From: "Daniel P. Smith" <[email protected]> The SHA-256 algorithm is necessary to measure configuration information into the TPM as early as possible before using the values. This implementation uses the established approach of #including the SHA-256 library directly in the early boot code.
Signed-off-by: Daniel P. Smith <[email protected]> Signed-off-by: Ross Philipson <[email protected]> --- arch/x86/boot/startup/Makefile | 1 + arch/x86/boot/startup/lib-sha256.c | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 arch/x86/boot/startup/lib-sha256.c diff --git a/arch/x86/boot/startup/Makefile b/arch/x86/boot/startup/Makefile index e283ee4c1f45..071a90f23ae0 100644 --- a/arch/x86/boot/startup/Makefile +++ b/arch/x86/boot/startup/Makefile @@ -22,6 +22,7 @@ obj-$(CONFIG_X86_64) += gdt_idt.o map_kernel.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += sme.o sev-startup.o slaunch-objs += lib-sha1.o +slaunch-objs += lib-sha256.o obj-$(CONFIG_SECURE_LAUNCH) += $(slaunch-objs) pi-objs := $(patsubst %.o,$(obj)/%.o,$(obj-y)) diff --git a/arch/x86/boot/startup/lib-sha256.c b/arch/x86/boot/startup/lib-sha256.c new file mode 100644 index 000000000000..f60df97f9244 --- /dev/null +++ b/arch/x86/boot/startup/lib-sha256.c @@ -0,0 +1,6 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2026 Apertus Solutions, LLC + */ + +#include "../../../../lib/crypto/sha256.c" -- 2.47.3
