ANDROID: KVM: arm64: Restrict pKVM hyp exports

The pKVM hypervisor uses the module_ops struct as a way to expose
services to loadable modules. It doesn't however allow fine-grained
definition of the license for each export, and doesn't have a way to
check the license of the loaded module (yet). As such, the  assumption
is that said module is proprietary, and must NOT be allowed to use GPL
symbols.

Even though symbols such as __pkvm_load_el2_module are currently
exported as GPL, these exports only apply to the kernel part of the
module, which is usually only a proxy to load the hyp module, which
may be built separately.

Given the lack of license enforcement at load time, let's seek GPL
compliance by preventing the accidental export of GPL symbols to hyp
modules via pKVM's module_ops struct. To do so, add a build time check
for the absence of such symbols from the KVM nvhe code entirely.

In the future (Android 15+ and upstream), we should consider expanding
the pKVM module loader to allow finer grained licensing of exports.
This would allow exposing internal pKVM functions as GPL only for e.g.
selftests and such w/o risking exports to proprietary modules.

Bug: 263340138
Bug: 267430896
Change-Id: I09b81bfe322c0d2746c0349c5f217a5a76b6e33d
Signed-off-by: Quentin Perret <qperret@google.com>