On VyOS 1.2-rolling-201910180117, setting ip source-validation loose seems to have the same outcome as setting it to disable, i.e. results in rp_filter = 0.
Also related, setting firewall source-validation should perhaps configure net.ipv4.conf.default.rp_filter as opposed to net.ipv4.conf.all.rp_filter, because if one wants to disable reverse path validation only for a certain interface, but default to strict for others, at the moment it is not possible.