Improved EFI binaries search and updated blacklist config (#131)

* Changes in calculating hashes of EFI binaries

Calculating hashes of actual .efi executable files (PE32/TE sections of
EFI binaries) rather than of entire EFI binaries.

There's still an option (WRITE_ALL_HASHES) to calculate hashes of entire
EFI binaries.

* Improved UEFI search and updated blacklist config

1. Updated EFI binaries search - searching only leaf nodes (PE/TE
executable sections)
2. Added exclusion criteria and improved JSON format
3. Changed tools.uefi.blacklist module to return a warning
4. Updated ThinkPwn rules in blacklist.json
- Updated config to match by GUID AND regexp of SmmRuntime protcol GUID
within the binary to skip binaries consuming SmmRuntime protcol
- Added exclusion rules for UEFI update images with patched
SystemSmmRuntimeRt.efi. Config excludes patched binaries from Lenovo and
HP. Tested on Intel, Lenovo, HP and Gigabyte images.