I recently stumbled across the GRUB ntldr
module.
Apparently one of the things it can be used for is as an alternative to chainloader
to boot the NT >= 6.0 versions of Windows as in the example below. (Very handy if the Volume Boot Record for a Windows partition is, uh, corrupted.)
menuentry "Windows 7 (bootmgr on /dev/sda1)" --class windows --class os {
insmod part_msdos
insmod ntfs
insmod ntldr
set root='(hd0,msdos1)'
search --no-floppy --fs-uuid --set=root 1EA0019AA0017A13
ntldr ($root)/bootmgr
}
Where can I learn more about how this boot directive can be used? I did not see it listed when I looked in the HTML version of the GNU GRUB manual.
Replying to ckhan's answer
Thank you very much! I had pretty much decided I would have to try digging through the source code to learn more about the GRUB ntldr
command/module. But you have done a much better job than I would have.
It never would have occurred to me to look at the email archives to see what design discussions the person who wrote the code might have had. That method sounds like it could be very helpful in the future. Thanks for mentioning it.
My thoughts about GRUB ntldr
support
- While I'm not really sure how much the distinction means,
ntldr
is a module, not a command. Or perhaps a dynamically loaded command if you wish.Following your source code link and looking at lines 152 (
GRUB_MOD_INIT
) and 159 (GRUB_MOD_FINI
) you can see the code to load and … I'm guessing … unload the module.GRUB apparently implements many functions which you might think are "commands" as modules. The only difference in usage that I'm aware of is that before using a module one must ensure it has been loaded with the command
insmod ntldr
.Aside: I always wondered why GRUB does not support
reboot
. It turns out the command exists, but it is a module. Ifreboot
returnsunknown command
, theninsmod reboot
allows GRUB to "remember" thereboot
command.Aside: When and why GRUB might "unload" a module, I have no idea yet. Maybe it is the result of something similar to "garbage collection"?? I have noticed that once loaded the modules seem to persist, even after a system is powered down and rebooted. Of course, you cannot depend on that, but that appears to be how it often works in practice.
- It is interesting that they based
ntldr
onchainloader
. I have not looked at thechainloader.c
code. I guess it probably also does a relocating load in Intel 16-bit real mode?I am rather glad they did not implement
ntldr
as an option ofchainloader
. I agree with Vladimir. Whatever the similarities under the covers, the usage syntax is very different. The current approach is less kludgy. - It is also interesting to see the apparent lack of enthusiasm for adding this command to GRUB. Apparently the GRUB developers thought damage to the Windows Partition Boot Record (PBR) was extremely unlikely. However, I can sketch out how to do it during an ordinary enough install.
Start by assuming a user has Windows installed on their system. They now install Ubuntu (12.04 LTS) "alongside" Windows. At one point during the Ubuntu install they can apparently decide where they want GRUB to be installed. For reasons I cannot begin to guess at, some of them decide to install GRUB into the partition Windows is installed in.
The install completes and they can successfully start Ubuntu. However, when they try to start Windows by selecting the entry in the GRUB menu, Windows does not start. Instead attempting to start Windows with GRUB just re-displays the GRUB menu?
Why? Well, apparently when they elected to install GRUB into the windows partition part of what actually happened was the PBR for the Windows partition was over-written with GRUB's PBR. So
chainloader +1
does not chain load a Windows bootloader, but instead re-loads GRUB.IMO, the safest quick way to allow a user to boot Windows in that situation is to use the GRUB's new
ntldr
. I wonder if this would be of interest to the developers. I expect they did not anticipate this scenario.
I wonder what bootloaders other than the Windows ones, ntldr
and bootmgr
, the GRUB ntldr
command might be able to load?
Best Answer
Researching the undocumented feature
You're right the
ntldr
command (it is command, not module) is not documented. So it's a great excuse for some adventures in code archaeology.Whenever I find an undocumented feature, first thing to do is check sources.
The source at the Savannah git repo shows that it was merged into the main line in August 2010.
The source branch seems no more, but you can still see it came into existence earlier that year, in April 2010. The checkin comment, from "Vladimir 'phcoder' Serbinenko" was
It's based very closely on the
chainloader
command, so much so that the file name in the header comment still hasn't been updated.Now that we have an exact checkin, and a name, we can check mailing archives. You can see where the developers had the discussing about adding this feature a year earlier on the grub-devel mailing list:
Some relevant excerpts from that thread:
Answering your question
After poring over all that, what do we know about how it can be used?
It's based on chainloader.
It takes a single argument: the file to open.
It avoids the partition boot record: so it can bypass corruption there. See this post detailing how they tested that.
It's only about 160 lines of code, you can see there's not much else there.
Hope this was useful!