From a0b1d64e4e62cc0c971802d5a119c59821c940b1 Mon Sep 17 00:00:00 2001 From: Shane Smiskol Date: Wed, 30 Nov 2022 18:56:05 -0800 Subject: [PATCH] Honda Nidec: max gas safety and common speed cmd checks (#1179) * limit gas and speed * gas safety test --- board/safety.h | 4 ++++ board/safety/safety_honda.h | 13 +++++++++---- board/safety_declarations.h | 4 ++++ tests/safety/test_honda.py | 5 +++-- 4 files changed, 20 insertions(+), 6 deletions(-) diff --git a/board/safety.h b/board/safety.h index b12d75090..54d243d39 100644 --- a/board/safety.h +++ b/board/safety.h @@ -494,6 +494,10 @@ bool longitudinal_accel_checks(int desired_accel, const LongitudinalLimits limit return violation; } +bool longitudinal_speed_checks(int desired_speed, const LongitudinalLimits limits, const bool longitudinal_allowed) { + return !longitudinal_allowed && (desired_speed != limits.inactive_speed); +} + bool longitudinal_gas_checks(int desired_gas, const LongitudinalLimits limits, const bool longitudinal_allowed) { bool violation = false; if (!longitudinal_allowed) { diff --git a/board/safety/safety_honda.h b/board/safety/safety_honda.h index 504bf228b..1880d26d9 100644 --- a/board/safety/safety_honda.h +++ b/board/safety/safety_honda.h @@ -27,7 +27,10 @@ const LongitudinalLimits HONDA_BOSCH_LONG_LIMITS = { }; const LongitudinalLimits HONDA_NIDEC_LONG_LIMITS = { + .max_gas = 198, // 0xc6 .max_brake = 255, + + .inactive_speed = 0, }; // Nidec and bosch radarless has the powertrain bus on bus 0 @@ -280,10 +283,12 @@ static int honda_tx_hook(CANPacket_t *to_send, bool longitudinal_allowed) { if ((addr == 0x30C) && (bus == bus_pt)) { int pcm_speed = (GET_BYTE(to_send, 0) << 8) | GET_BYTE(to_send, 1); int pcm_gas = GET_BYTE(to_send, 2); - if (!longitudinal_allowed) { - if ((pcm_speed != 0) || (pcm_gas != 0)) { - tx = 0; - } + + bool violation = false; + violation |= longitudinal_speed_checks(pcm_speed, HONDA_NIDEC_LONG_LIMITS, longitudinal_allowed); + violation |= longitudinal_gas_checks(pcm_gas, HONDA_NIDEC_LONG_LIMITS, longitudinal_allowed); + if (violation) { + tx = 0; } } diff --git a/board/safety_declarations.h b/board/safety_declarations.h index e7d40630e..da79e89a2 100644 --- a/board/safety_declarations.h +++ b/board/safety_declarations.h @@ -66,6 +66,9 @@ typedef struct { const int min_gas; const int inactive_gas; const int max_brake; + + // speed cmd limits + const int inactive_speed; } LongitudinalLimits; typedef struct { @@ -128,6 +131,7 @@ void relay_malfunction_set(void); void relay_malfunction_reset(void); bool steer_torque_cmd_checks(int desired_torque, int steer_req, const SteeringLimits limits); bool longitudinal_accel_checks(int desired_accel, const LongitudinalLimits limits, const bool longitudinal_allowed); +bool longitudinal_speed_checks(int desired_speed, const LongitudinalLimits limits, const bool longitudinal_allowed); bool longitudinal_gas_checks(int desired_gas, const LongitudinalLimits limits, const bool longitudinal_allowed); bool longitudinal_brake_checks(int desired_brake, const LongitudinalLimits limits, const bool longitudinal_allowed); bool longitudinal_interceptor_checks(CANPacket_t *to_send, const bool longitudinal_allowed); diff --git a/tests/safety/test_honda.py b/tests/safety/test_honda.py index f3fadb1ad..9a429771a 100755 --- a/tests/safety/test_honda.py +++ b/tests/safety/test_honda.py @@ -266,6 +266,7 @@ class TestHondaNidecSafetyBase(HondaBase): BUTTONS_BUS = 0 INTERCEPTOR_THRESHOLD = 492 + MAX_GAS = 198 @classmethod def setUpClass(cls): @@ -297,9 +298,9 @@ class TestHondaNidecSafetyBase(HondaBase): def test_acc_hud_safety_check(self): for controls_allowed in [True, False]: self.safety.set_controls_allowed(controls_allowed) - for pcm_gas in range(0, 0xc6): + for pcm_gas in range(0, 255): for pcm_speed in range(0, 100): - send = True if controls_allowed else pcm_gas == 0 and pcm_speed == 0 + send = pcm_gas <= self.MAX_GAS if controls_allowed else pcm_gas == 0 and pcm_speed == 0 self.assertEqual(send, self.safety.safety_tx_hook(self._send_acc_hud_msg(pcm_gas, pcm_speed))) def test_fwd_hook(self):