Skip to content

Fix some arm64/gcc build warnings#14

Open
ukleinek wants to merge 2 commits intoCHERI-Alliance:codasip-cheri-riscv-6.18from
ukleinek:arm64-build-warnings
Open

Fix some arm64/gcc build warnings#14
ukleinek wants to merge 2 commits intoCHERI-Alliance:codasip-cheri-riscv-6.18from
ukleinek:arm64-build-warnings

Conversation

@ukleinek
Copy link
Copy Markdown

@ukleinek ukleinek commented Mar 17, 2026

No description provided.

scosu
scosu reviewed Mar 18, 2026
View reviewed changes
scosu
scosu approved these changes Mar 18, 2026
View reviewed changes
Copy link
Copy Markdown

@scosu scosu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Otherwise looks good

@ukleinek
arm64: Mark do_cap_fault() as maybe unused
1018518 
The function is only used with CONFIG_ARM64_MORELLO=y, but defined
unconditionally. With __maybe_unsed the following warning is fixed:

arch/arm64/mm/fault.c:805:12: warning: ‘do_cap_fault’ defined but not used [-Wunused-function]
  805 | static int do_cap_fault(unsigned long far, unsigned long esr,
      |            ^~~~~~~~~~~~

Fixes: cdce7a4 ("[CHERRY-PICK] arm64: morello: Handle capability faults")
Signed-off-by: Uwe Kleine-König (The Capable Hub) <u.kleine-koenig@baylibre.com>
@ukleinek ukleinek force-pushed the arm64-build-warnings branch from b8bb35b to 5e6ba4e Compare March 21, 2026 18:28
@ukleinek
Copy link
Copy Markdown
Author

ukleinek commented Mar 21, 2026

"funny", the two variants

static int __maybe_unused do_cap_fault(unsigned long far, unsigned long esr,
                                       struct pt_regs *regs)
{
...
}

and

static int do_cap_fault(unsigned long far, unsigned long esr,
                        struct pt_regs *regs) __maybe_unused;
static int do_cap_fault(unsigned long far, unsigned long esr,
                        struct pt_regs *regs)
{
...
}

both work, but adding __maybe_unused at the end without a declaration doesn't. Also I would have expected from myself to see this build problem as I can reproduce it in the setting I think I also used before.

@ukleinek
Copy link
Copy Markdown
Author

ukleinek commented Mar 21, 2026

I rebased the branch now, and chose to use a different approach to fix the unused variable warning in the drm/tda998x driver which is IMHO much more elegant.
I don't see, why 88aeac7 is in the tree at all, maybe the elegance doesn't work. I rely on the build tests to tell me if it's unsuitable.

@chrehrhardt
Copy link
Copy Markdown
Collaborator

chrehrhardt commented Mar 21, 2026
edited
Loading

I rebased the branch now, and chose to use a different approach to fix the unused variable warning in the drm/tda998x driver which is IMHO much more elegant. I don't see, why 88aeac7 is in the tree at all, maybe the elegance doesn't work. I rely on the build tests to tell me if it's unsuitable.

As you can see this introduces new build failures on morello which need to be addressed. As this is a little surprising I'll try to explain what the warning is about. This is not something you introduces but you change exposes it in the CI so this needs to be addressed.

When dealing with morello you have to be aware that the morello kernel is a hybrid piece of software. I.e. it runs in compatiblity mode and e.g. void * is a normal pointer, not a capability. However, being hybrid it is aware of the fact that capabilities exists. And it assumes that userland is running in capability mode. In hybrid mode a capability can be declared with void * __capability. In general user pointers in the kernel are capabilities while in kernel pointers are not.

As a little cheat the morello kernel defines __user to __capability. This correctly turns most user pointers into capabilities while kernel pointers are not affected. We do not want the kernel to be an agent that subverts capability protections. Thus kernel access to user memory uses capabilities and we must be careful not to cast away __user without proper justification.

However, this trick has a problem: The correct placement of __user is different from that of __capability. The correct placement is

    void __user * ptr;

vs.

   void * __capability cap;

For normal pointers the compiler accepts both placements for __capabiltity which allows use to use the above cheat.

However, for double pointers the placement is ambigous and __capability must be used explicitly and in the correct place.

@ukleinek ukleinek force-pushed the arm64-build-warnings branch from 5e6ba4e to c7e957b Compare March 23, 2026 16:55
@ukleinek
morello_pcuabi_defconfig: Enable SND_SOC
913ac7c 
Signed-off-by: Uwe Kleine-König (The Capable Hub) <u.kleine-koenig@baylibre.com>
@ukleinek ukleinek force-pushed the arm64-build-warnings branch from c7e957b to 913ac7c Compare March 23, 2026 17:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chrehrhardt chrehrhardt chrehrhardt requested changes

+1 more reviewer

@scosu scosu scosu approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ukleinek @chrehrhardt @scosu