summaryrefslogtreecommitdiffstats
path: root/src/ukify
diff options
context:
space:
mode:
Diffstat (limited to 'src/ukify')
-rwxr-xr-xsrc/ukify/test/test_ukify.py49
1 files changed, 24 insertions, 25 deletions
diff --git a/src/ukify/test/test_ukify.py b/src/ukify/test/test_ukify.py
index 0e3f932..e3d49d4 100755
--- a/src/ukify/test/test_ukify.py
+++ b/src/ukify/test/test_ukify.py
@@ -1,11 +1,21 @@
#!/usr/bin/env python3
# SPDX-License-Identifier: LGPL-2.1-or-later
+# The tests can be called via pytest:
+# PATH=build/:$PATH pytest -v src/ukify/test/test_ukify.py
+# or directly:
+# PATH=build/:$PATH src/ukify/test/test_ukify.py
+# or via the meson test machinery output:
+# meson test -C build test-ukify -v
+# or without verbose output:
+# meson test -C build test-ukify
+
# pylint: disable=unused-import,import-outside-toplevel,useless-else-on-loop
# pylint: disable=consider-using-with,wrong-import-position,unspecified-encoding
# pylint: disable=protected-access,redefined-outer-name
import base64
+import glob
import json
import os
import pathlib
@@ -389,28 +399,17 @@ def test_help_error(capsys):
@pytest.fixture(scope='session')
def kernel_initrd():
- opts = ukify.create_parser().parse_args(arg_tools)
- bootctl = ukify.find_tool('bootctl', opts=opts)
- if bootctl is None:
- return None
-
- try:
- text = subprocess.check_output([bootctl, 'list', '--json=short'],
- text=True)
- except subprocess.CalledProcessError:
+ items = sorted(glob.glob('/lib/modules/*/vmlinuz'))
+ if not items:
return None
- items = json.loads(text)
+ # This doesn't necessarilly give us the latest version, since we're just
+ # using alphanumeric ordering. But this is fine, a predictable result is
+ # enough.
+ linux = items[-1]
- for item in items:
- try:
- linux = f"{item['root']}{item['linux']}"
- initrd = f"{item['root']}{item['initrd'][0].split(' ')[0]}"
- except (KeyError, IndexError):
- continue
- return ['--linux', linux, '--initrd', initrd]
- else:
- return None
+ # We don't look _into_ the initrd. Any file is OK.
+ return ['--linux', linux, '--initrd', ukify.__file__]
def test_check_splash():
try:
@@ -699,7 +698,7 @@ def test_pcr_signing(kernel_initrd, tmp_path):
'--uname=1.2.3',
'--cmdline=ARG1 ARG2 ARG3',
'--os-release=ID=foobar\n',
- '--pcr-banks=sha1', # use sha1 because it doesn't really matter
+ '--pcr-banks=sha384', # sha1 might not be allowed, use something else
f'--pcr-private-key={priv.name}',
] + arg_tools
@@ -742,8 +741,8 @@ def test_pcr_signing(kernel_initrd, tmp_path):
assert open(tmp_path / 'out.cmdline').read() == 'ARG1 ARG2 ARG3'
sig = open(tmp_path / 'out.pcrsig').read()
sig = json.loads(sig)
- assert list(sig.keys()) == ['sha1']
- assert len(sig['sha1']) == 4 # four items for four phases
+ assert list(sig.keys()) == ['sha384']
+ assert len(sig['sha384']) == 4 # four items for four phases
shutil.rmtree(tmp_path)
@@ -775,7 +774,7 @@ def test_pcr_signing2(kernel_initrd, tmp_path):
'--uname=1.2.3',
'--cmdline=ARG1 ARG2 ARG3',
'--os-release=ID=foobar\n',
- '--pcr-banks=sha1',
+ '--pcr-banks=sha384',
f'--pcrpkey={pub2.name}',
f'--pcr-public-key={pub.name}',
f'--pcr-private-key={priv.name}',
@@ -815,8 +814,8 @@ def test_pcr_signing2(kernel_initrd, tmp_path):
sig = open(tmp_path / 'out.pcrsig').read()
sig = json.loads(sig)
- assert list(sig.keys()) == ['sha1']
- assert len(sig['sha1']) == 6 # six items for six phases paths
+ assert list(sig.keys()) == ['sha384']
+ assert len(sig['sha384']) == 6 # six items for six phases paths
shutil.rmtree(tmp_path)