How to Enable UEFI for VMs in RHEL KVM

A photograph of a desktop PC on top of a white table.

Red Hat Enterprise Linux’s (RHEL) KVM is one of the most powerful and accessible Type 1 hypervisor available today. Along with Cockpit, it allows you to convert your typical computer into a virtualization powerhouse with the ability to host multiple, simultaneous VMs. This article shows you how to extend the RHEL KVM to also boot UEFI-only systems with its own UEFI mode in Linux.

Why Enable UEFI for Your KVM?

One of the biggest upsides of enabling UEFI is that it allows you to use modern OSes in a virtual environment. For instance, enabling UEFI for your Linux KVM will allow you to install Windows 11 on a virtual machine.

Other than that, enabling UEFI on your KVM also allows you to test various configurations for your OSes. In my case, I’m using it as a way to confirm if my partition layout schemes will work on real hardware.

Tip: you can also install Windows 11 on VirtualBox in Linux if you’re looking for a Type 2 hypervisor solution.

Installing the Dependencies for UEFI Support

The first step in enabling UEFI in KVM is to make sure that your system is fully up-to-date:

Ensure that you’ve installed and enabled the system’s KVM subsystem and packages:

sudo dnf install module virt
sudo dnf install virt-install virt-viewer
sudo systemctl start libvirtd

Run the following command to install the UEFI firmware for your KVM:

sudo dnf install edk2-ovmf cockpit-machines

Make sure that the Cockpit daemon is up and running for your system:

sudo systemctl enable --now cockpit.socket

Reboot your system to ensure that it will properly load the new firmware when it starts:

FYI: learn more about Red Hat Linux ecosystem by creating roaming home directories using RHEL IdM.

Creating a UEFI-capable VM in RHEL Cockpit

Open a web browser, then navigate to your machine’s Cockpit dashboard. You can find the dashboard at: http://localhost:9090.

A screenshot of RHEL's Cockpit login screen.

Login to your dashboard using either your root or superuser account, then click Virtual Machines.

A screenshot highlighting the "Virtual machines" menu option on the Cockpit's left side menu.

Click Create VM on the page’s right side.

A screenshot highlighting the "Create VM" button on RHEL's Virtual machines page.

Fill in the details of your VM, then press Create and Edit.

A screenshot highlighting the

Click the BIOS link under the Overview section.

A screenshot highlighting the "Firmware" section under the new VM's overview page.

This will bring up a dropdown menu where you can choose between BIOS and UEFI for your VM’s firmware. Select UEFI, then click Save.

A screenshot showing the Firmware dropdown menu for the new VM.

Note: It’s important to do this before you boot your VM for the first time. This is because the KVM won’t allow you to change the firmware after it starts.

Open a new terminal session, then create a nvram directory under “/var/libvirt/qemu”:

sudo mkdir /var/libvirt/qemu/nvram

Copy the non-Secure Boot UEFI variables from the default EDK2 directories to your KVM’s NVRAM:

sudo cp /usr/share/edk2/ovmf/OVMF_VARS.fd /var/lib/libvirt/qemu/nvram/YOUR-VM-NAME_VARS.fd

Click Install to boot your VM in UEFI mode.

A screenshot highlighting the "Install" button on the new VM's overview page.

Good to know: learn more about the differences between BIOS and UEFI to see which one is for you.

Test if your system is running in UEFI mode by opening a terminal and running the following command:

Doing this should return the contents of the EFI variables for the current system.

A screenshot showing the VM running in UEFI mode.

Note: For Windows 10 and older, you can check this by pressing Win + R, entering “msinfo32.exe” on the Run prompt, then scrolling to the line that starts with BIOS Mode in the System Information window.

Creating a UEFI-capable VM in the Command Line

Aside from Cockpit, you can also create a UEFI VM from the terminal. This can be useful if you don’t want to install additional dependencies on your system.

To do this, open a new terminal session and copy the non-Secure Boot UEFI variables to your KVM’s NVRAM directory:

sudo cp /usr/share/edk2/ovmf/OVMF_VARS.fd /var/lib/libvirt/qemu/nvram/YOUR-VM-NAME_VARS.fd

Paste the following line of code to your terminal:

sudo virt-install \
    --graphics vnc \
    --name YOUR-VM-NAME --memory 4096 \
    --vcpus 2 --disk size=40 --boot uefi \
    --cdrom /PATH/TO/YOUR/INSTALLER/FILE.iso

Replace the values for “–name” with the same name that you’ve used for your UEFI variables. In my case, it will be “Fedora-UEFI-MTE_VARS.fd.”

A terminal with a highlight on virt-install's name flag value.

Tweak the “–memory”, “–vcpus”, and “–disk size” flags to the values that you want for your VM.

A terminal showing a highlight on the VM-specific variables for the new VM.

Note: The memory flag interprets values in megabytes while the disk size flag sets it in gigabytes.

Press Enter to run virt-install and start your UEFI VM.

Open virt-viewer to access your VM’s graphical screen:

sudo virt-viewer YOUR-VM-NAME
A screenshot showing Fedora 39 running on UEFI mode in a VM.

Confirm that your system is running on EFI mode by listing the contents of “/sys/firmware/efi.”

A screenshot showing the contents of the

Creating UEFI-mode KVM virtual machines in Linux is just one of the few things that you can do with virtualization. Learn how you can share your VirtualBox VM across different devices using ExFAT disks.

Image credit: Sanni Sahil via Unsplash. All alterations and screenshots by Ramces Red.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Ramces Red

Ramces is a technology writer that lived with computers all his life. A prolific reader and a student of Anthropology, he is an eccentric character that writes articles about Linux and anything *nix.

Leave a Reply

Your email address will not be published. Required fields are marked *