Improve documentation on BOOT2

ClementNerma · Oct 6, 2023 · 4376579 · 4376579
1 parent 7bf3faf
commit 4376579
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/docs/specs/boot-process.md b/docs/specs/boot-process.md
@@ -31,10 +31,14 @@ If signatures match, BOOT2 is launched directly.
 
 ## Stage 2: system loader (BOOT2)
 
-This component checks signature for BOOT3. It also provides more advanced troubleshooting thanks to the whole storage being decryptable.
+This component is responsible to user account selection and storage decryption. It is stored in a dedicated partition as the `/sys/boot` file, a header-less raw executable program.
+
+It starts by checking signature of all system files (everything located in `/sys` and `/etc/sys`).
 
 If signatures are not valid, an error message is shown and the booting process is halt. By inputting a specific phrase displayed on the screen, the user can force the boot process, at the expense of security.
 
+BOOT2 also provides more advanced troubleshooting thanks to the whole storage being decryptable.
+
 It then initializes all required drivers, initialize a graphical session, and asks to select a user account. At this point, it also provides more troubleshooting options.
 
 If the provided username and password are valid, it then does the following:
@@ -43,3 +47,7 @@ If the provided username and password are valid, it then does the following:
 * If [per-user encryption](../features/encryption.md#per-user-encryption) is enabled, the user key is decrypted
 
 The user session is then opened by calling the relevant system component.
+
+Note that the BOOT2 partition is read-only except to the [system user](../concepts/users.md#users-type) itself.
+
+It is only updated through the [system update process](update-processes.md#system-updates) and when rollbacked.
diff --git a/docs/specs/filesystem.md b/docs/specs/filesystem.md
@@ -178,7 +178,7 @@ _NOTE:_ `<F>` indicates the item is a file.
 │   └── root                       Soft link to `/`
 ├── sys (4)                        System - immutable outside of installation, repair processes and updates
 │   ├── apps                       System applications
-│   ├── boot                       System's boot program
+│   ├── boot                   (5) System's boot program (BOOT2)
 │   ├── langs                      Translation files
 │   ├── old                        Old versions of the system, used during the repair process (compressed archives)
 │   ├── backup                     Copy of the last system version (compressed archive)
@@ -193,7 +193,8 @@ Links:
 - (1) [UPE requests](../concepts/users.md#user-privileges-elevation-upe)
 - (2) Used for [integrity checking](../specs/boot-process.md)
 - (3) Global storage's [encryption](../features/encryption.md) key
-- (4) Not stored in the main data pratition but in the [BOOT2 partition](#partitions)
+- (4) Not stored in the main data partition but in [BOOT2's partition](#partitions)
+- (5) Raw boot program (without header), represented by [BOOT2](boot-process.md#stage-2-system-loader-boot2)
 
 ### Notes