From a9dd280b9f283cd733dfee41fb5c2bf56d58ff66 Mon Sep 17 00:00:00 2001
From: Taylor R Campbell <riastradh@NetBSD.org>
Date: Thu, 17 Mar 2022 20:05:36 +0000
Subject: [PATCH] rc.conf(5): New entropy_timeout.

Provides max duration to wait if you set entropy=wait.  On timeout,
multi-user boot is aborted.
---
 etc/rc.d/entropy | 35 ++++++++++++++++++++++++++++++++---
 1 file changed, 32 insertions(+), 3 deletions(-)

diff --git a/etc/rc.d/entropy b/etc/rc.d/entropy
index 3c16651d00e4..6780255ae4b2 100644
--- a/etc/rc.d/entropy
+++ b/etc/rc.d/entropy
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: entropy
-# REQUIRE: random_seed rndctl
+# REQUIRE: CRITLOCALMOUNTED random_seed rndctl
 # BEFORE: ike ipsec network
 
 $_rc_subr_loaded . /etc/rc.subr
@@ -30,8 +30,37 @@ entropy_start()
 		fi
 		;;
 	wait)	echo -n "Waiting for entropy..."
-		dd if=/dev/random of=/dev/null bs=1 count=1 msgfmt=quiet
-		echo "done"
+		case ${entropy_timeout-} in
+		'')
+			dd if=/dev/random of=/dev/null bs=1 count=1 \
+				msgfmt=quiet
+			echo "done"
+			;;
+		*s|*m|*h|*d)
+			timeout -k 1s "$entropy_timeout" \
+			dd if=/dev/random of=/dev/null bs=1 count=1 \
+				msgfmt=quiet
+			case $? in
+			0)
+				echo "done"
+				;;
+			124)
+				echo "not enough entropy available," \
+					" aborting boot"
+				stop_boot
+				;;
+			*)
+				echo "failed to wait for entropy," \
+					" aborting boot"
+				stop_boot
+				;;
+			esac
+			;;
+		*)
+			echo "invalid entropy timeout: ${entropy_timeout"
+			stop_boot
+			;;
+		esac
 		;;
 	esac
 }