Re: Need help with own PXE/bootloader and SDI images

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: KM (konstmor_at_nospam_yahoo.com)
Date: 07/04/04 

Date: Sat, 3 Jul 2004 18:32:19 -0700

I was actually wondering why not use debugger?

If the problem is in NT Loader, switching to serial debug may show some good
info (noone can promise that but debug output has always been helpful).

Also, there is a debug version of the ntldr in DDK. If you use this version
in the LOAD blob, set proper parameters in boot.ini and have the KD
connected from another machine, it may help.

Or did I miss anything?

KM

> Hi Yann,
>
> I know that you must feel frustrated because you can't see anything (can't
use debugger) :(
>
> Try making boot.ini with two entries and set some time in timeout.
> If boot.ini get loaded by ntldr. you should at least see multi boot choice
screen.
>
> Also make sure that this is true:"EDX = 32-bit physical address of the
page aligned SDI image bitwise ORed with 41h"
>
> BTW:
> First thing when your code is executed you should set stack values. Look
at my code.
>
> Good luck,
> Slobodan
>
> PS:
> Give me more info about what you did so far if yuo still have problems.
>
> "Yann Blue" <yblue@free.fr> wrote in message
news:pan.2004.07.03.19.51.37.500135@free.fr...
> > On Sat, 03 Jul 2004 21:34:19 +0200, Yann Blue wrote:
> >
> > I said something wrong, I don't get "corrupt NTLDR" if I change edx but
> > "SDI image format corrupt.". A better proof of being in NTLDR is that I
> > get "Invalid boot.ini file" if I use the old NTLDR (see previous posts).
> >
> > Y.Blue
> >
> > > On Mon, 28 Jun 2004 22:54:37 +0200, Slobodan Brcin (eMVP) wrote:
> > >
> > > Hi,
> > >
> > > Ok, this time, I am really desperate of getting this to work.
> > >
> > > I replaced my protected mode function by one using the int 15h 87h
bios
> > > call, but I still get the same result: black screen (If I change the
edx
> > > value (SDI address) before jumping to 7C00h, I get "corrupt NTLDR), so
I
> > > must be in NTLDR).
> > >
> > > Something must be wrong with my combination of
> > > startrom.com/NTLDR/ntdetect.com or perhaps I don't prepare the stack
and
> > > segment registers correctly ?
> > > My image is still booting correctly with
> > > classic Remote Boot method and offset adjusted to 7000h (28672). I
really
> > > don't understand, do you have an idea ?
> > >
> > > startrom.com: 24258 bytes
> > > NTLDR: 233632 bytes
> > > ntdetect.com: 47580 bytes
> > >
> > > Best regards
> > > Y. Blue
> > >
> > >> Hi Yann,
> > >>
> > >> Why do you need protected mode switches?
> > >> If you can try BIOS copy function to copy memory to addresses above
1MB. In that way you will not have to mess with PM.
> > >>
> > >> Regards,
> > >> Slobodan
> > >>
> > >>
> > >> "Yann Blue" <yblue@free.fr> wrote in message
news:pan.2004.06.28.20.47.43.954810@free.fr...
> > >>> On Sun, 27 Jun 2004 17:51:20 +0200, Slobodan Brcin (eMVP) wrote:
> > >>>
> > >>> > So far you know that you successfully relinquished control, and
that SDI is loaded in memory where it is expected.
> > >>> Good news, I will think of this as a progress S:
> > >>>
> > >>> > What XPe service pack do you use?
> > >>> I use SP1 of Windows Embedded.
> > >>>
> > >>> I tried with the NTLDR present on SP1, the one with a size of 233632
bytes.
> > >>> Unfortunately, I now get a black screen. I thought I was cleaning
> > >>> protected mode and everything else properly, but now, I doubt...
(The
> > >>> image still boot properly with classic Remote Boot and adjusted
offset in
> > >>> boot.ini).
> > >>>
> > >>> Y. Blue
> > >>>
> > >>>
> > >>> > Hi Yann,
> > >>> >
> > >>> >> Where do you think I am in the booting process ? (NTLDR ?)
> > >>> >
> > >>> > So far you know that you successfully relinquished control, and
that SDI is loaded in memory where it is expected.
> > >>> >
> > >>> >> Invalid BOOT.INI File
> > >>> >> Booting from C:\windows\
> > >>> >> NTDETECT failed
> > >>> >
> > >>> > This errors are reported by ntldr. so you know that it at least
started executing.
> > >>> >
> > >>> > What XPe service pack do you use?
> > >>> >
> > >>> > Anyhow 214016 is too short for SP1 or newer releases. Please
search in xpe repository for some ntldr with newer date.
> > >>> >
> > >>> > 233632 bytes long or bigger. (You probably should not use
ewfntldr)
> > >>> >
> > >>> > Best regards,
> > >>> > Slobodan
> > >>> >
> > >>> > "Yann Blue" <yblue@free.fr> wrote in message
news:pan.2004.06.27.15.09.54.311276@free.fr...
> > >>> >> On Sun, 27 Jun 2004 04:18:41 +0200, Slobodan Brcin (eMVP) wrote:
> > >>> >>
> > >>> >> Ok , thanks, I found some errors. The issue didn't seem to be in
the
> > >>> >> real/protected mode switch but I didn't clean properly the vga
stuff I
> > >>> >> used before jumping. I think I'm closer to my aim, but
unfortunatly, I now
> > >>> >> get:
> > >>> >>
> > >>> >> Invalid BOOT.INI File
> > >>> >> Booting from C:\windows\
> > >>> >> NTDETECT failed
> > >>> >>
> > >>> >> However, I have a boot.ini file in the root directory of the SDI
image
> > >>> >> with:
> > >>> >> [boot loader]
> > >>> >> default=ramdisk(0)\WINDOWS
> > >>> >> [operating systems]
> > >>> >> ramdisk(0)\WINDOWS="Windows XPE From RAM" /fastdetect
> > >>> >>
> > >>> >> as said in the white paper.
> > >>> >>
> > >>> >> I searched in this group for related issues but didn't find
anything
> > >>> >> similar to my problem.
> > >>> >> I put also the ntdetect.com file in the root directory.
> > >>> >>
> > >>> >> What could be wrong ? I think I might use a bad NTLDR file ?
(Mine is
> > >>> >> 214016 bytes long).
> > >>> >>
> > >>> >> Thanks for being so active on this group Slobodan Brcin \(eMVP\).
> > >>> >> Y. Blue
> > >>> >>
> > >>> >> PS: Where do you think I am in the booting process ? (NTLDR ?)
> > >>> >>
> > >>> >> >> > 1. You never mentioned location of your code. Did you
reallocate it
> > >>> >> >> > away from segment 7c00?
> > >>> >> >>
> > >>> >> >> My code is initially at location 07c00h, so I effectively
reallocate the
> > >>> >> >> last part (which copy from/to highmem then jump to 07c00h) at
01000h
> > >>> >> >> before running it.
> > >>> >> >
> > >>> >> > I did not understand this answer:
> > >>> >> > Did you reallocate your code at 0100h:0000h address before you
switched to protected mode? You should do that.
> > >>> >> > Also don't go so low in memory you should better stick little
lower than 7c00h 512 bytes lower.
> > >>> >> > Also you need to initialize stack at the beginning of your code
for your internal use not for use by startrom it should
> do it
> > >> by
> > >>> >> > itself when you transfer control to it.
> > >>> >> >
> > >>> >> >> > 4. You never mentioned mechanism that you use to load data
in memory
> > >>> >> >> > above 1MB.
> > >>> >> >>
> > >>> >> >> I use protected mode to copy data in high memory. I've read
how you do it
> > >>> >> >> with int vector, but I already had code to do it in
> > >>> >> >> protected mode.
> > >>> >> >
> > >>> >> > I used protected mode very long time ago when I was very young
and was writing my simple OS. (Before the days of Windows
> 95).
> > >>> >> > I hope that you know what you are doing (or trust code you
have) and that you switch correctly back and forth between
> > >> protected
> > >>> > and
> > >>> >> > real mode.
> > >>> >> >
> > >>> >> >
> > >>> >> > 6. You must ensure that you are NOT IN PROTECTED MODE. Also you
must restore all segments/selectors you used so they have
> 64K
> > >>> > limits
> > >>> >> > etc.
> > >>> >> > Only after you make sure that you left in perfect order (Like
that you never gone to protected mode) only then you should
> > >> jump
> > >>> > to
> > >>> >> > 7c00h. (Otherwise what can happen is unpredictable)
> > >>> >> >
> > >>> >> > Make sure that you do things right in step 6.
> > >>> >> >
> > >>> >> >> I would like to know if I'm stucked in the startrom.com part,
the
> > >>> >> >> NTLDR one or the PART one.
> > >>> >> >
> > >>> >> > This is tough one to detect. :(
> > >>> >> >
> > >>> >> >>Does NTLDR display something before booting the system ?
> > >>> >> >
> > >>> >> > I can't remember it was a while ago.
> > >>> >> >
> > >>> >> > Best regards,
> > >>> >> > Slobodan
> > >>> >> >
> > >>> >> >
> > >>> >> > "Yann Blue" <yblue@free.fr> wrote in message
news:pan.2004.06.27.00.53.53.286840@free.fr...
> > >>> >> >> On Sat, 26 Jun 2004 21:04:15 +0200, Slobodan Brcin (eMVP)
wrote:
> > >>> >> >>
> > >>> >> >> > Hi Yann,
> > >>> >> >> >
> > >>> >> >> > 1. You never mentioned location of your code. Did you
reallocate it
> > >>> >> >> > away from segment 7c00?
> > >>> >> >>
> > >>> >> >> My code is initially at location 07c00h, so I effectively
reallocate the
> > >>> >> >> last part (which copy from/to highmem then jump to 07c00h) at
01000h
> > >>> >> >> before running it.
> > >>> >> >>
> > >>> >> >> > 2. You can find my working code for custom SDI boot in this
NG.
> > >>> >> >>
> > >>> >> >> The code I found from you boot from a CD, mine use PXE to
> > >>> >> >> download the SDI image, it is however very usefull, thanks for
that.
> > >>> >> >>
> > >>> >> >> > 3. I can't remember but I think that I'm using addresses
above 4MB.
> > >>> >> >> > 0400000h. Two MB is too close to beginning of mem.
> > >>> >> >>
> > >>> >> >> I changed my code to use 0400000h but the result is the same.
> > >>> >> >>
> > >>> >> >> > 4. You never mentioned mechanism that you use to load data
in memory
> > >>> >> >> > above 1MB.
> > >>> >> >>
> > >>> >> >> I use protected mode to copy data in high memory. I've read
how you do it
> > >>> >> >> with int vector, but I already had code to do it in
> > >>> >> >> protected mode.
> > >>> >> >>
> > >>> >> >> > 5. Make sure that your image is working fine after adding
BOOT and
> > >>> >> >> > LOAD blobs. Change offset address of PART in boot.ini.
> > >>> >> >>
> > >>> >> >> My image is working fine with BOOT and LOAD blobs, I just
changed the
> > >>> >> >> offset to 28672 (07000h) as advised by you.
> > >>> >> >>
> > >>> >> >> > 6. Make sure that you are in real mode before doing the
final jump.
> > >>> >> >>
> > >>> >> >> I am in protected mode, but I don't know if I do enough: I
re-enable
> > >>> >> >> interrupts then put esp and ss as said previously, is it
sufficient ?
> > >>> >> >>
> > >>> >> >> I would like to know if I'm stucked in the startrom.com part,
the
> > >>> >> >> NTLDR one or the PART one. Does NTLDR display something before
booting the
> > >>> >> >> system ?
> > >>> >> >>
> > >>> >> >> Thanks a lot for you help
> > >>> >> >>
> > >>> >> >> Y. Blue
> > >>> >> >>
> > >>> >> >> >
> > >>> >> >> > Regards,
> > >>> >> >> > Slobodan
> > >>> >> >> >
> > >>> >> >> > "Yann Blue" <yblue@free.fr> wrote in message
> > >>> >> >>
> > >>> >> >> >>
> > >>> >> >> >> For specific needs, I have to make my own bootloader to
boot a SDI
> > >>> >> >> >> image.
> > >>> >> >> >> I used the white paper "RAM Boot Using SDI in Windows XP
Embedded with
> > >>> >> >> >> Service Pack 1" from Saad Syed.
> > >>> >> >> >>
> > >>> >> >> >> Everything seems to work correctly until jumping to 07c00h
adress to
> > >>> >> >> >> run startrom.com, at this point, the system hangs with the
following
> > >>> >> >> >> text:
> > >>> >> >> >>
> > >>> >> >> >> Press F12 for network service boot.
> > >>> >> >> >>
> > >>> >> >> >>
> > >>> >> >> >> Details:
> > >>> >> >> >> --------
> > >>> >> >> >>
> > >>> >> >> >> I begin with a SDI file tested with the classic Remote Boot
procedure
> > >>> >> >> >> (download of startrom.n12, download of sdi image, progress
bar,
> > >>> >> >> >> booting...). I add the BOOT and LOAD parts as suggested in
the white
> > >>> >> >> >> paper. At last, I pack it. When I run sdimgr on the final
image, I get
> > >>> >> >> >> the following result:
> > >>> >> >> >>
> > >>> >> >> >> Microsoft (R) Windows Script Host Version 5.6
> > >>> >> >> >> Copyright (C) Microsoft Corporation 1996-2001. All rights
reserved.
> > >>> >> >> >>
> > >>> >> >> >> SDI File Manager version 1.00.621
> > >>> >> >> >> Copyright (C) 1999-2001 Microsoft Corp. All Rights
Reserved.
> > >>> >> >> >>
> > >>> >> >> >> SDI File : C:\image.sdi
> > >>> >> >> >> MDB Type : ---
> > >>> >> >> >> Boot Code Offset : 0x00000000.00001000
> > >>> >> >> >> Boot Code Size : 0x00000000.00005EC2
> > >>> >> >> >> Vendor ID : 0x0000 (0)
> > >>> >> >> >> Device ID : 0x0000 (0)
> > >>> >> >> >> Device Model :
{00000000-0000-0000-0000-000000000000}
> > >>> >> >> >> Device Role : 0
> > >>> >> >> >> Runtime GUID :
{00000000-0000-0000-0000-000000000000}
> > >>> >> >> >> Runtime OEM Rev : 0
> > >>> >> >> >> Page Alignment : 1 (4096 bytes)
> > >>> >> >> >>
> > >>> >> >> >> Type Offset Size Base Address
Attr
> > >>> >> >>
>> ---- ------------------- ------------------- -------------------
> > >>> >> >> >> ----------
> > >>> >> >> >> BOOT 0x00000000.00001000 0x00000000.00005EC2
0x00000000.00000000
> > >>> >> >> >> 0x00000000
> > >>> >> >> >> PART 0x00000000.00007000 0x00000000.0F324000
0x00000000.00000007
> > >>> >> >> >> 0x00000000
> > >>> >> >> >> LOAD 0x00000000.0F32B000 0x00000000.00034400
0x00000000.00000000
> > >>> >> >> >> 0x00000000
> > >>> >> >> >>
> > >>> >> >> >> My bootloader downloads this sdi image in high memory
(above 0200000h
> > >>> >> >> >> as suggested somewhere in this forum because of NTLDR
cloberring),
> > >>> >> >> >> then I copy the boot code (from offset 01000h and size of
05EC2h) at
> > >>> >> >> >> 07c00h.
> > >>> >> >> >>
> > >>> >> >> >> In real mode, before jumping to 07c00h, I prepare esp and
ss:
> > >>> >> >> >> mov ax,30
> > >>> >> >> >> mov ss,ax
> > >>> >> >> >> mov esp,0100h
> > >>> >> >> >>
> > >>> >> >> >> I put the SDI header address in edx and jump to 07c00h, but
the system
> > >>> >> >> >> is not loading, instead, the system hangs with the text
'Press F12 for
> > >>> >> >> >> network service boot.". There is a cursor on the following
line.
> > >>> >> >> >> (Pressing F12 does nothing).
> > >>> >> >> >>
> > >>> >> >> >> Does someone have an idea what I made wrong ? I really need
this to
> > >>> >> >> >> work but can't find the issue.
> > >>> >> >> >>
> > >>> >> >> >> P.S:
> > >>> >> >> >> - If I use reboot.com instead of startrom.com, the system
unload pxe
> > >>> >> >> >> and reboots normally.
> > >>> >> >> >> - The initial sdi image (before adding BOOT and LOAD PART)
works fine
> > >>> >> >> >> with the same system and classic Remote Boot.
> > >>> >> >> >> - I get the same result if I put a false SDI address in edx
before
> > >>> >> >> >> jumping to 07c00h, so I don't think startrom.com comes to
this point ?
> > >>> >> >> >>
> > >>> >> >> >> Thanks in advance for your help.
> > >>> >> >> >>
> > >>> >> >> >> Y. Blue
> > >>> >> >>
> > >>> >>
> > >>>
> >
>
>

Relevant Pages

  • Re: Shared-memory between threads and synchronization
    ... process and shared memory should be accessed between different ... switches between threads have the same 'switching cost' (insofar the ... the result of the initial translation of some address is ... be read from high speed cache memory instead of being fetched from the ...
    (comp.os.linux.development.system)
  • [UNIX] PHP gd Library imageRotate() Function Information Leak Vulnerability
    ... PHP gd Library imageRotateFunction Information Leak Vulnerability ... Information leak vulnerabilities allow access to e.g. the Apache memory ... gdImagePtr gdImageRotate (gdImagePtr src, double dAngle, ... if($debug) ...
    (Securiteam)
  • Re: Problem only in release version!
    ... Debug version may still have the problem, but the stack space is better ... memory or a buffer on the stack is not always caught. ... > Just to affirm Jochen's point, the Debug version initializes most ...
    (microsoft.public.dotnet.languages.vc)
  • Re: Epia Mini-ITX ce installation
    ... run your apllication on the CE simulator, or maybe even when you try to ... Normally the Emulator emulates a device with 32MB ram memory. ... A debug CE image is roughly about twice the size of a retail image. ...
    (microsoft.public.windowsce.embedded)
  • Re: Interrupt 18h on an 8088 to trigger "retro" BASIC mode
    ... 576kB of memory and thus cannot really compete with my Mac Mini. ... BASIC mode again. ... Or do you just run it from debug? ...
    (comp.lang.asm.x86)