1
/* SPDX-License-Identifier: GPL-2.0 */
2

3
#ifndef PLATFORM_CERTS_INTERNAL_H
4
#define PLATFORM_CERTS_INTERNAL_H
5

6
#include <linux/efi.h>
7

8
void blacklist_hash(const char *source, const void *data,
9
		    size_t len, const char *type,
10
		    size_t type_len);
11

12
/*
13
 * Blacklist an X509 TBS hash.
14
 */
15
void blacklist_x509_tbs(const char *source, const void *data, size_t len);
16

17
/*
18
 * Blacklist the hash of an executable.
19
 */
20
void blacklist_binary(const char *source, const void *data, size_t len);
21

22
/*
23
 * Return the handler for particular signature list types found in the db.
24
 */
25
efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type);
26

27
/*
28
 * Return the handler for particular signature list types found in the mok.
29
 */
30
efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type);
31

32
/*
33
 * Return the handler for particular signature list types for CA keys.
34
 */
35
efi_element_handler_t get_handler_for_ca_keys(const efi_guid_t *sig_type);
36

37
/*
38
 * Return the handler for particular signature list types for code signing keys.
39
 */
40
efi_element_handler_t get_handler_for_code_signing_keys(const efi_guid_t *sig_type);
41

42
/*
43
 * Return the handler for particular signature list types found in the dbx.
44
 */
45
efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type);
46

47
#endif
48

49
#ifndef UEFI_QUIRK_SKIP_CERT
50
#define UEFI_QUIRK_SKIP_CERT(vendor, product) \
51
		 .matches = { \
52
			DMI_MATCH(DMI_BOARD_VENDOR, vendor), \
53
			DMI_MATCH(DMI_PRODUCT_NAME, product), \
54
		},
55
#endif
56

57