From da9599a9f6f9264d657d0529b4fd53df2897b0c0 Mon Sep 17 00:00:00 2001 From: codefiles <11915375+codefiles@users.noreply.github.com> Date: Thu, 21 Sep 2023 03:46:55 -0400 Subject: Rework `_get_kernel_params()` for `_add_grub_bootloader()` (#2079) * Rework `_get_kernel_params()` for `_add_grub_bootloader()` * Remove uncommenting of GRUB config line for encrypted /boot support --- archinstall/lib/installer.py | 59 ++++++++++++++++++++++++++------------------ 1 file changed, 35 insertions(+), 24 deletions(-) (limited to 'archinstall/lib') diff --git a/archinstall/lib/installer.py b/archinstall/lib/installer.py index cd6f651d..d71e6ad3 100644 --- a/archinstall/lib/installer.py +++ b/archinstall/lib/installer.py @@ -713,42 +713,60 @@ class Installer: return root return None - def _get_kernel_params(self, root_partition: disk.PartitionModification) -> List[str]: + def _get_kernel_params( + self, + root_partition: disk.PartitionModification, + id_root: bool = True, + partuuid: bool = True + ) -> List[str]: kernel_parameters = [] if root_partition in self._disk_encryption.partitions: # TODO: We need to detect if the encrypted device is a whole disk encryption, # or simply a partition encryption. Right now we assume it's a partition (and we always have) - debug('Root partition is an encrypted device, identifying by PARTUUID: {root_partition.partuuid}') if self._disk_encryption and self._disk_encryption.hsm_device: - # Note: lsblk UUID must be used, not PARTUUID for sd-encrypt to work - kernel_parameters.append(f'rd.luks.name={root_partition.uuid}=luksdev') + debug(f'Root partition is an encrypted device, identifying by UUID: {root_partition.uuid}') + # Note: UUID must be used, not PARTUUID for sd-encrypt to work + kernel_parameters.append(f'rd.luks.name={root_partition.uuid}=root') # Note: tpm2-device and fido2-device don't play along very well: # https://github.com/archlinux/archinstall/pull/1196#issuecomment-1129715645 kernel_parameters.append('rd.luks.options=fido2-device=auto,password-echo=no') + elif partuuid: + debug(f'Root partition is an encrypted device, identifying by PARTUUID: {root_partition.partuuid}') + kernel_parameters.append(f'cryptdevice=PARTUUID={root_partition.partuuid}:root') else: - kernel_parameters.append(f'cryptdevice=PARTUUID={root_partition.partuuid}:luksdev') - - kernel_parameters.append('root=/dev/mapper/luksdev') - else: - debug(f'Identifying root partition by PARTUUID: {root_partition.partuuid}') - kernel_parameters.append(f'root=PARTUUID={root_partition.partuuid}') + debug(f'Root partition is an encrypted device, identifying by UUID: {root_partition.uuid}') + kernel_parameters.append(f'cryptdevice=UUID={root_partition.uuid}:root') + + if id_root: + kernel_parameters.append('root=/dev/mapper/root') + elif id_root: + if partuuid: + debug(f'Identifying root partition by PARTUUID: {root_partition.partuuid}') + kernel_parameters.append(f'root=PARTUUID={root_partition.partuuid}') + else: + debug(f'Identifying root partition by UUID: {root_partition.uuid}') + kernel_parameters.append(f'root=UUID={root_partition.uuid}') # Zswap should be disabled when using zram. # https://github.com/archlinux/archinstall/issues/881 if self._zram_enabled: kernel_parameters.append('zswap.enabled=0') - for sub_vol in root_partition.btrfs_subvols: - if sub_vol.is_root(): - kernel_parameters.append(f'rootflags=subvol={sub_vol.name}') - break + if id_root: + for sub_vol in root_partition.btrfs_subvols: + if sub_vol.is_root(): + kernel_parameters.append(f'rootflags=subvol={sub_vol.name}') + break + + kernel_parameters.append('rw') - kernel_parameters.append('rw') kernel_parameters.append(f'rootfstype={root_partition.safe_fs_type.fs_type_mount}') kernel_parameters.extend(self._kernel_params) + debug(f'kernel parameters: {" ".join(kernel_parameters)}') + return kernel_parameters def _add_systemd_bootloader( @@ -863,16 +881,9 @@ class Installer: grub_default = self.target / 'etc/default/grub' config = grub_default.read_text() - cmdline_linux = [] - - if root_partition in self._disk_encryption.partitions: - debug(f"Using UUID {root_partition.uuid} as encrypted root identifier") - - cmdline_linux.append(f'cryptdevice=UUID={root_partition.uuid}:cryptlvm') - config = re.sub(r'#(GRUB_ENABLE_CRYPTODISK=y\n)', r'\1', config, 1) + kernel_parameters = ' '.join(self._get_kernel_params(root_partition, False, False)) + config = re.sub(r'(GRUB_CMDLINE_LINUX=")("\n)', rf'\1{kernel_parameters}\2', config, 1) - cmdline_linux.append(f'rootfstype={root_partition.safe_fs_type.value}') - config = re.sub(r'(GRUB_CMDLINE_LINUX=")("\n)', rf'\1{" ".join(cmdline_linux)}\2', config, 1) grub_default.write_text(config) info(f"GRUB boot partition: {boot_partition.dev_path}") -- cgit v1.2.3-70-g09d2