Displaying PRNG information
Read the attributes of the prandom device in sysfs.
About this task
The sysfs representation of a PRNG device is a directory: /sys/devices/virtual/misc/prandom. This sysfs directory contains a number of attributes with information about the device.
Attribute | Explanation |
---|---|
chunksize | The size, in bytes, of the random-data bytes buffer that is used to generate new random numbers. The value can be in the range 64 bytes - 64 KB. The default is 256 bytes. It is rounded up to the next 64-byte boundary and can be adjusted as a module parameter when you start the module. |
byte_counter | The number of random bytes generated since the PRNG device driver was started. You can reset this value only by removing and reloading the kernel module, or rebooting Linux® (if PRNG was compiled into the kernel). This attribute is read-only. |
errorflag | SHA512 mode only: 0 if the PRNG device driver is instantiated
and running well. Any other value indicates a problem. If there is an error indication other than 0:
|
mode | SHA512 if the PRNG device driver runs in SHA512 mode,
TDES if the PRNG device driver runs in TDES mode. This attribute is read-only.
|
reseed | SHA512 mode only: An integer, writable only by root. Write any integer to this attribute to trigger an immediate reseed of the PRNG. See Reseeding the PRNG. |
reseed_limit | SHA512 mode only: An integer, writable only by root to query or set the reseed counter limit. Valid values are in the range 10000 - 100000. The default is 100000. See Setting the reseed limit. |
strength | SHA512 mode only: A read-only integer that shows the security strength according to NIST SP800-57. Returns the integer value of 256. |
Procedure
Issue a command of this form to read an attribute:
# cat /sys/devices/virtual/misc/prandom/<attribute>
where
<attribute> is one of the attributes of Table 1.Example
This example shows a prandom device that is running in SHA512 mode, set to
reseed after 2.56 MB:
# cat /sys/devices/virtual/misc/prandom/chunksize
256
# cat /sys/devices/virtual/misc/prandom/mode
SHA512
# cat /sys/devices/virtual/misc/prandom/reseed_limit
10000