diff --git a/boot/kernel.asm b/boot/kernel.asm
index 6a704e7..3a089bf 100644
--- a/boot/kernel.asm
+++ b/boot/kernel.asm
@@ -26,8 +26,8 @@ int21h:	push bp
 
 	; Save user stack
 	mov ax, ss
-	mov [stack-2], ax
-	mov [stack-4], sp
+	mov [cs:stack-2], ax
+	mov [cs:stack-4], sp
 
 	; Set up kernel stack
 	xor ax, ax
@@ -48,7 +48,7 @@ scall:	sub sp, framsz
 	mov bp, sp
 
 	call getax
-	int 3
+	call jmptab
 
 	; Restore user stack
 	mov sp, [bp+framsz]
@@ -59,6 +59,19 @@ scall:	sub sp, framsz
 	pop bp
 	iret
 
+	; Lookup address of subfunction
+	; Mesh up the stack so we return to subfunction
+	; and subfunction later returns to scall
+jmptab:	push ax
+	push bx
+	xor bx, bx
+	add bl, ah
+	add bl, ah
+	mov bx, [cs:bx+sftab]
+	mov [bp-4], bx
+	pop bx
+	ret
+
 	; Get AX from the user stack
 getax:	push ds
 	push si
@@ -73,40 +86,66 @@ sferr:	stc
 	ret
 
 	; Subfunction table
-	align 2
 sftab:	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
+	; 10
 	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
+	; 20
 	dw sferr, sferr, sferr, sferr
 	dw sferr, setint, sferr, sferr
 	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
+	; 30
 	dw sferr, sferr, sferr, sferr
-	dw sferr, sferr, sferr, sferr
+	dw sferr, getint, sferr, sferr
 	dw sferr, sferr, sferr, sferr
 	dw sferr, sferr, sferr, sferr
 
-	; DOS 25h: Set interrupt vector
-	; IN	al	interrupt number
-	;	ds:dx	entry point
-setint: push ax
-	push bx
+	; IN	al	number
+	; OUT	bx	al * 4
+times4:	push ax
 	xor ah, ah
 	add al, al
 	add al, al
 	mov bx, ax
-	mov [cs:bx], dx
-	mov ax, ds
-	mov [cs:bx+2], ds
-	pop bx
 	pop ax
 	ret
 
+	; DOS 2+ - GET INTERRUPT VECTOR
+	; IN	al	interrupt number
+	; OUT	es:bx	current interrupt handler
+getint:	push ds
+	; DS=0
+	xor bx, bx
+	mov ds, bx
+	; BX=AL*4
+	call times4
+	les bx, [bx]
+	pop ds
+	ret
+
+	; DOS 25h: Set interrupt vector
+	; IN	al	interrupt number
+	;	ds:dx	entry point
+setint:	push es
+	push bx
+	; ES=0
+	xor bx, bx
+	mov es, bx
+	; BX=AL*4
+	call times4
+	mov [es:bx], dx
+	mov ax, ds
+	mov [es:bx+2], ds
+	pop bx
+	pop es
+	ret
+
 ; ===== end of resident, begin of transient startup code
 
 init:	xor ax, ax
@@ -122,7 +161,15 @@ init:	xor ax, ax
 
 	mov ax, 0x2520
 	mov dx, int20h
-	call setint
+	int 0x21
+
+	mov ax, 0x3520
+	int 0x21
+
+	mov ah, 0x3f
+	int 3
+	int 0x21
+	int 3
 
 main:	push cs
 	pop ds