Iago attacks on CPUID

[thomasknauth]

We should revisit the security implications of relying on untrusted CPUID. For example, crypto libraries (e.g., mbedtls, wolfssl) have compilation flags to enable AESNI support, but still rely on runtime checks to execute a software fallback in case the CPU does not support the feature. An attacker could mask the availability of AESNI and force the crypto code inside the enclave to execute a software fallback with potential side-channel vulnerabilities.

We should at least document all the cases where Graphene relies on potentially untrusted input.

https://github.com/oscarlab/graphene/blob/3d1967037468fcfbcc9923b4be2804e1f857ee22/Pal/src/host/Linux-SGX/db_misc.c#L168