Re: random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' returned no entropy.

From: Ian Lepore <ian_at_freebsd.org>
Date: Wed, 08 May 2019 10:21:11 -0600
On Wed, 2019-05-08 at 19:13 +0300, Andrey V. Elsukov wrote:
> Hi,
> 
> today I updated one of my test machines and discovered that message
> from
> the subject periodically printed in the console.
> 
> FreeBSD 13.0-CURRENT r347327=4f47587(svn_head) GENERIC-NODEBUG amd64
> FreeBSD clang version 8.0.0 (tags/RELEASE_800/final 356365) (based on
> LLVM 8.0.0)
> VT(vga): resolution 640x480
> CPU: Intel(R) Xeon(R) CPU E5-2660 v4_at_ 2.00GHz (2000.04-MHz K8-class
> CPU)
> ...
> real memory  = 68719476736 (65536 MB)
> avail memory = 66722340864 (63631 MB)
> Event timer "LAPIC" quality 600
> ACPI APIC Table: <SUPERM SMCI--MB>
> FreeBSD/SMP: Multiprocessor System Detected: 28 CPUs
> FreeBSD/SMP: 2 package(s) x 14 core(s)
> ...
> 
> % grep -c random /var/run/dmesg.boot
> 606
> 
> % grep random /var/run/dmesg.boot | head -10
> __stack_chk_init: WARNING: Initializing stack protection with non-
> random
> cookies!
> random: entropy device external interface
> random: registering fast source Intel Secure Key RNG
> random: fast provider: "Intel Secure Key RNG"
> arc4random: WARNING: initial seeding bypassed the cryptographic
> random
> device because it was not yet seeded and the knob
> 'bypass_before_seeding' was enabled.
> random_sources_feed: rs_read for hardware device 'Intel Secure Key
> RNG'
> returned no entropy.
> random_sources_feed: rs_read for hardware device 'Intel Secure Key
> RNG'
> returned no entropy.
> random_sources_feed: rs_read for hardware device 'Intel Secure Key
> RNG'
> returned no entropy.
> random_sources_feed: rs_read for hardware device 'Intel Secure Key
> RNG'
> returned no entropy.
> random_sources_feed: rs_read for hardware device 'Intel Secure Key
> RNG'
> returned no entropy.
> 
> % sysctl -a | grep -v random_sources_feed | grep rand
> kern.fallback_elf_brand: -1
> device	random
> device	rdrand_rng
> kern.randompid: 0
> kern.elf32.fallback_brand: -1
> kern.elf64.fallback_brand: -1
> kern.random.fortuna.minpoolsize: 64
> kern.random.harvest.mask_symbolic:
> PURE_RDRAND,[UMA],[FS_ATIME],SWI,INTERRUPT,NET_NG,[NET_ETHER],NET_TUN
> ,MOUSE,KEYBOARD,ATTACH,CACHED
> kern.random.harvest.mask_bin: 000000010000000111011111
> kern.random.harvest.mask: 66015
> kern.random.use_chacha20_cipher: 0
> kern.random.block_seeded_status: 0
> kern.random.random_sources: 'Intel Secure Key RNG'
> kern.random.initial_seeding.disable_bypass_warnings: 0
> kern.random.initial_seeding.arc4random_bypassed_before_seeding: 1
> kern.random.initial_seeding.read_random_bypassed_before_seeding: 0
> kern.random.initial_seeding.bypass_before_seeding: 1
> net.inet.ip.portrange.randomtime: 45
> net.inet.ip.portrange.randomcps: 10
> net.inet.ip.portrange.randomized: 1
> net.inet.ip.random_id_total: 0
> net.inet.ip.random_id_collisions: 0
> net.inet.ip.random_id_period: 0
> net.inet.ip.random_id: 0
> net.key.int_random: 60
> debug.fail_point.status_fill_kinfo_vnode__random_path: off
> debug.fail_point.fill_kinfo_vnode__random_path: off
> debug.fail_point.status_random_fortuna_pre_read: off
> debug.fail_point.random_fortuna_pre_read: off
> security.stack_protect.permit_nonrandom_cookies: 1
> 

Fixed in r347329.

--Ian
Received on Wed May 08 2019 - 14:21:24 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:20 UTC