5

Running Windows 10 under QEMU, Update: Debian Changed OVMF (Shallow Thoughts)

 8 months ago
source link: https://shallowsky.com/blog/linux/qemu-change-ovmf.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Running Windows 10 under QEMU, Update: Debian Changed OVMF

In October I wrote about making a Windows 10 that Boots off a USB Stick, From Linux.

A Debian update today or yesterday (Merry Christmas!) broke that and I spent a few hours today chasing that down.

There's a package called ovmf that puts BIOS/firmware related files in /usr/share/OVMF/. The command I used in the earlier article included the flag -bios /usr/share/OVMF/OVMF_CODE.fd but as of today, -bios apparently doesn't work any more with any of the files there.

OVMF stands for Open Virtual Machine Firmware: it's the firmware from TianoCore that shows a message as you first start to boot a virtual machine.

With the new update, QEMU died with the error 

qemu: could not load PC BIOS '/usr/share/OVMF/OVMF_CODE.fd

And, indeed, there is no more OVMF_CODE.fd in that directory. Instead, there's 

-rw-r--r-- 1 root root 3653632 Dec 24 16:24 OVMF_CODE_4M.fd
lrwxrwxrwx 1 root root      23 Dec 24 16:24 OVMF_CODE_4M.ms.fd -> OVMF_CODE_4M.secboot.fd
-rw-r--r-- 1 root root 3653632 Dec 24 16:24 OVMF_CODE_4M.secboot.fd
lrwxrwxrwx 1 root root      23 Dec 24 16:24 OVMF_CODE_4M.snakeoil.fd -> OVMF_CODE_4M.secboot.fd

plus several OVMF_VARS* files.

But changing the -bios flag to -bios /usr/share/OVMF/OVMF_CODE_4m.fd fails with the exact same error message, as does the .secboot variant.

The package has a README, /usr/share/doc/ovmf/README.Debian as well as a NEWS.Debian.gz in the same doc directory, but neither of them makes anything about this clear.

The README does have a useful list of the various OVMF files and how they compare (e.g., use OVMF_CODE_4M.secboot.fd if you're using Secure Boot, otherwise use OVMF_CODE_4M.fd.

One important key was the paragraph in the README on OVMF.fd, which begins

This is a unified image that includes the contents of both OVMF_CODE.fd and OVMF_VARS.fd. It is provided as a convenience for testing purposes, as it can be easily booted by QEMU using the -bios option.

That would be lovely, if there actually were such a file OVMF.fd,, but there isn't.

But it gave me a clue: apparently -bios can only be used on OVMF_CODE files that integrate an associated OVMF_VARS file. I have no idea how you tell whether a _CODE file includes _VARS, but perhaps the old OVMF_CODE.fd did and the new OVMF_CODE_4M.fd doesn't.

So maybe I needed to include a line for the _VARS file too. But how? The only example I was able to find of using a _VARS file was on Debian Wiki: SecureBoot VirtualMachine, which doesn't use -bios at all but instead uses one -disk entry for the _CODE file, and another for a local copy of the _VARS file.

That page also seems to consider it important to have a read-write copy of the _VARS file in case the guest OS wants to change any firmware variables. Whether that only applies to secureboot systems, I don't know. I'm not using secureboot for my VM, but I decided to follow the page's advice.

So I changed my qemu command to this: 

cp /usr/share/OVMF/OVMF_VARS_4M.fd /tmp/
qemu-system-x86_64 \
  -display gtk,window-close=off \
  -machine type=q35,accel=kvm \
  -enable-kvm \
  -cpu host,hv-relaxed,hv-vapic,hv_spinlocks=0x1fff,hv-runtime,hv-time,hv-frequencies \
  -smp 2 \
  -m 2048 \
  -drive if=pflash,format=raw,unit=0,file=/usr/share/OVMF/OVMF_CODE_4M.fd,readonly=on \
  -drive if=pflash,format=raw,unit=1,file=/tmp/OVMF_VARS_4M.fd \
  -object rng-random,id=rng0,filename=/dev/urandom \
  -device virtio-rng-pci,max-bytes=1024,period=1000 \
  -acpitable file=/path/to/QEMU/acpitables/MSDM \
  -smbios file=/path/to/QEMU/acpitables/smbios_type_0.bin \
  -smbios file=/path/to/QEMU/acpitables/smbios_type_1.bin \
  -vga std \
  -device intel-hda \
  -device hda-duplex \
  -device qemu-xhci,id=xhci \
  -device usb-tablet,bus=xhci.0 \
  -drive format=raw,file=${USB_STICK},index=0 \
  -drive file="/PATH/TO/Win10_22H2_English_x64v1.iso",index=1,media=cdrom

And that boots and runs.

I wish I could find something that actually explained what these files actually are (especially the _VARS), how they work together and the difference between -bios and -drive. But maybe that's too much to hope for.

Tags: linux, windows, virtualization, qemu, debian
[ 18:01 Dec 26, 2023    More linux | permalink to this entry | ]


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK