ANDROID: KVM: arm64: Allow zap host stage-2 from pKVM modules

On FF-A lend, the pKVM FF-A proxy marks the region as shared to
validate the current page ownership and prevent further usage, until
that memory is reclaimed. We do not want here a donation as:

  * Sharing has no risk of fragmenting the host stage-2. This state is
    stored in the vmemmap.
  * Memory protection is enforced by the TZPC anyway.

However, on SoCs where the CPU has a cacheable mapping at stage-1, we
need to unmap the stage-2 before the TZPC is configured to prevent any
speculative access by the CPU. pKVM doesn't offer any mechanism to unmap
and then share with FF-A. The closest would be host_stage2_mod_prot(),
but for security purposes, pages with restricted permissions are marked
as MODULE_OWNED.

Therefore, create a new set of pKVM module ops
host_stage2_enable_lazy_pte() and host_stage2_disable_lazy_pte(). The
first one unmaps the memory region. But a PTE level mapping can be
re-installed on a faulting acces from the host. The second one re-enable
the ability to install block mappings for that region.

Bug: 278749606
Bug: 352480558
Change-Id: I9c8ad84d1f5e85dfbf3c34a6411db2440f66e783
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>