kvm: Enable CPU SMEP feature

This patchset enables a new CPU feature SMEP (Supervisor Mode Execution
Protection) in QEMU-KVM. SMEP prevents kernel from executing code in application.
Updated Intel SDM describes this CPU feature. The document will be published soon.

SMEP is identified by CPUID leaf 7 EBX[7], which is 0 before. Get the right value by query KVM kernel module, so that guest can get SMEP through CPUID.

 Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
 Singed-off-by: Shan, Haitao <haitao.shan@intel.com>
 Singed-off-by: Li, Xin <xin.li@intel.com>

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>