According to the UEFI spec (Version 2.7 Errata A), section 3.1.7 ("Required System Preparation Applications"):
"The platform is required to examine all SysPrep#### variables referenced in SysPrepOrder. If Attributes bit LOAD_OPTION_ACTIVE is set, and the application referenced by FilePathList[0] is present, the UEFI Applications thus identified must be loaded and launched in the order they appear in SysPrepOrder and prior to the launch of any load options of type Boot####."
However, in experiments with a simple "hello world + press any key" UEFI app, I have not found any PC that will execute the app when I install it as a SysPrep boot variable.
For example:
Ubuntu is installed on a test PC with a single HDD, GPT partitioned, UEFI-boot.
Using EFI shell, copy a test app "hello.efi" from UFD (fs1:) to fs0:\EFI\hello.efi
Boot to Ubuntu and use efibootmgr to add a sysprep variable:
sudo efibootmgr -y –create –disk /dev/sda –part 1 –loader /EFI/hello.efi –label "hello" –verbose
Result:
SysPrepOrder: 0000
SysPrep0000* hello HD(1,GPT,f440c17d-...c72d,0x800,0x100000)/File(\EFI\hello.efi)
Reboot PC, and let it boot normally.
The "hello.efi" SysPrep app does not run before the OS starts booting.
On each PC I have tested, I verified that the EFI BootOptionSupport variable has bit 4 set (0x10), indicating EFI_BOOT_OPTION_SUPPORT_SYSPREP.
Regarding another quote from UEFI spec section 3.1.7:
"When launched, the platform is required to provide the application loaded by SysPrep####, with the same services such as console and network as are normally provided at launch to applications referenced by a Boot#### variable."
This seems to me that any EFI app that will run as a Boot#### variable, will also run as a SysPrep#### variable. Is this correct?
On each PC I have tested, the hello.efi app does run from a Boot#### variable (using same efibootmgr command as above, without "-y"), but never runs as a SysPrep#### variable.
Related
I'm trying to enable boot in bios legacy mode with no success.
Just as test case I'm using an old Ubuntu server image (bionic-server-cloudimg-i386.img).
This what I did:
Under %simics%/simics-qsp-cpu-6.0.1/targets/qsp-x86 I modified qsp-client-core.simics file as below:
# In order to run this, the QSP-x86 (2096), QSP-CPU (8112) and
# QSP-Clear-Linux (4094) packages should be installed.
decl {
! Script that runs the Quick Start Platform (QSP) with a client processor core.
params from "%simics%/targets/qsp-x86/qsp-clear-linux.simics"
default cpu_comp_class = "x86-coffee-lake"
default num_cores = 4
default enable_efi = FALSE
}
$disk0_image="/home/peppe/Scrivania/bionic.craff"
#$disk0_image="/opt/simics/simics-qsp-clear-linux-6.0.9/targets/qsp-x86/images/cl-b28910-v2.craff"
run-command-file "%simics%/targets/qsp-x86/qsp-clear-linux.simics"
When I run this file, the boot gets stuck with "Start PXE over IPv4" message (i.e. Simics doesn't find the UEFI partition and try to boot from network).
If I run the same file with cl-b28910-v2.craff image all works fine.
Note when it comes to bionic image I tried both with the raw format and with the craff format.
Also note the same bionic image boots as expected in QEMU.
My question: is the param enable_efi = FALSE enough to force Simics to boot in legacy mode?
If no what else do I have to do ?
The QSP really only supports booting from UEFI, and only a UEFI binary is shipping with the platform. All modern operating systems boot from UEFI anyway, so this should not be a big deal.
Indeed QSP model is not shipped with legacy BIOS image, but this does not prevent you from creating such and enable it on QSP model yourself. In particular, microvm or regular bios.bin (SeaBIOS?) from QEMU might work with some changes (removing QEMU specifics).
I was trying to activate my configuration on my local PC, but it failed. I tried:
Isolate 1 or 2 cores on my pc (Under SYSTEM > Real-Time and reboot the PC) and run the PLC tasks on those cores. When I do this I get the following error:
'TwinCAT System' (10000): Sending ams command >> Init4\RTime: Start Interrupt: Ticker started >> AdsWarning: 4118 (0x1016, RTIME: startup of isolated CPU fails!) << failed!
I then tried to run it on the normal windows dedicated CPUs (so none of the CPU’s were isolated). When I activated the configuration (and enabled Virtualization in the BIOS) I got the following error message:
Setting TwinCAT in Run Mode with KB4056894 is not possible
Uninstall KB4056894
or
Activate a solution using only isolated cores
I could not find KB4056894 installed on my PC. Any other solution?
I'm using TwinCAT 3 Build 4022.14 under Windows 10.
From Beckhoff support:
According to the error note, the Microsoft patch for spectre/meltdown
is installed on your PC. Normally, the TC3 should work with this patch
when using isolated cores…
However, since version TC3 Build 4022.16, this problem is solved.
I installed 4022.22 and everything worked.
I just want to share my experience with this error and how I solved it. Just in real-time menu set the cpu cores as 1 shared and 3 isolated cores. since my cpu has 4 core. Then set this value on target and then it will ask for reboot. after reboot it worked without this error and I was able to run the my code.
I'm trying to deploy an operating system to a target machine via SCCM.
Unfortunately, there are errors in the deployment process and as a consequence, the target machine has not received the operating system correctly.
In order to ascertain what errors are occurring in the deployment process, I wish to view log file(s) for errors. These errors are invariably located in the SMSTSLog file on the target machine.
In given the fact that the target machine is not booting, how can one copy the SMSTSLog from the target machine onto an external USB key in order to view that log file for various errors on another computer?
Plug in into the target machine the USB key which contains the
task sequence for deployment .
Press F12 (Dell machines) to load the boot options.
If it's a legacy boot then choose the USB Storage which contains the task sequence.
or
If its a UEFI boot then choose UEFI option.
For help in identifying which boot option, look at the memory size of the mounted external memory on the boot list.
If the size listed is similar to the size of your USB stick (e.g. UEFI: Jetflash 2GB) then this is your target USB stick to boot from.
Wait for the files to load from the USB.
When the task sequence launches from the USB stick press F8
to bring up a command prompt. Note: Pressing F8 multiple times launches multiple command prompts.
A Task Sequence Wizard window may appear. Simply move this window to
the side of the screen as you are only interested in bringing up a
command prompt.
It is necessary to identify the label volume for the external USB key.
To do this do the following inside the command prompt:
type: Diskpart
Then type: List Volume
You will see a number of volumes listed.
Look for the volume of type removable (as you should only have one removable USB connected to the machine at this time) and
note its label e.g. D
Press F8 again to bring up another command prompt window.
You will now attempt to copy the log file with the following command:
xcopy [source] [destination]
E.g. Type: xcopy X:\windows\temp\SMSTSLog*.* D:\
Source is: X:\windows\temp\SMSTSLog*.*
Destination is: D:\
Then simply remove the USB stick and open in another machine to view SMSTSLog with your editor of choice.
I have a hard drive was crypted by TryeCrypt,a custom edtion ,self input password,and i have found this 40-bytes password via MBR debugging, but can't mount it using standard version 7.1a.
what i want is get some files from this hard drive,good news is,this hard drive is bootable and it is a windows xp sp2,but a fullscreen app was auto startup and any input(keyboard,mouse etc.) was blocked,therefore,the only way to touch it is debugging it with vmware gdb stub.
The ida's remote dbg debugger is working very well, now I touch the guest's memory, edit it's codes, set breakpoints and the symbols was loaded.
so the question is,how can I start a process via patching the kernel?
What I thinking is,build a winddk project , implement a driver to do this with user APC, and then disassemble it to get it's assembler code ,and then patch it into guest via ida.
Any idea? thanks.
I'd like to start service before user mode is loaded (in kernel mode).
The reason is I wanna run several system applications(asm code to write data to BIOS) that are not allowed in user mode (privileges problem).
That's why I got an idea: 1. Write windows service 2. Start and run it in kernel mode
Is it possible?
Are there any other ways to solve the problem?
I don't usually use Vista (use linux instead), that's why I'm asking.
Windows services are user-mode applications. To run in kernel-mode you should write a driver. (So-called "legacy" driver will be enough, see Driver Development Part 1: Introduction to Drivers).