OpenWRT One: hardware RNG?

On the OpenWRT One I see that /dev/hwrng exists. But when I installed rng-tools and tried to start rngd I got:

Thu Dec 25 09:48:35 2025 daemon.err rngd[19740]: Initializing available sources
Thu Dec 25 09:48:35 2025 daemon.err rngd[19740]: [hwrng ]: Initialization Failed
Thu Dec 25 09:48:35 2025 daemon.err rngd[19740]: [rndr  ]: No HW SUPPORT
Thu Dec 25 09:48:35 2025 daemon.err rngd[19740]: [rndr  ]: Initialization Failed
Thu Dec 25 09:48:35 2025 daemon.err rngd[19740]: Can't open any entropy source
Thu Dec 25 09:48:35 2025 daemon.err rngd[19740]: Maybe RNG device modules are not loaded

I hasten to add that I did change /etc/config/system as follows:

root@OpenWrt:~# uci set system.@rngd[0].device='/dev/hwrng'
root@OpenWrt:~# uci set system.@rngd[0].enabled=1
root@OpenWrt:~# uci commit
root@OpenWrt:~# service rngd restart

So, does the One actually have a hwrng or not?

--
Ian

https://one.openwrt.org/hardware/ has schematics and datasheets, which will have the definitive answer to your question.

Q: "Does existence of the /dev/hwrng device node necessarily mean an hardware rng is present?"
A: No. It only means the base module for hardware rngs is loaded or built into the kernel. An actual hardware RNG driver needs to be loaded for a physically present hardware rng for it to do what you are looking for.

Filogic crypto accelerator driver does not include RNG function (does not seem to be implemented in other driver for same hw, thus concluding no hwrng is there)
REF https://man.freebsd.org/cgi/man.cgi?query=safexcel
REF2: https://www.rambus.com/security/protocol-engines/protocol-ip-93/

MT7981 has a separate IP core for RNG. It is available through SMCCC.
REF https://github.com/openwrt/openwrt/commit/9cfbd691e911a40357ab848f8e902551de32738e

I see - so I can look forward to rngd working on the One with 25.10 ?

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.