Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Boot Windows? #16

Open
Rast1234 opened this issue Jun 5, 2016 · 37 comments

Comments

@Rast1234
Copy link

commented Jun 5, 2016

It's just a crazy thought: is it (or will it be) possible to boot Windows from btrfs partition using your driver since it's highly-integrated and tries to be seamless from the Windows' point of view?

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Jun 5, 2016

It's a long-term aim. To get the whole thing on Btrfs, I'd have to do a new version of bootmgfw.efi, and I'm not even sure if you can do this without it being signed by Microsoft. Another possibility might be having a tiny NTFS partition with just a few files, and everything else on Btrfs.

@Rast1234

This comment has been minimized.

Copy link
Author

commented Jun 9, 2016

Thank you for clarifying.
AFAIK EFI has the concept of filesystem drivers (as separate .efi binaries loaded from another bootloader or EFI shell), and rEFInd already has btrfs driver, so maybe bootmgrfw can be patched to read btrfs if something loads the driver. Everything with disabled SecureBoot, of course.

Your idea of having tiny NTFS partition is interesting, but i am not sure how to achieve this. Symlinking everything from NTFS partition to btrfs one? I already did that trick with two NTFS drives and moved /ProgramData, /Program Files and some non-critical /Windows subfolders from SSD to HDD and it worked. Can you tell at what moment of booting windows loads filesystem drivers? Surely it loads some other drivers before, so i doubt if symlinking whole /Windows will work.

Anyway, i'll try to dissect and symlink as much folders as i can this weekend..

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Jun 9, 2016

To be honest, for all I know booting via rEFInd might be all that's required. If you load an EFI filesystem driver before the Windows bootloader, will Windows use it or ignore it? It's something I'll have to research.

Presumably the boot process goes something like this:

  • UEFI runs bootmgr.efi
  • bootmgr.efi uses functions in bootmgfw.efi to load ntoskrnl.exe
  • bootmgfw.efi then gets used to load system.reg, which amongst other things lists the services needed to boot
  • Either bootmgr.efi or ntoskrnl.exe then walks the tree looking for services where the start type is 0 ("Boot"), and loads the images into memory
  • Windows then replaces bootmgfw.efi's NTFS commands with the proper ones contained in ntfs.sys, which it has just loaded
  • We then proceed with the normal boot
@mirh

This comment has been minimized.

Copy link

commented Sep 5, 2016

Everything with disabled SecureBoot, of course.

It's not like there isn't the handy Linux Foundation PreLoader that can sign whatever you want.

I mean, you could even modify re-sign bootmgfw after you have modified it (but is it even legal?).

To be honest, for all I know booting via rEFInd might be all that's required. If you load an EFI filesystem driver before the Windows bootloader, will Windows use it or ignore it? It's something I'll have to research.

I think it depends more on whether windows bootloader is more like GRUB (which loads its own set of drivers) or more like systemd-boot (which handle everything as simply as possible).
Given its functioning and how it can load winload.exe which is the system ntfs partition, I'd go with the former.

So either somebody manages to adds into it btrfs efi driver, or I guess the tiny ntfs partition idea is better.

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Sep 6, 2016

Thanks for the link, looks like it might be useful. There's symbols available for bootmgfw.efi, which say that there's functions called NtfsMount etc. It might be possible to hook the FS functions or somesuch, I don't know. As I said, it's a long-term aim, and I'm going to look at it properly once the driver itself is feature-complete.

@ariscop

This comment has been minimized.

Copy link

commented Sep 8, 2016

it'd be better to focus on making dism work, currently dies at a call to SetFileSize

@jeditobe

This comment has been minimized.

Copy link

commented Sep 15, 2017

Hello from ReactOS team!

We are looking for ways of using BTRFS as main FS in ReactOS. At the moment we already use WinBTRFS driver 1.0. We want to make possible booting of ReactOS from BTRFS partition.

@jeditobe

This comment has been minimized.

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Sep 22, 2017

Thanks for letting me know, that sounds interesting. I'm intrigued to see how you get on!

@HBelusca

This comment has been minimized.

Copy link

commented Jul 14, 2018

Latest update (14 July 2018): we have a VBR to boot directly into a btrfs volume, that is able to load our freeldr.sys : https://reactos.org/blogs/gsoc-2018-boot-sector-finished
The next step is to implement small btrfs filesystem read-only support in freeldr for it to be able to load arbitrary files from arbitrary directories. Currently work-in-progress.

@HBelusca

This comment has been minimized.

Copy link

commented Jul 29, 2018

New update (29 July 2018): https://reactos.org/blogs/gsoc-2018-booting-btrfs-works

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Jul 29, 2018

Awesome! Thank you for sharing this.

@HBelusca

This comment has been minimized.

Copy link

commented Aug 14, 2018

Here is the final GSoC blog update from our GSoC student (with a demo video linked): https://reactos.org/blogs/gsoc-2018-final-report
The demo build also includes the two PRs #102 and #103.

@ale5000-git

This comment has been minimized.

Copy link

commented Nov 10, 2018

This discussion was mainly about UEFI boot, but has anyone tried to boot Windows 7 in legacy mode (not UEFI) from a btrfs partition?

@hellozyemlya

This comment has been minimized.

Copy link

commented Aug 12, 2019

Any updates on this?

@archeYR

This comment has been minimized.

Copy link

commented Aug 12, 2019

I'm happy to tell you that I successfully managed to boot Windows using FreeLoader (ReactOS boot loader) and the WinBtrfs' ReactOS port.
Windows_Btrfs

The video: https://youtu.be/zZ5JOwVbyWE

It's on drive D: due to drive lettering issues of some sort (happens on Windows 2003 only). Also, a random crash might occur ocassionaly while using the system (not sure wether it is FreeLDR or Btrfs driver fault).

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Aug 12, 2019

@archeYR

This comment has been minimized.

Copy link

commented Aug 12, 2019

Awesome! Did you install it directly to Btrfs, or copy an installation from
NTFS?

I have installed Windows 2003 on FAT32 volume, then the WinBtrfs driver from ReactOS and finally moved the Windows installation to the Btrfs volume (which already had FreeLoader installed). Installing directly onto Btrfs might not be easy because Windows 1st stage installer doesn't support it.

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Aug 12, 2019

I was wondering if the "Have disk" button on the installer would let you load the driver - though it'd still break when it came to the first reboot.

I'm surprised it works at all on Windows 2003, actually - I thought the minimum supported version was Windows 7. I don't know if that's behind your crashes.

@archeYR

This comment has been minimized.

Copy link

commented Aug 12, 2019

I was wondering if the "Have disk" button on the installer would let you load the driver - though it'd still break when it came to the first reboot.

Yeah, and I don't think this option would work for FS drivers in setup.

I'm surprised it works at all on Windows 2003, actually - I thought the minimum supported version was Windows 7. I don't know if that's behind your crashes.

I'm using a ReactOS version, which has lowered requirements to (at least) Windows 2003. Although ReactOS still really targets Windows 2003, and doesn't expose any NT 6+ functionality AFAIK. The driver itself works fine in ReactOS as well.

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Aug 25, 2019

I've spent some time looking into this, and I'm now fairly sure it's a bug in Freeloader...

When CmpInitializeSystemHive finishes, only the first sector is marked as dirty, rather than all the cells for which the bootloader has removed the volatile data. This means it ends up discarding dirty registry without it having been flushed, and later on HvpGetCellMapped ends up reading unsanitized data from the disk, and crashing when it tries to read an invalid pointer.

@ale5000-git

This comment has been minimized.

Copy link

commented Aug 26, 2019

Quote:

I've spent some time looking into this, and I'm now fairly sure it's a bug in Freeloader...

When CmpInitializeSystemHive finishes, only the first sector is marked as dirty, rather than all the cells for which the bootloader has removed the volatile data. This means it ends up discarding dirty registry without it having been flushed, and later on HvpGetCellMapped ends up reading unsanitized data from the disk, and crashing when it tries to read an invalid pointer.

@SergeGautherie
@Extravert-ir
It looks like a serious problem.

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Aug 26, 2019

I've created a ReactOS pull request, which fixes the bug. Here's a binary with the fix applied: freeldr.zip.

With the modified version of freeldr and the latest btrfs patches, booting Windows Server 2003 from btrfs now seems to be stable.

HBelusca added a commit to reactos/reactos that referenced this issue Aug 27, 2019
…#1883)

This fixes the crashes in HvpGetCellMapped on Windows Server 2003 when booting from Freeloader, as mentioned in maharmstone/btrfs#16.

When the bootloader loads the system hive, it cleans the data pertaining to any volatile keys. The Windows bootloader does this by setting SubKeyCounts[Volatile] to 0. After boot, the kernel marks any cell where this is 0 but SubKeyLists[Volatile] isn't HCELL_NIL as dirty, meaning that the sanitized version will then get flushed to the disk.

Because Freeloader sets SubKeyLists[Volatile] to HCELL_NIL straightaway, Windows thinks the cell is clean, and can unload it without flushing. If it then reads it from the disk, it will crash in HvpGetCellMapped due to the stale volatile pointers.

If you break on nt!CmpInitializeSystemHive on Windows and "gu" to the let the function run, you'll see that DirtyVector of the HHIVE has only the first 8 bits set. If you run it using the official bootloader, it'll have a lot more than that.
@maharmstone

This comment has been minimized.

Copy link
Owner

commented Sep 8, 2019

If anybody's interested, I've got this working with Vista now as well. I'll be submitting some patches to Freeloader shortly.

It's my understanding that Vista and Windows 7 aren't all that dissimilar internally, so hopefully getting this working with modern versions of Windows isn't that far away...

vista

@archeYR

This comment has been minimized.

Copy link

commented Sep 8, 2019

Very nice! It truly is great to see FreeLDR being capable of booting Vista+... And Vista being booted from Btrfs as well. By the way, if you're not aware already, ReactOS also has an (incomplete) UEFI bootloader, it might be interesting when it comes to UEFI booting Windows from Btrfs.

@MegaZeroX10

This comment has been minimized.

Copy link

commented Sep 11, 2019

If anybody's interested, I've got this working with Vista now as well. I'll be submitting some patches to Freeloader shortly.

It's my understanding that Vista and Windows 7 aren't all that dissimilar internally, so hopefully getting this working with modern versions of Windows isn't that far away...

vista

Is that a 32-bit or 64-bit version of Windows Vista?

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Sep 11, 2019

@MegaZeroX10

This comment has been minimized.

Copy link

commented Sep 11, 2019

That would explain why I couldn't boot into it. I was trying to boot a 64-bit version of Vista (which Freeldr doesn't support yet). By the way, can you please provide a compiled driver that works in that architecture of Vista? I got one to compile but it wouldn't load (it gave me a 31 error code).

@MegaZeroX10

This comment has been minimized.

Copy link

commented Sep 14, 2019

I was able to get Windows Vista x86 to load a driver compiled from the latest source. When I try to boot it via Freeldr off of a BTRFS drive, it gives me a STOP code of 0x000000A5. I am running Windows Vista x86 via a VirtualBox VM.

EDIT: Here's some debug output that I got by using Windbg to show what was being outputted via Vista's debug mode:

windbg output of ACPI crash - Vista via Freeldr on BTRFS drive.txt

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Oct 6, 2019

I've got it working on Windows 7 now as well. I'll submit the patches once I've cleaned them up.

win7-btrfs

@MegaZeroX10

This comment has been minimized.

Copy link

commented Oct 6, 2019

Is that with no changes to the registry? If so, I wonder why booting Windows Vista via Freeldr and BTRFS doesn't work on VMWare/VirtualBox but works on QEMU.

@maharmstone

This comment has been minimized.

Copy link
Owner

commented Oct 6, 2019

I had to change the start type of tcpip, as you mentioned in the other thread - that's another issue I need to look into.

@MegaZeroX10

This comment has been minimized.

Copy link

commented Oct 6, 2019

Now I am getting a different crash when I try running Windows Vista via FreeLDR + BTRFS via WMWare Workstation Player 15 with only the start type of TCPIP changed. I am attaching the debug log to see if it can help in fixing the crash.

btrfs-vista-bsod.txt

@MegaZeroX10

This comment has been minimized.

Copy link

commented Oct 6, 2019

I have another crash after compiling it via ROSBE instead of Visual Studio 2019. The debug log is attached.

btrfs-vista-bsod-2.txt

@MegaZeroX10

This comment has been minimized.

Copy link

commented Oct 7, 2019

I managed to get it to work somewhat by using Fastcopy to preserve the ACLs of the files and directories when copying from a VHD that has a working copy of Vista on a NTFS FS to a VHD that has a BTRFS FS with the Freeldr files and bootsector applied. When I try to boot from the BTRFS VHD, it gets stuck on a blue background (meaning it can't load explorer.exe) until I change the group entry of BTRFS's key in the registry to include Boot and change the start dword from 1 to 0. Then it loads the taskbar and two Notepad windows with a desktop file showing its contents in both of them.

@MegaZeroX10

This comment has been minimized.

Copy link

commented Oct 10, 2019

@maharmstone How did you copy the files from the Vista image to the BTRFS image that has freeldr.sys and freeldr.ini on it?

@Skorpion96

This comment has been minimized.

Copy link

commented Oct 15, 2019

Can anyone do a tutorial to do it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
You can’t perform that action at this time.