On Thu, Dec 19, 2024 at 11:42:03AM -0800, Ross Philipson wrote: > From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx> > > The SHA-256 algorithm is necessary to measure configuration information into > the TPM as early as possible before using the values. This implementation > uses the established approach of #including the SHA-256 libraries directly in > the code since the compressed kernel is not uncompressed at this point. > > Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx> > Signed-off-by: Ross Philipson <ross.philipson@xxxxxxxxxx> > --- > arch/x86/boot/compressed/Makefile | 2 +- > arch/x86/boot/compressed/sha256.c | 6 ++++++ > 2 files changed, 7 insertions(+), 1 deletion(-) > create mode 100644 arch/x86/boot/compressed/sha256.c > > diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile > index 7eb03afb841b..40dc0b9babd5 100644 > --- a/arch/x86/boot/compressed/Makefile > +++ b/arch/x86/boot/compressed/Makefile > @@ -107,7 +107,7 @@ vmlinux-objs-$(CONFIG_EFI) += $(obj)/efi.o > vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_mixed.o > vmlinux-libs-$(CONFIG_EFI_STUB) += $(objtree)/drivers/firmware/efi/libstub/lib.a > > -vmlinux-objs-$(CONFIG_SECURE_LAUNCH) += $(obj)/sha1.o > +vmlinux-objs-$(CONFIG_SECURE_LAUNCH) += $(obj)/sha1.o $(obj)/sha256.o > > $(obj)/vmlinux: $(vmlinux-objs-y) $(vmlinux-libs-y) FORCE > $(call if_changed,ld) > diff --git a/arch/x86/boot/compressed/sha256.c b/arch/x86/boot/compressed/sha256.c > new file mode 100644 > index 000000000000..293742a90ddc > --- /dev/null > +++ b/arch/x86/boot/compressed/sha256.c > @@ -0,0 +1,6 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (c) 2024 Apertus Solutions, LLC > + */ > + > +#include "../../../../lib/crypto/sha256.c" > -- > 2.39.3 > Ditto, nothing particular on this at this point of time. Probably 80-90% what it should be. BR, Jarkko
