Hello, On Sat, Dec 22, 2018, 08:50 Grant Grundler <[email protected] wrote:
> On Wed, Nov 28, 2018 at 1:51 AM Ivan Ivanov <[email protected]> wrote: > > > > Sorry but I think that relying on Intel RNG is a _Terrible_ idea > > regarding the security and not sure you should be pursuing it. > > What I'm pursueing is a reasonable initialization time so > wpa_supplicant can start. 555 seconds is not reasonable: > [ 555.496678] random: crng init done > [ 555.496678] random: crng init done > [ 555.496684] random: 7 urandom warning(s) missed due to ratelimiting > [ 560.265385] wlp2s0: authenticate with xx:xx:xx:xx:xx:xx > [ 560.279395] wlp2s0: send auth to xx:xx:xx:xx:xx:xx (try 1/3) > [ 560.281981] wlp2s0: authenticated > > intel-crng was proposed elsewhere as one solution to this problem but > it's clear to me now that this is not an option with the panther > chromebox. > > I don't recall seeing this with older kernels (have been running > debian on this HW since early 4.x releases) and will look at the > driver git logs. > > I was hoping someone in the Coreboot community would have some idea > why random driver isn't getting enough entropy and if coreboot isn't > advertising something that helps with the random crng initialization. > > I experimented with attaching just an optical mouse and that didn't > seem to help. > Attaching a keyboard and just hitting <shift> key did seem to help > ("crng init done" in about 10 seconds). I'm assuming the /dev/random > driver is not seeing enough actiivity otherwise. > I have observed the same behavior on Debian Sid, I would have to smash my keyboard a few times to generate enough entropy. I don't see anything similar with Arch Linux. Maybe it has to do with distro-specific packaging? I haven't checked. cheers, > grant > Best regards, Angel Pons >
-- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
