[rng] Use fixed-point calculations for min-entropy quantities

We currently perform various min-entropy calculations using build-time
floating-point arithmetic.  No floating-point code ends up in the
final binary, since the results are eventually converted to integers
and asserted to be compile-time constants.

Though this mechanism is undoubtedly cute, it inhibits us from using
"-mno-sse" to prevent the use of SSE registers by the compiler.

Fix by using fixed-point arithmetic instead.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/arch/x86/include/ipxe/rtc_entropy.h

  *
  * @ret min_entropy	min-entropy of each sample
  */
-static inline __always_inline double
+static inline __always_inline min_entropy_t
 ENTROPY_INLINE ( rtc, min_entropy_per_sample ) ( void ) {
 
 	/* The min-entropy has been measured on several platforms
 	 * safety margin to allow for some potential non-independence
 	 * of samples.
 	 */
-	return 1.3;
+	return MIN_ENTROPY ( 1.3 );
 }
 
 extern uint8_t rtc_sample ( void );

src/crypto/entropy.c

 	 * where W is set at 2^(-30) (in ANS X9.82 Part 2 (October
 	 * 2011 Draft) Section 8.5.2.1.3.1).
 	 */
-	max_repetitions = ( 1 + ( 30 / min_entropy_per_sample() ) );
+	max_repetitions = ( 1 + ( MIN_ENTROPY ( 30 ) /
+				  min_entropy_per_sample() ) );
 
 	/* Round up to a whole number of repetitions.  We don't have
 	 * the ceil() function available, so do the rounding by hand.
 
 	/* Look up cutoff value in cutoff table */
 	n = ADAPTIVE_PROPORTION_WINDOW_SIZE;
-	h = min_entropy_per_sample();
+	h = ( min_entropy_per_sample() / MIN_ENTROPY_SCALE );
 	cutoff = adaptive_proportion_cutoff_lookup ( n, h );
 
 	/* Fail unless cutoff value is a build-time constant */

src/include/ipxe/efi/efi_entropy.h

  *
  * @ret min_entropy	min-entropy of each sample
  */
-static inline __always_inline double
+static inline __always_inline min_entropy_t
 ENTROPY_INLINE ( efi, min_entropy_per_sample ) ( void ) {
 
 	/* We use essentially the same mechanism as for the BIOS
 	 * RTC-based entropy source, and so assume the same
 	 * min-entropy per sample.
 	 */
-	return 1.3;
+	return MIN_ENTROPY ( 1.3 );
 }
 
 #endif /* _IPXE_EFI_ENTROPY_H */

src/include/ipxe/entropy.h

 /** An entropy sample */
 typedef uint8_t entropy_sample_t;
 
+/** An amount of min-entropy
+ *
+ * Expressed as a fixed-point quantity in order to avoid floating
+ * point calculations.
+ */
+typedef unsigned int min_entropy_t;
+
+/** Fixed-point scale for min-entropy amounts */
+#define MIN_ENTROPY_SCALE ( 1 << 16 )
+
+/**
+ * Construct a min-entropy fixed-point value
+ *
+ * @v bits		min-entropy in bits
+ * @ret min_entropy	min-entropy as a fixed-point value
+ */
+#define MIN_ENTROPY( bits ) \
+	( ( min_entropy_t ) ( (bits) * MIN_ENTROPY_SCALE ) )
+
 /* Include all architecture-independent entropy API headers */
 #include <ipxe/null_entropy.h>
 #include <ipxe/efi/efi_entropy.h>
  *
  * This must be a compile-time constant.
  */
-double min_entropy_per_sample ( void );
+min_entropy_t min_entropy_per_sample ( void );
 
 /**
  * Get noise sample
 
 	/* Sanity checks */
 	linker_assert ( ( min_entropy_per_sample() <=
-			  ( 8 * sizeof ( noise_sample_t ) ) ),
+			  MIN_ENTROPY ( 8 * sizeof ( noise_sample_t ) ) ),
 			min_entropy_per_sample_is_impossibly_high );
 	linker_assert ( ( min_entropy_bits <= ( 8 * max_len ) ),
 			entropy_buffer_too_small );
 	min_entropy_bits = ( ( min_entropy_bits + 7 ) & ~7 );
 
 	/* Calculate number of samples required to contain sufficient entropy */
-	min_samples = ( ( min_entropy_bits * 1.0 ) / min_entropy_per_sample() );
+	min_samples = ( MIN_ENTROPY ( min_entropy_bits ) /
+			min_entropy_per_sample() );
 
 	/* Round up to a whole number of samples.  We don't have the
 	 * ceil() function available, so do the rounding by hand.

src/include/ipxe/linux/linux_entropy.h

  *
  * @ret min_entropy	min-entropy of each sample
  */
-static inline __always_inline double
+static inline __always_inline min_entropy_t
 ENTROPY_INLINE ( linux, min_entropy_per_sample ) ( void ) {
 
 	/* linux_get_noise() reads a single byte from /dev/random,
 	 * entropy is available.  We therefore assume that each sample
 	 * contains exactly 8 bits of entropy.
 	 */
-	return 8.0;
+	return MIN_ENTROPY ( 8.0 );
 }
 
 #endif /* _IPXE_LINUX_ENTROPY_H */

src/include/ipxe/null_entropy.h

 	/* Do nothing */
 }
 
-static inline __always_inline double
+static inline __always_inline min_entropy_t
 ENTROPY_INLINE ( null, min_entropy_per_sample ) ( void ) {
 	/* Actual amount of min-entropy is zero.  To avoid
 	 * division-by-zero errors and to allow compilation of
 	 * entropy-consuming code, pretend to have 1 bit of entropy in
 	 * each sample.
 	 */
-	return 1.0;
+	return MIN_ENTROPY ( 1.0 );
 }
 
 static inline __always_inline int