LGTM, modulo delphij's comments.

I like the direction this is going, but I'm still reading the design papers.

LGTM

I can't find anything to object to - but my epoch-fu is a bit lacking, so I'm trusting the other reviewers here.

I'm delighted with the amount of OS-interface and locking code that is removed!

This is a GREAT step forward, so I'm happy to accept it as such. The objection to #undefs is stylistic/idealistic, so you may ignore it at your pleasure.

I've been running this locally too.

No-brainer.

The whole change LGTM, but please go further and remove RANDOM_LOADABLE altogether if the consensus allows!

LGTM

*LIKE*

Shows how much I know about sysctls :-)

Please upload diff with full context.

No objection to the logic, just the user-facing wording needs to be "de-geeked" a bit! :-)

Clarifies the logic a bit. LGTM.

Very small complaints only.

LGTM otherwise.

Presuming all the testing works :-)

Still LGTM :-)

No objection from me.

None job, thanks!

Good catch!

Good move!

This is a step in a direction that I've been wanting to doo for quite some time; pin multiple output generators to processors. There is more, but I need to write it in detail first.

Looks OK to me!

I'm OK with this.

LGTM.

Against my better judgement, I kept the !DEV_RANDOM case as some folks insisted on being able to use preferred tools (ssh) even on insecure embedded hardware. I'm happy to se you fix it, if it means I don't get the flak ]:->

I'm happy with this, in principle. I defer on the kernel innards, but the general engineering looks sound.

Accept with delphi's changes.

OK. I like these diffs even better.

You need the security officer's say-so. I have a personal wavier when I do such commits myself (as I wrote the main random device), but this is non-transferrable, as far as I know.

LGTM.

Very good!

Nice work! Out for interest, why make the output generator selectable? Why not switch completely to Chacha20?

Overcome By Events.

I like this!

OK.

Looks good to me.

If it doesn't crash anything, then fine! I had stack problems at some point.

Commit r338324 closes this.

Sigh. I think I have all cem@'s review comments done now.

Rebase to top of HEAD.

Address cmem@'s review comments.

Adress some review concerns from cem@, and a few of my own while I'm here.

Fix documentation nit.

Add the "differential update" URI to the commit message.
Correct sys/conf/NOTES comment.

In D16873#359829, @jmg wrote:

@delphij this is my comment copied over from https://reviews.freebsd.org/D16866?id=47165 that was unaddressed.