iPXE initializing devices - takes 30 seconds

[frr]

For the record: I've had the chance to boot iPXE on some Coffee Lake machine and the delay didn't happen. It just ran straight without pausing for breath.

Back to ATOM-based hardware:
After some further thought and observations, I've noticed that I can only see debug messages from drbg_instantiate() and drbg_uninstantiate(), but none from drbg_generate() nor drbg_reseed(). I've tried grepping drbg_generate from the whole source code of ipxe, found some relationship to hmac_drbg, but apparently no further links? Just that indirect bootstrap via struct startup_fn.

Thus, although I feel like I'm committing a horrible sin, I went on to search for the easiest way to zap that crypto thing. And the lowest hanging fruit appears to be:
in src/crypto/drbg.c::drbg_instantiate() at line 446, comment out the call to get_entropy_input() (two lines actually)
and replace by

Code:

len = min_len;
entropy_bits = entropy_bits; // muffle -Werror=unused-variable

After that, the delay during iPXE boot on an ATOM is gone. I feel bad, but apparently this "solved" the problem for my use case, and I can see no ill effects.

My hack is ugly, but it's easier for me compared to finding the precise borderline between the "dead crypto tissue"? and actually needed source code, followed by a clean surgical removal. I haven't found a config option that would do this either. I wish someone would come and set me straight in all my misguided observations and judgements.