bashas a shell
Operating system is the main software running on a computer, managing hardware:
Besides these tasks a full-fledged operating system
Process is the name used for a running program together with all its associated resources (mapped memory pages, opened files, network connections).
Virtual processor – every process (unless uses some special functionality) can think that it runs on the processor on its own. If the OS decides that the current process used too much time it is paused and later resumed as if nothing happened.
Virtual memory – every process starts with memory looking exactly the same. OS cares that while the process is running logical addresses (used by the process) are translated into physical addresses (used by the hardware). Besides the obvious simplifications for the programmer, this adds security (its impossible/difficult to access memory of another process) and allows the OS to pretendit has more memory than physically available (through paging and swap).
The main part of the OS is called the kernel – it’s a privileged process running as long as the computer is working, usually in the lowest security mode – kernel has unrestricted access to memory, hardware etc.
If most device drivers, services implementing filesystems etc. run in common memory, then we call such a kernel monolithic (e.g., Linux, Windows 9x). This is conceptually simple and gives more performance, yet one bug in a not so important service may bring the whole system down.
If the kernel contains only the core functionality (pausing and resuming processes, virtual memory) and the rest of system services runs as processes with their own memory, we call it a microkernel. (e.g., GNU Mach, GNU Hurd). This adds security but lessens performance.
Some operating systems try to mix both approaches – these are called hybrid kernels (e.g. Windows NT, macOS, iOS).
Some people believe these are really just monolithic kernels with good PR.
BIOS is the old standard by which the system may communicate with firmware. Communication was really used with MS-DOS, BIOS is not used during normal computer operation today, just at the very start.
0xAA55means this drive is bootable)
Stage 1 runs under a heavily constrained environment (very little memory), so it needs to be simple.
Standard bootloader (used under Windows) looks for a partition (one of the four) that is flagged as active and loads its first sector as the next stage. It does not try to understand the filesystem structure on that partition.
GRUB behaves similarly, but the next stage location is hardcoded in the bootloader at installation (usually it is just the next sector). The partition table is not consulted at this point, that is the task of the second stage.
This stage is usually the last before loading an OS. The environment it runs in allows for more complex program, so it is usually configurable and it understands the structure of filesystems, i.e., you can use usual filenames with paths, not only sector numbers.
This mechanism is complicated but flexible. To run a bootloader you only load it into memory and perform a JMP instruction. It allows for one bootloader (say GRUB) to easily load another bootloader (say Windows Boot Manager from Win 10). This is called chainloading.
UEFI is a new interface by which computer firmware and operating system communicate. It was created around 2005 by Intel first for Itanium, later ported to x86. This allowed to cut most of the historical baggage that was necessary to be carried in BIOS. In particular the new partition table – GPT – lifts the 2 TiB limit.
UEFI allows to have Secure Boot, i.e., to force a cryptographic signature on loaded EFI programs. This makes some attacks impossible (i.e., run a kernel modified with a rootkit), but may make it harder to run a self-compiled kernel.