| Author |
Message |
| < boot Windows into RAM ~ Boot a complete XP in ram from a WIM (diskless) |
|
 Posted:
Sun Nov 08, 2009 4:00 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
Files; http://www.mediafire.com/file/mcz4mdyy3gz/wimboot_unixp_drivers.rar
The drivers capable of performing rambooting are at least 5; ramdisk.sys, firadisk.sys, winvblock.sys, wdsys.sys, wimfsf.sys. They can be separated into 3 different methods of rambooting.
1. Firadisk, WinVBlock and WDSYS(DisklessAngel) are mostly the same and mappes preformatted disk/partition images to ram using Grub4Dos or memdisk. Actually, the mapping to memory is not what the driver does, but what Grub4Dos does. The disks created in ram are recognized as harddisks after boot.
2. Ramdisk.sys from MS uses preformatted disk/partition images too, but must be loaded to ram with one of the MS loaders; ntldr or setupldr.bin. This is what rambooting traditionally has been about, for the last years.
3. Third method is about wimbooting as is the standard way for WinPE of NT6.x and later.
The methods that map complete disk/partition images to ram work great, but they require a large amount of ram (size of image + ram necessary to run system). The wimboot method require much less ram, because it does not map a complete image to ram, but instead mount the WIM onto a tiny 3 Mb partition image (boot.sdi). The system then exist in a "mirror" on this tiny partition image that is just a mount point for the WIM.
The size is reduced drastically for 2 reasons;
1. much better compression (compared to gzipped images with NTFS compressed FS)
2. writable free space has moved away from preallocated on-disk, to dynamically allocated cache (handled by the File Based Write Filter, FBWF)
Drawback
1. For now it is limited to roughly 172 Mb writable cache (ScratchSpace) on NT5.x (512 Mb on NT6.x and NT7.x).
2. Junction points (hardlinks) are not supported because the WIM technology has put some restrictions on NTFS metadat handling inside mount points.
Big thanks to Nikzzzz, that made the patches to ramdisk.sys and wimfsf.sys (and setupldr.bin). He is the author of wimboot.script that is for PE usage only.
What do we need to boot a complete non-PE NT5.x, XP in this case, with wimbooting?
1. Prepare a clean system as you otherwise would have (uninstall what you don't need).
2. Delete all unnecessary files. You only need to see 3 folders at the root, see screenshot. My base system is reduced only 550 Mb uncompressed. Updates will follow on how to optimize size.
3. Get 5 files off WAIK, http://www.microsoft.com/downloads/details.aspx?familyid=94BB6E34-D890-4932-81A5-5B50C657DE08&displaylang=en and add to your base;
| Code: |
boot.sdi
fbwf.sys
ramdisk.sys
wimfltr.sys
wimfsf.sys
|
These files must all be version 6.0.6001.18000.
boot.sdi is to be placed outside the WIM and all drivers inside the drivers folder inside WIM.
4. Download required files; http://www.mediafire.com/file/mcz4mdyy3gz/wimboot_unixp_drivers.rar and add drivers to the drivers directory. Add winload.exe to system32 folder.
5. Mount the SYSTEM hive and add this to registry:
| Code: |
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\sys\ControlSet001\Control]
"SystemBootDevice"="ramdisk(0)"
[HKEY_LOCAL_MACHINE\sys\MountedDevices]
"\\DosDevices\\C:"=hex:fc,57,b2,d9,4e,68,cb,4d,ab,79,03,cf,a2,f6,b7,50
[HKEY_LOCAL_MACHINE\sys\Setup]
"SystemPartition"="\\Device\\Ramdisk{d9b257fc-684e-4dcb-ab79-03cfa2f6b750}"
|
6. Also merge the included registry patch (from download) to your SYSTEM hive.
7. Create your WIM (capture target offline system), and set the boot flag. Use max compression. My clean base image is 220 Mb (550 Mb uncompressed).
8. Create boot.ini like this;
| Code: |
NOBCD
[boot loader]
timeout=0
ramdisk(0)\WINDOWS
[operating systems]
ramdisk(0)\WINDOWS="WimBoot Universal XP" /noexecute=optin /fastdetect /rdpath=multi(0)disk(0)cdrom(0)\boot.wim /rdsdihdrpath=multi(0)disk(0)cdrom(0)\boot\boot.sdi /minint /usenewloader
|
9. Create bootsector compatible with bootmgr (use bootsect.exe from any NT6.x or NT7.x).
10. When booting this way you only need 4 files; bootmgr, boot.ini, boot.wim and boot.sdi. For now boot.sdi must be put inside a folder named boot (hardcoded inside bootmgr, but can easily be changed).
11. Hopefully looking like this;
12. Network booting with PXE or gPXE (HTTP, iSCSI etc.) will require server setup. Main difference being that gPXE require the system (4 files) to be put onto some other image (like disk image or iso). See note later.
Note about registry patching
Removed
The reason why /minint is added to boot.ini, is that without it you will get BSOD c0000218, complaining that the SECURITY hive is corrupt, absent or not writable. It is likely due to the fact that fsfilter groups are not loaded early enough at boot-time.
Note about this bootmgr
There is no checksum calculated (CRC) for the internal 32-bit executable on this special version. Therefore it's a simple matter to change hardcoded paths inside this version of bootmgr, as you don't have to update CRC after modification. That means paths to boot\boot.sdi and boot\BCD. This version is also capable of loading Windows version up to at least Windows 7 RC1, but not native vhd booting. If a BCD store is present in boot\BCD then it override the presence of boot.ini, regardless of NOBCD inside boot.ini.
Why bother with WimBooting a non-PE diskless (universal) system at all?
Because it is by far the least ram-consuming diskless non-PE solution. The Universal XP image on the screenshot was booted with as little as 332 Mb of absolute ram available, and still had 100 Mb writable free space! That's crazy.. Although possible, it would be recommended to have at least 512 Mb ram. Take a look at the services window, a quite complete system. Boottime for that particular WIM was exactly 2 min 26 sec, including a relatively long hang at the welcome screen. Network booting, PXE, would also become a lot faster with so compressed WIMs, but has not yet been tested with this setup.
This "Universal" approach is something that aims at being a non-PE system capable of hardware independent booting. A bunch of registry hacks are required to even resemble hardware independence, and no good solution exist. It is still in development and probably forever will be. I look at it from time to time and have some setups with promising results (hint: set of patched winload.exe and bootmgr - pointing to alternative SYSTEM hive). This will be updated in a separate topic about "Universal XP: Next phase", but may also be the same for server 2003. Next tests will probably be to wimboot a diskless server 2003.
PXE WimBooting
Wimbooting Universal XP also works through PXE. We need to change from boot.ini mode to BCD mode. Actually all that is necessary is to create a BCD store with these entries (the relevant ones);
| Code: |
Windows Boot Manager
--------------------
identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795}
description Windows Boot Manager
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
nointegritychecks Yes
displayorder {222c0352-c58e-11de-b7fa-005056c00008}
{04056904-c7e6-11de-b7fd-005056c00008}
timeout 30
displaybootmenu Yes
Windows Boot Loader
-------------------
identifier {222c0352-c58e-11de-b7fa-005056c00008}
device ramdisk=[boot]\sources\boot.wim,{7619dcc8-fafe-11d9-b411-000476eba25f}
path \WINDOWS\system32\winload.exe
description WimBoot XP winload.exe
locale en-US
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
nointegritychecks Yes
osdevice ramdisk=[boot]\sources\boot.wim,{7619dcc8-fafe-11d9-b411-000476eba25f}
systemroot \WINDOWS
winpe Yes
quietboot Yes
sos Yes
Device options
--------------
identifier {7619dcc8-fafe-11d9-b411-000476eba25f}
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
|
The presence of a BCD store will override any boot.ini. Notice the "winpe" is set to yes, similarly as we set by the /minint in boot.ini. It will BSOD without it. The boot.wim is the exact same image that was booted locally from both iso/cdrom and HDD. In fact, you can also wimboot locally in BCD mode with exact same BCD store.
The complete boot process took 2 min 50 sec for a 220 Mb wim to transfer and then finish booting. Watch the complete boot in this video: http://www.mediafire.com/file/yznmuyzmzgh/PXE_Wimboot_Universal_XP.zip
My setup;
- tftp server (tftpd32)
- pxelinux.0 chainloading pxeboot.0 (pxeboot.0 taken from the same WAIK as the drivers we patched were taken from)
- apart from the server itself we only need 5 files; BCD, boot.sdi, pxeboot.0 (renamed from pxeboot.n12), boot.wim and bootmgr.exe (bootmgr stripped for 16-bit stub)
- test done in VMware Workstation 6.5.3
- for testing purposes in vmware you may want to use e1000 as virtual network adapter as it is the fastest one.
WimBooting over Internet with gPXE through HTTP
Basically just boot a memdisk "kicker" and reuse "kicker" as standard ramdisk by deleting its content when wimbooting finished. See later post for full explanation. Wimbooting appears to be the fastest network boot technique among the "inram" alternatives, as well as requiring the least amount of ram for such booting.
For general PE usage (MOA etc)
To boot NT5.x PE's the wim-way, you need the patched etupldr.bin that supports wimbooting, in addition to fbwf.sys/wimfltr.sys and the patched ramdisk.sys and wimfsf.sys already mentioned. Inside the WIM you will need to put boot.sdi at the root directory. Apply the registry patch as well. Mark WIM as bootable and use max compression. At the root of the cd (iso) you should have 5 files with structure like this;
| Code: |
WINNT.SIF
SETUPLDR.BIN (original)
I386\MOA.WIM
I386\SETUPLDR.BIN (patched)
I386\NTDETECT.COM
|
Content of WINNT.SIF;
| Code: |
[SetupData]
BootDevice="ramdisk(0)"
BootPath="\i386\System32\"
OsLoadOptions="/fastdetect /minint /rdimageoffset=8192 /rdimagelength=3161088 /rdpath=\I386\MOA.WIM"
|
rdimageoffset and rdimagelength notify about the exact location of the 3Mb partition image inside boot.sdi (the size of the partition image inside boot.sdi does not matter and you can you use anything as long as the offset/lenght are set correctly. As a test you can build your own boot.sdi with custom values, and verify its nonrelevance. It is just something we need to have as a mountpoint anyway. My standard MOA build (iso) then amounted to a total of 131 Mb. WAN booting moa (or any WinPE) from Internet can also be done by using gPXE.
Btw, I reversed Nikzzzz's original patch for setupldr.bin and gave a fair attempt at patching ntldr to support wimbooting. The patch is quite large with much code added to the end as a new section, with numerous calls to it from many places. I believe ntldr was patched with roughly 80-90 % of required stuff, but reached a platou of no progression and stopped work on it. And for now there is no need for it either as wimboot support has been added to non-PE NT5.x real systems. However, last time I spoke with Nikzzzz we exchanged some thoughts around ntldr on the matter, and I got the impression that he wanted to make a patch for ntldr as well, but we'll see.. If he ever sees this maybe he discontinues that..
This guide probably have some black holes, but should be sufficient as a starter.
Feel free to test this setup and all feedback is welcome. 
Joakim Schicht |
Last edited by joakim on Wed Dec 23, 2009 12:58 pm; edited 9 times in total |
|
|
|
|
 |
|
| Posted:
Fri Nov 13, 2009 11:07 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
The registry hive patching tool is finished; http://sanbarrow.com/phpBB2/viewtopic.php?p=6768#6768
Nothing fancy, just a lame autoit script (uses reg.exe and regini.exe).
From the readme.txt;
| Code: |
This is a simple tool that will patch either the default, software, system or NTUSER.DAT hive to replace all occurences of C:\ to X:\.
Handy tool when setting up Universal XP to WimBoot as the system will run from X:\.
Preferrably copy the hives to be patched into a separate properly-named root directory first.
If you have a hive at 10 Mb it will take about 30 seconds to finish patching.
This simple implementation will change all registry values from C:\ to X:\. The way it works is by loading the hive to the registry and then exporting the hive into a .reg file. Now its content is in text form and not binary, and therefore easier to patch. When reg file is finito patched, it will be imported back into registry and overwrite occurences of C:\ with X:\. This works great for value data, but not for value names. Value names that have C:\ will get a duplicate with X:\. Luckily there are not many such important value names, so it does not have much impact. And it is only in the SOFTWARE hive anyway. If curious, load the SOFTWARE hive and search for C:\ and you will see which ones are the tricky ones I have not bothered trying to find an automated solution for (hint: eventsystem & wbem).
|
As a matter in fact, you only need to to patch SYSTEM and SOFTWARE to get this running. But you you will still need to apply the registry patch for the drivers, included in the first package.
Initially I tried another method, and import the patched dump into an empty new hive. But I never found a way that worked well. I suppose there where permission issues that prevented the Wimbooted Universal xp to not boot (no bsod, it just silently died with black screen).
If you are fanatic about the size of your hives, you can load them to registry and then save them as a differently named hive. Then much old "empty" garbage is scrapped off.
Does anybody know how permissions are inherited in the registry on NT5.x? Will all subkeys by default inherit the root key permission (when starting clean from scratch)?
Joakim |
|
|
|
|
|
|
|
| Posted:
Mon Nov 16, 2009 11:51 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
|
|
|
|
|
| Posted:
Tue Nov 17, 2009 10:45 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
|
|
|
|
|
| Posted:
Wed Nov 18, 2009 11:06 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
More interesting news:
Any bootmgr version can wimboot NT5.x (anything from Longhorn - Win7).
The special bootmgr/winload.exe uploaded is actually from Longhorn version 6.0.5259.0. Which also proves that this MS document is incorrect; http://www.microsoft.com/whdc/driver/tips/Debug_Vista.mspx (They should know better).
The version of winload.exe don't have to be from Longhorn either. As a matter in fact, you can just as well use the one from Vista (6.0.6000.16386). Winload from server 2008 will bsod ..4E. Winload from Win7 rc1 will cause a kernel stack fault (hardware reset) in vmware. All tests from wimbooted xpsp2. Setting the "detecthal" value will cause any version to hang forever.
Joakim |
|
|
|
|
|
|
|
| Posted:
Sun Nov 22, 2009 11:07 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
Booting directly over WAN (from internet) can be done with gPXE. In this test it was done through the HTTP protocol, with a server on the internet hosting the files on port 80. Both the diskless client and the server where on slow wireless endpoints. The transfer speed averaged at 724 Kb/s, with a full bootime of about 7 minutes (image transfer and boot).
The gPXE version had to be latest development branch. If earlier version is used, then workarounds are needed because gPXE did not handle memdisk correctly until very recently. The diskless client was booted with an iso containing gPXE only, in a VM configured with a bridged wireless network connection.
We need to put bootmgr, boot.sdi, boot.wim and boot.ini/BCD onto a properly created disk image. We will then boot the image with memdisk. Since we map twice to ram, we will actually wasted ram equivalent to the size of the disk image, so keep disk image size not larger than just to fit the 4 required files. Preferrably zip the image afterwards to optimize the size of it. We then put memdisk and the zipped disk image on some HTTP file server somewhere. Booting from memdisk this way don't require special drivers as the system will boot from a second mapped ram location, instead of the memdisk-created (hence wasted ram). But the waste is necessary to achieve this. The reason why I did not put whole xp install on the memdisk directly and boot with winvblock is that compression would not be so good. In fact the image would be 93 Mb's larger, and thus add over 2 minutes more to the boot time!!
At the prompt on the gPXE bootcd type ctrl + b and then;
| Code: |
dhcp net0
initrd http://xxx.xxx.xxx.xxx/image.zip
kernel http://xxx.xxx.xxx.xxx/memdisk raw
boot memdisk
|
And voila, just booted a full XP installation from the internet. Having an ethernet and a faster dsl connection would of course reduce total bootime substantially.
Joakim |
|
|
|
|
|
|
|
| Posted:
Mon Nov 23, 2009 10:02 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
Instead of "wasting" the ram we can use it by activating winvblock or firadisk. By deleting all the content on the disk image, we can have it as a regular ramdisk or some other temporary container/cache.
You will cause no harm to the system by deleting all the content, because it is just the "kicker" anyway and not used in any way in the actual Windows boot process. In my case this is now a NTFS compressed disk image with 227 Mb of free space (mapped as C:\). Just make a batch that delete the content during boot;
| Code: |
FOR %%I IN (D E F G H I J K L M N O P Q R S T U V W X Y Z) DO IF EXIST %%I:\KICKER.TAG SET KICKER=%%I:
DEL %KICKER%\*.* /f /s /q
|
Just put a file named KICKER.TAG onto the kicker image, so it can be identified. For safety, in case you might have a file named that on your actual local drive, rename the tag to something more unique.
Note.
It is not possible with FiraDisk to use memdisk for HDD emulation. Instead we will need to chainload pxelinux.0/grub.exe to use firadisk in an efficient way as kicker. Winvblock and DisklessAngel are the only two windows drivers capable of using memdisk as such(for linux there is none I think). Once again, good work Sha0!!
My main base image, with most (if not all) system services running is reduced some more. The zipped disk image with the wim and necessary files on, are now at 209 Mb.
Joakim |
Last edited by joakim on Tue Dec 08, 2009 8:22 am; edited 2 times in total |
|
|
|
|
|
|
| Posted:
Mon Nov 23, 2009 11:44 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
|
|
|
|
|
| Posted:
Tue Nov 24, 2009 10:46 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
Playing some more with HTTP booting, I just booted Win7Pe. This really cool and thumbs up for the gPXE developers.
A 2,4 Mb video of http-booting the recovery disk of Win7 RC1; http://www.mediafire.com/file/d3vwjdt4bym/gPXE_HTTP_Win7PE.rar
It is still the same memdisk "kicker" trick being used. Winvblock will not work for this, but there is is a fair chance that the DisklessAngel driver will be able to use the "kicker" disk as a secondary ramdisk. The DisklessAngel driver is unrestricted for images up to 640 Mb (equivalent to roughly 1,5 Gb uncompressed wim!!! And a total of 512 Mb + 640 Mb of free space for your diskless station!!!)
Let's hope Sha0 Miller will continue development of his Winvblock, the only free memdisk capable windows driver...(currently only supporting XP).
Btw, since memdisk now supports iso mapping/emulation, it is also possible to boot the iso directly over the Internet. But, you will not be able to "reuse" any kicker as a ramdisk if done this way. Total size should be roughly the same for both methods.
I assume any WinPE could be HTTP booted one way or the other.
Joakim |
|
|
|
|
|
|
|
| Posted:
Wed Nov 25, 2009 10:43 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
For those testing gPXE vmware, it is advisable to change network adapter type to e1000 in your vmx. Also change your gPXE boot rom to the e1000 specific (the package with all drivers in it does not perform as good, for some weird reason).
The Intel e1000 will transfer at an average 30% faster than Amd PCNet32 when network booting with gPXE (at least with HTTP).
And that will make a substantial time-difference when transferring large images.
Joakim
Btw, I tried modifying the Option Rom in the bios to include gPXE, but without success (no error messages, just hanging at black screen). Anybody out there with a working gPXE capable vmware (Phoenix) bios? At least boot logos was easy to change... |
|
|
|
|
|
|
|
| Posted:
Thu Nov 26, 2009 10:48 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
Clarifying some of the points in the above procedure;
@dara
Basically, we prepare a folder with a complete XP install, lets call the folder wim_xp. My test system is a virtual machine (power off vm and mount the virtual disk offline, then copy all files into the wim_xp folder.
Then we must prepare this offline XP installation before we finally pack it into a wim. Forget for the moment the "Universal" part of this because it is an unfinished/ever-improving procedure with a lot of extra work to even resemble something hardware independant.
Preparation is as follows;
- Inside the folder wim_xp you will need 3 subfolder; WINDOWS, Program Files, Documents and Settings.
Very important update
- Get http://www.mediafire.com/file/mcz4mdyy3gz/wimboot_unixp_drivers.rar and put the 4 drivers into wim_xp\windows\system32\drivers
- Put winload.exe into wim_xp\windows\system32
- Copy the SYSTEM and SOFTWARE registry hive (taken from wim_xp\windows\system32\config) into a folder like C:\temp together with the registry hive patcher tool. Run the tool on both hives. When finished, copy them back into wim_xp\windows\system32\config. Load the SYSTEM hive either with the registry GUI or via "reg load HKLM\sys SYSTEM". Merge wimboot.reg into registry. Unload the hive with the GUI or via "reg unload HKLM\sys".
- For including the WinVBlock driver, see separate note.
- Get gimagex.exe, an easy frontend to the command line tool imagex.exe. Capture wim_xp and save as boot.wim and tick the "boot flag". Set compression to max in one of the drop-down boxes. Then click capture.
- Put boot\boot.sdi, bootmgr, boot.ini and boot.wim into the 238.img (mount descriptor with vdk). When finished copying, unmount the image.
- Finally zip the image (238.img), and it's ready to be served from HTTP.
Get your gPXE boot media from; http://rom-o-matic.net/gpxe/gpxe-git/gpxe.git/contrib/rom-o-matic/
Choose iso or whatever you want and click "Get Image". Boot iso and type commands as already described. Optionally create your boot media with an embedded script so that everything is automated at boot-time.
Joakim |
|
|
|
|
|
|
|
| Posted:
Sun Dec 13, 2009 9:02 am
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
After some investigation on "writecache" on systemdrive, it appears to be a limit for nt5.x on 183.
That means we can use its full potential by setting the WinPECacheThreshold or the ScratchSpace (same thing) to B7.
Merge this into your SYSTEM hive;
| Code: |
[HKEY_LOCAL_MACHINE\sys\ControlSet001\services\FBWF]
"WinPECacheThreshold"=dword:000000b7
|
B7 is hex and equals 183 in decimal (meaning 183 000 000 bytes). Therefore the upper limit of the cache on xp/2k3 is roughly 172 Mb.
On nt6.x and later it can utilize all 512 which is the upper limit. However it is possible to set ScratchSpace to 1024 (400 in hex). Explorer will claim you have about 1Gb of free space then, but it can in fact only utilize 512!!
Joakim |
|
|
|
|
|
|
|
| Posted:
Sat Dec 19, 2009 10:37 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
Finally figured out how to set systemdrive to C:\.
| Code: |
[HKEY_LOCAL_MACHINE\sys\MountedDevices]
"\\DosDevices\\C:"=hex:fc,57,b2,d9,4e,68,cb,4d,ab,79,03,cf,a2,f6,b7,50
|
Something so simple, is kind of embarassing to not have figured out earler. This key is different than your standard reference to C:\ as this one is not based on disk signature. See the relation between these keys and you will understand;
| Code: |
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\sys\ControlSet001\Control]
"SystemBootDevice"="ramdisk(0)"
[HKEY_LOCAL_MACHINE\sys\MountedDevices]
"\\DosDevices\\C:"=hex:fc,57,b2,d9,4e,68,cb,4d,ab,79,03,cf,a2,f6,b7,50
[HKEY_LOCAL_MACHINE\sys\Setup]
"SystemPartition"="\\Device\\Ramdisk{d9b257fc-684e-4dcb-ab79-03cfa2f6b750}"
|
This means you can also manually control what your systemdrive is mapped to in standard WinPE by patching your target registry accordingly. The point is that /minint or winpe toggled in boot.ini or BCD will default systemdrive to X:\, unless the above key is set to overrule that.
So there is no longer any need to patch the registry with the tool posted earlier.
Joakim |
|
|
|
|
|
|
|
| Posted:
Wed Dec 23, 2009 1:06 pm
|
|
|
mad scientist
Joined: 12 Dec 2008
Posts: 218
Location: Bergen, Norway
|
|
Some more notes, about the /minint switch and how it works.
Basically, /minint for nt5 means different things for the "Setup Loader" and the "Boot Loader".
- setupldr.bin will start PE and load non-volatile hives as volatile and keep registry changes in memory only.
- ntldr will load non-volatile hives as volatile and keep registry changes in memory only.
For nt6 and nt7 there is just 1 loader, winload.exe, but located in 2 different places. Winpe set on in the BCD will;
- Load your specified winload.exe that in turn load the SYSTEM hive and the other hives (all as volatile) which has the exact same paths for PE and non-PE. PE vs non-PE will then be autodetected (not exactly sure how, but most likely from several places in registry). Therefore readonly registry is also possible for non-PE on nt6 and nt7 as well.
But, winload.exe (only certain versions) can also load nt5. However it can only understand what ntldr can boot (ie setupldr.bin/setupreg.hiv will not be understandable to winload.exe). Therefore wimbooting nt5 results in a confused state for winload.exe, which require us to override the default, X:\, as mentioned earlier.
It appears to be somewhat problematic to set systemdrive to anything other than X: on PE from nt5 and nt6, Windows 7 is different though.
Joakim |
|
|
|
|
|
|
|
| Posted:
Wed Dec 23, 2009 2:47 pm
|
|
|
research
Joined: 09 Feb 2007
Posts: 559
|
|
Joakim, I just want to thank you for all the work and knowledge you sharing here.
I'll test this RAM network boot approach one day... but meanwhile, this is very interesting! |
|
|
|
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
