QubesOS Xen CMDLINE currently not respected

[tlaurion]

As of right now, grub.cfg Xen command line looks like this (dom0/Heads: cat /boot/kexec_default.1.txt):
Qubes, with Xen 4.8.5 and Linux 4.14.74-1.pvops.qubes.x86_64|xen|kernel /xen-4.8.5.gz placeholder console=none dom0_mem=min:1024M dom0_mem=max:4096M iommu=no-igfx ucode=scan smt=off |module /vmlinuz-4.14.74-1.pvops.qubes.x86_64 placeholder root=/dev/mapper/qubes_dom0-root ro rd.luks.uuid=luks-caec4f1d-3370-4690-9958-4fa8247d2557 rd.luks.options=discard rd.lvm.lv=qubes_dom0/root rd.lvm.lv=qubes_dom0/swap i915.alpha_support=1 intel_iommu=on rhgb quiet rd.qubes.hide_all_usb|module /initramfs-4.14.74-1.pvops.qubes.x86_64.img

Currently passed Xen command line (dom0: xl info | grep commandline):
xen_commandline : no-real-mode reboot=no vga=current

Expected:
placeholder console=none dom0_mem=min:1024M dom0_mem=max:4096M iommu=no-igfx ucode=scan smt=off no-real-mode reboot=no vga=current

[tlaurion]

As a result, QubesOS recommended Xen configurations are flushed. This has the following present consequences and future undesired ones:

• lack of dom0_mem=max:4096M may in many cases prevent starting sys-net and sys-usb (not enough continuous memory)
• lack of smt=off leave hyper threading enabled, which unfortunately nowadays is a security issue (namely L1TF)

[tlaurion]

@kylerankin : please test on Librems: QubesOS provided grub.cfg Xen options include iommu=no-igfx and smt=off. We may need to duplicate board config CONFIG_BOOT_KERNEL_REMOVE and CONFIG_BOOT_KERNEL_ADD logic for XEN if those standard options have impact for Purism.

@flammit "Approved" this PR from his comment on slack:
if it works on your x230 w/ Qubes, i guess it LGTM. i only ignored the args because I didn’t know what the interaction was between these options and the ones in the Qubes grub