yast · ancorgs · Jan 29, 2026 · Jan 29, 2026 · Jan 29, 2026 · Jan 29, 2026
diff --git a/package/yast2-storage-ng.changes b/package/yast2-storage-ng.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Thu Jan 29 09:00:40 UTC 2026 - Ancor Gonzalez Sosa <ancor@suse.com>
+
+- Adjusted the criteria to check whether TPM-based full-disk
+  encryption is available at Agama (bsc#1257315).
+- 5.0.40
+
 -------------------------------------------------------------------
 Thu Jan 15 08:26:47 UTC 2026 - Ladislav Slezák <lslezak@suse.com>
 

diff --git a/package/yast2-storage-ng.spec b/package/yast2-storage-ng.spec
@@ -16,7 +16,7 @@
 #
 
 Name:           yast2-storage-ng
-Version:        5.0.39
+Version:        5.0.40
 Release:        0
 Summary:        YaST2 - Storage Configuration
 License:        GPL-2.0-only OR GPL-3.0-only

diff --git a/src/lib/y2storage/encryption_method/tpm_fde.rb b/src/lib/y2storage/encryption_method/tpm_fde.rb
@@ -80,16 +80,16 @@ def available?
         false
       end
 
-      # Whether both the target system and the product being installed meet the requisites
-      # to setup devices using this encryption method.
+      # Whether the target system meets the requisites to setup devices using this
+      # encryption method.
       #
       # The encryption method must be used at least for the root filesystem (eg. is not possible to
       # use it for /var but not for /), but that can't hardly be controlled here. A separate
       # validation that considers the whole devicegraph is needed.
       #
       # @return [Boolean]
       def possible?
-        tpm_system? && tpm_product?
+        Y2Storage::Arch.new.efiboot? && tpm_present?
       end
 
       # Creates an encryption device for the given block device
@@ -109,15 +109,6 @@ def encryption_process
         EncryptionProcesses::TpmFdeTools.new(self)
       end
 
-      # Whether the system is capable of using the encryption method
-      #
-      # @see #possible?
-      #
-      # @return [Boolean]
-      def tpm_system?
-        Y2Storage::Arch.new.efiboot? && tpm_present?
-      end
-
       # Whether a TPM2 chip is present and working
       #
       # @see #possible?
@@ -128,20 +119,6 @@ def tpm_present?
 
         @tpm_present = EncryptionProcesses::FdeTools.new.tpm_present?
       end
-
-      # Whether the product being installed has the ability to configure the encryption method
-      #
-      # @see #possible?
-      #
-      # @return [Boolean]
-      def tpm_product?
-        # TODO: We should likely do some memoization of the result. But it is not clear when
-        # such memoization would be invalidated (eg. new packages available due to some change
-        # in selected product or to new repositories).
-
-        # Beware: apart from true and false, AvailableAll can return nil if things go wrong
-        !!Yast::Package.AvailableAll(YastFeature::ENCRYPTION_TPM_FDE.pkg_list)
-      end
     end
   end
 end
diff --git a/test/support/devices_planner_context.rb b/test/support/devices_planner_context.rb
@@ -44,6 +44,10 @@
 
     Yast::ProductFeatures.Import("partitioning" => control_file_content)
 
+    # Needed because of the more than questionable implementation of preferred_bootloader
+    allow(Y2Storage::BootRequirementsStrategies::Analyzer)
+      .to receive(:bls_bootloader_proposed?).and_return false
+
     allow(Y2Storage::BootRequirementsChecker).to receive(:new).and_return boot_checker
     allow(boot_checker).to receive(:needed_partitions).and_return(
       [

diff --git a/test/y2storage/encryption_method/tpm_fde_test.rb b/test/y2storage/encryption_method/tpm_fde_test.rb
@@ -70,8 +70,6 @@
       end
 
       allow(Y2Storage::Arch).to receive(:new).and_return(arch)
-
-      allow(Yast::Package).to receive(:AvailableAll).and_return pkgs_available
     end
 
     let(:arch) { instance_double("Y2Storage::Arch", efiboot?: efi) }
@@ -89,36 +87,16 @@
       context "and there is a working TPM2 chip" do
         let(:tpm_present) { true }
 
-        context "and the needed packages can be installed in the target system" do
-          let(:pkgs_available) { true }
-
-          it "#possible? returns true and #available? returns false" do
-            expect(subject.available?).to eq false
-            expect(subject.possible?).to eq true
-          end
-        end
-
-        context "and the needed packages can not be installed in the target system" do
-          let(:pkgs_available) { false }
-
-          include_examples "TPM_FDE impossible and not available"
+        it "#possible? returns true and #available? returns false" do
+          expect(subject.available?).to eq false
+          expect(subject.possible?).to eq true
         end
       end
 
       context "and there is no TPM2 chip" do
         let(:tpm_present) { false }
 
-        context "and the needed packages can be installed in the target system" do
-          let(:pkgs_available) { true }
-
-          include_examples "TPM_FDE impossible and not available"
-        end
-
-        context "and the needed packages can not be installed in the target system" do
-          let(:pkgs_available) { false }
-
-          include_examples "TPM_FDE impossible and not available"
-        end
+        include_examples "TPM_FDE impossible and not available"
       end
     end
 
@@ -128,33 +106,13 @@
       context "and there is a working TPM2 chip" do
         let(:tpm_present) { true }
 
-        context "and the needed packages can be installed in the target system" do
-          let(:pkgs_available) { true }
-
-          include_examples "TPM_FDE impossible and not available"
-        end
-
-        context "and the needed packages can not be installed in the target system" do
-          let(:pkgs_available) { false }
-
-          include_examples "TPM_FDE impossible and not available"
-        end
+        include_examples "TPM_FDE impossible and not available"
       end
 
       context "and there is no TPM2 chip" do
         let(:tpm_present) { false }
 
-        context "and the needed packages can be installed in the target system" do
-          let(:pkgs_available) { true }
-
-          include_examples "TPM_FDE impossible and not available"
-        end
-
-        context "and the needed packages can not be installed in the target system" do
-          let(:pkgs_available) { false }
-
-          include_examples "TPM_FDE impossible and not available"
-        end
+        include_examples "TPM_FDE impossible and not available"
       end
     end
   end