From ae600003290b3454e32cac9df696f0227951b0fa Mon Sep 17 00:00:00 2001
From: Michael Polenchuk <mpolenchuk@mirantis.com>
Date: Mon, 4 Mar 2019 12:49:58 +0400
Subject: Turn off meltdown/spectre patches

Change-Id: Id75ffe4db808a4ec250ba8b86c5d49f1206c3784
Signed-off-by: Michael Polenchuk <mpolenchuk@mirantis.com>
---
 mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2         | 3 +++
 mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml    | 3 +++
 mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 | 3 +++
 mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml    | 3 +++
 4 files changed, 12 insertions(+)

diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
index 349d4f1c8..22d62c578 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/infra/kvm.yml.j2
@@ -41,6 +41,9 @@ parameters:
         boot_options:
           - spectre_v2=off
           - nopti
+          - nospec_store_bypass_disable
+          - noibrs
+          - noibpb
         sysctl:
           net.ipv4.ip_forward: 0
   libvirt:
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
index 0416d26db..bed9bf05c 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute.yml
@@ -68,6 +68,9 @@ parameters:
         boot_options:
           - spectre_v2=off
           - nopti
+          - nospec_store_bypass_disable
+          - noibrs
+          - noibpb
   neutron:
     gateway:
       vlan_aware_vms: true
diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
index 9709dfad2..cefed963e 100644
--- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/compute.yml.j2
@@ -41,6 +41,9 @@ parameters:
         boot_options:
           - spectre_v2=off
           - nopti
+          - nospec_store_bypass_disable
+          - noibrs
+          - noibpb
           - intel_iommu=on
           - iommu=pt
           - nohz_full=${linux:system:kernel:isolcpu}
diff --git a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
index 3fbec1bcd..2dfe0370d 100644
--- a/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
+++ b/mcp/reclass/classes/cluster/mcp-fdio-noha/openstack/gateway.yml
@@ -48,6 +48,9 @@ parameters:
         boot_options:
           - spectre_v2=off
           - nopti
+          - nospec_store_bypass_disable
+          - noibrs
+          - noibpb
           - intel_iommu=on
           - iommu=pt
           - nohz_full=${linux:system:kernel:isolcpu}
-- 
cgit 1.2.3-korg