2018-05-02 23:45:23 -06:00
|
|
|
// board enforces
|
|
|
|
|
// in-state
|
|
|
|
|
// accel set/resume
|
|
|
|
|
// out-state
|
|
|
|
|
// cancel button
|
|
|
|
|
// accel rising edge
|
|
|
|
|
// brake rising edge
|
|
|
|
|
// brake > 0mph
|
|
|
|
|
|
|
|
|
|
int ford_brake_prev = 0;
|
|
|
|
|
int ford_gas_prev = 0;
|
|
|
|
|
int ford_is_moving = 0;
|
|
|
|
|
|
|
|
|
|
static void ford_rx_hook(CAN_FIFOMailBox_TypeDef *to_push) {
|
|
|
|
|
|
|
|
|
|
if ((to_push->RIR>>21) == 0x217) {
|
|
|
|
|
// wheel speeds are 14 bits every 16
|
|
|
|
|
ford_is_moving = 0xFCFF & (to_push->RDLR | (to_push->RDLR >> 16) |
|
|
|
|
|
to_push->RDHR | (to_push->RDHR >> 16));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// state machine to enter and exit controls
|
|
|
|
|
if ((to_push->RIR>>21) == 0x83) {
|
2019-06-12 21:12:48 -06:00
|
|
|
bool cancel = (to_push->RDLR >> 8) & 0x1;
|
|
|
|
|
bool set_or_resume = (to_push->RDLR >> 28) & 0x3;
|
2018-05-02 23:45:23 -06:00
|
|
|
if (cancel) {
|
|
|
|
|
controls_allowed = 0;
|
|
|
|
|
} else if (set_or_resume) {
|
|
|
|
|
controls_allowed = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// exit controls on rising edge of brake press or on brake press when
|
|
|
|
|
// speed > 0
|
|
|
|
|
if ((to_push->RIR>>21) == 0x165) {
|
|
|
|
|
int brake = to_push->RDLR & 0x20;
|
|
|
|
|
if (brake && (!(ford_brake_prev) || ford_is_moving)) {
|
|
|
|
|
controls_allowed = 0;
|
|
|
|
|
}
|
|
|
|
|
ford_brake_prev = brake;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// exit controls on rising edge of gas press
|
|
|
|
|
if ((to_push->RIR>>21) == 0x204) {
|
|
|
|
|
int gas = to_push->RDLR & 0xFF03;
|
|
|
|
|
if (gas && !(ford_gas_prev)) {
|
|
|
|
|
controls_allowed = 0;
|
|
|
|
|
}
|
|
|
|
|
ford_gas_prev = gas;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// all commands: just steering
|
|
|
|
|
// if controls_allowed and no pedals pressed
|
|
|
|
|
// allow all commands up to limit
|
|
|
|
|
// else
|
|
|
|
|
// block all commands that produce actuation
|
|
|
|
|
|
|
|
|
|
static int ford_tx_hook(CAN_FIFOMailBox_TypeDef *to_send) {
|
|
|
|
|
|
2019-06-12 19:18:07 -06:00
|
|
|
int tx = 1;
|
2018-05-02 23:45:23 -06:00
|
|
|
// disallow actuator commands if gas or brake (with vehicle moving) are pressed
|
|
|
|
|
// and the the latching controls_allowed flag is True
|
|
|
|
|
int pedal_pressed = ford_gas_prev || (ford_brake_prev && ford_is_moving);
|
2019-06-12 21:12:48 -06:00
|
|
|
bool current_controls_allowed = controls_allowed && !(pedal_pressed);
|
2019-06-12 19:18:07 -06:00
|
|
|
int addr = to_send->RIR >> 21;
|
2018-05-02 23:45:23 -06:00
|
|
|
|
|
|
|
|
// STEER: safety check
|
2019-06-12 19:18:07 -06:00
|
|
|
if (addr == 0x3CA) {
|
2018-05-02 23:45:23 -06:00
|
|
|
if (current_controls_allowed) {
|
|
|
|
|
// all messages are fine here
|
|
|
|
|
} else {
|
|
|
|
|
// bits 7-4 need to be 0xF to disallow lkas commands
|
2019-06-12 19:18:07 -06:00
|
|
|
if (((to_send->RDLR >> 4) & 0xF) != 0xF) {
|
|
|
|
|
tx = 0;
|
|
|
|
|
}
|
2018-05-02 23:45:23 -06:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// FORCE CANCEL: safety check only relevant when spamming the cancel button
|
|
|
|
|
// ensuring that set and resume aren't sent
|
2019-06-12 19:18:07 -06:00
|
|
|
if (addr == 0x83) {
|
2019-06-12 21:12:48 -06:00
|
|
|
if (((to_send->RDLR >> 28) & 0x3) != 0) {
|
2019-06-12 19:18:07 -06:00
|
|
|
tx = 0;
|
|
|
|
|
}
|
2018-05-02 23:45:23 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 1 allows the message through
|
2019-06-12 19:18:07 -06:00
|
|
|
return tx;
|
2018-05-02 23:45:23 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const safety_hooks ford_hooks = {
|
2018-08-28 17:01:40 -06:00
|
|
|
.init = nooutput_init,
|
2018-05-02 23:45:23 -06:00
|
|
|
.rx = ford_rx_hook,
|
|
|
|
|
.tx = ford_tx_hook,
|
2018-08-28 17:01:40 -06:00
|
|
|
.tx_lin = nooutput_tx_lin_hook,
|
2018-05-25 19:20:55 -06:00
|
|
|
.ignition = default_ign_hook,
|
2019-06-11 20:50:12 -06:00
|
|
|
.fwd = default_fwd_hook,
|
2018-05-02 23:45:23 -06:00
|
|
|
};
|
