At boot, a TCG-standard Opal self-encrypting drive can present a preboot program for authentication and then unlock itself and continue the boot sequence. By specification, for security it will automatically lock itself when reset, for instance whenever power is lost. This allows booting off a secure external USB drive. Unfortunately, starting with macOS Monterey, during the boot sequence, the OS is reseting the USB tree in such a way that the very drive being booted from is locked. Without connecting instruments and just looking at the LEDs, it appears that the USB tree power may perhaps be being cycled off and on, a pretty hard reset.
- One could consider performing a hard reset on the drive hosting the file system with the kernel etc during boot to be a probabilistic bug.
- Is there a way to tame this behavior? Anything from naming the particular USB device to be protected, to a flag setting for just not doing this to the USB tree all?
Help?