There is no secure boot yet, see here: Secure Boot Status - #3 by brian
For now, you have to disable secure boot in a VM. UEFI should work though. Since you are using KVM, then you would need to do something additional as in customise the VM config before install. Then under the overview tab in virt-manager change it to UEFI.
Alternatively, edit the /etc/libvirt/qemu/myvm.xml file, and look for something similar to this:
<type arch='x86_64' machine='pc-q35-4.2'>hvm</type>
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE.fd</loader>
this is what it looks like after I configured in in virt-manager, but if you aren’t using this, and are just using virsh, then you could edit the xml before booting it, or maybe you can find some virsh commands for setting the UEFI stuff. Obviously, depending on your system the location to the OVMF code for UEFI might be different.
You can do it this way if from the console: Using UEFI with QEMU - Fedora Project Wiki - by adding
--boot uefi to virt-install command.