From: "Paul E. McKenney" <paulmck@xxxxxxxxxxxxxxxxxx> The sparse checking for rcu_assign_pointer() was recently upgraded to reject non-__kernel address spaces. This also rejects __rcu, which is almost always the right thing to do. However, the use in __br_mdb_del() is legitimate: They are assigning a pointer to an element from an RCU-protected list, and all elements of this list are already visible to caller. This commit therefore silences these false positives by laundering the pointers using rcu_access_pointer() as suggested by Josh Triplett. Reported-by: kbuild test robot <fengguang.wu@xxxxxxxxx> Signed-off-by: Paul E. McKenney <paulmck@xxxxxxxxxxxxxxxxxx> Cc: Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> Cc: bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx Cc: netdev@xxxxxxxxxxxxxxx --- net/bridge/br_mdb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c index 85a09bb5ca51..3184c8812b49 100644 --- a/net/bridge/br_mdb.c +++ b/net/bridge/br_mdb.c @@ -447,7 +447,7 @@ static int __br_mdb_del(struct net_bridge *br, struct br_mdb_entry *entry) if (p->port->state == BR_STATE_DISABLED) goto unlock; - rcu_assign_pointer(*pp, p->next); + rcu_assign_pointer(*pp, rcu_access_pointer(p->next)); hlist_del_init(&p->mglist); del_timer(&p->timer); call_rcu_bh(&p->rcu, br_multicast_free_pg); -- 1.8.1.5
