diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index 2e85ee068bb2..2b23cbf3c3e2 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -727,21 +727,20 @@ static void handle___pkvm_host_donate_guest(struct kvm_cpu_context *host_ctxt)
 {
 	DECLARE_REG(u64, pfn, host_ctxt, 1);
 	DECLARE_REG(u64, gfn, host_ctxt, 2);
-	struct kvm_vcpu *host_vcpu;
+	DECLARE_REG(struct kvm_vcpu *, vcpu, host_ctxt, 3);
 	struct pkvm_loaded_state *state;
 	int ret = -EINVAL;
 
 	if (!is_protected_kvm_enabled())
 		goto out;
 
+	vcpu = kern_hyp_va(vcpu);
 	state = this_cpu_ptr(&loaded_state);
 	if (!state->vcpu)
 		goto out;
 
-	host_vcpu = state->vcpu->arch.pkvm.host_vcpu;
-
 	/* Topup shadow memcache with the host's */
-	ret = pkvm_refill_memcache(state->vcpu, host_vcpu);
+	ret = pkvm_refill_memcache(state->vcpu, vcpu);
 	if (!ret) {
 		if (state->is_protected)
 			ret = __pkvm_host_donate_guest(pfn, gfn, state->vcpu);
diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c
index c5855bf53446..f4bef1e97f1f 100644
--- a/arch/arm64/kvm/mmu.c
+++ b/arch/arm64/kvm/mmu.c
@@ -1143,12 +1143,12 @@ static int sanitise_mte_tags(struct kvm *kvm, kvm_pfn_t pfn,
 	return 0;
 }
 
-static int pkvm_host_donate_guest(u64 pfn, u64 gfn)
+static int pkvm_host_donate_guest(u64 pfn, u64 gfn, struct kvm_vcpu *vcpu)
 {
 	struct arm_smccc_res res;
 
 	arm_smccc_1_1_hvc(KVM_HOST_SMCCC_FUNC(__pkvm_host_donate_guest),
-			  pfn, gfn, &res);
+			  pfn, gfn, vcpu, &res);
 	WARN_ON(res.a0 != SMCCC_RET_SUCCESS);
 
 	/*
@@ -1200,7 +1200,7 @@ static int pkvm_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa,
 
 	spin_lock(&kvm->mmu_lock);
 	pfn = page_to_pfn(page);
-	ret = pkvm_host_donate_guest(pfn, fault_ipa >> PAGE_SHIFT);
+	ret = pkvm_host_donate_guest(pfn, fault_ipa >> PAGE_SHIFT, vcpu);
 	if (ret) {
 		if (ret == -EAGAIN)
 			ret = 0;