A small set of updates for x86: - Return -EIO instead of success when the certificate buffer for SEV guests is not large enough. - Allow STIPB to be enabled with legacy IBSR. Legacy IBRS is cleared on return to userspace for performance reasons, but the leaves user space vulnerable to cross-thread attacks which STIBP prevents. Update the documentation accordingly.