Improve code and add a Flash CRC check

2021-07-16 21:17:59 +02:00
parent 864c3fa0f2
commit 1e870972e3
10 changed files with 266 additions and 11 deletions
--- a/stm-firmware/include/reflow-controller/safety/safety-config.h
+++ b/stm-firmware/include/reflow-controller/safety/safety-config.h
@@ -56,6 +56,8 @@ enum safety_flag {
 	ERR_FLAG_SAFETY_TAB_CORRUPT = (1<<16),
 	ERR_FLAG_AMON_SUPPLY_VOLT = (1<<17),
 	ERR_FLAG_OVERTEMP = (1<<18),
+	ERR_FLAG_FLASH_CRC_CODE = (1<<19),
+	ERR_FLAG_FLASH_CRC_DATA = (1<<20),
 };

 /**
@@ -166,6 +168,8 @@ enum analog_value_monitor {
 					ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_SAFETY_TAB_CORRUPT, true), \
 					ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_AMON_SUPPLY_VOLT, false), \
 					ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_OVERTEMP, false), \
+					ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_FLASH_CRC_CODE, true), \
+					ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_FLASH_CRC_DATA, true)
 /**
 * @brief Default config weights of safety flags. These values are loaded into the safety tables on startup
 */
@@ -188,5 +192,7 @@ enum analog_value_monitor {
 			ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_SAFETY_TAB_CORRUPT, SAFETY_FLAG_CONFIG_WEIGHT_PANIC), \
 			ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_AMON_SUPPLY_VOLT, SAFETY_FLAG_CONFIG_WEIGHT_PID), \
 			ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_OVERTEMP, SAFETY_FLAG_CONFIG_WEIGHT_PID), \
+			ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_FLASH_CRC_CODE, SAFETY_FLAG_CONFIG_WEIGHT_NONE), \
+			ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_FLASH_CRC_DATA, SAFETY_FLAG_CONFIG_WEIGHT_NONE), \

 #endif /* __SAFETY_CONFIG_H__ */
--- a/stm-firmware/include/reflow-controller/safety/safety-controller.h
+++ b/stm-firmware/include/reflow-controller/safety/safety-controller.h
@@ -267,6 +267,13 @@ int safety_controller_set_overtemp_limit(float over_temperature);
 */
 float safety_controller_get_overtemp_limit(void);

+/**
+ * @brief Perform a CRC check of the flash memory and set appropriate flags
+ * @return negative if internal error occured. Otherwise (independent from CRC check result) 0.
+ * @note This function requires the safety controller to be set up before!
+ */
+int safety_controller_trigger_flash_crc_check(void);
+
 #endif /* __SAFETY_CONTROLLER_H__ */

 /** @} */
--- a/stm-firmware/include/reflow-controller/safety/safety-memory.h
+++ b/stm-firmware/include/reflow-controller/safety/safety-memory.h
@@ -35,9 +35,14 @@
 #define SAFETY_MEMORY_MAGIC 0x12AA5CB7

 /**
- * @brief Error memory NOP entry
+ * @brief Error memory NOP entry word written to the memory
 */
-#define SAFETY_MEMORY_NOP_ENTRY 0xC1AA1222
+#define SAFETY_MEMORY_NOP_ENTRY_WORD 0xC1AA1222UL
+
+/**
+ * @brief Low Byte (byte 0) of error memory entry
+ */
+#define SAFETY_MEMORY_ERROR_ENTRY_MARKER 0x51U

 /**
 * @brief Offset address for the safety_memory_header.