-
Bug
-
Resolution: Duplicate
-
Normal
-
None
-
CentOS Stream 9
-
None
-
Yes
-
Medium
-
Regression
-
None
-
None
-
CentOS Stream
-
None
-
None
-
None
-
x86_64
-
None
What were you trying to do that didn't work?
I was trying to use UEFI secureboot in a VM. This fails for hard disk, CDROM or PXE boot. Installing edk2-ovmf from Rocky Linux 9 fixes the issue.
Please provide the package NVR for which bug is seen:
AFFECTED:
edk2-ovmf-20230524-3.el9.noarch edk2-ovmf-20230301gitf80f052277c8-5.el9.noarch
NOT AFFECTED:
edk2-ovmf-20221207gitfff6d81270b5-9.el9_2.noarch
How reproducible: 100%
Steps to reproduce
virt-install \ --machine q35 \ --boot uefi,firmware.feature0.name=secure-boot,firmware.feature0.enabled=yes,firmware.feature1.name=enrolled-keys,firmware.feature1.enabled=yes \ --name test-edk2 \ --memory 4096 \ --vcpus 2 \ --disk size=16 \ --graphics none \ --os-variant centos-stream9 \ --cpu host \ --cdrom CentOS-Stream-9-20231002.0-x86_64-boot.iso
Expected results
CDROM boot menu
Actual results
BdsDxe: loading Boot0001 "UEFI QEMU DVD-ROM QM00001 " from PciRoot(0x0)/Pci(0x1F,0x2)/Sata(0x0,0xFFFF,0x0) BdsDxe: failed to load Boot0001 "UEFI QEMU DVD-ROM QM00001 " from PciRoot(0x0)/Pci(0x1F,0x2)/Sata(0x0,0xFFFF,0x0): Access Denied BdsDxe: failed to load Boot0002 "UEFI Misc Device" from PciRoot(0x0)/Pci(0x1,0x3)/Pci(0x0,0x0): Not Found BdsDxe: No bootable option or device was found. BdsDxe: Press any key to enter the Boot Manager Menu.
Additional notes
There is a workaround: by installing edk2-ovmf from Rocky Linux, the VM boots successfully.
- duplicates
-
RHEL-4391 secureboot of centos 9 stream not working
- In Progress
- links to