"Michael S. Tsirkin" <address@hidden>
wrote on 03/31/2013 04:17:28 AM:
>
> You want to protect against someone who is able to
> manipulate some bits in the file (content) but not others (hash)?
> What's the attack you are trying to protect against here?
>
> I'm guessing the only result of extra checksums would be
> unbootable guests when qemu manages to corrupt the checksum
> without any help from attackers ...
You are of course correct. I advised an integrity
value just to detect a hardware or software fault. The check value
would not protect against an attack.