Monthly Archives: May 2015

DNSSEC support in OpenWrt 15.05 Chaos Calmer

DNSSEC does not require any special support on the router, since the validation is typically done by the client itself. However, caching the DNSSEC records makes validation for clients faster, and a router in a trusted network can provide DNS replies which carry the ad flag (authenticated data).

Chaos Calmer comes with dnsmasq without DNSSEC validation support by default (DNSSEC is not enabled at compile time). However, one can use the dnsmasq-full package, which provides the DNSSEC features. Without DNSSEC compiled in or enabled, dnsmasq forwards the DNSSEC records properly, however it does not validate them and therefor the DNS replies do not contain the ad flag:

# dig SOA +dnssec

; <<>> DiG 9.9.6-P1 <<>> SOA +dnssec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62577
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 6, ADDITIONAL: 11
   ^^^^^^^^^^^^^^^ (no ad flag, dnsmasq did not authenticated the DNS response)

Read more »

Vybrid Cortex-M4 Linux support – Status update

Vybrid Cortex-M4 Linux boot log

Vybrid Cortex-M4 Linux boot log

This is a status update about my work on Linux for Cortex-M4 inside Freescale Vybrid SoC’s. While I managed to boot Linux on the M4 core since fall last year, several improvements have been made since then.

MSCM interrupt router driver

Peripheral interrupts need to be routed to the core requiring them. The routing is done by the interrupt router inside MSCM (Miscellaneous System Control Module). So far, the boot loader (U-Boot) configured all interrupts to the primary core. A proper driver for the interrupt router was missing, hence to get Linux running on the secondary core, manual fiddling of the interrupt router registers was needed. Read more »