One might think of this as follow-on to XSA-451, but that's not quite
the right order of events.
There are a few open aspects; see individual patches.
1: remove redundant XEN_SHSTK check from reinit_bsp_stack()
2: record SSP at non-guest entry points
3: traps: use entry_ssp in fixup_exception_return()
4: prefer shadow stack for producing call traces
Jan