enable Supervisor Mode Access Prevention (SMAP) for Xen

x86: enable Supervisor Mode Access Prevention (SMAP) for Xen
http://lists.xen.org/archives/html/xen-changelog/2014-05/msg00196.html

Supervisor Mode Access Prevention (SMAP) is a new security feature disclosed by Intel, please refer to the following document:
http://software.intel.com/sites/default/files/319433-014.pdf

This patch enables SMAP in Xen to prevent Xen hypervisor from accessing pv guest data, whose translation paging-structure entries' U/S flags are all set.