How to enforce verified boot policy on SuperCluster M7 and M8 (Doc ID 2827594.1)

Last updated on MARCH 16, 2023

Applies to:

Oracle SuperCluster Specific Software
Oracle SuperCluster M7 Hardware
Oracle SuperCluster M8 Hardware
Oracle Solaris on SPARC (64-bit)

Purpose

This document describes how to enforce the verified boot policy on SuperCluster M7 and M8 so that the boot process is aborted when the Solaris boot block or kernel modules fail signature verification. This is a useful security feature that prevents boot in the case of accidental or malicious modification of a kernel module.

Scope

This document applies only to the use of enforced verified boot on SuperCluster M7 and M8 (boot_policy=enforce). It does not apply to situations where verified boot is not enforced (boot_policy=warning or none). It also does not apply to generic SPARC systems or other SuperCluster platforms (T4, T5 & M6). Use the standard product documentation to enforce verified boot policy for generic SPARC systems or other SuperCluster platforms (T4, T5 & M6).

Details

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Purpose

Scope

Details

1. Background

2. Solution

References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

How to enforce verified boot policy on SuperCluster M7 and M8 (Doc ID 2827594.1)

Applies to:

Purpose

Scope

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!