* Unit of /proc/sys/kernel/random/poolsize
@ 2011-10-22 12:13 Tom Gundersen
[not found] ` <CAG-2HqXo9GqNmiSt2npnBwx+F9_03eUTcxujgt_vNmdGhX8i6A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
0 siblings, 1 reply; 4+ messages in thread
From: Tom Gundersen @ 2011-10-22 12:13 UTC (permalink / raw)
To: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w; +Cc: linux-man-u79uwXL29TY76Z2rM5mHXA
Hi,
This might not be so much a bug report, as a request for clarification.
In random(4) it is explained that /proc/sys/kernel/random/poolsize
contains the value in bits or bytes in >=2.6 and 2.4 respectively.
However, the example in the preceding paragraph assumes a 2.4 kernel
is being used, and treats the value as if it were in bytes.
I ran across this as I maintain the initscripts for Arch Linux, where
we have been (mistakenly) following the example even though we use a
3.0 kernel. Maybe it would be worthwhile to change the example into
the 2.6 interface, or at least include a word of caution?
I realise that using a value which is too large, probably does no harm
at all, but not being cryptography expert, I'd rather not take the
chance.
Cheers,
Tom
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Unit of /proc/sys/kernel/random/poolsize
[not found] ` <CAG-2HqXo9GqNmiSt2npnBwx+F9_03eUTcxujgt_vNmdGhX8i6A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
@ 2015-12-17 7:51 ` Michael Kerrisk (man-pages)
[not found] ` <5672699D.5010803-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
0 siblings, 1 reply; 4+ messages in thread
From: Michael Kerrisk (man-pages) @ 2015-12-17 7:51 UTC (permalink / raw)
To: Tom Gundersen
Cc: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w, linux-man-u79uwXL29TY76Z2rM5mHXA
Hello Tom,
On 10/22/2011 02:13 PM, Tom Gundersen wrote:
> Hi,
>
> This might not be so much a bug report, as a request for clarification.
>
> In random(4) it is explained that /proc/sys/kernel/random/poolsize
> contains the value in bits or bytes in >=2.6 and 2.4 respectively.
> However, the example in the preceding paragraph assumes a 2.4 kernel
> is being used, and treats the value as if it were in bytes.
>
> I ran across this as I maintain the initscripts for Arch Linux, where
> we have been (mistakenly) following the example even though we use a
> 3.0 kernel. Maybe it would be worthwhile to change the example into
> the 2.6 interface, or at least include a word of caution?
>
> I realise that using a value which is too large, probably does no harm
> at all, but not being cryptography expert, I'd rather not take the
> chance.
Long after the fact... I applied the patch below.
Okay?
Thanks for the report.
Cheers,
Michael
PS I am going to be in Oslo a couple of times in coming months.
Perhaps we could meet up for a beer or so.
diff --git a/man4/random.4 b/man4/random.4
index 2519981..4a32aac 100644
--- a/man4/random.4
+++ b/man4/random.4
@@ -171,7 +171,7 @@ This reduces the actual amount of noise in the entropy pool
below the estimate.
In order to counteract this effect, it helps to carry
entropy pool information across shut-downs and start-ups.
-To do this, add the following lines to an appropriate script
+To do this, add the lines to an appropriate script
which is run during the Linux system start-up sequence:
.nf
@@ -186,7 +186,8 @@ which is run during the Linux system start-up sequence:
fi
chmod 600 $random_seed
poolfile=/proc/sys/kernel/random/poolsize
- [ \-r $poolfile ] && bytes=\`cat $poolfile\` || bytes=512
+ [ \-r $poolfile ] && bits=\`cat $poolfile\` || bits=4096
+ bytes=$(expr $bits / 8)
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
.fi
@@ -201,9 +202,14 @@ run during the Linux system shutdown:
touch $random_seed
chmod 600 $random_seed
poolfile=/proc/sys/kernel/random/poolsize
- [ \-r $poolfile ] && bytes=\`cat $poolfile\` || bytes=512
+ [ \-r $poolfile ] && bits=\`cat $poolfile\` || bits=4096
+ bytes=$(expr $bits / 8)
dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
.fi
+
+In the above examples, we assume Linux 2.6.0 or later, where
+.IR /proc/sys/kernel/random/poolsize
+returns the size of the entropy pool in bits (see below).
.SS /proc Interface
The files in the directory
.I /proc/sys/kernel/random
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: Unit of /proc/sys/kernel/random/poolsize
[not found] ` <5672699D.5010803-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-12-17 20:56 ` walter harms
[not found] ` <56732173.20905-fPG8STNUNVg@public.gmane.org>
0 siblings, 1 reply; 4+ messages in thread
From: walter harms @ 2015-12-17 20:56 UTC (permalink / raw)
To: Michael Kerrisk (man-pages)
Cc: Tom Gundersen, linux-man-u79uwXL29TY76Z2rM5mHXA
Am 17.12.2015 08:51, schrieb Michael Kerrisk (man-pages):
> Hello Tom,
>
> On 10/22/2011 02:13 PM, Tom Gundersen wrote:
>> Hi,
>>
>> This might not be so much a bug report, as a request for clarification.
>>
>> In random(4) it is explained that /proc/sys/kernel/random/poolsize
>> contains the value in bits or bytes in >=2.6 and 2.4 respectively.
>> However, the example in the preceding paragraph assumes a 2.4 kernel
>> is being used, and treats the value as if it were in bytes.
>>
>> I ran across this as I maintain the initscripts for Arch Linux, where
>> we have been (mistakenly) following the example even though we use a
>> 3.0 kernel. Maybe it would be worthwhile to change the example into
>> the 2.6 interface, or at least include a word of caution?
>>
>> I realise that using a value which is too large, probably does no harm
>> at all, but not being cryptography expert, I'd rather not take the
>> chance.
>
> Long after the fact... I applied the patch below.
> Okay?
>
> Thanks for the report.
>
> Cheers,
>
> Michael
>
> PS I am going to be in Oslo a couple of times in coming months.
> Perhaps we could meet up for a beer or so.
>
> diff --git a/man4/random.4 b/man4/random.4
> index 2519981..4a32aac 100644
> --- a/man4/random.4
> +++ b/man4/random.4
> @@ -171,7 +171,7 @@ This reduces the actual amount of noise in the entropy pool
> below the estimate.
> In order to counteract this effect, it helps to carry
> entropy pool information across shut-downs and start-ups.
> -To do this, add the following lines to an appropriate script
> +To do this, add the lines to an appropriate script
> which is run during the Linux system start-up sequence:
>
> .nf
> @@ -186,7 +186,8 @@ which is run during the Linux system start-up sequence:
> fi
> chmod 600 $random_seed
> poolfile=/proc/sys/kernel/random/poolsize
> - [ \-r $poolfile ] && bytes=\`cat $poolfile\` || bytes=512
> + [ \-r $poolfile ] && bits=\`cat $poolfile\` || bits=4096
I believe it was end of the 80's when $( ) was introduced to replace \`
Since this example is for 2.6 maybe it would be useful to use it and
improve readability ?
re,
wh
> + bytes=$(expr $bits / 8)
> dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
> .fi
>
> @@ -201,9 +202,14 @@ run during the Linux system shutdown:
> touch $random_seed
> chmod 600 $random_seed
> poolfile=/proc/sys/kernel/random/poolsize
> - [ \-r $poolfile ] && bytes=\`cat $poolfile\` || bytes=512
> + [ \-r $poolfile ] && bits=\`cat $poolfile\` || bits=4096
> + bytes=$(expr $bits / 8)
> dd if=/dev/urandom of=$random_seed count=1 bs=$bytes
> .fi
> +
> +In the above examples, we assume Linux 2.6.0 or later, where
> +.IR /proc/sys/kernel/random/poolsize
> +returns the size of the entropy pool in bits (see below).
> .SS /proc Interface
> The files in the directory
> .I /proc/sys/kernel/random
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Unit of /proc/sys/kernel/random/poolsize
[not found] ` <56732173.20905-fPG8STNUNVg@public.gmane.org>
@ 2015-12-20 21:02 ` Michael Kerrisk (man-pages)
0 siblings, 0 replies; 4+ messages in thread
From: Michael Kerrisk (man-pages) @ 2015-12-20 21:02 UTC (permalink / raw)
To: wharms-fPG8STNUNVg
Cc: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w, Tom Gundersen,
linux-man-u79uwXL29TY76Z2rM5mHXA
Hello Walter,
On 12/17/2015 09:56 PM, walter harms wrote:
>
>
> Am 17.12.2015 08:51, schrieb Michael Kerrisk (man-pages):
>> Hello Tom,
>>
>> On 10/22/2011 02:13 PM, Tom Gundersen wrote:
>>> Hi,
>>>
>>> This might not be so much a bug report, as a request for clarification.
>>>
>>> In random(4) it is explained that /proc/sys/kernel/random/poolsize
>>> contains the value in bits or bytes in >=2.6 and 2.4 respectively.
>>> However, the example in the preceding paragraph assumes a 2.4 kernel
>>> is being used, and treats the value as if it were in bytes.
>>>
>>> I ran across this as I maintain the initscripts for Arch Linux, where
>>> we have been (mistakenly) following the example even though we use a
>>> 3.0 kernel. Maybe it would be worthwhile to change the example into
>>> the 2.6 interface, or at least include a word of caution?
>>>
>>> I realise that using a value which is too large, probably does no harm
>>> at all, but not being cryptography expert, I'd rather not take the
>>> chance.
>>
>> Long after the fact... I applied the patch below.
>> Okay?
>>
>> Thanks for the report.
>>
>> Cheers,
>>
>> Michael
>>
>> PS I am going to be in Oslo a couple of times in coming months.
>> Perhaps we could meet up for a beer or so.
>>
>> diff --git a/man4/random.4 b/man4/random.4
>> index 2519981..4a32aac 100644
>> --- a/man4/random.4
>> +++ b/man4/random.4
>> @@ -171,7 +171,7 @@ This reduces the actual amount of noise in the entropy pool
>> below the estimate.
>> In order to counteract this effect, it helps to carry
>> entropy pool information across shut-downs and start-ups.
>> -To do this, add the following lines to an appropriate script
>> +To do this, add the lines to an appropriate script
>> which is run during the Linux system start-up sequence:
>>
>> .nf
>> @@ -186,7 +186,8 @@ which is run during the Linux system start-up sequence:
>> fi
>> chmod 600 $random_seed
>> poolfile=/proc/sys/kernel/random/poolsize
>> - [ \-r $poolfile ] && bytes=\`cat $poolfile\` || bytes=512
>> + [ \-r $poolfile ] && bits=\`cat $poolfile\` || bits=4096
>
> I believe it was end of the 80's when $( ) was introduced to replace \`
> Since this example is for 2.6 maybe it would be useful to use it and
> improve readability ?
Yes, of course, and especially so since I use the modern syntax in the
new piece that I added. Fixed. Thanks for catching the obvious point
that I missed!
Cheers,
Michael
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-12-20 21:02 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-10-22 12:13 Unit of /proc/sys/kernel/random/poolsize Tom Gundersen
[not found] ` <CAG-2HqXo9GqNmiSt2npnBwx+F9_03eUTcxujgt_vNmdGhX8i6A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-12-17 7:51 ` Michael Kerrisk (man-pages)
[not found] ` <5672699D.5010803-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-12-17 20:56 ` walter harms
[not found] ` <56732173.20905-fPG8STNUNVg@public.gmane.org>
2015-12-20 21:02 ` Michael Kerrisk (man-pages)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).