re: kern/54655: cpu_rng_rdseed() should check support of RDRAND instruction

[matthew green <mrg%eterna.com.au@localhost>]

my comments are unrelated to the bug presented, but the code
snippets from the patches caught my eye.


looking at the way rdseed gives up after one attempt that does
not quite follow the intel guide for using rdseed/rdrand.

rdrand should be retried 10 times in a row and if that
fails, we probably should (default) to panicking the system
as that indicates a really broken CPU.

rdseed is much less obvious, but i think our use-case should
retry rdseed itself more times before falling back to trying
rdrand, which it does on first try.

right now we only loop 8 times for both (though rdseed will
fall back to rdrand first attempt) in the cpu_earlyrng(), but
the main entry point fails after just 1 attempt.

so we need these changes IMO:

- push the 8x loop into cpu_rng_rdrand() as a 10x loop,
  removing it from cpu_earlyrng()

- add some loop to cpu_rng_rdseed().  [1] has some advice
  about this, but i'm not familiar with the context that
  cpu_rng() is called with -- perhaps we can just spin loop
  since it is an infrequent operation and will eventually
  win some data.

- possibly consider hard-fail if these are broken.


.mrg.

[1] https://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide#inpage-nav-6-10