Kevin O'Connor said:

  The bug is in src/arch/i386/boot/boot.c.  The inline assembly in
  jmp_to_elf_entry uses the "g" flag to pass in parameters.  However,
  "g" allows gcc to use stack relative addressing of parameters.

  Easiest fix would be to change "g" to "ri" - put the parameter either
  in a register or as an immediate value.

That's what this patch does.

Signed-off-by: Myles Watson <mylesgw@gmail.com>
Acked-by: Stefan Reinauer <stepan@coresystems.de>
git-svn-id: svn://svn.coreboot.org/coreboot/trunk@4023 2b7e53f0-3cfb-0310-b3e9-8179ed1497e1

diff --git a/src/arch/i386/boot/boot.c b/src/arch/i386/boot/boot.c
index c1cdf594a4d5c31ea95b4a821b4452679f263cbf..9e79cd332f4c2fc13bc08002b613799c1297a51f 100644 (file)
--- a/src/arch/i386/boot/boot.c
+++ b/src/arch/i386/boot/boot.c
@@ -175,12 +175,12 @@ void jmp_to_elf_entry(void *entry, unsigned long buffer)
                "       popl    %%esi\n\t"
 
                :: 
-               "g" (lb_start), "g" (buffer), "g" (lb_size),
-               "g" (entry),
+               "ri" (lb_start), "ri" (buffer), "ri" (lb_size),
+               "ri" (entry),
 #if CONFIG_MULTIBOOT
-               "g"(mbi), "g" (MB_MAGIC2)
+               "ri"(mbi), "ri" (MB_MAGIC2)
 #else
-               "g"(adjusted_boot_notes), "g" (0x0E1FB007)
+               "ri"(adjusted_boot_notes), "ri" (0x0E1FB007)
 #endif
                );
 }