efi_init_secure_state() calls efi_transfer_secure_state() which may delete variable "PK" which will result in calling efi_init_secure_state() again.
Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com> --- v2: no change --- lib/efi_loader/efi_var_common.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/efi_loader/efi_var_common.c b/lib/efi_loader/efi_var_common.c index 3d92afe2eb..654ce81f9d 100644 --- a/lib/efi_loader/efi_var_common.c +++ b/lib/efi_loader/efi_var_common.c @@ -314,11 +314,15 @@ err: efi_status_t efi_init_secure_state(void) { + static bool lock; enum efi_secure_mode mode = EFI_MODE_SETUP; u8 efi_vendor_keys = 0; efi_uintn_t size = 0; efi_status_t ret; + if (lock) + return EFI_SUCCESS; + ret = efi_get_variable_int(L"PK", &efi_global_variable_guid, NULL, &size, NULL, NULL); if (ret == EFI_BUFFER_TOO_SMALL) { @@ -326,7 +330,9 @@ efi_status_t efi_init_secure_state(void) mode = EFI_MODE_USER; } + lock = true; ret = efi_transfer_secure_state(mode); + lock = false; if (ret != EFI_SUCCESS) return ret; -- 2.30.2