This commit adds support for LUKS2 behind a new `partition.conf` key:
`luksGeneration`.
A bit of context, LUKS2 is the default encryption operating mode since
cryptsetup >= 2.1.0 (See [Arch
wiki](https://wiki.archlinux.org/title/dm-crypt/Device_encryption#Encryption_options_with_dm-crypt).
It is considered more secured and allows additional extensions. It also
comes with Argon2id as the default Password Based Key Derivation
Function (`--pbkdf` option). So it's important to provide this as an
option for Calamares in order to make Linux installs more secure, for
those who wish to encrypt their system.
This commit was tested on a custom Manjaro installer with:
- grub bootloader with the [argon patches](https://aur.archlinux.org/packages/grub-improved-luks2-git).
- [rEFInd](https://wiki.archlinux.org/title/REFInd) bootloader with
unencrypted `/boot` partition because rEFInd [doesn't support booting
from an encrypted volume](https://sourceforge.net/p/refind/discussion/general/thread/400418ac/)
**Important consideration for distribution maintainers**:
- You need to have compile flag `WITH_KPMCORE4API` on
- If you are shipping with grub by default please note that you need to
ship it with the Argon patches. Example on Arch Linux: [grub-improved-luks2-git](https://aur.archlinux.org/packages/grub-improved-luks2-git)
- If `luksGeneration` is not found in partition.conf, it will default to
luks1
- Please test this on your own distribution as this was only tested on
Manjaro installer (see above).
- Put this in a method of its own even though it's used
only once, so we can put a good name on it.
- If there are no FS choices (e.g. the sample settings file)
then there is no combo-box, and the check was crashing.
FIXES#2029
Previously, state() just returned a stored state, which changed
via updateState(). However, when updateState() started taking
visibility-of-the-widget into account, it became possible to
de-sync the *apparent* state of the encryption widget, from the
stored one:
- make an encryption widget, which is not visible
- show it.
Now the stored-state takes visibility into account that is
different (hidden, so we end up with a state of Unconfirmed)
from the apparent value (shown and unchecked).
Move the calculation to state() instead, so whenever queried,
it checks the current checks-and-visibility values. Restore
the previously-reverted bit for accepting LUKS partitions.
SEE #1935
SEE #1953
- a hidden checkbox should not be handled the same as a checkbox
that is checked; if there is a setting that can be checked or
unchecked, it can only be checked when visible.
FIXES#1953
- Improve the messages a bit
- Remove useless variable (it is checking that the switch(choice)
statement covers all the cases; let's leave that to the compiler)
Setting labels (e.g. in manual partitioning) landed some time
ago, but the progress display still shows a raw device path.
Make it more expressive.
FIXES#449FIXES#540
- this makes createBootloaderComboBox obsolete, since that was
an implementation detail for creating the panel.
- add the panel also when doing an alongside install.
- credits to Anubhav, whose PR started this code.
This is a rather clunky implementation of re-check requirements.
"Clunky" because the UI parts are re-created each time, rather
than fishing from a model of checked (or unchecked) requirements.
The Widgets parts should be updated to use a full model, rather
than the recreate-list-of-Widgets implementation they have now.
Unrelated changes pull in a bunch of improvements to the
waiting spinner widget.
Although this is 3rd-party code, it now diverges -- by merging the
stale PR from upstream, and from adding features of our own --
enough that we should not pretend that it is the original 3rdparty
code.
Chase a couple of include paths that called this from 3rdparty/
- _find and _each Doesn't need to be part of the class API
- Rename to *Transform() because that's more in-line with what it
does, applying an operation to the tree.
