From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 13 Nov 2023 15:43:30 +0000 (+0100)
Subject: test-tpm2: skip RSA generating TPM2 tests on physical hw
X-Git-Tag: v255-rc2~25^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3aea672bff95bbebaa80bc21b79eb1275157e0f4;p=thirdparty%2Fsystemd.git

test-tpm2: skip RSA generating TPM2 tests on physical hw

The TPM2 tests that genreate an RSA primary key are fast on vtpms, but
very slow on physical TPMs, simply because TPMs aren't precisely fast
devices. It makes sense to keep the tests around however. Hence hide the
test behind the "slow test" logic by default – but only if we run on
physical hw, and keep them in place on VMs (where we'd expect a vtpm, if
any).
---

diff --git a/src/test/test-tpm2.c b/src/test/test-tpm2.c
index c3506936e42..06b9800dec7 100644
--- a/src/test/test-tpm2.c
+++ b/src/test/test-tpm2.c
@@ -2,8 +2,9 @@
 
 #include "hexdecoct.h"
 #include "macro.h"
-#include "tpm2-util.h"
 #include "tests.h"
+#include "tpm2-util.h"
+#include "virt.h"
 
 TEST(tpm2_pcr_index_from_string) {
         assert_se(tpm2_pcr_index_from_string("platform-code") == 0);
@@ -1142,6 +1143,11 @@ static int check_calculate_seal(Tpm2Context *c) {
         assert(c);
         int r;
 
+        if (detect_virtualization() == VIRTUALIZATION_NONE && !slow_tests_enabled()) {
+                log_notice("Skipping slow calculate seal TPM2 tests. Physical system detected, and slow tests disabled.");
+                return 0;
+        }
+
         TEST_LOG_FUNC();
 
         _cleanup_free_ TPM2B_PUBLIC *srk_public = NULL;
@@ -1216,6 +1222,11 @@ static void check_seal_unseal(Tpm2Context *c) {
 
         assert(c);
 
+        if (detect_virtualization() == VIRTUALIZATION_NONE && !slow_tests_enabled()) {
+                log_notice("Skipping slow seal/unseal TPM2 tests. Physical system detected, and slow tests disabled.");
+                return;
+        }
+
         TEST_LOG_FUNC();
 
         check_seal_unseal_for_handle(c, 0);