kernel: bump 4.14 to 4.14.176

Refreshed all patches.

Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch

Fixes:
- CVE-2020-8647
- CVE-2020-8648 (potentially)
- CVE-2020-8649

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

5 files changed, 7 insertions, 78 deletions

diff --git a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch
index b851799824..7939ee46b0 100644
--- a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch
+++ b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch
@@ -55,7 +55,7 @@ Cc: Kir Kolyshkin <kir@openvz.org>
  	rwlock_t		sk_callback_lock;
 --- a/net/core/sock.c
 +++ b/net/core/sock.c
-@@ -2745,6 +2745,7 @@ void sock_init_data(struct socket *sock,
+@@ -2748,6 +2748,7 @@ void sock_init_data(struct socket *sock,
  
  	sk->sk_max_pacing_rate = ~0U;
  	sk->sk_pacing_rate = ~0U;
diff --git a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
index c09a5e47f8..6d6c575ae7 100644
--- a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
+++ b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
@@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold <johan@kernel.org>
 
 --- a/drivers/usb/serial/option.c
 +++ b/drivers/usb/serial/option.c
-@@ -1981,7 +1981,8 @@ static const struct usb_device_id option
+@@ -1983,7 +1983,8 @@ static const struct usb_device_id option
  	{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) },			/* D-Link DWM-156 (variant) */
  	{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) },
  	{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) },
diff --git a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch
index de88825802..885d632d22 100644
--- a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch
+++ b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch
@@ -47,7 +47,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  };
 --- a/net/netfilter/nf_conntrack_core.c
 +++ b/net/netfilter/nf_conntrack_core.c
-@@ -960,6 +960,9 @@ static unsigned int early_drop_list(stru
+@@ -974,6 +974,9 @@ static unsigned int early_drop_list(stru
  	hlist_nulls_for_each_entry_rcu(h, n, head, hnnode) {
  		tmp = nf_ct_tuplehash_to_ctrack(h);
  
@@ -57,7 +57,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  		if (nf_ct_is_expired(tmp)) {
  			nf_ct_gc_expired(tmp);
  			continue;
-@@ -1037,6 +1040,18 @@ static bool gc_worker_can_early_drop(con
+@@ -1051,6 +1054,18 @@ static bool gc_worker_can_early_drop(con
  	return false;
  }
  
@@ -76,7 +76,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  static void gc_worker(struct work_struct *work)
  {
  	unsigned int min_interval = max(HZ / GC_MAX_BUCKETS_DIV, 1u);
-@@ -1073,6 +1088,11 @@ static void gc_worker(struct work_struct
+@@ -1087,6 +1102,11 @@ static void gc_worker(struct work_struct
  			tmp = nf_ct_tuplehash_to_ctrack(h);
  
  			scanned++;
diff --git a/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch b/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
index 286f1f659c..d82854908f 100644
--- a/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
+++ b/target/linux/generic/backport-4.14/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
@@ -21,7 +21,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/net/netfilter/nf_conntrack_core.c
 +++ b/net/netfilter/nf_conntrack_core.c
-@@ -1040,18 +1040,6 @@ static bool gc_worker_can_early_drop(con
+@@ -1054,18 +1054,6 @@ static bool gc_worker_can_early_drop(con
  	return false;
  }
  
@@ -40,7 +40,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  static void gc_worker(struct work_struct *work)
  {
  	unsigned int min_interval = max(HZ / GC_MAX_BUCKETS_DIV, 1u);
-@@ -1088,10 +1076,8 @@ static void gc_worker(struct work_struct
+@@ -1102,10 +1090,8 @@ static void gc_worker(struct work_struct
  			tmp = nf_ct_tuplehash_to_ctrack(h);
  
  			scanned++;
diff --git a/target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch b/target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
deleted file mode 100644
index ba0d137096..0000000000
--- a/target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From 82afdcd4ec3c8ca6551cbf7c43c09e2fd240487a Mon Sep 17 00:00:00 2001
-From: Hangbin Liu <liuhangbin@gmail.com>
-Date: Tue, 10 Mar 2020 15:27:37 +0800
-Subject: [PATCH] ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Rafał found an issue that for non-Ethernet interface, if we down and up
-frequently, the memory will be consumed slowly.
-
-The reason is we add allnodes/allrouters addressed in multicast list in
-ipv6_add_dev(). When link down, we call ipv6_mc_down(), store all multicast
-addresses via mld_add_delrec(). But when link up, we don't call ipv6_mc_up()
-for non-Ethernet interface to remove the addresses. This makes idev->mc_tomb
-getting bigger and bigger. The call stack looks like:
-
-addrconf_notify(NETDEV_REGISTER)
-	ipv6_add_dev
-		ipv6_dev_mc_inc(ff01::1)
-		ipv6_dev_mc_inc(ff02::1)
-		ipv6_dev_mc_inc(ff02::2)
-
-addrconf_notify(NETDEV_UP)
-	addrconf_dev_config
-		/* Alas, we support only Ethernet autoconfiguration. */
-		return;
-
-addrconf_notify(NETDEV_DOWN)
-	addrconf_ifdown
-		ipv6_mc_down
-			igmp6_group_dropped(ff02::2)
-				mld_add_delrec(ff02::2)
-			igmp6_group_dropped(ff02::1)
-			igmp6_group_dropped(ff01::1)
-
-After investigating, I can't found a rule to disable multicast on
-non-Ethernet interface. In RFC2460, the link could be Ethernet, PPP, ATM,
-tunnels, etc. In IPv4, it doesn't check the dev type when calls ip_mc_up()
-in inetdev_event(). Even for IPv6, we don't check the dev type and call
-ipv6_add_dev(), ipv6_dev_mc_inc() after register device.
-
-So I think it's OK to fix this memory consumer by calling ipv6_mc_up() for
-non-Ethernet interface.
-
-v2: Also check IFF_MULTICAST flag to make sure the interface supports
-    multicast
-
-Reported-by: Rafał Miłecki <zajec5@gmail.com>
-Tested-by: Rafał Miłecki <zajec5@gmail.com>
-Fixes: 74235a25c673 ("[IPV6] addrconf: Fix IPv6 on tuntap tunnels")
-Fixes: 1666d49e1d41 ("mld: do not remove mld souce list info when set link down")
-Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
----
- net/ipv6/addrconf.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
---- a/net/ipv6/addrconf.c
-+++ b/net/ipv6/addrconf.c
-@@ -3223,6 +3223,10 @@ static void addrconf_dev_config(struct n
- 	    (dev->type != ARPHRD_TUNNEL) &&
- 	    (dev->type != ARPHRD_NONE)) {
- 		/* Alas, we support only Ethernet autoconfiguration. */
-+		idev = __in6_dev_get(dev);
-+		if (!IS_ERR_OR_NULL(idev) && dev->flags & IFF_UP &&
-+		    dev->flags & IFF_MULTICAST)
-+			ipv6_mc_up(idev);
- 		return;
- 	}
-