This was just an experiment, but it might be worth sharing.
Using RdRand in userland software is risky, and not just for
tinfoil-hattish reasons:
https://www.hyperelliptic.org/tanja/vortraege/random.pdf
Intel suggests that people call it directly. As chips with RdRand become
more common, projects will probably do so more often.
The below warns when RdRand instructions are assembled, similar to
OpenBSD's warnings for unsafe stdlib functions.
A couple problems I can think of:
* It isn't rate-limited. On the other hand, I can't imagine a good
reason for a binary to contain more than a few RdRand instructions.
* It will warn when compiling kernel code, which has reason to use
RdRand.
Index: gas/config/tc-i386.c
===================================================================
RCS file: /cvs/src/gnu/usr.bin/binutils-2.17/gas/config/tc-i386.c,v
retrieving revision 1.4
diff -u -p -r1.4 tc-i386.c
--- gas/config/tc-i386.c 9 Feb 2014 22:42:27 -0000 1.4
+++ gas/config/tc-i386.c 4 Aug 2015 05:31:03 -0000
@@ -1498,6 +1498,9 @@ md_assemble (line)
if (!match_template ())
return;
+ if (strcmp(i.tm.name, "rdrand") == 0)
+ as_warn ("using %s directly is dangerous - please use system randomness
sources", i.tm.name);
+
if (intel_syntax)
{
/* Undo SYSV386_COMPAT brokenness when in Intel mode. See i386.h */
