From b7c6c2a1681a057a7c3a2a9b1700cb2d92f18627 Mon Sep 17 00:00:00 2001
From: Jim Somerville <Jim.Somerville@windriver.com>
Date: Mon, 27 Jan 2020 17:43:54 -0500
Subject: [PATCH] Security: System security option includes nospectre_v1

Most of the v1 mitigation is baked into the kernel and not
optional.  The swapgs barriers are, however, optional.
They have a negative performance impact so we disable them
by using the nospectre_v1 kernel bootarg.

Partial-Bug: 1860193
Depends-On: https://review.opendev.org/#/c/704406
Change-Id: I6281166c53b13124800b4061ebe08f85d5175d6a
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
 automated-pytest-suite/keywords/system_helper.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/automated-pytest-suite/keywords/system_helper.py b/automated-pytest-suite/keywords/system_helper.py
index 17648b0..3bd86cb 100644
--- a/automated-pytest-suite/keywords/system_helper.py
+++ b/automated-pytest-suite/keywords/system_helper.py
@@ -2413,7 +2413,7 @@ def modify_spectre_meltdown_version(version='spectre_meltdown_all',
 
     from keywords import host_helper
     hosts = get_hosts(con_ssh=con_ssh)
-    check_val = 'nopti nospectre_v2'
+    check_val = 'nopti nospectre_v2 nospectre_v1'
     if check_first and version == current_version:
         LOG.info(
             "{} already set in 'system show'. Checking actual cmdline options "