feedback
feedback copied to clipboard
MicrosoftDocs
Boot process and BCD store related documentation lacking
Is your feature request related to a problem? Please describe. I recently had OS failing to boot after recovery from partition backup. Automatic startup repair failed and ended up using bootrec and bcdedit commands. When trying to learn more about how Window bootloader works and what is BCD is if found linked documentation lacking. https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/bcd-system-store-settings-for-uefi
Describe the solution you'd like
- Describe what is BCD and where it is located. Or add link to that. Quick search online doesn't provide any reasonable hits. What does it stand for?
- Explain ALL entries within BCD such as isolatedcontext, nx, bootmenupolicy, etc
- Differentiate more explicitly between EFI system partition and Windows system partition. Don't just say "system partition". Ideally two different terms be better, e.g. EFI partition and OS partition would be much clearer.
- Also I am not quite sure how is how Windows Boot Manager is aware of letter assignments for partitions. I guess it's part of NTFS, but again can't find clear answer online after quick search. Defining it BCD page of course if out of scope but some footnote could be nice.
Describe alternatives you've considered Linux :)
Thank you for creating the issue! One of our team members will get back to you shortly with additional information. If this is a product issue, please close this and contact the particular product's support instead (see https://support.microsoft.com/allproducts for the list of support websites).
![welcome[bot] avatar](https://avatars.githubusercontent.com/in/4141?v=4 "Published by a pub.dev verified publisher"){kind=small}
Thanks, @voldemarz for the feedback. I've added these two notes near the top of the page (will build overnight and be in the public docs tomorrow). These references contain the info you're looking for:
For general info about BCDEdit, including location and command-line option definitions, see BCDEdit Command-Line Options.
To understand how BitLocker verifies that the security sensitive boot configuration data (BCD) settings have not changed since BitLocker was last enabled, resumed, or recovered, see BCD settings and BitLocker.
As to differentiating between EFI and Windows partitions and how Windows Boot Manager is aware of letter assignments for partitions, I am unable to get to those at this time.
Thanks, Eliot
IsolatedContext is not explained... but it is mentioned here as being an unexplained Hyper V setting: https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/bcdedit--hypervisorsettings#serial-debugging-example
From my recall: isolatedcontext = Virtualization Based Security - it's based on shielded VMs and removes access to some of the host to the guest. The hypervisor host will refuse to provide un-restricted access to the guest shielding it from a compromised host (this was project drawbridge that created a minimal hypervisor that could isolate guest VMs from a malicious Dom0 or host) nx = No Execute = DEP = Data eXecute Protection - Because Windows is not sure of the hardware on which it will boot this is usually "OptIn" which means if the hardware supports it... "AlwasysOn" is a more secure setting, but will not boot successfully if DEP/NX is not supported. I think windows should use "AlwaysOn" as this is IIRC required for all x64 cores
