From owner-freebsd-current@freebsd.org Wed May 8 16:35:12 2019 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4BD73158CF60 for ; Wed, 8 May 2019 16:35:12 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: from mail-it1-f174.google.com (mail-it1-f174.google.com [209.85.166.174]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 68B4F848D6 for ; Wed, 8 May 2019 16:35:11 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: by mail-it1-f174.google.com with SMTP id m186so4940210itd.4 for ; Wed, 08 May 2019 09:35:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=bXPs46TvdznQTl+eheWFO0nEPkRYerB2H5pCPqqnBpI=; b=Kzh3ZuV3PuRntQRuotijOL38Ub2bUlA0+3ucgbgsdWP1yRMqNcbjdqAk7btSub8efs rgxz8dBI6wqUVnrsuK6jCwCu6iDDBiuc3QM+2ZU4KOKN8DAVdXqjNczSs0L5Keau/cBN /PMw8Kv95V+Ys0cISw5L4nTe/p8wZBmAbVARpRKiyr6D5kFEPPSxrJpjetctC61qvYjU hJlEdsK7JCzw69JvXb9XQddeVbnBmZ0guyeOyrmU/755QHDiU0DellUIoDNzQaO8xaJw WtjQ9TiDZKRcYrUZn9SfPGrRyMSFSYow4g5ZEmz0dUQcRKHahdEK05qo0BT0DUttcZnV neeQ== X-Gm-Message-State: APjAAAVyJawkYxcZDscShIvSQNg7Pybb/MwHUCpCwo4cG0V6AI4FCdv+ hhAWYHCuselVOb3SD+9eCaSQfRyj X-Google-Smtp-Source: APXvYqxB8pnE6kdSgWNhD2VpACPdtp26KFVt6RYPcsyazT1d1HK/P85zcWz+Q7p7ewQNyhzQX7uGXw== X-Received: by 2002:a24:2e4f:: with SMTP id i76mr4162958ita.171.1557333304158; Wed, 08 May 2019 09:35:04 -0700 (PDT) Received: from mail-it1-f172.google.com (mail-it1-f172.google.com. [209.85.166.172]) by smtp.gmail.com with ESMTPSA id m25sm1340520iti.24.2019.05.08.09.35.03 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 May 2019 09:35:03 -0700 (PDT) Received: by mail-it1-f172.google.com with SMTP id o190so4972795itc.1 for ; Wed, 08 May 2019 09:35:03 -0700 (PDT) X-Received: by 2002:a05:660c:10:: with SMTP id q16mr4387486itj.149.1557333303539; Wed, 08 May 2019 09:35:03 -0700 (PDT) MIME-Version: 1.0 References: <2c1eceb4-08a5-b633-2ce2-c711610db1cb@yandex.ru> In-Reply-To: <2c1eceb4-08a5-b633-2ce2-c711610db1cb@yandex.ru> Reply-To: cem@freebsd.org From: Conrad Meyer Date: Wed, 8 May 2019 09:34:52 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' returned no entropy. To: "Andrey V. Elsukov" Cc: freebsd-current X-Rspamd-Queue-Id: 68B4F848D6 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of csecem@gmail.com designates 209.85.166.174 as permitted sender) smtp.mailfrom=csecem@gmail.com X-Spamd-Result: default: False [-5.77 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[cem@freebsd.org]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; REPLYTO_ADDR_EQ_FROM(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.94)[-0.941,0]; FREEMAIL_TO(0.00)[yandex.ru]; FORGED_SENDER(0.30)[cem@freebsd.org,csecem@gmail.com]; IP_SCORE(-2.82)[ip: (-8.05), ipnet: 209.85.128.0/17(-3.73), asn: 15169(-2.25), country: US(-0.06)]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; TAGGED_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_NEQ_ENVFROM(0.00)[cem@freebsd.org,csecem@gmail.com]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; MIME_TRACE(0.00)[0:+,1:+]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[174.166.85.209.list.dnswl.org : 127.0.5.0]; RCVD_TLS_LAST(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 May 2019 16:35:12 -0000 Sorry about that. Please update to r347329. Thanks, Conrad On Wed, May 8, 2019 at 9:16 AM Andrey V. Elsukov wrote: > Hi, > > today I updated one of my test machines and discovered that message from > the subject periodically printed in the console. > > FreeBSD 13.0-CURRENT r347327=4f47587(svn_head) GENERIC-NODEBUG amd64 > FreeBSD clang version 8.0.0 (tags/RELEASE_800/final 356365) (based on > LLVM 8.0.0) > VT(vga): resolution 640x480 > CPU: Intel(R) Xeon(R) CPU E5-2660 v4@ 2.00GHz (2000.04-MHz K8-class CPU) > ... > real memory = 68719476736 (65536 MB) > avail memory = 66722340864 (63631 MB) > Event timer "LAPIC" quality 600 > ACPI APIC Table: > FreeBSD/SMP: Multiprocessor System Detected: 28 CPUs > FreeBSD/SMP: 2 package(s) x 14 core(s) > ... > > % grep -c random /var/run/dmesg.boot > 606 > > % grep random /var/run/dmesg.boot | head -10 > __stack_chk_init: WARNING: Initializing stack protection with non-random > cookies! > random: entropy device external interface > random: registering fast source Intel Secure Key RNG > random: fast provider: "Intel Secure Key RNG" > arc4random: WARNING: initial seeding bypassed the cryptographic random > device because it was not yet seeded and the knob > 'bypass_before_seeding' was enabled. > random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' > returned no entropy. > random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' > returned no entropy. > random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' > returned no entropy. > random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' > returned no entropy. > random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' > returned no entropy. > > % sysctl -a | grep -v random_sources_feed | grep rand > kern.fallback_elf_brand: -1 > device random > device rdrand_rng > kern.randompid: 0 > kern.elf32.fallback_brand: -1 > kern.elf64.fallback_brand: -1 > kern.random.fortuna.minpoolsize: 64 > kern.random.harvest.mask_symbolic: > > PURE_RDRAND,[UMA],[FS_ATIME],SWI,INTERRUPT,NET_NG,[NET_ETHER],NET_TUN,MOUSE,KEYBOARD,ATTACH,CACHED > kern.random.harvest.mask_bin: 000000010000000111011111 > kern.random.harvest.mask: 66015 > kern.random.use_chacha20_cipher: 0 > kern.random.block_seeded_status: 0 > kern.random.random_sources: 'Intel Secure Key RNG' > kern.random.initial_seeding.disable_bypass_warnings: 0 > kern.random.initial_seeding.arc4random_bypassed_before_seeding: 1 > kern.random.initial_seeding.read_random_bypassed_before_seeding: 0 > kern.random.initial_seeding.bypass_before_seeding: 1 > net.inet.ip.portrange.randomtime: 45 > net.inet.ip.portrange.randomcps: 10 > net.inet.ip.portrange.randomized: 1 > net.inet.ip.random_id_total: 0 > net.inet.ip.random_id_collisions: 0 > net.inet.ip.random_id_period: 0 > net.inet.ip.random_id: 0 > net.key.int_random: 60 > debug.fail_point.status_fill_kinfo_vnode__random_path: off > debug.fail_point.fill_kinfo_vnode__random_path: off > debug.fail_point.status_random_fortuna_pre_read: off > debug.fail_point.random_fortuna_pre_read: off > security.stack_protect.permit_nonrandom_cookies: 1 > > -- > WBR, Andrey V. Elsukov > >