Re: [PATCH 0/1] MR6138: crypt32: When importing certificates to Root store set 'done' flag before entering semaphore.

I'd guess that the CSP is probably loaded to verify a certificate's signature. 'done' flag is also set to TRUE on every failure case in that code path, so an argument that something may go wrong is the root store isn't initialized doesn't sound too convincing IMHO. Perhaps using a critical section instead of a semaphore would solve the scenario you've described, and for the deadlock we should check the recursion count of a critical section.