Merging upstream version 256.4.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 24 insertions, 25 deletions

diff --git a/src/ukify/test/test_ukify.py b/src/ukify/test/test_ukify.py
index 0e3f932..e3d49d4 100755
--- a/src/ukify/test/test_ukify.py
+++ b/src/ukify/test/test_ukify.py
@@ -1,11 +1,21 @@
 #!/usr/bin/env python3
 # SPDX-License-Identifier: LGPL-2.1-or-later
 
+# The tests can be called via pytest:
+#   PATH=build/:$PATH pytest -v src/ukify/test/test_ukify.py
+# or directly:
+#   PATH=build/:$PATH src/ukify/test/test_ukify.py
+# or via the meson test machinery output:
+#   meson test -C build test-ukify -v
+# or without verbose output:
+#   meson test -C build test-ukify
+
 # pylint: disable=unused-import,import-outside-toplevel,useless-else-on-loop
 # pylint: disable=consider-using-with,wrong-import-position,unspecified-encoding
 # pylint: disable=protected-access,redefined-outer-name
 
 import base64
+import glob
 import json
 import os
 import pathlib
@@ -389,28 +399,17 @@ def test_help_error(capsys):
 
 @pytest.fixture(scope='session')
 def kernel_initrd():
-    opts = ukify.create_parser().parse_args(arg_tools)
-    bootctl = ukify.find_tool('bootctl', opts=opts)
-    if bootctl is None:
-        return None
-
-    try:
-        text = subprocess.check_output([bootctl, 'list', '--json=short'],
-                                       text=True)
-    except subprocess.CalledProcessError:
+    items = sorted(glob.glob('/lib/modules/*/vmlinuz'))
+    if not items:
         return None
 
-    items = json.loads(text)
+    # This doesn't necessarilly give us the latest version, since we're just
+    # using alphanumeric ordering. But this is fine, a predictable result is
+    # enough.
+    linux = items[-1]
 
-    for item in items:
-        try:
-            linux = f"{item['root']}{item['linux']}"
-            initrd = f"{item['root']}{item['initrd'][0].split(' ')[0]}"
-        except (KeyError, IndexError):
-            continue
-        return ['--linux', linux, '--initrd', initrd]
-    else:
-        return None
+    # We don't look _into_ the initrd. Any file is OK.
+    return ['--linux', linux, '--initrd', ukify.__file__]
 
 def test_check_splash():
     try:
@@ -699,7 +698,7 @@ def test_pcr_signing(kernel_initrd, tmp_path):
         '--uname=1.2.3',
         '--cmdline=ARG1 ARG2 ARG3',
         '--os-release=ID=foobar\n',
-        '--pcr-banks=sha1',   # use sha1 because it doesn't really matter
+        '--pcr-banks=sha384',   # sha1 might not be allowed, use something else
         f'--pcr-private-key={priv.name}',
     ] + arg_tools
 
@@ -742,8 +741,8 @@ def test_pcr_signing(kernel_initrd, tmp_path):
         assert open(tmp_path / 'out.cmdline').read() == 'ARG1 ARG2 ARG3'
         sig = open(tmp_path / 'out.pcrsig').read()
         sig = json.loads(sig)
-        assert list(sig.keys()) == ['sha1']
-        assert len(sig['sha1']) == 4   # four items for four phases
+        assert list(sig.keys()) == ['sha384']
+        assert len(sig['sha384']) == 4   # four items for four phases
 
     shutil.rmtree(tmp_path)
 
@@ -775,7 +774,7 @@ def test_pcr_signing2(kernel_initrd, tmp_path):
         '--uname=1.2.3',
         '--cmdline=ARG1 ARG2 ARG3',
         '--os-release=ID=foobar\n',
-        '--pcr-banks=sha1',
+        '--pcr-banks=sha384',
         f'--pcrpkey={pub2.name}',
         f'--pcr-public-key={pub.name}',
         f'--pcr-private-key={priv.name}',
@@ -815,8 +814,8 @@ def test_pcr_signing2(kernel_initrd, tmp_path):
 
     sig = open(tmp_path / 'out.pcrsig').read()
     sig = json.loads(sig)
-    assert list(sig.keys()) == ['sha1']
-    assert len(sig['sha1']) == 6   # six items for six phases paths
+    assert list(sig.keys()) == ['sha384']
+    assert len(sig['sha384']) == 6   # six items for six phases paths
 
     shutil.rmtree(tmp_path)