The starting point of the research is that after the CPU receives the ResetVector signal, it starts to execute the first line of code until the computer shuts down/restarts/crashes, which is divided into seven different stages.
1. SEC security stage
Most of the firmware code that started running first was developed in assembly language.
Mainly responsible for four things:
- Handle all restart events of the platform
Send a ResetVector signal to the CPU, that is, reset, which is different from turning off and on again. - Create a temporary memory area
The CPU is initialized, the memory is not initialized, but there is a demand. The C code in the SEC stage requires a stack, which requires memory. When the physical memory is not initialized, the cache will be used temporarily. It is built-in and initialized in the CPU and can serve C code temporarily. - As the root of the entire security execution,
SEC is the starting point of the entire system execution. You may encounter various exceptions, and you need to set the IDT. With the interrupt descriptor table to accept exceptions, the system will not crash when encountering unexpected situations. - Pass exchange information for the next stage PEI
Set the base address and length of the temporary memory for the code in the PEI stage, and pass it to PEI. Also find the entry point of the PEI code, hand over control, and handle temporary memory
2. PEI stage
Early EFI initialization, at a very early stage of the boot process, can only utilize the on-chip resources of the processor.
- Initialize permanent memory
Call the interface provided by SEC to handle as temporary memory cache to ensure security - Hand-Off-Blocks
describes the initialized permanent memory in the form of hand-off blocks. HOB is a block used for exchange, responsible for data transfer between stages. PEI will collect a lot of data required by DXE in the next stage. These data will be packaged as HOB, and then a header will be used to identify the HOB in the memory. The header and HOB form the HOB List. - The location of the firmware volume will also be described by the PEI using the HOB.
- The control is handed over to DXE.
The PEI code is divided into two parts: PEI Foundation and PEIMs, which are the foundation and modules. Foundation is responsible for accepting the exchange data sent by SEC, and plays the role of module distribution. PEIMs are modular PEI functions that have their implementations.
3. Driver execution environment
There is a DXE base, a DXE distributor, and a set of drivers. This stage is mainly to load the basic driver of the hardware, establish the connection between the two, and provide basic support for the higher-level interface. For example, the graphics card driver supports the Print() function.
4. BDS boot device selection
The startup menu is generated at this stage. All devices will be listed. The search principle is to find devices with FAT32 partitions. These will generate UEFI-approved menu items. Older computers also support hard disks with MBR partitions. There are also network adapters, and UEFI firmware can also support booting from a remote system image over the network.
5. TSL pre-system loading stage
It is the main battlefield of OS Loader, and TSL is the preparatory stage before the official operating system is loaded, requiring Loader to find and load the OS.
6.RT(Runtime)
Runtime.
7.AL
The final stage, consisting of resident UEFI drivers. System information during computer shutdown, hibernation, sleep, and restart will be saved at this stage.
Only for note-taking study
reference: https://www.zhihu.com/people/tanyugang.com/zvideos?page=2