2 files changed, 43 insertions, 17 deletions

diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 500e8b4c4..7b618c174 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -2,7 +2,7 @@
 
 _flavor=grsec
 pkgname=linux-${_flavor}
-pkgver=3.2.4
+pkgver=3.2.5
 _kernver=3.2
 pkgrel=0
 pkgdesc="Linux kernel with grsecurity"
@@ -14,7 +14,7 @@ _config=${config:-kernelconfig.${CARCH}}
 install=
 source="ftp://ftp.kernel.org/pub/linux/kernel/v3.0/linux-$_kernver.tar.bz2
 	ftp://ftp.kernel.org/pub/linux/kernel/v3.0/patch-$pkgver.bz2
-	grsecurity-2.2.2-3.2.4-201202051927.patch
+	grsecurity-2.2.2-3.2.5-201202061800.patch
 	
 	0004-arp-flush-arp-cache-on-device-change.patch
 
@@ -140,8 +140,8 @@ dev() {
 }
 
 md5sums="7ceb61f87c097fc17509844b71268935  linux-3.2.tar.bz2
-02adf3e0450969dec6219ca52ff2a68a  patch-3.2.4.bz2
-87a8ebc1d936b51263e09f0ba95ca0ad  grsecurity-2.2.2-3.2.4-201202051927.patch
+fb4d0b76b4c9a42977d75c4b2f3948d0  patch-3.2.5.bz2
+ea0ecef24bf10a8c0f9c4b705a10daf8  grsecurity-2.2.2-3.2.5-201202061800.patch
 776adeeb5272093574f8836c5037dd7d  0004-arp-flush-arp-cache-on-device-change.patch
 f3eda7112ef074a4121ec6de943c63ee  x86-centaur-enable-cx8-for-via-eden-too.patch
 62cc7d7b5ba7ef05b72ff91c0411c189  linux-3.0.x-regression-with-ipv4-routes-having-mtu.patch
diff --git a/main/linux-grsec/grsecurity-2.2.2-3.2.4-201202051927.patch b/main/linux-grsec/grsecurity-2.2.2-3.2.5-201202061800.patch
index b2dcf41b6..8adfe9cc5 100644
--- a/main/linux-grsec/grsecurity-2.2.2-3.2.4-201202051927.patch
+++ b/main/linux-grsec/grsecurity-2.2.2-3.2.5-201202061800.patch
@@ -186,7 +186,7 @@ index 81c287f..d456d02 100644
  
  	pcd.		[PARIDE]
 diff --git a/Makefile b/Makefile
-index c8e187e..c445af7 100644
+index e9dd0ff..e4c0733 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -23734,7 +23734,7 @@ index 6687022..ceabcfa 100644
 +	pax_force_retaddr
  	ret
 diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
-index 7c1b765..180e3b2 100644
+index 7c1b765..3d8ea45 100644
 --- a/arch/x86/net/bpf_jit_comp.c
 +++ b/arch/x86/net/bpf_jit_comp.c
 @@ -117,6 +117,10 @@ static inline void bpf_flush_icache(void *start, void *end)
@@ -23759,7 +23759,23 @@ index 7c1b765..180e3b2 100644
  	/* Before first pass, make a rough estimation of addrs[]
  	 * each bpf instruction is translated to less than 64 bytes
  	 */
-@@ -592,11 +600,12 @@ cond_branch:			f_offset = addrs[i + filter[i].jf] - addrs[i];
+@@ -476,7 +484,7 @@ void bpf_jit_compile(struct sk_filter *fp)
+ 				func = sk_load_word;
+ common_load:			seen |= SEEN_DATAREF;
+ 				if ((int)K < 0)
+-					goto out;
++					goto error;
+ 				t_offset = func - (image + addrs[i]);
+ 				EMIT1_off32(0xbe, K); /* mov imm32,%esi */
+ 				EMIT1_off32(0xe8, t_offset); /* call */
+@@ -586,17 +594,18 @@ cond_branch:			f_offset = addrs[i + filter[i].jf] - addrs[i];
+ 				break;
+ 			default:
+ 				/* hmm, too complex filter, give up with jit compiler */
+-				goto out;
++				goto error;
+ 			}
+ 			ilen = prog - temp;
  			if (image) {
  				if (unlikely(proglen + ilen > oldproglen)) {
  					pr_err("bpb_jit_compile fatal error\n");
@@ -23767,7 +23783,7 @@ index 7c1b765..180e3b2 100644
 -					module_free(NULL, image);
 -					return;
 +					module_free_exec(NULL, image);
-+					goto out;
++					goto error;
  				}
 +				pax_open_kernel();
  				memcpy(image + proglen, temp, ilen);
@@ -23775,23 +23791,33 @@ index 7c1b765..180e3b2 100644
  			}
  			proglen += ilen;
  			addrs[i] = proglen;
-@@ -617,7 +626,7 @@ cond_branch:			f_offset = addrs[i + filter[i].jf] - addrs[i];
+@@ -617,11 +626,9 @@ cond_branch:			f_offset = addrs[i + filter[i].jf] - addrs[i];
  			break;
  		}
  		if (proglen == oldproglen) {
 -			image = module_alloc(max_t(unsigned int,
-+			image = module_alloc_exec(max_t(unsigned int,
- 						   proglen,
- 						   sizeof(struct work_struct)));
+-						   proglen,
+-						   sizeof(struct work_struct)));
++			image = module_alloc_exec(proglen);
  			if (!image)
-@@ -639,24 +648,27 @@ cond_branch:			f_offset = addrs[i + filter[i].jf] - addrs[i];
- 		fp->bpf_func = (void *)image;
+-				goto out;
++				goto error;
+ 		}
+ 		oldproglen = proglen;
  	}
+@@ -637,7 +644,10 @@ cond_branch:			f_offset = addrs[i + filter[i].jf] - addrs[i];
+ 		bpf_flush_icache(image, image + proglen);
+ 
+ 		fp->bpf_func = (void *)image;
+-	}
++	} else
++error:
++		kfree(fp->work);
++
  out:
-+	kfree(fp->work);
  	kfree(addrs);
  	return;
- }
+@@ -645,18 +655,20 @@ out:
  
  static void jit_free_defer(struct work_struct *arg)
  {
@@ -33547,7 +33573,7 @@ index 76ba8a1..20ca857 100644
  
  	/* initialize our int15 lock */
 diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c
-index cbfbab1..6a9fced 100644
+index 1cfbf22..be96487 100644
 --- a/drivers/pci/pcie/aspm.c
 +++ b/drivers/pci/pcie/aspm.c
 @@ -27,9 +27,9 @@