10

How can I run Windows RT (the restricted ARM version of Windows 8) in an emulator, for development purposes? This question contains two parts:

  • Obtaining the image: Does an installation image exist (for vendors, in MSDN, ...)? Can I take a snapshot of the Surface RT disk (how?), or can I extract it somehow from recovery data (I don't know how the recovery system works, but there's a function to wipe and reinstall the software on the Surface completely).
  • Running the image: What can I emulate it on? I've heard about QEMU, but it has the reputation of being slow. Also, the program must emulate the neccessary hardware (Tegra-3).
Filip Skakun
  • 31,624
  • 6
  • 74
  • 100
jdm
  • 9,470
  • 12
  • 58
  • 110
  • Maybe someone could create a `windows-rt` tag for this? – jdm Nov 19 '12 at 13:31
  • the tag already exists as `windows-runtime` – Mayank Nov 19 '12 at 16:23
  • 1
    Sorry, I mean the operating system "Windows RT", not the new API called "WinRT" or "Windows Runtime" (which is behind `windows-runtime`). Changed it back to the new tag. – jdm Nov 19 '12 at 16:49
  • 1
    according to Wikipedia ***Unlike all other variations of Windows 8, Windows RT can only be obtained by users as the pre-loaded operating system on devices produced by participating OEMs.*** – Mayank Nov 19 '12 at 17:09
  • 2
    you can create a recovery disk using on board **Recovery Tool**, [Making a Recovery Drive for the Microsoft Surface RT](http://www.andyrathbone.com/2012/11/12/making-a-recovery-drive-for-the-microsoft-surface-rt/) and than try using QEMU to emulate the OS, not sure how hard it'll be to get it setup and installed. Microsoft might have some more tricks up their sleeves. – Mayank Nov 19 '12 at 17:14
  • Windows RT === Windows 8, we do not need a new tag for it, especially given the WinRT confusion. See [various](http://meta.stackexchange.com/q/152477/135887) Meta discussions. – Charles Nov 19 '12 at 17:45
  • Those Meta discussions were from before the release of Windows RT devices. Windows RT == Windows 8 at best. This is one question where the `windows-rt` tag does make sense as it is specific to the OS, not winrt or windows-runtime. – CoderDennis Nov 19 '12 at 18:06
  • 3
    Alternatively, we could use an `windows-arm` tag, if you are opposed to `windows-rt`. Anyway, I believe a tag is neccessary for this special edition of Windows 8 - for questions that are about it's peculiarities compared to x86 Windows 8. – jdm Nov 19 '12 at 18:14
  • The tag naming conundrum still has not changed... nor has the answer to this question. A `windows-rt` tag can and will cause mass confusion with `windows-runtime`. While this question is indeed the closest we're going to get to a question that would deserve the tag, the resulting chaos is not worth it. – Charles Jan 18 '13 at 06:43

2 Answers2

5

I'm aware this question was asked 9 years ago, but now it's possible to emulate Windows RT in patched QEMU 6.2.0, you can also read more about the work being done for it.

The repo with downloads is here: https://github.com/binarymaster/qemu/releases

Please note that there is no audio, no network, and no GPU acceleration supported. Although you can have network connection with Windows 10 ARM, just read my previous answer below.

Answer from May 13, 2020:

I'm aware this question was asked 7 years ago, but now it's possible to emulate Windows on ARM in the latest QEMU 4.2.0.

Steps to follow:

  1. Patch QEMU to report EL3 TrustZone available: https://github.com/TeoIzAwezome/rtemu/commit/0f8b8ec18725cd0f66a39b5520fb6a435a757f95 - if you're using Windows and don't want to build QEMU from source, you can patch qemu-system-arm.exe : replace this hex sequence with NOPs 4531C931D24C8D05BE515C004889F1E87AD82E00 => 9090909090909090909090909090909090909090 - it replaces this part:

  1. Download Linaro firmware for QEMU 32-bit ARM platform, specifically 15.12 version which is the last one that boots Windows on ARM without problems: https://releases.linaro.org/components/kernel/uefi-linaro/15.12/release/qemu/QEMU_EFI.fd
  2. Download an ESD image of Windows RT 8.1, these are publicly available from Microsoft. You can find download links here https://tech.myonlylonely.com/wimboot-for-surface-2-en/ or by using Google with this string: 9600.17053.winblue_refresh.141120-0031_woafre_client_CoreARM_O15_en-us-IR5_CCSA_WOAFRER_EN-US_ESD_2F1E1C773E39C4672F52B1F3A0AE7844FD837B23.esd
  3. Either convert ESD to ISO or just extract it with esd-decrypter-wimlib-8.7z : https://www.tenforums.com/software-apps/27180-windows-10-recovery-tools-bootable-rescue-disk-2.html
  4. You will need VirtIO drivers for QEMU compiled for 32-bit ARM platform, precompiled viostor.sys driver is available here https://www.betaarchive.com/forum/viewtopic.php?f=62&t=40522 - if you built drivers yourself in Visual Studio, make sure to create catalog files by using Inf2Cat /driver:C:\Drivers\ /os:8_ARM,6_3_ARM and test-sign them (all .cat and .sys files); once drivers are ready, you can slipstream them into boot.wim and install.wim by using dism /Mount-Wim + /Add-Driver + /Unmount-Wim
  5. If you don't want to boot and install from ISO, you can create a VHD/VHDX disk image and format/partition it the same way as it's done for Windows installation on UEFI systems — GPT partitioning: EFI partition - FAT32, MSR partition, Primary partition - NTFS. Use dism /Apply-Image with install.wim to install Windows files to created disk, and bcdboot to install EFI files
  6. Since you're using test-signed drivers, you need to tweak BCD file on EFI partition:
set BCD=E:\EFI\Microsoft\Boot\BCD
bcdedit /store %BCD% /set {globalsettings} testsigning on
bcdedit /store %BCD% /set {globalsettings} nointegritychecks on
  1. Once everything is done, start QEMU with these parameters:
set HDD=windows-on-arm.vhd
set ISO=en_windows_8.1_ir4_ARM_dvd.iso

qemu-system-arm ^
-M virt ^
-cpu cortex-a15 ^
-smp 2 ^
--accel tcg,thread=multi ^
-m 2G ^
-bios QEMU_EFI_1512.fd ^
-device VGA ^
-device ich9-usb-ehci1 ^
-device usb-kbd ^
-device usb-tablet ^
-drive if=virtio,file=%HDD% ^
-device virtio-scsi-pci,id=scsi0 ^
-device scsi-cd,drive=install,bus=scsi0.0 ^
-drive if=none,format=raw,id=install,file=%ISO%,readonly=on ^
-rtc base="2013-07-15",clock=vm

Notes:

  • There is known problem with PCI MMIO area, and USB input wouldn't work because of it. You can workaround that by replacing -M virt with -M virt,highmem=false however with this option Windows 8.1 RT will throw BSOD with code SYSTEM_THREAD_EXCEPTION_NOT_HANDLED.

  • It's known Windows 10 for ARM does not throw this BSOD code and works in QEMU pretty well with -M virt,highmem=false. You can use Google to get it: 10.0.15035.0.rs2_release.170209-1535_armfre_client-enterprise_volume_en-us :

  • Also note that full emulation of 32-bit ARM is very slow even on Intel Core i7-8700 @ 3.2 GHz, so it's better to use some modern ARM board like Raspberry Pi 4 that have hardware accelerated KVM hypervisor.

  • Windows for 32-bit ARM is already considered legacy, better switch to AArch64 aka Windows for ARM64, see https://withinrafael.com/2018/02/12/boot-arm64-builds-of-windows-10-in-qemu/

Stas'M
  • 71
  • 1
  • 3
  • 7
  • Is it possible to use the 'latest' uefi-linaro instead of 15.12? There is a qemu64 folder in that linaro download link, is that for qemu-system-aarch64 or for Windows 10 ARM64? – Biswapriyo Jun 26 '20 at 14:16
  • @Biswapriyo I didn't tested QEMU AArch64 with Linaro and Windows 10 ARM64, so cannot say for sure. Yes, qemu64 directory is exactly for that. – Stas'M Jun 26 '20 at 14:20
3

There's no way to truly emulate a Windows RT enivonrment on ARM. You have two options...

1) Go pick yourself up a Surface tablet.

2) Contact your local Microsoft Technical Evangelist to see if they have loaner hardware available.

Also, chances are your local Microsoft Evangelist team is holding Windows 8 developer events where they may have test hardware on hand for you to try. If you're in the US, you can find a list of these events at http://msdnevents.com.

Dave Bost - MSFT
  • 517
  • 4
  • 4