From root@ardbeg.hausen.com  Sun Dec  3 19:08:58 2006
Return-Path: <root@ardbeg.hausen.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 0811B16A407
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  3 Dec 2006 19:08:58 +0000 (UTC)
	(envelope-from root@ardbeg.hausen.com)
Received: from ardbeg.hausen.com (ardbeg.hausen.com [217.29.34.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6973143CA8
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  3 Dec 2006 19:08:27 +0000 (GMT)
	(envelope-from root@ardbeg.hausen.com)
Received: from ardbeg.hausen.com (localhost [127.0.0.1])
	by ardbeg.hausen.com (8.13.8/8.13.8) with ESMTP id kB3J8qT8024190
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 3 Dec 2006 19:08:52 GMT
	(envelope-from root@ardbeg.hausen.com)
Received: (from root@localhost)
	by ardbeg.hausen.com (8.13.8/8.13.8/Submit) id kB3J8oYw024189;
	Sun, 3 Dec 2006 19:08:51 GMT
	(envelope-from root)
Message-Id: <200612031908.kB3J8oYw024189@ardbeg.hausen.com>
Date: Sun, 3 Dec 2006 19:08:51 GMT
From: "Patrick M. Hausen" <hausen@punkt.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Hifn 7955 on Soekris Engineering vpn1401 returning "bad randomness"?
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         106275
>Category:       kern
>Synopsis:       [hifn] Hifn 7955 on Soekris Engineering vpn1401 returning "bad randomness"?
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Dec 03 19:10:16 GMT 2006
>Closed-Date:    
>Last-Modified:  Fri Jun 19 22:24:55 UTC 2009
>Originator:     Patrick M. Hausen
>Release:        FreeBSD 6.2-RC1 i386
>Organization:
punkt.de GmbH
>Environment:
System: FreeBSD ardbeg.hausen.com 6.2-RC1 FreeBSD 6.2-RC1 #0: Thu Nov 30 22:06:40 CET 2006 root@talisker.hausen.com:/usr/obj/nanobsd.net4801/usr/src/sys/NET4801 i386

Kernel-Config:

options         FAST_IPSEC              #new IPsec (cannot define w/ IPSEC)
device          crypto                  # core crypto support
device          cryptodev               # /dev/crypto for access to h/w
device          hifn                    # Hifn 7951, 7781, etc.

Dmesg:

hifn0 mem 0xa0003000-0xa0003fff,0xa0004000-0xa0005fff,0xa0008000-0xa000ffff irq 11 at device 10.0 on pci0
hifn0: Hifn 7955, rev 0, 32KB dram, pll=0x800<pci clk, 4x mult>

>Description:

	I do have an add on crypto card in my Soekris Net4801 box.
	Despite the hardware random generator I'm getting this message
	a couple of hours (read: a couple of MB IPsec traffic) after
	every reboot.

	WARNING: pseudo-random number generator used for IPsec processing

>How-To-Repeat:

	Difficult - get your hands on the same hardware ;-)
	I'll provide any debug output necessary and possibly even
	shell access to the box.

	If you need precise IPsec and ISAKMP config, I can provide
	that as well.

	Maybe PHK has some insight. AFAIK he's using quite a bit
	of Soekris hardware.

>Fix:

	I don't have the slightest idea ;-)
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Sun Dec 3 21:12:44 UTC 2006 
State-Changed-Why:  
Hello, first of all thanks for taking the time to report this. I have 
one minor comment though: This is not a PR but a question initially, can 
you please repost this in a email to freebsd-bugs asking for assistance? 
or perhaps even freebsd-questions? both can be found on 
http://lists.freebsd.org/mailman/listinfo, this not only guarantees that 
submitted PR's are real problems, but also that you will probably be 
helped much sooner. If after discussion this seems a real problem, 
please poke me so that we can add the information to the audit-trial and 
reopen the ticket. Thanks again for using FreeBSD and taking the time to 
improve the product. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106275 
State-Changed-From-To: closed->open 
State-Changed-By: remko 
State-Changed-When: Mon Dec 4 07:48:59 UTC 2006 
State-Changed-Why:  
Reopen the PR, the submitter mentions that this PR had been filed after advise from kris@.  The hardware random generator in the hifn driver does not work as 
expected. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106275 
>Unformatted:
