kern/106275: Hifn 7955 on Soekris Engineering vpn1401 returning
"bad randomness"?
Patrick M. Hausen
hausen at punkt.de
Sun Dec 3 11:10:20 PST 2006
>Number: 106275
>Category: kern
>Synopsis: Hifn 7955 on Soekris Engineering vpn1401 returning "bad randomness"?
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Dec 03 19:10:16 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Patrick M. Hausen
>Release: FreeBSD 6.2-RC1 i386
>Organization:
punkt.de GmbH
>Environment:
System: FreeBSD ardbeg.hausen.com 6.2-RC1 FreeBSD 6.2-RC1 #0: Thu Nov 30 22:06:40 CET 2006 root at talisker.hausen.com:/usr/obj/nanobsd.net4801/usr/src/sys/NET4801 i386
Kernel-Config:
options FAST_IPSEC #new IPsec (cannot define w/ IPSEC)
device crypto # core crypto support
device cryptodev # /dev/crypto for access to h/w
device hifn # Hifn 7951, 7781, etc.
Dmesg:
hifn0 mem 0xa0003000-0xa0003fff,0xa0004000-0xa0005fff,0xa0008000-0xa000ffff irq 11 at device 10.0 on pci0
hifn0: Hifn 7955, rev 0, 32KB dram, pll=0x800<pci clk, 4x mult>
>Description:
I do have an add on crypto card in my Soekris Net4801 box.
Despite the hardware random generator I'm getting this message
a couple of hours (read: a couple of MB IPsec traffic) after
every reboot.
WARNING: pseudo-random number generator used for IPsec processing
>How-To-Repeat:
Difficult - get your hands on the same hardware ;-)
I'll provide any debug output necessary and possibly even
shell access to the box.
If you need precise IPsec and ISAKMP config, I can provide
that as well.
Maybe PHK has some insight. AFAIK he's using quite a bit
of Soekris hardware.
>Fix:
I don't have the slightest idea ;-)
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list