From owner-svn-src-head@freebsd.org  Tue Sep  3 14:07:07 2019
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 16C43DD238;
 Tue,  3 Sep 2019 14:06:58 +0000 (UTC)
 (envelope-from yuripv@freebsd.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "freefall.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46N80154Rsz4Q5S;
 Tue,  3 Sep 2019 14:06:57 +0000 (UTC)
 (envelope-from yuripv@freebsd.org)
Received: by freefall.freebsd.org (Postfix, from userid 1452)
 id 593741AE3D; Tue,  3 Sep 2019 14:06:23 +0000 (UTC)
X-Original-To: yuripv@localmail.freebsd.org
Delivered-To: yuripv@localmail.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
 (Client CN "mx1.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by freefall.freebsd.org (Postfix) with ESMTPS id 015BFA1D;
 Tue, 16 Apr 2019 17:47:57 +0000 (UTC)
 (envelope-from owner-src-committers@freebsd.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2610:1c1:1:6074::16:84])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "freefall.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 43A9B6FF9E;
 Tue, 16 Apr 2019 17:47:57 +0000 (UTC)
 (envelope-from owner-src-committers@freebsd.org)
Received: by freefall.freebsd.org (Postfix, from userid 538)
 id 19D949BD; Tue, 16 Apr 2019 17:47:57 +0000 (UTC)
Delivered-To: src-committers@localmail.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
 (Client CN "mx1.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by freefall.freebsd.org (Postfix) with ESMTPS id 2D0AD9BA
 for <src-committers@localmail.freebsd.org>;
 Tue, 16 Apr 2019 17:47:54 +0000 (UTC) (envelope-from ian@freebsd.org)
Received: from outbound1.eu.mailhop.org (outbound1.eu.mailhop.org
 [52.28.251.132])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 96AA36FF93
 for <src-committers@freebsd.org>; Tue, 16 Apr 2019 17:47:53 +0000 (UTC)
 (envelope-from ian@freebsd.org)
ARC-Seal: i=1; a=rsa-sha256; t=1555436871; cv=none;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 b=Sf+y2Al3Mt4s4nAme/+LC1p7p3Bd4ZMkxoHQN+M6W1ZtE6zB+X/q1jfUfmQStW0TWqwS9dsAC4fWN
 USiLEqljZ0Zy+L1Ukv3qUMl0Sz41HitT/25DbU8HscK9HVvjFUDJ8wnaDtq5g6VM0e623pMrhogoZe
 AFxpMc0UgUVlxaeDMTDV0EsdBBnSQEvhuS2y3YyC7BL4/0SXE9obvjbocS4y/nen5UqtjB85LXi2ui
 X02MUI7sSgkEApFb4s1gd8B1wxMjOSHjtIFwd2lUnnwhBo5k5Rrwhjigo6jYU+k9LCL5aOHkHQlTkj
 GTXuE1KsdHAkVbbI4GqRd/bzT0ILkdw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 h=content-transfer-encoding:mime-version:content-type:references:in-reply-to:
 date:cc:to:from:subject:message-id:dkim-signature:from;
 bh=UDDuVMnJpcid1uDWmWisJHMRzVrfVzcw3+OtKIXYSkQ=;
 b=nTKC5gll5+teIOxnfJ5Tl361zgJwzkv6l3NPNbSOAbZgIHcw3CrB7BU1x0QOvnkXwwb/W0yYnYcib
 NolwdZSSG4/DFab3iOQVw25hIDTqKL5ehiNvZGvUxgFIcIWwHdSWrizYW0XU2MbwVamBYlqRULGbr1
 4J9W1njdAJEnF4VKu4ZoNg40KGX9AAgNP1Z+YZLIVokDvFcqJqk7xXtE0m0zV+3gRAFbB73P6sV8Mr
 xwmB0ax85l/2r35RzqqZFUVD3STl5nYS3txjGUDV1isoL5d+A9H2wMiChh6glzFixKgXwWyB37NVLH
 SNXsqqxk4gGqrnTnpWQGLJmtSfXQG+w==
ARC-Authentication-Results: i=1; outbound3.eu.mailhop.org;
 spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60;
 dmarc=none header.from=freebsd.org;
 arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=outbound.mailhop.org; s=dkim-high;
 h=content-transfer-encoding:mime-version:content-type:references:in-reply-to:
 date:cc:to:from:subject:message-id:from;
 bh=UDDuVMnJpcid1uDWmWisJHMRzVrfVzcw3+OtKIXYSkQ=;
 b=CWi4PMhsg29fXsT5HHW/sQ5QqsGz0JZcFivevBxgsm0mzWcR2loIZYelBo8zylYZjpHxEaCvs7fa/
 WAe4riAysceBMZ6qLndNmfWWtVb3QVnAi0haZAVS79siuTT6mFWWXQDbEdTHbMp5RhFDWXS1dkFcTW
 w128+twsIlR1eW+rEiY6Cot59+sPJKiaGuqyPRTgOiDDqL+xKm51UBRruQrTpHeVSTMKZ7RdGcWvDW
 OzaBr0w2p8H6YZsXZG1lFkqeYRoFNHgc5z3IyJbpd0dAF2Q4CLY+sWQqDtzf97dhyY2vxlpRs4lTko
 VepffHKkOAK+w7pJ8ek8Fgd2urUk4cw==
X-MHO-RoutePath: aGlwcGll
X-MHO-User: bd7c0d4a-606f-11e9-908b-352056dbf2de
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 67.177.211.60
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from ilsoft.org (unknown [67.177.211.60])
 by outbound3.eu.mailhop.org (Halon) with ESMTPSA
 id bd7c0d4a-606f-11e9-908b-352056dbf2de;
 Tue, 16 Apr 2019 17:47:46 +0000 (UTC)
Received: from rev (rev [172.22.42.240])
 by ilsoft.org (8.15.2/8.15.2) with ESMTP id x3GHlisQ043599;
 Tue, 16 Apr 2019 11:47:44 -0600 (MDT) (envelope-from ian@freebsd.org)
Message-ID: <0aedf8b8c91c2f9f76249c0a13e971fbb9aac16a.camel@freebsd.org>
Subject: Re: svn commit: r346250 - in head: share/man/man4 share/man/man9
 sys/dev/random sys/kern sys/libkern sys/sys
From: Ian Lepore <ian@freebsd.org>
To: cem@freebsd.org, Warner Losh <imp@bsdimp.com>
Cc: src-committers <src-committers@freebsd.org>, svn-src-all
 <svn-src-all@freebsd.org>, svn-src-head <svn-src-head@freebsd.org>
In-Reply-To: <CAG6CVpW2RSBGVZFZota4j4nDDVzKUzOKXhaJtFNO9xx1js6NrA@mail.gmail.com>
References: <201904151840.x3FIeaEQ009242@repo.freebsd.org>
 <CAPyFy2D9NQQKwVx5MhCfasQ82x7C9s6mj5kXuDE1oogrQeoJ5A@mail.gmail.com>
 <CAHSQbTAfwYcLenBxg4ZB13P03S+TYEM1-xy3BYsSWJ49hBWLZA@mail.gmail.com>
 <CAG6CVpXwOhSpmCT1SShvEOZAdjbQSk5xSzk+Lk8c5fMpnhSKQw@mail.gmail.com>
 <CAG6CVpUqy75_iEU-OwC21LOQFrXTO7rMz3B4iHi7GBTfsqK_5w@mail.gmail.com>
 <20190416150352.c604a280368ccb2992a861e8@bidouilliste.com>
 <CANCZdfqwfdPnr3HBAw6=YdPW_0yLsS4OpJMhiqFxWSM6BVJ-Zw@mail.gmail.com>
 <310a420ee0b9e12249979d89dc4fa0d4cac5a8dc.camel@freebsd.org>
 <CANCZdfrNsBMqKrnqVzTNVNwCcHj5ZYrKhjss_+p6i=rKqwYFNA@mail.gmail.com>
 <CAG6CVpW_Tjz_mPmMPForKAO3gLhES63TtdNyZcg0pTkb3z+TRw@mail.gmail.com>
 <CANCZdfqsY0RAJv7fKj9Fyb34wmxCULFCFi4Ph8s2bYPWtVP6fA@mail.gmail.com>
 <CAG6CVpW2RSBGVZFZota4j4nDDVzKUzOKXhaJtFNO9xx1js6NrA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.28.5 FreeBSD GNOME Team
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Precedence: bulk
X-Loop: FreeBSD.org
Sender: owner-src-committers@freebsd.org
X-Rspamd-Queue-Id: 43A9B6FF9E
X-Spamd-Bar: ------
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-6.99 / 15.00];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.99)[-0.994,0]; REPLY(-4.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
Status: O
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.29
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
Date: Tue, 03 Sep 2019 14:07:07 -0000
X-Original-Date: Tue, 16 Apr 2019 11:47:44 -0600
X-List-Received-Date: Tue, 03 Sep 2019 14:07:07 -0000

On Tue, 2019-04-16 at 09:58 -0700, Conrad Meyer wrote:
> Systems lacking both an NV store and an entropy source available
> during mi_startup (i.e., not interrupts...) cannot safely provide
> entropy in early boot.  On those systems, we must disable random
> consumption during early boot.

Or you could remember that one of the core unix philosphies is "tools,
not policy" and leave it to embedded systems developers to decide for
themselves what's "safe" or not.  Not every application needs
cryptographic strength entropy, especially for things like retrying
after a short random delay or generating a random MAC address or
whatever.

-- Ian