1 /* SPDX-License-Identifier: GPL-2.0 */
2 
3 #ifndef PLATFORM_CERTS_INTERNAL_H
4 #define PLATFORM_CERTS_INTERNAL_H
5 
6 #include <linux/efi.h>
7 
8 void blacklist_hash(const char *source, const void *data,
9 		    size_t len, const char *type,
10 		    size_t type_len);
11 
12 /*
13  * Blacklist an X509 TBS hash.
14  */
15 void blacklist_x509_tbs(const char *source, const void *data, size_t len);
16 
17 /*
18  * Blacklist the hash of an executable.
19  */
20 void blacklist_binary(const char *source, const void *data, size_t len);
21 
22 /*
23  * Return the handler for particular signature list types found in the db.
24  */
25 efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type);
26 
27 /*
28  * Return the handler for particular signature list types found in the mok.
29  */
30 efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type);
31 
32 /*
33  * Return the handler for particular signature list types for CA keys.
34  */
35 efi_element_handler_t get_handler_for_ca_keys(const efi_guid_t *sig_type);
36 
37 /*
38  * Return the handler for particular signature list types for code signing keys.
39  */
40 efi_element_handler_t get_handler_for_code_signing_keys(const efi_guid_t *sig_type);
41 
42 /*
43  * Return the handler for particular signature list types found in the dbx.
44  */
45 efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type);
46 
47 #endif
48 
49 #ifndef UEFI_QUIRK_SKIP_CERT
50 #define UEFI_QUIRK_SKIP_CERT(vendor, product) \
51 		 .matches = { \
52 			DMI_MATCH(DMI_BOARD_VENDOR, vendor), \
53 			DMI_MATCH(DMI_PRODUCT_NAME, product), \
54 		},
55 #endif
56