On Sat, Dec 15, 2012 at 01:21:42PM -0800, Jon Hermansen wrote: > I've been lurking here for a bit. I was quite excited by the prospect of a > software firewall stack based on RHEL. FWIW, the "wall" in Openwall does not refer to "firewall", although indeed you may use Owl as such. > One of the issues I encountered with > CentOS when trying it with my ALIX 2D2 > <http://www.pcengines.ch/alix2d2.htm>was that EL6 no longer supports > any processor less than an i686 (which the > AMD Geode is almost, except it doesn't support the nopl instruction). There was some debate in the Open Source community as to whether NOPL is part of the i686 architecture or not, and the outcome appears to be that it is not. Some i686 CPUs support it, some don't. > I see on the main page mentions of an i386 kernel. What are you referring to? > Can anyone tell me if > they've tried this kernel recently? And possibly on a Geode processor? > > See also: https://bugzilla.redhat.com/show_bug.cgi?id=579838 Thanks for the reference. I'd expect the existing and future Owl builds for i686 to work on AMD Geode fine. Basically, we're jumping over the versions of glibc and binutils that would expose the problem. I just tried: objdump -d /lib/libc.so.6 | fgrep '0f 1f' against our i686 build of Owl-current. It only found an instance of this byte sequence not at instruction boundaries - that is, it did not find any NOPL instructions in there. Why are you asking about the kernel? Were there any kernel versions that would expose the problem when the build system's binutils does not? My current understanding is that the problem was specific to glibc and binutils, but I could be wrong. AlexanderReceived on Sat Dec 15 2012 - 20:46:13 PST
This archive was generated by hypermail 2.2.0 : Sat Dec 15 2012 - 20:47:42 PST