diff --git a/board/safety.h b/board/safety.h index 1b53379d8e8322..25d8abf3903282 100644 --- a/board/safety.h +++ b/board/safety.h @@ -13,6 +13,7 @@ uint32_t get_ts_elapsed(uint32_t ts, uint32_t ts_last); int to_signed(int d, int bits); void update_sample(struct sample_t *sample, int sample_new); int rt_rate_limit_check(int val, int val_last, const int MAX_RT_DELTA); +int max_limit_check(int val, const int MAX); typedef void (*safety_hook_init)(int16_t param); typedef void (*rx_hook)(CAN_FIFOMailBox_TypeDef *to_push); @@ -153,3 +154,7 @@ int rt_rate_limit_check(int val, int val_last, const int MAX_RT_DELTA) { // return 1 if violation return (val < lowest_val) || (val > highest_val); } + +int max_limit_check(int val, const int MAX) { + return (val > MAX) | (val < -MAX); +} diff --git a/board/safety/safety_cadillac.h b/board/safety/safety_cadillac.h index 6660b0387a2329..94c356d01ec7bc 100644 --- a/board/safety/safety_cadillac.h +++ b/board/safety/safety_cadillac.h @@ -71,9 +71,7 @@ static int cadillac_tx_hook(CAN_FIFOMailBox_TypeDef *to_send) { if (controls_allowed) { // *** global torque limit check *** - if ((desired_torque > CADILLAC_STEER_MAX) || (desired_torque < -CADILLAC_STEER_MAX)) { - violation = 1; - } + violation |= max_limit_check(desired_torque, CADILLAC_STEER_MAX); // *** torque rate limit check *** int highest_allowed_torque = max(cadillac_desired_torque_last[idx], 0) + CADILLAC_MAX_RATE_UP; @@ -99,7 +97,7 @@ static int cadillac_tx_hook(CAN_FIFOMailBox_TypeDef *to_send) { violation = 1; } - //// used next time + // used next time cadillac_desired_torque_last[idx] = desired_torque; // *** torque real time rate limit check *** diff --git a/board/safety/safety_toyota.h b/board/safety/safety_toyota.h index 83b96822d0c5f5..426b9d8fac32db 100644 --- a/board/safety/safety_toyota.h +++ b/board/safety/safety_toyota.h @@ -89,8 +89,7 @@ static int toyota_tx_hook(CAN_FIFOMailBox_TypeDef *to_send) { if (controls_allowed && actuation_limits) { // *** global torque limit check *** - if (desired_torque < -MAX_TORQUE) violation = 1; - if (desired_torque > MAX_TORQUE) violation = 1; + violation |= max_limit_check(desired_torque, MAX_TORQUE); // *** torque rate limit check *** int16_t highest_allowed_torque = max(desired_torque_last, 0) + MAX_RATE_UP;