From nobody Fri Oct 3 21:55:28 2025 Received: from fout-b5-smtp.messagingengine.com (fout-b5-smtp.messagingengine.com [202.12.124.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C06CE2FF16B; Mon, 25 Aug 2025 16:56:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=202.12.124.148 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756140998; cv=none; b=h/BjpCpsN7Y1qTNJQ1X2TCvSe+Q+uOMn9FWaC2JdpoSlKPDpJspdbr2mGp+uj/NSdnPlPN4aCd+SpQYnVFKs9qHbiEYuGevLsBOqUuO+t4Tx85/y+G1f/Cg84OkWSyn/re7PCydfXCj+6j4IjNUBiYBREvmtKDGGT4eJQRzsde4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756140998; c=relaxed/simple; bh=0CKQ+HiIpcOjfGTKn9xemIjeWRCF7OV3Phw3v3rUDtQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=nxy165W5AbwoqopR/PgRl+N9ebQFoiH+lC7fAfq9Z5HpaxD8IYcV4l13Syf+gWvpxo0fu30CxZFv421yoDde1GqbwJfJUNskDlYYJjZucd21m+8v2tYjm757+9MIwO/4/ua0FeQLmOSaO5M8magN+Xmz5Hah9n9kTlqJjx2iuwQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=squebb.ca; spf=pass smtp.mailfrom=squebb.ca; dkim=pass (2048-bit key) header.d=squebb.ca header.i=@squebb.ca header.b=J9ukY072; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b=ZTe+hN8Q; arc=none smtp.client-ip=202.12.124.148 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=squebb.ca Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=squebb.ca Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=squebb.ca header.i=@squebb.ca header.b="J9ukY072"; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="ZTe+hN8Q" Received: from phl-compute-04.internal (phl-compute-04.internal [10.202.2.44]) by mailfout.stl.internal (Postfix) with ESMTP id A470C1D00130; Mon, 25 Aug 2025 12:56:35 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-04.internal (MEProxy); Mon, 25 Aug 2025 12:56:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=squebb.ca; h=cc :cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm1; t=1756140995; x=1756227395; bh=Z7BYEGbcNllw0Okwu42rG92hr8/EoIoLIMPmKkFKybo=; b= J9ukY072EfFoN/JgtgD7BHPFPnvEuIFS7nhzr90VyscXk/xAY/Syyc6JVH0KYyz0 K0MzLltlGEKm23m7XTN2PM7VeTAsvCH/HA/e2tSpQfYJQydw70NE6vEfEM4BQ9+Y Fgoo0Dr7VlZvEaoOjEUNtK7TqIHM8phdKEAto5+8iSwM+ehjD8/BWqEVdriS+cPP s4WAxHo6cFrerKYjerfQcK5x4uA86R9Y+VLibgBdft3q5x0X13s2yyLG7Xd6bfly y46IOANdcbdK7ISGKIUPWm7jYflTkyeXTVC0WyiYgPwJ867Z0qS4mzj+koU3L1iz zHs2fXpIlpz217j8MRwznQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1756140995; x= 1756227395; bh=Z7BYEGbcNllw0Okwu42rG92hr8/EoIoLIMPmKkFKybo=; b=Z Te+hN8QcKacDpwBlEj9tATXNbkmWR9VpKYEp61/fgrV+JeJlxxL4s0UyTx5Q6JKF R+shEuWcjCpQg2W1XKZ6wqyCKNOhkoAljCIbKBeZn1n0/p7u2ANS+7UDgjNxqf21 fsd+VKE8Gd3TLUfJbbGk5Q40U71CXLdX7yoJZDjD45KdtcXTMOszGbXnU1O1tAOJ ryoTECqRHAGtQFlUe9yYzypgM0JtMpVXENSdWqFQYTJm2UnzKdS/NmFV5egwm5TC N2F1fIrihDUeExgYANovQYqbR9rEd8T6xQ7xmv7MAFbBdgbQybW9o6hC06EjeVU+ sAleG8h7yyabSmyQzhgfw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdefgddujedvledvucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucgoteeftdduqddtudculdduhedmnecujfgurhephffvve fufffkofgjfhggtgfgsehtkeertdertdejnecuhfhrohhmpeforghrkhcurfgvrghrshho nhcuoehmphgvrghrshhonhdqlhgvnhhovhhosehsqhhuvggssgdrtggrqeenucggtffrrg htthgvrhhnpeffffefudeuueduueduhfefkeeiueeihfdukeeuffekfffhheeigfehveek hefhhfenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpe hmphgvrghrshhonhdqlhgvnhhovhhosehsqhhuvggssgdrtggrpdhnsggprhgtphhtthho peeipdhmohguvgepshhmthhpohhuthdprhgtphhtthhopehmphgvrghrshhonhdqlhgvnh hovhhosehsqhhuvggssgdrtggrpdhrtghpthhtohepihhlphhordhjrghrvhhinhgvnhes lhhinhhugidrihhnthgvlhdrtghomhdprhgtphhtthhopehhrghnshhgsehkvghrnhgvlh drohhrghdprhgtphhtthhopehkvggrnhdttdegkeesghhmrghilhdrtghomhdprhgtphht thhopehplhgrthhfohhrmhdqughrihhvvghrqdigkeeisehvghgvrhdrkhgvrhhnvghlrd horhhgpdhrtghpthhtoheplhhinhhugidqkhgvrhhnvghlsehvghgvrhdrkhgvrhhnvghl rdhorhhg X-ME-Proxy: Feedback-ID: ibe194615:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 25 Aug 2025 12:56:34 -0400 (EDT) From: Mark Pearson To: mpearson-lenovo@squebb.ca Cc: ilpo.jarvinen@linux.intel.com, hansg@kernel.org, kean0048@gmail.com, platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v3 1/3] platform/x86: think-lmi: Add certificate GUID structure Date: Mon, 25 Aug 2025 12:03:36 -0400 Message-ID: <20250825160351.971852-2-mpearson-lenovo@squebb.ca> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250825160351.971852-1-mpearson-lenovo@squebb.ca> References: <20250825160351.971852-1-mpearson-lenovo@squebb.ca> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Add a certificate GUID structure to make it easier to add different options for other platforms that need different GUIDs. Suggested-by: Ilpo J=C3=A4rvinen Signed-off-by: Mark Pearson --- Changes in v2: - split patch up into series Changes in v3: - add field details to thinkpad_cert_guid declare. - add missing comma - Move null thumbprint GUID check to later in series drivers/platform/x86/lenovo/think-lmi.c | 38 +++++++++++++++++++------ 1 file changed, 30 insertions(+), 8 deletions(-) diff --git a/drivers/platform/x86/lenovo/think-lmi.c b/drivers/platform/x86= /lenovo/think-lmi.c index 0992b41b6221..a22d25f6d3c6 100644 --- a/drivers/platform/x86/lenovo/think-lmi.c +++ b/drivers/platform/x86/lenovo/think-lmi.c @@ -177,6 +177,28 @@ MODULE_PARM_DESC(debug_support, "Enable debug command = support"); #define TLMI_CERT_SVC BIT(7) /* Admin Certificate Based */ #define TLMI_CERT_SMC BIT(8) /* System Certificate Based */ =20 +struct tlmi_cert_guids { + char *thumbprint; + char *set_bios_setting; + char *save_bios_setting; + char *cert_to_password; + char *clear_bios_cert; + char *update_bios_cert; + char *set_bios_cert; +}; + +static struct tlmi_cert_guids thinkpad_cert_guid =3D { + .thumbprint =3D LENOVO_CERT_THUMBPRINT_GUID, + .set_bios_setting =3D LENOVO_SET_BIOS_SETTING_CERT_GUID, + .save_bios_setting =3D LENOVO_SAVE_BIOS_SETTING_CERT_GUID, + .cert_to_password =3D LENOVO_CERT_TO_PASSWORD_GUID, + .clear_bios_cert =3D LENOVO_CLEAR_BIOS_CERT_GUID, + .update_bios_cert =3D LENOVO_UPDATE_BIOS_CERT_GUID, + .set_bios_cert =3D LENOVO_SET_BIOS_CERT_GUID, +}; + +static struct tlmi_cert_guids *cert_guid =3D &thinkpad_cert_guid; + static const struct tlmi_err_codes tlmi_errs[] =3D { {"Success", 0}, {"Not Supported", -EOPNOTSUPP}, @@ -668,7 +690,7 @@ static ssize_t cert_thumbprint(char *buf, const char *a= rg, int count) const union acpi_object *obj; acpi_status status; =20 - status =3D wmi_evaluate_method(LENOVO_CERT_THUMBPRINT_GUID, 0, 0, &input,= &output); + status =3D wmi_evaluate_method(cert_guid->thumbprint, 0, 0, &input, &outp= ut); if (ACPI_FAILURE(status)) { kfree(output.pointer); return -EIO; @@ -751,7 +773,7 @@ static ssize_t cert_to_password_store(struct kobject *k= obj, kfree_sensitive(passwd); return -ENOMEM; } - ret =3D tlmi_simple_call(LENOVO_CERT_TO_PASSWORD_GUID, auth_str); + ret =3D tlmi_simple_call(cert_guid->cert_to_password, auth_str); kfree(auth_str); kfree_sensitive(passwd); =20 @@ -797,7 +819,7 @@ static ssize_t certificate_store(struct kobject *kobj, if (!auth_str) return -ENOMEM; =20 - ret =3D tlmi_simple_call(LENOVO_CLEAR_BIOS_CERT_GUID, auth_str); + ret =3D tlmi_simple_call(cert_guid->clear_bios_cert, auth_str); kfree(auth_str); =20 return ret ?: count; @@ -834,7 +856,7 @@ static ssize_t certificate_store(struct kobject *kobj, kfree(new_cert); return -EACCES; } - guid =3D LENOVO_UPDATE_BIOS_CERT_GUID; + guid =3D cert_guid->update_bios_cert; /* Format: 'Certificate,Signature' */ auth_str =3D cert_command(setting, new_cert, signature); } else { @@ -845,7 +867,7 @@ static ssize_t certificate_store(struct kobject *kobj, kfree(new_cert); return -EACCES; } - guid =3D LENOVO_SET_BIOS_CERT_GUID; + guid =3D cert_guid->set_bios_cert; /* Format: 'Certificate, password' */ auth_str =3D cert_command(setting, new_cert, setting->password); } @@ -1071,13 +1093,13 @@ static ssize_t current_value_store(struct kobject *= kobj, goto out; } =20 - ret =3D tlmi_simple_call(LENOVO_SET_BIOS_SETTING_CERT_GUID, set_str); + ret =3D tlmi_simple_call(cert_guid->set_bios_setting, set_str); if (ret) goto out; if (tlmi_priv.save_mode =3D=3D TLMI_SAVE_BULK) tlmi_priv.save_required =3D true; else - ret =3D tlmi_simple_call(LENOVO_SAVE_BIOS_SETTING_CERT_GUID, + ret =3D tlmi_simple_call(cert_guid->save_bios_setting, tlmi_priv.pwd_admin->save_signature); } else if (tlmi_priv.opcode_support) { /* @@ -1282,7 +1304,7 @@ static ssize_t save_settings_store(struct kobject *ko= bj, struct kobj_attribute * ret =3D -EINVAL; goto out; } - ret =3D tlmi_simple_call(LENOVO_SAVE_BIOS_SETTING_CERT_GUID, + ret =3D tlmi_simple_call(cert_guid->save_bios_setting, tlmi_priv.pwd_admin->save_signature); if (ret) goto out; --=20 2.43.0