diff options
| author |   Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2020-01-29 19:13:40 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@opnfv.org> | 2020-01-29 19:13:40 +0000 |
| commit | b7ef62bedd7632cf41f5c74323155ec6d3cb10f3 (patch) | |
| tree | 0957933cf3c2f9fbfbba801274956ae169a4dd10 /mcp/reclass/classes/cluster | |
| parent | 94979a925b805a2e56ff7c95afa6408fa48c1538 (diff) | |
| parent | 30b8abf04744ec71e4e608bc57e3b29872ed61a8 (diff) | |
Merge "aarch64: Add kpti=off similar to x86_64 nopti" into stable/iruya
Diffstat (limited to 'mcp/reclass/classes/cluster')
6 files changed, 7 insertions, 1 deletions
diff --git a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 index f98040b93..f3b1f79aa 100644 --- a/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 +++ b/mcp/reclass/classes/cluster/all-mcp-arch-common/infra/maas.yml.j2 @@ -33,7 +33,7 @@ parameters: aarch64_hugepages_1g: comment: 'Enable 1G pagesizes on aarch64' definition: '//capability[@id="asimd"]|//capability[@id="cp15_barrier"]' - kernel_opts: 'default_hugepagesz=1G hugepagesz=1G' + kernel_opts: 'default_hugepagesz=1G hugepagesz=1G kpti=off' {%- endif %} enable_iframe: False timeout: @@ -111,6 +111,7 @@ parameters: enable_third_party_drivers: true network_discovery: 'enabled' default_min_hwe_kernel: ${_param:hwe_kernel} + kernel_opts: 'spectre_v2=off nopti kpti=off nospec_store_bypass_disable noibrs noibpb' cluster: saltstack_repo_bionic: "deb [arch=amd64] http://repo.saltstack.com/apt/ubuntu/18.04/amd64/2017.7/ bionic main" region: diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 index fe337fa5b..37bc42225 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 @@ -41,6 +41,7 @@ parameters: boot_options: - spectre_v2=off - nopti + - kpti=off - nospec_store_bypass_disable - noibrs - noibpb diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml index 411fcee5a..af87d9c2f 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml @@ -73,6 +73,7 @@ parameters: boot_options: - spectre_v2=off - nopti + - kpti=off - nospec_store_bypass_disable - noibrs - noibpb diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 index cefed963e..14b8a268b 100644 --- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 @@ -41,6 +41,7 @@ parameters: boot_options: - spectre_v2=off - nopti + - kpti=off - nospec_store_bypass_disable - noibrs - noibpb diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml index 2dfe0370d..c330b677c 100644 --- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml +++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml @@ -48,6 +48,7 @@ parameters: boot_options: - spectre_v2=off - nopti + - kpti=off - nospec_store_bypass_disable - noibrs - noibpb diff --git a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 index 95b39f637..34372c69c 100644 --- a/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-iec-noha/infra/kvm.yml.j2 @@ -62,6 +62,7 @@ parameters: boot_options: - spectre_v2=off - nopti + - kpti=off sysctl: net.ipv4.ip_forward: 0 libvirt: |