chore: Add ibpb_exit_to_user as host only feature

Backport commit 8221464 from main.

New Amazon Linux host kernels enable mitigation against VMScape that is
IBPB before exit to userspace. However, our guest kernels still haven't
had the patches yet. Note that Intel Ice Lake is not affected by VMScape
as long as BHB clearing sequence is used to mitigate BHI.

Signed-off-by: Takahiro Itazuri <[email protected]>

Author: zulinx86

tests/integration_tests/functional/test_cpu_features_host_vs_guest.py

@@ -49,6 +49,7 @@
     "hwp_act_window",
     "hwp_epp",
     "hwp_pkg_req",
+    "ibpb_exit_to_user",
     "ida",
     "intel_ppin",
     "intel_pt",
@@ -94,6 +95,7 @@
     "extd_apicid",
     "flushbyasid",
     "hw_pstate",
+    "ibpb_exit_to_user",
     "ibs",
     "irperf",
     "lbrv",
@@ -211,7 +213,14 @@ def test_host_vs_guest_cpu_features(uvm_plain_any):
             assert guest_feats - host_feats == expected_guest_minus_host
 
         case CpuModel.INTEL_ICELAKE:
-            host_guest_diff_5_10 = INTEL_HOST_ONLY_FEATS - {"cdp_l3"} | {
+            expected_host_minus_guest = INTEL_HOST_ONLY_FEATS
+
+            # As long as BHB clearing software mitigation is enabled, Intel Ice Lake is not
+            # vulnerable to VMScape and "IBPB before exit to userspace" is not needed.
+            # https://docs.kernel.org/admin-guide/hw-vuln/vmscape.html#affected-processors
+            expected_host_minus_guest -= {"ibpb_exit_to_user"}
+
+            host_guest_diff_5_10 = expected_host_minus_guest - {"cdp_l3"} | {
                 "pconfig",
                 "tme",
                 "split_lock_detect",