Full Disk Encryption: Misleading note on GRUB support for LUKS2

[ryanm0]

Currently, the void-docs page for full-disk encryption states:

Cryptsetup defaults to LUKS2, yet GRUB releases before 2.06 only had support for LUKS1. Therefore, it might make sense to force LUKS1 if you wish to achieve better compatibility.

GRUB 2.06 did add support for LUKS2 encryption, however cryptsetup's default key derivation function for LUKS2 (Argon2) does not have support as of GRUB 2.06 (see the cryptomount section of the GRUB documentation). The current wording seems to imply that LUKS2 will work by default, but you'd (theoretically[^1]) need to manually select PBKDF2 instead of Argon2 (with --pbkdf pbkdf2) if using LUKS2 with GRUB.

[^1]: I say theoretically here because the Arch Wiki's entry on GRUB claims that, in addition to GRUB not supporting Argon2, grub-install also doesn't support creating images for LUKS2. I haven't tested to see if this is actually the case even when selecting PBKDF2 (I gave up and just went with LUKS1 after LUKS2 with Argon2 didn't work).

[ahesford]

"GRUB releases before 2.06 only had support for LUKS1" does not imply that "LUKS 2 will work by default" on later releases. However, if you believe rewording th text would improve clarity, please PR some revisions.

[camoz]

It does not imply "LUKS 2 will work by default on later releases", but it heavily suggests it IMO. The PR looks good to me, FWIW, but I'm not a void dev.