diff --git a/internal/utils/common.go b/internal/utils/common.go
index ecc4fe6..15fe565 100644
--- a/internal/utils/common.go
+++ b/internal/utils/common.go
@@ -135,6 +135,26 @@ func GetTarget(dryRun bool) (string, string, error) {
 	return imgs[0], label, nil
 }
 
+// RebootOrWait will reboot the system or wait forever.
+// It will print the error message before rebooting/waiting
+// If the rd.immucore.rebootonfailure is set in the cmdline, it will reboot.
+// If not, it will wait forever.
+// If the error is not nil it will log it.
+func RebootOrWait(msg string, err error) {
+	if err != nil {
+		Log.Error().Err(err).Msg(msg)
+	}
+	if len(ReadCMDLineArg("rd.immucore.rebootonfailure")) > 0 {
+		Log.Warn().Msg(fmt.Sprintf("%s - Rebooting in 10 seconds", msg))
+		time.Sleep(10 * time.Second)
+		_ = syscall.Reboot(syscall.LINUX_REBOOT_CMD_RESTART)
+	}
+	Log.Warn().Msg(fmt.Sprintf("%s - Halting boot", msg))
+	// Sleep forever.
+	// We dont want to exit and print panics or kernel panic, so we print our message and wait for the user to ctrl+alt+del
+	select {}
+}
+
 // DisableImmucore identifies if we need to be disabled
 // We disable if we boot from CD, netboot, squashfs recovery or have the rd.cos.disable stanza in cmdline.
 func DisableImmucore() bool {
diff --git a/pkg/state/steps_uki.go b/pkg/state/steps_uki.go
index 7467f4e..b2d0ca4 100644
--- a/pkg/state/steps_uki.go
+++ b/pkg/state/steps_uki.go
@@ -160,10 +160,7 @@ func (s *State) UKIMountBaseSystem(g *herd.Graph) error {
 
 				// Now that we have all the mounts, check if we got secureboot enabled
 				if !efi.GetSecureBoot() && len(internalUtils.ReadCMDLineArg("rd.immucore.securebootdisabled")) == 0 {
-					internalUtils.Log.Error().Msg("Secure boot is not enabled. Aborting boot.")
-					// Sleep forever.
-					// We dont want to exit and print panics or kernel panic, so we print our message and wait for the user to ctrl+alt+del
-					select {}
+					internalUtils.RebootOrWait("Secure boot is not enabled", nil)
 				}
 				return err
 			},
@@ -396,11 +393,7 @@ func (s *State) UKIUnlock(g *herd.Graph, opts ...herd.OpOption) error {
 		internalUtils.Log.Debug().Msg("Will now try to unlock partitions")
 		err := kcrypt.UnlockAllWithLogger(true, internalUtils.Log)
 		if err != nil {
-			internalUtils.Log.Info().Msg(s.WriteDAG(g))
-			internalUtils.Log.Err(err).Msg("Unlocking partitions")
-			internalUtils.Log.Warn().Msg("Unlocking partitions failed, waiting 10 seconds and rebooting")
-			time.Sleep(10 * time.Second)
-			return syscall.Reboot(syscall.LINUX_REBOOT_CMD_RESTART)
+			internalUtils.RebootOrWait("Unlocking partitions failed", err)
 		}
 		return nil
 	}))...)