Get to know Windows Vista’s new boot loader architecture

Takeaway: Greg Shultz introduces you to Windows Vista’s new boot loader architecture and the Boot Configuration Data (BCD) system and explains how it works in a dual-boot configuration.

This article is available as a TechRepublic download.

Are you planning to use Windows Vista in a dual–boot configuration on your Windows XP system? If so, you may have read my article “How do I… Install Windows Vista in a dual-boot configuration along with Windows XP?”. While I explained the process of setting up a dual-boot configuration in detail in that article, there are a lot of things that go on behind the scenes that I didn’t touch on. Of course, you really don’t need to know about all that to set up and use Windows Vista in a dual–boot configuration. However, if you plan to modify the boot procedure like you may have done when dual-booting with Windows XP and previous Windows operating systems, you’ll need a deeper understanding of how Windows Vista boots.

If you set up dual-boot configurations with Windows XP and previous Windows operating systems, chances are that you became very familiar with the way Windows XP boots up, as well as how to configure the boot procedure via the Boot.ini file and the Bootcfg.exe utility.

Well, if you’re planning to set up a dual-boot configuration with Windows Vista and Windows XP and really want to get a handle on how it works, you’re going to have to forget all about Boot.ini and the Bootcfg.exe utility and learn about Windows Vista’s new boot loader architecture, which includes the Windows Boot Manager, the Boot Configuration Data (BCD) system, and the Boot Configuration Data Store Editor, BCDEdit.exe.

First, I’ll introduce you to Windows Vista’s new boot loader architecture and the BCD system and explain how it works in a dual-boot configuration. In a future article, I’ll show you how to use the new BCDEdit.exe utility to edit the BCD system and configure the Windows Boot Manager.
Taking a look back at NT Loader

Windows Vista’s predecessors (Windows NT, Windows 2000, and Windows XP) used a system based on the Windows NT boot loader, NTLDR, to boot up the system. To gain a better appreciation of Windows Vista’s new boot loader architecture, let’s begin with a quick look at how NT Loader worked.

NTLDR, which is short for NT Loader, is a special program that was first developed for Windows NT back in early 1990s. With this in mind, you can appreciate that NT Loader was definitely an outdated technology.

Essentially, as the computer boots up, the NTLDR file, containing the main boot loader, loads from the hard drive’s boot sector. Once NTLDR starts, it looks for hiberfil.sys and an active hibernation image. If NTLDR finds both the file and image, the operating system resumes from a hibernation state.

If an active hibernation image is not found, NTLDR reads the Boot.ini file, which contains special configuration options for booting the operating system as well as instructions for displaying the boot menu. Next, NTLDR launches Ntdetect.com, which, as is name implies, is responsible for detecting the basic hardware that is necessary to start the operating system. Finally, NTLDR launches Ntoskrnl.exe, which is the kernel image for an NT-based operating system, such as Windows XP.
Windows Vista’s new boot loader architecture

When Microsoft was developing Windows Vista, it decided to start from scratch and build the new operating system from the ground up. The new boot loader architecture is an excellent example of this methodology because it presents an entirely new way of booting up the Windows operating system that is both quicker and more secure.

To improve boot time and increase security, Microsoft’s Windows Vista developers decided to do away with NTLDR and replace it with an entirely new system built around three main components: the new boot loader architecture, a new boot option storage system called Boot Configuration Data (BCD), and a new boot option editing tool called BCDEdit.exe.

Now, the new boot loader architecture can itself be broken down into three main components: The Windows Boot Manager (Bootmgr.exe), the Windows operating system loader (Winload.exe), and the Windows resume loader (Winresume.exe).

In this new system, as the computer boots up, the Windows Boot Manager loads first and reads the Boot Configuration Data, which is essentially a database of boot–time configuration information stored on the hard disk in a format similar to the registry. The Boot Configuration Data database can include information about a current hibernation image, special configuration options for booting the Windows Vista operating system, and special configuration options for booting an alternate operating system. In addition to this type of information, the Boot Configuration Data database can provide instructions for launching diagnostic or recovery tools that actually run independent of the operating system.

In the overall boot process scheme, the Windows Boot Manager is a completely separate entity and is totally unaware of any operating system boot loader operations. This isolation adds a level of security between the actual booting of the computer and booting of the operating system.
How does it work?

When Windows Boot Manager reads the Boot Configuration Data, it uses the information it finds in the database to determine if it needs to display its menu. If a menu is not necessary, Windows Boot Manager does one of two things, depending on the information it finds in the Boot Configuration Data database: It either passes control over to the Windows resume loader or to the Windows operating system loader.
Windows resume loader

If the Boot Configuration Data database contains information about a current hibernation image, the Windows Boot Manager passes that information over to the Windows resume loader. Once that handover occurs, the Windows Boot Manager exits and the Windows resume loader takes over. At this stage, the Windows resume loader reads the hibernation image file and uses it return the operating system to the running state it was in when hibernation was invoked.
Windows operating system loader

If the Boot Configuration Data database doesn’t contain information about a current hibernation image, the Windows Boot Manager retrieves boot configuration information and then passes that information over to the Windows operating system loader. Once that handover occurs, the Windows Boot Manager exits and the Windows operating system loader takes over. At this stage, Windows operating system loader loads the kernel, Ntoskrnl.exe, and any basic hardware drivers. As it does so, the Windows Vista operating system boots up.
Booting an alternate operating system

Now, if the Windows Boot Manager finds information in the Boot Configuration Data database about another operating system, the Windows Boot Manager will build and display a menu that lists Windows Vista and the other operating system as choices. If the other operating system is selected, the Windows Boot Manager retrieves information about how to boot that operating system and then passes the information over to the appropriate operating system loader. As in the previous examples, the Windows Boot Manager then exits and the other operating system’s boot loader takes over.
Moving forward

As I mentioned at the beginning, the main reason for gaining a better understanding of Windows Vista’s new boot loader architecture is to help you to work with Windows Vista in a dual-boot configuration. With this information under your belt, we’ll delve into the Boot Configuration Data database and the Boot Configuration Data Store Editor, BCDEdit.exe, in the next article.

Ref: http://articles.techrepublic.com.com/5100-10878_11-6169638.html

Post a comment or leave a trackback: Trackback URL.

ใส่ความเห็น

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / เปลี่ยนแปลง )

Twitter picture

You are commenting using your Twitter account. Log Out / เปลี่ยนแปลง )

Facebook photo

You are commenting using your Facebook account. Log Out / เปลี่ยนแปลง )

Google+ photo

You are commenting using your Google+ account. Log Out / เปลี่ยนแปลง )

Connecting to %s

%d bloggers like this: