From 1c3808f4b5249691d9e15ec8d268158d52c6d899 Mon Sep 17 00:00:00 2001
From: Jan Beulich <jbeulich@suse.com>
Date: Tue, 3 Feb 2015 11:38:22 +0100
Subject: [PATCH] IOMMU/x86: correct page_list_first() use

Comparing its result against NULL is unsafe when page lists use normal
list entries for linking together - page_list_empty() needs to be used
instead.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Tim Deegan <tim@xen.org>
---
 xen/drivers/passthrough/x86/iommu.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/xen/drivers/passthrough/x86/iommu.c b/xen/drivers/passthrough/x86/iommu.c
index ce0ca5aa39..52d89482b8 100644
--- a/xen/drivers/passthrough/x86/iommu.c
+++ b/xen/drivers/passthrough/x86/iommu.c
@@ -85,8 +85,9 @@ int arch_iommu_populate_page_table(struct domain *d)
          * first few entries.
          */
         page_list_move(&d->page_list, &d->arch.relmem_list);
-        while ( (page = page_list_first(&d->page_list)) != NULL &&
-                (page->count_info & (PGC_state|PGC_broken)) )
+        while ( !page_list_empty(&d->page_list) &&
+                (page = page_list_first(&d->page_list),
+                 (page->count_info & (PGC_state|PGC_broken))) )
         {
             page_list_del(page, &d->page_list);
             page_list_add_tail(page, &d->arch.relmem_list);
-- 
2.30.2