Provide further mitigation against CVE-2017-5715 by flushing the return stack buffer (RSB) upon returning from the guest.
This was inspired by this linux commit:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/arch/x86/kvm?id=117cc7a908c83697b0b737d15ae1eb5943afe35b