[talk] FreeBSD 10.2-stable "random device not loaded"

Jim B. jpb at jimby.name
Sat Dec 19 16:12:22 EST 2015


* George Rosamond <george at ceetonetechnology.com> [2015-12-18 23:16]:
> John Baldwin:
> > On Wednesday, December 16, 2015 11:41:52 PM George Rosamond wrote:
> >> Pete Wright:
> >>>
> >>>
> >>> On 12/16/15 16:10, Pete Wright wrote:
> >>>>
> >>>>
> >>>> On 12/16/15 15:42, John Baldwin wrote:
> >>>>> On Friday, December 11, 2015 06:10:52 PM George Rosamond wrote:
> >>>>>> Just updated a box to #r292122 with GENERIC, found this wildly
> >>>>>> confidence-building note in the dmesg:
> >>>>>>
> >>>>>>   random device not loaded; using insecure entropy
> >>>>>>
> >>>>>> Two lines later in the dmesg it does say:
> >>>>>>
> >>>>>>   random: <Software, Yarrow> initialized
> >>>>>>
> >>>>>> I don't see anything online recently about this... except for one
> >>>>>> unanswered post on freebsd-questions@ in late October.
> >>>>>>
> >>>>>> Thought I'd post here before I dug further...
> >>>>>
> >>>>> Humm, any luck on more info?  I haven't seen that on HEAD, and GENERIC
> >>>>> on stable/10 includes device random so that seems odd.
> >>>>>
> >>>>
> >>>>
> >>>> i am *not* seeing this on one of my KVM instances here running HEAD r292065:
> >>>>
> >>>> pwright at bsd-current:/usr/src % dmesg|grep -i random
> >>>> random: unblocking device.
> >>>> random: entropy device external interface
> >>>> random: registering fast source Intel Secure Key RNG
> >>>> random: fast provider: "Intel Secure Key RNG"
> >>>>
> >>>>
> >>>> this is a sandy bridge (E3xxx) Intel CPU on the hypervisor fwiw.
> >>>
> >>> strike that - freebsd detects this as a E312xx but the hypervisor is a
> >>> E5-2697 v2 which is also a sandy bridge, but a different rev than the E3xxxx
> >>
> >> Thanks Pete and John.
> >>
> >> Again, here's the relevant part of the dmesg:
> >>
> >> random device not loaded; using insecure entropy
> >> ioapic0 <Version 2.0> irqs 0-23 on motherboard
> >> random: <Software, Yarrow> initialized
> >>
> >> Someone hit me offlist on this, and apparently it's Supermicro
> >> motherboard-related.  Yes, vague, but I need to do more searching after
> >> that.
> > 
> > Hmm, that seems like a bit of an order of operations thing where something is
> > asking for random bits before device random is initialized.  I'm not sure what
> > would be asking for it that early though.
> > 
> 
> Yes, definitely.  What could be requesting entropy before Yarrow
> initializes?
> 
> I have to look a bit more into it when I get a chance.
> 

Try booting verbose.  The demsg will  have all the verbose info.

My 2 (Arkansas hick version)

Jim B.





More information about the talk mailing list