Trap and emulate cpuid (disabling RDRAND)

[sporksmith]

On some newer Intel CPUs, the cpuid instruction can be trapped and emulated in a similar way as rdtsc, using arch_prctl(ARCH_SET_CPUID). In particular this could be useful for making it appear as though the RDRAND instruction isn't present.

From https://lwn.net/Articles/713970/:

Newer Intel CPUs (Ivy Bridge and later) can fault when CPUID is executed at
CPL > 0. Expose this capability to userspace as a new pair of arch_prctls,
ARCH_GET_CPUID and ARCH_SET_CPUID.

See also https://man7.org/linux/man-pages/man2/arch_prctl.2.html

[sporksmith]

It looks like AMD support is coming (ht @trinity-1686a ): https://www.phoronix.com/news/AMD-CPUID-Faulting-Linux-6.17