Nested ESXi continues to be an invaluable resource that I use on almost a daily basis from solution prototyping, customer reproduction to automated lab deployments supporting both VMware Cloud Foundation (VCF) and VMware vSphere Foundation (VVF), the use cases are simply endless!
While you can do almost anything with Nested ESXi, mimicking or simulating specific hardware strings such as the manufacturer or vendor is not really possible or at least very easily. I was recently reminded of this topic again as this has been something I wanted to look into but just not had the time. In fact, some of this was inspired by a conversation I had with fellow colleague Luke Huckaba who found a clever trick playing with the default Virtual Machine boot ROMs which are shipped with both ESXi and our VMware Desktop Hypervisors (Workstation/Fusion).
A vSphere VM can boot using either BIOS or EFI firmware, so depending on the desired firmware type, you will need to modify either the BIOS.440.ROM or EFI64.ROM ROM file. You can find these ROM files under the following directories for the respective VMware Hypervisors below:
- ESXi: /usr/lib/vmware/roms
- VMware Fusion: /Applications/VMware Fusion.app/Contents/Library/roms
- VMware Workstation: C:\Program Files (x86)\VMware\VMware Workstation\x64
Note: Do not edit the default ROM files that are shipped with the VMware Hypervisor, make a copy and then use the modified version which can be consumed by VMs across VMware vSphere, Fusion or Workstation. In addition, while this article is focused on Nested ESXi VM, this should also apply to other guest operating systems to display SMBIOS information.
BIOS
Step 1 - Download and install the Phoenix BIOS Editor, which was actually quite difficult to find but I was able to locate a version at https://bittention.com/programs/phoenix-bios-editor/. The installer for Phoenix BIOS Editor did run into issue while running it on a Windows Server 2019 system and the only way to get the installer to complete was to modify its application compatibility to Windows 8, which allowed it run through successfully.
Disclaimer: I am not responsible for any issues that you may have with downloading and using 3rd party software, please use at your own risk.
Step 2 - Download and open the BIOS.440.ROM file using the Phoenix BIOS Editor and then navigate to the DMI Strings panel to modify the desired fields.
Once you have finished making all your changes, go to the File menu and then click on the Build BIOS to create a new ROM file. In my example, I have named the file BIOS.440.CUSTOM.ROM.
Step 3 - Copy the new ROM file to the datastore of your physical ESXi host, which you can either save it in a common folder to be shared with multiple Nested ESXi VMs OR you can store it directly in the folder of an individual Nested ESXi VM. The latter would allow you to re-use the same custom ROM file across a number of VMs, so from a testing perspective, you might want to create several ROM files based on your needs and simply reconfigure the VM to use the desired ROM file.
Step 4 - To make our custom ROM file consumable by our Nested ESXi VM, we need to add the following VM Advanced Setting that specifies the path to our custom ROM file:
- bios440.filename = BIOS.440.CUSTOM.ROM
Step 5 - Lastly, we can now power up on our Nested ESXi VM and we should now see the custom SMBIOS information as shown in the screenshot below.
EFI
Step 1 - Download and install a HEX Editor that can edit an EFI ROM file, I found ImHex to be a pretty user friendly from an editing perspective but locating certain strings was not as trivial using this tool.
Step 2 - Download and open the EFI64.ROM file using the ImHex editor and search for the string "VMware7,1". Once you have found the location of the matched string, you need to carefully edit the hex values to get the desired ASCII strings.
Alternatively, you can also use UEFITool (version 28 allows for rom modification) which has a much easier and functional search AND allows you to extract a subset of the ROM file for editing via a HEX Editor. I also used this method by first doing search (CTR+F) and once it identifies the section, double click on the result which will take you to exact section within the ROM file. To extract the section for editing, right click and select "Extract as is" and save the file to your desktop.
Next, you can open the specific section using ImHex to then make your edits.
Once you have saved your changes, do not lose your spot in UEFITool and now we are simply going to replace the section with our modified file by right clicking and selecting "Replace as is" and providing the modified section. You can confirm your changes was successful before rebuilding your ROM file by simply searching for the string you had replaced and finally, go to File menu and select "Save image file"to create a new ROM file. In my example, I have named the file EFI64.CUSTOM.ROM.
Step 3 - Copy the new rom file to the datastore of your physical ESXi host, which you can either save it in a common folder to be shared with multiple Nested ESXi VMs OR you can store it directly in the folder of an individual Nested ESXi VM.
Step 4 - To make our custom rom file consumable by our Nested ESXi VM, we need to add the following VM Advanced Setting that specifies the path to our custom ROM file:
- efi64.filename = EFI64.CUSTOM.ROM
Step 5 - Lastly, we can now power up on our Nested ESXi VM and we should now see the custom SMBIOS information
As you can see from the screenshot, I was only able to manipulate the Hardware Model but not the Vendor value.
Note: While I was able to locate the "VMware, Inc." string for vendor, editing the value had no affect as demonstrated in the screenshot above, which probably indicates that this information may be stored elsewhere or contained in an embedded file ...
We have a 4 node (Esxi8) cluster using nested Esxi8 vm's hosted on a physical Esxi8 host with vsphere 8 (VCSA8) installed on workstation and did not have to modify any Rom's and they all boot using uefi. So why does one have to modify Rom's?
I’m not sure what you’re trying to say … this has nothing to do with booting using EFI or BIOS firmware, that works period w/o any edits. You may want to re-read the blog post 🙂
Guess we are confused on why these values need to be changed like hardware model, etc.
Sorry for my ignorance.
Thank you.
If you don't have a use case to change from the default behavior, then this article is NOT for you. There's nothing "extra" you need to do to run Nested ESXi 🙂
That is because you aren't doing anything special with that basic setup.
These settings he provided are for when you are doing something like tricking certain software to think it is actually running on their approved hardware. When, in fact, you are running it on a Dell or HP server that might not be on their approved list.
Now any scan of the SMBIOS or DMI entries will reflect System Manufacture X with their Product Name.
F.eks. Edge Cloud Orchestrator isn't too happy about the SN#'s that are created when running virtual ESXi hosts. So the ability to create more palatable serial numbers in the virtual BIOS/UEFI to be exposed to the physical ESXi host from the Nested ESXi Keswick hosts would be grand.
@William.
My compay SOC team has flagged the Phoenix BIOS Editor package as a potential malicious "Remcos RAT" Trojan.
My SOC Team just confirmed that the Phoenix Editor package contains a Remcos RAT Trojan payload.
Please take necessary action.
Using a 4 node nested esxi 8 cluster running on a physical esxi8 host for a long time. Zero issues with the nested esxi 8 hosts. Some issues with the physical esxi host when it comes to booting which sometimes gives boot error 22 and no idea why this is happening. Stops loading different esxi services sometimes but a reboot normally works. The physical server and esxi boot disk have no issues after testing. Turned on secure boot in the bios and uefi is being used. Will see if that helps or not.
Hello William,
thanks for all your work and for publishing your ESXi knowledge.
Do you have a solution for EFI by now?
I have a Windows software that doesn't want to be installed in a virtual machine (won't start), but I don't know how it recognizes this. VMware tools are not installed under the Windows VM of course, but if “VMware” can already be read out in the BIOS, this would also be the first place where I would identify a virtual machine.
If you happen to have a modified EFI64.ROM, I would be happy if you could provide it to me for a test.