platform/x86: think-lmi: Add certificate GUID structure

#define TLMI_CERT_SVC BIT(7) /* Admin Certificate Based */

#define TLMI_CERT_SMC BIT(8) /* System Certificate Based */

static const struct tlmi_cert_guids thinkpad_cert_guid = {

	.thumbprint = LENOVO_CERT_THUMBPRINT_GUID,

	.set_bios_setting = LENOVO_SET_BIOS_SETTING_CERT_GUID,

	.save_bios_setting = LENOVO_SAVE_BIOS_SETTING_CERT_GUID,

	.cert_to_password = LENOVO_CERT_TO_PASSWORD_GUID,

	.clear_bios_cert = LENOVO_CLEAR_BIOS_CERT_GUID,

	.update_bios_cert = LENOVO_UPDATE_BIOS_CERT_GUID,

	.set_bios_cert = LENOVO_SET_BIOS_CERT_GUID,

};

static const struct tlmi_err_codes tlmi_errs[] = {

	{"Success", 0},

	{"Not Supported", -EOPNOTSUPP},

	const union acpi_object *obj;

	acpi_status status;

	status = wmi_evaluate_method(LENOVO_CERT_THUMBPRINT_GUID, 0, 0, &input, &output);

	status = wmi_evaluate_method(tlmi_priv.cert_guid->thumbprint, 0, 0, &input, &output);

	if (ACPI_FAILURE(status)) {

		kfree(output.pointer);

		return -EIO;

		kfree_sensitive(passwd);

		return -ENOMEM;

	}

	ret = tlmi_simple_call(LENOVO_CERT_TO_PASSWORD_GUID, auth_str);

	ret = tlmi_simple_call(tlmi_priv.cert_guid->cert_to_password, auth_str);

	kfree(auth_str);

	kfree_sensitive(passwd);

	char *auth_str, *new_cert;

	const char *serial;

	char *signature;

	char *guid;

	const char *guid;

	int ret;

	if (!capable(CAP_SYS_ADMIN))

		if (!auth_str)

			return -ENOMEM;

		ret = tlmi_simple_call(LENOVO_CLEAR_BIOS_CERT_GUID, auth_str);

		ret = tlmi_simple_call(tlmi_priv.cert_guid->clear_bios_cert, auth_str);

		kfree(auth_str);

		return ret ?: count;

			kfree(new_cert);

			return -EACCES;

		}

		guid = LENOVO_UPDATE_BIOS_CERT_GUID;

		guid = tlmi_priv.cert_guid->update_bios_cert;

		/* Format: 'Certificate,Signature' */

		auth_str = cert_command(setting, new_cert, signature);

	} else {

			kfree(new_cert);

			return -EACCES;

		}

		guid = LENOVO_SET_BIOS_CERT_GUID;

		guid = tlmi_priv.cert_guid->set_bios_cert;

		/* Format: 'Certificate, password' */

		auth_str = cert_command(setting, new_cert, setting->password);

	}

			goto out;

		}

		ret = tlmi_simple_call(LENOVO_SET_BIOS_SETTING_CERT_GUID, set_str);

		ret = tlmi_simple_call(tlmi_priv.cert_guid->set_bios_setting, set_str);

		if (ret)

			goto out;

		if (tlmi_priv.save_mode == TLMI_SAVE_BULK)

			tlmi_priv.save_required = true;

		else

			ret = tlmi_simple_call(LENOVO_SAVE_BIOS_SETTING_CERT_GUID,

			ret = tlmi_simple_call(tlmi_priv.cert_guid->save_bios_setting,

					       tlmi_priv.pwd_admin->save_signature);

	} else if (tlmi_priv.opcode_support) {

		/*

				ret = -EINVAL;

				goto out;

			}

			ret = tlmi_simple_call(LENOVO_SAVE_BIOS_SETTING_CERT_GUID,

			ret = tlmi_simple_call(tlmi_priv.cert_guid->save_bios_setting,

					       tlmi_priv.pwd_admin->save_signature);

			if (ret)

				goto out;

	}

	if (tlmi_priv.certificate_support) {

		tlmi_priv.cert_guid = &thinkpad_cert_guid;

		tlmi_priv.pwd_admin->cert_installed =

			tlmi_priv.pwdcfg.core.password_state & TLMI_CERT_SVC;

		tlmi_priv.pwd_system->cert_installed =

	TLMI_SAVE_SAVE,

};

/* GUIDs can differ between platforms */

struct tlmi_cert_guids {

	const char *thumbprint;

	const char *set_bios_setting;

	const char *save_bios_setting;

	const char *cert_to_password;

	const char *clear_bios_cert;

	const char *update_bios_cert;

	const char *set_bios_cert;

};

/* password configuration details */

#define TLMI_PWDCFG_MODE_LEGACY    0

#define TLMI_PWDCFG_MODE_PASSWORD  1

	struct tlmi_pwd_setting *pwd_system;

	struct tlmi_pwd_setting *pwd_hdd;

	struct tlmi_pwd_setting *pwd_nvme;

	const struct tlmi_cert_guids *cert_guid;

};

#endif /* !_THINK_LMI_H_ */