[PATCH] drm/fb-helper: Fix drm_fb_helper_firmware_config() NULL pointer deref

[Noralf Trønnes]

Non-atomic drivers like ast doesn't have connector->state set resulting
in a NULL pointer deref:

[   29.609593] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
[   29.609619] Call Trace:
[   29.609630]  ? drm_helper_probe_single_connector_modes+0x27f/0x680
[   29.609640]  drm_setup_crtcs+0x431/0xd80 [drm_kms_helper]
[   29.753065]  __drm_fb_helper_initial_config_and_unlock+0x6f/0x6a0
[   29.753160]  ? drm_modeset_unlock_all+0x31/0x50 [drm]
[   29.765758]  ast_fbdev_init+0xa8/0xc0 [ast]
[   29.765762]  ast_driver_load.cold.7+0x2b3/0xe11 [ast]
[   29.765775]  drm_dev_register+0x111/0x150 [drm]

Fix by bailing out if the driver does not support atomic modesetting.

Fixes: 09ded8af57bc ("drm/i915/fbdev: Move intel_fb_initial_config() to fbdev helper")
Reported-by: Thomas Zimmermann <tzimmermann at suse.de>
Cc: Daniel Vetter <daniel.vetter at ffwll.ch>
Cc: Jani Nikula <jani.nikula at linux.intel.com>
Signed-off-by: Noralf Trønnes <noralf at tronnes.org>
---
 drivers/gpu/drm/drm_fb_helper.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/gpu/drm/drm_fb_helper.c b/drivers/gpu/drm/drm_fb_helper.c
index 2339f0f8f5a8..899c2eca26d1 100644
--- a/drivers/gpu/drm/drm_fb_helper.c
+++ b/drivers/gpu/drm/drm_fb_helper.c
@@ -2588,6 +2588,9 @@ static bool drm_fb_helper_firmware_config(struct drm_fb_helper *fb_helper,
 	int num_connectors_detected = 0;
 	struct drm_modeset_acquire_ctx ctx;
 
+	if (!drm_drv_uses_atomic_modeset(dev))
+		return false;
+
 	save_enabled = kcalloc(count, sizeof(bool), GFP_KERNEL);
 	if (!save_enabled)
 		return false;
-- 
2.20.1