At first reading, it seems to me that this case and PSARC 2008/195 "Validated Execution" are mutually exclusive. One of the purposes of that case (which has not integrated yet) is to ensure that, from system-boot up to the running userland, all code has been checked and validated before it is started.
On systems that contain a Trusted Platform Module, the TPM registers reflect the checksums of all validated pieces of the boot chain. The registers can be "extended" (hash over hash with particular values) to lead to certain values that can be used to unlock registers containing sensitive data. Restarting the kernel as proposed by this case will either run unverified code (at the vary least, not every step of the boot-process is checked sequentially anymore) or the registers used to record the validation will no longer unlock the registers containing the sensitive data needed to continue the boot process. I'm not sure what the regular process here is; either PSARC declares the functionality defined by these cases as excluding each other (which would be bad), or the teams need get together to see if the issues can be resolved. Joep
