This commit adds support for LUKS2 behind a new `partition.conf` key:
`luksGeneration`.
A bit of context, LUKS2 is the default encryption operating mode since
cryptsetup >= 2.1.0 (See [Arch
wiki](https://wiki.archlinux.org/title/dm-crypt/Device_encryption#Encryption_options_with_dm-crypt).
It is considered more secured and allows additional extensions. It also
comes with Argon2id as the default Password Based Key Derivation
Function (`--pbkdf` option). So it's important to provide this as an
option for Calamares in order to make Linux installs more secure, for
those who wish to encrypt their system.
This commit was tested on a custom Manjaro installer with:
- grub bootloader with the [argon patches](https://aur.archlinux.org/packages/grub-improved-luks2-git).
- [rEFInd](https://wiki.archlinux.org/title/REFInd) bootloader with
unencrypted `/boot` partition because rEFInd [doesn't support booting
from an encrypted volume](https://sourceforge.net/p/refind/discussion/general/thread/400418ac/)
**Important consideration for distribution maintainers**:
- You need to have compile flag `WITH_KPMCORE4API` on
- If you are shipping with grub by default please note that you need to
ship it with the Argon patches. Example on Arch Linux: [grub-improved-luks2-git](https://aur.archlinux.org/packages/grub-improved-luks2-git)
- If `luksGeneration` is not found in partition.conf, it will default to
luks1
- Please test this on your own distribution as this was only tested on
Manjaro installer (see above).
- FileSystem.h depends on KPMcore and only compiles when
KPMcore is present; it can use KPMcore identifiers.
- Global.h doesn't.
- Move the few functions introduced into Global.h that need
KPMcore, to FileSystem.h instead.
- some switch statements handle a bunch of items explicitly,
then default the rest. Clang complains about that. Turn off
the warning for these specific switches, since there's dozens
of values that simply do not need to be handled.
The partitioning header 'FileSystem.h' is for KPMCore support;
it is already included by Global.h and guarded by ifdefs for
KPMCore. Do not unconditionally include it from the implementation.
- make the functies that take a GS* first-class
- use the convenience functions from JobQueue for the others
- inline so only the explicit-GS* functions are in the library
The value inside a unique_ptr can't be opaque, it needs to be known
at any site where the pointer may be deleted. shared_ptr does not
have that (deletion is part of the shared_ptr object, which is larger
than the unique_ptr) and so can be used for opaque deletions.
- gcc (up to at least version 10) is worse at recognizing that all
cases have been handled, so it complains about all the switches
that cover enum values.
- both clang and g++ support __builtin_unreachable(); (as Kevin
Kofler pointed out) so we don't need the macro to do different things;
- the compilers have gotten better at detecting unreachable code,
so instead of inserting macros or fiddly bits, just drop them
and the unreachable code they comment.
- point to main Calamares site in the 'part of' headers instead
of to github (this is the "this file is part of Calamares"
opening line for most files).
- remove boilerplate from all source files, CMake modules and completions,
this is the 3-paragraph summary of the GPL-3.0-or-later, which has
a meaning entirely covered by the SPDX tag.
- CC0-1.0 for the uninteresting version-headers
- GPL-3.0-or-later for the services
- add SPDX identifiers to Calamares C++ libraries and application sources
- add SPDX identifiers to Calamares QML (panels and slideshow)
- the `qmldir` is a list of names of things in the directory,
so CC0-1.0 it as "uninteresting"
- QRC files are lists of names of things in the directory,
so CC0-1.0 them as well
- add apidox to all the untranslatedFS() methods
- add the most-basic of untranslatedFS(), which works on a given
FileSystem::Type; this one can handle special cases where
Cala needs a different untranslated name than what KPMCore provides.
