x86/ioapic: avoid trying to access the -1th ioapic

Discovered by Coverity, CID 1055743

Depending on the contents of the mp_irqs/mp_ioapics from the MP table,
find_isa_irq_apic() might return -1, at which point calling
ioapic_read_entry() with it is bad.

In addition to bailing if pin is -1, bail if apic is -1.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Keir Fraser <keir@xen.org>

diff --git a/xen/arch/x86/io_apic.c b/xen/arch/x86/io_apic.c
index 048c61cc9b34b17a1fcd0378ac3445bb3ea0fc4a..5512cd591f94fbafc2d529ddeeb1f3fb9fee1682 100644 (file)
--- a/xen/arch/x86/io_apic.c
+++ b/xen/arch/x86/io_apic.c
@@ -1828,7 +1828,7 @@ static void __init unlock_ExtINT_logic(void)
 
     pin = find_isa_irq_pin(8, mp_INT);
     apic = find_isa_irq_apic(8, mp_INT);
-    if (pin == -1)
+    if ( pin == -1 || apic == -1 )
         return;
 
     entry0 = ioapic_read_entry(apic, pin, 0);