K 10
svn:author
V 6
obrien
K 8
svn:date
V 27
2022-02-13T07:30:41.140123Z
K 7
svn:log
V 1144
random(4): Restore availability tradeoff prior to r346250

As discussed in that commit message, it is a dangerous default.  But the
safe default causes enough pain on a variety of platforms that for now,
restore the prior default.

Some of this is self-induced pain we should/could do better about; for
example, programmatic CI systems and VM managers should introduce entropy
from the host for individual VM instances.  This is considered a future work
item.

On modern x86 and Power9 systems, this may be wholly unnecessary after
D19928 lands (even in the non-ideal case where early /boot/entropy is
unavailable), because they have fast hardware random sources available early
in boot.  But D19928 is not yet landed and we have a host of architectures
which do not provide fast random sources.

This change adds several tunables and diagnostic sysctls, documented
thoroughly in UPDATING and sys/dev/random/random_infra.c.

(cherry picked from commit 3782136ff1fc1e076c939246f199e659d950bad5)

NOTE: Enabling sys/mips/conf/PB92 'random' in 3782136ff is skipped.

Git Hash:   f591279d9c93bc2ea9cd1a447c2df11d437fbc7b
Git Author: cem@FreeBSD.org
END