[CentOS] Question: KVM Config C8

Tue Nov 12 14:13:07 UTC 2019
Jonathan Billings <billings at negate.org>

On Tue, Nov 12, 2019 at 09:28:05AM +0100, Fabian Arrotin wrote:
> Well, without giving any detail, and so under the assumption that we all
> know what you're talking about, that will be difficult for people on
> this list to answer your question (and statement) :)
> Can you so give us first :
> - details about what you mean by "broken kvm installation (uefi)"
> - link to bug report that confirms such statement about something broken
> - eventually links to list archives if you already mentioned it

I'm aware of this problem.  Basically, around RHEL 7.3, the OVMF
package (which provides the UEFI firmware) was updated to support
Secure Boot, which it didn't previously.

https://access.redhat.com/errata/RHBA-2016:2608

Unfortunately, the new firmware didn't support the kvm provided by
CentOS, it was built to support qemu-kvm-rhev, which isn't distributed
as part of CentOS (iirc).  Since UEFI boot in KVM was always listed as
a Tech Preview, it wasn't really considered something that broke
everything:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/7.7_release_notes/index

"The Open Virtual Machine Firmware (OVMF) is available as a Technology
Preview in Red Hat Enterprise Linux 7. OVMF is a UEFI secure boot
environment for AMD64 and Intel 64 guests. However, OVMF is not
bootable with virtualization components available in RHEL 7. Note that
OVMF is fully supported in RHEL 8. "

According to the release notes for 8.0 (which should include CentOS
8), qemu-kvm supports UEFI guest boot.  You probably need to make sure
you have the edk2-ovmf.noarch firmware package installed to use it.

-- 
Jonathan Billings <billings at negate.org>