Add ability to weaken `CautiousRng` (for deterministic shadow simulations)

arti's CautiousRng uses the RDRAND instruction to obtain entropy. This isn't currently handled by shadow (https://github.com/shadow/shadow/issues/1561), leading to nondeterminism in shadow simulations (https://github.com/shadow/shadow/issues/3610). We could potentially extend shadow to trap and emulate the CPUID instruction to fake that the RDRAND instruction isn't available, but this won't work on some CPUs and kernel versions (particularly AMD); see https://github.com/shadow/shadow/issues/1561.

CautiousRng also uses the timing-based JitterRng. That's probably already deterministic under shadow, since it intercepts most time sources and makes them deterministic, but we should verify.

It'd be nice if we could disable one or both of these mechanisms for testing purposes. Some possibilities are:

a compile-time option
a config file option
an environment variable

A compile-time option probably makes it the hardest to accidentally or maliciously weaken the RNG in production usage, but means that we wouldn't be able to have deterministic shadow simulations on production arti binaries; only "test" builds.

A config file option seems reasonable from a usability perspective; it'd be together with the rest of arti's config and can be made clear that it's not a good option for production usage. Maybe even put it in a new "testing" section (though maybe there could be reason to disable it in production too?). This takes a fair bit of plumbing from the config to the llcrypto code though, and would need to handle runtime config updates.

An env var is easier to implement, but a bit more "subtle" from a usability perspective; it'd be adding another place to look for "configuration" that affects how arti is running.

Add ability to weaken CautiousRng (for deterministic shadow simulations)

Add ability to weaken `CautiousRng` (for deterministic shadow simulations)