Closed ancorgs closed 1 year ago
:heavy_check_mark: Public Jenkins job #448 successfully finished :heavy_check_mark: Created OBS submit request #1037139
:heavy_check_mark: Internal Jenkins job #1134 successfully finished :heavy_check_mark: Created IBS submit request #284782
Problem
The
GuidedProposal
(and its variants) is the component responsible of calculating a good storage layout to install the system. So far it's used:For many reasons outlined in this bugzilla comment and several other places, the
GuidedProposal
always uses LUKS1 to encrypt the devices.But recent versions of openSUSE Tumbleweed and the ALP prototypes include a heavily patched version of Grub2 that can handle LUKS2 reasonably well as long as PBKDF2 is used as password-based key derivation function.
When installing any ALP-based product with D-Installer we want to make it possible to use TPM-based encryption. For that, LUKS2 is the only option, it cannot work with LUKS1.
Solution
Important: this pull request also includes some previous commits to do some cleanup and refactor some parts. Review commit by commit.
Implement support for LUKS2 (with a configurable PBKDF) in the
GuidedProposal
so it can be used by D-Installer to implement TPM-based encryption.There are no plans to use that capability from (Auto)YaST. Everything remains full backwards compatible using LUKS1 by default for any encryption done by the proposal.
The code assumes Grub2 can handle LUKS2 devices using PBKDF2. At the moment of writing, that is not true in the case of SLE-15-SP5 or any previous version of SLE or Leap. That implies we need to revisit that logic in the
BootRequirementsChecker
in the close future. On the bright side, Michael Chang commented he could make SLE-15-SP5 work just like TW in that regard. If that happens we would just need to remove the warning comments. :-)GuidedProposal
will always propose a separate unencrypted partition for/boot
if LUKS2 is used with Argon2i or Argon2id, since Grub2 cannot handle those key derivation functions, not even in Tumbleweed or ALP-based systems. Due to a current bug, that's not true in the following case: LVM with the physical volumes encrypted with LUKS2 using Argon2i or Argon2id. The plan is to fix that in an upcoming pull request, to not block the current one (LVM+LUKS2 with Argon is out of the scope of both YaST and D-Installer for now).Testing
Pending for the future (after merging)
BootRequirementsChecker
is not proposing a separate /bootGuidedProposal
. We could likely add some kind of new class (eg.EncryptionSettings
) to encapsulate that information instead of using three fields in the already overloadedProposalSettings
.