Hi,
I sent this to bugs a while back, but it doesn't seem to have been picked up by
anyone.
On both i386 and amd64, the machine boot command in the bootloader has an off
by one bug, which has been present since revision 1.20 in 1998.
The machine boot command is implemented by patching the in-memory copy of the
MBR to set the active partition flag on the selected partition, and reset it on
the other three partitions. The test for part>0 will be false if the first MBR
partition is selected for boot, and in that case no patching of the active
partition flag is performed. The desired behaviour when entering machine boot
hd0a, for example, is that the first partition will be booted regardless of the
state of the flags in the on-disk MBR. However, with the code as it is, the
currently active partition will be booted instead, which may or may not be the
first.
untrusted comment: verify with signify key for exoticsilicon.com
RWRn5d3Yx35u0w51USyxAkjCzjLo99UNE67gXzvuaTGbD9cMlTKdDTOAOe7JA6LV/VLWqmomwo7D9m399vKnra2KyrUn/EYcUgo=
--- arch/amd64/stand/libsa/cmd_i386.c.dist Fri May 10 18:20:43 2019
+++ arch/amd64/stand/libsa/cmd_i386.c Sun Aug 15 23:44:45 2021
@@ -107,7 +107,7 @@
dev += (cmd.argv[1][2] - '0');
part = (cmd.argv[1][3] - 'a');
- if (part > 0)
+ if (part >= 0)
printf("[%x,%d]\n", dev, part);
else
printf("[%x]\n", dev);
@@ -119,7 +119,7 @@
goto bad;
/* Frob boot flag in buffer from HD */
- if ((dev & 0x80) && (part > 0)){
+ if ((dev & 0x80) && (part >= 0)){
int i, j;
for (i = 0, j = DOSPARTOFF; i < 4; i++, j += 16)
--- arch/i386/stand/libsa/cmd_i386.c.dist Fri Jun 10 15:36:06 2016
+++ arch/i386/stand/libsa/cmd_i386.c Sun Aug 15 23:44:23 2021
@@ -119,7 +119,7 @@
dev += (cmd.argv[1][2] - '0');
part = (cmd.argv[1][3] - 'a');
- if (part > 0)
+ if (part >= 0)
printf("[%x,%d]\n", dev, part);
else
printf("[%x]\n", dev);
@@ -131,7 +131,7 @@
goto bad;
/* Frob boot flag in buffer from HD */
- if ((dev & 0x80) && (part > 0)){
+ if ((dev & 0x80) && (part >= 0)){
int i, j;
for (i = 0, j = DOSPARTOFF; i < 4; i++, j += 16)
