Greetings,
Looks like I've trodden on an unused code path, and found a bug. In arch/i386/boot/boot.c: jmp_to_elf_entry, the idea is to copy all of the running code (linuxbios, or a baremetal payload) to a bounce buffer, jump into the copy there, copy the bounce buffer of the target elf into place, and call it. Upon return, the process is reversed, so that (in theory) jmp_to_elf_entry returns and further processing can happen.
For some reason, the lines that subtract the adjustment from EAX, then jump to move execution back to the proper place was failing. I've patched it in the copy kept in util/baremetal/lib so that instead, it loads the eventual jmp target into ecx, then saves it away on the stack.
I'm surely missing something here, but the original goes into space while the simple save off is working. I suppose that's just because we've never tried to return to LinuxBIOS from a payload before.
The baremetal version also skips adjusting ESP since I'm moving the stack out of the way first.
Ignore the // debugging stuff, that was just to see where things were going wrong (I'll be getting rid of that).
Eric, since you wrote that part, I wanted to run this by you before making any changes in LinuxBIOS itself.
G'day, sjames