Complete some clean-ups as reqested from the last review as follow-ups
- Remove certificate from structure as no need to store it any more
- Clean up return code handling
- Moved freeing of signature to before admin object released (issue
seen in testing when unloading module)
- Minor code flow improvements
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/20220321180624.4761-1-markpearson@lenovo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Implementation of certificate authentication feature for Lenovo
platforms. This allows for signed updates of BIOS settings.
Functionality supported:
- Cert support available check. At initialisation check if BIOS
supports certification authentication and if a certificate is
installed. Enable the sysfs nodes appropriately
- certificate and signature authentication attributes to enable
a user to install, update and delete a certificate using signed
signatures
- certificate_thumbprint to confirm installed certificate details
- support to go from certificate to password based authentication
- signature and save_signature attributes needed for setting BIOS
attributes using certificate authentication.
Tested on X1 Carbon G10 and X1 Yoga G7. This feature is not
generally available yet but will be released later this year.
Note, I also cleaned up the formating of the GUIDs when I was adding
the new defines. Hope that's OK to combine in this commit.
Signed-off-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/20220317214008.3459-2-markpearson@lenovo.com
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
A Lenovo ThinkStation S20 (4157CTO BIOS 60KT41AUS) fails to boot on
recent kernels including the think-lmi driver, due to the fact that
errors returned by the tlmi_analyze() function are ignored by
tlmi_probe(), where tlmi_sysfs_init() is called unconditionally.
This results in making use of an array of already freed, non-null
pointers and other uninitialized globals, causing all sorts of nasty
kobject and memory faults.
Make use of the analyze function return value, free a couple leaked
allocations, and remove the settings_count field, which is incremented
but never consumed.
Fixes: a40cd7ef22 ("platform/x86: think-lmi: Add WMI interface support on Lenovo platforms")
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Reviewed-by: Mark Gross <markgross@kernel.org>
Reviewed-by: Mark Pearson <markpearson@lenovo.com>
Link: https://lore.kernel.org/r/163639463588.1330483.15850167112490200219.stgit@omen
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
