Unused variable 'mark' in v6.1-rc7

From: Ivan Babrou
Date: Sun Nov 27 2022 - 20:31:03 EST


There's 52d1aa8b8249 in v6.1-rc7:

* netfilter: conntrack: Fix data-races around ct mark

It triggers an error:

#19 355.8 /build/linux-source/net/netfilter/nf_conntrack_netlink.c: In
function '__ctnetlink_glue_build':
#19 355.8 /build/linux-source/net/netfilter/nf_conntrack_netlink.c:2674:13:
error: unused variable 'mark' [-Werror=unused-variable]
#19 355.8 2674 | u32 mark;
#19 355.8 | ^~~~
#19 355.8 cc1: all warnings being treated as errors

If CONFIG_NF_CONNTRACK_MARK is not enabled, as mark is declared
unconditionally, but used under ifdef:

#ifdef CONFIG_NF_CONNTRACK_MARK
- if ((events & (1 << IPCT_MARK) || ct->mark)
- && ctnetlink_dump_mark(skb, ct) < 0)
+ mark = READ_ONCE(ct->mark);
+ if ((events & (1 << IPCT_MARK) || mark) &&
+ ctnetlink_dump_mark(skb, mark) < 0)
goto nla_put_failure;
#endif

To have NF_CONNTRACK_MARK one needs NETFILTER_ADVANCED:

config NF_CONNTRACK_MARK
bool 'Connection mark tracking support'
depends on NETFILTER_ADVANCED

It's supposed to be enabled by default:

config NETFILTER_ADVANCED
bool "Advanced netfilter configuration"
depends on NETFILTER
default y

But it's not in defconfig (it's missing from arm64 completely):

$ rg NETFILTER_ADVANCED arch/x86/configs/x86_64_defconfig
93:# CONFIG_NETFILTER_ADVANCED is not set

I think the solution is to enclose mark definition into ifdef as well
and I'm happy to send a patch if you agree and would like me to.