1 /* 2 * SMSC LAN9118 Ethernet interface emulation 3 * 4 * Copyright (c) 2009 CodeSourcery, LLC. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GNU GPL v2 8 * 9 * Contributions after 2012-01-13 are licensed under the terms of the 10 * GNU GPL, version 2 or (at your option) any later version. 11 */ 12 13 #include "qemu/osdep.h" 14 #include "hw/sysbus.h" 15 #include "migration/vmstate.h" 16 #include "net/net.h" 17 #include "net/eth.h" 18 #include "hw/hw.h" 19 #include "hw/irq.h" 20 #include "hw/net/lan9118.h" 21 #include "hw/ptimer.h" 22 #include "hw/qdev-properties.h" 23 #include "qapi/error.h" 24 #include "qemu/log.h" 25 #include "qemu/module.h" 26 /* For crc32 */ 27 #include <zlib.h> 28 29 //#define DEBUG_LAN9118 30 31 #ifdef DEBUG_LAN9118 32 #define DPRINTF(fmt, ...) \ 33 do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0) 34 #define BADF(fmt, ...) \ 35 do { hw_error("lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 36 #else 37 #define DPRINTF(fmt, ...) do {} while(0) 38 #define BADF(fmt, ...) \ 39 do { fprintf(stderr, "lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 40 #endif 41 42 #define CSR_ID_REV 0x50 43 #define CSR_IRQ_CFG 0x54 44 #define CSR_INT_STS 0x58 45 #define CSR_INT_EN 0x5c 46 #define CSR_BYTE_TEST 0x64 47 #define CSR_FIFO_INT 0x68 48 #define CSR_RX_CFG 0x6c 49 #define CSR_TX_CFG 0x70 50 #define CSR_HW_CFG 0x74 51 #define CSR_RX_DP_CTRL 0x78 52 #define CSR_RX_FIFO_INF 0x7c 53 #define CSR_TX_FIFO_INF 0x80 54 #define CSR_PMT_CTRL 0x84 55 #define CSR_GPIO_CFG 0x88 56 #define CSR_GPT_CFG 0x8c 57 #define CSR_GPT_CNT 0x90 58 #define CSR_WORD_SWAP 0x98 59 #define CSR_FREE_RUN 0x9c 60 #define CSR_RX_DROP 0xa0 61 #define CSR_MAC_CSR_CMD 0xa4 62 #define CSR_MAC_CSR_DATA 0xa8 63 #define CSR_AFC_CFG 0xac 64 #define CSR_E2P_CMD 0xb0 65 #define CSR_E2P_DATA 0xb4 66 67 #define E2P_CMD_MAC_ADDR_LOADED 0x100 68 69 /* IRQ_CFG */ 70 #define IRQ_INT 0x00001000 71 #define IRQ_EN 0x00000100 72 #define IRQ_POL 0x00000010 73 #define IRQ_TYPE 0x00000001 74 75 /* INT_STS/INT_EN */ 76 #define SW_INT 0x80000000 77 #define TXSTOP_INT 0x02000000 78 #define RXSTOP_INT 0x01000000 79 #define RXDFH_INT 0x00800000 80 #define TX_IOC_INT 0x00200000 81 #define RXD_INT 0x00100000 82 #define GPT_INT 0x00080000 83 #define PHY_INT 0x00040000 84 #define PME_INT 0x00020000 85 #define TXSO_INT 0x00010000 86 #define RWT_INT 0x00008000 87 #define RXE_INT 0x00004000 88 #define TXE_INT 0x00002000 89 #define TDFU_INT 0x00000800 90 #define TDFO_INT 0x00000400 91 #define TDFA_INT 0x00000200 92 #define TSFF_INT 0x00000100 93 #define TSFL_INT 0x00000080 94 #define RXDF_INT 0x00000040 95 #define RDFL_INT 0x00000020 96 #define RSFF_INT 0x00000010 97 #define RSFL_INT 0x00000008 98 #define GPIO2_INT 0x00000004 99 #define GPIO1_INT 0x00000002 100 #define GPIO0_INT 0x00000001 101 #define RESERVED_INT 0x7c001000 102 103 #define MAC_CR 1 104 #define MAC_ADDRH 2 105 #define MAC_ADDRL 3 106 #define MAC_HASHH 4 107 #define MAC_HASHL 5 108 #define MAC_MII_ACC 6 109 #define MAC_MII_DATA 7 110 #define MAC_FLOW 8 111 #define MAC_VLAN1 9 /* TODO */ 112 #define MAC_VLAN2 10 /* TODO */ 113 #define MAC_WUFF 11 /* TODO */ 114 #define MAC_WUCSR 12 /* TODO */ 115 116 #define MAC_CR_RXALL 0x80000000 117 #define MAC_CR_RCVOWN 0x00800000 118 #define MAC_CR_LOOPBK 0x00200000 119 #define MAC_CR_FDPX 0x00100000 120 #define MAC_CR_MCPAS 0x00080000 121 #define MAC_CR_PRMS 0x00040000 122 #define MAC_CR_INVFILT 0x00020000 123 #define MAC_CR_PASSBAD 0x00010000 124 #define MAC_CR_HO 0x00008000 125 #define MAC_CR_HPFILT 0x00002000 126 #define MAC_CR_LCOLL 0x00001000 127 #define MAC_CR_BCAST 0x00000800 128 #define MAC_CR_DISRTY 0x00000400 129 #define MAC_CR_PADSTR 0x00000100 130 #define MAC_CR_BOLMT 0x000000c0 131 #define MAC_CR_DFCHK 0x00000020 132 #define MAC_CR_TXEN 0x00000008 133 #define MAC_CR_RXEN 0x00000004 134 #define MAC_CR_RESERVED 0x7f404213 135 136 #define PHY_INT_ENERGYON 0x80 137 #define PHY_INT_AUTONEG_COMPLETE 0x40 138 #define PHY_INT_FAULT 0x20 139 #define PHY_INT_DOWN 0x10 140 #define PHY_INT_AUTONEG_LP 0x08 141 #define PHY_INT_PARFAULT 0x04 142 #define PHY_INT_AUTONEG_PAGE 0x02 143 144 #define GPT_TIMER_EN 0x20000000 145 146 enum tx_state { 147 TX_IDLE, 148 TX_B, 149 TX_DATA 150 }; 151 152 typedef struct { 153 /* state is a tx_state but we can't put enums in VMStateDescriptions. */ 154 uint32_t state; 155 uint32_t cmd_a; 156 uint32_t cmd_b; 157 int32_t buffer_size; 158 int32_t offset; 159 int32_t pad; 160 int32_t fifo_used; 161 int32_t len; 162 uint8_t data[2048]; 163 } LAN9118Packet; 164 165 static const VMStateDescription vmstate_lan9118_packet = { 166 .name = "lan9118_packet", 167 .version_id = 1, 168 .minimum_version_id = 1, 169 .fields = (VMStateField[]) { 170 VMSTATE_UINT32(state, LAN9118Packet), 171 VMSTATE_UINT32(cmd_a, LAN9118Packet), 172 VMSTATE_UINT32(cmd_b, LAN9118Packet), 173 VMSTATE_INT32(buffer_size, LAN9118Packet), 174 VMSTATE_INT32(offset, LAN9118Packet), 175 VMSTATE_INT32(pad, LAN9118Packet), 176 VMSTATE_INT32(fifo_used, LAN9118Packet), 177 VMSTATE_INT32(len, LAN9118Packet), 178 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, 2048), 179 VMSTATE_END_OF_LIST() 180 } 181 }; 182 183 #define LAN9118(obj) OBJECT_CHECK(lan9118_state, (obj), TYPE_LAN9118) 184 185 typedef struct { 186 SysBusDevice parent_obj; 187 188 NICState *nic; 189 NICConf conf; 190 qemu_irq irq; 191 MemoryRegion mmio; 192 ptimer_state *timer; 193 194 uint32_t irq_cfg; 195 uint32_t int_sts; 196 uint32_t int_en; 197 uint32_t fifo_int; 198 uint32_t rx_cfg; 199 uint32_t tx_cfg; 200 uint32_t hw_cfg; 201 uint32_t pmt_ctrl; 202 uint32_t gpio_cfg; 203 uint32_t gpt_cfg; 204 uint32_t word_swap; 205 uint32_t free_timer_start; 206 uint32_t mac_cmd; 207 uint32_t mac_data; 208 uint32_t afc_cfg; 209 uint32_t e2p_cmd; 210 uint32_t e2p_data; 211 212 uint32_t mac_cr; 213 uint32_t mac_hashh; 214 uint32_t mac_hashl; 215 uint32_t mac_mii_acc; 216 uint32_t mac_mii_data; 217 uint32_t mac_flow; 218 219 uint32_t phy_status; 220 uint32_t phy_control; 221 uint32_t phy_advertise; 222 uint32_t phy_int; 223 uint32_t phy_int_mask; 224 225 int32_t eeprom_writable; 226 uint8_t eeprom[128]; 227 228 int32_t tx_fifo_size; 229 LAN9118Packet *txp; 230 LAN9118Packet tx_packet; 231 232 int32_t tx_status_fifo_used; 233 int32_t tx_status_fifo_head; 234 uint32_t tx_status_fifo[512]; 235 236 int32_t rx_status_fifo_size; 237 int32_t rx_status_fifo_used; 238 int32_t rx_status_fifo_head; 239 uint32_t rx_status_fifo[896]; 240 int32_t rx_fifo_size; 241 int32_t rx_fifo_used; 242 int32_t rx_fifo_head; 243 uint32_t rx_fifo[3360]; 244 int32_t rx_packet_size_head; 245 int32_t rx_packet_size_tail; 246 int32_t rx_packet_size[1024]; 247 248 int32_t rxp_offset; 249 int32_t rxp_size; 250 int32_t rxp_pad; 251 252 uint32_t write_word_prev_offset; 253 uint32_t write_word_n; 254 uint16_t write_word_l; 255 uint16_t write_word_h; 256 uint32_t read_word_prev_offset; 257 uint32_t read_word_n; 258 uint32_t read_long; 259 260 uint32_t mode_16bit; 261 } lan9118_state; 262 263 static const VMStateDescription vmstate_lan9118 = { 264 .name = "lan9118", 265 .version_id = 2, 266 .minimum_version_id = 1, 267 .fields = (VMStateField[]) { 268 VMSTATE_PTIMER(timer, lan9118_state), 269 VMSTATE_UINT32(irq_cfg, lan9118_state), 270 VMSTATE_UINT32(int_sts, lan9118_state), 271 VMSTATE_UINT32(int_en, lan9118_state), 272 VMSTATE_UINT32(fifo_int, lan9118_state), 273 VMSTATE_UINT32(rx_cfg, lan9118_state), 274 VMSTATE_UINT32(tx_cfg, lan9118_state), 275 VMSTATE_UINT32(hw_cfg, lan9118_state), 276 VMSTATE_UINT32(pmt_ctrl, lan9118_state), 277 VMSTATE_UINT32(gpio_cfg, lan9118_state), 278 VMSTATE_UINT32(gpt_cfg, lan9118_state), 279 VMSTATE_UINT32(word_swap, lan9118_state), 280 VMSTATE_UINT32(free_timer_start, lan9118_state), 281 VMSTATE_UINT32(mac_cmd, lan9118_state), 282 VMSTATE_UINT32(mac_data, lan9118_state), 283 VMSTATE_UINT32(afc_cfg, lan9118_state), 284 VMSTATE_UINT32(e2p_cmd, lan9118_state), 285 VMSTATE_UINT32(e2p_data, lan9118_state), 286 VMSTATE_UINT32(mac_cr, lan9118_state), 287 VMSTATE_UINT32(mac_hashh, lan9118_state), 288 VMSTATE_UINT32(mac_hashl, lan9118_state), 289 VMSTATE_UINT32(mac_mii_acc, lan9118_state), 290 VMSTATE_UINT32(mac_mii_data, lan9118_state), 291 VMSTATE_UINT32(mac_flow, lan9118_state), 292 VMSTATE_UINT32(phy_status, lan9118_state), 293 VMSTATE_UINT32(phy_control, lan9118_state), 294 VMSTATE_UINT32(phy_advertise, lan9118_state), 295 VMSTATE_UINT32(phy_int, lan9118_state), 296 VMSTATE_UINT32(phy_int_mask, lan9118_state), 297 VMSTATE_INT32(eeprom_writable, lan9118_state), 298 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128), 299 VMSTATE_INT32(tx_fifo_size, lan9118_state), 300 /* txp always points at tx_packet so need not be saved */ 301 VMSTATE_STRUCT(tx_packet, lan9118_state, 0, 302 vmstate_lan9118_packet, LAN9118Packet), 303 VMSTATE_INT32(tx_status_fifo_used, lan9118_state), 304 VMSTATE_INT32(tx_status_fifo_head, lan9118_state), 305 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512), 306 VMSTATE_INT32(rx_status_fifo_size, lan9118_state), 307 VMSTATE_INT32(rx_status_fifo_used, lan9118_state), 308 VMSTATE_INT32(rx_status_fifo_head, lan9118_state), 309 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896), 310 VMSTATE_INT32(rx_fifo_size, lan9118_state), 311 VMSTATE_INT32(rx_fifo_used, lan9118_state), 312 VMSTATE_INT32(rx_fifo_head, lan9118_state), 313 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360), 314 VMSTATE_INT32(rx_packet_size_head, lan9118_state), 315 VMSTATE_INT32(rx_packet_size_tail, lan9118_state), 316 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024), 317 VMSTATE_INT32(rxp_offset, lan9118_state), 318 VMSTATE_INT32(rxp_size, lan9118_state), 319 VMSTATE_INT32(rxp_pad, lan9118_state), 320 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2), 321 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2), 322 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2), 323 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2), 324 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2), 325 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2), 326 VMSTATE_UINT32_V(read_long, lan9118_state, 2), 327 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2), 328 VMSTATE_END_OF_LIST() 329 } 330 }; 331 332 static void lan9118_update(lan9118_state *s) 333 { 334 int level; 335 336 /* TODO: Implement FIFO level IRQs. */ 337 level = (s->int_sts & s->int_en) != 0; 338 if (level) { 339 s->irq_cfg |= IRQ_INT; 340 } else { 341 s->irq_cfg &= ~IRQ_INT; 342 } 343 if ((s->irq_cfg & IRQ_EN) == 0) { 344 level = 0; 345 } 346 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { 347 /* Interrupt is active low unless we're configured as 348 * active-high polarity, push-pull type. 349 */ 350 level = !level; 351 } 352 qemu_set_irq(s->irq, level); 353 } 354 355 static void lan9118_mac_changed(lan9118_state *s) 356 { 357 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 358 } 359 360 static void lan9118_reload_eeprom(lan9118_state *s) 361 { 362 int i; 363 if (s->eeprom[0] != 0xa5) { 364 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED; 365 DPRINTF("MACADDR load failed\n"); 366 return; 367 } 368 for (i = 0; i < 6; i++) { 369 s->conf.macaddr.a[i] = s->eeprom[i + 1]; 370 } 371 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED; 372 DPRINTF("MACADDR loaded from eeprom\n"); 373 lan9118_mac_changed(s); 374 } 375 376 static void phy_update_irq(lan9118_state *s) 377 { 378 if (s->phy_int & s->phy_int_mask) { 379 s->int_sts |= PHY_INT; 380 } else { 381 s->int_sts &= ~PHY_INT; 382 } 383 lan9118_update(s); 384 } 385 386 static void phy_update_link(lan9118_state *s) 387 { 388 /* Autonegotiation status mirrors link status. */ 389 if (qemu_get_queue(s->nic)->link_down) { 390 s->phy_status &= ~0x0024; 391 s->phy_int |= PHY_INT_DOWN; 392 } else { 393 s->phy_status |= 0x0024; 394 s->phy_int |= PHY_INT_ENERGYON; 395 s->phy_int |= PHY_INT_AUTONEG_COMPLETE; 396 } 397 phy_update_irq(s); 398 } 399 400 static void lan9118_set_link(NetClientState *nc) 401 { 402 phy_update_link(qemu_get_nic_opaque(nc)); 403 } 404 405 static void phy_reset(lan9118_state *s) 406 { 407 s->phy_status = 0x7809; 408 s->phy_control = 0x3000; 409 s->phy_advertise = 0x01e1; 410 s->phy_int_mask = 0; 411 s->phy_int = 0; 412 phy_update_link(s); 413 } 414 415 static void lan9118_reset(DeviceState *d) 416 { 417 lan9118_state *s = LAN9118(d); 418 419 s->irq_cfg &= (IRQ_TYPE | IRQ_POL); 420 s->int_sts = 0; 421 s->int_en = 0; 422 s->fifo_int = 0x48000000; 423 s->rx_cfg = 0; 424 s->tx_cfg = 0; 425 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004; 426 s->pmt_ctrl &= 0x45; 427 s->gpio_cfg = 0; 428 s->txp->fifo_used = 0; 429 s->txp->state = TX_IDLE; 430 s->txp->cmd_a = 0xffffffffu; 431 s->txp->cmd_b = 0xffffffffu; 432 s->txp->len = 0; 433 s->txp->fifo_used = 0; 434 s->tx_fifo_size = 4608; 435 s->tx_status_fifo_used = 0; 436 s->rx_status_fifo_size = 704; 437 s->rx_fifo_size = 2640; 438 s->rx_fifo_used = 0; 439 s->rx_status_fifo_size = 176; 440 s->rx_status_fifo_used = 0; 441 s->rxp_offset = 0; 442 s->rxp_size = 0; 443 s->rxp_pad = 0; 444 s->rx_packet_size_tail = s->rx_packet_size_head; 445 s->rx_packet_size[s->rx_packet_size_head] = 0; 446 s->mac_cmd = 0; 447 s->mac_data = 0; 448 s->afc_cfg = 0; 449 s->e2p_cmd = 0; 450 s->e2p_data = 0; 451 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40; 452 453 ptimer_transaction_begin(s->timer); 454 ptimer_stop(s->timer); 455 ptimer_set_count(s->timer, 0xffff); 456 ptimer_transaction_commit(s->timer); 457 s->gpt_cfg = 0xffff; 458 459 s->mac_cr = MAC_CR_PRMS; 460 s->mac_hashh = 0; 461 s->mac_hashl = 0; 462 s->mac_mii_acc = 0; 463 s->mac_mii_data = 0; 464 s->mac_flow = 0; 465 466 s->read_word_n = 0; 467 s->write_word_n = 0; 468 469 phy_reset(s); 470 471 s->eeprom_writable = 0; 472 lan9118_reload_eeprom(s); 473 } 474 475 static void rx_fifo_push(lan9118_state *s, uint32_t val) 476 { 477 int fifo_pos; 478 fifo_pos = s->rx_fifo_head + s->rx_fifo_used; 479 if (fifo_pos >= s->rx_fifo_size) 480 fifo_pos -= s->rx_fifo_size; 481 s->rx_fifo[fifo_pos] = val; 482 s->rx_fifo_used++; 483 } 484 485 /* Return nonzero if the packet is accepted by the filter. */ 486 static int lan9118_filter(lan9118_state *s, const uint8_t *addr) 487 { 488 int multicast; 489 uint32_t hash; 490 491 if (s->mac_cr & MAC_CR_PRMS) { 492 return 1; 493 } 494 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff && 495 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) { 496 return (s->mac_cr & MAC_CR_BCAST) == 0; 497 } 498 499 multicast = addr[0] & 1; 500 if (multicast &&s->mac_cr & MAC_CR_MCPAS) { 501 return 1; 502 } 503 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0 504 : (s->mac_cr & MAC_CR_HO) == 0) { 505 /* Exact matching. */ 506 hash = memcmp(addr, s->conf.macaddr.a, 6); 507 if (s->mac_cr & MAC_CR_INVFILT) { 508 return hash != 0; 509 } else { 510 return hash == 0; 511 } 512 } else { 513 /* Hash matching */ 514 hash = net_crc32(addr, ETH_ALEN) >> 26; 515 if (hash & 0x20) { 516 return (s->mac_hashh >> (hash & 0x1f)) & 1; 517 } else { 518 return (s->mac_hashl >> (hash & 0x1f)) & 1; 519 } 520 } 521 } 522 523 static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf, 524 size_t size) 525 { 526 lan9118_state *s = qemu_get_nic_opaque(nc); 527 int fifo_len; 528 int offset; 529 int src_pos; 530 int n; 531 int filter; 532 uint32_t val; 533 uint32_t crc; 534 uint32_t status; 535 536 if ((s->mac_cr & MAC_CR_RXEN) == 0) { 537 return -1; 538 } 539 540 if (size >= 2048 || size < 14) { 541 return -1; 542 } 543 544 /* TODO: Implement FIFO overflow notification. */ 545 if (s->rx_status_fifo_used == s->rx_status_fifo_size) { 546 return -1; 547 } 548 549 filter = lan9118_filter(s, buf); 550 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) { 551 return size; 552 } 553 554 offset = (s->rx_cfg >> 8) & 0x1f; 555 n = offset & 3; 556 fifo_len = (size + n + 3) >> 2; 557 /* Add a word for the CRC. */ 558 fifo_len++; 559 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) { 560 return -1; 561 } 562 563 DPRINTF("Got packet len:%d fifo:%d filter:%s\n", 564 (int)size, fifo_len, filter ? "pass" : "fail"); 565 val = 0; 566 crc = bswap32(crc32(~0, buf, size)); 567 for (src_pos = 0; src_pos < size; src_pos++) { 568 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24); 569 n++; 570 if (n == 4) { 571 n = 0; 572 rx_fifo_push(s, val); 573 val = 0; 574 } 575 } 576 if (n) { 577 val >>= ((4 - n) * 8); 578 val |= crc << (n * 8); 579 rx_fifo_push(s, val); 580 val = crc >> ((4 - n) * 8); 581 rx_fifo_push(s, val); 582 } else { 583 rx_fifo_push(s, crc); 584 } 585 n = s->rx_status_fifo_head + s->rx_status_fifo_used; 586 if (n >= s->rx_status_fifo_size) { 587 n -= s->rx_status_fifo_size; 588 } 589 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len; 590 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023; 591 s->rx_status_fifo_used++; 592 593 status = (size + 4) << 16; 594 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff && 595 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) { 596 status |= 0x00002000; 597 } else if (buf[0] & 1) { 598 status |= 0x00000400; 599 } 600 if (!filter) { 601 status |= 0x40000000; 602 } 603 s->rx_status_fifo[n] = status; 604 605 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) { 606 s->int_sts |= RSFL_INT; 607 } 608 lan9118_update(s); 609 610 return size; 611 } 612 613 static uint32_t rx_fifo_pop(lan9118_state *s) 614 { 615 int n; 616 uint32_t val; 617 618 if (s->rxp_size == 0 && s->rxp_pad == 0) { 619 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head]; 620 s->rx_packet_size[s->rx_packet_size_head] = 0; 621 if (s->rxp_size != 0) { 622 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023; 623 s->rxp_offset = (s->rx_cfg >> 10) & 7; 624 n = s->rxp_offset + s->rxp_size; 625 switch (s->rx_cfg >> 30) { 626 case 1: 627 n = (-n) & 3; 628 break; 629 case 2: 630 n = (-n) & 7; 631 break; 632 default: 633 n = 0; 634 break; 635 } 636 s->rxp_pad = n; 637 DPRINTF("Pop packet size:%d offset:%d pad: %d\n", 638 s->rxp_size, s->rxp_offset, s->rxp_pad); 639 } 640 } 641 if (s->rxp_offset > 0) { 642 s->rxp_offset--; 643 val = 0; 644 } else if (s->rxp_size > 0) { 645 s->rxp_size--; 646 val = s->rx_fifo[s->rx_fifo_head++]; 647 if (s->rx_fifo_head >= s->rx_fifo_size) { 648 s->rx_fifo_head -= s->rx_fifo_size; 649 } 650 s->rx_fifo_used--; 651 } else if (s->rxp_pad > 0) { 652 s->rxp_pad--; 653 val = 0; 654 } else { 655 DPRINTF("RX underflow\n"); 656 s->int_sts |= RXE_INT; 657 val = 0; 658 } 659 lan9118_update(s); 660 return val; 661 } 662 663 static void do_tx_packet(lan9118_state *s) 664 { 665 int n; 666 uint32_t status; 667 668 /* FIXME: Honor TX disable, and allow queueing of packets. */ 669 if (s->phy_control & 0x4000) { 670 /* This assumes the receive routine doesn't touch the VLANClient. */ 671 lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 672 } else { 673 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 674 } 675 s->txp->fifo_used = 0; 676 677 if (s->tx_status_fifo_used == 512) { 678 /* Status FIFO full */ 679 return; 680 } 681 /* Add entry to status FIFO. */ 682 status = s->txp->cmd_b & 0xffff0000u; 683 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len); 684 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511; 685 s->tx_status_fifo[n] = status; 686 s->tx_status_fifo_used++; 687 if (s->tx_status_fifo_used == 512) { 688 s->int_sts |= TSFF_INT; 689 /* TODO: Stop transmission. */ 690 } 691 } 692 693 static uint32_t rx_status_fifo_pop(lan9118_state *s) 694 { 695 uint32_t val; 696 697 val = s->rx_status_fifo[s->rx_status_fifo_head]; 698 if (s->rx_status_fifo_used != 0) { 699 s->rx_status_fifo_used--; 700 s->rx_status_fifo_head++; 701 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) { 702 s->rx_status_fifo_head -= s->rx_status_fifo_size; 703 } 704 /* ??? What value should be returned when the FIFO is empty? */ 705 DPRINTF("RX status pop 0x%08x\n", val); 706 } 707 return val; 708 } 709 710 static uint32_t tx_status_fifo_pop(lan9118_state *s) 711 { 712 uint32_t val; 713 714 val = s->tx_status_fifo[s->tx_status_fifo_head]; 715 if (s->tx_status_fifo_used != 0) { 716 s->tx_status_fifo_used--; 717 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511; 718 /* ??? What value should be returned when the FIFO is empty? */ 719 } 720 return val; 721 } 722 723 static void tx_fifo_push(lan9118_state *s, uint32_t val) 724 { 725 int n; 726 727 if (s->txp->fifo_used == s->tx_fifo_size) { 728 s->int_sts |= TDFO_INT; 729 return; 730 } 731 switch (s->txp->state) { 732 case TX_IDLE: 733 s->txp->cmd_a = val & 0x831f37ff; 734 s->txp->fifo_used++; 735 s->txp->state = TX_B; 736 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11); 737 s->txp->offset = extract32(s->txp->cmd_a, 16, 5); 738 break; 739 case TX_B: 740 if (s->txp->cmd_a & 0x2000) { 741 /* First segment */ 742 s->txp->cmd_b = val; 743 s->txp->fifo_used++; 744 /* End alignment does not include command words. */ 745 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2; 746 switch ((n >> 24) & 3) { 747 case 1: 748 n = (-n) & 3; 749 break; 750 case 2: 751 n = (-n) & 7; 752 break; 753 default: 754 n = 0; 755 } 756 s->txp->pad = n; 757 s->txp->len = 0; 758 } 759 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n", 760 s->txp->buffer_size, s->txp->offset, s->txp->pad, 761 s->txp->cmd_a); 762 s->txp->state = TX_DATA; 763 break; 764 case TX_DATA: 765 if (s->txp->offset >= 4) { 766 s->txp->offset -= 4; 767 break; 768 } 769 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) { 770 s->txp->pad--; 771 } else { 772 n = MIN(4, s->txp->buffer_size + s->txp->offset); 773 while (s->txp->offset) { 774 val >>= 8; 775 n--; 776 s->txp->offset--; 777 } 778 /* Documentation is somewhat unclear on the ordering of bytes 779 in FIFO words. Empirical results show it to be little-endian. 780 */ 781 /* TODO: FIFO overflow checking. */ 782 while (n--) { 783 s->txp->data[s->txp->len] = val & 0xff; 784 s->txp->len++; 785 val >>= 8; 786 s->txp->buffer_size--; 787 } 788 s->txp->fifo_used++; 789 } 790 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) { 791 if (s->txp->cmd_a & 0x1000) { 792 do_tx_packet(s); 793 } 794 if (s->txp->cmd_a & 0x80000000) { 795 s->int_sts |= TX_IOC_INT; 796 } 797 s->txp->state = TX_IDLE; 798 } 799 break; 800 } 801 } 802 803 static uint32_t do_phy_read(lan9118_state *s, int reg) 804 { 805 uint32_t val; 806 807 switch (reg) { 808 case 0: /* Basic Control */ 809 return s->phy_control; 810 case 1: /* Basic Status */ 811 return s->phy_status; 812 case 2: /* ID1 */ 813 return 0x0007; 814 case 3: /* ID2 */ 815 return 0xc0d1; 816 case 4: /* Auto-neg advertisement */ 817 return s->phy_advertise; 818 case 5: /* Auto-neg Link Partner Ability */ 819 return 0x0f71; 820 case 6: /* Auto-neg Expansion */ 821 return 1; 822 /* TODO 17, 18, 27, 29, 30, 31 */ 823 case 29: /* Interrupt source. */ 824 val = s->phy_int; 825 s->phy_int = 0; 826 phy_update_irq(s); 827 return val; 828 case 30: /* Interrupt mask */ 829 return s->phy_int_mask; 830 default: 831 BADF("PHY read reg %d\n", reg); 832 return 0; 833 } 834 } 835 836 static void do_phy_write(lan9118_state *s, int reg, uint32_t val) 837 { 838 switch (reg) { 839 case 0: /* Basic Control */ 840 if (val & 0x8000) { 841 phy_reset(s); 842 break; 843 } 844 s->phy_control = val & 0x7980; 845 /* Complete autonegotiation immediately. */ 846 if (val & 0x1000) { 847 s->phy_status |= 0x0020; 848 } 849 break; 850 case 4: /* Auto-neg advertisement */ 851 s->phy_advertise = (val & 0x2d7f) | 0x80; 852 break; 853 /* TODO 17, 18, 27, 31 */ 854 case 30: /* Interrupt mask */ 855 s->phy_int_mask = val & 0xff; 856 phy_update_irq(s); 857 break; 858 default: 859 BADF("PHY write reg %d = 0x%04x\n", reg, val); 860 } 861 } 862 863 static void do_mac_write(lan9118_state *s, int reg, uint32_t val) 864 { 865 switch (reg) { 866 case MAC_CR: 867 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) { 868 s->int_sts |= RXSTOP_INT; 869 } 870 s->mac_cr = val & ~MAC_CR_RESERVED; 871 DPRINTF("MAC_CR: %08x\n", val); 872 break; 873 case MAC_ADDRH: 874 s->conf.macaddr.a[4] = val & 0xff; 875 s->conf.macaddr.a[5] = (val >> 8) & 0xff; 876 lan9118_mac_changed(s); 877 break; 878 case MAC_ADDRL: 879 s->conf.macaddr.a[0] = val & 0xff; 880 s->conf.macaddr.a[1] = (val >> 8) & 0xff; 881 s->conf.macaddr.a[2] = (val >> 16) & 0xff; 882 s->conf.macaddr.a[3] = (val >> 24) & 0xff; 883 lan9118_mac_changed(s); 884 break; 885 case MAC_HASHH: 886 s->mac_hashh = val; 887 break; 888 case MAC_HASHL: 889 s->mac_hashl = val; 890 break; 891 case MAC_MII_ACC: 892 s->mac_mii_acc = val & 0xffc2; 893 if (val & 2) { 894 DPRINTF("PHY write %d = 0x%04x\n", 895 (val >> 6) & 0x1f, s->mac_mii_data); 896 do_phy_write(s, (val >> 6) & 0x1f, s->mac_mii_data); 897 } else { 898 s->mac_mii_data = do_phy_read(s, (val >> 6) & 0x1f); 899 DPRINTF("PHY read %d = 0x%04x\n", 900 (val >> 6) & 0x1f, s->mac_mii_data); 901 } 902 break; 903 case MAC_MII_DATA: 904 s->mac_mii_data = val & 0xffff; 905 break; 906 case MAC_FLOW: 907 s->mac_flow = val & 0xffff0000; 908 break; 909 case MAC_VLAN1: 910 /* Writing to this register changes a condition for 911 * FrameTooLong bit in rx_status. Since we do not set 912 * FrameTooLong anyway, just ignore write to this. 913 */ 914 break; 915 default: 916 qemu_log_mask(LOG_GUEST_ERROR, 917 "lan9118: Unimplemented MAC register write: %d = 0x%x\n", 918 s->mac_cmd & 0xf, val); 919 } 920 } 921 922 static uint32_t do_mac_read(lan9118_state *s, int reg) 923 { 924 switch (reg) { 925 case MAC_CR: 926 return s->mac_cr; 927 case MAC_ADDRH: 928 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8); 929 case MAC_ADDRL: 930 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8) 931 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24); 932 case MAC_HASHH: 933 return s->mac_hashh; 934 break; 935 case MAC_HASHL: 936 return s->mac_hashl; 937 break; 938 case MAC_MII_ACC: 939 return s->mac_mii_acc; 940 case MAC_MII_DATA: 941 return s->mac_mii_data; 942 case MAC_FLOW: 943 return s->mac_flow; 944 default: 945 qemu_log_mask(LOG_GUEST_ERROR, 946 "lan9118: Unimplemented MAC register read: %d\n", 947 s->mac_cmd & 0xf); 948 return 0; 949 } 950 } 951 952 static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr) 953 { 954 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr; 955 switch (cmd) { 956 case 0: 957 s->e2p_data = s->eeprom[addr]; 958 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data); 959 break; 960 case 1: 961 s->eeprom_writable = 0; 962 DPRINTF("EEPROM Write Disable\n"); 963 break; 964 case 2: /* EWEN */ 965 s->eeprom_writable = 1; 966 DPRINTF("EEPROM Write Enable\n"); 967 break; 968 case 3: /* WRITE */ 969 if (s->eeprom_writable) { 970 s->eeprom[addr] &= s->e2p_data; 971 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data); 972 } else { 973 DPRINTF("EEPROM Write %d (ignored)\n", addr); 974 } 975 break; 976 case 4: /* WRAL */ 977 if (s->eeprom_writable) { 978 for (addr = 0; addr < 128; addr++) { 979 s->eeprom[addr] &= s->e2p_data; 980 } 981 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data); 982 } else { 983 DPRINTF("EEPROM Write All (ignored)\n"); 984 } 985 break; 986 case 5: /* ERASE */ 987 if (s->eeprom_writable) { 988 s->eeprom[addr] = 0xff; 989 DPRINTF("EEPROM Erase %d\n", addr); 990 } else { 991 DPRINTF("EEPROM Erase %d (ignored)\n", addr); 992 } 993 break; 994 case 6: /* ERAL */ 995 if (s->eeprom_writable) { 996 memset(s->eeprom, 0xff, 128); 997 DPRINTF("EEPROM Erase All\n"); 998 } else { 999 DPRINTF("EEPROM Erase All (ignored)\n"); 1000 } 1001 break; 1002 case 7: /* RELOAD */ 1003 lan9118_reload_eeprom(s); 1004 break; 1005 } 1006 } 1007 1008 static void lan9118_tick(void *opaque) 1009 { 1010 lan9118_state *s = (lan9118_state *)opaque; 1011 if (s->int_en & GPT_INT) { 1012 s->int_sts |= GPT_INT; 1013 } 1014 lan9118_update(s); 1015 } 1016 1017 static void lan9118_writel(void *opaque, hwaddr offset, 1018 uint64_t val, unsigned size) 1019 { 1020 lan9118_state *s = (lan9118_state *)opaque; 1021 offset &= 0xff; 1022 1023 //DPRINTF("Write reg 0x%02x = 0x%08x\n", (int)offset, val); 1024 if (offset >= 0x20 && offset < 0x40) { 1025 /* TX FIFO */ 1026 tx_fifo_push(s, val); 1027 return; 1028 } 1029 switch (offset) { 1030 case CSR_IRQ_CFG: 1031 /* TODO: Implement interrupt deassertion intervals. */ 1032 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); 1033 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; 1034 break; 1035 case CSR_INT_STS: 1036 s->int_sts &= ~val; 1037 break; 1038 case CSR_INT_EN: 1039 s->int_en = val & ~RESERVED_INT; 1040 s->int_sts |= val & SW_INT; 1041 break; 1042 case CSR_FIFO_INT: 1043 DPRINTF("FIFO INT levels %08x\n", val); 1044 s->fifo_int = val; 1045 break; 1046 case CSR_RX_CFG: 1047 if (val & 0x8000) { 1048 /* RX_DUMP */ 1049 s->rx_fifo_used = 0; 1050 s->rx_status_fifo_used = 0; 1051 s->rx_packet_size_tail = s->rx_packet_size_head; 1052 s->rx_packet_size[s->rx_packet_size_head] = 0; 1053 } 1054 s->rx_cfg = val & 0xcfff1ff0; 1055 break; 1056 case CSR_TX_CFG: 1057 if (val & 0x8000) { 1058 s->tx_status_fifo_used = 0; 1059 } 1060 if (val & 0x4000) { 1061 s->txp->state = TX_IDLE; 1062 s->txp->fifo_used = 0; 1063 s->txp->cmd_a = 0xffffffff; 1064 } 1065 s->tx_cfg = val & 6; 1066 break; 1067 case CSR_HW_CFG: 1068 if (val & 1) { 1069 /* SRST */ 1070 lan9118_reset(DEVICE(s)); 1071 } else { 1072 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4); 1073 } 1074 break; 1075 case CSR_RX_DP_CTRL: 1076 if (val & 0x80000000) { 1077 /* Skip forward to next packet. */ 1078 s->rxp_pad = 0; 1079 s->rxp_offset = 0; 1080 if (s->rxp_size == 0) { 1081 /* Pop a word to start the next packet. */ 1082 rx_fifo_pop(s); 1083 s->rxp_pad = 0; 1084 s->rxp_offset = 0; 1085 } 1086 s->rx_fifo_head += s->rxp_size; 1087 if (s->rx_fifo_head >= s->rx_fifo_size) { 1088 s->rx_fifo_head -= s->rx_fifo_size; 1089 } 1090 } 1091 break; 1092 case CSR_PMT_CTRL: 1093 if (val & 0x400) { 1094 phy_reset(s); 1095 } 1096 s->pmt_ctrl &= ~0x34e; 1097 s->pmt_ctrl |= (val & 0x34e); 1098 break; 1099 case CSR_GPIO_CFG: 1100 /* Probably just enabling LEDs. */ 1101 s->gpio_cfg = val & 0x7777071f; 1102 break; 1103 case CSR_GPT_CFG: 1104 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) { 1105 ptimer_transaction_begin(s->timer); 1106 if (val & GPT_TIMER_EN) { 1107 ptimer_set_count(s->timer, val & 0xffff); 1108 ptimer_run(s->timer, 0); 1109 } else { 1110 ptimer_stop(s->timer); 1111 ptimer_set_count(s->timer, 0xffff); 1112 } 1113 ptimer_transaction_commit(s->timer); 1114 } 1115 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff); 1116 break; 1117 case CSR_WORD_SWAP: 1118 /* Ignored because we're in 32-bit mode. */ 1119 s->word_swap = val; 1120 break; 1121 case CSR_MAC_CSR_CMD: 1122 s->mac_cmd = val & 0x4000000f; 1123 if (val & 0x80000000) { 1124 if (val & 0x40000000) { 1125 s->mac_data = do_mac_read(s, val & 0xf); 1126 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data); 1127 } else { 1128 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data); 1129 do_mac_write(s, val & 0xf, s->mac_data); 1130 } 1131 } 1132 break; 1133 case CSR_MAC_CSR_DATA: 1134 s->mac_data = val; 1135 break; 1136 case CSR_AFC_CFG: 1137 s->afc_cfg = val & 0x00ffffff; 1138 break; 1139 case CSR_E2P_CMD: 1140 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f); 1141 break; 1142 case CSR_E2P_DATA: 1143 s->e2p_data = val & 0xff; 1144 break; 1145 1146 default: 1147 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n", 1148 (int)offset, (int)val); 1149 break; 1150 } 1151 lan9118_update(s); 1152 } 1153 1154 static void lan9118_writew(void *opaque, hwaddr offset, 1155 uint32_t val) 1156 { 1157 lan9118_state *s = (lan9118_state *)opaque; 1158 offset &= 0xff; 1159 1160 if (s->write_word_prev_offset != (offset & ~0x3)) { 1161 /* New offset, reset word counter */ 1162 s->write_word_n = 0; 1163 s->write_word_prev_offset = offset & ~0x3; 1164 } 1165 1166 if (offset & 0x2) { 1167 s->write_word_h = val; 1168 } else { 1169 s->write_word_l = val; 1170 } 1171 1172 //DPRINTF("Writew reg 0x%02x = 0x%08x\n", (int)offset, val); 1173 s->write_word_n++; 1174 if (s->write_word_n == 2) { 1175 s->write_word_n = 0; 1176 lan9118_writel(s, offset & ~3, s->write_word_l + 1177 (s->write_word_h << 16), 4); 1178 } 1179 } 1180 1181 static void lan9118_16bit_mode_write(void *opaque, hwaddr offset, 1182 uint64_t val, unsigned size) 1183 { 1184 switch (size) { 1185 case 2: 1186 lan9118_writew(opaque, offset, (uint32_t)val); 1187 return; 1188 case 4: 1189 lan9118_writel(opaque, offset, val, size); 1190 return; 1191 } 1192 1193 hw_error("lan9118_write: Bad size 0x%x\n", size); 1194 } 1195 1196 static uint64_t lan9118_readl(void *opaque, hwaddr offset, 1197 unsigned size) 1198 { 1199 lan9118_state *s = (lan9118_state *)opaque; 1200 1201 //DPRINTF("Read reg 0x%02x\n", (int)offset); 1202 if (offset < 0x20) { 1203 /* RX FIFO */ 1204 return rx_fifo_pop(s); 1205 } 1206 switch (offset) { 1207 case 0x40: 1208 return rx_status_fifo_pop(s); 1209 case 0x44: 1210 return s->rx_status_fifo[s->tx_status_fifo_head]; 1211 case 0x48: 1212 return tx_status_fifo_pop(s); 1213 case 0x4c: 1214 return s->tx_status_fifo[s->tx_status_fifo_head]; 1215 case CSR_ID_REV: 1216 return 0x01180001; 1217 case CSR_IRQ_CFG: 1218 return s->irq_cfg; 1219 case CSR_INT_STS: 1220 return s->int_sts; 1221 case CSR_INT_EN: 1222 return s->int_en; 1223 case CSR_BYTE_TEST: 1224 return 0x87654321; 1225 case CSR_FIFO_INT: 1226 return s->fifo_int; 1227 case CSR_RX_CFG: 1228 return s->rx_cfg; 1229 case CSR_TX_CFG: 1230 return s->tx_cfg; 1231 case CSR_HW_CFG: 1232 return s->hw_cfg; 1233 case CSR_RX_DP_CTRL: 1234 return 0; 1235 case CSR_RX_FIFO_INF: 1236 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2); 1237 case CSR_TX_FIFO_INF: 1238 return (s->tx_status_fifo_used << 16) 1239 | (s->tx_fifo_size - s->txp->fifo_used); 1240 case CSR_PMT_CTRL: 1241 return s->pmt_ctrl; 1242 case CSR_GPIO_CFG: 1243 return s->gpio_cfg; 1244 case CSR_GPT_CFG: 1245 return s->gpt_cfg; 1246 case CSR_GPT_CNT: 1247 return ptimer_get_count(s->timer); 1248 case CSR_WORD_SWAP: 1249 return s->word_swap; 1250 case CSR_FREE_RUN: 1251 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start; 1252 case CSR_RX_DROP: 1253 /* TODO: Implement dropped frames counter. */ 1254 return 0; 1255 case CSR_MAC_CSR_CMD: 1256 return s->mac_cmd; 1257 case CSR_MAC_CSR_DATA: 1258 return s->mac_data; 1259 case CSR_AFC_CFG: 1260 return s->afc_cfg; 1261 case CSR_E2P_CMD: 1262 return s->e2p_cmd; 1263 case CSR_E2P_DATA: 1264 return s->e2p_data; 1265 } 1266 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset); 1267 return 0; 1268 } 1269 1270 static uint32_t lan9118_readw(void *opaque, hwaddr offset) 1271 { 1272 lan9118_state *s = (lan9118_state *)opaque; 1273 uint32_t val; 1274 1275 if (s->read_word_prev_offset != (offset & ~0x3)) { 1276 /* New offset, reset word counter */ 1277 s->read_word_n = 0; 1278 s->read_word_prev_offset = offset & ~0x3; 1279 } 1280 1281 s->read_word_n++; 1282 if (s->read_word_n == 1) { 1283 s->read_long = lan9118_readl(s, offset & ~3, 4); 1284 } else { 1285 s->read_word_n = 0; 1286 } 1287 1288 if (offset & 2) { 1289 val = s->read_long >> 16; 1290 } else { 1291 val = s->read_long & 0xFFFF; 1292 } 1293 1294 //DPRINTF("Readw reg 0x%02x, val 0x%x\n", (int)offset, val); 1295 return val; 1296 } 1297 1298 static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset, 1299 unsigned size) 1300 { 1301 switch (size) { 1302 case 2: 1303 return lan9118_readw(opaque, offset); 1304 case 4: 1305 return lan9118_readl(opaque, offset, size); 1306 } 1307 1308 hw_error("lan9118_read: Bad size 0x%x\n", size); 1309 return 0; 1310 } 1311 1312 static const MemoryRegionOps lan9118_mem_ops = { 1313 .read = lan9118_readl, 1314 .write = lan9118_writel, 1315 .endianness = DEVICE_NATIVE_ENDIAN, 1316 }; 1317 1318 static const MemoryRegionOps lan9118_16bit_mem_ops = { 1319 .read = lan9118_16bit_mode_read, 1320 .write = lan9118_16bit_mode_write, 1321 .endianness = DEVICE_NATIVE_ENDIAN, 1322 }; 1323 1324 static NetClientInfo net_lan9118_info = { 1325 .type = NET_CLIENT_DRIVER_NIC, 1326 .size = sizeof(NICState), 1327 .receive = lan9118_receive, 1328 .link_status_changed = lan9118_set_link, 1329 }; 1330 1331 static void lan9118_realize(DeviceState *dev, Error **errp) 1332 { 1333 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1334 lan9118_state *s = LAN9118(dev); 1335 int i; 1336 const MemoryRegionOps *mem_ops = 1337 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops; 1338 1339 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s, 1340 "lan9118-mmio", 0x100); 1341 sysbus_init_mmio(sbd, &s->mmio); 1342 sysbus_init_irq(sbd, &s->irq); 1343 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1344 1345 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf, 1346 object_get_typename(OBJECT(dev)), dev->id, s); 1347 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1348 s->eeprom[0] = 0xa5; 1349 for (i = 0; i < 6; i++) { 1350 s->eeprom[i + 1] = s->conf.macaddr.a[i]; 1351 } 1352 s->pmt_ctrl = 1; 1353 s->txp = &s->tx_packet; 1354 1355 s->timer = ptimer_init(lan9118_tick, s, PTIMER_POLICY_DEFAULT); 1356 ptimer_transaction_begin(s->timer); 1357 ptimer_set_freq(s->timer, 10000); 1358 ptimer_set_limit(s->timer, 0xffff, 1); 1359 ptimer_transaction_commit(s->timer); 1360 } 1361 1362 static Property lan9118_properties[] = { 1363 DEFINE_NIC_PROPERTIES(lan9118_state, conf), 1364 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0), 1365 DEFINE_PROP_END_OF_LIST(), 1366 }; 1367 1368 static void lan9118_class_init(ObjectClass *klass, void *data) 1369 { 1370 DeviceClass *dc = DEVICE_CLASS(klass); 1371 1372 dc->reset = lan9118_reset; 1373 device_class_set_props(dc, lan9118_properties); 1374 dc->vmsd = &vmstate_lan9118; 1375 dc->realize = lan9118_realize; 1376 } 1377 1378 static const TypeInfo lan9118_info = { 1379 .name = TYPE_LAN9118, 1380 .parent = TYPE_SYS_BUS_DEVICE, 1381 .instance_size = sizeof(lan9118_state), 1382 .class_init = lan9118_class_init, 1383 }; 1384 1385 static void lan9118_register_types(void) 1386 { 1387 type_register_static(&lan9118_info); 1388 } 1389 1390 /* Legacy helper function. Should go away when machine config files are 1391 implemented. */ 1392 void lan9118_init(NICInfo *nd, uint32_t base, qemu_irq irq) 1393 { 1394 DeviceState *dev; 1395 SysBusDevice *s; 1396 1397 qemu_check_nic_model(nd, "lan9118"); 1398 dev = qdev_new(TYPE_LAN9118); 1399 qdev_set_nic_properties(dev, nd); 1400 s = SYS_BUS_DEVICE(dev); 1401 sysbus_realize_and_unref(s, &error_fatal); 1402 sysbus_mmio_map(s, 0, base); 1403 sysbus_connect_irq(s, 0, irq); 1404 } 1405 1406 type_init(lan9118_register_types) 1407