[PATCH] mm/huge_memory: restrict __GFP_ZEROTAGS to HW tagging architectures

Jan Polensky japo at linux.ibm.com
Mon Nov 10 01:48:21 PST 2025 

On Mon, Nov 10, 2025 at 10:09:31AM +0100, David Hildenbrand (Red Hat) wrote:
> On 09.11.25 01:36, Jan Polensky wrote:
> > The previous change added __GFP_ZEROTAGS when allocating the huge zero
> > folio to ensure tag initialization for arm64 with MTE enabled. However,
> > on s390 this flag is unnecessary and triggers a regression
> > (observed as a crash during repeated 'dnf makecache').
> >
> > Restrict the use of __GFP_ZEROTAGS to architectures that support
> > hardware memory tagging (currently arm64 with MTE or KASAN HW tags).
> > This avoids unintended side effects on other platforms.
> >
> > Fixes: 1579227fe0f0 ("mm/huge_memory: initialise the tags of the huge zero folio")
> > Link: https://lore.kernel.org/r/20251031170133.280742-1-catalin.marinas@arm.com
> > Signed-off-by: Jan Polensky <japo at linux.ibm.com>
> > ---
> >   mm/huge_memory.c | 9 +++++----
> >   1 file changed, 5 insertions(+), 4 deletions(-)
> >
> > diff --git a/mm/huge_memory.c b/mm/huge_memory.c
> > index aae283b00857..0c1794656d7a 100644
> > --- a/mm/huge_memory.c
> > +++ b/mm/huge_memory.c
> > @@ -209,14 +209,15 @@ unsigned long __thp_vma_allowable_orders(struct vm_area_struct *vma,
> >
> >   static bool get_huge_zero_folio(void)
> >   {
> > +	gfp_t gfp = (GFP_TRANSHUGE | __GFP_ZERO) & ~__GFP_MOVABLE;
> >   	struct folio *zero_folio;
> >   retry:
> >   	if (likely(atomic_inc_not_zero(&huge_zero_refcount)))
> >   		return true;
> > -
> > -	zero_folio = folio_alloc((GFP_TRANSHUGE | __GFP_ZERO | __GFP_ZEROTAGS) &
> > -				 ~__GFP_MOVABLE,
> > -			HPAGE_PMD_ORDER);
> > +#if IS_ENABLED(CONFIG_KASAN_HW_TAGS) || IS_ENABLED(CONFIG_ARM64_MTE)
> > +	gfp |= __GFP_ZEROTAGS;
> > +#endif
>
> That looks like the wrong approach. If an architecture does not support
> __GFP_ZEROTAGS it should not trigger anything. __GFP_ZEROTAGS should be ignored.
>
> I think the problem is that post_alloc_hook() does
>
> if (zero_tags) {
> 	/* Initialize both memory and memory tags. */
> 	for (i = 0; i != 1 << order; ++i)
> 		tag_clear_highpage(page + i);
>
> 	/* Take note that memory was initialized by the loop above. */
> 	init = false;
> }
>
> And tag_clear_highpage() is a NOP on other architectures.
>
> Gah.
>
> I wonder if the following would work:
>
>
> diff --git a/include/linux/gfp_types.h b/include/linux/gfp_types.h
> index 65db9349f9053..56b82e116cb79 100644
> --- a/include/linux/gfp_types.h
> +++ b/include/linux/gfp_types.h
> @@ -47,7 +47,9 @@ enum {
>         ___GFP_HARDWALL_BIT,
>         ___GFP_THISNODE_BIT,
>         ___GFP_ACCOUNT_BIT,
> +#ifdef __HAVE_ARCH_TAG_CLEAR_HIGHPAGE
>         ___GFP_ZEROTAGS_BIT,
> +#endif
>  #ifdef CONFIG_KASAN_HW_TAGS
>         ___GFP_SKIP_ZERO_BIT,
>         ___GFP_SKIP_KASAN_BIT,
> @@ -85,7 +87,11 @@ enum {
>  #define ___GFP_HARDWALL                BIT(___GFP_HARDWALL_BIT)
>  #define ___GFP_THISNODE                BIT(___GFP_THISNODE_BIT)
>  #define ___GFP_ACCOUNT         BIT(___GFP_ACCOUNT_BIT)
> +#ifdef __HAVE_ARCH_TAG_CLEAR_HIGHPAGE
>  #define ___GFP_ZEROTAGS                BIT(___GFP_ZEROTAGS_BIT)
> +#else
> +#define ___GFP_ZEROTAGS                0
> +#endif
>  #ifdef CONFIG_KASAN_HW_TAGS
>  #define ___GFP_SKIP_ZERO       BIT(___GFP_SKIP_ZERO_BIT)
>  #define ___GFP_SKIP_KASAN      BIT(___GFP_SKIP_KASAN_BIT)
>
>
> Likely we'd have to make __HAVE_ARCH_TAG_CLEAR_HIGHPAGE a proper
> kconfig option.
>
>
> Then we could turn the default implementation of
> tag_clear_highpage() into a BUILD_BUG.
>
I'd like to suggest to keep the enum untouched and only use the second
part of your suggestion.
Which works by the way for our arch (s390).

 include/linux/gfp_types.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/linux/gfp_types.h b/include/linux/gfp_types.h
index 65db9349f905..c12d8a601bb3 100644
--- a/include/linux/gfp_types.h
+++ b/include/linux/gfp_types.h
@@ -85,7 +85,11 @@ enum {
 #define ___GFP_HARDWALL        BIT(___GFP_HARDWALL_BIT)
 #define ___GFP_THISNODE        BIT(___GFP_THISNODE_BIT)
 #define ___GFP_ACCOUNT     BIT(___GFP_ACCOUNT_BIT)
+#ifdef __HAVE_ARCH_TAG_CLEAR_HIGHPAGE
 #define ___GFP_ZEROTAGS        BIT(___GFP_ZEROTAGS_BIT)
+#else
+#define ___GFP_ZEROTAGS        0
+#endif
 #ifdef CONFIG_KASAN_HW_TAGS
 #define ___GFP_SKIP_ZERO   BIT(___GFP_SKIP_ZERO_BIT)
 #define ___GFP_SKIP_KASAN  BIT(___GFP_SKIP_KASAN_BIT)

This solution would be sufficient from my side, and I would appreciate a
quick application if there are no objections.

Thank you David.

More information about the linux-arm-kernel mailing list