I’m trying to find the best resources I can for learning about boot loaders. I recently installed Fedora dual boot on my MacBook Air and want to understand what is happening during the boot process, and why, for example, I’m now staring at a Grub console after resizing my APFS partition.
Realmode assembly - writing bootable stuff:<p><a href="https://0x00sec.org/t/realmode-assembly-writing-bootable-stuff-part-2/2992" rel="nofollow">https://0x00sec.org/t/realmode-assembly-writing-bootable-stu...</a><p>Writing a bootloader:<p><a href="http://3zanders.co.uk/2017/10/13/writing-a-bootloader/" rel="nofollow">http://3zanders.co.uk/2017/10/13/writing-a-bootloader/</a><p>(Both from my HN archive, posted somewhere this year)
I think looking at the bootloader source is an excellent way to learn. However the more complex the bootloader, IME the less rewarding the time spent reading its source.<p>While Grub is highly well-known, popular, sometimes innovative and of course very flexible, it is also more complicated than I would like and so I am not a user. The primary reason is because of its strategy to locate parts of the bootloader on the media in a way that can vary from one installation to another. The alternative, "standard" approach being to locate all parts of the bootloader in some pre-defined area, usually near the start of the "disk".<p>The Grub approach obviously has its justifications and advantages. Maybe some see the Grub approach as an advantage because e.g. if one accidentally loses access to an area near the start of the media where most bootloaders historically reside, then one can still potentially recover.<p>However, if understanding the boot process is a goal, I see the Grub approach as a disadvantage. It makes locating and verifying the bootloader more complex when it is fragmented into parts that are potentially scattered around the media instead of located in a pre-defined area near the start of the disk. If one makes changes such as the formatting or partitioning of the disk, are all the fragments from a prior Grub install accounted for? I would prefer not to have to consider that question. Whereas I know how to completely remove/reinstall the bootloader if I always know where it will be located.<p>If the goal is to understand the bootloader one is using on a lower level than simply using it, e.g., verifying it is there on the media, I think there are more simple alternatives than Grub.<p>Alas, last time I checked the Linux kernel is still not compliant with the "Multiboot Specification". This is unfortunate for me because the non-Grub alternative I prefer supports it and it really works well for multibooting. I would love to use it to try booting a Linux kernel. I suspect there is probably a workaround but making the easy choice to use Grub probably obstructs people from experimenting with alternatives.<p>While experimenting years ago, if I remember correctly, I booted a NetBSD kernel using the FreeBSD bootloader (the part written in Forth). I seem to remember this was possible because of compliance with the Multiboot Specification.<p>"One bootloader, many kernels." (Without chainloading.)
The one I'm using at the moment: <a href="https://www.rodsbooks.com/efi-bootloaders/index.html" rel="nofollow">https://www.rodsbooks.com/efi-bootloaders/index.html</a><p>It is still maintained and updated. It covers most not loaders out there in context of Linux. It is also very practical.
This is what first got me started, and I highly recommend it:<p><a href="http://www.brokenthorn.com/Resources/OSDevIndex.html" rel="nofollow">http://www.brokenthorn.com/Resources/OSDevIndex.html</a>
General purpose understanding probably won't help you with the specific problem you're having. I know quite a bit about the user space foils of your situation with Apple's EFI firmware, the NVRAM boot entries that point to the bootloader, GRUB2, and the peculiarities of Fedora's installer. And there is really nothing standard about it..<p>a. Fedora's installer, only on Macs, creates a 2nd "EFI System partition" that's HFS+ formatted. And that's because Apple's EFI firmware can read HFS+ directly, and it enables showing Fedora as a boot option when you boot with the option key held down. This doesn't happen if the bootloader is on the "real" FAT32 EFI system partition, which hilariously Apple doesn't use for booting either, they only use it for staging firmware updates.<p>Right out of the gate you're in the weeds of super esoteric stuff...<p>b. That you get a GRUB prompt means the firmware found the GRUB EFI OS Loader binary, which is on that HFS+ faux-EFI System partition. In that same directory should be the grub.cfg, which it should read automatically and display a menu of kernels to boot. Therefore, the GRUB prompt also means the OS Loader isn't finding the grub.cfg.<p>So you have something of a mystery on your hands and it'll take an autopsy to find out what's going on. First thing would be to use one of the netinstallers (any Fedora edition netinstall image) put onto a USB stick, boot that with the option key, choose Troubleshooting, then Rescue a Fedora system, wait for boot process, pick the first option to find and assemble the system. And then you'll<p><pre><code> chroot /mnt/sysimage
grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
exit
reboot
</code></pre>
That should work unless there are extenuating circumstances (some other distro's GRUB is somewhere on this system). But I still don't really understand how APFS resize can affect the grub.cfg alone, without nerfing the entire HFS+ faux-ESP as well, in which case you wouldn't have a GRUB prompt.
I spent an unreasonable amount of time working on grub2. The stuff I looked at the most where the uefi spec<p><a href="http://wiki.phoenix.com/wiki/index.php/Category:UEFI" rel="nofollow">http://wiki.phoenix.com/wiki/index.php/Category:UEFI</a><p>And then the uefi stub code in the Linux kernel, as well as the grub2 source code. It’s not too hard to figure out the flow in grub2, just figure out where it does EXIT_BOOT_SERVICES and work from there.
For some reverse engineered versions of the Windows bootloaders: <a href="http://thestarman.pcministry.com/asm/mbr/" rel="nofollow">http://thestarman.pcministry.com/asm/mbr/</a>
You should take a look at U-Boot implementation.<p><a href="https://github.com/u-boot/u-boot" rel="nofollow">https://github.com/u-boot/u-boot</a>
I learned by playing around with the Grub bootloader in Linux VMs launched with Vagrant. I deleted every non-essential line of code in the bootloader config, and then stared at it & the Grub docs until it made sense. My ultimate goal was learning how to turn a Linux container into a bootable VM.
PoC || GTFO has a series of articles about the bootloader and operating systems all written in under 512 bytes. It's quite adorable. I also recommend the website wiki.osdev.org -- it saw me through harsh undocumented times.