From owner-svn-src-all@freebsd.org  Tue Apr 16 17:47:54 2019
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 319C61578E5F
 for <svn-src-all@mailman.ysv.freebsd.org>;
 Tue, 16 Apr 2019 17:47:54 +0000 (UTC) (envelope-from ian@freebsd.org)
Received: from outbound1.eu.mailhop.org (outbound1.eu.mailhop.org
 [52.28.251.132])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 96B0A6FF95
 for <svn-src-all@freebsd.org>; Tue, 16 Apr 2019 17:47:53 +0000 (UTC)
 (envelope-from ian@freebsd.org)
ARC-Seal: i=1; a=rsa-sha256; t=1555436870; cv=none;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 b=OxqwVH4usXF2XJRn19drMusB2G97FBOczk3qkF1b5F+9WimQg5fOtk1qKfWcmlVQzO7OOLFQtQ4UP
 DP9DVdIEDuBB34RjRgQNRYrfsjUmuE6S/Yyde3/dkkonZa5k8XqLleILCE2+epZUsuKsd4Hqno5GwO
 xRJLEM8mMXX/Iuw3/wgwTNrIwpTxAhxxFOSVah8nAiEYf2jpevBAFh9PSCp+uQ8ZQMxIJK6Jo1ICdZ
 iUgl91/O6wPT95atYbxCmkIERuFVS4d/xDpXGvzRO4MVYoE5otUYaxyedGZEyt79otZ4EzqXwSyWFZ
 gSU8V+DBxkr7rt+dsChzM/qToLwE5oA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 h=content-transfer-encoding:mime-version:content-type:references:in-reply-to:
 date:cc:to:from:subject:message-id:dkim-signature:from;
 bh=UDDuVMnJpcid1uDWmWisJHMRzVrfVzcw3+OtKIXYSkQ=;
 b=nTKC5gll5+teIOxnfJ5Tl361zgJwzkv6l3NPNbSOAbZgIHcw3CrB7BU1x0QOvnkXwwb/W0yYnYcib
 NolwdZSSG4/DFab3iOQVw25hIDTqKL5ehiNvZGvUxgFIcIWwHdSWrizYW0XU2MbwVamBYlqRULGbr1
 4J9W1njdAJEnF4VKu4ZoNg40KGX9AAgNP1Z+YZLIVokDvFcqJqk7xXtE0m0zV+3gRAFbB73P6sV8Mr
 xwmB0ax85l/2r35RzqqZFUVD3STl5nYS3txjGUDV1isoL5d+A9H2wMiChh6glzFixKgXwWyB37NVLH
 SNXsqqxk4gGqrnTnpWQGLJmtSfXQG+w==
ARC-Authentication-Results: i=1; outbound3.eu.mailhop.org;
 spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60;
 dmarc=none header.from=freebsd.org;
 arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=outbound.mailhop.org; s=dkim-high;
 h=content-transfer-encoding:mime-version:content-type:references:in-reply-to:
 date:cc:to:from:subject:message-id:from;
 bh=UDDuVMnJpcid1uDWmWisJHMRzVrfVzcw3+OtKIXYSkQ=;
 b=CWi4PMhsg29fXsT5HHW/sQ5QqsGz0JZcFivevBxgsm0mzWcR2loIZYelBo8zylYZjpHxEaCvs7fa/
 WAe4riAysceBMZ6qLndNmfWWtVb3QVnAi0haZAVS79siuTT6mFWWXQDbEdTHbMp5RhFDWXS1dkFcTW
 w128+twsIlR1eW+rEiY6Cot59+sPJKiaGuqyPRTgOiDDqL+xKm51UBRruQrTpHeVSTMKZ7RdGcWvDW
 OzaBr0w2p8H6YZsXZG1lFkqeYRoFNHgc5z3IyJbpd0dAF2Q4CLY+sWQqDtzf97dhyY2vxlpRs4lTko
 VepffHKkOAK+w7pJ8ek8Fgd2urUk4cw==
X-MHO-RoutePath: aGlwcGll
X-MHO-User: bd7c0d4a-606f-11e9-908b-352056dbf2de
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 67.177.211.60
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from ilsoft.org (unknown [67.177.211.60])
 by outbound3.eu.mailhop.org (Halon) with ESMTPSA
 id bd7c0d4a-606f-11e9-908b-352056dbf2de;
 Tue, 16 Apr 2019 17:47:46 +0000 (UTC)
Received: from rev (rev [172.22.42.240])
 by ilsoft.org (8.15.2/8.15.2) with ESMTP id x3GHlisQ043599;
 Tue, 16 Apr 2019 11:47:44 -0600 (MDT) (envelope-from ian@freebsd.org)
Message-ID: <0aedf8b8c91c2f9f76249c0a13e971fbb9aac16a.camel@freebsd.org>
Subject: Re: svn commit: r346250 - in head: share/man/man4 share/man/man9
 sys/dev/random sys/kern sys/libkern sys/sys
From: Ian Lepore <ian@freebsd.org>
To: cem@freebsd.org, Warner Losh <imp@bsdimp.com>
Cc: src-committers <src-committers@freebsd.org>, svn-src-all
 <svn-src-all@freebsd.org>, svn-src-head <svn-src-head@freebsd.org>
Date: Tue, 16 Apr 2019 11:47:44 -0600
In-Reply-To: <CAG6CVpW2RSBGVZFZota4j4nDDVzKUzOKXhaJtFNO9xx1js6NrA@mail.gmail.com>
References: <201904151840.x3FIeaEQ009242@repo.freebsd.org>
 <CAPyFy2D9NQQKwVx5MhCfasQ82x7C9s6mj5kXuDE1oogrQeoJ5A@mail.gmail.com>
 <CAHSQbTAfwYcLenBxg4ZB13P03S+TYEM1-xy3BYsSWJ49hBWLZA@mail.gmail.com>
 <CAG6CVpXwOhSpmCT1SShvEOZAdjbQSk5xSzk+Lk8c5fMpnhSKQw@mail.gmail.com>
 <CAG6CVpUqy75_iEU-OwC21LOQFrXTO7rMz3B4iHi7GBTfsqK_5w@mail.gmail.com>
 <20190416150352.c604a280368ccb2992a861e8@bidouilliste.com>
 <CANCZdfqwfdPnr3HBAw6=YdPW_0yLsS4OpJMhiqFxWSM6BVJ-Zw@mail.gmail.com>
 <310a420ee0b9e12249979d89dc4fa0d4cac5a8dc.camel@freebsd.org>
 <CANCZdfrNsBMqKrnqVzTNVNwCcHj5ZYrKhjss_+p6i=rKqwYFNA@mail.gmail.com>
 <CAG6CVpW_Tjz_mPmMPForKAO3gLhES63TtdNyZcg0pTkb3z+TRw@mail.gmail.com>
 <CANCZdfqsY0RAJv7fKj9Fyb34wmxCULFCFi4Ph8s2bYPWtVP6fA@mail.gmail.com>
 <CAG6CVpW2RSBGVZFZota4j4nDDVzKUzOKXhaJtFNO9xx1js6NrA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.28.5 FreeBSD GNOME Team
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 96B0A6FF95
X-Spamd-Bar: ------
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-7.00 / 15.00];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[];
 NEURAL_HAM_SHORT(-1.00)[-0.997,0]
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Apr 2019 17:47:54 -0000

On Tue, 2019-04-16 at 09:58 -0700, Conrad Meyer wrote:
> Systems lacking both an NV store and an entropy source available
> during mi_startup (i.e., not interrupts...) cannot safely provide
> entropy in early boot.  On those systems, we must disable random
> consumption during early boot.

Or you could remember that one of the core unix philosphies is "tools,
not policy" and leave it to embedded systems developers to decide for
themselves what's "safe" or not.  Not every application needs
cryptographic strength entropy, especially for things like retrying
after a short random delay or generating a random MAC address or
whatever.

-- Ian