aarch64: Only enable pVM once umem allocs are done

Move the call to enable_protected_vm past the PVTIME memory region
allocation introduced by 895c90c5f2 ("aarch64: Implement
ARM_VCPU_PVTIME for "stolen time" accounting"). As such allocation is
prohibited once protected VM mode has been enabled (Kernel returns
EPERM), which currently results in crosvm failing when started with
--protected-vm.

BUG=b:193231584
TEST=crosvm --protected-vm on a kernel with KVM_CAP_ARM_PROTECTED_VM

Change-Id: I2a97d3ff64ed59dd6679e51951c79e27bf290d5e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3021126
Reviewed-by: Andrew Walbran <qwandor@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Pierre-Clément Tosi <ptosi@google.com>

aarch64/src/lib.rs

@@ -274,14 +274,6 @@ impl arch::LinuxArch for AArch64 {
 
         let mem = vm.get_memory().clone();
 
-        if components.protected_vm == ProtectionType::Protected {
-            vm.enable_protected_vm(
-                GuestAddress(AARCH64_PROTECTED_VM_FW_START),
-                AARCH64_PROTECTED_VM_FW_MAX_SIZE,
-            )
-            .map_err(Error::ProtectVm)?;
-        }
-
         let mut use_pmu = vm
             .get_hypervisor()
             .check_capability(&HypervisorCap::ArmPmuV3);
@@ -323,6 +315,14 @@ impl arch::LinuxArch for AArch64 {
             .map_err(Error::MapPvtimeError)?;
         }
 
+        if components.protected_vm == ProtectionType::Protected {
+            vm.enable_protected_vm(
+                GuestAddress(AARCH64_PROTECTED_VM_FW_START),
+                AARCH64_PROTECTED_VM_FW_MAX_SIZE,
+            )
+            .map_err(Error::ProtectVm)?;
+        }
+
         for (vcpu_id, vcpu) in vcpus.iter().enumerate() {
             use_pmu &= vcpu.init_pmu(AARCH64_PMU_IRQ as u64 + 16).is_ok();
             if has_pvtime {