[src/trunk]: src/sys/arch/i386/stand/efiboot/bootia32 efiboot: Don't access o...

[nonaka <nonaka%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/314eebd41ae0
branches:  trunk
changeset: 351740:314eebd41ae0
user:      nonaka <nonaka%NetBSD.org@localhost>
date:      Fri Feb 24 12:24:25 2017 +0000

description:
efiboot: Don't access old stack after copying a kernel.

It's possible that the old stack is overwritten by the kernel.

diffstat:

 sys/arch/i386/stand/efiboot/bootia32/startprog32.S |  35 +++++++++++----------
 1 files changed, 18 insertions(+), 17 deletions(-)

diffs (84 lines):

diff -r c405de17e378 -r 314eebd41ae0 sys/arch/i386/stand/efiboot/bootia32/startprog32.S
--- a/sys/arch/i386/stand/efiboot/bootia32/startprog32.S        Fri Feb 24 10:09:21 2017 +0000
+++ b/sys/arch/i386/stand/efiboot/bootia32/startprog32.S        Fri Feb 24 12:24:25 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: startprog32.S,v 1.1 2017/02/21 10:53:37 nonaka Exp $   */
+/*     $NetBSD: startprog32.S,v 1.2 2017/02/24 12:24:25 nonaka Exp $   */
 /*     NetBSD: startprog.S,v 1.4 2016/12/04 08:21:08 maxv Exp  */
 
 /*
@@ -91,6 +91,9 @@
 
        cli
 
+       movl    8(%ebp), %ebx   /* %ebx: entry address */
+       movl    36(%ebp), %edx  /* %edx: loaded start address */
+
        /* Prepare a new stack */
        movl    20(%ebp), %eax  /* stack */
        subl    $4, %eax
@@ -108,12 +111,12 @@
        rep
        movsl                   /* copy %ds:(%esi) -> %es:(%edi) */
        cld
-       mov     %edi, %edx      /* %edx: new stack pointer */
+       mov     %edi, %esp      /* set new stack pointer */
 
        /* Copy kernel */
-       movl    24(%esp), %edi  /* dest */
-       movl    28(%esp), %esi  /* src */
-       movl    32(%esp), %ecx  /* size */
+       movl    24(%ebp), %edi  /* dest */
+       movl    28(%ebp), %esi  /* src */
+       movl    32(%ebp), %ecx  /* size */
 #if defined(NO_OVERLAP)
        movl    %ecx, %eax
 #else
@@ -179,20 +182,17 @@
 .Lcopy_done:
        cld                     /* LynxOS depends on it */
 
-       movl    8(%ebp), %esi   /* %esi: entry address */
-       movl    36(%ebp), %edi  /* %edi: loaded start address */
-
        /* Prepare jump address */
-       lea     (start32a - start)(%edi), %eax
-       movl    %eax, (start32r - start)(%edi)
+       lea     (start32a - start)(%edx), %eax
+       movl    %eax, (start32r - start)(%edx)
 
        /* Setup GDT */
-       lea     (gdt - start)(%edi), %eax
-       movl    %eax, (gdtrr - start)(%edi)
-       lgdt    (gdtr - start)(%edi)
+       lea     (gdt - start)(%edx), %eax
+       movl    %eax, (gdtrr - start)(%edx)
+       lgdt    (gdtr - start)(%edx)
 
        /* Jump to set %cs */
-       ljmp    *(start32r - start)(%edi)
+       ljmp    *(start32r - start)(%edx)
 
        .align  4
 start32a:
@@ -203,7 +203,8 @@
        movw    %ax, %gs
        movw    %ax, %ss
 
-       movl    %edx, %esp
+       /* Already set new stack pointer */
+       movl    %esp, %ebp
 
        /* Disable Paging in CR0 */
        movl    %cr0, %eax
@@ -220,8 +221,8 @@
        .align  4
 start32b:
        xor     %eax, %eax
-       movl    %esi, (start32r - start)(%edi)
-       ljmp    *(start32r - start)(%edi)
+       movl    %ebx, (start32r - start)(%edx)
+       ljmp    *(start32r - start)(%edx)
 
        .align  16
 start32r: