This commit adds support for LUKS2 behind a new `partition.conf` key:
`luksGeneration`.
A bit of context, LUKS2 is the default encryption operating mode since
cryptsetup >= 2.1.0 (See [Arch
wiki](https://wiki.archlinux.org/title/dm-crypt/Device_encryption#Encryption_options_with_dm-crypt).
It is considered more secured and allows additional extensions. It also
comes with Argon2id as the default Password Based Key Derivation
Function (`--pbkdf` option). So it's important to provide this as an
option for Calamares in order to make Linux installs more secure, for
those who wish to encrypt their system.
This commit was tested on a custom Manjaro installer with:
- grub bootloader with the [argon patches](https://aur.archlinux.org/packages/grub-improved-luks2-git).
- [rEFInd](https://wiki.archlinux.org/title/REFInd) bootloader with
unencrypted `/boot` partition because rEFInd [doesn't support booting
from an encrypted volume](https://sourceforge.net/p/refind/discussion/general/thread/400418ac/)
**Important consideration for distribution maintainers**:
- You need to have compile flag `WITH_KPMCORE4API` on
- If you are shipping with grub by default please note that you need to
ship it with the Argon patches. Example on Arch Linux: [grub-improved-luks2-git](https://aur.archlinux.org/packages/grub-improved-luks2-git)
- If `luksGeneration` is not found in partition.conf, it will default to
luks1
- Please test this on your own distribution as this was only tested on
Manjaro installer (see above).
- FileSystem.h depends on KPMcore and only compiles when
KPMcore is present; it can use KPMcore identifiers.
- Global.h doesn't.
- Move the few functions introduced into Global.h that need
KPMcore, to FileSystem.h instead.
- some switch statements handle a bunch of items explicitly,
then default the rest. Clang complains about that. Turn off
the warning for these specific switches, since there's dozens
of values that simply do not need to be handled.
The partitioning header 'FileSystem.h' is for KPMCore support;
it is already included by Global.h and guarded by ifdefs for
KPMCore. Do not unconditionally include it from the implementation.
- make the functies that take a GS* first-class
- use the convenience functions from JobQueue for the others
- inline so only the explicit-GS* functions are in the library
The value inside a unique_ptr can't be opaque, it needs to be known
at any site where the pointer may be deleted. shared_ptr does not
have that (deletion is part of the shared_ptr object, which is larger
than the unique_ptr) and so can be used for opaque deletions.
- gcc (up to at least version 10) is worse at recognizing that all
cases have been handled, so it complains about all the switches
that cover enum values.
- both clang and g++ support __builtin_unreachable(); (as Kevin
Kofler pointed out) so we don't need the macro to do different things;
- the compilers have gotten better at detecting unreachable code,
so instead of inserting macros or fiddly bits, just drop them
and the unreachable code they comment.
