ntbootdd.sys for USB devices?

Hi

I would like some input on how viable the following project would be (i.e. is it possible or is it one of those that just won’t work??)

It is possible to modify the install-CD for say XP to make it so that one can install it on an external USB-device such as a flashdevice or HDD. It roughly works by setting USB-drivers to laod at boottime. This works quite well on computers which do have BIOS support for booting from USB. If however the computer does not know how to boot from USB you are left hanging in the dark since NTLDR is only aware of IDE-drives and CD.

There is however a way of extending NTLDR to recognize SCSI-devices: just rename the miniport-driver for your SCSI-card to ntbootdd.sys and copy it to the root of your boot disk (e.g. for AHA-2940 rename aic78xx.sys) and then set the ARC-path in boot.ini to scsi() or signature() instead of multi().

My questions are:

1. would it be possible to write a new miniport-driver which internally communicates with USB-devices and then rename that one to ntbootdd.sys for NTLDR to load?

2. I know that I would need to implement some kind of USB-stack/host-driver as well as USB-mass storage driver within the ntbootdd.sys miniport. Does anyone have any idea how much work this would be?

I’m thinking a boot-floppy with the usual files (NTLDR, ntdetect.com etc) and this ntbootdd.sys with a boot.ini that uses either scsi() or signature() could do the trick.

Any insights? Comments?

TIA
Fredrik

This is a lot of work. Ntbootdd.sys is a scsi miniport by another name and getting USB mass storage to work would be quite difficult. You would have to implement the host controller, plus enumerate all of the hubs find the mass storage device as well as implement the usb mass storage protocol. If you tried to use the underlying usb bus implementation in the box and implement only usb mass storage in ntbootdd.sys, you would have a virtual scsi miniport b/c there would be no assigned hardware, not performant.

Once you boot you will have issues with guaranteeing that paging io succeeds, you can’t hibernate nor do you have crash dump file support. In short, this is a tremendously complex task, will take a very long time and goes into uncharted/undocumented territory very quickly.

HTH
d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@test.viksten.nu
Sent: Tuesday, October 30, 2007 7:31 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] ntbootdd.sys for USB devices?

Hi

I would like some input on how viable the following project would be (i.e. is it possible or is it one of those that just won’t work??)

It is possible to modify the install-CD for say XP to make it so that one can install it on an external USB-device such as a flashdevice or HDD. It roughly works by setting USB-drivers to laod at boottime. This works quite well on computers which do have BIOS support for booting from USB. If however the computer does not know how to boot from USB you are left hanging in the dark since NTLDR is only aware of IDE-drives and CD.

There is however a way of extending NTLDR to recognize SCSI-devices: just rename the miniport-driver for your SCSI-card to ntbootdd.sys and copy it to the root of your boot disk (e.g. for AHA-2940 rename aic78xx.sys) and then set the ARC-path in boot.ini to scsi() or signature() instead of multi().

My questions are:

1. would it be possible to write a new miniport-driver which internally communicates with USB-devices and then rename that one to ntbootdd.sys for NTLDR to load?

2. I know that I would need to implement some kind of USB-stack/host-driver as well as USB-mass storage driver within the ntbootdd.sys miniport. Does anyone have any idea how much work this would be?

I’m thinking a boot-floppy with the usual files (NTLDR, ntdetect.com etc) and this ntbootdd.sys with a boot.ini that uses either scsi() or signature() could do the trick.

Any insights? Comments?

TIA
Fredrik

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Doron Holan wrote:

This is a lot of work. Ntbootdd.sys is a scsi miniport by another name and getting USB mass storage to work would be quite difficult. You would have to implement the host controller, plus enumerate all of the hubs find the mass storage device as well as implement the usb mass storage protocol. If you tried to use the underlying usb bus implementation in the box and implement only usb mass storage in ntbootdd.sys, you would have a virtual scsi miniport b/c there would be no assigned hardware, not performant.

Once you boot you will have issues with guaranteeing that paging io succeeds, you can’t hibernate nor do you have crash dump file support. In short, this is a tremendously complex task, will take a very long time and goes into uncharted/undocumented territory very quickly.

HTH
d

-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@test.viksten.nu
Sent: Tuesday, October 30, 2007 7:31 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] ntbootdd.sys for USB devices?

Hi

I would like some input on how viable the following project would be (i.e. is it possible or is it one of those that just won’t work??)

It is possible to modify the install-CD for say XP to make it so that one can install it on an external USB-device such as a flashdevice or HDD. It roughly works by setting USB-drivers to laod at boottime. This works quite well on computers which do have BIOS support for booting from USB. If however the computer does not know how to boot from USB you are left hanging in the dark since NTLDR is only aware of IDE-drives and CD.

There is however a way of extending NTLDR to recognize SCSI-devices: just rename the miniport-driver for your SCSI-card to ntbootdd.sys and copy it to the root of your boot disk (e.g. for AHA-2940 rename aic78xx.sys) and then set the ARC-path in boot.ini to scsi() or signature() instead of multi().

My questions are:

1. would it be possible to write a new miniport-driver which internally communicates with USB-devices and then rename that one to ntbootdd.sys for NTLDR to load?

2. I know that I would need to implement some kind of USB-stack/host-driver as well as USB-mass storage driver within the ntbootdd.sys miniport. Does anyone have any idea how much work this would be?

I’m thinking a boot-floppy with the usual files (NTLDR, ntdetect.com etc) and this ntbootdd.sys with a boot.ini that uses either scsi() or signature() could do the trick.

Any insights? Comments?

TIA
Fredrik

---

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Just out of curiosity, why do you want to do this? That is, this would
be a tremendous amount of work for an OS target that is, officially, at
least, at the end of it’s life, running on what have to very old
motherboards which would be really cheap to replace, especially compared
to this effort. I don’t care; I’m just wondering.

If you did go this route, I would wonder (but definitely do not know) if
you might be better off by hooking Int 13/18/19 early and providing
the necessary BIOS support to allow NTLDR to use it as you says it does
when there is BIOS support, as you’ll have to get in to all the messy
details either way, and this would at least, I think, keep you out of
the undocumented part of the problem.

Also, what about Windows XP Embedded? I don’t really know much about
it, but I found myself on a developer list for it one time, and this
sort of thing seems to be a common activity, or at least a common wish.

Out of curiosity, Doron, what’s the issue with paging IO in this case?

Thanks,

mm

Hi

Thanks for taking your time to comment on this.

More on technical things further down but first some comments as to why??

I see two reasons for doing this:

1. My new shiny iMac cannot boot legacy OSes from USB and I want to run XP on it without touching the internal drive at all. It can boot from CD though so making a bootable CD with floppy emulation and an ntbootdd.sys that gets the process started might do the trick. I do not count on Apple to fix the CSM so that this might work, it is not really core-business for them.
2. I must admit that to no small part is it about learning. Implementing USB in an environment without any support would be a nice project. As such I do not really care about time / end of life etc. However, it might be more useful for future-proofing my to-be-gained knowledge to look at implementing a CSM module in EFI (this is also undocumented though).

I do not know much at all about XPE but I have also read that something about booting from USB. I do however have no XPE license, nor any tools or any knowledge at all about it.

As you state adding Int13 support for USB to a boot loader might be an even better idea which I have toyed with, but since this is not the place for such discussions I did leave it out.

Back to technical stuff:

This question is not really driver-related but since I’m guessing knowledgeable folks are around I thought I might ask anyway:

As most people here might know, ntbootdd.sys is a copy of the scsi miniport for the specific hardware you want to boot off of. However:

1. The osloader (part of NTLDR) loads ntbootdd.sys in the very start of boot. Is this the instance of the miniport that the kernel will use later on or does the non-renamed miniport get loaded again (so that it exists in two places in memory)??? Or does NTLDR pass information to ntoskrnl as to where it has already loaded the required miniport and ntoskrnl just keeps using that one (maybe moving it)???
   If it get loaded only once and is used by NTLDR and ntoskrnl my project is dead already since that would mean I would have to implement ALL USB functionality in the miniport and I was hoping for only implementing the bare essentials.

2. Lets leave USB for a moment and concentrate on SCSI. If I have a SCSI card with BIOS Int13 extensions enabled in its SCSI BIOS it seems that XP uses the multi() syntax in boot.ini no matter what. Am I correct in assuming that ntdetect.com needs to find the SCSI hardware and report it to NTLDR (osloader rather) before NTLDR even considers loading ntbootdd.sys and using the scsi() arc path? Or is there a way of forcing NTLDR to always follow what’s in boot.ini and load ntbootdd.sys if it finds the scsi() syntax in boot.ini??
   If it can’t be forced it seems that it would require a modification of either ntdetect.com or NTLDR so that it always either reports USB as SCSI or always believes boot.ini. This would make my project even harder and quite probably illegal (other than for my own personal use depending on my country’s laws on modification and reverse engineering I guess). Keep in mind that I am a hobbyist and that I would be doing this for my own personal education.

Any insights would be appreciated!

Thank you,
Fredrik

xxxxx@test.viksten.nu wrote:

Hi

Thanks for taking your time to comment on this.

More on technical things further down but first some comments as to why??

I see two reasons for doing this:

1. My new shiny iMac cannot boot legacy OSes from USB and I want to run XP on it without touching the internal drive at all. It can boot from CD though so making a bootable CD with floppy emulation and an ntbootdd.sys that gets the process started might do the trick. I do not count on Apple to fix the CSM so that this might work, it is not really core-business for them.
2. I must admit that to no small part is it about learning. Implementing USB in an environment without any support would be a nice project. As such I do not really care about time / end of life etc. However, it might be more useful for future-proofing my to-be-gained knowledge to look at implementing a CSM module in EFI (this is also undocumented though).

I do not know much at all about XPE but I have also read that something about booting from USB. I do however have no XPE license, nor any tools or any knowledge at all about it.

As you state adding Int13 support for USB to a boot loader might be an even better idea which I have toyed with, but since this is not the place for such discussions I did leave it out.

Back to technical stuff:

This question is not really driver-related but since I’m guessing knowledgeable folks are around I thought I might ask anyway:

As most people here might know, ntbootdd.sys is a copy of the scsi miniport for the specific hardware you want to boot off of. However:

1. The osloader (part of NTLDR) loads ntbootdd.sys in the very start of boot. Is this the instance of the miniport that the kernel will use later on or does the non-renamed miniport get loaded again (so that it exists in two places in memory)??? Or does NTLDR pass information to ntoskrnl as to where it has already loaded the required miniport and ntoskrnl just keeps using that one (maybe moving it)???
   If it get loaded only once and is used by NTLDR and ntoskrnl my project is dead already since that would mean I would have to implement ALL USB functionality in the miniport and I was hoping for only implementing the bare essentials.

2. Lets leave USB for a moment and concentrate on SCSI. If I have a SCSI card with BIOS Int13 extensions enabled in its SCSI BIOS it seems that XP uses the multi() syntax in boot.ini no matter what. Am I correct in assuming that ntdetect.com needs to find the SCSI hardware and report it to NTLDR (osloader rather) before NTLDR even considers loading ntbootdd.sys and using the scsi() arc path? Or is there a way of forcing NTLDR to always follow what’s in boot.ini and load ntbootdd.sys if it finds the scsi() syntax in boot.ini??
   If it can’t be forced it seems that it would require a modification of either ntdetect.com or NTLDR so that it always either reports USB as SCSI or always believes boot.ini. This would make my project even harder and quite probably illegal (other than for my own personal use depending on my country’s laws on modification and reverse engineering I guess). Keep in mind that I am a hobbyist and that I would be doing this for my own personal education.

Any insights would be appreciated!

Thank you,
Fredrik

I think personal education is a great reason to do this, if you’re
comfortable with the difficulty. My concern was only if this was going
to be done as part of something for profit, which would almost certainly
be a disaster. In any case, I don’t know about the forced question, but
I do know that it appears possible to replace ntdetect.com:

Files.HwComponent.ID Section of a txtsetup.oem File

detect

Valid for the computer component (x86 only). If specified, replaces the
standard x86 hardware recognizer. Setup copies the file to c:\ntdetect.com.

That being said, the rest would totally undocumented, and a replacement
NTDETECT.COM is most definitely no something I would like to write.

Otherwise, I can’t say that I really have much of any experience with
storage boot drivers, so I can’t help out much with the rest of your
questions.

I still think that Int13/18/19 might be easier, but as you point out
that’s not really what this forum is about.

Good luck,

mm

The mini-port loaded by ntldr is not the one the system runs in the end,
they are seperate. If I were you I would look at having the system boot a
set of BIOS hooks that supported the needed int calls.

–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr

wrote in message news:xxxxx@ntdev…
> Hi
>
> Thanks for taking your time to comment on this.
>
> More on technical things further down but first some comments as to why??
>
> I see two reasons for doing this:
> 1) My new shiny iMac cannot boot legacy OSes from USB and I want to run XP
> on it without touching the internal drive at all. It can boot from CD
> though so making a bootable CD with floppy emulation and an ntbootdd.sys
> that gets the process started might do the trick. I do not count on Apple
> to fix the CSM so that this might work, it is not really core-business for
> them.
> 2) I must admit that to no small part is it about learning. Implementing
> USB in an environment without any support would be a nice project. As such
> I do not really care about time / end of life etc. However, it might be
> more useful for future-proofing my to-be-gained knowledge to look at
> implementing a CSM module in EFI (this is also undocumented though).
>
> I do not know much at all about XPE but I have also read that something
> about booting from USB. I do however have no XPE license, nor any tools or
> any knowledge at all about it.
>
> As you state adding Int13 support for USB to a boot loader might be an
> even better idea which I have toyed with, but since this is not the place
> for such discussions I did leave it out.
>
> Back to technical stuff:
>
> This question is not really driver-related but since I’m guessing
> knowledgeable folks are around I thought I might ask anyway:
>
> As most people here might know, ntbootdd.sys is a copy of the scsi
> miniport for the specific hardware you want to boot off of. However:
>
> 1) The osloader (part of NTLDR) loads ntbootdd.sys in the very start of
> boot. Is this the instance of the miniport that the kernel will use later
> on or does the non-renamed miniport get loaded again (so that it exists in
> two places in memory)??? Or does NTLDR pass information to ntoskrnl as to
> where it has already loaded the required miniport and ntoskrnl just keeps
> using that one (maybe moving it)???
> If it get loaded only once and is used by NTLDR and ntoskrnl my project is
> dead already since that would mean I would have to implement ALL USB
> functionality in the miniport and I was hoping for only implementing the
> bare essentials.
>
> 2) Lets leave USB for a moment and concentrate on SCSI. If I have a SCSI
> card with BIOS Int13 extensions enabled in its SCSI BIOS it seems that XP
> uses the multi() syntax in boot.ini no matter what. Am I correct in
> assuming that ntdetect.com needs to find the SCSI hardware and report it
> to NTLDR (osloader rather) before NTLDR even considers loading
> ntbootdd.sys and using the scsi() arc path? Or is there a way of forcing
> NTLDR to always follow what’s in boot.ini and load ntbootdd.sys if it
> finds the scsi() syntax in boot.ini??
> If it can’t be forced it seems that it would require a modification of
> either ntdetect.com or NTLDR so that it always either reports USB as SCSI
> or always believes boot.ini. This would make my project even harder and
> quite probably illegal (other than for my own personal use depending on my
> country’s laws on modification and reverse engineering I guess). Keep in
> mind that I am a hobbyist and that I would be doing this for my own
> personal education.
>
> Any insights would be appreciated!
>
> Thank you,
> Fredrik
>

> 1) My new shiny iMac cannot boot legacy OSes from USB and I want to run XP

on it without touching the internal drive at all.

Based on info on Wikipedia, it says an iMac CAN boot legacy (bios based)
OS’s. It also says there is a tool to make space on the disk. I assume this
creates a a preallocated area in the file system and then adjusts the
partition table to point at this allocated space. The end result seems to be
you can dual boot your iMac between Mac OS and Windows.

If you just want to write USB boot code for learning purposes, then you
might see if the Bochs emulator has USB hardware emulation.

Jan

Hi Jan

Yes it can boot legacy OSes from CD/DVD (and HDD obviously since that is what “Bootcamp” is all about) but not from USB. This being my first Mac I do not have much of a historic knowledge but from what I have understood e.g. Macbook Pro does have working support for USB/legacy but it is broken on the iMac and Apples policy is that legacy boot from USB is unsupported.

But we are starting to get way off topic (as were my previous post) so my next question is: Does anyone know of a better place to post my questions? (I’m pretty new to low-level development so I basically know of no places)

Thank you all!
Fredrik

> 1) The osloader (part of NTLDR) loads ntbootdd.sys in the very start of boot.
Is

this the instance of the miniport that the kernel will use later on or does
the non-
renamed miniport get loaded again (so that it exists in two places in
memory)???

No, it will be loaded again, and NTLDR’s copy will be discarded I think.

2. Lets leave USB for a moment and concentrate on SCSI. If I have a SCSI card
   with BIOS Int13 extensions enabled in its SCSI BIOS it seems that XP uses the
   multi() syntax in boot.ini no matter what.

My last experiments with scsi() was in NT4, where ATAPI was a SCSI miniport. In
this OS, you can copy ATAPI.SYS to NTBOOTDD.SYS and use scsi() syntax for usual
IDE drive. I think this means - NTBOOTDD will be used.

–
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

xxxxx@test.viksten.nu wrote:

Hi Jan

Yes it can boot legacy OSes from CD/DVD (and HDD obviously since that is what “Bootcamp” is all about) but not from USB. This being my first Mac I do not have much of a historic knowledge but from what I have understood e.g. Macbook Pro does have working support for USB/legacy but it is broken on the iMac and Apples policy is that legacy boot from USB is unsupported.

But we are starting to get way off topic (as were my previous post) so my next question is: Does anyone know of a better place to post my questions? (I’m pretty new to low-level development so I basically know of no places)

Thank you all!
Fredrik

This list has survived far more off topic posts more or less every day
than yours. Personally, I’m kind of curious how this works out, and
perhaps with the exception of the Embedded XP list (whatever that may
be), I kind of doubt that there is anything more on topic than here.
While we have certainly covered NTLDR here before, your topic is fairly
new, or at least is relatively new to me.

Good luck,

mm

Martin O’Brien wrote:

xxxxx@test.viksten.nu wrote:
> Hi Jan
>
> Yes it can boot legacy OSes from CD/DVD (and HDD obviously since that
> is what “Bootcamp” is all about) but not from USB. This being my first
> Mac I do not have much of a historic knowledge but from what I have
> understood e.g. Macbook Pro does have working support for USB/legacy
> but it is broken on the iMac and Apples policy is that legacy boot
> from USB is unsupported.
>
> But we are starting to get way off topic (as were my previous post) so
> my next question is: Does anyone know of a better place to post my
> questions? (I’m pretty new to low-level development so I basically
> know of no places)
>
> Thank you all!
> Fredrik
This list has survived far more off topic posts more or less every day
than yours. Personally, I’m kind of curious how this works out, and
perhaps with the exception of the Embedded XP list (whatever that may
be), I kind of doubt that there is anything more on topic than here.
While we have certainly covered NTLDR here before, your topic is fairly
new, or at least is relatively new to me.

Good luck,

mm

Also, people aren’t shy here about saying when something is off list;
you’ll know it if it happens. That being said, I certainly understand
why you would like to know the best place to post; I just don’t know of
any better.

Good luck,

mm

Hi

I believe the XP Embedded guys at MS have produced a bootable USB stick, the
channel 9 video shows this but they did not
give any more detail on how they did it. Really interested if anybody get
this type of thing going.

Regards
Steve

----- Original Message -----
From: “Martin O’Brien”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Monday, November 05, 2007 1:50 AM
Subject: Re:[ntdev] ntbootdd.sys for USB devices?

> Martin O’Brien wrote:
>> xxxxx@test.viksten.nu wrote:
>>> Hi Jan
>>>
>>> Yes it can boot legacy OSes from CD/DVD (and HDD obviously since that is
>>> what “Bootcamp” is all about) but not from USB. This being my first Mac
>>> I do not have much of a historic knowledge but from what I have
>>> understood e.g. Macbook Pro does have working support for USB/legacy but
>>> it is broken on the iMac and Apples policy is that legacy boot from USB
>>> is unsupported.
>>>
>>> But we are starting to get way off topic (as were my previous post) so
>>> my next question is: Does anyone know of a better place to post my
>>> questions? (I’m pretty new to low-level development so I basically know
>>> of no places)
>>>
>>> Thank you all!
>>> Fredrik
>> This list has survived far more off topic posts more or less every day
>> than yours. Personally, I’m kind of curious how this works out, and
>> perhaps with the exception of the Embedded XP list (whatever that may
>> be), I kind of doubt that there is anything more on topic than here.
>> While we have certainly covered NTLDR here before, your topic is fairly
>> new, or at least is relatively new to me.
>>
>> Good luck,
>>
>> mm
>>
> Also, people aren’t shy here about saying when something is off list;
> you’ll know it if it happens. That being said, I certainly understand why
> you would like to know the best place to post; I just don’t know of any
> better.
>
> Good luck,
>
> mm
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>

Very interesting. Any chance you have a direct link to that on Channel
9, Steve? As Don pointed out a while back, there really isn’t much in
the way of indexing on Channel 9.

Thanks,

mm

Steve Pratt wrote:

Hi

I believe the XP Embedded guys at MS have produced a bootable USB stick,
the channel 9 video shows this but they did not
give any more detail on how they did it. Really interested if anybody
get this type of thing going.

Regards
Steve

----- Original Message ----- From: “Martin O’Brien”

> Newsgroups: ntdev
> To: “Windows System Software Devs Interest List”
> Sent: Monday, November 05, 2007 1:50 AM
> Subject: Re:[ntdev] ntbootdd.sys for USB devices?
>
>
>> Martin O’Brien wrote:
>>> xxxxx@test.viksten.nu wrote:
>>>> Hi Jan
>>>>
>>>> Yes it can boot legacy OSes from CD/DVD (and HDD obviously since
>>>> that is what “Bootcamp” is all about) but not from USB. This being
>>>> my first Mac I do not have much of a historic knowledge but from
>>>> what I have understood e.g. Macbook Pro does have working support
>>>> for USB/legacy but it is broken on the iMac and Apples policy is
>>>> that legacy boot from USB is unsupported.
>>>>
>>>> But we are starting to get way off topic (as were my previous post)
>>>> so my next question is: Does anyone know of a better place to post
>>>> my questions? (I’m pretty new to low-level development so I
>>>> basically know of no places)
>>>>
>>>> Thank you all!
>>>> Fredrik
>>> This list has survived far more off topic posts more or less every
>>> day than yours. Personally, I’m kind of curious how this works out,
>>> and perhaps with the exception of the Embedded XP list (whatever that
>>> may be), I kind of doubt that there is anything more on topic than
>>> here. While we have certainly covered NTLDR here before, your topic
>>> is fairly new, or at least is relatively new to me.
>>>
>>> Good luck,
>>>
>>> mm
>>>
>> Also, people aren’t shy here about saying when something is off list;
>> you’ll know it if it happens. That being said, I certainly understand
>> why you would like to know the best place to post; I just don’t know
>> of any better.
>>
>> Good luck,
>>
>> mm
>>
>> —
>> NTDEV is sponsored by OSR
>>
>> For our schedule of WDF, WDM, debugging and other seminars visit:
>> http://www.osr.com/seminars
>>
>> To unsubscribe, visit the List Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>>
>>
>
>
>

Hi

Try this, it used to be the link, the mention is right at the end of the
vid. Worth a watch anyways…

http://channel9.msdn.com/ShowPost.aspx?PostID=252734#252734

Regards

Steve

----- Original Message -----
From: “Martin O’Brien”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Monday, November 05, 2007 10:25 AM
Subject: Re:[ntdev] ntbootdd.sys for USB devices?

> Very interesting. Any chance you have a direct link to that on Channel 9,
> Steve? As Don pointed out a while back, there really isn’t much in the
> way of indexing on Channel 9.
>
> Thanks,
>
> mm
>
> Steve Pratt wrote:
>> Hi
>>
>> I believe the XP Embedded guys at MS have produced a bootable USB stick,
>> the channel 9 video shows this but they did not
>> give any more detail on how they did it. Really interested if anybody get
>> this type of thing going.
>>
>> Regards
>> Steve
>>
>> ----- Original Message ----- From: “Martin O’Brien”
>>
>> Newsgroups: ntdev
>> To: “Windows System Software Devs Interest List”
>> Sent: Monday, November 05, 2007 1:50 AM
>> Subject: Re:[ntdev] ntbootdd.sys for USB devices?
>>
>>
>>> Martin O’Brien wrote:
>>>> xxxxx@test.viksten.nu wrote:
>>>>> Hi Jan
>>>>>
>>>>> Yes it can boot legacy OSes from CD/DVD (and HDD obviously since that
>>>>> is what “Bootcamp” is all about) but not from USB. This being my first
>>>>> Mac I do not have much of a historic knowledge but from what I have
>>>>> understood e.g. Macbook Pro does have working support for USB/legacy
>>>>> but it is broken on the iMac and Apples policy is that legacy boot
>>>>> from USB is unsupported.
>>>>>
>>>>> But we are starting to get way off topic (as were my previous post) so
>>>>> my next question is: Does anyone know of a better place to post my
>>>>> questions? (I’m pretty new to low-level development so I basically
>>>>> know of no places)
>>>>>
>>>>> Thank you all!
>>>>> Fredrik
>>>> This list has survived far more off topic posts more or less every day
>>>> than yours. Personally, I’m kind of curious how this works out, and
>>>> perhaps with the exception of the Embedded XP list (whatever that may
>>>> be), I kind of doubt that there is anything more on topic than here.
>>>> While we have certainly covered NTLDR here before, your topic is fairly
>>>> new, or at least is relatively new to me.
>>>>
>>>> Good luck,
>>>>
>>>> mm
>>>>
>>> Also, people aren’t shy here about saying when something is off list;
>>> you’ll know it if it happens. That being said, I certainly understand
>>> why you would like to know the best place to post; I just don’t know of
>>> any better.
>>>
>>> Good luck,
>>>
>>> mm
>>>
>>> —
>>> NTDEV is sponsored by OSR
>>>
>>> For our schedule of WDF, WDM, debugging and other seminars visit:
>>> http://www.osr.com/seminars
>>>
>>> To unsubscribe, visit the List Server section of OSR Online at
>>> http://www.osronline.com/page.cfm?name=ListServer
>>>
>>>
>>>
>>
>>
>>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>

Thanks, Steve. I can’t look at it right now, but will do so later.

Thanks,

mm
Steve Pratt wrote:

Hi

Try this, it used to be the link, the mention is right at the end of the
vid. Worth a watch anyways…

http://channel9.msdn.com/ShowPost.aspx?PostID=252734#252734

Regards

Steve

----- Original Message ----- From: “Martin O’Brien”

> Newsgroups: ntdev
> To: “Windows System Software Devs Interest List”
> Sent: Monday, November 05, 2007 10:25 AM
> Subject: Re:[ntdev] ntbootdd.sys for USB devices?
>
>
>> Very interesting. Any chance you have a direct link to that on
>> Channel 9, Steve? As Don pointed out a while back, there really isn’t
>> much in the way of indexing on Channel 9.
>>
>> Thanks,
>>
>> mm
>>
>> Steve Pratt wrote:
>>> Hi
>>>
>>> I believe the XP Embedded guys at MS have produced a bootable USB
>>> stick, the channel 9 video shows this but they did not
>>> give any more detail on how they did it. Really interested if anybody
>>> get this type of thing going.
>>>
>>> Regards
>>> Steve
>>>
>>> ----- Original Message ----- From: “Martin O’Brien”
>>>
>>> Newsgroups: ntdev
>>> To: “Windows System Software Devs Interest List”
>>> Sent: Monday, November 05, 2007 1:50 AM
>>> Subject: Re:[ntdev] ntbootdd.sys for USB devices?
>>>
>>>
>>>> Martin O’Brien wrote:
>>>>> xxxxx@test.viksten.nu wrote:
>>>>>> Hi Jan
>>>>>>
>>>>>> Yes it can boot legacy OSes from CD/DVD (and HDD obviously since
>>>>>> that is what “Bootcamp” is all about) but not from USB. This being
>>>>>> my first Mac I do not have much of a historic knowledge but from
>>>>>> what I have understood e.g. Macbook Pro does have working support
>>>>>> for USB/legacy but it is broken on the iMac and Apples policy is
>>>>>> that legacy boot from USB is unsupported.
>>>>>>
>>>>>> But we are starting to get way off topic (as were my previous
>>>>>> post) so my next question is: Does anyone know of a better place
>>>>>> to post my questions? (I’m pretty new to low-level development so
>>>>>> I basically know of no places)
>>>>>>
>>>>>> Thank you all!
>>>>>> Fredrik
>>>>> This list has survived far more off topic posts more or less every
>>>>> day than yours. Personally, I’m kind of curious how this works
>>>>> out, and perhaps with the exception of the Embedded XP list
>>>>> (whatever that may be), I kind of doubt that there is anything more
>>>>> on topic than here. While we have certainly covered NTLDR here
>>>>> before, your topic is fairly new, or at least is relatively new to me.
>>>>>
>>>>> Good luck,
>>>>>
>>>>> mm
>>>>>
>>>> Also, people aren’t shy here about saying when something is off
>>>> list; you’ll know it if it happens. That being said, I certainly
>>>> understand why you would like to know the best place to post; I just
>>>> don’t know of any better.
>>>>
>>>> Good luck,
>>>>
>>>> mm
>>>>
>>>> —
>>>> NTDEV is sponsored by OSR
>>>>
>>>> For our schedule of WDF, WDM, debugging and other seminars visit:
>>>> http://www.osr.com/seminars
>>>>
>>>> To unsubscribe, visit the List Server section of OSR Online at
>>>> http://www.osronline.com/page.cfm?name=ListServer
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>> —
>> NTDEV is sponsored by OSR
>>
>> For our schedule of WDF, WDM, debugging and other seminars visit:
>> http://www.osr.com/seminars
>>
>> To unsubscribe, visit the List Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>>
>>
>
>
>

Nice to hear that it is OK to post here!

I can’t watch the video right now either and as I think I wrote I don’t know too much about XPE. However from what I’ve read, yes you can boot XPE from USB (I think it is officially supported even). What I’m trying to do though is related to this:

http://www.ngine.de/index.jsp?pageid=4176

Following that guide you can modify your regular install CD of XP and make it be USB-installable / bootable. You can then boot from a USB device except on computers which have no USB-boot capability in BIOS (i.e. INT13 extension for USB devices I’m guessing). It works quite nice if you can live with no swap-file (since it is a removable drive, which I believe there is a filter driver which can fix).

What I’m trying to do is make such a modified XP version boot from USB on computers without BIOS support for boot from USB. I would need to make a boot-floppy / CD, chuck that in, start NTLDR which then loads ntbootdd.sys which sets up a rudimentary USB-stack / (hub driver) / mass-storage capabilities and thus extends NTLDR to be able to read USB devices. Once it has read ntoskrnl and all the boot drivers the ordinary USB-drivers take over (which are after modification above working as bootable drivers). That’s the idea at least.

I’m also hoping it could be used to boot VMware or similar from USB.

Since you seem interested I will keep you updated, though it might take a while because of work and vacation coming up.

Technical question of the day:

In the pre-OS environment which is NTLDR, is there a way of attaching a debugger???

Sure, assuming that you have the CHECKED version of XP that you wish to
test. If you don’t, getting the CHECKED build of SP2 requires an MSDN
subscription (I think), and it is only available as a network
installation pack. This means that you have to start the installation,
let it finish extracting, at which point it will fail because your
installing on FREE version of XP. Before dismissing the dialog box, go
find the extracted files, and copy NTLDR to another location. While
you’re there, you might as well copy ntos*.* and hal*.*, as the checked
versions of these files have better diagnostic information and can be
used with an otherwise FREE system. Personally, as this process sucks,
I would copy everything. When you’re done copying, dismiss the dialog
box. I haven’t done this in two years or more, and it is unfortunately
possible that this will not work, because it might fail before
extracting; I don’t thing so, but I don’t remember. If it does, you
are, as far as I know, legally SOL, as for reasons known only to
Microsoft, they no longer distribute a CHECKED version of XP, XP with
SP2, or SP2 anymore. If your desperate, there are checked versions of
ntldr, ntoskrnl and hal in the ‘debug’ folder of the XP 2600 DDK, but I
have never gotten them to work, nor have I have I ever head of anyone
getting them to work.

In any case:

1. Obtain the CHECKED version of NTLDR that matches your OS and SP.

2. It’s been a while since I’ve done this with XP, and I don’t recall
   if NTLDR is compressed on the installation medium. Use EXPAND to ensure
   that it isn’t, otherwise you’ll be non-bootable.

3. Replace the FREE version with the CHECKED one.

That’s it on the target.

For version of Windows that use boot.ini (and not bcd), boot time
debugging is only possible on com port 1 @ 19200.

On the host, start WinDbg:

WinDbg -b -d -k com:port=1,baud=19200

Plus anything else you want, like a symbol path so that you get ntldr
symbols. The module name in WinDbg for NTLDR is actually OSLOADER,
because ntldr is made of a block of flat code with a block of code that
is formatted as PE named OSLOADER appended to it. By the time you get
control, the first block of code is history.

You probably already know this, but, if not, If you haven’t already,
even though you’re looking at pre os, I would install checked copies of
ntoskrnl and the hal as well. The procedure starts out like the case
for NTLDR (get the checked ones, expand them), but you have to give them
different names (I usually use ntoskrnl.chk and hal.chk), and you have
to be absolutely certain that you have the correct hal and kernel, adn
you have to replace them both. The easiest way to do that is to right
click each file on the target, and take properties, and then the version
tab. Look at the OriginalFilename field. That’s the file you need to
copy from the CHECKED OS medium. Once you’ve got them and expanded them
to a new name, copy them to \Windows\System32 on the target. Then,
clear the readonly attribute of \boot.ini (which is also usually
hidden), and open it. Copy the line that corresponds to the
configuration you usually use for debugging, and paste on a free line.
Using the names I usually use, add /KERNEL=ntoskrnl.chk and /HAL=hal.chk
to the line you just pasted.

Also, a couple more ideas that may be of interest to you. Considering
what you are attempting to do, if you don’t have a means to do this
already, you will by any reasonable definition need some means of
stepping through the firmware and NTLDR prior to when WinDbg kicks in.
Usually, this is done using a JTAG emulator (I use an American Arium
ECM-50/XDP), but these are very expensive, and it is very, very, very,
very difficult to connect one to a motherboard reliably, unless it
happens to have an XDP socket, which for all practical purposes nothing
does. AS I recall, this is a personal project, so I’m assuming that you
don’t want to drop $11,000+ on something like this, but I thought I
would mention it in case I misunderstood your goal.

Assuming that is out, you might want to look in to Bochs, as it is open
source. Another option, if you’re doing this on AMD64 is a free
emulator that AMD provides on their website. Although it does not have
open source code, you probably won’t need it, and its at least five
times faster than Bochs and probably closer to ten times. It also, in
theory, can be connected to WinDbg, although that did not work when I
tried it, but that was two years ago. Another source of information you
might find useful is LinuxBIOS, and open source BIOS. It might be a
helpful reference when you get desperate.

Good luck,

mm

xxxxx@test.viksten.nu wrote:

Nice to hear that it is OK to post here!

I can’t watch the video right now either and as I think I wrote I don’t know too much about XPE. However from what I’ve read, yes you can boot XPE from USB (I think it is officially supported even). What I’m trying to do though is related to this:

http://www.ngine.de/index.jsp?pageid=4176

Following that guide you can modify your regular install CD of XP and make it be USB-installable / bootable. You can then boot from a USB device except on computers which have no USB-boot capability in BIOS (i.e. INT13 extension for USB devices I’m guessing). It works quite nice if you can live with no swap-file (since it is a removable drive, which I believe there is a filter driver which can fix).

What I’m trying to do is make such a modified XP version boot from USB on computers without BIOS support for boot from USB. I would need to make a boot-floppy / CD, chuck that in, start NTLDR which then loads ntbootdd.sys which sets up a rudimentary USB-stack / (hub driver) / mass-storage capabilities and thus extends NTLDR to be able to read USB devices. Once it has read ntoskrnl and all the boot drivers the ordinary USB-drivers take over (which are after modification above working as bootable drivers). That’s the idea at least.

I’m also hoping it could be used to boot VMware or similar from USB.

Since you seem interested I will keep you updated, though it might take a while because of work and vacation coming up.

Technical question of the day:

In the pre-OS environment which is NTLDR, is there a way of attaching a debugger???