From ef0ea8c2bbb3718df1dee8f15ff3206bf592b253 Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Tue, 10 Sep 2013 16:40:34 +0200
Subject: [PATCH] x86/ioapic: avoid trying to access the -1th ioapic

Discovered by Coverity, CID 1055743

Depending on the contents of the mp_irqs/mp_ioapics from the MP table,
find_isa_irq_apic() might return -1, at which point calling
ioapic_read_entry() with it is bad.

In addition to bailing if pin is -1, bail if apic is -1.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
---
 xen/arch/x86/io_apic.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xen/arch/x86/io_apic.c b/xen/arch/x86/io_apic.c
index 048c61cc9b..5512cd591f 100644
--- a/xen/arch/x86/io_apic.c
+++ b/xen/arch/x86/io_apic.c
@@ -1828,7 +1828,7 @@ static void __init unlock_ExtINT_logic(void)
 
     pin = find_isa_irq_pin(8, mp_INT);
     apic = find_isa_irq_apic(8, mp_INT);
-    if (pin == -1)
+    if ( pin == -1 || apic == -1 )
         return;
 
     entry0 = ioapic_read_entry(apic, pin, 0);
-- 
2.30.2