.edu/6.828/2007/readings/i386/s17_02.htm
[汇编指令] 在学习中遇到的指令:http://knol.google.com/k/lexon/%E6%B1%87%E7%BC%96%E6%8C%87%E4%BB%A4-%E5%9C%A8%E5%AD%A6%E4%B9%A0%E4%B8%AD%E9%81%87%E5%88%B0%E7%9A%84%E6%8C%87%E4%BB%A4/1dddgchsmaara
THE MINIX ASSEMBLY LANGUAGE MANUAL:http://www.woodhull.com/newfaq/faq/MinixAsMn.html
minix Documentation:http://www.raspberryginger.com/jbailey/minix/html/index.html
参考的书:Operation Systems Design and Implementation Third Edition