Please note, it's easier to just use a recovery flash drive/dvd disk!
I just wanted a new challenge, and I found it:
My friend has switched from Windows to Fedora. Somehow in the process, Windows Bootloader went missing from EFI partition (I would love to know how did that happen as much as you do or don't, but I wasn't supervising at the moment, so... no idea)
Partitions on the system in question (nvme0n1p1
is the recovery partition and nvme0n1p4
is the Windows partition):
thedude@fedora:~$ sudo fdisk -l
Disk /dev/nvme0n1: 238.47 GiB, 256060514304 bytes, 500118192 sectors
...
Disklabel type: gpt
Disk identifier: 774ADD80-82FF-4A39-8AD1-A05757758999
...
thedude@fedora:~$ lsblk -o +PARTUUID
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS PARTUUID
sda 8:0 0 931.5G 0 disk
├─sda1 8:1 0 16M 0 part 3e3148e0-b4dc-4579-a790-3b597e1f4bae
├─sda2 8:2 0 491.8G 0 part /mnt/hdd 2f78c480-4658-4b29-b547-4b6962e82e8d
└─sda3 8:3 0 439.7G 0 part /mnt/hdd-linux acebeb50-8ff6-4786-babe-76a8e6f14060
zram0 252:0 0 15.6G 0 disk [SWAP]
nvme0n1 259:0 0 238.5G 0 disk
├─nvme0n1p1 259:1 0 529M 0 part 0be9fc2c-9764-4b15-896e-66d154619b4d
├─nvme0n1p2 259:2 0 100M 0 part /boot/efi bcdb81c7-5440-4cf8-a6b7-b7c747e7f36f
├─nvme0n1p3 259:3 0 16M 0 part b1352d5d-d56f-47da-a734-822e91f6b61a
├─nvme0n1p4 259:4 0 185.1G 0 part /mnt/ssd d357ee91-5441-44ea-81a3-c6e11df079bf
├─nvme0n1p5 259:5 0 976M 0 part /boot 3ca1fcbc-8fa6-415d-bc3b-6a27bbe701ee
├─nvme0n1p6 259:6 0 47.8G 0 part /home 1382df65-fd9b-46b0-a27e-82e57fc3da01
│ /
└─nvme0n1p7 259:7 0 4G 0 part [SWAP] e7cfa370-e1d9-46f8-bebc-0c5060a57ad0
So, for starters, we copied everything from C:\Windows\Boot\EFI
to \EFI\Microsoft\Boot\
on EFI partition
and added \EFI\Microsoft\Boot\bootmgfw.efi
as a GRUB entry:
insmod fat
search --no-floppy --fs-uuid --set=root bcdb81c7-5440-4cf8-a6b7-b7c747e7f36f
chainloader /EFI/Microsoft/Boot/bootmgfw.efi
Trying to use that entry unsurprisingly resulted in error 0xc000000f: Boot Configuration Data (aka BCD) is missing or corrupted
The next step would be to attempt using somebody's BCD exported via bcdedit /export "C:\BCD.backup"
as a replacement for missing \EFI\Microsoft\Boot\BCD
on target system
Aaand you will get error code 0xc000000e: A required device isn't connected or can't be accessed
because actual drive and partition UUIDs of the target system are missing from imported BCD storage.
First, you'll need to find the current device ids:
Let's take a look at BCD contents using chntpw -e BCD
:
thedude@fedora:~$ chntpw -e BCD
chntpw version 1.00 140201, (c) Petter N Hagen
Hive <BCD> name (from header): <\??\C:\BCD.backup>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 28672 [7000] bytes, containing 6 pages (+ 1 headerpage)
Used for data: 447/23576 blocks/bytes, unused: 3/808 blocks/bytes.
Simple registry editor. ? for help.
> ls
Node has 2 subkeys and 0 values
key name
<Description>
<Objects>
> cd Objects
\Objects> ls
Node has 16 subkeys and 0 values
key name
<{0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}>
<{1afa9c49-16ab-4a5c-901b-212802da9460}>
<{4636856e-540f-4170-a130-a84776f4c654}>
<{5189b25c-5558-4bf2-bca4-289b11bd29e2}>
<{6efb52bf-1766-41db-a6b3-0ee5eff72bd7}>
<{7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}>
<{7ff607e0-4395-11db-b0de-0800200c9a66}>
<{93ce2257-50cd-11ee-9f15-f1f834112696}>
<{93ce2258-50cd-11ee-9f15-f1f834112696}>
<{93ce2259-50cd-11ee-9f15-f1f834112696}>
<{93ce225a-50cd-11ee-9f15-f1f834112696}>
<{9dea862c-5cdd-4e70-acc1-f32b344d4795}>
<{a5a30fa2-3d06-4e9f-b5f4-a01df9d1fcba}>
<{b2721d73-1db4-4c62-bf78-c548a880142d}>
<{bc68ec6a-37be-11eb-8b04-c17d71aeb437}>
<{bc68ec6e-37be-11eb-8b04-c17d71aeb437}>
We need to find objects representing boot entries for recovery mode and normal Windows boot process. The easiest way to spot those is to simply look for 3 (or more) similar GUIDs where only the first section increments by 1.
In my case:
<{93ce2257-50cd-11ee-9f15-f1f834112696}> - Resume from Hibernation
<{93ce2258-50cd-11ee-9f15-f1f834112696}> - Windows Boot Loader (OS)
<{93ce2259-50cd-11ee-9f15-f1f834112696}> - Windows Boot Loader (WinRE)
Lets take a look at the recovery entry first (if we can fix it, worst case scenario it will fix everything else for us!)
\Objects> cd {93ce2259-50cd-11ee-9f15-f1f834112696}
(...)\{93ce2259-50cd-11ee-9f15-f1f834112696}> cd Elements\12000004
(...)\Elements\12000004> cat Element
Value <Element> of type REG_SZ (1), data length 60 [0x3c]
Windows Recovery Environment
Now we're sure this is the Windows RE entry. Lets proceed. Drive and Partition UUIDs are contained within paths in elements 11000001
(device) and 21000001
(osdevice).
(...)\Elements\12000004> cd ..\11000001
(...)\Elements\11000001> cat Element
Value <Element> of type REG_BINARY (3), data length 200 [0xc8]
:00000 5A 22 CE 93 CD 50 EE 11 9F 15 F1 F8 34 11 26 96 Z"...P......4.&.
:00010 00 00 00 00 01 00 00 00 B8 00 00 00 00 00 00 00 ................
:00020 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
:00030 00 00 00 00 00 00 00 00 01 00 00 00 90 00 00 00 ................
:00040 05 00 00 00 06 00 00 00 00 00 00 00 48 00 00 00 ............H...
:00050 00 00 00 00 51 1C C6 C4 56 34 33 47 96 AD AE 76 ....Q...V43G...v
:00060 0A 41 C3 92 00 00 00 00 00 00 00 00 B8 13 92 75 .A.............u
:00070 C3 36 61 47 8E B6 71 11 DC 8B 5C 7B 00 00 00 00 .6aG..q...\{....
:00080 00 00 00 00 00 00 00 00 00 00 00 00 5C 00 52 00 ............\.R.
:00090 65 00 63 00 6F 00 76 00 65 00 72 00 79 00 5C 00 e.c.o.v.e.r.y.\.
:000A0 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 52 00 W.i.n.d.o.w.s.R.
:000B0 45 00 5C 00 57 00 69 00 6E 00 72 00 65 00 2E 00 E.\.W.i.n.r.e...
:000C0 77 00 69 00 6D 00 00 00 w.i.m...
(...)\Elements\11000001> cd ..\21000001
(...)\Elements\21000001> cat Element
Value <Element> of type REG_BINARY (3), data length 200 [0xc8]
:00000 5A 22 CE 93 CD 50 EE 11 9F 15 F1 F8 34 11 26 96 Z"...P......4.&.
:00010 00 00 00 00 01 00 00 00 B8 00 00 00 00 00 00 00 ................
:00020 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
:00030 00 00 00 00 00 00 00 00 01 00 00 00 90 00 00 00 ................
:00040 05 00 00 00 06 00 00 00 00 00 00 00 48 00 00 00 ............H...
:00050 00 00 00 00 51 1C C6 C4 56 34 33 47 96 AD AE 76 ....Q...V43G...v
:00060 0A 41 C3 92 00 00 00 00 00 00 00 00 B8 13 92 75 .A.............u
:00070 C3 36 61 47 8E B6 71 11 DC 8B 5C 7B 00 00 00 00 .6aG..q...\{....
:00080 00 00 00 00 00 00 00 00 00 00 00 00 5C 00 52 00 ............\.R.
:00090 65 00 63 00 6F 00 76 00 65 00 72 00 79 00 5C 00 e.c.o.v.e.r.y.\.
:000A0 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 52 00 W.i.n.d.o.w.s.R.
:000B0 45 00 5C 00 57 00 69 00 6E 00 72 00 65 00 2E 00 E.\.W.i.n.r.e...
:000C0 77 00 69 00 6D 00 00 00 w.i.m...
In this case, 16 byte long partition UUID is stored at offset 0x00054
: 51 1C C6 C4 56 34 33 47 96 AD AE 76 0A 41 C3 92
(which is equal to GUID {C4C61C51-3456-4733-96AD-AE760A41C392}
)
And 16 byte long device UUID is stored at offset 0x0006C
: B8 13 92 75 C3 36 61 47 8E B6 71 11 DC 8B 5C 7B
(which is equal to GUID {759213B8-36C3-4761-8EB6-7111DC8B5C7B}
)
We need to replace those to partition UUID ({0BE9FC2C-9764-4B15-896E-66D154619B4D}
according to lsblk
) and device UUID ({774ADD80-82FF-4A39-8AD1-A05757758999}
according to fdisk
) of the recovery partition on the target device.
Lets convert target UUIDs to bytes:
{0BE9FC2C-9764-4B15-896E-66D154619B4D}
equals to2C FC E9 0B 64 97 15 4B 89 6E 66 D1 54 61 9B 4D
{774ADD80-82FF-4A39-8AD1-A05757758999}
equals to80 DD 4A 77 FF 82 39 4A 8A D1 A0 57 57 75 89 99
And edit osdevice
element of Windows RE entry accordingly:
(...)\Elements\21000001> ed Element
EDIT: <Element> of type REG_BINARY (3) with length 200 [0xc8]
New length (ENTER to keep same):
Buffer debugger. '?' for help.
.: 00054 2C FC E9 0B 64 97 15 4B 89 6E 66 D1 54 61 9B 4D
from: 54, wlen: 16
.: 0006C 80 DD 4A 77 FF 82 39 4A 8A D1 A0 57 57 75 89 99
from: 6c, wlen: 16
.s
(...)\Elements\21000001> cat Element
Value <Element> of type REG_BINARY (3), data length 200 [0xc8]
:00000 5A 22 CE 93 CD 50 EE 11 9F 15 F1 F8 34 11 26 96 Z"...P......4.&.
:00010 00 00 00 00 01 00 00 00 B8 00 00 00 00 00 00 00 ................
:00020 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
:00030 00 00 00 00 00 00 00 00 01 00 00 00 90 00 00 00 ................
:00040 05 00 00 00 06 00 00 00 00 00 00 00 48 00 00 00 ............H...
:00050 00 00 00 00 2C FC E9 0B 64 97 15 4B 89 6E 66 D1 ....,...d..K.nf.
:00060 54 61 9B 4D 00 00 00 00 00 00 00 00 80 DD 4A 77 Ta.M..........Jw
:00070 FF 82 39 4A 8A D1 A0 57 57 75 89 99 00 00 00 00 ..9J...WWu......
:00080 00 00 00 00 00 00 00 00 00 00 00 00 5C 00 52 00 ............\.R.
:00090 65 00 63 00 6F 00 76 00 65 00 72 00 79 00 5C 00 e.c.o.v.e.r.y.\.
:000A0 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 52 00 W.i.n.d.o.w.s.R.
:000B0 45 00 5C 00 57 00 69 00 6E 00 72 00 65 00 2E 00 E.\.W.i.n.r.e...
:000C0 77 00 69 00 6D 00 00 00 w.i.m...
Now we repeat the same for device
element of Windows RE entry:
(...)\Elements\21000001> cd ..\11000001
(...)\Elements\11000001> ed Element
EDIT: <Element> of type REG_BINARY (3) with length 200 [0xc8]
New length (ENTER to keep same):
Buffer debugger. '?' for help.
.: 00054 2C FC E9 0B 64 97 15 4B 89 6E 66 D1 54 61 9B 4D
from: 54, wlen: 16
.: 0006C 80 DD 4A 77 FF 82 39 4A 8A D1 A0 57 57 75 89 99
from: 6c, wlen: 16
.s
(...)\Elements\11000001> cat Element
Value <Element> of type REG_BINARY (3), data length 200 [0xc8]
:00000 5A 22 CE 93 CD 50 EE 11 9F 15 F1 F8 34 11 26 96 Z"...P......4.&.
:00010 00 00 00 00 01 00 00 00 B8 00 00 00 00 00 00 00 ................
:00020 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
:00030 00 00 00 00 00 00 00 00 01 00 00 00 90 00 00 00 ................
:00040 05 00 00 00 06 00 00 00 00 00 00 00 48 00 00 00 ............H...
:00050 00 00 00 00 2C FC E9 0B 64 97 15 4B 89 6E 66 D1 ....,...d..K.nf.
:00060 54 61 9B 4D 00 00 00 00 00 00 00 00 80 DD 4A 77 Ta.M..........Jw
:00070 FF 82 39 4A 8A D1 A0 57 57 75 89 99 00 00 00 00 ..9J...WWu......
:00080 00 00 00 00 00 00 00 00 00 00 00 00 5C 00 52 00 ............\.R.
:00090 65 00 63 00 6F 00 76 00 65 00 72 00 79 00 5C 00 e.c.o.v.e.r.y.\.
:000A0 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 52 00 W.i.n.d.o.w.s.R.
:000B0 45 00 5C 00 57 00 69 00 6E 00 72 00 65 00 2E 00 E.\.W.i.n.r.e...
:000C0 77 00 69 00 6D 00 00 00 w.i.m...
Now we can save the edited BCD file, copy it to the EFI partition and let Windows Recovery attempt to do the rest of work for us:
(...)\Elements\11000001> q
Hives that have changed:
# Name
0 <BCD>
Write hive files? (y/n) [n] : y
0 <BCD> - OK
Repeat the same process for the normal boot entry (in this case, I'd need to make changes for entry {93ce2258-50cd-11ee-9f15-f1f834112696}
: new partition UUID {d357ee91-5441-44ea-81a3-c6e11df079bf}
and new device UUID {774ADD80-82FF-4A39-8AD1-A05757758999}
)
And don't forget to change those UUIDs in both elements: 11000001
(device
) and 21000001
(osdevice
)!
If everything else fails, just replace all occurrences of all device and partition UUIDs using any HEX editor of your liking (e.g. hexed.it)