On Thu, Sep 29, 2011 at 04:33:52PM +0300, Kasatkin, Dmitry wrote:

quoted

quoted

There is work currently being done to add checksums for detecting filesystem corruption (see list archive). However, if the attacker can binary edit the underlying disk device then they can also edit the checksums (crc32c) at the same time.

The only secure way to handle this would be a crypto checksum with a secret key.

Can you please give me some links to it????

Darrick Wong has been sending patches to the linux-ext4 mailing for
review to use crc32c to protect various parts of the file system
metadata.

There has been no work to the "crypto checksum with a secret key" bit;
the hard part is where you would securely store the secret key so that
only a trusted kernel has access to it.

       	    	   	   	      - Ted