git: 27e2afa4f27c - main - random.4: Document the kern.random.nist_healthtest_enabled tunable

The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=27e2afa4f27cda036bd81d72357cc6be98869783

commit 27e2afa4f27cda036bd81d72357cc6be98869783
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-09-08 14:45:08 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-09-08 15:21:43 +0000

    random.4: Document the kern.random.nist_healthtest_enabled tunable
    
    Reviewed by:    cem, emaste
    MFC after:      2 weeks
    Sponsored by:   Stormshield
    Sponsored by:   Klara, Inc.
    Differential Revision:  https://reviews.freebsd.org/D52231
---
 share/man/man4/random.4 | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/share/man/man4/random.4 b/share/man/man4/random.4
index 840bc0c3234b..04d46e4d32aa 100644
--- a/share/man/man4/random.4
+++ b/share/man/man4/random.4
@@ -21,7 +21,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd April 19, 2019
+.Dd August 28, 2025
 .Dt RANDOM 4
 .Os
 .Sh NAME
@@ -132,6 +132,17 @@ are listed in square brackets.
 See
 .Xr random_harvest 9
 for more on the harvesting of entropy.
+.Pp
+The
+.Va kern.random.nist_healthtest_enabled
+tunable can be used to enable the entropy source health tests outlined
+in section 4 of NIST Special Publication 800-90B.
+When enabled, all entropy sources will be subject to the repetition
+count and adaptive proportion tests described in that document.
+If one of the tests fails, the source will be disabled, i.e., all
+subsequent entropy samples from that source will be discarded.
+The implementation performs startup testing, during which entropy
+sources are discarded.
 .Sh FILES
 .Bl -tag -width ".Pa /dev/urandom"
 .It Pa /dev/random