KVM: arm64: Update stale comment for sanitise_mte_tags()

Alexandru Elisei · Marc Zyngier · commit 597f41e17438 · 2025-09-15T17:51:38.000+01:00
Commit c911f0d ("KVM: arm64: permit all VM_MTE_ALLOWED mappings with MTE enabled") allowed VM_SHARED VMAs in a VM with MTE enabled, so remove the comment to the contrary. Commit d77e59a ("arm64: mte: Lock a page for MTE tag initialisation") removed the race that can lead to tags being zeroed more than once when multiple threads attempt initialisation at the same time, so remove the comment about mmap_lock too. Note that sanitise_mte_tags() was never called with the mmap_lock held from user_mem_abort() and the race was prevented by kvm->mmu_lock. However, the function still requires to have the kvm->mmu_lock held to ensure that the memory remains mapped in the userspace process while the tags are zeroed. Document this in a comment. CC: Peter Collingbourne <pcc@google.com> CC: Catalin Marinas <catalin.marinas@arm.com> CC: Steven Price <steven.price@arm.com> Signed-off-by: Alexandru Elisei <alexandru.elisei@arm.com> Reviewed-by: Steven Price <steven.price@arm.com> Signed-off-by: Marc Zyngier <maz@kernel.org>
diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
@@ -1426,11 +1426,8 @@ static int get_vma_page_shift(struct vm_area_struct *vma, unsigned long hva)
  * able to see the page's tags and therefore they must be initialised first. If
  * PG_mte_tagged is set, tags have already been initialised.
  *
- * The race in the test/set of the PG_mte_tagged flag is handled by:
- * - preventing VM_SHARED mappings in a memslot with MTE preventing two VMs
- *   racing to santise the same page
- * - mmap_lock protects between a VM faulting a page in and the VMM performing
- *   an mprotect() to add VM_MTE
+ * Must be called with kvm->mmu_lock held to ensure the memory remains mapped
+ * while the tags are zeroed.
  */
 static void sanitise_mte_tags(struct kvm *kvm, kvm_pfn_t pfn,
 			      unsigned long size)
