Inside the Dell Utility Partition

An Exploration by Dan Goodell
Sealed State

In its sealed state, the Utility partition is marked as the 'active' partition in the partition table. Thus, the first time the computer boots from the hard disk it will boot the Utility partition, not the Windows partition.    (Note to self: it doesn't seem to matter whether the partition-type byte is 06h, 0Eh or DEh.)   

At boot time, config.sys automatically launches seal.exe. Since this is launched directly from config.sys, no autoexec.bat file is needed. Support files for seal.exe include seal.ini and a small collection of files in the c:\dell directory, including the following graphic bitmap images. Seal.exe first displays this graphic about the Dell EULA, then displays this graphic for desktops or this graphic for laptops. Superimposed over the white area in the middle will be the Dell Service Tag and Express Service Code.    (Note to reader: USA versions are shown here.)    Believe it or not, the characters for the Service Tag and Express Service Code are cut-and-pasted from this font graphic.    (Shades of the rub-on transfer letters we used as kids!)    The Service Tag is not read from the hardware itself, but from the seal.ini file, so is only as reliable as that text file. The Express Service Code is not read from anywhere, it is calculated from the Service Tag. If the Service Tag in seal.ini is changed a different Express Service Code would be generated.    (Note to self: the delldiag.exe utility doesn't appear to use seal.ini and queries the hardware to get the real Service Tag.)   

Next, the batch file copyup.bat is run, which replaces config.sys and autoexec.bat (if it exists) by copying them from config.up and autoexec.up    (think: "Utility Partition")    The computer is now "unsealed", and on subsequent boots of the Utility partition these replacement files will run delldiag.exe instead of seal.exe. Note this means seal.exe is run only once, and thereafter booting the partition will always run delldiag.exe.

Seal.exe modifies the partition table, setting the partition-type byte to DEh (if it wasn't already) and changing the active boot flag to the next partition (which is assumed to be the main OS partition), and then the computer proceeds to boot the main partition.    (Note to self: Experimental results seem to suggest seal.exe fiddles with the MBR boot code while it's doing all this; specifically, I noticed 33h at offset 01h in the MBR sector changed to 80h, but afterward it was changed back to 33h. Also, does seal.exe require DE to be first partition on disk, or listed first in partition table?)   

For the record, the file config.bts    (think: "Break The Seal")    is a duplicate of the sealed version of config.sys. The sealed state can be restored by copying config.bts to config.sys and resetting the Utility partition as active.    (Note to reader: understand this doesn't return the Windows partition back to its original state, though.)   

Warning: If your computer is equipped with a Dell PC-Restore partition, that feature expects to find the config.bts file in the Utility partition. Otherwise, it cannot return the computer to a sealed state following a restore of the operating system.

author: Dan Goodell