drm/via: Add new condition to via_dma_cleanup()

Pointer dev_priv->mmio, which was checked for NULL at via_do_init_map(),
is passed to via_do_cleanup_map() and is dereferenced there without check.

The patch adds the condition in via_dma_cleanup() which prevents potential NULL
pointer dereference.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: 22f579c621e2 ("drm: Add via unichrome support")
Signed-off-by: Alisa Khabibrakhmanova <khabibrakhmanova@ispras.ru>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: https://patchwork.freedesktop.org/patch/msgid/20220729090643.240778-1-khabibrakhmanova@ispras.ru

diff --git a/drivers/gpu/drm/via/via_dri1.c b/drivers/gpu/drm/via/via_dri1.c
index f659c0c..217d1e8 100644 (file)
--- a/drivers/gpu/drm/via/via_dri1.c
+++ b/drivers/gpu/drm/via/via_dri1.c
@@ -2961,7 +2961,7 @@ int via_dma_cleanup(struct drm_device *dev)
                drm_via_private_t *dev_priv =
                    (drm_via_private_t *) dev->dev_private;
 
-               if (dev_priv->ring.virtual_start) {
+               if (dev_priv->ring.virtual_start && dev_priv->mmio) {
                        via_cmdbuf_reset(dev_priv);
 
                        drm_legacy_ioremapfree(&dev_priv->ring.map, dev);