Displaying PRNG information
Read the attributes of the prandom device in sysfs.
About this task
The sysfs representation of a PRNG device is a directory: /sys/devices/virtual/misc/prandom. This sysfs directory contains a number of attributes with information about the device.
Attribute | Explanation |
---|---|
chunksize | The size, in bytes, of the random-data bytes buffer that is used to generate new random numbers. The value can be in the range 64 bytes - 64 KB. The default is 256 bytes. It is rounded up to the next 64-byte boundary and can be adjusted as a module parameter when you start the module. |
byte_counter | The number of random bytes generated since the PRNG device driver was started. You can reset this value only by removing and reloading the kernel module, or rebooting Linux (if PRNG was compiled into the kernel). This attribute is read-only. |
errorflag | SHA512 mode only: 0 if the
PRNG device driver is instantiated and running well. Any other value
indicates a problem. If there is an error indication other than 0:
|
mode | SHA512 if the PRNG device driver
runs in SHA512 mode, TDES if the PRNG device driver
runs in TDES mode. This attribute is read-only. |
reseed | SHA512 mode only: An integer, writable only by root. Write any integer to this attribute to trigger an immediate reseed of the PRNG. See Reseeding the PRNG. |
reseed_limit | SHA512 mode only: An integer, writable only by root to query or set the reseed counter limit. Valid values are in the range 10000 - 100000. The default is 100000. See Setting the reseed limit. |
strength | SHA512 mode only: A read-only integer that shows the security strength according to NIST SP800-57. Returns the integer value of 256 in SHA512 mode. |
Procedure
Issue a command of this form to read an attribute:
# cat /sys/devices/virtual/misc/prandom/<attribute>
where <attribute> is
one of the attributes of Table 1.Example
This example shows a prandom device
that is running in SHA512 mode, set to reseed after 2.56 MB:
# cat /sys/devices/virtual/misc/prandom/chunksize
256
# cat /sys/devices/virtual/misc/prandom/mode
2
# cat /sys/devices/virtual/misc/prandom/reseed_limit
10000