Add a disclaimer about the current security status

This commit is contained in:
Julian Stecklina 2022-11-23 14:11:24 +01:00
parent fe3d4015ba
commit 8559bf664e
1 changed files with 4 additions and 0 deletions

View File

@ -1,5 +1,9 @@
//! This module implements the protocols to hand an initrd to the
//! Linux kernel.
//!
//! XXX The initrd signature validation is vulnerable to TOCTOU,
//! because we read the initrd multiple times. The code needs to be
//! restructured to solve this.
use core::{ffi::c_void, ops::Range, pin::Pin, ptr::slice_from_raw_parts_mut};