Make `thread_rng()` available without `std`

[pitdicker]

Currently we don't have thread_rng() available without the std feature.

The primary reason is that we do not have thread-local storage available to keep the state of ThreadRng in. And a second problem is that we don't have OsRng or JitterRng available, so we have no way to seed it.

The reason to make ThreadRng available, even when the performance is sub-par, is that it makes it easier to port libraries to the no_std environment. API's do not always allow for the state of an RNG to be passed around.

A few possible solutions:

• In some cases we may not have thread-local storage available to keep the ThreadRng in.
• Using a hardware RNG, like RDRAND on x86, or other on-chip devices may be a solution.
• With WebAssembly we have a fast cryptograpic 'system' RNG, that may be a good alternative to use directly instead of our own PRNG (exposed via OsRng).
• On tiny hardware using some RNG based on differences between timers may be a good and fast.

Two problems to keep in mind:

• We now guarantee the RNG is of cryptographic quality, i.e. unpredictable. When we use some other RNG (pluggable?), can we keep similar promises?
• Wo don't want some arbitrary dependency to silently override the ThreadRng to something else.

One solution could be to let ThreadRng fall back to EntropyRng when we have no thread-local storage, meaning no std feature. Or maybe even put the fallback behind a feature flag itself.

Next EntropyRng could be changed to not only use OsRng, and JitterRng as a fallback, but to have a secondary fallback if both are not available. The secondary fallback should then somehow be pluggable, so some external generator like RDRAND can be used.

[dhardy]

Good goal.

Even without thread-local memory we have static memory, and any platform with threading support must support at least mutexes, so we could try using them; I don't know how to write portable code doing that however.

@pitdicker already suggested two options for user-selected fallbacks:

• unbound extern(C) functions for which the user must provide an implementation (which I didn't like since these functions could be defined from any lib in an application)
• putting OsRng (or EntropyRng) in its own crate, and letting users replace the crate

It would be good to have help from people experienced in no-std work on this one.

[jethrogb]

This seems like it might be a good candidate for the "global resource" treatment being discussed as part of the portability WG rust-lang-nursery/portability-wg#3

[pitdicker]

Thank you for linking that issue, that seems like just the thing to keep an eye on!

[vks]

lazy_static has some nightly-only tricks to work on no_std using spin, maybe this could be used for thread-local storage as well?

[dhardy]

That's half the problem. The other half is getting entropy to seed a PRNG.

EntropyRng is supposed to allow a user-defined source of randomness, but we haven't implemented that yet.