1. Forum
  2. USENET
  3. muc.lists.freebsd.stable

  • Asymmetric crypto message on boot/dmesg

    From Charles Sprickman@spork@bway.net to muc.lists.freebsd.stable on Sat Dec 6 13:22:05 2025
    From Newsgroup: muc.lists.freebsd.stable

    Hi all,
    As someone that runs a TON of old junk in jails (including I believe a 4.11 somewhere), I've been seeing this message for ages:
    "Deprecated code (to be removed in FreeBSD 14): Asymmetric crypto features via /dev/crypto"
    This pops up during boot (jail startup) and also shows up in the dmesg buffer whenever I guess /dev/crypto is touched. A few questions:
    - can we have this message state which jail (even jail ID) is generating the message?
    - can the message include the PID of the process or really anything to identify what's triggering this?
    I feel like this would be helpful for others with old software who are avoiding 14.x.
    If not, what can I do with the system as it is to dig up what's generating this?
    I'd like to see if this is something that can be upgraded, even for the jails trapped in CVE amber, or if I'm stuck moving these into vmware of bhyve.
    Thanks,
    Charles
    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Charles Sprickman@spork@bway.net to muc.lists.freebsd.stable on Wed Apr 8 21:39:32 2026
    From Newsgroup: muc.lists.freebsd.stable

    Hello all, just re-sending this to see if anyone can provide info here.
    The last release that will still support "Asymmetric crypto features via /dev/crypto" is 13.5-RELEASE which will hit EOL on April 30th.
    Can someone familiar with this please address how we can identify which jail/process/pid/anything is triggering this? Or even narrow it down? Is it just old OpenSSL or are other applications known to use this interface? Searching through the source over on the GitHub mirror isn't even turning up any matches on the error text, so I'm kind of lost.
    Thanks,
    Charles
    On Dec 6, 2025, at 1:22rC>PM, Charles Sprickman <spork@bway.net> wrote:

    Hi all,

    As someone that runs a TON of old junk in jails (including I believe a 4.11 somewhere), I've been seeing this message for ages:

    "Deprecated code (to be removed in FreeBSD 14): Asymmetric crypto features via /dev/crypto"

    This pops up during boot (jail startup) and also shows up in the dmesg buffer whenever I guess /dev/crypto is touched. A few questions:

    - can we have this message state which jail (even jail ID) is generating the message?
    - can the message include the PID of the process or really anything to identify what's triggering this?

    I feel like this would be helpful for others with old software who are avoiding 14.x.

    If not, what can I do with the system as it is to dig up what's generating this?

    I'd like to see if this is something that can be upgraded, even for the jails trapped in CVE amber, or if I'm stuck moving these into vmware of bhyve.

    Thanks,

    Charles


    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21f-Linux NewsLink 1.2
  • From Alan Somers@asomers@freebsd.org to muc.lists.freebsd.stable on Wed Apr 8 19:56:28 2026
    From Newsgroup: muc.lists.freebsd.stable

    You could try using dtrace. Something like:
    dtrace -i 'fbt:kernel:kvprintf:entry {stack();}'
    And leave that running while you run whatever triggers the bug.
    That's what I would do.
    On Wed, Apr 8, 2026 at 7:40rC>PM Charles Sprickman <spork@bway.net> wrote:

    Hello all, just re-sending this to see if anyone can provide info here.

    The last release that will still support "Asymmetric crypto features via /dev/crypto" is 13.5-RELEASE which will hit EOL on April 30th.

    Can someone familiar with this please address how we can identify which jail/process/pid/anything is triggering this? Or even narrow it down? Is it just old OpenSSL or are other applications known to use this interface? Searching through the source over on the GitHub mirror isn't even turning up any matches on the error text, so I'm kind of lost.

    Thanks,

    Charles

    On Dec 6, 2025, at 1:22rC>PM, Charles Sprickman <spork@bway.net> wrote:

    Hi all,

    As someone that runs a TON of old junk in jails (including I believe a 4.11 somewhere), I've been seeing this message for ages:

    "Deprecated code (to be removed in FreeBSD 14): Asymmetric crypto features via /dev/crypto"

    This pops up during boot (jail startup) and also shows up in the dmesg buffer whenever I guess /dev/crypto is touched. A few questions:

    - can we have this message state which jail (even jail ID) is generating the message?
    - can the message include the PID of the process or really anything to identify what's triggering this?

    I feel like this would be helpful for others with old software who are avoiding 14.x.

    If not, what can I do with the system as it is to dig up what's generating this?

    I'd like to see if this is something that can be upgraded, even for the jails trapped in CVE amber, or if I'm stuck moving these into vmware of bhyve.

    Thanks,

    Charles




    --
    Posted automagically by a mail2news gateway at muc.de e.V.
    Please direct questions, flames, donations, etc. to news-admin@muc.de
    --- Synchronet 3.21f-Linux NewsLink 1.2