How to enforce verified boot policy on SuperCluster M7 and M8
(Doc ID 2827594.1)
Last updated on MARCH 16, 2023
Applies to:
Oracle SuperCluster Specific SoftwareOracle SuperCluster M7 Hardware
Oracle SuperCluster M8 Hardware
Oracle Solaris on SPARC (64-bit)
Purpose
This document describes how to enforce the verified boot policy on SuperCluster M7 and M8 so that the boot process is aborted when the Solaris boot block or kernel modules fail signature verification. This is a useful security feature that prevents boot in the case of accidental or malicious modification of a kernel module.
Scope
This document applies only to the use of enforced verified boot on SuperCluster M7 and M8 (boot_policy=enforce). It does not apply to situations where verified boot is not enforced (boot_policy=warning or none). It also does not apply to generic SPARC systems or other SuperCluster platforms (T4, T5 & M6). Use the standard product documentation to enforce verified boot policy for generic SPARC systems or other SuperCluster platforms (T4, T5 & M6).
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Purpose |
Scope |
Details |
1. Background |
2. Solution |
References |