diff --git a/plat/msdos386/boot.s b/plat/msdos386/boot.s
index 80a13662b..9e940c253 100644
--- a/plat/msdos386/boot.s
+++ b/plat/msdos386/boot.s
@@ -43,12 +43,12 @@ begtext:
     ! Clear BSS.
 
     mov edi, begbss
-    mov ecx, endbss+1
+    mov ecx, endbss+3
     sub ecx, edi
-    shr ecx, 1
+    shr ecx, 2
     xor eax, eax
     cld
-    rep stosw
+    rep stos
 
     ! It's now safe to switch stacks.
 
@@ -63,10 +63,9 @@ begtext:
     o16 mov ax, 0x0000
     o16 mov cx, 1
     int 0x31                    ! allocate LDT
+    o16 mov (.doshandle), ax
     mov es, ax
-    o16 mov bx, ax
-    o16 mov (.doshandle), bx
-    mov es, bx
+    xchg ebx, eax
 
     xor ecx, ecx
     xor edx, edx
diff --git a/plat/msdos386/stub.s b/plat/msdos386/stub.s
index 6eca1d6a3..184c14a89 100644
--- a/plat/msdos386/stub.s
+++ b/plat/msdos386/stub.s
@@ -148,6 +148,8 @@ exe_start:
     mov bx, fs
     mov dx, (pmemlen+0)
     mov cx, (pmemlen+2)
+    sub dx, 1
+    sbb cx, 0
     mov ax, 0x0008
     int 0x31                    ! set segment limit
 
@@ -227,7 +229,8 @@ exe_start:
     ! is running from. This can't happen from inside the 32-bit code itself
     ! because it might move.
     !
-    ! On entry, ds and ss are ignored. On exit, ds is set to the 32-bit segment.
+    ! On entry, ds and ss are ignored. On exit, ds and es are set to the
+    ! 32-bit segment.
     !  eax: new block size
 realloc:
     cseg mov ds, (psegds)
@@ -276,6 +279,7 @@ realloc:
     cli                         ! atomically switch stacks back
     mov ss, (dpmi_ss)
     o32 mov esp, (dpmi_ebp)
+    mov es, (psegds32)
     mov ds, (psegds32)
     sti
 
@@ -321,6 +325,8 @@ interrupt:
     mov (dpmi_edx), dx
     mov (dpmi_esi), si
     mov (dpmi_edi), di
+    pushf
+    pop (dpmi_flags)
     mov ax, (rseg)
     mov (dpmi_ds), ax
     mov (dpmi_ss), ax