Description: kvm/x86: fix icebp instruction handling
References:
 http://www.openwall.com/lists/oss-security/2018/05/08/5
 https://marc.info/?l=linux-kernel&m=152580052406931
Notes:
 bwh> Vulnerability introduced in Linux 3.16 by commit fd2a445a94d2
 bwh> "KVM: VMX: Advance rip to after an ICEBP instruction".  (Without
 bwh> that commit, ICEBP doesn't work properly but that isn't a security
 bwh> issue.)
Bugs:
upstream: released (4.16-rc7) [32d43cd391bacb5f0814c2624399a5dad3501d09]
4.9-upstream-stable: released (4.9.91) [587da2b6282302325bd4bcc28a7615e822184ff1]
3.16-upstream-stable: released (3.16.57) [e6c4cf2c7cbd5fd81f9a323c30ee0e3e1d2cae4b]
3.2-upstream-stable: N/A "Vulnerability introduced later"
sid: released (4.15.17-1)
4.9-stretch-security: released (4.9.88-1+deb9u1) [bugfix/x86/kvm-x86-fix-icebp-instruction-handling.patch]
3.16-jessie-security: released (3.16.56-1+deb8u1) [bugfix/x86/kvm-x86-fix-icebp-instruction-handling.patch]
3.2-wheezy-security: N/A "Vulnerability introduced later"