CPUID Unique CPU or computer identifier
=========================================
This is most useful for saving user login and password on PC computer or android device
running user interface. Merging CPU id with  hard coded application key prevents snooping
login information for discarded SSD drive, etc.

This could be used to protect server's private key and other secret information. But this
has a major down side: One cannot any more copy the server and assume that it will start
working.

CPUID is not necessarily used for microcontrollers, since flash is integrated to microcontroller:
The attacker has access to both flash and microcontroller/board identification. 

Possible security improvement for servers and microcontrollers is to save additional random
key code to USB flash, etc, removable media, or on a separate device in network.
  Thus removable media or network device would be the an key required to make server or device
  part of IO network. This approach has reliability and other downsides, which most often
  outweigh the added security. Thus taking care that decommissioned server SSD drives are wiped
  or destroyed, and security reset is done on decommissioned devices.

  This function can be criticized that it has limited entropy. This is true, an educated attacker
  could guess the possible combinations and simply try them all. We may improve entropy later on
  by adding mother board serial number, NIC address, etc to this function.

  
 Merge CPU identifier to buffer with XOR:

::

    osalStatus osal_xor_cpuid(
        os_uchar *buf,
        os_memsz buf_sz);

See cpuid/linux/osal_cpuid.c, etc. for details.

210310, 21.3.2021/pekka