Jump to content











Photo
- - - - -

VHD BCD Store Challenge: Chainload Bootmgr

vhd bcd store boomgr win7 boot

  • Please log in to reply
12 replies to this topic

#1 sambul61

sambul61

    Gold Member

  • Advanced user
  • 1568 posts
  •  
    American Samoa

Posted 19 December 2011 - 03:12 PM

Booting OS from a single VHD file offers plenty of advantages in many usage scenarios. Win7 Bootldr supports native OS boot from VHD via a native VHD driver, whether the VHD is fixed, dynamic or differencing, whether contiguous or not. Its a tremendous advantage over current Grub4DOS state, supporting only boot from fixed contiguous VHDs. However, the disclosed so far by MS way to boot OS from VHD requires a supported OS version (Win7 Ultimate / Enterprise & Server 2008R2), while Grub4DOS can boot just about any OS from VHD, when a mapped by Grub4DOS VHD can be hot-swapped by a pre-installed to the OS on VHD 3rd party VHD driver. The boot process follows conditions stored in BCD Store Registry hive.

The challenge is: how to change parameters of Win7 BCD Store installed on a host drive to make Bootmgr on the host chainload Bootmgr on a VHD saved on that host? Or chainload any other bootloader inside that VHD?

That way one would be able to use native Bootmgr support for all VHD types, while also overcoming OS version restrictions, since when OS is booted by a boot device located inside the VHD, it considers that drive to be a Hard Drive, and not a VHD, hence boot restrictions are lifted. :secret:

Of course, a separate challenge would be to teach a 3rd party VHD driver installed to the OS on VHD to hot-swap the virtual drive, mapped by Bootmgr, or to port native VHD drivers to Legacy OSs, but at least all Win7 versions will get supported for native boot that way without any restrictions. Keep in mind so, this is a learning challenge, not intended to bypass any OS licensing terms, but to improve your knowledge and skills in the OS Boot subject. Don't use any such method for daily computing tasks! :)

To help, there are several tools available to manipulate BCD Store content, some more convenient are EasyBCD and Visual BCD Editor. Of course, Virtual Hard Disk Format Specification and BCDEdit Commands for Boot Environment can help, also BCD WMI Provider Reference. Don't forget to also look through Diddy's BCDEdit Notes as well, and use Boot Configuration Data Tutorial if not satisfied. Some extra info is also found in How to edit BCD with Editor forum thread, and plentiful other sources on the web. :pizza:

Posted Image

Posted Image

When playing with VHDs, one can accidentally mount 2 of them with the same OS cloned, thus prompting the system to change Disk Signature on one of the VHDs. EasyBCD can fix that with BCD Deployment feature, once you open a suitable BCD Store in it from any running OS. Another way of Fixing Disk Signature Collisions outcome, blocking OS boot from VHD, would be manually reverting back its original Sig. Keep in mind however, Disk Signature seems to be only verified when chainloading control to a bootloader inside the VHD, i.e. when treating it as a Hard disk rather than Filedisk. :wub:

Good luck with your efforts, and keep members posted on your success. :)

#2 skyide

skyide

    Frequent Member

  • Advanced user
  • 218 posts
  •  
    Australia

Posted 23 July 2012 - 11:03 AM

There is a lot of documentation for this as posted above. If one wants to learn how to edit the BCD store, I encoureage everyone to go through it.

#3 skyide

skyide

    Frequent Member

  • Advanced user
  • 218 posts
  •  
    Australia

Posted 24 July 2012 - 09:43 AM

Good luck with your efforts, and keep members posted on your success.


Since we were asked for it....Here is my success :)

I first used various GUI tools but then I wanted to see if I can replicate the result by using the command line. So here is what I did that worked for me.

Warning, use this at your own risk. It worked for me!

I took an existing BCD store of an existing drive and copied it to my drive referenced by I:

I first copied an existing entry to a new one by:


bcdedit /store I:Bootbcd /copy {default} /d "Windows 7 VHD"


This created a new entry:

The entry was successfully copied to {d5305918-d4b2-11e1-9e71-b0f635adb714}.

Then I set the entry to point to a VHD properly by:


bcdedit /store "I:Bootbcd" /set {d5305918-d4b2-11e1-9e71-b0f635adb714} device vhd=[locate]Win7.vhd

bcdedit /store "I:Bootbcd" /set {d5305918-d4b2-11e1-9e71-b0f635adb714} osdevice vhd=[locate]Win7.vhd


Then I repeated the process by creating another one by frollowing the same steps above. Instead of copy, you can also do: bcdedit /create <My New Entry> but I have not tried it.

To delete an entry:

bcdedit /store I:bootbcd /delete {GUID}

E.g:

bcdedit /store I:bootbcd /delete {95eb4c4c-d4b2-11e1-9e71-b0f635adb714}


To change the display order:

bcdedit /display {GUID_1} {GUID_2} {GUID_3} {GUID_4} etc

If your VHDs reside on a USB disk and you want to put multiple VHDs on the disk, make sure you don't exceed the 128th GB (BIOS limitation for some BIOSes).

#4 solnyshok

solnyshok
  • Members
  • 9 posts
  •  
    Latvia

Posted 05 September 2013 - 10:23 AM

hey, from what I read here, this is not  a solution to the challenge, unless I am terribly mistaken. All I see is the way to add vhd entry to bootmgr. Unfortunately, I do not understand how to boot my vhd (which is Windows Defender Offline x64).

 

I edited bcd on my multi-boot usb to include entry for vhd: \boot\iso\wdo-x64.vhd

then in bootfile: \bootmgr

this fails with x07b error.

 

I understand that instead, one would need to rather  call

\windows\system32\boot\winload.exe

located at

\sources\boot.wim

 

but  how to do it? Is there a command for BootMgr to mount vhd first?



#5 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13745 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 05 September 2013 - 10:43 AM

@solnyshock

Maybe you are trying to do a "different" thing with a "wrong" version. :w00t:

 

As explained to a great extent elsewhere:

http://reboot.pro/to...hd-in-grub4dos/

http://reboot.pro/to...ot-os-from-vhd/

there are two ways to boot "a" Windows 7 based .vhd:

  1. native boot
  2. non-native boot

 

There are no issues whatsoever to boot "native" BUT the version of Windows 7 inside the .vhd must support this.

There are also very little issues (or none) to boot "non-native" through grub4dos mapping + either Firadisk or WinVblock

 

:cheers:

Wonko



#6 solnyshok

solnyshok
  • Members
  • 9 posts
  •  
    Latvia

Posted 05 September 2013 - 11:18 AM

@Wonko, I understand that. However, those methods deal with installed Windows. Windows Defender Offline is like Windows installation Disk, there is no Windows\system\ folder in it.



#7 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13745 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 05 September 2013 - 12:09 PM

@Wonko, I understand that. However, those methods deal with installed Windows. Windows Defender Offline is like Windows installation Disk, there is no Windows\system\ folder in it.

As a matter of fact - from what I get - the thingy you want to boot is a PE (I believe 3.x) - which is similar to an "installation disk" that will work alright through grub4dos mapping.

The version that I remember having seen came as a "plain" .iso:
http://reboot.pro/to...ine-with-xboot/
 

I mean is your "final goal" (or "current issue"):
1. How to boot a Windows Defender Offline (from "unmodified" media) stored on "multiboot USB"?
OR:

2. How to boot a Windows Defender Offline through a specific approach that I think fit for the scope?

First question surely has valid answer(s), second one may or may not have them, and there is the concrete risk of slipping on a chocolate covered banana :ph34r: , JFYI:
http://homepage.ntlw...red-banana.html
 
 Now, why don't you start a new thread, so that we can solve the issue without posting here (which is unrelated)?

:cheers:
Wonko

#8 solnyshok

solnyshok
  • Members
  • 9 posts
  •  
    Latvia

Posted 05 September 2013 - 12:26 PM

I am trying to boot vhd natively, so that Windows Defender could save updated virus definitions on this disk. I really need to chainload bootmgr within VHD and I can hardly think of more relevant thread than this. 

 

I am aware of alternative approaches. Loading as iso into RAM would prevent saving of virus updates. I also can create additional NTFS partition with WDO files and boot it.



#9 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13745 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 05 September 2013 - 12:55 PM

I am trying to boot vhd natively, so that Windows Defender could save updated virus definitions on this disk. I really need to chainload bootmgr within VHD and I can hardly think of more relevant thread than this.

You don't pay a fee for starting a new thread on the board :).
A new thread titled "How to boot Windows Defender from VHD" would seem to me more "focused".
Of course you are perfectly free to continue hijacking the present thread ;).

I am aware of alternative approaches. Loading as iso into RAM would prevent saving of virus updates. I also can create additional NTFS partition with WDO files and boot it.

IMHO, you first need to "convert" the .iso to .vhd, then you will need to try "native booting" as in here:
http://technet.micro...9(v=ws.10).aspx
or non-native booting (see the previously given links).
Both "native" and "non-native" boots allow to update definitions (or more loosely the contents of the disk image) AFAIK.

:cheers:
Wonko
  • JonnyHotkeys likes this

#10 komitaltrade

komitaltrade

    Newbie

  • Members
  • 15 posts
  •  
    Ecuador

Posted 28 September 2013 - 04:05 PM

Can somebody  help,

 

Im not expert for BCD but as I see after many experiments, it is impossible to chain and branch vhd files without at least one hard installed windows (what is out of question in my case).

 

In other words, it is impossible to add win 8 vhd to win 7 vhd bcd store (regards signature) if pc dont have any windows installed (need "fix" bootmgr for signatures).

 

As I use rEFInd (as Ubuntu is main distro on PC) for my pc, I cant add more than one BCD store (Microsoft folder) to rEFInd menu. It not help to rename folders neither (probably regards path issue).

 

So, question is exact topic title

Chainload Bootmgr (BCD stores)

Grub4DOS is out of question as it mess partitions.

 

I saw one idea regards using virtualbox to execute vhd files with GRUB2, but it also not fit to goal.

 

Any idea how to manage it?



#11 halikus

halikus

    Frequent Member

  • Advanced user
  • 110 posts
  •  
    Canada

Posted 09 February 2014 - 11:20 PM

For booting a vhd off of a usb\dvd.

set BCDEDIT=c:\windows\system32\BCDEDIT.exe
set STORE=/store %~dp0bcd



echo VHDDVD
for /f "tokens=3" %%A in ('%BCDEDIT% %STORE% /create /application osloader') do set guid=%%A
%BCDEDIT% %STORE% /set %guid% device vhd=[locate]\sources\W8x86Ent.vhd
%BCDEDIT% %STORE% /set %guid% path \Windows\system32\winload.exe
%BCDEDIT% %STORE% /set %guid% osdevice vhd=[locate]\sources\W8x86Ent.vhd
rem %BCDEDIT% %STORE% /set %guid% detecthal Yes
%BCDEDIT% %STORE% /set %guid% systemroot \Windows
%BCDEDIT% %STORE% /set %guid% description "VHD ([boot]\sources\W8x86Ent.vhd)"
%BCDEDIT% %STORE% /displayorder %guid% /addlast


#12 JonnyHotkeys

JonnyHotkeys

    Newbie

  • Members
  • 10 posts
  •  
    United Kingdom

Posted 13 February 2014 - 01:30 AM

After MONTHS of struggling, I've got my Original Win 7 VHD bootable again!
 
Only yesterday I discovered the amazing EasyBCD (free for the community), which even lets you add BCDs for IMG/ISO images to boot!!! (No more disk burning/hunting :):) :)
 
Only now do I think I understand some of the 'chainload challenge' (catchy:) 
 
My question
 
How do I configure Windows Defender Offline to
 
1) boot (like it does, from the BCD pointing to IMG @ root), and then
2) "load 'the OS' " (another VHD), and then
3) scan?!
 

(currently 1 and 3 are being attempted, failing as bootmgr etc are invisible, in unmounted VHD...)
 
My (current) BCD (courtesy of EasyBCD, current OS emboldened...sorry about formatting)
 
Windows Boot Manager
--------------------
identifier              {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device                  partition=D:
description         Windows Boot Manager
locale                  en-us
inherit                  {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
...

 

Windows Boot Loader
-------------------
identifier              {e24da388-9345-11e3-8e4e-a720d3f6fef9}
device                  vhd=[D:]\VHD\Win7 30GB.vhd,locate=custom:12000002
path                    \windows\system32\winload.exe
description             Windows 7
locale                  en-us
inherit                  {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice             vhd=[D:]\VHD\Win7 30GB.vhd,locate=custom:22000002
systemroot          \windows
resumeobject    {e24da387-9345-11e3-8e4e-a720d3f6fef9}
nx                          OptIn
detecthal             Yes
 
Windows Boot Loader
-------------------
identifier              {e24da38a-9345-11e3-8e4e-a720d3f6fef9}
device                  vhd=[D:]\vhd2\win7u.vhd,locate=custom:12000002
path                    \windows\system32\winload.exe
description             Windows 7 Ultimate (x64) FULL
locale                  en-US
inherit                 {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice                vhd=[D:]\vhd2\win7u.vhd,locate=custom:22000002
systemroot              \windows
resumeobject            {e24da387-9345-11e3-8e4e-a720d3f6fef9}
nx                      OptIn
pae                     Default
detecthal               Yes
sos                     No
debug                   No

 
Windows Boot Loader
-------------------
identifier              {e24da389-9345-11e3-8e4e-a720d3f6fef9}
device                  vhd=[D:]\vhd\w7.vhd,locate=custom:12000002
path                    \windows\system32\winload.exe
description             Windows 7 (NEW)
locale                  en-us
inherit                 {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice                vhd=[D:]\vhd\w7.vhd,locate=custom:22000002
systemroot              \windows
resumeobject            {e24da387-9345-11e3-8e4e-a720d3f6fef9}
nx                      OptIn
detecthal               Yes
 
 
 
(This question may be better fielded under a new thread (how to easybcd 'windows defender offline' scan a native VHD, but I thought I'd ask here, and also if this is 'the chainstore challenge')
 
(This question is also potentially more universal, ie 'how to run a "scan from boot" anti-malware/rootkit etc check, when you boot, natively, from virtual volumes)
 
Thanks in advance
 
(my current diskmgmt overview: http://i.imgur.com/QBpV6r9.png)
 
(D: contains vhd's, and is currently the only partition on the only internal (+physical+) volume)
(C: is recovered {bootable again :} original [v]OS {Windows 7 Ultimate x64}, currently @ d:\vhd2\win7u.vhd)
 
EasyBCD doesn't seem to report the (img) entry, even in the detailed summary


Edited by JonnyHotkeys, 13 February 2014 - 01:31 AM.


#13 JonnyHotkeys

JonnyHotkeys

    Newbie

  • Members
  • 10 posts
  •  
    United Kingdom

Posted 13 February 2014 - 06:14 PM

Apparently not

 

Hi Dave!

 
Just found your article (I've just discovered MS Defender Offline, and created a boot entry, but my OS is in a native VHD)
 
Do you know if you can use Defender (Offline) with native VHDs?
 

 

 

 

 
I do not think so, Jonny.  The Defender Offline is really loaded into a RAM disk like Windows PE, so the hard rive is exposed to it without an operating system loaded from it.  In other words, it is very much like loading itself as another native vhd.  In this aspect, the not currently booted native vhd would just be a file on the exposed hard drive.
 
Dave

Regards,

 Dave

David M. Franklyn

Microsoft MVP, Windows Expert - IT Pro

Microsoft Certified Trainer Regional Lead, Eastern USA

MCDST, MCTS12, MCSA², MCDBA, MCSE³ + Security, MCITP7,

Microsoft Small Business Specialist, Network+, Security+, Server+

 

 







Also tagged with one or more of these keywords: vhd, bcd store, boomgr, win7, boot

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users