nVMX: Exclude CR4.CET from the test_vmxon_bad_cr()

CET KVM enabling patch series introduces extra constraints on CR0.WP and
CR4.CET bits, i.e., setting CR4.CET == 1 causes fault if CR0.WP == 0. Skip
the bit testing to avoid folding it in flexible_cr4 and finally trigger
a #GP when write the CR4 with CET bit set while CR0.WP is cleared.

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
Link: https://lore.kernel.org/r/20230913235006.74172-2-weijiang.yang@intel.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
diff --git a/x86/vmx.c b/x86/vmx.c
index 12e42b0..1c27850 100644
--- a/x86/vmx.c
+++ b/x86/vmx.c
@@ -1430,7 +1430,7 @@
 		 */
 		if ((cr_number == 0 && (bit == X86_CR0_PE || bit == X86_CR0_PG)) ||
 		    (cr_number == 4 && (bit == X86_CR4_PAE || bit == X86_CR4_SMAP ||
-					bit == X86_CR4_SMEP)))
+					bit == X86_CR4_SMEP || bit == X86_CR4_CET)))
 			continue;
 
 		if (!(bit & required1) && !(bit & disallowed1)) {