Jump to content











Photo

UEFI ESP Write Protected

esp efi uefi boot windows winpe

  • Please log in to reply
7 replies to this topic

#1 amitr0

amitr0

    Newbie

  • Members
  • 16 posts
  •  
    India

Posted 02 February 2012 - 08:40 AM

Experts,

I am working on a recovery product, where, at times, we need to completely over write the ESP partition with a valid BCD. My observations are, that when we are booted up from WinPE, and we try to do this, we get Write errors on the sectors owned by the ESP/BCD. Is there a way to bypass this write protection and go ahead?

Scenario in detail:
1. User boots up from WinPe
2. User uses our product to select and 'restore/overwrite' ESP with his own backed up ESP partition (with a valid BCD)
3. Our app opens the \\.\PhysicalDriveX with read/write options (please note, CreateFile suceeds, so it is not a permission issue opening this device)
4. We get a legit handle.
5. we use WriteFile to copy the new BCD sector by sector to the correct locations on this device, here is where we get an error, disk is write protected (or sometimes some thing else), but indicating that those sectors are blocked by some entity.


Please note, I have tried creating a blank ESP partition with (diskpart create partition EFI size=100) and over write of that works fine, this indicated *only* when there is a valid BCD, the write fails.

Can one of you suggest a work around. Please note, we need this solution for Wndows PE environment.

Thanks

amitr0

#2 Tripredacus

Tripredacus

    Frequent Member

  • Expert
  • 234 posts
  • Interests:K-Mart-ian Legend
  •  
    United States

Posted 02 February 2012 - 04:46 PM

WinPE cannot write to the bootsector of a UEFI enabled volume if said WinPE is booted in BIOS mode. The WinPE required itself to be booted with UEFI as well. Currently the only supported methods (due to hardware limitations) to get a WinPE to do a UEFI boot is via ODD or UFD. Potentially it is possible to do a UEFI boot from a recovery partition, but is definately not possible via PXE.

#3 amitr0

amitr0

    Newbie

  • Members
  • 16 posts
  •  
    India

Posted 03 February 2012 - 05:05 AM

WinPE cannot write to the bootsector of a UEFI enabled volume if said WinPE is booted in BIOS mode.


Let me see, if I got this right....so you mean to say that currently (win 7 and win 8 winPE) will boot only in BIOS mode, even if the machine is UEFI? How is that possible, unless there are pseudo BIOS paths (like int13h handlers etc) emulated by the UEFI implementation? Becaue in my case, the WinPE is booted up from UEFI mode, and I was assuming that it will be booted as an EFI aware OS. Is that assumption incorrect?

The WinPE required itself to be booted with UEFI as well. Currently the only supported methods (due to hardware limitations)

What are those limitations, can you please elaborate. I am still trying to learn here, I apologize for my lack of knowledge.

to get a WinPE to do a UEFI boot is via ODD or UFD. Potentially it is possible to do a UEFI boot from a recovery partition, but is definately not possible via PXE.

Is UFD = USB Flash Drive? and ODD = Optical Disk Drive? If so, I am booting this from a CD/DVD, the image for the application is burnt in a DVD, this is because we perform bare metal recovery and may need to restore boot volumes, which is not possible when they are mounted, hence we boot into winpe (through DVD) and then perform recovery.

So what am I missing here?

#4 Tripredacus

Tripredacus

    Frequent Member

  • Expert
  • 234 posts
  • Interests:K-Mart-ian Legend
  •  
    United States

Posted 03 February 2012 - 05:35 PM

Let me see, if I got this right....so you mean to say that currently (win 7 and win 8 winPE) will boot only in BIOS mode?


Nope that's not what I mean. You can definately boot WinPE as UEFI if you want.

What are those limitations, can you please elaborate. I am still trying to learn here, I apologize for my lack of knowledge.

The hardware limitation for PXE is due to the fact that no currently available boot ROMs properly use UEFI for network boot. The option is flat-out not available on any current Intel boards, however Intel says this feature will be available in the next chipset. Of course that could change. If you know one, I would be glad to test it out.

Is UFD = USB Flash Drive? and ODD = Optical Disk Drive? If so, I am booting this from a CD/DVD, the image for the application is burnt in a DVD, this is because we perform bare metal recovery and may need to restore boot volumes, which is not possible when they are mounted, hence we boot into winpe (through DVD) and then perform recovery.


Make sure you are using a UEFI boot for the DVD drive. On any board I have seen (not just intel) that supports a UEFI boot will have duplicate entries in their boot menus to allow you to choose either the normal (BIOS based) or UEFI based boot option for that device. A DVD that does a UEFI boot is capable of using BCDBOOT to write the Boot sector to a GPT volume, but if the DVD does a BIOS boot, it will return the write-protected or access denied message.

Basically, both volumes (the WinPE boot volume and the deployed OS volume) have to be using the same type in order to work.

BIOS booted WinPE can write to standard (IDK what this name is?) volumes bootsector
UEFI booted WinPE can write to standard volumes or GPT volumes bootsector

I have only gotten UEFI DVD implementation to work, I never figured out how to boot a USB key on UEFI. But as far as my implementation goes, there isn't any point to continue my work on it until UEFI PXE boot becomes available.

#5 amitr0

amitr0

    Newbie

  • Members
  • 16 posts
  •  
    India

Posted 03 February 2012 - 06:40 PM

Make sure you are using a UEFI boot for the DVD drive. On any board I have seen (not just intel) that supports a UEFI boot will have duplicate entries in their boot menus to allow you to choose either the normal (BIOS based) or UEFI based boot option for that device.


hmmm, you are right, I will try to edit the boot catalog to *remove* bios boot and recreate an ISO so that boot fails if there is no BIOS handlers. So, is there an easier way to verify this, or is my method I just told the only fool proof way?

A DVD that does a UEFI boot is capable of using BCDBOOT to write the Boot sector to a GPT volume, but if the DVD does a BIOS boot, it will return the write-protected or access denied message.

Ok, seems like a good test to determine boot mode. I will try and post my observations.

Basically, both volumes (the WinPE boot volume and the deployed OS volume) have to be using the same type in order to work.


Thanks for the valuable hints!

#6 Tripredacus

Tripredacus

    Frequent Member

  • Expert
  • 234 posts
  • Interests:K-Mart-ian Legend
  •  
    United States

Posted 03 February 2012 - 06:49 PM

hmmm, you are right, I will try to edit the boot catalog to *remove* bios boot and recreate an ISO so that boot fails if there is no BIOS handlers. So, is there an easier way to verify this, or is my method I just told the only fool proof way?


I'm not sure but I don't know what hardware you are using. I did my testing on an Intel 67 board. If you enable UEFI /boot in the BIOS and then use F10 to get to the boot menu, any UEFI enabled boot volumes/devices will have an additional UEFI: prefix before the hardware name.

#7 amitr0

amitr0

    Newbie

  • Members
  • 16 posts
  •  
    India

Posted 03 February 2012 - 06:57 PM

I'm not sure but I don't know what hardware you are using. I did my testing on an Intel 67 board. If you enable UEFI /boot in the BIOS and then use F10 to get to the boot menu, any UEFI enabled boot volumes/devices will have an additional UEFI: prefix before the hardware name.


this is on vmware esx5, i do have physical platfroms like the dell T110, but wanted to test on a vm first since they are easiler to revert to a snapshot point.

#8 amitr0

amitr0

    Newbie

  • Members
  • 16 posts
  •  
    India

Posted 08 February 2012 - 11:32 AM

Does any one know of a good tool (windows based) to edit boot catalogs for CD/DVD....?





Also tagged with one or more of these keywords: esp, efi, uefi, boot, windows, winpe

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users