diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc
--- a/ObsoleteFiles.inc
+++ b/ObsoleteFiles.inc
@@ -51,6 +51,9 @@
 #   xargs -n1 | sort | uniq -d;
 # done
 
+# 20251028: Remove padlock(4)
+OLD_FILES+=share/man/man4/padlock.4
+
 # 20251028: Remove hifn(4)
 OLD_FILES+=share/man/man4/hifn.4
 
diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile
--- a/share/man/man4/Makefile
+++ b/share/man/man4/Makefile
@@ -454,7 +454,6 @@
 	ow_temp.4 \
 	owc.4 \
 	ovpn.4 \
-	${_padlock.4} \
 	p9fs.4 \
 	pass.4 \
 	pca954x.4 \
@@ -892,7 +891,6 @@
 _ntb_hw_plx.4=	ntb_hw_plx.4
 _ntb_transport.4=ntb_transport.4
 _nvram.4=	nvram.4
-_padlock.4=	padlock.4
 _pchtherm.4=	pchtherm.4
 _qat.4=		qat.4
 _qat_c2xxx.4=	qat_c2xxx.4
diff --git a/share/man/man4/aesni.4 b/share/man/man4/aesni.4
--- a/share/man/man4/aesni.4
+++ b/share/man/man4/aesni.4
@@ -84,7 +84,6 @@
 .Xr crypto 4 ,
 .Xr intro 4 ,
 .Xr ipsec 4 ,
-.Xr padlock 4 ,
 .Xr random 4 ,
 .Xr crypto 7 ,
 .Xr crypto 9
diff --git a/share/man/man4/crypto.4 b/share/man/man4/crypto.4
--- a/share/man/man4/crypto.4
+++ b/share/man/man4/crypto.4
@@ -348,7 +348,6 @@
 .Xr aesni 4 ,
 .Xr hifn 4 ,
 .Xr ipsec 4 ,
-.Xr padlock 4 ,
 .Xr safe 4 ,
 .Xr crypto 7 ,
 .Xr geli 8 ,
diff --git a/share/man/man4/padlock.4 b/share/man/man4/padlock.4
deleted file mode 100644
--- a/share/man/man4/padlock.4
+++ /dev/null
@@ -1,96 +0,0 @@
-.\" Copyright (c) 2005 Christian Brueffer
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.Dd July 29, 2020
-.Dt PADLOCK 4
-.Os
-.Sh NAME
-.Nm padlock
-.Nd "driver for the cryptographic functions and RNG in VIA C3, C7 and Eden processors"
-.Sh SYNOPSIS
-To compile this driver into the kernel,
-place the following lines in your
-kernel configuration file:
-.Bd -ragged -offset indent
-.Cd "device crypto"
-.Cd "device padlock"
-.Ed
-.Pp
-Alternatively, to load the driver as a
-module at boot time, place the following line in
-.Xr loader.conf 5 :
-.Bd -literal -offset indent
-padlock_load="YES"
-.Ed
-.Sh DESCRIPTION
-The C3 and Eden processor series from VIA include hardware acceleration for
-AES.
-The C7 series includes hardware acceleration for AES, SHA1, SHA256 and RSA.
-All of the above processor series include a hardware random number generator.
-.Pp
-The
-.Nm
-driver registers itself to accelerate AES operations and, if available, HMAC/SHA1
-and HMAC/SHA256 for
-.Xr crypto 4 .
-It also registers itself to accelerate other HMAC algorithms, although
-there is no hardware acceleration for those algorithms.
-This is only needed so
-.Nm
-can work with
-.Xr ipsec 4 .
-.Pp
-The hardware random number generator supplies data for the kernel
-.Xr random 4
-subsystem.
-.Sh SEE ALSO
-.Xr crypt 3 ,
-.Xr crypto 4 ,
-.Xr intro 4 ,
-.Xr ipsec 4 ,
-.Xr random 4 ,
-.Xr crypto 7 ,
-.Xr crypto 9
-.Sh HISTORY
-The
-.Nm
-driver first appeared in
-.Ox .
-The first
-.Fx
-release to include it was
-.Fx 6.0 .
-.Sh AUTHORS
-.An -nosplit
-The
-.Nm
-driver with AES encryption support was written by
-.An Jason Wright Aq Mt jason@OpenBSD.org .
-It was ported to
-.Fx
-and then extended to support SHA1 and SHA256
-by
-.An Pawel Jakub Dawidek Aq Mt pjd@FreeBSD.org .
-This manual page was written by
-.An Christian Brueffer Aq Mt brueffer@FreeBSD.org .
diff --git a/sys/dev/random/fenestrasX/fx_pool.c b/sys/dev/random/fenestrasX/fx_pool.c
--- a/sys/dev/random/fenestrasX/fx_pool.c
+++ b/sys/dev/random/fenestrasX/fx_pool.c
@@ -179,9 +179,6 @@
 	[RANDOM_PURE_RDSEED] = {
 		.entc_cls = &fxrng_hi_pull,
 	},
-	[RANDOM_PURE_NEHEMIAH] = {
-		.entc_cls = &fxrng_hi_pull,
-	},
 	[RANDOM_PURE_RNDTEST] = {
 		.entc_cls = &fxrng_garbage,
 	},
diff --git a/sys/dev/random/nehemiah.c b/sys/dev/random/nehemiah.c
deleted file mode 100644
--- a/sys/dev/random/nehemiah.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*-
- * Copyright (c) 2013-2015 Mark R V Murray
- * Copyright (c) 2013 David E. O'Brien <obrien@NUXI.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer
- *    in this position and unchanged.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <sys/param.h>
-#include <sys/kernel.h>
-#include <sys/conf.h>
-#include <sys/lock.h>
-#include <sys/malloc.h>
-#include <sys/module.h>
-#include <sys/random.h>
-#include <sys/systm.h>
-
-#include <machine/segments.h>
-#include <machine/pcb.h>
-#include <machine/md_var.h>
-#include <machine/specialreg.h>
-
-#include <dev/random/randomdev.h>
-
-static u_int random_nehemiah_read(void *, u_int);
-
-static const struct random_source random_nehemiah = {
-	.rs_ident = "VIA Nehemiah Padlock RNG",
-	.rs_source = RANDOM_PURE_NEHEMIAH,
-	.rs_read = random_nehemiah_read
-};
-
-/* This H/W source never stores more than 8 bytes in one go */
-/* ARGSUSED */
-static __inline size_t
-VIA_RNG_store(void *buf)
-{
-	uint32_t retval = 0;
-	uint32_t rate = 0;
-
-	__asm __volatile(
-		"movl	$0,%%edx\n\t"
-		".byte 0x0f, 0xa7, 0xc0"
-			: "=a" (retval), "+d" (rate), "+D" (buf)
-			:
-			: "memory"
-	);
-	if (rate == 0)
-		return (retval&0x1f);
-	return (0);
-}
-
-/* It is specifically allowed that buf is a multiple of sizeof(long) */
-static u_int
-random_nehemiah_read(void *buf, u_int c)
-{
-	uint8_t *b;
-	size_t count, ret;
-	uint64_t tmp;
-
-	fpu_kern_enter(curthread, NULL, FPU_KERN_NORMAL | FPU_KERN_NOCTX);
-	b = buf;
-	for (count = c; count > 0; count -= ret) {
-		ret = MIN(VIA_RNG_store(&tmp), count);
-		memcpy(b, &tmp, ret);
-		b += ret;
-	}
-	fpu_kern_leave(curthread, NULL);
-
-	return (c);
-}
-
-static int
-nehemiah_modevent(module_t mod, int type, void *unused)
-{
-	int error = 0;
-
-	switch (type) {
-	case MOD_LOAD:
-		if (via_feature_rng & VIA_HAS_RNG) {
-			random_source_register(&random_nehemiah);
-			printf("random: fast provider: \"%s\"\n", random_nehemiah.rs_ident);
-		}
-		break;
-
-	case MOD_UNLOAD:
-		if (via_feature_rng & VIA_HAS_RNG) {
-			random_source_deregister(&random_nehemiah);
-		}
-		break;
-
-	case MOD_SHUTDOWN:
-		break;
-
-	default:
-		error = EOPNOTSUPP;
-		break;
-
-	}
-
-	return (error);
-}
-
-static moduledata_t nehemiah_mod = {
-	"nehemiah",
-	nehemiah_modevent,
-	0
-};
-
-DECLARE_MODULE(nehemiah, nehemiah_mod, SI_SUB_RANDOM, SI_ORDER_FOURTH);
-MODULE_VERSION(nehemiah, 1);
-MODULE_DEPEND(nehemiah, random_harvestq, 1, 1, 1);
diff --git a/sys/dev/random/random_harvestq.c b/sys/dev/random/random_harvestq.c
--- a/sys/dev/random/random_harvestq.c
+++ b/sys/dev/random/random_harvestq.c
@@ -665,7 +665,6 @@
 	[RANDOM_PURE_GLXSB] = "PURE_GLXSB",
 	[RANDOM_PURE_RDRAND] = "PURE_RDRAND",
 	[RANDOM_PURE_RDSEED] = "PURE_RDSEED",
-	[RANDOM_PURE_NEHEMIAH] = "PURE_NEHEMIAH",
 	[RANDOM_PURE_RNDTEST] = "PURE_RNDTEST",
 	[RANDOM_PURE_VIRTIO] = "PURE_VIRTIO",
 	[RANDOM_PURE_BROADCOM] = "PURE_BROADCOM",
diff --git a/sys/i386/conf/GENERIC b/sys/i386/conf/GENERIC
--- a/sys/i386/conf/GENERIC
+++ b/sys/i386/conf/GENERIC
@@ -271,7 +271,6 @@
 device		crypto			# core crypto support
 device		aesni			# AES-NI OpenCrypto module
 device		loop			# Network loopback
-device		padlock_rng		# VIA Padlock RNG
 device		rdrand_rng		# Intel Bull Mountain RNG
 device		ether			# Ethernet support
 device		vlan			# 802.1Q VLAN support
diff --git a/sys/i386/conf/MINIMAL b/sys/i386/conf/MINIMAL
--- a/sys/i386/conf/MINIMAL
+++ b/sys/i386/conf/MINIMAL
@@ -124,7 +124,6 @@
 
 # Pseudo devices.
 device		loop			# Network loopback
-device		padlock_rng		# VIA Padlock RNG
 device		rdrand_rng		# Intel Bull Mountain RNG
 device		ether			# Ethernet support
 
diff --git a/sys/modules/Makefile b/sys/modules/Makefile
--- a/sys/modules/Makefile
+++ b/sys/modules/Makefile
@@ -310,7 +310,6 @@
 	ow \
 	p9fs \
 	${_padlock} \
-	${_padlock_rng} \
 	${_pchtherm} \
 	${_pcfclock} \
 	${_pf} \
diff --git a/sys/modules/padlock/Makefile b/sys/modules/padlock/Makefile
deleted file mode 100644
--- a/sys/modules/padlock/Makefile
+++ /dev/null
@@ -1,7 +0,0 @@
-.PATH: ${SRCTOP}/sys/crypto/via
-
-KMOD=	padlock
-SRCS=	padlock.c padlock_cipher.c padlock_hash.c
-SRCS   += device_if.h bus_if.h opt_bus.h cryptodev_if.h
-
-.include <bsd.kmod.mk>
diff --git a/sys/modules/padlock_rng/Makefile b/sys/modules/padlock_rng/Makefile
deleted file mode 100644
--- a/sys/modules/padlock_rng/Makefile
+++ /dev/null
@@ -1,9 +0,0 @@
-.PATH: ${SRCTOP}/sys/dev/random
-
-KMOD=	padlock_rng
-SRCS=	nehemiah.c
-SRCS+=	bus_if.h device_if.h
-
-CFLAGS+= -I${SRCTOP}/sys
-
-.include <bsd.kmod.mk>
diff --git a/sys/sys/random.h b/sys/sys/random.h
--- a/sys/sys/random.h
+++ b/sys/sys/random.h
@@ -93,7 +93,6 @@
 	RANDOM_PURE_GLXSB,
 	RANDOM_PURE_RDRAND,
 	RANDOM_PURE_RDSEED,
-	RANDOM_PURE_NEHEMIAH,
 	RANDOM_PURE_RNDTEST,
 	RANDOM_PURE_VIRTIO,
 	RANDOM_PURE_BROADCOM,