Aarch64 virt-manager stuck at "EFI stub: Booting Linux Kernel..."

English Install/Boot/Login
1

Not sure if this is the right place and OS selected, but I try to install openSUSE-Leap-15.6-DVD-aarch64-Media.iso or openSUSE-Leap-15.6-NET-aarch64-Media.iso on a qemu-system-aarch64 virtual machine using virtual manager. I checked the integirty of both images with their sha256 sums. The host runs the latest Tumbleweed, no pending updates (at the time of this writing).

Selecting any option in either live medias boot menu hangs when reaching this point, leaving the qemu-system-aarch64 process at 100% CPU load:

EFI_stub_hang
EFI_stub_hang1412×1037 31 KB

I did wait about 10 minutes once, just to see. CPU remained at 100%. I have a 4 year old AMD 12 core medium range CPU and would hope CPU power is not the problem.

I tried to change the number of cores to 8, as I have come accross this numer several times, no effect. I tried another type of CPU instead of the maximum option virt-manager selected. That made the system unbootable.

The virtual machine bios (?) complains about a UEFI Misc Device. From what i gather online, this is not related to the issue I am seeing. Yet, for refrence:

UEFI_Misc_device
UEFI_Misc_device1412×1037 34.6 KB

Searching online, I found either self induced issue (https://stackoverflow.com/questions/68984631/aarch64-kvm-guest-hangs-on-early-linux-boot) or once that appear past the EFI stub: Booting Linux Kernel... message (Bug #2037100 “Booting a QEMU aarch64 VM using kernel+initrd resu...” : Bugs : edk2 package : Ubuntu; Debugging OS boot under qemu on aarch64 - Home Assistant OS - Home Assistant Community; ARM64 Linux VMs stuck on 'EFI stub: Exiting boot services and installing virtual address map...' · Issue #2682 · utmapp/UTM · GitHub).

I have deleted the VM and went through the wizard a few times, ensuring that i have not overlooked something. My gut feeling is that this should work…

Below, i believe, is the complete XML configuration file. I use (and have used for virtual x86 systems) my own storage pool under /srv/vm/.

<domain type="qemu">
  <name>opensuse15.6-aarch64</name>
  <uuid>a8d54858-e06f-48a9-a455-3935a9171d0a</uuid>
  <metadata>
    <libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
      <libosinfo:os id="http://opensuse.org/opensuse/15.6"/>
    </libosinfo:libosinfo>
  </metadata>
  <memory unit="KiB">2097152</memory>
  <currentMemory unit="KiB">2097152</currentMemory>
  <vcpu placement="static">2</vcpu>
  <os firmware="efi">
    <type arch="aarch64" machine="virt-10.0">hvm</type>
    <firmware>
      <feature enabled="no" name="enrolled-keys"/>
      <feature enabled="no" name="secure-boot"/>
    </firmware>
    <loader readonly="yes" type="pflash" format="raw">/usr/share/qemu/aavmf-aarch64-code.bin</loader>
    <nvram template="/usr/share/qemu/aavmf-aarch64-vars.bin" templateFormat="raw" format="raw">/var/lib/libvirt/qemu/nvram/opensuse15.6-aarch64_VARS.fd</nvram>
    <boot dev="hd"/>
  </os>
  <features>
    <acpi/>
    <gic version="2"/>
  </features>
  <cpu mode="maximum" check="none"/>
  <clock offset="utc"/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>destroy</on_crash>
  <devices>
    <emulator>/usr/bin/qemu-system-aarch64</emulator>
    <disk type="file" device="disk">
      <driver name="qemu" type="qcow2"/>
      <source file="/srv/vm/opensuseLeap-aarch64.qcow2"/>
      <target dev="vda" bus="virtio"/>
      <address type="pci" domain="0x0000" bus="0x06" slot="0x00" function="0x0"/>
    </disk>
    <disk type="file" device="cdrom">
      <driver name="qemu" type="raw"/>
      <source file="/srv/data/opensuse/openSUSE-Leap-15.6-DVD-aarch64-Media.iso"/>
      <target dev="sda" bus="scsi"/>
      <readonly/>
      <address type="drive" controller="0" bus="0" target="0" unit="0"/>
    </disk>
    <controller type="usb" index="0" model="qemu-xhci" ports="15">
      <address type="pci" domain="0x0000" bus="0x03" slot="0x00" function="0x0"/>
    </controller>
    <controller type="scsi" index="0" model="virtio-scsi">
      <address type="pci" domain="0x0000" bus="0x04" slot="0x00" function="0x0"/>
    </controller>
    <controller type="pci" index="0" model="pcie-root"/>
    <controller type="pci" index="1" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="1" port="0x8"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x0" multifunction="on"/>
    </controller>
    <controller type="pci" index="2" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="2" port="0x9"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x1"/>
    </controller>
    <controller type="pci" index="3" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="3" port="0xa"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x2"/>
    </controller>
    <controller type="pci" index="4" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="4" port="0xb"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x3"/>
    </controller>
    <controller type="pci" index="5" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="5" port="0xc"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x4"/>
    </controller>
    <controller type="pci" index="6" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="6" port="0xd"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x5"/>
    </controller>
    <controller type="pci" index="7" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="7" port="0xe"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x6"/>
    </controller>
    <controller type="pci" index="8" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="8" port="0xf"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x01" function="0x7"/>
    </controller>
    <controller type="pci" index="9" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="9" port="0x10"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x0" multifunction="on"/>
    </controller>
    <controller type="pci" index="10" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="10" port="0x11"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x1"/>
    </controller>
    <controller type="pci" index="11" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="11" port="0x12"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x2"/>
    </controller>
    <controller type="pci" index="12" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="12" port="0x13"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x3"/>
    </controller>
    <controller type="pci" index="13" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="13" port="0x14"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x4"/>
    </controller>
    <controller type="pci" index="14" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="14" port="0x15"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x5"/>
    </controller>
    <controller type="pci" index="15" model="pcie-root-port">
      <model name="pcie-root-port"/>
      <target chassis="15" port="0x16"/>
      <address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x6"/>
    </controller>
    <controller type="pci" index="16" model="pcie-to-pci-bridge">
      <model name="pcie-pci-bridge"/>
      <address type="pci" domain="0x0000" bus="0x01" slot="0x00" function="0x0"/>
    </controller>
    <controller type="virtio-serial" index="0">
      <address type="pci" domain="0x0000" bus="0x05" slot="0x00" function="0x0"/>
    </controller>
    <interface type="bridge">
      <mac address="52:54:00:f2:72:03"/>
      <source bridge="br0"/>
      <model type="virtio"/>
      <address type="pci" domain="0x0000" bus="0x02" slot="0x00" function="0x0"/>
    </interface>
    <serial type="pty">
      <target type="system-serial" port="0">
        <model name="pl011"/>
      </target>
    </serial>
    <console type="pty">
      <target type="serial" port="0"/>
    </console>
    <channel type="unix">
      <target type="virtio" name="org.qemu.guest_agent.0"/>
      <address type="virtio-serial" controller="0" bus="0" port="1"/>
    </channel>
    <channel type="spicevmc">
      <target type="virtio" name="com.redhat.spice.0"/>
      <address type="virtio-serial" controller="0" bus="0" port="2"/>
    </channel>
    <input type="tablet" bus="usb">
      <address type="usb" bus="0" port="1"/>
    </input>
    <input type="keyboard" bus="usb">
      <address type="usb" bus="0" port="2"/>
    </input>
    <tpm model="tpm-tis">
      <backend type="emulator" version="2.0"/>
    </tpm>
    <graphics type="spice" autoport="yes">
      <listen type="address"/>
      <image compression="off"/>
    </graphics>
    <sound model="ich9">
      <address type="pci" domain="0x0000" bus="0x10" slot="0x01" function="0x0"/>
    </sound>
    <audio id="1" type="spice"/>
    <video>
      <model type="virtio" heads="1" primary="yes"/>
      <address type="pci" domain="0x0000" bus="0x09" slot="0x00" function="0x0"/>
    </video>
    <memballoon model="virtio">
      <address type="pci" domain="0x0000" bus="0x07" slot="0x00" function="0x0"/>
    </memballoon>
    <rng model="virtio">
      <backend model="random">/dev/urandom</backend>
      <address type="pci" domain="0x0000" bus="0x08" slot="0x00" function="0x0"/>
    </rng>
  </devices>
</domain>

Any ideas?

2

Out of curiosity I looked at the Serial 1 console output (ViewConsolesSerial 1) and this is the last output before the something seemingly hangs infinitely:

image
image1412×1037 93.4 KB

The very last line says ASSERT [RngDxe] BaseArmTrngLibNull.c(86): ((BOOLEAN)(0==1)). Looking for this online brought me to this: https://issues.redhat.com/browse/RHEL-88088, which links to this pull request supposed to fix the issue: ArmVirt: move Defines section to new include file by kraxel · Pull Request #10997 · tianocore/edk2 · GitHub

Unfortunately, I do not fully understand what the discussions is about. The comment by Gerd Hoffman:

It’s broken in case the cpu has no rndr instruction support, because the fallback to platform rng device does not work

With a bit of further research, I interpret this the following way: The rndr instruction is supported by the CPU, but the CPU claims the instruction is not supported because the random number generator that should be connected to the CPU (by those who design the platform) does not work (see Random).

From the pull request , I understand that the order in with some cookie libraries (?) are picked causes the issue. As the pull request is for TianoCore (the bios used by the virtual machine, see first post, second image), I am hopeful that the issue will be solved when builds (of TianoCore) are available in “June” and find their way into Tumbleweed soon after.

Assuming qemu-uefi-aarch64 contains TianoCore, I thought I could downgrade (something I never tried) to see if the above holds, but that seems not as easy as i though:

image
image1347×918 182 KB

(It also seems not necessarily advisable, given risk of breakages and security: How to (re-) install software of older versions of openSUSE? - #8 by hui)

3

As of at least today, TianoCore seems to be fixed and things on the serial console are progressing (View → Consoles → Serial 1). Especially loading the Basic drivers took an uncomfortably long time:

image
image1280×878 125 KB

At some point, still on the serial console, Yast2 starts for installation. The graphical console just shows a static cursor, not sure if that is as intended:

image
image1280×878 8.68 KB

No matter though, Yast2 on the serial console works and can be navigated with TAB, arrow and F keys.

This is the summary screen just before installation:

image
image1280×878 55.6 KB

continued:
image
image1280×878 55.2 KB

I changed timezone, keyboard layout and did not create a user (root only). Waiting for the last remaining package was a test of patience, it alone took about 20 minutes:

image
image1280×878 19.2 KB

The complete installation took about 1.5 hours and the system rebooted into the new installation. There was an (initially) blinking cursor on the “Graphical Console Spice”, “Serial 1” showed how the booting was progressing. Once booting was done, I was at last able to login on the graphical console:
image
image1280×878 11.6 KB

When powering off, the graphical console shows no progress, again, the serial console however does.

In short: Success!