[talk] FreeBSD 10.2-stable "random device not loaded"

George Rosamond george at ceetonetechnology.com
Fri Dec 18 23:16:02 EST 2015 

John Baldwin:
> On Wednesday, December 16, 2015 11:41:52 PM George Rosamond wrote:
>> Pete Wright:
>>>
>>>
>>> On 12/16/15 16:10, Pete Wright wrote:
>>>>
>>>>
>>>> On 12/16/15 15:42, John Baldwin wrote:
>>>>> On Friday, December 11, 2015 06:10:52 PM George Rosamond wrote:
>>>>>> Just updated a box to #r292122 with GENERIC, found this wildly
>>>>>> confidence-building note in the dmesg:
>>>>>>
>>>>>>   random device not loaded; using insecure entropy
>>>>>>
>>>>>> Two lines later in the dmesg it does say:
>>>>>>
>>>>>>   random: <Software, Yarrow> initialized
>>>>>>
>>>>>> I don't see anything online recently about this... except for one
>>>>>> unanswered post on freebsd-questions@ in late October.
>>>>>>
>>>>>> Thought I'd post here before I dug further...
>>>>>
>>>>> Humm, any luck on more info?  I haven't seen that on HEAD, and GENERIC
>>>>> on stable/10 includes device random so that seems odd.
>>>>>
>>>>
>>>>
>>>> i am *not* seeing this on one of my KVM instances here running HEAD r292065:
>>>>
>>>> pwright at bsd-current:/usr/src % dmesg|grep -i random
>>>> random: unblocking device.
>>>> random: entropy device external interface
>>>> random: registering fast source Intel Secure Key RNG
>>>> random: fast provider: "Intel Secure Key RNG"
>>>>
>>>>
>>>> this is a sandy bridge (E3xxx) Intel CPU on the hypervisor fwiw.
>>>
>>> strike that - freebsd detects this as a E312xx but the hypervisor is a
>>> E5-2697 v2 which is also a sandy bridge, but a different rev than the E3xxxx
>>
>> Thanks Pete and John.
>>
>> Again, here's the relevant part of the dmesg:
>>
>> random device not loaded; using insecure entropy
>> ioapic0 <Version 2.0> irqs 0-23 on motherboard
>> random: <Software, Yarrow> initialized
>>
>> Someone hit me offlist on this, and apparently it's Supermicro
>> motherboard-related.  Yes, vague, but I need to do more searching after
>> that.
> 
> Hmm, that seems like a bit of an order of operations thing where something is
> asking for random bits before device random is initialized.  I'm not sure what
> would be asking for it that early though.
> 

Yes, definitely.  What could be requesting entropy before Yarrow
initializes?

I have to look a bit more into it when I get a chance.

g

More information about the talk mailing list