sys: Remove DEV_RANDOM device option

Remove 'device random' from kernel configurations that reference it (most).
Replace perhaps mistaken 'nodevice random' in two MIPS configs with 'options
RANDOM_LOADABLE' instead.  Document removal in UPDATING; update NOTES and
random.4.

Reviewed by:	delphij, markm (previous version)
Approved by:	secteam(delphij)
Differential Revision:	https://reviews.freebsd.org/D19918

UPDATING

@@ -31,6 +31,12 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW:
 	disable the most expensive debugging functionality run
 	"ln -s 'abort:false,junk:false' /etc/malloc.conf".)
 
+20190620:
+	The "device random" option has been removed.  Entropy collection and
+	the /dev/random device are no longer an optional component.
+	Implementations of distilling algorithms can still be made loadable
+	with "options RANDOM_LOADABLE" (e.g., random_fortuna.ko).
+
 20190612:
 	Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have
 	been upgraded to 8.0.1.  Please see the 20141231 entry below for

release/picobsd/bridge/PICOBSD

@@ -50,7 +50,6 @@ device		if_bridge
 # qemu, so we set HZ explicitly.
 options		HZ=1000
 
-device		random			# used by ssh
 device		pci
 
 # Floppy drives

release/picobsd/qemu/PICOBSD

@@ -56,7 +56,6 @@ device		if_bridge
 # qemu, so we set HZ explicitly.
 options		HZ=1000
 
-device		random			# used by ssh
 device		pci
 
 # Floppy drives

share/man/man4/random.4

@@ -30,7 +30,6 @@
 .Nm random
 .Nd the entropy device
 .Sh SYNOPSIS
-.Cd "device random"
 .Cd "options RANDOM_LOADABLE"
 .Cd "options RANDOM_ENABLE_ETHER"
 .Cd "options RANDOM_ENABLE_UMA"

sys/amd64/conf/GENERIC

@@ -309,7 +309,6 @@ device		wpi			# Intel 3945ABG wireless NICs.
 # Pseudo devices.
 device		crypto			# core crypto support
 device		loop			# Network loopback
-device		random			# Entropy device
 device		padlock_rng		# VIA Padlock RNG
 device		rdrand_rng		# Intel Bull Mountain RNG
 device		ether			# Ethernet support

sys/amd64/conf/MINIMAL

@@ -10,7 +10,7 @@
 #   some features (ACL, GJOURNAL) that GENERIC includes.
 # o acpi as a module has been reported flakey and not well tested, so
 #   is included in the kernel.
-# o random is included due to uncertaty...
+# o (non-loaded) random is included due to uncertainty...
 # o Many networking things are included
 #
 # For now, please run changes to these list past [email protected]
@@ -131,7 +131,6 @@ device		agp			# support several AGP chipsets
 
 # Pseudo devices.
 device		loop			# Network loopback
-device		random			# Entropy device
 device		padlock_rng		# VIA Padlock RNG
 device		rdrand_rng		# Intel Bull Mountain RNG
 device		ether			# Ethernet support

sys/arm/conf/ALPINE

@@ -41,7 +41,6 @@ device		al_udma			# Universal DMA
 
 # Pseudo devices
 device		loop
-device		random
 device		pty
 device		md
 device		gpio

sys/arm/conf/ARMADA38X

@@ -25,7 +25,6 @@ options 	SMP
 options		VM_KMEM_SIZE_MAX=0x9CCD000
 
 # Pseudo devices
-device		random
 device		pty
 device		loop
 device		md

sys/arm/conf/ARMADAXP

@@ -46,7 +46,6 @@ options 	NO_FFS_SNAPSHOT
 options 	NO_SWAPPING
 
 # Pseudo devices
-device		random
 device		pty
 device		loop
 device		md

sys/arm/conf/DB-78XXX

@@ -45,7 +45,6 @@ device		pci
 # Pseudo devices
 device		loop
 device		md
-device		random
 
 # Serial ports
 device		uart

sys/arm/conf/DB-88F5XXX

@@ -44,7 +44,6 @@ device		pci
 # Pseudo devices
 device		md
 device		loop
-device		random
 
 # Serial ports
 device		uart

sys/arm/conf/DB-88F6XXX

@@ -46,7 +46,6 @@ device		pci
 # Pseudo devices
 device		loop
 device		md
-device		random
 
 # Serial ports
 device		uart

sys/arm/conf/DOCKSTAR

@@ -68,7 +68,6 @@ device		gif			# IPv6 and IPv4 tunneling
 device		loop			# Network loopback
 device		md			# Memory/malloc disk
 device		pty			# BSD-style compatibility pseudo ttys
-device		random			# Entropy device
 device		tuntap			# Packet tunnel.
 device		ether			# Required for all ethernet devices
 device		vlan			# 802.1Q VLAN support

sys/arm/conf/DREAMPLUG-1001

@@ -71,7 +71,6 @@ device		gif			# IPv6 and IPv4 tunneling
 device		loop			# Network loopback
 device		md			# Memory/malloc disk
 device		pty			# BSD-style compatibility pseudo ttys
-device		random			# Entropy device
 device		tuntap			# Packet tunnel.
 device		ether			# Required for all ethernet devices
 device		vlan			# 802.1Q VLAN support

sys/arm/conf/EFIKA_MX

@@ -57,7 +57,6 @@ device		bpf			# Berkeley packet filter
 
 # Pseudo devices.
 device		loop			# Network loopback
-device		random			# Entropy device
 device		ether			# Ethernet support
 #device		vlan			# 802.1Q VLAN support
 #device		tuntap			# Packet tunnel.

sys/arm/conf/GENERIC

@@ -121,7 +121,6 @@ device		pl011
 device		pty
 device		snp
 device		md			# Memory "disks"
-device		random			# Entropy device
 device		firmware		# firmware assist module
 device		pl310			# PL310 L2 cache controller
 device		psci

sys/arm/conf/IMX53

@@ -44,7 +44,6 @@ device		bpf			# Berkeley packet filter
 
 # Pseudo devices.
 device		loop			# Network loopback
-device		random			# Entropy device
 device		ether			# Ethernet support
 #device		vlan			# 802.1Q VLAN support
 #device		tuntap			# Packet tunnel.

sys/arm/conf/IMX6

@@ -49,7 +49,6 @@ device		mpcore_timer
 
 # Pseudo devices.
 device		loop			# Network loopback
-device		random			# Entropy device
 device		vlan			# 802.1Q VLAN support
 device		tuntap			# Packet tunnel.
 device		md			# Memory "disks"

sys/arm/conf/RPI-B

@@ -65,7 +65,6 @@ device		iicbus
 device		bcm2835_bsc
 
 device		md
-device		random			# Entropy device
 
 # USB support
 device		usb

sys/arm/conf/RT1310

@@ -51,7 +51,6 @@ options 	WITNESS_SKIPSPIN	# Don't run witness on spinlocks for speed
 device		loop
 device		md
 device		pty
-device		random
 
 # Serial ports
 device		uart

sys/arm/conf/SHEEVAPLUG

@@ -46,7 +46,6 @@ options 	BOOTP_WIRED_TO=mge0
 
 # Pseudo devices
 device		loop
-device		random
 
 # Serial ports
 device		uart

sys/arm/conf/SOCFPGA

@@ -58,7 +58,6 @@ device		dwmmc
 # Pseudo devices
 
 device		loop
-device		random
 device		pty
 device		md
 device		gpio

sys/arm/conf/TEGRA124

@@ -43,7 +43,6 @@ device		regulator
 
 # Pseudo devices.
 device		loop			# Network loopback
-device		random			# Entropy device
 device		vlan			# 802.1Q VLAN support
 #device		tuntap			# Packet tunnel.
 device		md			# Memory "disks"

sys/arm/conf/TS7800

@@ -45,7 +45,6 @@ device		pci
 # Pseudo devices
 device		md
 device		loop
-device		random
 
 # Serial ports
 device		uart

sys/arm/conf/VERSATILEPB

@@ -66,7 +66,6 @@ options 	SC_DFLT_FONT    	# compile font in
 makeoptions	SC_DFLT_FONT=cp437
 
 device		md
-device		random			# Entropy device
 
 options 	PLATFORM
 

sys/arm/conf/VYBRID

@@ -59,7 +59,6 @@ device		sdhci			# generic sdhci
 # Pseudo devices
 
 device		loop
-device		random
 device		pty
 device		md
 device		gpio

sys/arm/conf/ZEDBOARD

@@ -48,7 +48,6 @@ device		pl310			# PL310 L2 cache controller
 device		mpcore_timer
 
 device		loop
-device		random
 device		ether
 device		cgem			# Zynq-7000 gig ethernet device
 device		mii

sys/arm64/conf/GENERIC

@@ -293,7 +293,6 @@ device		aw_cir
 # Pseudo devices.
 device		crypto		# core crypto support
 device		loop		# Network loopback
-device		random		# Entropy device
 device		ether		# Ethernet support
 device		vlan		# 802.1Q VLAN support
 device		tuntap		# Packet tunnel.

sys/conf/NOTES

@@ -1170,9 +1170,6 @@ options 	NFS_DEBUG		# Enable NFS Debugging
 #
 options 	EXT2FS
 
-# Cryptographically secure random number generator; /dev/random
-device		random
-
 # The system memory devices; /dev/mem, /dev/kmem
 device		mem
 

sys/conf/files

@@ -686,14 +686,14 @@ crypto/des/des_ecb.c		optional crypto | ipsec | ipsec_support | netsmb
 crypto/des/des_setkey.c		optional crypto | ipsec | ipsec_support | netsmb
 crypto/rc4/rc4.c		optional netgraph_mppc_encryption | kgssapi
 crypto/rijndael/rijndael-alg-fst.c optional crypto | ekcd | geom_bde | \
-	ipsec | ipsec_support | random !random_loadable | wlan_ccmp
-crypto/rijndael/rijndael-api-fst.c optional ekcd | geom_bde | random !random_loadable
+	ipsec | ipsec_support | !random_loadable | wlan_ccmp
+crypto/rijndael/rijndael-api-fst.c optional ekcd | geom_bde | !random_loadable
 crypto/rijndael/rijndael-api.c	optional crypto | ipsec | ipsec_support | \
 	wlan_ccmp
 crypto/sha1.c			optional carp | crypto | ether | ipsec | \
 	ipsec_support | netgraph_mppc_encryption | sctp
 crypto/sha2/sha256c.c		optional crypto | ekcd | geom_bde | ipsec | \
-	ipsec_support | random !random_loadable | sctp | zfs
+	ipsec_support | !random_loadable | sctp | zfs
 crypto/sha2/sha512c.c		optional crypto | geom_bde | ipsec | \
 	ipsec_support | zfs
 crypto/skein/skein.c		optional crypto | zfs
@@ -2766,11 +2766,11 @@ rt2860.fw			optional rt2860fw | ralfw		\
 	compile-with	"${NORMAL_FW}"					\
 	no-obj no-implicit-rule						\
 	clean		"rt2860.fw"
-dev/random/random_infra.c	optional random
-dev/random/random_harvestq.c	optional random
-dev/random/randomdev.c		optional random !random_loadable
-dev/random/fortuna.c		optional random !random_loadable
-dev/random/hash.c		optional random !random_loadable
+dev/random/random_infra.c	standard
+dev/random/random_harvestq.c	standard
+dev/random/randomdev.c		optional !random_loadable
+dev/random/fortuna.c		optional !random_loadable
+dev/random/hash.c		optional !random_loadable
 dev/rc/rc.c			optional rc
 dev/rccgpio/rccgpio.c		optional rccgpio gpio
 dev/re/if_re.c			optional re

sys/conf/files.arm64

@@ -87,7 +87,7 @@ arm/broadcom/bcm2835/bcm2835_ft5406.c		optional evdev bcm2835_ft5406 soc_brcm_bc
 arm/broadcom/bcm2835/bcm2835_gpio.c		optional gpio soc_brcm_bcm2837 fdt
 arm/broadcom/bcm2835/bcm2835_intr.c		optional soc_brcm_bcm2837 fdt
 arm/broadcom/bcm2835/bcm2835_mbox.c		optional soc_brcm_bcm2837 fdt
-arm/broadcom/bcm2835/bcm2835_rng.c		optional random !random_loadable soc_brcm_bcm2837 fdt
+arm/broadcom/bcm2835/bcm2835_rng.c		optional !random_loadable soc_brcm_bcm2837 fdt
 arm/broadcom/bcm2835/bcm2835_sdhci.c		optional sdhci soc_brcm_bcm2837 fdt
 arm/broadcom/bcm2835/bcm2835_sdhost.c		optional sdhci soc_brcm_bcm2837 fdt
 arm/broadcom/bcm2835/bcm2835_spi.c		optional bcm2835_spi soc_brcm_bcm2837 fdt

sys/conf/files.powerpc

@@ -62,7 +62,7 @@ dev/ofw/ofw_standard.c		optional	aim powerpc
 dev/ofw/ofw_subr.c		standard
 dev/powermac_nvram/powermac_nvram.c optional	powermac_nvram powermac
 dev/quicc/quicc_bfe_fdt.c	optional	quicc mpc85xx
-dev/random/darn.c		optional	powerpc64 random !random_loadable
+dev/random/darn.c		optional	powerpc64 !random_loadable
 dev/scc/scc_bfe_macio.c		optional	scc powermac
 dev/sdhci/fsl_sdhci.c		optional	mpc85xx sdhci
 dev/sec/sec.c			optional	sec mpc85xx

sys/conf/options

@@ -734,7 +734,6 @@ DEV_PCI			opt_pci.h
 DEV_PF			opt_pf.h
 DEV_PFLOG		opt_pf.h
 DEV_PFSYNC		opt_pf.h
-DEV_RANDOM		opt_global.h
 DEV_SPLASH		opt_splash.h
 DEV_VLAN		opt_vlan.h
 

sys/i386/conf/GENERIC

@@ -292,7 +292,6 @@ device		wpi			# Intel 3945ABG wireless NICs.
 # Pseudo devices.
 device		crypto			# core crypto support
 device		loop			# Network loopback
-device		random			# Entropy device
 device		padlock_rng		# VIA Padlock RNG
 device		rdrand_rng		# Intel Bull Mountain RNG
 device		ether			# Ethernet support

sys/i386/conf/MINIMAL

@@ -10,7 +10,7 @@
 #   some features (ACL, GJOURNAL) that GENERIC includes.
 # o acpi as a module has been reported flakey and not well tested, so
 #   is included in the kernel.
-# o random is included due to uncertaty...
+# o (non-loaded) random is included due to uncertainty...
 # o Many networking things are included
 #
 # For now, please run changes to these list past [email protected]
@@ -132,7 +132,6 @@ device		agp			# support several AGP chipsets
 
 # Pseudo devices.
 device		loop			# Network loopback
-device		random			# Entropy device
 device		padlock_rng		# VIA Padlock RNG
 device		rdrand_rng		# Intel Bull Mountain RNG
 device		ether			# Ethernet support

sys/mips/conf/BCM

@@ -82,7 +82,6 @@ device		uart
 #Base
 device		loop
 device		ether
-device 		random
 device		md
 
 #Performance

sys/mips/conf/DIR-825B1

@@ -21,7 +21,6 @@ hints		"DIR-825B1.hints"
 
 # Since the kernel image must fit inside 1024KiB, we have to build almost
 # everything as modules.
-# nodevice random
 nodevice gpio
 nodevice gpioled
 nodevice gif

sys/mips/conf/ERL

@@ -149,7 +149,6 @@ device		wlan_amrr	# AMRR transmit rate control algorithm
 
 # Pseudo devices.
 device		loop		# Network loopback
-device		random		# Entropy device
 device		ether		# Ethernet support
 device		vlan		# 802.1Q VLAN support
 device		tuntap		# Packet tunnel.

sys/mips/conf/JZ4780

@@ -68,7 +68,6 @@ device		miibus
 device		bpf
 device		md
 device		uart
-device		random
 
 device		fdt_pinctrl
 

sys/mips/conf/OCTEON1

@@ -184,7 +184,6 @@ device		ral		# Ralink Technology RT2500 wireless NICs.
 
 # Pseudo devices.
 device		loop		# Network loopback
-device		random		# Entropy device
 device		ether		# Ethernet support
 device		vlan		# 802.1Q VLAN support
 device		tuntap		# Packet tunnel.

sys/mips/conf/PB92

@@ -133,5 +133,4 @@ device		loop
 device		ether
 #device		md
 #device		bpf
-device		random
 #device		if_bridge

sys/mips/conf/PICOSTATION_M2HP

@@ -68,6 +68,3 @@ device		arswitch
 # Enable GPIO
 device         gpio
 device         gpioled
-
-# RNG
-device        random

sys/mips/conf/WZR-300HP

@@ -49,4 +49,4 @@ device		hwpmc
 # load these via modules, shrink kernel
 nodevice	if_bridge
 nodevice	bridgestp
-nodevice	random
+options		RANDOM_LOADABLE

sys/mips/conf/WZR-HPAG300H

@@ -49,4 +49,4 @@ device		hwpmc
 # load these via modules, shrink kernel
 nodevice	if_bridge
 nodevice	bridgestp
-nodevice	random
+options		RANDOM_LOADABLE