kernel: bump 4.14 to 4.14.176

Refreshed all patches.

Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch

Fixes:
- CVE-2020-8647
- CVE-2020-8648 (potentially)
- CVE-2020-8649

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

1 files changed, 3 insertions, 3 deletions

diff --git a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch
index de88825802..885d632d22 100644
--- a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch
+++ b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch
@@ -47,7 +47,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  };
 --- a/net/netfilter/nf_conntrack_core.c
 +++ b/net/netfilter/nf_conntrack_core.c
-@@ -960,6 +960,9 @@ static unsigned int early_drop_list(stru
+@@ -974,6 +974,9 @@ static unsigned int early_drop_list(stru
  	hlist_nulls_for_each_entry_rcu(h, n, head, hnnode) {
  		tmp = nf_ct_tuplehash_to_ctrack(h);
  
@@ -57,7 +57,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  		if (nf_ct_is_expired(tmp)) {
  			nf_ct_gc_expired(tmp);
  			continue;
-@@ -1037,6 +1040,18 @@ static bool gc_worker_can_early_drop(con
+@@ -1051,6 +1054,18 @@ static bool gc_worker_can_early_drop(con
  	return false;
  }
  
@@ -76,7 +76,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  static void gc_worker(struct work_struct *work)
  {
  	unsigned int min_interval = max(HZ / GC_MAX_BUCKETS_DIV, 1u);
-@@ -1073,6 +1088,11 @@ static void gc_worker(struct work_struct
+@@ -1087,6 +1102,11 @@ static void gc_worker(struct work_struct
  			tmp = nf_ct_tuplehash_to_ctrack(h);
  
  			scanned++;