Reject replies with length >= sizeof(BSTPacket) to prevent OOB read
in CRC calculation. Clamp dev_name_len to buffer size to prevent OOB
write during null termination.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* docs(ekf2): clarify EKF2_HGT_REF param description
To me it was not obvious that with EKF2_GPS_CTRL=0 this altitude
initialisation based on GPS again does not apply.
* docs(ekf2): separate paragraph
Prevent potential stack overflow from symlink loops or deeply nested
directories by capping recursion to 3 levels. Also fixes dot-entry
skipping to use strcmp instead of prefix check, and deduplicates the
filepath construction.
* Applying PR #17084
* Comitting missing changes
* Adding incoming SETUP_SIGNING handling
* Adding proper message decoding for SETUP_SIGNING
* Adding persistance of sign key in chunks of 32 bits into parameters
* Allowing SETUP_SIGNING to be handled only on usb_uart
* Removing unused type and variable
* Changing the default for Mavlink Timestamp
* Fixing styling
* Merging
* Merging submodules
* Replacing parameters with sdcard storage for secured key and ts
* Fixing styles
* Isolating signing related items in separate class
* Adding new files
* Syncing with main
* Fixing styles
* Changing the signing logic to work only if key and ts properly initialized, adding store the ts on stop
* Updated submodules to latest versions
* Updated gz to proper version
* libfc-sensor-api to proper version
* libcanard to proper version
* Updated fuzztest to proper version
* Updated public_regulated_data_types to proper version
* Updated mip_sdk to proper version
* Updated pydronecan to proper version
* Updated rosidl to proper version
* Fixing styles
* Fixing cyclonedds version
* initializing sign control in the member declaration
* Update src/modules/mavlink/mavlink_main.h
Co-authored-by: Jacob Dahl <37091262+dakejahl@users.noreply.github.com>
* Fixing comments
* Fixing duplicate method
* Fixing defines
* Fixing styles
* Fixing the define errors
* replace duplicate logic with write_key_and_timestamp() function
* add docs
* Update docs/en/mavlink/message_signing.md
Co-authored-by: Julian Oes <julian@oes.ch>
* Update src/modules/mavlink/mavlink_sign_control.cpp
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
* Update src/modules/mavlink/mavlink_sign_control.h
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
* Update docs/en/mavlink/message_signing.md
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
* rename to MAV_SIGN_CFG, fix copyright dates, fix docs SHA type, rename secrets file
* fix newlines
---------
Co-authored-by: Jacob Dahl <37091262+dakejahl@users.noreply.github.com>
Co-authored-by: Jacob Dahl <dahl.jakejacob@gmail.com>
Co-authored-by: Julian Oes <julian@oes.ch>
Co-authored-by: Hamish Willee <hamishwillee@gmail.com>
Add a new parameter to map a MAVLink MANUAL_CONTROL button to turtle
mode activation. When the manual control data source is a MAVLink
instance, the driver uses the buttons field directly instead of aux
channels. When the source is RC, the existing aux channel behavior
via VOXL_ESC_MODE is preserved. Set to -1 (default) to disable.
So transitions between stopped/not stopped respect the slew rate.
- Remove previous stopped motor handling in publish_actuator_controls
- Replace with handle_stopped_motors, called in Run() before slew
- Introduce ApplyNanToActuators in ControlAllocation to stop
- Refactor ice shedding slightly to fit new structure
migrateFWFromRoot held the SD root directory open via opendir/readdir
while performing heavy file I/O (getFileInfo, copyFw, unlink) inside the
loop. Between readdir calls the FAT semaphore is released, allowing
other tasks (e.g. logger) to dirty the shared FAT sector cache. When
the next FAT operation needed a different sector, fat_fscacheflush
would write the dirty data followed by an immediate read — triggering
a write-busy to read transition in the SDMMC WRCOMPLETE path that
kills the SD card on STM32H7.
Split into two phases: first collect .bin filenames with the directory
open, then close it before doing any file I/O. This also fixes a
missing closedir on the mkdir error path and avoids modifying directory
entries (via unlink) while iterating them with readdir.
On Linux targets with high-rate external sensor data (>1000Hz), all
sensor calibrations (gyro, accel, mag) can freeze PX4 by starving
other threads of CPU. Normal flight is unaffected — only calibration
triggers the problem.
Two compounding issues in the calibration worker threads:
1. calibrate_cancel_check() creates a new uORB::Subscription on every
call, which triggers getDeviceNodeLocked() — an O(n) linear strcmp
scan through all uORB nodes. In gyro/mag calibration this was called
on every sensor sample, consuming the majority of CPU in strcmp alone.
2. SubscriptionBlocking::updatedBlocking() returns immediately when data
is already available (it only blocks when no data is pending). With
continuous high-rate sensor data, the calibration loops never yield,
spinning at 100% CPU.
These problems are addressed with this patch as follows:
- Throttle calibrate_cancel_check() to once per 200ms in gyro
and mag calibration loops.
- Add 1ms px4_usleep() yield before updatedBlocking()/updateBlocking()
in all calibration loops (gyro, accel, mag, orientation detection).
This caps the effective loop rate at ~1000Hz — still far above what
calibration needs (250-750 samples).
- Force Commander main loop to sleep during calibration so it does not
compete with calibration worker threads for CPU.
Tested under Linux (x64, aarch64) both with RT and non-RT scheduling,
with sensor data arriving at ~3600Hz. Calibration completes normally
and no longer results in a deadlocked process.
* refactor: use parseDefaultArguments
* style: reverted changes to docs (should be auto-generated)
* refactor: use parseDefaultArguments
* style: reverted changes to docs (should be auto-generated)
Ramon Roche
Ege Kural
Balduin
Matthias Grob
ttechnick
Hamish Willee
Jacob Dahl
vertiq-jack
Balduin
Daniel Hadlow
yulianoifa-mobius
Marco Hauswirth
Mathieu Bresciani
Eric Katzfey
Jacob Dahl
Jeff Katz
Nick
Luka Filipovic
Phil-Engljaehringer