locked
UWF allowing writes for Windows 10 and thus breaking a hash of the OS drive RRS feed

  • Question

  • Hello,

    I apologize if this is not the proper forum but it seemed to most closely match my issue. 

    I am creating a Windows 10 embedded image for our gaming machine platform.  Our company is in the Casino Gaming industry and this is a very regulated industry.  Part of the regulation is that the OS drive must be hashed and the signature verified on every start up to insure the software running on the machine is the approved version.  This means we cannot have Windows making changes to the OS that persist through power cycles.  Our previous version used Windows 7 Embedded (Wes 7) and EWF.  Now with Windows 10 we have to use UWF but there are some slight differences from what I can tell.  It has been noted that UWF starts a little later than EWF on Wes7, and therefore, the OS may commit some writes before the UWF starts.  This includes writes to bootstat.dat and some NTFS journal writes.  Then on the next reboot of the system these new writes cause the hash of the drive to fail.  Well, I need to find a way around this otherwise the byte for byte hash of the OS drive will fail after the first power cycle when these writes are made.

    Is there any way to make the UWF more inclusive, e.g. start earlier?

    Is there a way to change the location of the bootstat.dat file?  We have other drives that are scratch drives and they are not authenticated like the OS drive.

    Thank you for any assistance you can provide.

    -Derrick

    Wednesday, September 16, 2020 12:15 AM

Answers

  • Derrick,

    I have worked with slot machine companies on XP Embedded and WES7. The checksum is a challenge, and Windows 10 with UWF has some different issues.

    The first suggestion is to remove bootstat.dat altogether. Just delete it. 

    Second are you trying to use a SSD disk to boot from? Test a rotating media drive instead.

    Just to let you know the forums are migrating to a new platform. There isn't a specific Windows 10 IoT Enterprise tag yet, but it is coming.

    Regards,

    Sean


    Sean Liming - Book Author: Starter Guide Windows 10 IoT Enterprise - www.annabooks.com / www.seanliming.com

    • Marked as answer by ZombieDP Thursday, September 17, 2020 1:12 AM
    Wednesday, September 16, 2020 3:53 PM
  • Someone reported an issue with SSD drive, that Windows on boot always writes a byte. Where this byte write doesn't happen with a rotating media drive.

    There are some subtle tricks. I suggest that you reach out to Microsoft directly to get some assistance with this issue. Or you can e-mail me via seanliming.com and I can locate the folks I worked with in the past on the issue.


    Sean Liming - Book Author: Starter Guide Windows 10 IoT Enterprise - www.annabooks.com / www.seanliming.com

    • Marked as answer by ZombieDP Friday, September 18, 2020 3:27 PM
    Thursday, September 17, 2020 3:53 PM

All replies

  • Derrick,

    I have worked with slot machine companies on XP Embedded and WES7. The checksum is a challenge, and Windows 10 with UWF has some different issues.

    The first suggestion is to remove bootstat.dat altogether. Just delete it. 

    Second are you trying to use a SSD disk to boot from? Test a rotating media drive instead.

    Just to let you know the forums are migrating to a new platform. There isn't a specific Windows 10 IoT Enterprise tag yet, but it is coming.

    Regards,

    Sean


    Sean Liming - Book Author: Starter Guide Windows 10 IoT Enterprise - www.annabooks.com / www.seanliming.com

    • Marked as answer by ZombieDP Thursday, September 17, 2020 1:12 AM
    Wednesday, September 16, 2020 3:53 PM
  • Hi Sean,

    I did a byte comparison of our images (before and after files), and there are about 7 places that differ after the boot.  I will try removing the bootstat.dat file though.

    Yes, we are using SSD drives.  When you say a rotating drive, I assume you are referring to spinning disk drive?  Have you noticed a difference here with UWF not writing as much on these?

    Thank you.

    Derrick

    Thursday, September 17, 2020 1:01 AM
  • Someone reported an issue with SSD drive, that Windows on boot always writes a byte. Where this byte write doesn't happen with a rotating media drive.

    There are some subtle tricks. I suggest that you reach out to Microsoft directly to get some assistance with this issue. Or you can e-mail me via seanliming.com and I can locate the folks I worked with in the past on the issue.


    Sean Liming - Book Author: Starter Guide Windows 10 IoT Enterprise - www.annabooks.com / www.seanliming.com

    • Marked as answer by ZombieDP Friday, September 18, 2020 3:27 PM
    Thursday, September 17, 2020 3:53 PM