From 2c72ce04aef5cf3856ac822d182823847996bbc6 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 9 Jul 2012 20:26:40 +0100 Subject: [PATCH] [bzimage] Update setup_move_size only for protocol versions 2.00 and 2.01 The setup_move_size field is not defined in protocol versions earlier than 2.00 (and is obsolete in versions later than 2.01). In binaries using versions earlier than 2.00, the relevant location is likely to contain executable code. Interestingly, this bug has been present since support for pre-2.00 protocol versions was added in 2009, and has been unexpectedly modifying the memtest86+ code fragment: mov $0x92, %dx inb %dx, %al Fortuitously, the modification exactly overwrote the value loaded into %dx, and so the net effect was limited to causing Fast Gate A20 detection to always fail. Signed-off-by: Michael Brown --- src/arch/i386/image/bzimage.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/arch/i386/image/bzimage.c b/src/arch/i386/image/bzimage.c index cc7aecab..08eb4d34 100644 --- a/src/arch/i386/image/bzimage.c +++ b/src/arch/i386/image/bzimage.c @@ -214,7 +214,8 @@ static void bzimage_update_header ( struct image *image, } else { bzimg->cmdline_magic.magic = BZI_CMDLINE_MAGIC; bzimg->cmdline_magic.offset = bzimg->rm_cmdline; - bzimg->bzhdr.setup_move_size = bzimg->rm_memsz; + if ( bzimg->version >= 0x0200 ) + bzimg->bzhdr.setup_move_size = bzimg->rm_memsz; } /* Set video mode */