United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-6998583 NativeSeedGenerator is making 8192 byte read requests from entropy pool on each init.
JDK-6998583 : NativeSeedGenerator is making 8192 byte read requests from entropy pool on each init.

Details
Type:
Bug
Submit Date:
2010-11-09
Status:
Resolved
Updated Date:
2013-03-22
Project Name:
JDK
Resolved Date:
2011-03-02
Component:
security-libs
OS:
linux
Sub-Component:
java.security
CPU:
generic
Priority:
P2
Resolution:
Fixed
Affected Versions:
6-pool
Fixed Versions:
6u24-rev (b23)

Related Reports
Backport:
Backport:
Backport:
Backport:
Backport:
Backport:
Backport:
Backport:
Relates:

Sub Tasks

Description
A simple testcase shows that we read a minimum of 8192 bytes from entropy pool each time we call generateSeed on the solaris/unix NativeSeedGenerator.
Added 6u23-waive-approve keyword, since it's not a stopper for 6u23.  Here is the email thread about this issue:

It is too late for 6u23, which is targeted to ship in 3 weeks.  Once we have a fix, we can consider if it is too risky for 6u24.

jeannette

On Nov 11, 2010, at 4:46 AM, Mike Schoen wrote:

> This particular bug was not raised by Exalogic.  We had the same entropy issue but resolved the problem by adding network activity as an entropy source in the EL kernel. 
>
> This specific instance of the problem was raised by fusion apps provisioning. I have also seen the EM team raise the issue on several occasions in the context of running tests in the farm. 
>
> In any case I don't think we can push a resolution to May and we will need this resolved in both HS and JRockit.  
>
> On Nov 10, 2010, at 10:08 PM, Roger Calnan <###@###.###> wrote:
>
>> I'd agree that this isn't a stopper for 6u23 or PS3. my understanding is that it is Exalogic that is having 
>> the problem and will need an update to JRockit rather than Java SE.   We should get the fix into Java SE with 
>> the fix going out via 6u25 (May), we can provide an earlier Java SE release as necessary for the JavaSE based 
>> Exalogic release of FMW apps.
>>
>> Roger
>>
>>
>> Begin forwarded message:
>>
>>> From: Mike Schoen <###@###.###>
>>> Date: 11 November 2010 03:28:42 CET
>>> To: ###@###.###
>>> Cc: Tracy Barbaro <###@###.###>,  Jeannette Hung <###@###.###>, Se??n Coffey <###@###.###>,  Ranjit Lingaiah <###@###.###>, ###@###.###, Calnan Roger <###@###.###>,  Naggi Asmar <###@###.###>, Mike Schoen <###@###.###>
>>> Subject: Re: P1 6998583 - stopper for 6u23 ?
>>>
>>> This is not a stopper for the FMW 11gR1 PS3 release.  This problem has been around for a while and I doubt that we would slip PS3 to accommodate picking up a new JDK at this stage.
>>>
>>> However, the problem is starting to surface more and more regularly in various environments.  If the root cause is in the JDK we will most likely want a fix ASAP and it may be considered a stopper for the fusion Apps release.  Assuming you have a fix in hand I have a few questions:
>>>
>>> 1) What is the impact to 6u23 if you take this fix (i.e. is there a slip, how much, are there customers waiting for the original date, etc.)?
>>>
>>> 2) If this fix does not make 6u23 what and when is the next delivery vehicle for this fix?
>>>
>>> Copying Naggi so he can weigh in on this also.
>>>
>>> MJS

                                    

Comments
EVALUATION

NativeSeedGenerator is using BufferedInputStream to read from /dev/random. BufferedInputStream buffer 8192 bytes by default. We should modify so that only the requested number of bytes are read from the random pool. (use FileInputStream)
                                     
2010-11-09
EVALUATION

http://hg.openjdk.java.net/jdk7/build/jdk/rev/43ae1a1cc7a4
                                     
2010-12-25



Hardware and Software, Engineered to Work Together