diff --git a/stm-firmware/include/reflow-controller/safety/safety-config.h b/stm-firmware/include/reflow-controller/safety/safety-config.h index 4f451d7..b8d4609 100644 --- a/stm-firmware/include/reflow-controller/safety/safety-config.h +++ b/stm-firmware/include/reflow-controller/safety/safety-config.h @@ -69,6 +69,7 @@ enum safety_flag { ERR_FLAG_FLASH_CRC_DATA = (1<<20), ERR_FLAG_CFG_CRC_MEAS_ADC = (1<<21), ERR_FLAG_CFG_CRC_SAFETY_ADC = (1<<22), + ERR_FLAG_CFG_CRC_MISC = (1<<23), }; /** @@ -87,6 +88,7 @@ enum timing_monitor { enum crc_monitor { ERR_CRC_MON_MEAS_ADC = 0, ERR_CRC_MON_SAFETY_ADC, + ERR_CRC_MON_MISC, N_ERR_CRC_MON }; @@ -167,6 +169,12 @@ enum analog_value_monitor { */ #define SAFETY_CRC_MON_SAFETY_ADC_PW 0xA8DF2368 +/** + * @brief Password for resetting ERR_CRC_MON_MISC + * + */ +#define SAFETY_CRC_MON_MISC_PW 0x9A62E96A + /** * @brief Default persistence of safety flags. These values are loaded into the safety tables on startup. */ @@ -192,7 +200,8 @@ enum analog_value_monitor { ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_FLASH_CRC_CODE, true), \ ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_FLASH_CRC_DATA, true), \ ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_CFG_CRC_MEAS_ADC, true), \ - ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_CFG_CRC_SAFETY_ADC, true) + ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_CFG_CRC_SAFETY_ADC, true), \ + ERR_FLAG_PERSIST_ENTRY(ERR_FLAG_CFG_CRC_MISC, true), /** * @brief Default config weights of safety flags. These values are loaded into the safety tables on startup. */ @@ -218,6 +227,7 @@ enum analog_value_monitor { ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_FLASH_CRC_CODE, SAFETY_FLAG_CONFIG_WEIGHT_PANIC), \ ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_FLASH_CRC_DATA, SAFETY_FLAG_CONFIG_WEIGHT_PANIC), \ ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_CFG_CRC_MEAS_ADC, SAFETY_FLAG_CONFIG_WEIGHT_PID), \ - ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_CFG_CRC_SAFETY_ADC, SAFETY_FLAG_CONFIG_WEIGHT_PANIC) + ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_CFG_CRC_SAFETY_ADC, SAFETY_FLAG_CONFIG_WEIGHT_PANIC), \ + ERR_FLAG_WEIGHT_ENTRY(ERR_FLAG_CFG_CRC_MISC, SAFETY_FLAG_CONFIG_WEIGHT_PANIC) #endif /* __SAFETY_CONFIG_H__ */ diff --git a/stm-firmware/main.c b/stm-firmware/main.c index 0923a0b..b98f8e7 100644 --- a/stm-firmware/main.c +++ b/stm-firmware/main.c @@ -23,6 +23,7 @@ * @brief Main file for firmware */ +#include "reflow-controller/safety/safety-config.h" #include #include #include @@ -215,6 +216,9 @@ static inline void setup_system(void) /** - Enable the ADC for PT1000 measurement */ adc_pt1000_setup_meas(); + + /** - Enable the misc CRC config monitor to supervise clock, systick and flash settings */ + (void)safety_controller_set_crc_monitor(ERR_CRC_MON_MISC, SAFETY_CRC_MON_MISC_PW); } /** diff --git a/stm-firmware/safety/safety-controller.c b/stm-firmware/safety/safety-controller.c index 72f8df5..21305f1 100644 --- a/stm-firmware/safety/safety-controller.c +++ b/stm-firmware/safety/safety-controller.c @@ -23,6 +23,7 @@ * @{ */ +#include "stm32/stm32f407xx.h" #include #include #include @@ -163,9 +164,15 @@ struct crc_monitor_register { #define CRC_MON_REGISTER_ENTRY(_addr, _mask, _size) {.reg_addr = &(_addr), .mask = (_mask), .size = (_size)} +/** + * @brief Sentinel Element for crc monitor register list + * + */ +#define CRC_MON_REGISTER_SENTINEL {.reg_addr = NULL, .mask = 0, .size = 0} + struct crc_mon { /** - * @brief Array of registers to monitor. Terminated by NULL sentinel! + * @brief Array of registers to monitor. Terminated by NULL sentinel @ref CRC_MON_REGISTER_SENTINEL */ const struct crc_monitor_register *registers; const enum crc_monitor monitor; @@ -204,6 +211,7 @@ static volatile struct error_flag IN_SECTION(.ccm.data) flags[] = { ERR_FLAG_ENTRY(ERR_FLAG_FLASH_CRC_DATA), ERR_FLAG_ENTRY(ERR_FLAG_CFG_CRC_MEAS_ADC), ERR_FLAG_ENTRY(ERR_FLAG_CFG_CRC_SAFETY_ADC), + ERR_FLAG_ENTRY(ERR_FLAG_CFG_CRC_MISC), }; /** @@ -291,7 +299,7 @@ static const struct crc_monitor_register meas_adc_crc_regs[] = { ADC_SQR2_SQ8 | ADC_SQR2_SQ7, 4), CRC_MON_REGISTER_ENTRY(ADC_PT1000_PERIPH->SQR3, ADC_SQR3_SQ6 | ADC_SQR3_SQ5 | ADC_SQR3_SQ4 | ADC_SQR3_SQ3 | ADC_SQR3_SQ2 | ADC_SQR3_SQ1, 4), - {NULL, 0, 0} + CRC_MON_REGISTER_SENTINEL }; static const struct crc_monitor_register safety_adc_crc_regs[] = { @@ -307,7 +315,23 @@ static const struct crc_monitor_register safety_adc_crc_regs[] = { ADC_SQR2_SQ8 | ADC_SQR2_SQ7, 4), CRC_MON_REGISTER_ENTRY(SAFETY_ADC_ADC_PERIPHERAL->SQR3, ADC_SQR3_SQ6 | ADC_SQR3_SQ5 | ADC_SQR3_SQ4 | ADC_SQR3_SQ3 | ADC_SQR3_SQ2 | ADC_SQR3_SQ1, 4), - {NULL, 0, 0} + CRC_MON_REGISTER_ENTRY(RCC->APB2ENR, SAFETY_ADC_ADC_RCC_MASK, 4), + CRC_MON_REGISTER_SENTINEL +}; + +static const struct crc_monitor_register misc_config_crc_regs[] = { + /* Check clock tree settings */ + CRC_MON_REGISTER_ENTRY(RCC->CR, RCC_CR_PLLON | RCC_CR_HSEON | RCC_CR_PLLI2SON | RCC_CR_HSION, 4), + CRC_MON_REGISTER_ENTRY(RCC->CFGR, RCC_CFGR_SWS | RCC_CFGR_HPRE | RCC_CFGR_PPRE1 | RCC_CFGR_PPRE2, 4), + CRC_MON_REGISTER_ENTRY(RCC->PLLCFGR, RCC_PLLCFGR_PLLM | RCC_PLLCFGR_PLLQ | RCC_PLLCFGR_PLLSRC | RCC_PLLCFGR_PLLP | RCC_PLLCFGR_PLLN | RCC_PLLCFGR_PLLM , 4), + /* Check Flash settings */ + CRC_MON_REGISTER_ENTRY(FLASH->ACR, FLASH_ACR_LATENCY | FLASH_ACR_DCEN | FLASH_ACR_ICEN | FLASH_ACR_PRFTEN, 4), + /* Check vector table offset */ + CRC_MON_REGISTER_ENTRY(SCB->VTOR, 0xFFFFFFFF, 4), + /* Check system tick configuration */ + CRC_MON_REGISTER_ENTRY(SysTick->CTRL, SysTick_CTRL_CLKSOURCE_Msk | SysTick_CTRL_TICKINT_Msk | SysTick_CTRL_ENABLE_Msk, 4), + CRC_MON_REGISTER_ENTRY(SysTick->LOAD, 0xFFFFFFFF, 4), + CRC_MON_REGISTER_SENTINEL }; static struct crc_mon IN_SECTION(.ccm.data) crc_monitors[] = { @@ -331,6 +355,16 @@ static struct crc_mon IN_SECTION(.ccm.data) crc_monitors[] = { .last_crc = 0UL, .active = false, }, + { + .registers = misc_config_crc_regs, + .monitor = ERR_CRC_MON_MISC, + .pw = SAFETY_CRC_MON_MISC_PW, + .flag_to_set = ERR_FLAG_CFG_CRC_MISC, + .expected_crc = 0UL, + .expected_crc_inv = ~0UL, + .last_crc = 0UL, + .active = false, + } }; /**