ANDROID: KVM: arm64: Restrict pKVM hyp exports

The pKVM hypervisor uses the module_ops struct as a way to expose
services to loadable modules. It doesn't however allow fine-grained
definition of the license for each export, and doesn't have a way to
check the license of the loaded module (yet). As such, the  assumption
is that said module is proprietary, and must NOT be allowed to use GPL
symbols.

Given the lack of license enforcement at load time, let's seek GPL
compliance by preventing the accidental export of GPL symbols to hyp
modules via pKVM's module_ops struct. To do so, add a build time check
for the absence of such symbols from the KVM nvhe code entirely.

In the future (Android 16+ and upstream), we should consider expanding
the pKVM module loader to allow finer grained licensing of exports.
This would allow exposing internal pKVM functions as GPL only for e.g.
selftests and such w/o risking exports to proprietary modules.

Bug: 278749606
Bug: 263340138
Bug: 267430896
Change-Id: I09b81bfe322c0d2746c0349c5f217a5a76b6e33d
Signed-off-by: Quentin Perret <qperret@google.com>