Go to main content
Oracle® VM Server for SPARC 3.4 Administration Guide

Exit Print View

Updated: August 2016

Using Verified Boot

The Logical Domains Manager uses the Oracle Solaris OS verified boot technology to verify the digital signature of kernel modules at boot time. Signature verification occurs silently unless the verified boot policies are enabled. Depending on the boot-policy value, a guest domain might not boot if the kernel module is not signed with Oracle Solaris release certificate files or is corrupted.

Use the ldm add-domain or ldm set-domain command to specify the values for the boot-policy and module-policy properties. See the ldm(1M) man page.

    To use this feature, your system must run at least the following versions of the system firmware and operating system:

  • System firmware – Version 9.5.0 for Oracle SPARC servers, any released version for SPARC S7 series servers, and XCP 2280 for Fujitsu M10 servers

  • Operating system – Oracle Solaris 11.2 OS

Note - By default, any domain created by using a version of Oracle VM Server for SPARC earlier than 3.4 sets boot-policy=warning. This setting results in warning messages being issued while the domain boots after an Oracle VM Server for SPARC update if the kernel module is unsigned or corrupted.