keyring_handler.h source code [linux/security/integrity/platform_certs/keyring_handler.h]

1	/ SPDX-License-Identifier: GPL-2.0 /
2
3	#ifndef PLATFORM_CERTS_INTERNAL_H
4	#define PLATFORM_CERTS_INTERNAL_H
5
6	#include <linux/efi.h>
7
8	void blacklist_hash(const char source, const* void *data,
9	size_t len, const char *type,
10	size_t type_len);
11
12	/*
13	* Blacklist an X509 TBS hash.
14	*/
15	void blacklist_x509_tbs(const char source, const* void *data, size_t len);
16
17	/*
18	* Blacklist the hash of an executable.
19	*/
20	void blacklist_binary(const char source, const* void *data, size_t len);
21
22	/*
23	* Return the handler for particular signature list types found in the db.
24	*/
25	efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type);
26
27	/*
28	* Return the handler for particular signature list types found in the mok.
29	*/
30	efi_element_handler_t get_handler_for_mok(const efi_guid_t *sig_type);
31
32	/*
33	* Return the handler for particular signature list types for CA keys.
34	*/
35	efi_element_handler_t get_handler_for_ca_keys(const efi_guid_t *sig_type);
36
37	/*
38	* Return the handler for particular signature list types for code signing keys.
39	*/
40	efi_element_handler_t get_handler_for_code_signing_keys(const efi_guid_t *sig_type);
41
42	/*
43	* Return the handler for particular signature list types found in the dbx.
44	*/
45	efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type);
46
47	#endif
48
49	#ifndef UEFI_QUIRK_SKIP_CERT
50	#define UEFI_QUIRK_SKIP_CERT(vendor, product) \
51	.matches = { \
52	DMI_MATCH(DMI_BOARD_VENDOR, vendor), \
53	DMI_MATCH(DMI_PRODUCT_NAME, product), \
54	},
55	#endif
56

source code of linux/security/integrity/platform_certs/keyring_handler.h