Loading presentation...
Prezi is an interactive zooming presentation

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

To loot you first need to boot

No description
by

john doe

on 26 March 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of To loot you first need to boot

bzImage
wait, what?
To loot, you first need to boot
proot
The case of piggy.o
Way back in 2.5.64
`dd if=bzImage of=/dev/sda`
Relocate itself at 0x90000
Load setup.o at 0x90200
Load system at 0x100000
Check memory layout
Setup idt/gdt
Switch to protected mode
Jump at 0x100000
Decompress the kernel in-place
Re-jump at 0x100000 into startup_32
setup.o
{head,misc}.o
bootsect.o
_start()
setup_sects
start_of_setup()
startup_32()
decompress_kernel()
As of 3.2.55
setup_sects
start_of_setup()
main()
setup_video()
startup_32()
dummy bootsect.S
setup.S moved to main.c
creation of header.S
decompress_kernel()
linux!
Booting like normal people
Load real-mode code at an offset in low-memory (below 1Mo)
Load command-line right behind the real-mode code
Load the vmlinux.bin.gz file above 0x100000
Jump over the dummy MBR into _start()
Jump directly into start_of_setup(), which calls main
Legacy Boot: Conclusion
UEFI: Introduction
EFI by Intel in 2001 for IA64
Goals: get rid of 16 to 32 to 64 bits booting, provide user-friendly API, unify boot procedure
UEFI in 2005 by major actors: Intel, AMD, Dell, Apple, IBM, Microsoft, Phoenix...
Basic concepts
Three types of application:

Simple app (type=10)
Boot Services (type=11)
Runtime Services (type=12)

Services implement protocols (drivers) and handles (devices)

Apps stored on EFI fat32 partition of type 0xEF
Boot manager using NvRAM:

Boot order defaults to:

Try to boot on floppy
Try to boot on hard drive
Try to boot on NIC0
Run a shell application

Editable via `efibootmgr` and efivars or efivarfs modules


How do I do?
Encapsulated in Portable Executable file (PE)
Easy development possible thanks to gnu-efi

Sample application:
EFI_STATUS efi_main(EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *systab)
{
SIMPLE_TEXT_OUTPUT_INTERFACE *conout;

InitializeLib(image_handle, systab);
conout = systab->ConOut;

uefi_call_wrapper(conout->OutputString, 2, conout, (CHAR16 *)L"Hello World!\n\r");
}
The UEFI boot stub
Booting for men, by men
echo "CONFIG_EFI_STUB=y" >> .config
make -j8
mv arch/x86/boot/bzImage /boot/efi/EFI/bzImage.efi
cp /boot/initramfs-linux.img /boot/efi/EFI/initramfs.img
reboot
bzImage.efi root=/dev/sda2 initrd=EFI\initramfs.img
Since linux 3.3
gnu-efi is for noobs
hand-made PE headers
Full transcript