Currently,　most　of　the　fie　encryption　systems　are　implemented　in　software　for　the　foundation.　Once　the　key　was　cracked,　the　encryption　system　fails　completely.　With　hacking　techniques　becoming　more　sophisticated,　traditional　software　encryption　alone　cannot　guarantee　the　security　of　sensitive　data.　This　paper　introduces　a　trust　storage　system　based　on　a　security　hardware,　which　implements　the　disk　encryption　based　on　partition,　utilizing　the　device　mapper　mechanism.　Meanwhile,　a　secure　hardware,　Trusted　Cryptography　Module　(TCM)　([1])　provides　security　support　from　the　hardware　layer,　greatly　increasing　the　crack　difficulty.　As　a　result,　effectively　enhance　the　security　of　sensitive　data.