HV: check secure/normal world for EPTP in gpa2hpa

for secure and normal world has different EPTP, in secure world,
it could trap to hypervisor and call gpa2hpa function. So it need
check if it is in normal or secure world for EPTP selection.

Detailed explanation from Yadong Qi <yadong.qi@intel.com>:
Currently, trusty OS does not handle interrupt, so when an interrupt
is delivering in trusty, trusty will set it to LAPIC IRR register by
inject self_ipi() and then call world_switch to switch to Android,
So android will receive/handle the interrupt properly.Since the
vLAPIC is enabled in ACRN, so when trusty try to inject self_ipi(),
APIC-ACCESS vmexit will happen. Then ACRN will do instruction
decode/emulation, so the GPA2HPA will fail since page walk is using
nworld_eptp. It is probability an issue.

Signed-off-by: Minggui Cao <minggui.cao@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>

hypervisor/arch/x86/ept.c

@@ -104,9 +104,16 @@ uint64_t local_gpa2hpa(const struct vm *vm, uint64_t gpa, uint32_t *size)
 {
 	uint64_t hpa = 0UL;
 	uint64_t *pgentry, pg_size = 0UL;
+	void *eptp;
+	struct vcpu *vcpu = vcpu_from_pid(vm, get_cpu_id());
 
-	pgentry = lookup_address((uint64_t *)vm->arch_vm.nworld_eptp,
-			gpa, &pg_size, PTT_EPT);
+	if (vcpu && (vcpu->arch_vcpu.cur_context == SECURE_WORLD)) {
+		eptp = vm->arch_vm.sworld_eptp;
+	} else {
+		eptp = vm->arch_vm.nworld_eptp;
+	}
+
+	pgentry = lookup_address((uint64_t *)eptp, gpa, &pg_size, PTT_EPT);
 	if (pgentry != NULL) {
 		hpa = ((*pgentry & (~(pg_size - 1UL)))
 				| (gpa & (pg_size - 1UL)));