diff --git a/AppArmorInSystemd.md b/AppArmorInSystemd.md
index e6c9dbd..e7e3164 100644
--- a/AppArmorInSystemd.md
+++ b/AppArmorInSystemd.md
@@ -93,6 +93,8 @@ tasks entering the unconfined state. The start will then load new
 policy however all tasks in the system will remain unconfined, only
 tasks start after the start operation will gain the new confinement.
 
+The upstream `apparmor.service` has intentionally broken `stop`. Using `restart` on distributions that use the upstream unit (for example openSUSE) isn't a problem. However, you'll need to use `aa-teardown` if you really want to unload all AppArmor profiles.
+
 Using systemd to set the apparmor profile/label
 ===============================================