Skip to main content

14.8.1 Basics of Verified Boot

14.8.1 Basics of Verified Boot
Verified boot is a function that secures the SPARC M12/M10 from threats that can be present in drivers, modules, or other programs loaded when Oracle Solaris is started.
The boot process of a system is verified and secured from the following threats:
- Damaging a kernel module

- Inserting a malicious program (Trojan horse virus, spyware, rootkit, etc.) that pretends to be a legitimate kernel module, or replacing a program with such a program

- Loading an unapproved third-party kernel module
Oracle Solaris 11.2 provides two types of methods for configuring the verified boot function: using an XSCF and using Oracle Solaris. In Oracle Solaris 11.3 or later, only the configuration method using an XSCF is available.
This section describes the method for configuring the function with an XSCF. For the method for configuring the function with Oracle Solaris, see "How to Enable Verified Boot on Legacy SPARC Systems and x86 Systems" in the Securing Systems and Attached Devices in Oracle Solaris 11.2 of Oracle Solaris.