This commit adds support for LUKS2 behind a new `partition.conf` key:
`luksGeneration`.
A bit of context, LUKS2 is the default encryption operating mode since
cryptsetup >= 2.1.0 (See [Arch
wiki](https://wiki.archlinux.org/title/dm-crypt/Device_encryption#Encryption_options_with_dm-crypt).
It is considered more secured and allows additional extensions. It also
comes with Argon2id as the default Password Based Key Derivation
Function (`--pbkdf` option). So it's important to provide this as an
option for Calamares in order to make Linux installs more secure, for
those who wish to encrypt their system.
This commit was tested on a custom Manjaro installer with:
- grub bootloader with the [argon patches](https://aur.archlinux.org/packages/grub-improved-luks2-git).
- [rEFInd](https://wiki.archlinux.org/title/REFInd) bootloader with
unencrypted `/boot` partition because rEFInd [doesn't support booting
from an encrypted volume](https://sourceforge.net/p/refind/discussion/general/thread/400418ac/)
**Important consideration for distribution maintainers**:
- You need to have compile flag `WITH_KPMCORE4API` on
- If you are shipping with grub by default please note that you need to
ship it with the Argon patches. Example on Arch Linux: [grub-improved-luks2-git](https://aur.archlinux.org/packages/grub-improved-luks2-git)
- If `luksGeneration` is not found in partition.conf, it will default to
luks1
- Please test this on your own distribution as this was only tested on
Manjaro installer (see above).
The partition- and filesystem-label setting code was already there,
but not in the call to createNewPartition(); now we set the
FS label twice (once in the call, once afterwards)
- It shouldn't be necessary to explicitly .get() pointers for
logging, and it's convenient to know when a pointer is smart.
* no annotation means raw (e.g. @0x0)
* S means shared
* U means unique
- switch logging in job to VERBOSE because we don't want to be printing
pointers to the regular session log
- switch logging in test to VERBOSE to actually see the messages from the Job
- hook the test into the build
- the "simple" constructor for PartitionEntry left the FS type
set as the constructor left it -- which is Unknown by default.
This leads to install failures in systems that don't set a
special layout but just want a single / -- because the FS is
set to Unknown.
- massage the constructor and consumer of the code, push
Ext4 FS in the tests and use the configured default in production.
Some compile flags changed recently, triggering assert()
in the jobqueue when there is more than one. There's no
real reason for JobQueue to be a singleton, but it wants
to be. So clean up pointers a little more enthusiastically.
- Introduces new constructors for PartitionEntry: copy constructory and
constructor with all attributes.
- Use the new constructor in method addEntry().
- point to main Calamares site in the 'part of' headers instead
of to github (this is the "this file is part of Calamares"
opening line for most files).
- remove boilerplate from all source files, CMake modules and completions,
this is the 3-paragraph summary of the GPL-3.0-or-later, which has
a meaning entirely covered by the SPDX tag.
The build instructions are not that interesting, it's a toss-up
between CC0 and BSD-2, but because other CMake bits are BSD-2-Clause,
apply that to more CMakeLists. The copyright date isn't all that
accurate, but these are just inconsequential files.
While here, tidy up and get rid of some useless intermediates.
- Although we long ago replaced the getPartitions implementation, the
test is still there, and on a machine with no /dev/sda (e.g. because
root is on nvme) the echo-awk-shell-pipeline can give an empty string;
this is turned into a QStringList{""} which has one element, while
the new version has 0 elements.
- Special-case the test that empty strings should be empty lists, rather
than 1-element lists with an empty element.
