Skip checksum validation on ATS/RTS table entries #101
Comments
jphickey
changed the title
|
Note it's clunky and problematic for complex commands, but I just use macros in the rts tables as a workaround. Ex: |
|
Above breaks for changes in DS_CMD_MID or CC values, but that could be handled (I just don't). If someone did use sequence or time stamp then definitely breaks. Although that's beyond what SC can handle anyways at this point. |
|
Yes - sorta/kinda possible for the trivial checksum in the default cmd header. Stakeholders are using a lot more complex checksum that makes this kinda thing much more difficult. Furthermore, some header fields are updated in real time (timestamping, sequence numbering) that makes any sort of initial checksum irrelevant, it has to be calculated anyway. The main question is - would it cause any heartburn to simply remove this call to ValidateChecksum()? Doesn't seem to be a strong reason to have it in there. Other apps that send commands from a table (e.g. HS) don't do this. I don't think removing this will break any use cases, but it will permit use cases that are needed by the stakeholders. |
|
I'm not opposed to removing based on how I use the app and construct the tables. |
|
Feedback from other stakeholders indicates this should be made into an "opt-out" platform config option. Thus this will preserve historical behavior (to validate the checksum prior to send) as a default, but give users who have a complex checksum and/or need to recalculate it anyway the option to do so. |
|
@jphickey any stakeholder able to provide historical justification for this checksum? |
This adds a new SC platform configuration option: SC_PLATFORM_SC_ENABLE_HEADER_UPDATE This option is translated to the UpdateHeader option of CFE_SB_TransmitMsg() - If set to "false" (default) this replicates current behavior. In this mode, commands within ATS/RTS tables are expected to be fully initialized, including all headers and checksums, and the message will be passed verbatim to the software bus. - If set to "true" (new option) this permits the commands to be timestamped and sequenced according to the real time system state. The headers will be updated as part of sending the message on the bus, and a valid checksum will be computed in real time. Note - There is currently no way to perform a checksum computation during table generation, so inserting a valid checksum within in ATS/RTS table entries is difficult when a robust checksum algorithm is used.
This adds a new SC platform configuration option: SC_PLATFORM_SC_ENABLE_HEADER_UPDATE This option is translated to the UpdateHeader option of CFE_SB_TransmitMsg() - If set to "false" (default) this replicates current behavior. In this mode, commands within ATS/RTS tables are expected to be fully initialized, including all headers and checksums, and the message will be passed verbatim to the software bus. - If set to "true" (new option) this permits the commands to be timestamped and sequenced according to the real time system state. The headers will be updated as part of sending the message on the bus, and a valid checksum will be computed in real time. Note - There is currently no way to perform a checksum computation during table generation, so inserting a valid checksum within in ATS/RTS table entries is difficult when a robust checksum algorithm is used.
This adds a new SC platform configuration option: SC_PLATFORM_SC_ENABLE_HEADER_UPDATE This option is translated to the UpdateHeader option of CFE_SB_TransmitMsg() - If set to "false" (default) this replicates current behavior. In this mode, commands within ATS/RTS tables are expected to be fully initialized, including all headers and checksums, and the message will be passed verbatim to the software bus. - If set to "true" (new option) this permits the commands to be timestamped and sequenced according to the real time system state. The headers will be updated as part of sending the message on the bus, and a valid checksum will be computed in real time. Note - There is currently no way to perform a checksum computation during table generation, so inserting a valid checksum within in ATS/RTS table entries is difficult when a robust checksum algorithm is used.
In short -- no, not really. Only that it gave "reassurance" that the message wasn't bad. The fact that we have other mechanisms to do error checking (TBL and CS) that already confirm the table is good didn't seem to sway opinion. In the end, decided to name this as a "header update" switch. It directly controls the 2nd parameter to CFE_SB_TransmitMsg. But if set true, this also disables/bypasses the ValidateChecksum call prior to TransmitMsg, as its going to be recalculated. |
Fix #101, add header update platform config
Checklist (Please check before submitting)
Is your feature request related to a problem? Please describe.
When reading ATS/RTS table entries, SC validates the checksum on the entry before transmitting the message.
In order for this to validate, this implies that the ATS/RTS table embeds a correct message checksum within the message data. However, this is not easy to do, and there is no tool to aid in this process (either via
elf2cfetblor some other table-generation tool).Furthermore, if the outgoing command gets a sequence number or timestamp update, this necessitates [re]computing the checksum.
Describe the solution you'd like
Add an option to SC to skip the call to
CFE_MSG_ValidateChecksum()Describe alternatives you've considered
Could be removed entirely. Not sure what the original requirement was that justified having this in there.
Additional context
Note that the ATS/RTS info comes from a table, and the table data should be protected by its own checksum and validation. So requiring/expecting that the data inside that also have a checksum is redundant, in addition to being impractical.
The two calls are here:
SC/fsw/src/sc_cmds.c
Line 104 in afe3cf4
And here:
SC/fsw/src/sc_cmds.c
Line 332 in afe3cf4
Requester Info
Joseph Hickey, Vantage Systems, Inc.
The text was updated successfully, but these errors were encountered: