I'm testing the newly introduced nested virt API from Hypervisor.framework on an M3 Pro running 15.3.1.
First, I'm calling "hv_vm_config_get_el2_supported" to confirm the system supports nested virt, then "hv_vm_config_set_el2_enabled" to enable EL2 in the configuration and finally "hv_vm_config_get_el2_enabled" to confirm it's enabled.
After creating the VM with this configuration, I've confirmed with assembly code (checking CurrentEL) that the vCPU is still starting in EL1. Something has definitely changed in the vCPU management, because SMCCC calls that worked fine without calling "hv_vm_config_set_el2_enabled" now trigger an "EC_INSNABORT", but from the guest perspective the vCPU is definitely still in EL1.
Is there an additional requirement in addition to calling to "hv_vm_config_set_el2_enabled" to make the vCPU start in EL2?
The Hypervisor framework generally doesn't provide a reset state for the vCPUs. It's best that you program each system register with a default value for the features you are enabling/emulating.
For the current EL state, that is defined by HV_REG_CPSR (the PSTATE). The format of CPSR is the same as SPSR_ELx. To enter at EL2, you'll want to set the M field.