From owner-svn-src-head@freebsd.org  Tue Apr 16 17:47:54 2019
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2CA421578E5E
 for <svn-src-head@mailman.ysv.freebsd.org>;
 Tue, 16 Apr 2019 17:47:54 +0000 (UTC) (envelope-from ian@freebsd.org)
Received: from outbound1.eu.mailhop.org (outbound1.eu.mailhop.org
 [52.28.251.132])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 96B3D6FF96
 for <svn-src-head@freebsd.org>; Tue, 16 Apr 2019 17:47:53 +0000 (UTC)
 (envelope-from ian@freebsd.org)
ARC-Seal: i=1; a=rsa-sha256; t=1555436869; cv=none;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 b=AWBklre0KwtpSl8FfU5QkhBLd0Rv+DsOTpWN8Sf0rfAT0JFYnKpdOOB4iJKXsU9gN9LGL4K5FzSFF
 sQSgbw43tbc2W6FX9SUo84VWDvEyZ07ruJ8+H30r8yCn9rPnK1rS7ELzcO6TV9Utd5y/aFzO1cGH1+
 kVneJAqySe8i1nZAKC8iDmPOPlILcXgArRoY3m5QQE8D0MmUSWakaiHrl6HO0LqYkHvJd88wAxoM/Y
 PK75m3XJmA6sxigo8uIYyzfwMz0jId39zDh3s6UireZFu+WwzFMwyLbDQ6xJuvV+sZBdo1Ia9OqItw
 t7AzlgHaLMDQcTkSu04phqBwSsepiTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 h=content-transfer-encoding:mime-version:content-type:references:in-reply-to:
 date:cc:to:from:subject:message-id:dkim-signature:from;
 bh=UDDuVMnJpcid1uDWmWisJHMRzVrfVzcw3+OtKIXYSkQ=;
 b=nTKC5gll5+teIOxnfJ5Tl361zgJwzkv6l3NPNbSOAbZgIHcw3CrB7BU1x0QOvnkXwwb/W0yYnYcib
 NolwdZSSG4/DFab3iOQVw25hIDTqKL5ehiNvZGvUxgFIcIWwHdSWrizYW0XU2MbwVamBYlqRULGbr1
 4J9W1njdAJEnF4VKu4ZoNg40KGX9AAgNP1Z+YZLIVokDvFcqJqk7xXtE0m0zV+3gRAFbB73P6sV8Mr
 xwmB0ax85l/2r35RzqqZFUVD3STl5nYS3txjGUDV1isoL5d+A9H2wMiChh6glzFixKgXwWyB37NVLH
 SNXsqqxk4gGqrnTnpWQGLJmtSfXQG+w==
ARC-Authentication-Results: i=1; outbound3.eu.mailhop.org;
 spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60;
 dmarc=none header.from=freebsd.org;
 arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=outbound.mailhop.org; s=dkim-high;
 h=content-transfer-encoding:mime-version:content-type:references:in-reply-to:
 date:cc:to:from:subject:message-id:from;
 bh=UDDuVMnJpcid1uDWmWisJHMRzVrfVzcw3+OtKIXYSkQ=;
 b=CWi4PMhsg29fXsT5HHW/sQ5QqsGz0JZcFivevBxgsm0mzWcR2loIZYelBo8zylYZjpHxEaCvs7fa/
 WAe4riAysceBMZ6qLndNmfWWtVb3QVnAi0haZAVS79siuTT6mFWWXQDbEdTHbMp5RhFDWXS1dkFcTW
 w128+twsIlR1eW+rEiY6Cot59+sPJKiaGuqyPRTgOiDDqL+xKm51UBRruQrTpHeVSTMKZ7RdGcWvDW
 OzaBr0w2p8H6YZsXZG1lFkqeYRoFNHgc5z3IyJbpd0dAF2Q4CLY+sWQqDtzf97dhyY2vxlpRs4lTko
 VepffHKkOAK+w7pJ8ek8Fgd2urUk4cw==
X-MHO-RoutePath: aGlwcGll
X-MHO-User: bd7c0d4a-606f-11e9-908b-352056dbf2de
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 67.177.211.60
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from ilsoft.org (unknown [67.177.211.60])
 by outbound3.eu.mailhop.org (Halon) with ESMTPSA
 id bd7c0d4a-606f-11e9-908b-352056dbf2de;
 Tue, 16 Apr 2019 17:47:46 +0000 (UTC)
Received: from rev (rev [172.22.42.240])
 by ilsoft.org (8.15.2/8.15.2) with ESMTP id x3GHlisQ043599;
 Tue, 16 Apr 2019 11:47:44 -0600 (MDT) (envelope-from ian@freebsd.org)
Message-ID: <0aedf8b8c91c2f9f76249c0a13e971fbb9aac16a.camel@freebsd.org>
Subject: Re: svn commit: r346250 - in head: share/man/man4 share/man/man9
 sys/dev/random sys/kern sys/libkern sys/sys
From: Ian Lepore <ian@freebsd.org>
To: cem@freebsd.org, Warner Losh <imp@bsdimp.com>
Cc: src-committers <src-committers@freebsd.org>, svn-src-all
 <svn-src-all@freebsd.org>, svn-src-head <svn-src-head@freebsd.org>
Date: Tue, 16 Apr 2019 11:47:44 -0600
In-Reply-To: <CAG6CVpW2RSBGVZFZota4j4nDDVzKUzOKXhaJtFNO9xx1js6NrA@mail.gmail.com>
References: <201904151840.x3FIeaEQ009242@repo.freebsd.org>
 <CAPyFy2D9NQQKwVx5MhCfasQ82x7C9s6mj5kXuDE1oogrQeoJ5A@mail.gmail.com>
 <CAHSQbTAfwYcLenBxg4ZB13P03S+TYEM1-xy3BYsSWJ49hBWLZA@mail.gmail.com>
 <CAG6CVpXwOhSpmCT1SShvEOZAdjbQSk5xSzk+Lk8c5fMpnhSKQw@mail.gmail.com>
 <CAG6CVpUqy75_iEU-OwC21LOQFrXTO7rMz3B4iHi7GBTfsqK_5w@mail.gmail.com>
 <20190416150352.c604a280368ccb2992a861e8@bidouilliste.com>
 <CANCZdfqwfdPnr3HBAw6=YdPW_0yLsS4OpJMhiqFxWSM6BVJ-Zw@mail.gmail.com>
 <310a420ee0b9e12249979d89dc4fa0d4cac5a8dc.camel@freebsd.org>
 <CANCZdfrNsBMqKrnqVzTNVNwCcHj5ZYrKhjss_+p6i=rKqwYFNA@mail.gmail.com>
 <CAG6CVpW_Tjz_mPmMPForKAO3gLhES63TtdNyZcg0pTkb3z+TRw@mail.gmail.com>
 <CANCZdfqsY0RAJv7fKj9Fyb34wmxCULFCFi4Ph8s2bYPWtVP6fA@mail.gmail.com>
 <CAG6CVpW2RSBGVZFZota4j4nDDVzKUzOKXhaJtFNO9xx1js6NrA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.28.5 FreeBSD GNOME Team
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 96B3D6FF96
X-Spamd-Bar: ------
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-7.00 / 15.00];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[];
 NEURAL_HAM_SHORT(-1.00)[-0.997,0]
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Apr 2019 17:47:54 -0000

On Tue, 2019-04-16 at 09:58 -0700, Conrad Meyer wrote:
> Systems lacking both an NV store and an entropy source available
> during mi_startup (i.e., not interrupts...) cannot safely provide
> entropy in early boot.  On those systems, we must disable random
> consumption during early boot.

Or you could remember that one of the core unix philosphies is "tools,
not policy" and leave it to embedded systems developers to decide for
themselves what's "safe" or not.  Not every application needs
cryptographic strength entropy, especially for things like retrying
after a short random delay or generating a random MAC address or
whatever.

-- Ian