ThingOS Rust stdlib Security Flaw: Unwired SYS_GETRANDOM Leaves HashMap Vulnerable to Hash-Flooding DoS

A critical security vulnerability exists in the Rust standard library implementation for the ThingOS target. The `SYS_GETRANDOM` system call (number `0x7001`) is present in the kernel's dispatch table but is not wired to the `std::sys::random` module. This leaves the operating system's hash map implementation defenseless against a well-known class of denial-of-service attacks.

Currently, `thingos` is placed in the stub branch of the source file `sys/random/mod.rs`, alongside other minimal targets like `xous` and `wasm-unknown`. Consequently, the function `hashmap_random_keys()` uses a fixed, compile-time seed, making its output deterministic and predictable across all processes. This predictability is the core of the flaw: any service using Rust's `HashMap` with user-controlled keys becomes a target for hash-flooding DoS attacks, where an attacker can generate a large number of keys that collide, degrading performance to catastrophic levels.

The fix is technically straightforward but carries significant security weight. It requires updating the `patches/rust/thingos-pal.patch` file to modify `sys/random/mod.rs` or add a dedicated `sys/random/thingos.rs` module. This change would properly call the existing `SYS_GETRANDOM` kernel handler to fill requests with cryptographically secure random bytes, replacing the dangerous fixed-seed stub. The presence of the unwired system call highlights a gap between kernel capability and user-space security posture that must be addressed to protect networked services and internal applications on the platform.