Replace warnings with explanation

kernel/src/process/credentials/secure_bits.rs

@@ -55,6 +55,13 @@ impl SecureBits {
         Self::from_bits_truncate((self.bits & Self::LOCK_MASK) >> 1)
     }
 
+    // Currently, we never grant capabilities when executing a new program, even when switching to
+    // root. Therefore, this flag is not used.
+    #[expect(dead_code)]
+    pub(super) fn no_root(&self) -> bool {
+        self.contains(SecureBits::NOROOT)
+    }
+
     pub(super) fn keep_capabilities(&self) -> bool {
         self.contains(SecureBits::KEEP_CAPS)
     }
@@ -62,6 +69,13 @@ impl SecureBits {
     pub(super) fn no_setuid_fixup(&self) -> bool {
         self.contains(SecureBits::NO_SETUID_FIXUP)
     }
+
+    // Currently, ambient capabilities and the PR_CAP_AMBIENT_RAISE operation are not supported.
+    // Therefore, this flag is not used.
+    #[expect(dead_code)]
+    pub(super) fn no_cap_ambient_raise(&self) -> bool {
+        self.contains(SecureBits::NO_CAP_AMBIENT_RAISE)
+    }
 }
 
 impl TryFrom<u16> for SecureBits {
@@ -72,20 +86,6 @@ impl TryFrom<u16> for SecureBits {
             return_errno_with_message!(Errno::EINVAL, "the bits are not valid secure bits");
         }
 
-        #[cfg(debug_assertions)]
-        {
-            // Warn about unsupported bits in debug builds.
-            const DUMMY_IMPL_BITS: u16 =
-                SecureBits::NOROOT.bits() | SecureBits::NO_CAP_AMBIENT_RAISE.bits();
-            let dummy_bits = value & DUMMY_IMPL_BITS;
-            if dummy_bits != 0 {
-                warn!(
-                    "Some SecureBits flags are unsupported currently: {:?}.",
-                    SecureBits::from_bits_truncate(dummy_bits)
-                );
-            }
-        }
-
         Ok(SecureBits { bits: value })
     }
 }