Spectre/meltdown kernel options controllable by customer

Add spectre-meltdown-checker package.
Implements customer configuration of kernel options to control
spectre/meltdown related kernel options.  Default (with "nopti
nospectre_v2" options) can be changed to "" using

system modify -S spectre_meltdown_all

Change-Id: Id86c4bbe9063cf6c47fe4128d641ef2983622481
Signed-off-by: Jack Ding <jack.ding@windriver.com>

centos_pkg_dirs

@@ -54,6 +54,7 @@ security/tpm2-openssl-engine
 security/libtpms
 security/swtpm
 security/audit
+security/spectre-meltdown-checker
 kernel-std
 devtools/puppet-4.8.2
 devtools/puppet-modules/puppet-boolean-1.0.2

security/spectre-meltdown-checker/centos/build_srpm.data

@@ -0,0 +1,2 @@
+COPY_LIST="$CGCS_BASE/downloads/spectre-meltdown-checker-0.37+-5cc77741.tar.bz2"
+TIS_PATCH_VER=0

security/spectre-meltdown-checker/centos/spectre-meltdown-checker.spec

@@ -0,0 +1,35 @@
+Name: spectre-meltdown-checker
+Version: 0.37+
+Release: %{tis_patch_ver}%{?_tis_dist}
+Summary: Checker script for spectre/meltdown
+
+Group: base
+License: GPLv3
+URL: https://github.com/speed47/spectre-meltdown-checker.git
+Source0: spectre-meltdown-checker-0.37+-5cc77741.tar.bz2
+
+BuildArch: noarch
+Requires: bash
+
+%description
+Script to check whether kernel is susceptible to spectre/meltdown vulnerabilities.
+
+
+%prep
+tar xjf %{SOURCE0}
+
+%build
+
+
+%install
+install -d -m 755 %{buildroot}/usr/sbin/
+install -m 744 spectre-meltdown-checker/spectre-meltdown-checker.sh %{buildroot}/usr/sbin/spectre-meltdown-checker.sh
+
+
+%files
+%license %{name}/LICENSE
+/usr/sbin/*
+
+
+%changelog
+