Skip to content

Commit 6d511eb

Browse files
vnaraparvnarapar
authored
Merge pull request #109 from smuppand/rngtest-fix
Improve rngtest CI reliability with output-based validation and success ratio logging
2 parents 3ef90fb + 1193529 commit 6d511eb

1 file changed

Lines changed: 18 additions & 27 deletions

File tree

  • Runner/suites/Kernel/FunctionalArea/baseport/rngtest

Runner/suites/Kernel/FunctionalArea/baseport/rngtest/run.sh

Lines changed: 18 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -36,60 +36,51 @@ log_info "----------------------------------------------------------------------
3636
log_info "-------------------Starting $TESTNAME Testcase----------------------------"
3737
log_info "=== Test Initialization ==="
3838

39-
log_info "Checking if dependency binary is available"
39+
# Verifying the availability of the dependency binary
4040
check_dependencies rngtest dd
4141

4242
TMP_BIN="/tmp/rngtest_input.bin"
4343
TMP_OUT="/tmp/rngtest_output.txt"
4444
ENTROPY_MB=10
45-
RNG_SOURCE="/dev/urandom" # Use /dev/random if you want slow but highest entropy
45+
COUNT=1000
46+
PASS_THRESHOLD=997
47+
RNG_SOURCE="/dev/urandom"
48+
[ -e /dev/hwrng ] && RNG_SOURCE="/dev/hwrng"
4649

47-
log_info "Generating ${ENTROPY_MB}MB entropy input from $RNG_SOURCE using dd..."
50+
log_info "Generating ${ENTROPY_MB}MB entropy input from $RNG_SOURCE"
4851
if ! dd if="$RNG_SOURCE" of="$TMP_BIN" bs=1M count="$ENTROPY_MB" status=none 2>/dev/null; then
4952
log_fail "$TESTNAME : Failed to read random data from $RNG_SOURCE"
5053
echo "$TESTNAME FAIL" > "$res_file"
5154
rm -f "$TMP_BIN"
5255
exit 1
5356
fi
5457

55-
log_info "Running rngtest -c 1000 < $TMP_BIN"
56-
if ! rngtest -c 1000 < "$TMP_BIN" > "$TMP_OUT" 2>&1; then
57-
log_fail "$TESTNAME : rngtest execution failed"
58-
echo "$TESTNAME FAIL" > "$res_file"
59-
rm -f "$TMP_BIN" "$TMP_OUT"
60-
exit 1
61-
fi
58+
log_info "Running rngtest -c $COUNT < $TMP_BIN"
59+
rngtest -c "$COUNT" < "$TMP_BIN" > "$TMP_OUT" 2>&1
6260

63-
# Check for entropy errors or source drained
64-
if grep -q "entropy source drained" "$TMP_OUT"; then
65-
log_fail "rngtest: entropy source drained, input too small"
66-
echo "$TESTNAME FAIL" > "$res_file"
67-
rm -f "$TMP_BIN" "$TMP_OUT"
68-
exit 1
69-
fi
70-
71-
# Parse FIPS 140-2 successes (robust to output variations)
61+
# Try to extract success count regardless of return code
7262
successes=$(awk '/FIPS 140-2 successes:/ {print $NF}' "$TMP_OUT" | head -n1)
7363

7464
if [ -z "$successes" ] || ! echo "$successes" | grep -Eq '^[0-9]+$'; then
75-
log_fail "rngtest did not return a valid integer for successes; got: '$successes'"
65+
log_fail "rngtest: Could not parse valid success count from output"
7666
echo "$TESTNAME FAIL" > "$res_file"
67+
cat "$TMP_OUT"
7768
rm -f "$TMP_BIN" "$TMP_OUT"
7869
exit 1
7970
fi
8071

81-
log_info "rngtest: FIPS 140-2 successes = $successes"
82-
# You can tune this threshold as needed (10 means <1% fail allowed)
83-
if [ "$successes" -ge 10 ]; then
84-
log_pass "$TESTNAME : Test Passed ($successes FIPS 140-2 successes)"
72+
log_info "FIPS 140-2 successes: $successes / $COUNT"
73+
percent=$(awk "BEGIN {printf \"%.2f\", ($successes/$COUNT)*100}")
74+
log_info "Success ratio: $percent%"
75+
76+
if [ "$successes" -ge "$PASS_THRESHOLD" ]; then
77+
log_pass "$TESTNAME : Test Passed ($successes$PASS_THRESHOLD successes)"
8578
echo "$TESTNAME PASS" > "$res_file"
8679
rm -f "$TMP_BIN" "$TMP_OUT"
8780
exit 0
8881
else
89-
log_fail "$TESTNAME : Test Failed ($successes FIPS 140-2 successes)"
82+
log_fail "$TESTNAME : Test Failed ($successes < $PASS_THRESHOLD successes)"
9083
echo "$TESTNAME FAIL" > "$res_file"
9184
rm -f "$TMP_BIN" "$TMP_OUT"
9285
exit 1
9386
fi
94-
95-
log_info "-------------------Completed $TESTNAME Testcase----------------------------"

0 commit comments

Comments
 (0)