Exploring /dev/random vs. /dev/urandom and /dev/zero vs. /dev/null

In this article I will take you through the mystries behind those files. All those are very critical and important to most of the open system specifically to GNU/Linux system.So one has to have an idea how it going underneath to deal with them and utilise it proper way.

First I shall explore /dev/random vs. /dev/urandom, so here we go:

One of they key thing come into the mind to generate random rumber during the public-private key pair creation time.There will be many more instances where this files will come into play.So how do go about them?

Linux implements a purely algorithmic random number generator, accessible as /dev/random. Its results are good enough for most purposes, but there are times when true randomness is needed. To that end, the kernel attempts to harvest randomness (called “entropy”) from its environment. The timing between the keystrokes , exhibits some randomness. The same is true of, for example, the timing of disk interrupts. The lower bits of the system time stamp counter can also provide a bit of entropy. The kernel collects this entropy into a special pool of bits, and uses this entropy pool when true random numbers (obtained from /dev/random) are required. The amount of accumulated entropy is also tracked; if there is insufficient entropy in the pool to satisfy a random number request, the requesting process will block until the needed entropy arrives.

When we generate the random number we should do some intensive work to fill the entropy pool.That is do some disk I/O work,move the mouse ,punch some keystroke etc.

With /dev/random:

bhaskar@bhaskar-laptop_07:32:47_Wed Sep 15:~> sudo dd if=/dev/urandom of=/tmp/uran
Password:
654082+0 records in
654081+0 records out
334889472 bytes (335 MB) copied, 82.0738 s, 4.1 M

And now with /dev/urandom:

bhaskar@bhaskar-laptop_09:39:45_Wed Sep 15:~> sudo dd if=/dev/urandom of=/tmp/ran
1377600+0 records in
1377600+0 records out
705331200 bytes (705 MB) copied, 173.111 s, 4.1 MB/s

Both the cases it was a 3 min interval and that time I do lot of disk intensive work.Now few info about those character files:

/dev/random blocks when entropy pool exhausted whereas /dev/urandom draws from entropy pool until depleted and essentially falls back to pseudo-random-number generators.The entropy pool is maintained in the file /var/lib/random-seed between boots and inplemented by the random script service in RHEL system.

Now it’s time to look into /dev/zero and /dev/null,so here we go:

Writing to both the files are equall .both send your output to blackhole. Executing either of the above commands will satisfy your requirements if you just want to “dump” output to “nowhere.” They should both be character (or raw) devices, have identical major device numbers and only differ at the minor device number level. These numbers will differ from OS to OS, but the basic definitions above should hold relatively true.

Reading from /dev/null and /dev/zero: This is where the difference between the two files becomes apparent. The most significant difference is exposed in the “reading” since this action highlights the major way in which the two differ.

/dev/null is, essentially, a black hole. Writes to it (as noted above), basically go down the drain. They go nowhere, stay there and you can’t get them back. When you “read” from /dev/null, the same rule holds true. /dev/null is virtually “nothing,” and all reads from it produce no output whatsoever. For instance, Linux‘s “strace”  shows what happens when /dev/null is read from (e.g. “cat /dev/null“) – below, what you’d see at the command line, followed by a snippet of strace output from the almost-immediate end of the command’s execution:

bhaskar@bhaskar-laptop_09:54:39_Wed Sep 15:~> sudo cat /dev/null
Password:

bhaskar@bhaskar-laptop_11:49:10_Wed Sep 15:~> sudo strace cat /dev/null
Password:
execve(“/bin/cat”, [“cat”, “/dev/null”], [/* 16 vars */]) = 0
brk(0)                                  = 0x8269000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7816000
access(“/etc/ld.so.preload”, R_OK)      = -1 ENOENT (No such file or directory)
open(“/etc/ld.so.cache”, O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=117500, …}) = 0
mmap2(NULL, 117500, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb77f9000
close(3)                                = 0
open(“/lib/libc.so.6”, O_RDONLY)        = 3
read(3, “\177ELF\1\1\1\3\3\1\320m\1004″…, 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1347988, …}) = 0
mmap2(NULL, 1354184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb76ae000
mmap2(0xb77f3000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x145) = 0xb77f3000
mmap2(0xb77f6000, 10696, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb77f6000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb76ad000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb76ad6c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0xb77f3000, 8192, PROT_READ)   = 0
mprotect(0xb7834000, 4096, PROT_READ)   = 0
munmap(0xb77f9000, 117500)              = 0
brk(0)                                  = 0x8269000
brk(0x828a000)                          = 0x828a000
open(“/usr/lib/locale/locale-archive”, O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=1779408, …}) = 0
mmap2(NULL, 1779408, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb74fa000
close(3)                                = 0
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 5), …}) = 0
open(“/dev/null”, O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), …}) = 0
read(3, “”, 32768)                      = 0
close(3)                                = 0
close(1)                                = 0
close(2)                                = 0
exit_group(0)                           = ?

/dev/zero, on the other hand is not the black hole that it appears to be when “writing to it.” When you “read” from /dev/zero, you get a much different result than when you read from /dev/null. This is most specifically because /dev/zero returns zero’s until the cows come home (or you stop reading from it😉 and “does not” return an EOF like /dev/null. It actually returns the ASCII null character (0x00) ad infinitum.

bhaskar@bhaskar-laptop_11:54:34_Wed Sep 15:~> sudo strace cat /dev/zero
execve(“/bin/cat”, [“cat”, “/dev/zero”], [/* 16 vars */]) = 0
brk(0)                                  = 0x8f0b000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb782b000
access(“/etc/ld.so.preload”, R_OK)      = -1 ENOENT (No such file or directory)
open(“/etc/ld.so.cache”, O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=117500, …}) = 0
mmap2(NULL, 117500, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb780e000
close(3)                                = 0
open(“/lib/libc.so.6”, O_RDONLY)        = 3
read(3, “\177ELF\1\1\1\3\3\1\320m\1004″…, 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1347988, …}) = 0
mmap2(NULL, 1354184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb76c3000
mmap2(0xb7808000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x145) = 0xb7808000
mmap2(0xb780b000, 10696, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb780b000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb76c2000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb76c26c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0xb7808000, 8192, PROT_READ)   = 0
mprotect(0xb7849000, 4096, PROT_READ)   = 0
munmap(0xb780e000, 117500)              = 0
brk(0)                                  = 0x8f0b000
brk(0x8f2c000)                          = 0x8f2c000
open(“/usr/lib/locale/locale-archive”, O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=1779408, …}) = 0
mmap2(NULL, 1779408, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb750f000
close(3)                                = 0
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 5), …}) = 0
open(“/dev/zero”, O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 5), …}) = 0
read(3, “”…, 32768) = 32768
write(1, “”…, 32768) = 32768
read(3, “”…, 32768) = 32768
write(1, “”…, 32768) = 32768
read(3, “”…, 32768) = 32768
write(1, “”…, 32768) = 32768
read(3, “”…, 32768) = 32768
write(1, “”…, 32768) = 32768
read(3, “”…, 32768) = 32768

…output snipped.

With /dev/null you can create a zero byte file like this :

bhaskar@bhaskar-laptop_11:58:18_Wed Sep 15:~> sudo cat /dev/null > nullfile

bhaskar@bhaskar-laptop_11:59:28_Wed Sep 15:~> ls -al nullfile
-rw-r–r– 1 bhaskar users 0 Sep 15 11:59 nullfile

Besically people use /dev/zero to fill out disk space .Suppose you want to create a file system on a specific partion and want to erase out everything it has presently then simply you can pass that drive to /dev/zero,so it will be filled with zeros.Later you can make the filesystem on it.Like below:

bhaskar@bhaskar-laptop_11:59:31_Wed Sep 15:~> sudo dd if=/dev/zero of=/sys

So the partition /sys become zero filled and raw.If you wish you can make a filesystem on it to hold data.Please don’t try this on a important partitions in the box.

Now I have enlisted below some url for your understanding and this article is influenced by those.

Resources:

a) http://lwn.net/Articles/182874/

b) http://lwn.net/Articles/185260/

c) http://linuxshellaccount.blogspot.com/2009/04/devnull-and-devzero-on-linux-and-unix.html

d) http://linuxshellaccount.blogspot.com/2007/12/using-your-shell-to-generate-randomness.html

Hope this will help.

Cheers!

Bhaskar

About unixbhaskar
GNU/Linux Consultant

One Response to Exploring /dev/random vs. /dev/urandom and /dev/zero vs. /dev/null

  1. Pingback: Links 17/9/2010: The ZFS Linux Module, XDS Toulouse Reports | Techrights

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: