1ad723674SNayna Jain /* SPDX-License-Identifier: GPL-2.0 */ 2ad723674SNayna Jain 3ad723674SNayna Jain #ifndef PLATFORM_CERTS_INTERNAL_H 4ad723674SNayna Jain #define PLATFORM_CERTS_INTERNAL_H 5ad723674SNayna Jain 6ad723674SNayna Jain #include <linux/efi.h> 7ad723674SNayna Jain 8ad723674SNayna Jain void blacklist_hash(const char *source, const void *data, 9ad723674SNayna Jain size_t len, const char *type, 10ad723674SNayna Jain size_t type_len); 11ad723674SNayna Jain 12ad723674SNayna Jain /* 13ad723674SNayna Jain * Blacklist an X509 TBS hash. 14ad723674SNayna Jain */ 15ad723674SNayna Jain void blacklist_x509_tbs(const char *source, const void *data, size_t len); 16ad723674SNayna Jain 17ad723674SNayna Jain /* 18ad723674SNayna Jain * Blacklist the hash of an executable. 19ad723674SNayna Jain */ 20ad723674SNayna Jain void blacklist_binary(const char *source, const void *data, size_t len); 21ad723674SNayna Jain 22ad723674SNayna Jain /* 23ad723674SNayna Jain * Return the handler for particular signature list types found in the db. 24ad723674SNayna Jain */ 25ad723674SNayna Jain efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type); 26ad723674SNayna Jain 27ad723674SNayna Jain /* 2845fcd5e5SEric Snowberg * Return the handler for particular signature list types found in the mok. 2945fcd5e5SEric Snowberg */ 3045fcd5e5SEric Snowberg efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type); 3145fcd5e5SEric Snowberg 3245fcd5e5SEric Snowberg /* 33a3af7188SNayna Jain * Return the handler for particular signature list types for CA keys. 34a3af7188SNayna Jain */ 35a3af7188SNayna Jain efi_element_handler_t get_handler_for_ca_keys(const efi_guid_t *sig_type); 36a3af7188SNayna Jain 37a3af7188SNayna Jain /* 38*44e69ea5SNayna Jain * Return the handler for particular signature list types for code signing keys. 39*44e69ea5SNayna Jain */ 40*44e69ea5SNayna Jain efi_element_handler_t get_handler_for_code_signing_keys(const efi_guid_t *sig_type); 41*44e69ea5SNayna Jain 42*44e69ea5SNayna Jain /* 43ad723674SNayna Jain * Return the handler for particular signature list types found in the dbx. 44ad723674SNayna Jain */ 45ad723674SNayna Jain efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type); 46ad723674SNayna Jain 47ad723674SNayna Jain #endif 48155ca952SAditya Garg 49155ca952SAditya Garg #ifndef UEFI_QUIRK_SKIP_CERT 50155ca952SAditya Garg #define UEFI_QUIRK_SKIP_CERT(vendor, product) \ 51155ca952SAditya Garg .matches = { \ 52155ca952SAditya Garg DMI_MATCH(DMI_BOARD_VENDOR, vendor), \ 53155ca952SAditya Garg DMI_MATCH(DMI_PRODUCT_NAME, product), \ 54155ca952SAditya Garg }, 55155ca952SAditya Garg #endif 56