integrity/platform_certs/keyring_handler.h

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002
0003 #ifndef PLATFORM_CERTS_INTERNAL_H
0004 #define PLATFORM_CERTS_INTERNAL_H
0005
0006 #include <linux/efi.h>
0007
0008 void blacklist_hash(const char *source, const void *data,
0009             size_t len, const char *type,
0010             size_t type_len);
0011
0012 /*
0013  * Blacklist an X509 TBS hash.
0014  */
0015 void blacklist_x509_tbs(const char *source, const void *data, size_t len);
0016
0017 /*
0018  * Blacklist the hash of an executable.
0019  */
0020 void blacklist_binary(const char *source, const void *data, size_t len);
0021
0022 /*
0023  * Return the handler for particular signature list types found in the db.
0024  */
0025 efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type);
0026
0027 /*
0028  * Return the handler for particular signature list types found in the mok.
0029  */
0030 efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type);
0031
0032 /*
0033  * Return the handler for particular signature list types found in the dbx.
0034  */
0035 efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type);
0036
0037 #endif
0038
0039 #ifndef UEFI_QUIRK_SKIP_CERT
0040 #define UEFI_QUIRK_SKIP_CERT(vendor, product) \
0041          .matches = { \
0042             DMI_MATCH(DMI_BOARD_VENDOR, vendor), \
0043             DMI_MATCH(DMI_PRODUCT_NAME, product), \
0044         },
0045 #endif