Add: test script for validating Qualcomm HWRNG functionality #36
Conversation
@mwasilew In the latest commit, I expanded the last name and signed off, but the DCO Signed off check is failing. |
|
Rebased and Squashed all commits on this feature branch on top of latest main |
There was a problem hiding this comment.
Code looks OK. The markdown file is missing copyright statement. Please fix the commiter email. This is what the automated checks are complaining about:
Invalid email for Committer: [email protected]
Set the email in the repository (or globally)
git config user.email your_email@address
git congig user.name "Your Name"
After that rewrite the commit
git commit --amend -s --reset-author
|
Thanks @mwasilew, Amended with changed committer email |
Done |
|
Amended with changes. |
nklazy
force-pushed
the
main
branch
2 times, most recently
from
6e87484 to
c140375
Compare
Runner/suites/Kernel/FunctionalArea/baseport/qcom_hwrng/README_qcom_hwrng.md
Outdated
Show resolved
Hide resolved
Runner/suites/Kernel/FunctionalArea/baseport/qcom_hwrng/README_qcom_hwrng.md
Outdated
Show resolved
Hide resolved
Runner/suites/Kernel/FunctionalArea/baseport/qcom_hwrng/README_qcom_hwrng.md
Outdated
Show resolved
Hide resolved
nklazy
force-pushed
the
main
branch
2 times, most recently
from
24bbd48 to
6fbb4aa
Compare
Amended with changes suggested |
|
Remove unwanted commit |
|
Done |
|
This pull request has been marked as stale due to 30 days of inactivity. To prevent automatic closure in 7 days, remove the stale label or add a comment. You can reopen a closed pull request at any time. |
|
Please address the shell check failure |
|
Rebase to the latest and remove the directories(FunctionalArea) which are not required. |
|
This pull request has been marked as stale due to 30 days of inactivity. To prevent automatic closure in 7 days, remove the stale label or add a comment. You can reopen a closed pull request at any time. |
|
@nklazy is this PR still required? |
Yes, will commit will latest changes. |
nklazy
force-pushed
the
main
branch
2 times, most recently
from
8f8e6a1 to
082be94
Compare
- Added initial test script to validate Qualcomm HWRNG functionality - Refined script and documentation based on review feedback Signed-off-by: Naveenkumar Suresh <[email protected]>
|
Amended with changes suggested |
| log_info "=== Test Initialization ===" | ||
|
|
||
| log_info "Checking if dependency binary is available" | ||
| check_dependencies rngtest dd |
There was a problem hiding this comment.
SKIP the test if dependencies are not met
| check_dependencies rngtest dd | ||
|
|
||
| # Set the hardware RNG source to Qualcomm's RNG | ||
| RNG_PATH="/sys/class/misc/hw_random/rng_current" |
There was a problem hiding this comment.
you should verify it’s actually available before selecting it, and restore the previous provider on exit. Writing to rng_current needs root. Either enforce root at top, or emit SKIP if not root.
|
|
||
| TMP_OUT="./qcom_hwrng_output.txt" | ||
| ENTROPY_B=20000032 | ||
| RNG_SOURCE="/dev/random" |
There was a problem hiding this comment.
You’re reading from /dev/random, which is the kernel CSPRNG pool, not raw HWRNG output. To validate qcom HWRNG specifically, read from /dev/hwrng (and ensure it exists).
| log_info "Running rngtest with $ENTROPY_B bytes of entropy from $RNG_SOURCE..." | ||
|
|
||
| # Generate entropy and run rngtest | ||
| if ! dd if="$RNG_SOURCE" bs=1 count="$ENTROPY_B" status=none 2>/dev/null | rngtest -c 1000 2>&1 | tee "$TMP_OUT"; then |
There was a problem hiding this comment.
dd | rngtest | tee checks the exit status of tee, not rngtest. In POSIX sh, there’s no pipefail. Capture rngtest’s status by avoiding a pipe for the final command.
|
|
||
| TESTNAME="qcom_hwrng" | ||
| test_path=$(find_test_case_by_name "$TESTNAME") | ||
| cd "$test_path" || exit 1 |
There was a problem hiding this comment.
If find_test_case_by_name returns empty or cd fails, you exit without writing .res. Add a fallback and always emit .res.
| fi | ||
|
|
||
| # Parse FIPS 140-2 failures | ||
| failures=$(awk '/FIPS 140-2 failures:/ {print $NF}' "$TMP_OUT" | head -n1) |
There was a problem hiding this comment.
You’re parsing FIPS 140-2 failures. Keeping a small threshold (e.g., < 10) is fine, but make it a variable and log it.
| failures=$(awk '/FIPS 140-2 failures:/ {print $NF}' "$TMP_OUT" | head -n1) | ||
| rm -f "$TMP_OUT" | ||
|
|
||
| if [ -z "$failures" ] || ! echo "$failures" | grep -Eq '^[0-9]+$'; then |
There was a problem hiding this comment.
Anchor on the expected prefix to avoid accidental matches
4 participants
Adds initial test script and supporting documentation to validate qcom_hwrng integration and functionality.