Merge version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5+rpi1 and 4.8.3+xsa262+shim4...

diff --cc debian/changelog
index fd7500257f62640cf065175e709500ab551fb0df,af5f9bfee666b8c787b562f3a18b7aa7acbe81d7..97a356fb6ec9a265dc48ecaa18b5e153a513f9b1
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,15 -1,56 +1,69 @@@
- xen (4.8.3+comet2+shim4.10.0+comet3-1+deb9u5+rpi1) stretch-staging; urgency=medium
++xen (4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7+rpi1) stretch-staging; urgency=medium
 +
 +  [changes brought forward from 4.4.1-9+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 30 Aug 2015 15:43:16 +0000]
 +  * replace "dmb" with "mcr p15, #0, r0, c7, c10, #5" for armv6
 +  
 +  [changes introduced in 4.6.0-1+rpi1 by Peter Michael Green]
 +  * Use kernel 3.18 for now as I haven't dealt with 4.x yet.
 +
 +  [changes introduced in 4.8.0-1+rpi1 by Peter Micheal Green]
 +  * Add build-depends on ghostscript.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Mon, 12 Mar 2018 14:09:24 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sun, 27 May 2018 13:50:48 +0000
++
+ xen (4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7) stretch-security; urgency=high
+ 
+   * Include upstream XSA-263 (speculative store bypass) fixes for x86.
+     I hear that ARM fixes will be forthcoming RSN.  Ie,
+        XSA-263 CVE-2018-3639 (amd64/i386; armhf/arm64 still vuln.)
+ 
+   * Include a number of upstream bugfixes, including fixes to previous
+     security fixes, some of which are security-relevant:
+       x86: correct ordering of operations during S3 resume
+       x86: suppress BTI mitigations around S3 suspend/resume
+       x86/spec_ctrl: Updates to retpoline-safety decision making
+       x86/HPET: fix race triggering ASSERT(cpu < nr_cpu_ids)
+       x86/HVM: never retain emulated insn cache when exiting back to guest
+       xpti: fix bug in double fault handling
+       x86/cpuidle: don't init stats lock more than once
+       xen: Introduce vcpu_sleep_nosync_locked()
+       xen/schedule: Fix races in vcpu migration
+       x86: Fix "x86: further CPUID handling adjustments"
+ 
+     The result is very similar to upstream staging-4.8.  However, as
+     upstream staging-4.8 has not yet passed upstream CI, I have chosen to
+     cherry pick fixes so that I can drop a couple that don't look
+     immediately important.  We will expect to resynchronise with
+     upstream's 4.8 stable branch soon.
+ 
+   * Drop our patch `tools: fix arm build after bdf693ee61b48' (which was
+     needed to build the upstream 4.8 comet branch on ARM but is not needed
+     for the the upstream staging/stable branch).  Closes:#898898.
+ 
+   * Update changelog for 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6 to
+     mention branch switch from upstream 4.8 comet to upstream main 4.8,
+     and add some missing CVEs.
+ 
+  -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Tue, 22 May 2018 18:41:33 +0100
+ 
+ xen (4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6) stretch-security; urgency=high
+ 
+   * Update to new upstream version 4.8.3+xsa262+shim4.10.0+comet3.
+     (This is the upstream staging-4.8 branch, which is ahead of the
+     upstream CI-tested stable-4.8 branch by precisely the three
+     most recent XSA fixes.  We are switching away from the special
+     upstream 4.8 comet branch.)
+ 
+   * Resulting security fixes:
+        XSA-258 CVE-2018-10472
+        XSA-259 CVE-2018-10471
+        XSA-260 CVE-2018-8897
+        XSA-261 CVE-2018-10982
+        XSA-262 CVE-2018-10981
+ 
+    * Apply two further build fixes from upstream staging-4.8.
+ 
+  -- Ian Jackson <ijackson@chiark.greenend.org.uk>  Thu, 10 May 2018 16:50:52 +0100
  
  xen (4.8.3+comet2+shim4.10.0+comet3-1+deb9u5) stretch-security; urgency=high
  

diff --cc debian/patches/series
index 5656997be10fcfd5529230dbb4d40416d494bba4,389a124ecc6c2ad348d050cff5e077fab09c0be3..851dbff03cda4ceaccb56ee51bfc26dc98d2567d
--- 1/debian/patches/series
--- 2/debian/patches/series
+++ b/debian/patches/series
@@@ -27,11 -27,30 +27,31 @@@ tools-xenstore-compatibility.dif
  ubuntu-tools-libs-abiname.diff
  toolstestsx86_emulator-pass--no-pie--fno.patch
  copy-readme.pti-and-readme.comet-from-th.patch
- tools-fix-arm-build-after-bdf693ee61b48.patch
  tools-utility-to-dump-guest-grant-table-.patch
  gitignore-add-toolsmiscxen-diag-to-.giti.patch
- memory-dont-implicitly-unpin-for-decreas.patch
- gnttabarm-dont-corrupt-shared-gfn-array.patch
- gnttab-dont-blindly-free-status-pages-up.patch
- x86hvm-disallow-the-creation-of-hvm-doma.patch
+ x86emul-fix-emulator-test-harness-build-.patch
+ x86emul-fix-emulator-test-harness-build-.patch1
+ x86-correct-ordering-of-operations-durin.patch
+ x86-suppress-bti-mitigations-around-s3-s.patch
+ x86spec_ctrl-updates-to-retpoline-safety.patch
+ x86hpet-fix-race-triggering-assertcpu--n.patch
+ x86hvm-never-retain-emulated-insn-cache-.patch
+ xpti-fix-bug-in-double-fault-handling.patch
+ x86cpuidle-dont-init-stats-lock-more-tha.patch
+ xen-introduce-vcpu_sleep_nosync_locked.patch
+ xenschedule-fix-races-in-vcpu-migration.patch
+ x86-fix-x86-further-cpuid-handling-adjus.patch
+ x86spec_ctrl-read-msr_arch_capabilities-.patch
+ x86spec_ctrl-express-xens-choice-of-msr_.patch
+ x86spec_ctrl-merge-bti_ist_info-and-use_.patch
+ x86spec_ctrl-fold-the-xen_ibrs_setclear-.patch
+ x86spec_ctrl-rename-bits-of-infrastructu.patch
+ x86spec_ctrl-elide-msr_spec_ctrl-handlin.patch
+ x86spec_ctrl-split-x86_feature_sc_msr-in.patch
+ x86spec_ctrl-explicitly-set-xens-default.patch
+ x86cpuid-improvements-to-guest-policies-.patch
+ x86spec_ctrl-introduce-a-new-spec-ctrl=-.patch
+ x86amd-mitigations-for-gpz-sp4---specula.patch
+ x86intel-mitigations-for-gpz-sp4---specu.patch
+ x86msr-virtualise-msr_spec_ctrl.ssbd-for.patch
 +armv6.diff