arm64: mte: Fix refcount tracking for tag storage blocks

When a page is allocated as tagged, the associated tag blocks have their
refcount incremented by 1, regardless of the order of the tagged page.
For example, for an order 5 allocation (32 tagged pages), the tag block
refcount is incremented by 1. Same  for an order 0 allocation (1 tagged
page).

This works just fine if the code frees in one go the same number of
pages that were allocatd. In the example above, if the code requested 32
tagged pages, then it will free all of the 32 tagged pages in one free
call and no errors occur.

Things start to awry when that changes. For example:

1. Code allocates 32 tagged pages.
2. Tag block is reserved, refcount becomes 2.
3. Code frees 1 page, 31 pages are still in use.
4. Tag block refcount is decremented, it becomes 1, and the tag block is
   freed.

And that means that if the tag block is allocated for data, the tags
which are used by the remaining 31 pages will be corrupted.

Prevent this from happening by increasing the refcount of a tag block by
the number of allocated tagged pages, not by 1. This ensures that a tag
block is freed when all associated tagged pages have been freed.