On Wed, May 22, 2019 at 04:19 AM, Tomas Pilar (tpilar) wrote:

Hi Pavan,

 

I am currently playing around with setting up a OVMF based test framework myself. You likely need to tell qemu to use OVMF as it’s firmware. I attach my current working libvirt XML file for creating UEFI VMs (diskless) – note the <loader> and the <nvram> elements within the <os> element.

 

You want to add a disk sourced from the qcow image and that should work.

 

Cheers,

Tom

 

From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Pavan Kumar Aravapalli
Sent: 22 May 2019 12:02
To: Devel EDK2 <devel@edk2.groups.io>
Subject: [edk2-devel] Help needed in building UEFI qcow2 images

 

Hi, 

 

[re-posting the question]

 

I am looking for information/documentation which helps me in enabling UEFI boot to the existing (KVM)VM template. I am trying for CentOS 6.5(64-bit) no GUI 64-bit (KVM) template. 

 

 

I found some images available over https://www.kraxel.org/repos/images/ with fedora os, but I am looking for uefi enabled Cent OS template. It would be helpfull if any documentation or steps provided for the same.

 

 

Regards, 

Pavan.

DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the property of Accelerite, a Persistent Systems business. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Accelerite, a Persistent Systems business does not accept any liability for virus infected mails.

 


 Hi Tomas, 

Thanks for your response, I have already found  a way to boot a Guest VM to boot using image https://www.kraxel.org/repos/images/fedora-29-efi-systemd-x86_64.qcow2.xz . 
I have attached the domain dump xml file with this mail attachment[normal-vm.xml].

And Sorry for the lengthy message for the following , Let me write up all my questions here . It would be more helpful if you can point me to fix or resolve the following. 

Actually i am struggling to done below two items 
  1.  We have CentOS flavoured qcow2 image which is used to boot Guest VM's in Apache CloudStack. We are trying to enable these CentOS qcow2 images with UEFI support.  I found '.EFI' file inside fedora-29-efi-systemd-x86_64.qcow2.xz image. How can i do the same thing for CentOS images. 
  2. I have been struggling to secure boot Guest VM using UEFI.  I have enclosed my secure boot domain dumpxml [secure-vm.xml]with this mail too. When i try to boot with this xml i am  ended up with an Exception . I have attached the error screen shot too . 

I don't know, what could be wrong in Environment.  here is my Host Environment details

[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)

[root@localhost ~]# /usr/libexec/qemu-kvm --machine help
Supported machines are:
pc                   RHEL 7.6.0 PC (i440FX + PIIX, 1996) (alias of pc-i440fx-rhel7.6.0)
pc-i440fx-rhel7.6.0  RHEL 7.6.0 PC (i440FX + PIIX, 1996) (default)
pc-i440fx-rhel7.5.0  RHEL 7.5.0 PC (i440FX + PIIX, 1996)
pc-i440fx-rhel7.4.0  RHEL 7.4.0 PC (i440FX + PIIX, 1996)
pc-i440fx-rhel7.3.0  RHEL 7.3.0 PC (i440FX + PIIX, 1996)
pc-i440fx-rhel7.2.0  RHEL 7.2.0 PC (i440FX + PIIX, 1996)
pc-i440fx-rhel7.1.0  RHEL 7.1.0 PC (i440FX + PIIX, 1996)
pc-i440fx-rhel7.0.0  RHEL 7.0.0 PC (i440FX + PIIX, 1996)
rhel6.6.0            RHEL 6.6.0 PC
rhel6.5.0            RHEL 6.5.0 PC
rhel6.4.0            RHEL 6.4.0 PC
rhel6.3.0            RHEL 6.3.0 PC
rhel6.2.0            RHEL 6.2.0 PC
rhel6.1.0            RHEL 6.1.0 PC
rhel6.0.0            RHEL 6.0.0 PC
q35                  RHEL-7.6.0 PC (Q35 + ICH9, 2009) (alias of pc-q35-rhel7.6.0)
pc-q35-rhel7.6.0     RHEL-7.6.0 PC (Q35 + ICH9, 2009)
pc-q35-rhel7.5.0     RHEL-7.5.0 PC (Q35 + ICH9, 2009)
pc-q35-rhel7.4.0     RHEL-7.4.0 PC (Q35 + ICH9, 2009)
pc-q35-rhel7.3.0     RHEL-7.3.0 PC (Q35 + ICH9, 2009)
none                 empty machine

[root@localhost ~]# rpm -qa | grep qemu
qemu-img-ev-2.12.0-18.el7_6.5.1.x86_64
centos-release-qemu-ev-1.0-4.el7.centos.noarch
qemu-kvm-common-ev-2.12.0-18.el7_6.5.1.x86_64
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.10.x86_64
ipxe-roms-qemu-20170123-1.git4e85b27.el7_4.1.noarch
qemu-kvm-ev-2.12.0-18.el7_6.5.1.x86_64

[root@localhost ~]# cat /proc/cpuinfo | grep ept
fpu_exception : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts spec_ctrl intel_stibp flush_l1d
fpu_exception : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts spec_ctrl intel_stibp flush_l1d
fpu_exception : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts spec_ctrl intel_stibp flush_l1d
fpu_exception : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts spec_ctrl intel_stibp flush_l1d


[root@localhost ~]# rpm -qa | grep libvirt
libvirt-client-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-kvm-4.5.0-10.el7_6.10.x86_64
libvirt-bash-completion-4.5.0-10.el7_6.10.x86_64
libvirt-libs-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-network-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-interface-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-config-network-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-rbd-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-4.5.0-10.el7_6.10.x86_64
libvirt-python-4.5.0-1.el7.x86_64
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-secret-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.10.x86_64
libvirt-daemon-driver-storage-gluster-4.5.0-10.el7_6.10.x86_64
libvirt-4.5.0-10.el7_6.10.x86_64






Regards, 
Pavan.