Arch boot process

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

In order to boot Arch Linux, a Linux-capable boot loader must be set up. The boot loader is responsible for loading the kernel and initial ramdisk before initiating the boot process. The procedure is quite different for BIOS and UEFI systems. A detailed description is given on this or linked pages.

Firmware types

The firmware is the very first program that is executed once the system is switched on.

Tip: The words BIOS and (U)EFI are often used instead of firmware

BIOS

A BIOS or Basic Input-Output System is in most cases stored in a flash memory in the motherboard itself and independent of the system storage. Originally created for the IBM PC to handle hardware initialization and the boot process, it has been replaced progressively since 2010 by the UEFI which does not suffer from the same technical limitations.

UEFI

The Unified Extensible Firmware Interface has support for reading both the partition table as well as file systems. UEFI does not launch any boot code from the Master Boot Record (MBR) whether it exists or not, instead booting relies on boot entries in the NVRAM.

The UEFI specification mandates support for the FAT12, FAT16, and FAT32 file systems (see UEFI specification version 2.9, section 13.3.1.1), but any conformant vendor can optionally add support for additional filesystems; for example, HFS+ or APFS in some Apple's firmwares. UEFI implementations also support ISO-9660 for optical discs.

UEFI launches EFI applications, e.g. boot loaders, boot managers, UEFI shell, etc. These applications are usually stored as files in the EFI system partition. Each vendor can store its files in the EFI system partition under the /EFI/vendor_name folder. The applications can be launched by adding a boot entry to the NVRAM or from the UEFI shell.

The UEFI specification has support for legacy BIOS booting with its Compatibility Support Module (CSM). If CSM is enabled in the UEFI, the UEFI will generate CSM boot entries for all drives. If a CSM boot entry is chosen to be booted from, the UEFI's CSM will attempt to boot from the drive's MBR bootstrap code.

Note: Intel is phasing out support for CSM, relying on the feature may not be feasible in the future.[1]

System initialization

Under BIOS

System switched on, the power-on self-test (POST) is executed.
After POST, BIOS initializes the hardware required for booting (disk, keyboard controllers etc.).
BIOS launches the first 440 bytes (the Master Boot Record bootstrap code area) of the first disk in the BIOS disk order.
The boot loader's first stage in the MBR boot code then launches its second stage code (if any) from either:
- next disk sectors after the MBR, i.e. the so called post-MBR gap (only on a MBR partition table).
- a partition's or a partitionless disk's volume boot record (VBR).
- the BIOS boot partition (GRUB on BIOS/GPT only).
The actual boot loader is launched.
The boot loader then loads an operating system by either chain-loading or directly loading the operating system kernel.

Under UEFI

System switched on, the power-on self-test (POST) is executed.
After POST, UEFI initializes the hardware required for booting (disk, keyboard controllers etc.).
Firmware reads the boot entries in the NVRAM to determine which EFI application to launch and from where (e.g. from which disk and partition).
- A boot entry could simply be a disk. In this case the firmware looks for an EFI system partition on that disk and tries to find an EFI application in the fallback boot path \EFI\BOOT\BOOTx64.EFI (BOOTIA32.EFI on systems with a IA32 (32-bit) UEFI). This is how UEFI bootable removable media work.
Firmware launches the EFI application.
- This could be a boot loader or the Arch kernel itself using EFISTUB.
- It could be some other EFI application such as the UEFI shell or a boot manager like systemd-boot or rEFInd.

If Secure Boot is enabled, the boot process will verify authenticity of the EFI binary by signature.

Note: Some UEFI systems can only boot from the fallback boot path.

Multibooting in UEFI

Since each OS or vendor can maintain its own files within the EFI system partition without affecting the other, multi-booting using UEFI is just a matter of launching a different EFI application corresponding to the particular operating system's boot loader. This removes the need for relying on the chain loading mechanisms of one boot loader to load another OS.

Boot loader

A boot loader is a piece of software started by the firmware (BIOS or UEFI). It is responsible for loading the kernel with the wanted kernel parameters, and initial RAM disk based on configuration files. In the case of UEFI, the kernel itself can be directly launched by the UEFI using the EFI boot stub. A separate boot loader or boot manager can still be used for the purpose of editing kernel parameters before booting.

Warning: A boot loader must be able to access the kernel and initramfs image(s), otherwise the system will not boot. Thus, in a typical setup, it must support accessing /boot. That means it must have support for everything starting from the block devices, stacked block devices (LVM, RAID, dm-crypt, LUKS, etc) and ending with the file system on which the kernel(s) and initramfs image(s) reside.

Note: Loading Microcode updates requires adjustments in boot loader configuration. [2]

Feature comparison

Note:

As GPT is part of the UEFI specification, all UEFI boot loaders support GPT disks. GPT on BIOS systems is possible, using either "hybrid booting" with Hybrid MBR, or the new GPT-only protocol. This protocol may however cause issues with certain BIOS implementations; see rodsbooks for details.
Encryption mentioned in file system support is filesystem-level encryption, it has no bearing on block-level encryption.

Name	Firmware		Partition table		Multi-boot	File systems					Notes
Name	BIOS	UEFI	MBR	GPT	Multi-boot	Btrfs	ext4	ReiserFS	VFAT	XFS	Notes
EFISTUB	–	Yes	Yes	Yes	–	–	–	–	Inherited from firmware¹	–	Kernel turned into EFI executable to be loaded directly from UEFI firmware or another boot loader.
Unified kernel image	–	Yes	Yes	Yes	–	–	–	–	Inherited from firmware¹	–	systemd-stub(7), a kernel, initramfs and kernel command line packed into EFI executable to be loaded directly from UEFI firmware or another boot loader.
Clover	Emulates UEFI	Yes	Yes	Yes	Yes²	No	Without encryption	No	Inherited from firmware¹	No	Fork of rEFIt modified to run macOS on non-Apple hardware.
GRUB	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	On BIOS/GPT configuration requires a BIOS boot partition. Supports RAID, LUKS1 and LVM (but not thin provisioned volumes).
Limine	Yes	Yes	Yes	Yes	Yes	No	Without encryption	No	Yes	No
rEFInd	No	Yes	Yes	Yes	Yes²	Without encryption	Without encryption	Without tail-packing feature	Inherited from firmware¹	No	Supports auto-detecting kernels and parameters without explicit configuration, and supports fastboot [3].
Syslinux	Yes	Partial	Yes	Yes	Partial	Without: multi-device volumes, compression, encryption	Without encryption	No	Yes	MBR only; without sparse inodes	No support for certain file system features.[4] Does not have file system drivers[5], can only access the file system it was installed to.
systemd-boot	No	Yes	Manual install only	Yes	Yes²	No	No	No	Inherited from firmware¹	No	Cannot launch binaries from partitions other than the ESP or the Extended Boot Loader Partition (XBOOTLDR partition).
GRUB Legacy	Yes	No	Yes	No	Yes	No	No	Yes	Yes	XFS v4 only	Discontinued in favor of GRUB.
LILO	Yes	No	Yes	No	Yes	No	Without encryption	Yes	Yes	Yes	Discontinued due to limitations (e.g. with Btrfs, GPT, RAID).

File system support is inherited from the firmware. The UEFI specification mandates support for the FAT12, FAT16 and FAT32 file systems[6], but vendors can optionally add support for additional file systems; for example, the firmware in Apple Macs supports the HFS+ file system. If the firmware provides an interface for loading UEFI drivers on startup, then support for additional file systems can be added by loading (independently acquired) file system drivers.
A boot manager. It can only launch other EFI applications, for example, Linux kernel images built with CONFIG_EFI_STUB=y and Windows bootmgfw.efi.

Kernel

The kernel is the core of an operating system. It functions on a low level (kernelspace) interacting between the hardware of the machine and the programs which use the hardware to run. The kernel temporarily stops programs to run other programs in the meantime, which is known as preemption. This creates the illusion of many tasks being executed simultaneously, even on single-core CPUs. The kernel uses the CPU scheduler to decide which program takes priority at any given moment.

initramfs

After the boot loader loads the kernel and possible initramfs files and executes the kernel, the kernel unpacks the initramfs (initial RAM filesystem) archives into the (then empty) rootfs (initial root filesystem, specifically a ramfs or tmpfs). The first extracted initramfs is the one embedded in the kernel binary during the kernel build, then possible external initramfs files are extracted. Thus files in the external initramfs overwrite files with the same name in the embedded initramfs. The kernel then executes /init (in the rootfs) as the first process. The early userspace starts.

Arch Linux official kernels use an empty archive for the builtin initramfs (which is the default when building Linux). External initramfs images can be generated with mkinitcpio, dracut or booster.

The purpose of the initramfs is to bootstrap the system to the point where it can access the root filesystem (see FHS for details). This means that any modules that are required for devices like IDE, SCSI, SATA, USB/FW (if booting from an external drive) must be loadable from the initramfs if not built into the kernel; once the proper modules are loaded (either explicitly via a program or script, or implicitly via udev), the boot process continues. For this reason, the initramfs only needs to contain the modules necessary to access the root filesystem; it does not need to contain every module one would ever want to use. The majority of modules will be loaded later on by udev, during the init process.

init process

At the final stage of early userspace, the real root is mounted, and then replaces the initial root filesystem. /sbin/init is executed, replacing the /init process. Arch uses systemd as the default init.

getty

init calls getty once for each virtual terminal (typically six of them), which initializes each tty and asks for a username and password. Once the username and password are provided, getty checks them against /etc/passwd and /etc/shadow, then calls login. Alternatively, getty may start a display manager if one is present on the system.

Display manager

A display manager can be configured to replace the getty login prompt on a tty.

In order to automatically initialize a display manager after booting, it is necessary to manually enable the service unit through systemd. For more information on enabling and starting service units, see systemd#Using units.

Login

The login program begins a session for the user by setting environment variables and starting the user's shell, based on /etc/passwd.

The login program displays the contents of /etc/motd (message of the day) after a successful login, just before it executes the login shell. It is a good place to display your Terms of Service to remind users of your local policies or anything you wish to tell them.

Shell

Once the user's shell is started, it will typically run a runtime configuration file, such as bashrc, before presenting a prompt to the user. If the account is configured to Start X at login, the runtime configuration file will call startx or xinit.

GUI, xinit or wayland

xinit runs the user's xinitrc runtime configuration file, which normally starts a window manager. When the user is finished and exits the window manager, xinit, startx, the shell, and login will terminate in that order, returning to getty.