From 8559bf664eedac06d8344f4c717d6c6854599314 Mon Sep 17 00:00:00 2001 From: Julian Stecklina Date: Wed, 23 Nov 2022 14:11:24 +0100 Subject: [PATCH] Add a disclaimer about the current security status --- rust/lanzaboote/src/linux_loader.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/rust/lanzaboote/src/linux_loader.rs b/rust/lanzaboote/src/linux_loader.rs index 32feb54..fd3c6f1 100644 --- a/rust/lanzaboote/src/linux_loader.rs +++ b/rust/lanzaboote/src/linux_loader.rs @@ -1,5 +1,9 @@ //! This module implements the protocols to hand an initrd to the //! Linux kernel. +//! +//! XXX The initrd signature validation is vulnerable to TOCTOU, +//! because we read the initrd multiple times. The code needs to be +//! restructured to solve this. use core::{ffi::c_void, ops::Range, pin::Pin, ptr::slice_from_raw_parts_mut};