Skip to content

Poor error reporting for lockdown kernel mode failures (cannot set CC mode when secure boot is enabled) #12

New issue
New issue
Open
Open
Poor error reporting for lockdown kernel mode failures (cannot set CC mode when secure boot is enabled)#12
@tmagik

Description

@tmagik
tmagik
opened on Aug 23, 2025

It appears these tools do not work or gracefully report a useful error message if secure boot and the kernel lockdown=integrity option is enabled.

The relevant error output from
sudo ./nvidia_gpu_tools.py --gpu-bdf 0000:18 --query-cc-mode

is the following:

2025-08-23,22:03:14.042 ERROR    Device /sys/bus/pci/devices/0000:18:00.0 broken [Errno 1] Operation not permitted
Topo:
  Intel root port 0000:15:01.0
   PciBridge 0000:16:00.0 c030:1000
    PciBridge 0000:17:00.0 c030:1000
     GPU 0000:18:00.0 ? 0x2335 BAR0 0x19c042000000
     GPU 0000:18:00.0 [broken, cfg space working 1 bars configured 1]
2025-08-23,22:03:14.043 INFO     Selected GPU 0000:18:00.0 [broken, cfg space working 1 bars configured 1]
Traceback (most recent call last):

If you look in kernel logs, you can also find this:
Lockdown: python3: direct PCI access is restricted; see man kernel_lockdown.7

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions