[talk] FreeBSD 10.2-stable "random device not loaded"

George Rosamond george at ceetonetechnology.com
Sun Dec 20 11:26:00 EST 2015


Jim B.:
> * George Rosamond <george at ceetonetechnology.com> [2015-12-18 23:16]:
>> John Baldwin:
>>> On Wednesday, December 16, 2015 11:41:52 PM George Rosamond wrote:
>>>> Pete Wright:
>>>>>
>>>>>
>>>>> On 12/16/15 16:10, Pete Wright wrote:
>>>>>>
>>>>>>
>>>>>> On 12/16/15 15:42, John Baldwin wrote:
>>>>>>> On Friday, December 11, 2015 06:10:52 PM George Rosamond wrote:
>>>>>>>> Just updated a box to #r292122 with GENERIC, found this wildly
>>>>>>>> confidence-building note in the dmesg:
>>>>>>>>
>>>>>>>>   random device not loaded; using insecure entropy
>>>>>>>>
>>>>>>>> Two lines later in the dmesg it does say:
>>>>>>>>
>>>>>>>>   random: <Software, Yarrow> initialized
>>>>>>>>
>>>>>>>> I don't see anything online recently about this... except for one
>>>>>>>> unanswered post on freebsd-questions@ in late October.
>>>>>>>>
>>>>>>>> Thought I'd post here before I dug further...
>>>>>>>
>>>>>>> Humm, any luck on more info?  I haven't seen that on HEAD, and GENERIC
>>>>>>> on stable/10 includes device random so that seems odd.
>>>>>>>
>>>>>>
>>>>>>
>>>>>> i am *not* seeing this on one of my KVM instances here running HEAD r292065:
>>>>>>
>>>>>> pwright at bsd-current:/usr/src % dmesg|grep -i random
>>>>>> random: unblocking device.
>>>>>> random: entropy device external interface
>>>>>> random: registering fast source Intel Secure Key RNG
>>>>>> random: fast provider: "Intel Secure Key RNG"
>>>>>>
>>>>>>
>>>>>> this is a sandy bridge (E3xxx) Intel CPU on the hypervisor fwiw.
>>>>>
>>>>> strike that - freebsd detects this as a E312xx but the hypervisor is a
>>>>> E5-2697 v2 which is also a sandy bridge, but a different rev than the E3xxxx
>>>>
>>>> Thanks Pete and John.
>>>>
>>>> Again, here's the relevant part of the dmesg:
>>>>
>>>> random device not loaded; using insecure entropy
>>>> ioapic0 <Version 2.0> irqs 0-23 on motherboard
>>>> random: <Software, Yarrow> initialized
>>>>
>>>> Someone hit me offlist on this, and apparently it's Supermicro
>>>> motherboard-related.  Yes, vague, but I need to do more searching after
>>>> that.
>>>
>>> Hmm, that seems like a bit of an order of operations thing where something is
>>> asking for random bits before device random is initialized.  I'm not sure what
>>> would be asking for it that early though.
>>>
>>
>> Yes, definitely.  What could be requesting entropy before Yarrow
>> initializes?
>>
>> I have to look a bit more into it when I get a chance.
>>
> 
> Try booting verbose.  The demsg will  have all the verbose info.
> 
> My 2 (Arkansas hick version)

I do that by default on all FreeBSD boxes, but good advice. :)

rc_debug="YES"
rc_info="YES"

I'll be on the box this week and give an update.

g




More information about the talk mailing list