diff --git a/sys/arm64/include/hypervisor.h b/sys/arm64/include/hypervisor.h
--- a/sys/arm64/include/hypervisor.h
+++ b/sys/arm64/include/hypervisor.h
@@ -53,11 +53,13 @@
 
 /* CPTR_EL2 - Architecture feature trap register */
 /* Valid if HCR_EL2.E2H == 0 */
+#define	CPTR_TRAP_ALL		0xc01037ff /* Enable all traps */
 #define	CPTR_RES0		0x7fefc800
 #define	CPTR_RES1		0x000033ff
 #define	CPTR_TFP		0x00000400
 #define	CPTR_TTA		0x00100000
 /* Valid if HCR_EL2.E2H == 1 */
+#define	CPTR_E2H_TRAP_ALL	0xd0000000
 #define	CPTR_E2H_FPEN		0x00300000
 #define	CPTR_E2H_TTA		0x10000000
 /* Unconditionally valid */
diff --git a/sys/arm64/vmm/vmm_reset.c b/sys/arm64/vmm/vmm_reset.c
--- a/sys/arm64/vmm/vmm_reset.c
+++ b/sys/arm64/vmm/vmm_reset.c
@@ -170,9 +170,10 @@
 	 * and floating point functionality to EL2.
 	 */
 	if (in_vhe())
-		el2ctx->cptr_el2 = CPACR_FPEN_TRAP_NONE;
+		el2ctx->cptr_el2 = CPTR_E2H_TRAP_ALL | CPTR_E2H_FPEN;
 	else
-		el2ctx->cptr_el2 = CPTR_RES1;
+		el2ctx->cptr_el2 = CPTR_TRAP_ALL & ~CPTR_TFP;
+	el2ctx->cptr_el2 &= ~CPTR_TCPAC;
 	/*
 	 * Disable interrupts in the guest. The guest OS will re-enable
 	 * them.