arm64: mte: Do not warn if the page is already tagged in copy_highpage()

The arm64 copy_highpage() assumes that the destination page is newly
allocated and not MTE-tagged (PG_mte_tagged unset) and warns
accordingly. However, following commit 060913999d7a ("mm: migrate:
support poisoned recover from migrate folio"), folio_mc_copy() is called
before __folio_migrate_mapping(). If the latter fails (-EAGAIN), the
copy will be done again to the same destination page. Since
copy_highpage() already set the PG_mte_tagged flag, this second copy
will warn.

Replace the WARN_ON_ONCE(page already tagged) in the arm64
copy_highpage() with a comment.

Reported-by: syzbot+d1974fc28545a3e6218b@syzkaller.appspotmail.com
Link: https://lore.kernel.org/r/68dda1ae.a00a0220.102ee.0065.GAE@google.com
Reviewed-by: David Hildenbrand <david@redhat.com>
Cc: Will Deacon <will@kernel.org>
Cc: Kefeng Wang <wangkefeng.wang@huawei.com>
Cc: stable@vger.kernel.org # 6.12.x
Reviewed-by: Yang Shi <yang@os.amperecomputing.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>

diff --git a/arch/arm64/mm/copypage.c b/arch/arm64/mm/copypage.c
index a86c897017df08cd2d6790ef02d53d9a2a8af05b..cd5912ba617b706a2e69376cd4864dea4c7b9608 100644 (file)
--- a/arch/arm64/mm/copypage.c
+++ b/arch/arm64/mm/copypage.c
@@ -35,7 +35,7 @@ void copy_highpage(struct page *to, struct page *from)
                    from != folio_page(src, 0))
                        return;
 
-               WARN_ON_ONCE(!folio_try_hugetlb_mte_tagging(dst));
+               folio_try_hugetlb_mte_tagging(dst);
 
                /*
                 * Populate tags for all subpages.
@@ -51,8 +51,13 @@ void copy_highpage(struct page *to, struct page *from)
                }
                folio_set_hugetlb_mte_tagged(dst);
        } else if (page_mte_tagged(from)) {
-               /* It's a new page, shouldn't have been tagged yet */
-               WARN_ON_ONCE(!try_page_mte_tagging(to));
+               /*
+                * Most of the time it's a new page that shouldn't have been
+                * tagged yet. However, folio migration can end up reusing the
+                * same page without untagging it. Ignore the warning if the
+                * page is already tagged.
+                */
+               try_page_mte_tagging(to);
 
                mte_copy_page_tags(kto, kfrom);
                set_page_mte_tagged(to);