If the ShimRetainProtocol variable is set, avoid uninstalling our protocol.
For example, this allows sd-stub in a UKI to use the shim protocol to validate PE binaries, even if it is executed by a second stage, before the kernel is loaded.
Tested in combination with the above PR in qemu/ovmf/edk2, seems to work as expected. Happy to change the variable name to anything else if there are preferences.
If the ShimRetainProtocol variable is set, avoid uninstalling our protocol. For example, this allows sd-stub in a UKI to use the shim protocol to validate PE binaries, even if it is executed by a second stage, before the kernel is loaded.
Example use case in sd-boot/sd-stub:
https://github.com/systemd/systemd/pull/27358
Tested in combination with the above PR in qemu/ovmf/edk2, seems to work as expected. Happy to change the variable name to anything else if there are preferences.