[romprefix] Do not clobber stack segment when returning to BIOS

Commit c429bf0 ("[romprefix] Store boot bus:dev.fn address as autoboot device location") introduced a regression by using register %cx to temporarily hold the PCI bus:dev.fn address, despite the fact that %cx was already being used to hold the stored BIOS stack segment. Consequently, when returning to the BIOS after a failed or cancelled boot attempt, iPXE would end up calling INT 18 with the stack segment set equal to the PCI bus:dev.fn address. Writing to essentially random areas of memory tends to upset even the more robust BIOSes. Fix by using register %ax to temporarily hold the PCI bus:dev.fn address. Reported-by: Anton D. Kachalov <mouse@yandex-team.ru> Tested-by: Anton D. Kachalov <mouse@yandex-team.ru> Signed-off-by: Michael Brown <mcb30@ipxe.org>
ipxe · Mar 5, 2014 · 1137fa3 · 1137fa3
1 parent ac5c2e8
commit 1137fa3
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/src/arch/i386/prefix/romprefix.S b/src/arch/i386/prefix/romprefix.S
@@ -740,13 +740,13 @@ exec:	/* Set %ds = %cs */
 	.section ".text16", "awx", @progbits
 1:
 	/* Retrieve PCI bus:dev.fn */
-	movw	init_pci_busdevfn, %cx
+	movw	init_pci_busdevfn, %ax
 
 	/* Set up %ds for access to .data16 */
 	movw	%bx, %ds
 
 	/* Store PCI bus:dev.fn */
-	movw	%cx, autoboot_busdevfn
+	movw	%ax, autoboot_busdevfn
 
 	/* Call main() */
 	pushl	$main