Rework how the random number generating device operates internally, it is now more sane and less complicated overall.

Author: sciguyryan

redox-core/src/com_bus/com_bus_io.rs

@@ -2,11 +2,11 @@ use super::device_error::DeviceResult;
 
 pub trait ComBusIO {
     /// Read a u8 value from the device.
-    fn read_u8(&self) -> DeviceResult<u8>;
+    fn read_u8(&mut self) -> DeviceResult<u8>;
     /// Read a u32 value from the device.
-    fn read_u32(&self) -> DeviceResult<u32>;
+    fn read_u32(&mut self) -> DeviceResult<u32>;
     /// Read a uf32 value from the device.
-    fn read_f32(&self) -> DeviceResult<f32>;
+    fn read_f32(&mut self) -> DeviceResult<f32>;
 
     /// Write a u8 value to the device.
     fn write_u8(&mut self, value: u8) -> DeviceResult<()>;

redox-core/src/com_bus/random_device.rs

@@ -1,38 +1,38 @@
 use rand::{rngs::OsRng, Rng, SeedableRng, TryRngCore};
 use rand_xoshiro::Xoshiro256Plus;
-use std::cell::RefCell;
 
 use super::{
     com_bus_io::ComBusIO,
     device_error::{DeviceError, DeviceResult},
 };
 
-thread_local! {
-    static PRNG: RefCell<Xoshiro256Plus> = RefCell::new(Xoshiro256Plus::from_os_rng());
-    static CRNG: RefCell<OsRng> = const { RefCell::new(OsRng) };
-}
-
+#[repr(u8)]
 #[derive(PartialEq, Eq)]
 enum RandomMode {
     Crypto,
-    Seeded,
-    Standard,
+    Pseudorandom,
 }
 
-/// The seedable random generator chip!
+/// The random number generator device!
 pub struct RandomDevice {
     /// Has the random number generator been initialized?
     is_initialized: bool,
     /// The random generator mode currently being used.
     mode: RandomMode,
+    /// The pseudorandom number generator.
+    prng: Xoshiro256Plus,
+    /// The Cryptographically secure RNG generator.
+    crng: OsRng,
 }
 
 impl RandomDevice {
     pub fn new() -> Self {
         Self {
             // By default we initialize the random number generator using entropy.
             is_initialized: true,
-            mode: RandomMode::Standard,
+            mode: RandomMode::Crypto,
+            prng: Xoshiro256Plus::from_os_rng(),
+            crng: OsRng,
         }
     }
 }
@@ -44,57 +44,51 @@ impl Default for RandomDevice {
 }
 
 impl ComBusIO for RandomDevice {
-    fn read_u8(&self) -> DeviceResult<u8> {
+    fn read_u8(&mut self) -> DeviceResult<u8> {
         if !self.is_initialized {
             return DeviceResult::Err(DeviceError::Misconfigured);
         }
 
         Ok(match self.mode {
-            RandomMode::Crypto => CRNG.with(|r| {
+            RandomMode::Crypto => {
                 let mut arr: [u8; 1] = [0; 1];
-                r.borrow_mut()
+                self.crng
                     .try_fill_bytes(&mut arr)
-                    .expect("failed to get bytes");
+                    .expect("failed to get u8");
                 arr[0]
-            }),
-            RandomMode::Seeded => PRNG.with(|r| r.borrow_mut().random::<u8>()),
-            RandomMode::Standard => rand::rng().random::<u8>(),
+            }
+            RandomMode::Pseudorandom => self.prng.random::<u8>(),
         })
     }
 
-    fn read_u32(&self) -> DeviceResult<u32> {
+    fn read_u32(&mut self) -> DeviceResult<u32> {
         if !self.is_initialized {
             return DeviceResult::Err(DeviceError::Misconfigured);
         }
 
         Ok(match self.mode {
-            RandomMode::Crypto => CRNG.with(|r| {
-                let mut arr: [u8; 4] = [0; 4];
-                r.borrow_mut()
-                    .try_fill_bytes(&mut arr)
-                    .expect("failed to get bytes");
-                u32::from_ne_bytes(arr)
-            }),
-            RandomMode::Seeded => PRNG.with(|r| r.borrow_mut().random::<u32>()),
-            RandomMode::Standard => rand::rng().random::<u32>(),
+            RandomMode::Crypto => self.crng.try_next_u32().expect("failed to get u32"),
+            RandomMode::Pseudorandom => self.prng.random::<u32>(),
         })
     }
 
-    fn read_f32(&self) -> DeviceResult<f32> {
+    fn read_f32(&mut self) -> DeviceResult<f32> {
         if !self.is_initialized {
             return DeviceResult::Err(DeviceError::Misconfigured);
         }
 
         Ok(match self.mode {
-            RandomMode::Crypto => CRNG.with(|r| {
-                let mut arr: [u8; 4] = [0; 4];
-                r.borrow_mut()
-                    .try_fill_bytes(&mut arr)
-                    .expect("failed to get bytes");
-                f32::from_ne_bytes(arr)
-            }),
-            RandomMode::Seeded => PRNG.with(|r| r.borrow_mut().random::<f32>()),
-            RandomMode::Standard => rand::rng().random::<f32>(),
+            RandomMode::Crypto => {
+                // We want to weed out any potential infinities or NaN's,
+                // and we'll iterate until we find one.
+                let mut value = f32::INFINITY;
+                while !value.is_finite() {
+                    let v = self.crng.try_next_u32().expect("failed to get u32");
+                    value = f32::from_bits(v);
+                }
+                value
+            }
+            RandomMode::Pseudorandom => self.prng.random::<f32>(),
         })
     }
 
@@ -104,19 +98,15 @@ impl ComBusIO for RandomDevice {
         // The instruction indicating the type of random number generator to be used.
         match value {
             0 => {
-                // Standard mode - a PRNG derived from entropy.
-                PRNG.with(|r| *r.borrow_mut() = Xoshiro256Plus::from_os_rng());
-                self.mode = RandomMode::Standard;
+                // Cryptographic random mode - a cryptographically secure random number generator.
+                // This is the default.
+                self.mode = RandomMode::Crypto;
                 self.is_initialized = true;
             }
             1 => {
-                // Seeded random mode - the seed must be set via sending a u32 command after this one.
-                self.mode = RandomMode::Seeded;
-                self.is_initialized = false;
-            }
-            2 => {
-                // Cryptographic random mode - a cryptographically secure random number generator.
-                self.mode = RandomMode::Crypto;
+                // Standard mode - a PRNG derived from entropy.
+                self.prng = Xoshiro256Plus::from_os_rng();
+                self.mode = RandomMode::Pseudorandom;
                 self.is_initialized = true;
             }
             _ => {
@@ -130,8 +120,8 @@ impl ComBusIO for RandomDevice {
     fn write_u32(&mut self, value: u32) -> DeviceResult<()> {
         let mut result = DeviceResult::Ok(());
 
-        if self.mode == RandomMode::Seeded {
-            PRNG.with(|r| *r.borrow_mut() = Xoshiro256Plus::seed_from_u64(value as u64));
+        if self.mode == RandomMode::Pseudorandom {
+            self.prng = Xoshiro256Plus::seed_from_u64(value as u64);
 
             // Indicate that the PRNG has been seeded and initialized.
             self.is_initialized = true;
@@ -149,21 +139,21 @@ impl ComBusIO for RandomDevice {
 
 #[cfg(test)]
 mod tests_random_device {
-    use crate::com_bus::com_bus_io::ComBusIO;
+    use crate::com_bus::{com_bus_io::ComBusIO, random_device::RandomMode};
 
     use super::RandomDevice;
 
-    /// Test the PRNG to ensure it is non-repeating.
+    /// Test the cryptographic RNG to ensure it is non-repeating.
     #[test]
-    fn test_prng() {
-        // By default, the generator should use an entropy-seeded PRNG.
-        let device = RandomDevice::default();
+    fn test_crng() {
+        // By default, the generator should use an entropy-seeded RNG.
+        let mut device = RandomDevice::default();
         let mut sequence_1 = vec![];
         for _ in 0..1000 {
             sequence_1.push(device.read_u32().expect(""));
         }
 
-        let device = RandomDevice::default();
+        let mut device = RandomDevice::default();
         let mut sequence_2 = vec![];
         for _ in 0..1000 {
             sequence_2.push(device.read_u32().expect(""));
@@ -176,7 +166,7 @@ mod tests_random_device {
     #[test]
     fn test_seeded_prng() {
         let mut device = RandomDevice::default();
-        _ = device.write_u8(0x1);
+        _ = device.write_u8(RandomMode::Pseudorandom as u8);
         _ = device.write_u32(0xdeadbeef);
 
         let mut sequence_1 = vec![];
@@ -185,7 +175,7 @@ mod tests_random_device {
         }
 
         let mut device = RandomDevice::default();
-        _ = device.write_u8(0x1);
+        _ = device.write_u8(RandomMode::Pseudorandom as u8);
         _ = device.write_u32(0xdeadbeef);
 
         let mut sequence_2 = vec![];

redox-core/src/com_bus/test_debug_device.rs

@@ -27,23 +27,23 @@ impl Default for TestDebugDevice {
 }
 
 impl ComBusIO for TestDebugDevice {
-    fn read_u8(&self) -> DeviceResult<u8> {
+    fn read_u8(&mut self) -> DeviceResult<u8> {
         if self.should_fail[0] {
             return DeviceResult::Err(DeviceError::OperationNotSupported);
         }
 
         Ok(u8::MAX)
     }
 
-    fn read_u32(&self) -> DeviceResult<u32> {
+    fn read_u32(&mut self) -> DeviceResult<u32> {
         if self.should_fail[1] {
             return DeviceResult::Err(DeviceError::OperationNotSupported);
         }
 
         Ok(u32::MAX)
     }
 
-    fn read_f32(&self) -> DeviceResult<f32> {
+    fn read_f32(&mut self) -> DeviceResult<f32> {
         if self.should_fail[2] {
             return DeviceResult::Err(DeviceError::OperationNotSupported);
         }