1 /* SPDX-License-Identifier: GPL-2.0 */ 2 3 #ifndef PLATFORM_CERTS_INTERNAL_H 4 #define PLATFORM_CERTS_INTERNAL_H 5 6 #include <linux/efi.h> 7 8 void blacklist_hash(const char *source, const void *data, 9 size_t len, const char *type, 10 size_t type_len); 11 12 /* 13 * Blacklist an X509 TBS hash. 14 */ 15 void blacklist_x509_tbs(const char *source, const void *data, size_t len); 16 17 /* 18 * Blacklist the hash of an executable. 19 */ 20 void blacklist_binary(const char *source, const void *data, size_t len); 21 22 /* 23 * Return the handler for particular signature list types found in the db. 24 */ 25 efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type); 26 27 /* 28 * Return the handler for particular signature list types found in the mok. 29 */ 30 efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type); 31 32 /* 33 * Return the handler for particular signature list types for CA keys. 34 */ 35 efi_element_handler_t get_handler_for_ca_keys(const efi_guid_t *sig_type); 36 37 /* 38 * Return the handler for particular signature list types for code signing keys. 39 */ 40 efi_element_handler_t get_handler_for_code_signing_keys(const efi_guid_t *sig_type); 41 42 /* 43 * Return the handler for particular signature list types found in the dbx. 44 */ 45 efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type); 46 47 #endif 48 49 #ifndef UEFI_QUIRK_SKIP_CERT 50 #define UEFI_QUIRK_SKIP_CERT(vendor, product) \ 51 .matches = { \ 52 DMI_MATCH(DMI_BOARD_VENDOR, vendor), \ 53 DMI_MATCH(DMI_PRODUCT_NAME, product), \ 54 }, 55 #endif 56