Reboot

Last updated

In computing, rebooting is the process by which a running computer system is restarted, either intentionally or unintentionally. Reboots can be either a cold reboot (alternatively known as a hard reboot) in which the power to the system is physically turned off and back on again (causing an initial boot of the machine); or a warm reboot (or soft reboot) in which the system restarts while still powered up. The term restart (as a system command) is used to refer to a reboot when the operating system closes all programs and finalizes all pending input and output operations before initiating a soft reboot.

Contents

Terminology

Etymology

Early electronic computers (like the IBM 1401) had no operating system and little internal memory. The input was often a stack of punch cards or via a Switch Register. On systems with cards, the computer was initiated by pressing a start button that performed a single command - "read a card". This first card then instructed the machine to read more cards that eventually loaded a user program. This process was likened to an old saying, "picking yourself up by the bootstraps", referring to a horseman who lifts himself off the ground by pulling on the straps of his boots. This set of initiating punch cards was called "bootstrap cards". Thus a cold start was called booting the computer up. If the computer crashed, it was rebooted. The boot reference carried over to all subsequent types of computers.

Cold versus warm reboot

For IBM PC compatible computers, a cold boot is a boot process in which the computer starts from a powerless state, in which the system performs a complete power-on self-test (POST). [1] [2] [3] [4] Both the operating system and third-party software can initiate a cold boot; the restart command in Windows 9x initiates a cold reboot, unless Shift key is held. [1] :509

A warm boot is initiated by the BIOS, either as a result of the Control-Alt-Delete key combination [1] [2] [3] [4] or directly through BIOS interrupt INT 19h. [5] It may not perform a complete POST - for example, it may skip the memory test - and may not perform a POST at all. [1] [2] [4] Malware may prevent or subvert a warm boot by intercepting the Ctrl + Alt + Delete key combination and prevent it from reaching BIOS. [6] The Windows NT family of operating systems also does the same and reserves the key combination for its own use. [7] [8]

The Linux family of operating systems supports an alternative to warm boot; the Linux kernel has optional support for kexec, a system call which transfers execution to a new kernel and skips hardware or firmware reset. The entire process occurs independently of the system firmware. The kernel being executed does not have to be a Linux kernel.[ citation needed ]

Outside the domain of IBM PC compatible computers, the types of boot may not be as clear. According to Sue Loh of Windows CE Base Team, Windows CE devices support three types of boots: Warm, cold and clean. A warm boot discards program memory. A cold boot additionally discards storage memory (also known as the "object store"), while a clean boot erases all forms of memory storage from the device. However, since these areas do not exist on all Windows CE devices, users are only concerned with two forms of reboot: one that resets the volatile memory and one that wipes the device clean and restores factory settings. For example, for a Windows Mobile 5.0 device, the former is a cold boot and the latter is a clean boot. [9]

Hard reboot

A hard reboot means that the system is not shut down in an orderly manner, skipping file system synchronisation and other activities that would occur on an orderly shutdown. This can be achieved by either applying a reset, by cycling power, by issuing the halt-q command in most Unix-like systems, or by triggering a kernel panic.

Hard reboots are used in the cold boot attack.

Restart

The term "restart" is used by the Microsoft Windows and Linux families of operating systems to denote an operating system-assisted reboot. In a restart, the operating system ensures that all pending I/O operations are gracefully ended before commencing a reboot.

Causes

Deliberate

Redundant power supplies in a computer system reduce the risk of an unexpected loss of power PC-Netzteil (redundant).jpg
Redundant power supplies in a computer system reduce the risk of an unexpected loss of power

Users may deliberately initiate a reboot. Rationale for such action may include:

The means of performing a deliberate reboot also vary and may include:

Power failure

Unexpected loss of power for any reason (including power outage, power supply failure or depletion of battery on a mobile device) forces the system user to perform a cold boot once the power is restored. Some BIOSes have an option to automatically boot the system after a power failure. [14] [15] An uninterruptible power supply (UPS), backup battery or redundant power supply can prevent such circumstances.

Random reboot

"Random reboot" is a non-technical term referring to an unintended (and often undesired) reboot following a system crash, whose root cause may not immediately be evident to the user. Such crashes may occur due to a multitude of software and hardware problems, such as triple faults. They are generally symptomatic of an error in ring 0 that is not trapped by an error handler in an operating system or a hardware-triggered non-maskable interrupt.

Systems may be configured to reboot automatically after a power failure, or a fatal system error or kernel panic. The method by which this is done varies depending on whether the reboot can be handled via software or must be handled at the firmware or hardware level. Operating systems in the Windows NT family (from Windows NT 3.1 through Windows 7) have an option to modify the behavior of the error handler so that a computer immediately restarts rather than displaying a Blue Screen of Death (BSOD) error message. This option is enabled by default in some editions.

Hibernation

The introduction of advanced power management allowed operating systems greater control of hardware power management features. With Advanced Configuration and Power Interface (ACPI), newer operating systems are able to manage different power states and thereby sleep and/or hibernate. While hibernation also involves turning a system off then subsequently back on again, the operating system does not start from scratch, thereby differentiating this process from rebooting.

Simulated reboot

A reboot may be simulated by software running on an operating system. For example: the Sysinternals BlueScreen utility, which is used for pranking; or some modes of the bsod XScreenSaver "hack", for entertainment (albeit possibly concerning at first glance). Malware may also simulate a reboot, and thereby deceive a computer user for some nefarious purpose. [6]

Microsoft App-V sequencing tool captures all the file system operations of an installer in order to create a virtualized software package for users. As part of the sequencing process, it will detect when an installer requires a reboot, interrupt the triggered reboot, and instead simulate the required reboot by restarting services and loading/unloading libraries. [16]

Windows deviations and labeling criticism

Windows 8 & 10 enable (by default) a hibernation-like "Fast Startup" (a.k.a. "Fast Boot") which can cause problems (including confusion) for users accustomed to turning off computers to (cold) reboot them. [17] [18] [19]

See also

Related Research Articles

<span class="mw-page-title-main">BIOS</span> Firmware for hardware initialization and OS runtime services

In computing, BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The BIOS firmware comes pre-installed on an IBM PC or IBM PC compatible's system board and exists in some UEFI-based systems to maintain compatibility with operating systems that do not support UEFI native operation. The name originates from the Basic Input/Output System used in the CP/M operating system in 1975. The BIOS originally proprietary to the IBM PC has been reverse engineered by some companies looking to create compatible systems. The interface of that original system serves as a de facto standard.

<span class="mw-page-title-main">Device driver</span> Computer program that operates or controls a device that is attached to a computer

In computing, a device driver is a computer program that operates or controls a particular type of device that is attached to a computer or automaton. A driver provides a software interface to hardware devices, enabling operating systems and other computer programs to access hardware functions without needing to know precise details about the hardware being used.

<span class="mw-page-title-main">Operating system</span> Software that manages computer hardware resources

An operating system (OS) is system software that manages computer hardware and software resources, and provides common services for computer programs.

<span class="mw-page-title-main">Booting</span> Process of starting a computer

In computing, booting is the process of starting a computer as initiated via hardware such as a button or by a software command. After it is switched on, a computer's central processing unit (CPU) has no software in its main memory, so some process must load software into memory before it can be executed. This may be done by hardware or firmware in the CPU, or by a separate processor in the computer system.

<span class="mw-page-title-main">Kernel panic</span> Fatal error condition associated with Unix-like computer operating systems

A kernel panic is a safety measure taken by an operating system's kernel upon detecting an internal fatal error in which either it is unable to safely recover or continuing to run the system would have a higher risk of major data loss. The term is largely specific to Unix and Unix-like systems. The equivalent on Microsoft Windows operating systems is a stop error, often called a "blue screen of death".

<span class="mw-page-title-main">Live CD</span> Complete, bootable computer installation that runs directly from a CD-ROM

A live CD is a complete bootable computer installation including operating system which runs directly from a CD-ROM or similar storage device into a computer's memory, rather than loading from a hard disk drive. A live CD allows users to run an operating system for any purpose without installing it or making any changes to the computer's configuration. Live CDs can run on a computer without secondary storage, such as a hard disk drive, or with a corrupted hard disk drive or file system, allowing data recovery.

<span class="mw-page-title-main">Watchdog timer</span> Electronic timer used to detect and recover from computer malfunctions

A watchdog timer, sometimes called a computer operating properly timer, is an electronic or software timer that is used to detect and recover from computer malfunctions. Watchdog timers are widely used in computers to facilitate automatic correction of temporary hardware faults, and to prevent errant or malevolent software from disrupting system operation.

<span class="mw-page-title-main">UEFI</span> Operating system and firmware specification

Unified Extensible Firmware Interface is a specification that defines the architecture of the platform firmware used for booting the computer hardware and its interface for interaction with the operating system. Examples of firmware that implement the specification are AMI Aptio, Phoenix SecureCore, TianoCore EDK II, InsydeH2O. UEFI replaces the BIOS which was present in the boot ROM of all personal computers that are IBM PC compatible, although it can provide backwards compatibility with the BIOS using CSM booting. Intel developed the original Extensible Firmware Interface (EFI) specification. Some of the EFI's practices and data formats mirror those of Microsoft Windows. In 2005, UEFI deprecated EFI 1.10.

In Linux systems, initrd is a scheme for loading a temporary root file system into memory, to be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this. Both are commonly used to make preparations before the real root file system can be mounted.

Hibernation in computing is powering down a computer while retaining its state. When hibernation begins, the computer saves the contents of its random access memory (RAM) to a hard disk or other non-volatile storage. When the computer is turned on the RAM is restored and the computer is exactly as it was before entering hibernation. Hibernation was first implemented in 1992 and patented by Compaq Computer Corporation in Houston, Texas. Microsoft's Windows 10 employs a type of hibernation by default when shutting down.

The booting process of Windows NT is the process run to start Windows NT. The process has been changed between releases, with the biggest changes being made with Windows Vista. In versions before Vista, the booting process begins when the BIOS loads the Windows NT bootloader, NTLDR. Starting with Vista, the booting process begins with either the BIOS or UEFI load the Windows Boot Manager, which replaces NTLDR as the bootloader. Next, the bootloader starts the kernel, which starts the session manager, which begins the login process. Once the user is logged in, File Explorer, the graphical user interface used by Windows NT, is started.

A machine check exception (MCE) is a type of computer error that occurs when a problem involving the computer's hardware is detected. With most mass-market personal computers, an MCE indicates faulty or misconfigured hardware.

In a computer or data transmission system, a reset clears any pending errors or events and brings a system to normal condition or an initial state, usually in a controlled manner. It is usually done in response to an error condition when it is impossible or undesirable for a processing activity to proceed and all error recovery mechanisms fail. A computer storage program would normally perform a "reset" if a command times out and error recovery schemes like retry or abort also fail.

The Linux booting process involves multiple stages and is in many ways similar to the BSD and other Unix-style boot processes, from which it derives. Although the Linux booting process depend very much on the computer architecture, those architectures share similar stages and software components, including system startup, bootloader execution, loading and startup of a Linux kernel image, and execution of various startup scripts and daemons. Those are grouped into 4 steps: system startup, bootloader stage, kernel stage, and init process. When a Linux system is powered up or reset, its processor will execute a specific firmware/program for system initialization, such as Power-on self-test, invoking the reset vector to start a program at a known address in flash/ROM, then load the bootloader into RAM for later execution. In personal computer (PC), not only limited to Linux-distro PC, this firmware/program is called BIOS, which is stored in the mainboard. In embedded Linux system, this firmware/program is called boot ROM. After being loaded into RAM, bootloader will execute to load the second-stage bootloader. The second-stage bootloader will load the kernel image into memory, decompress and initialize it then pass control to this kernel image. Second-stage bootloader also performs several operation on the system such as system hardware check, mounting the root device, loading the necessary kernel modules,... Finally, the very first user-space process starts, and other high-level system initializations are performed.

In computer security, a cold boot attack is a type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer's random-access memory (RAM) by performing a hard reset of the target machine. Typically, cold boot attacks are used for retrieving encryption keys from a running operating system for malicious or criminal investigative reasons. The attack relies on the data remanence property of DRAM and SRAM to retrieve memory contents that remain readable in the seconds to minutes following a power switch-off.

<span class="mw-page-title-main">Blue screen of death</span> Error screen displayed after a fatal system error on a computer running Microsoft Windows or ReactOS

The blue screen of death (BSoD), blue screen error, blue screen, fatal error, or bugcheck, and officially known as a stop error, is a critical error screen displayed by the Microsoft Windows and ReactOS operating systems in the event of a fatal system error. It indicates a system crash, in which the operating system has reached a critical condition where it can no longer operate safely.

In computing, a hang or freeze occurs when either a process or system ceases to respond to inputs. A typical example is when computer's graphical user interface no longer responds to the user typing on the keyboard or moving the mouse. The term covers a wide range of behaviors in both clients and servers, and is not limited to graphical user interface issues.

Control-Alt-Delete is a computer keyboard command on IBM PC compatible computers, invoked by pressing the Delete key while holding the Control and Alt keys: Ctrl+Alt+Delete. The function of the key combination differs depending on the context but it generally interrupts or facilitates interrupting a function. For instance, in pre-boot environment or in MS-DOS, Windows 3.0 and earlier versions of Windows or OS/2, the key combination reboots the computer. Starting with Windows 95, the key combination invokes a task manager or security related component that facilitates ending a Windows session or killing a frozen application.

TRESOR is a Linux kernel patch which provides encryption using only the CPU to defend against cold boot attacks on computer systems by performing encryption inside CPU registers rather than random-access memory (RAM). It is one of two proposed solutions for general-purpose computers. The other, called "frozen cache" uses the CPU cache instead. It was developed from its predecessor AESSE, presented at EuroSec 2010 and presented at USENIX Security 2011. The authors state that it allows RAM to be treated as untrusted from a security viewpoint without hindering the system.

A hardware reset or hard reset of a computer system is a hardware operation that re-initializes the core hardware components of the system, thus ending all current software operations in the system. This is typically, but not always, followed by booting of the system into firmware that re-initializes the rest of the system, and restarts the operating system.

References

  1. 1 2 3 4 5 Jones, James G.; Landes, Craig; Tittel, Ed (2002). A+ Exam Cram 2 (Exam Cram 220-221, Exam Cram 220-222). Que Publishing. pp. 379–380, 509. ISBN   9780789728678.
  2. 1 2 3 4 Cooper, Jim (2002). Using MS-DOS 6.22. Que Publishing. pp. 24, 960, 964. ISBN   9780789725738.
  3. 1 2 Tulloch, Mitch; Tulloch, Ingrid (2002). Microsoft Encyclopedia of Networking (2nd ed.). Microsoft Press. p. 172. ISBN   0-7356-1378-8.
  4. 1 2 3 Soper, Mark Edward (2004). Absolute Beginner's Guide to A+ Certification. Que Publishing. p. 188. ISBN   9780789730626.
  5. "Hardware Troubleshooting: Cold Booting Versus Warm Booting". Support. Microsoft. 7 July 2005. Archived from the original on 21 February 2015.
  6. 1 2 Grimes, Roger (1 June 2001). "2". Malicious Mobile Code: Virus Protection for Windows. O'Reilly Media. p. 50. ISBN   9781565926820.
  7. "Using CTRL+ALT+DEL key combination to open Windows Security opens Task Manager". Microsoft Support. Microsoft. 15 January 2006. Retrieved 19 January 2013.
  8. Osterman, Larry (24 January 2005). "Why is Control-Alt-Delete the secure attention sequence (SAS)?". Larry Osterman's WebLog. MSDN Blogs . Retrieved 15 March 2007.
  9. Loh, Sue (22 June 2005). "Boot Persistence Terminology". Windows CE Base Team Blog. Microsoft. Retrieved 3 March 2013.
  10. Debogue, Jean. "Did you reboot". WeDebugYou.
  11. Ken Freeze (28 October 1985), "Jram-3 Rivals Persyst Stretch In RAM Race of Add-On Boards", InfoWorld
  12. Shelly, Gary B.; Vermaat, Misty E. (2012). Enhanced Discovering Computers, Complete: Your Interactive Guide to the Digital World, 2013 Edition. Cengage Learning. p. 400. ISBN   9781133598312.
  13. Gary A. Donahue, Gary A. (2011). Network Warrior (2nd ed.). Sebastopol: O'Reilly Media. p. 698. ISBN   9781449309350.
  14. "AsRock 775i65G User Manual" (PDF). p. 32.
  15. "Supermicro C7Q67 User's Manual" (PDF). p. 69.[ permanent dead link ]
  16. Microsoft App-V 4.6 SP1 Sequencing Guide
  17. Walter Glenn (3 March 2016). "The Pros and Cons of Windows 10's "Fast Startup" Mode". How-To Geek.
  18. Oliver Niehus (14 December 2012). "Windows 8: Fast Boot". MSDN - Oliver's Blog.
  19. "Distinguishing Fast Startup from Wake-from-Hibernation". Microsoft Hardware Dev Center. 15 December 2021.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.