1 /* 2 * SMSC LAN9118 Ethernet interface emulation 3 * 4 * Copyright (c) 2009 CodeSourcery, LLC. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GNU GPL v2 8 * 9 * Contributions after 2012-01-13 are licensed under the terms of the 10 * GNU GPL, version 2 or (at your option) any later version. 11 */ 12 13 #include "qemu/osdep.h" 14 #include "hw/sysbus.h" 15 #include "migration/vmstate.h" 16 #include "net/net.h" 17 #include "net/eth.h" 18 #include "hw/hw.h" 19 #include "hw/irq.h" 20 #include "hw/net/lan9118.h" 21 #include "hw/ptimer.h" 22 #include "hw/qdev-properties.h" 23 #include "qemu/log.h" 24 #include "qemu/module.h" 25 /* For crc32 */ 26 #include <zlib.h> 27 28 //#define DEBUG_LAN9118 29 30 #ifdef DEBUG_LAN9118 31 #define DPRINTF(fmt, ...) \ 32 do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0) 33 #define BADF(fmt, ...) \ 34 do { hw_error("lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 35 #else 36 #define DPRINTF(fmt, ...) do {} while(0) 37 #define BADF(fmt, ...) \ 38 do { fprintf(stderr, "lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 39 #endif 40 41 #define CSR_ID_REV 0x50 42 #define CSR_IRQ_CFG 0x54 43 #define CSR_INT_STS 0x58 44 #define CSR_INT_EN 0x5c 45 #define CSR_BYTE_TEST 0x64 46 #define CSR_FIFO_INT 0x68 47 #define CSR_RX_CFG 0x6c 48 #define CSR_TX_CFG 0x70 49 #define CSR_HW_CFG 0x74 50 #define CSR_RX_DP_CTRL 0x78 51 #define CSR_RX_FIFO_INF 0x7c 52 #define CSR_TX_FIFO_INF 0x80 53 #define CSR_PMT_CTRL 0x84 54 #define CSR_GPIO_CFG 0x88 55 #define CSR_GPT_CFG 0x8c 56 #define CSR_GPT_CNT 0x90 57 #define CSR_WORD_SWAP 0x98 58 #define CSR_FREE_RUN 0x9c 59 #define CSR_RX_DROP 0xa0 60 #define CSR_MAC_CSR_CMD 0xa4 61 #define CSR_MAC_CSR_DATA 0xa8 62 #define CSR_AFC_CFG 0xac 63 #define CSR_E2P_CMD 0xb0 64 #define CSR_E2P_DATA 0xb4 65 66 #define E2P_CMD_MAC_ADDR_LOADED 0x100 67 68 /* IRQ_CFG */ 69 #define IRQ_INT 0x00001000 70 #define IRQ_EN 0x00000100 71 #define IRQ_POL 0x00000010 72 #define IRQ_TYPE 0x00000001 73 74 /* INT_STS/INT_EN */ 75 #define SW_INT 0x80000000 76 #define TXSTOP_INT 0x02000000 77 #define RXSTOP_INT 0x01000000 78 #define RXDFH_INT 0x00800000 79 #define TX_IOC_INT 0x00200000 80 #define RXD_INT 0x00100000 81 #define GPT_INT 0x00080000 82 #define PHY_INT 0x00040000 83 #define PME_INT 0x00020000 84 #define TXSO_INT 0x00010000 85 #define RWT_INT 0x00008000 86 #define RXE_INT 0x00004000 87 #define TXE_INT 0x00002000 88 #define TDFU_INT 0x00000800 89 #define TDFO_INT 0x00000400 90 #define TDFA_INT 0x00000200 91 #define TSFF_INT 0x00000100 92 #define TSFL_INT 0x00000080 93 #define RXDF_INT 0x00000040 94 #define RDFL_INT 0x00000020 95 #define RSFF_INT 0x00000010 96 #define RSFL_INT 0x00000008 97 #define GPIO2_INT 0x00000004 98 #define GPIO1_INT 0x00000002 99 #define GPIO0_INT 0x00000001 100 #define RESERVED_INT 0x7c001000 101 102 #define MAC_CR 1 103 #define MAC_ADDRH 2 104 #define MAC_ADDRL 3 105 #define MAC_HASHH 4 106 #define MAC_HASHL 5 107 #define MAC_MII_ACC 6 108 #define MAC_MII_DATA 7 109 #define MAC_FLOW 8 110 #define MAC_VLAN1 9 /* TODO */ 111 #define MAC_VLAN2 10 /* TODO */ 112 #define MAC_WUFF 11 /* TODO */ 113 #define MAC_WUCSR 12 /* TODO */ 114 115 #define MAC_CR_RXALL 0x80000000 116 #define MAC_CR_RCVOWN 0x00800000 117 #define MAC_CR_LOOPBK 0x00200000 118 #define MAC_CR_FDPX 0x00100000 119 #define MAC_CR_MCPAS 0x00080000 120 #define MAC_CR_PRMS 0x00040000 121 #define MAC_CR_INVFILT 0x00020000 122 #define MAC_CR_PASSBAD 0x00010000 123 #define MAC_CR_HO 0x00008000 124 #define MAC_CR_HPFILT 0x00002000 125 #define MAC_CR_LCOLL 0x00001000 126 #define MAC_CR_BCAST 0x00000800 127 #define MAC_CR_DISRTY 0x00000400 128 #define MAC_CR_PADSTR 0x00000100 129 #define MAC_CR_BOLMT 0x000000c0 130 #define MAC_CR_DFCHK 0x00000020 131 #define MAC_CR_TXEN 0x00000008 132 #define MAC_CR_RXEN 0x00000004 133 #define MAC_CR_RESERVED 0x7f404213 134 135 #define PHY_INT_ENERGYON 0x80 136 #define PHY_INT_AUTONEG_COMPLETE 0x40 137 #define PHY_INT_FAULT 0x20 138 #define PHY_INT_DOWN 0x10 139 #define PHY_INT_AUTONEG_LP 0x08 140 #define PHY_INT_PARFAULT 0x04 141 #define PHY_INT_AUTONEG_PAGE 0x02 142 143 #define GPT_TIMER_EN 0x20000000 144 145 enum tx_state { 146 TX_IDLE, 147 TX_B, 148 TX_DATA 149 }; 150 151 typedef struct { 152 /* state is a tx_state but we can't put enums in VMStateDescriptions. */ 153 uint32_t state; 154 uint32_t cmd_a; 155 uint32_t cmd_b; 156 int32_t buffer_size; 157 int32_t offset; 158 int32_t pad; 159 int32_t fifo_used; 160 int32_t len; 161 uint8_t data[2048]; 162 } LAN9118Packet; 163 164 static const VMStateDescription vmstate_lan9118_packet = { 165 .name = "lan9118_packet", 166 .version_id = 1, 167 .minimum_version_id = 1, 168 .fields = (VMStateField[]) { 169 VMSTATE_UINT32(state, LAN9118Packet), 170 VMSTATE_UINT32(cmd_a, LAN9118Packet), 171 VMSTATE_UINT32(cmd_b, LAN9118Packet), 172 VMSTATE_INT32(buffer_size, LAN9118Packet), 173 VMSTATE_INT32(offset, LAN9118Packet), 174 VMSTATE_INT32(pad, LAN9118Packet), 175 VMSTATE_INT32(fifo_used, LAN9118Packet), 176 VMSTATE_INT32(len, LAN9118Packet), 177 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, 2048), 178 VMSTATE_END_OF_LIST() 179 } 180 }; 181 182 #define LAN9118(obj) OBJECT_CHECK(lan9118_state, (obj), TYPE_LAN9118) 183 184 typedef struct { 185 SysBusDevice parent_obj; 186 187 NICState *nic; 188 NICConf conf; 189 qemu_irq irq; 190 MemoryRegion mmio; 191 ptimer_state *timer; 192 193 uint32_t irq_cfg; 194 uint32_t int_sts; 195 uint32_t int_en; 196 uint32_t fifo_int; 197 uint32_t rx_cfg; 198 uint32_t tx_cfg; 199 uint32_t hw_cfg; 200 uint32_t pmt_ctrl; 201 uint32_t gpio_cfg; 202 uint32_t gpt_cfg; 203 uint32_t word_swap; 204 uint32_t free_timer_start; 205 uint32_t mac_cmd; 206 uint32_t mac_data; 207 uint32_t afc_cfg; 208 uint32_t e2p_cmd; 209 uint32_t e2p_data; 210 211 uint32_t mac_cr; 212 uint32_t mac_hashh; 213 uint32_t mac_hashl; 214 uint32_t mac_mii_acc; 215 uint32_t mac_mii_data; 216 uint32_t mac_flow; 217 218 uint32_t phy_status; 219 uint32_t phy_control; 220 uint32_t phy_advertise; 221 uint32_t phy_int; 222 uint32_t phy_int_mask; 223 224 int32_t eeprom_writable; 225 uint8_t eeprom[128]; 226 227 int32_t tx_fifo_size; 228 LAN9118Packet *txp; 229 LAN9118Packet tx_packet; 230 231 int32_t tx_status_fifo_used; 232 int32_t tx_status_fifo_head; 233 uint32_t tx_status_fifo[512]; 234 235 int32_t rx_status_fifo_size; 236 int32_t rx_status_fifo_used; 237 int32_t rx_status_fifo_head; 238 uint32_t rx_status_fifo[896]; 239 int32_t rx_fifo_size; 240 int32_t rx_fifo_used; 241 int32_t rx_fifo_head; 242 uint32_t rx_fifo[3360]; 243 int32_t rx_packet_size_head; 244 int32_t rx_packet_size_tail; 245 int32_t rx_packet_size[1024]; 246 247 int32_t rxp_offset; 248 int32_t rxp_size; 249 int32_t rxp_pad; 250 251 uint32_t write_word_prev_offset; 252 uint32_t write_word_n; 253 uint16_t write_word_l; 254 uint16_t write_word_h; 255 uint32_t read_word_prev_offset; 256 uint32_t read_word_n; 257 uint32_t read_long; 258 259 uint32_t mode_16bit; 260 } lan9118_state; 261 262 static const VMStateDescription vmstate_lan9118 = { 263 .name = "lan9118", 264 .version_id = 2, 265 .minimum_version_id = 1, 266 .fields = (VMStateField[]) { 267 VMSTATE_PTIMER(timer, lan9118_state), 268 VMSTATE_UINT32(irq_cfg, lan9118_state), 269 VMSTATE_UINT32(int_sts, lan9118_state), 270 VMSTATE_UINT32(int_en, lan9118_state), 271 VMSTATE_UINT32(fifo_int, lan9118_state), 272 VMSTATE_UINT32(rx_cfg, lan9118_state), 273 VMSTATE_UINT32(tx_cfg, lan9118_state), 274 VMSTATE_UINT32(hw_cfg, lan9118_state), 275 VMSTATE_UINT32(pmt_ctrl, lan9118_state), 276 VMSTATE_UINT32(gpio_cfg, lan9118_state), 277 VMSTATE_UINT32(gpt_cfg, lan9118_state), 278 VMSTATE_UINT32(word_swap, lan9118_state), 279 VMSTATE_UINT32(free_timer_start, lan9118_state), 280 VMSTATE_UINT32(mac_cmd, lan9118_state), 281 VMSTATE_UINT32(mac_data, lan9118_state), 282 VMSTATE_UINT32(afc_cfg, lan9118_state), 283 VMSTATE_UINT32(e2p_cmd, lan9118_state), 284 VMSTATE_UINT32(e2p_data, lan9118_state), 285 VMSTATE_UINT32(mac_cr, lan9118_state), 286 VMSTATE_UINT32(mac_hashh, lan9118_state), 287 VMSTATE_UINT32(mac_hashl, lan9118_state), 288 VMSTATE_UINT32(mac_mii_acc, lan9118_state), 289 VMSTATE_UINT32(mac_mii_data, lan9118_state), 290 VMSTATE_UINT32(mac_flow, lan9118_state), 291 VMSTATE_UINT32(phy_status, lan9118_state), 292 VMSTATE_UINT32(phy_control, lan9118_state), 293 VMSTATE_UINT32(phy_advertise, lan9118_state), 294 VMSTATE_UINT32(phy_int, lan9118_state), 295 VMSTATE_UINT32(phy_int_mask, lan9118_state), 296 VMSTATE_INT32(eeprom_writable, lan9118_state), 297 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128), 298 VMSTATE_INT32(tx_fifo_size, lan9118_state), 299 /* txp always points at tx_packet so need not be saved */ 300 VMSTATE_STRUCT(tx_packet, lan9118_state, 0, 301 vmstate_lan9118_packet, LAN9118Packet), 302 VMSTATE_INT32(tx_status_fifo_used, lan9118_state), 303 VMSTATE_INT32(tx_status_fifo_head, lan9118_state), 304 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512), 305 VMSTATE_INT32(rx_status_fifo_size, lan9118_state), 306 VMSTATE_INT32(rx_status_fifo_used, lan9118_state), 307 VMSTATE_INT32(rx_status_fifo_head, lan9118_state), 308 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896), 309 VMSTATE_INT32(rx_fifo_size, lan9118_state), 310 VMSTATE_INT32(rx_fifo_used, lan9118_state), 311 VMSTATE_INT32(rx_fifo_head, lan9118_state), 312 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360), 313 VMSTATE_INT32(rx_packet_size_head, lan9118_state), 314 VMSTATE_INT32(rx_packet_size_tail, lan9118_state), 315 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024), 316 VMSTATE_INT32(rxp_offset, lan9118_state), 317 VMSTATE_INT32(rxp_size, lan9118_state), 318 VMSTATE_INT32(rxp_pad, lan9118_state), 319 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2), 320 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2), 321 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2), 322 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2), 323 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2), 324 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2), 325 VMSTATE_UINT32_V(read_long, lan9118_state, 2), 326 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2), 327 VMSTATE_END_OF_LIST() 328 } 329 }; 330 331 static void lan9118_update(lan9118_state *s) 332 { 333 int level; 334 335 /* TODO: Implement FIFO level IRQs. */ 336 level = (s->int_sts & s->int_en) != 0; 337 if (level) { 338 s->irq_cfg |= IRQ_INT; 339 } else { 340 s->irq_cfg &= ~IRQ_INT; 341 } 342 if ((s->irq_cfg & IRQ_EN) == 0) { 343 level = 0; 344 } 345 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { 346 /* Interrupt is active low unless we're configured as 347 * active-high polarity, push-pull type. 348 */ 349 level = !level; 350 } 351 qemu_set_irq(s->irq, level); 352 } 353 354 static void lan9118_mac_changed(lan9118_state *s) 355 { 356 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 357 } 358 359 static void lan9118_reload_eeprom(lan9118_state *s) 360 { 361 int i; 362 if (s->eeprom[0] != 0xa5) { 363 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED; 364 DPRINTF("MACADDR load failed\n"); 365 return; 366 } 367 for (i = 0; i < 6; i++) { 368 s->conf.macaddr.a[i] = s->eeprom[i + 1]; 369 } 370 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED; 371 DPRINTF("MACADDR loaded from eeprom\n"); 372 lan9118_mac_changed(s); 373 } 374 375 static void phy_update_irq(lan9118_state *s) 376 { 377 if (s->phy_int & s->phy_int_mask) { 378 s->int_sts |= PHY_INT; 379 } else { 380 s->int_sts &= ~PHY_INT; 381 } 382 lan9118_update(s); 383 } 384 385 static void phy_update_link(lan9118_state *s) 386 { 387 /* Autonegotiation status mirrors link status. */ 388 if (qemu_get_queue(s->nic)->link_down) { 389 s->phy_status &= ~0x0024; 390 s->phy_int |= PHY_INT_DOWN; 391 } else { 392 s->phy_status |= 0x0024; 393 s->phy_int |= PHY_INT_ENERGYON; 394 s->phy_int |= PHY_INT_AUTONEG_COMPLETE; 395 } 396 phy_update_irq(s); 397 } 398 399 static void lan9118_set_link(NetClientState *nc) 400 { 401 phy_update_link(qemu_get_nic_opaque(nc)); 402 } 403 404 static void phy_reset(lan9118_state *s) 405 { 406 s->phy_status = 0x7809; 407 s->phy_control = 0x3000; 408 s->phy_advertise = 0x01e1; 409 s->phy_int_mask = 0; 410 s->phy_int = 0; 411 phy_update_link(s); 412 } 413 414 static void lan9118_reset(DeviceState *d) 415 { 416 lan9118_state *s = LAN9118(d); 417 418 s->irq_cfg &= (IRQ_TYPE | IRQ_POL); 419 s->int_sts = 0; 420 s->int_en = 0; 421 s->fifo_int = 0x48000000; 422 s->rx_cfg = 0; 423 s->tx_cfg = 0; 424 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004; 425 s->pmt_ctrl &= 0x45; 426 s->gpio_cfg = 0; 427 s->txp->fifo_used = 0; 428 s->txp->state = TX_IDLE; 429 s->txp->cmd_a = 0xffffffffu; 430 s->txp->cmd_b = 0xffffffffu; 431 s->txp->len = 0; 432 s->txp->fifo_used = 0; 433 s->tx_fifo_size = 4608; 434 s->tx_status_fifo_used = 0; 435 s->rx_status_fifo_size = 704; 436 s->rx_fifo_size = 2640; 437 s->rx_fifo_used = 0; 438 s->rx_status_fifo_size = 176; 439 s->rx_status_fifo_used = 0; 440 s->rxp_offset = 0; 441 s->rxp_size = 0; 442 s->rxp_pad = 0; 443 s->rx_packet_size_tail = s->rx_packet_size_head; 444 s->rx_packet_size[s->rx_packet_size_head] = 0; 445 s->mac_cmd = 0; 446 s->mac_data = 0; 447 s->afc_cfg = 0; 448 s->e2p_cmd = 0; 449 s->e2p_data = 0; 450 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40; 451 452 ptimer_transaction_begin(s->timer); 453 ptimer_stop(s->timer); 454 ptimer_set_count(s->timer, 0xffff); 455 ptimer_transaction_commit(s->timer); 456 s->gpt_cfg = 0xffff; 457 458 s->mac_cr = MAC_CR_PRMS; 459 s->mac_hashh = 0; 460 s->mac_hashl = 0; 461 s->mac_mii_acc = 0; 462 s->mac_mii_data = 0; 463 s->mac_flow = 0; 464 465 s->read_word_n = 0; 466 s->write_word_n = 0; 467 468 phy_reset(s); 469 470 s->eeprom_writable = 0; 471 lan9118_reload_eeprom(s); 472 } 473 474 static void rx_fifo_push(lan9118_state *s, uint32_t val) 475 { 476 int fifo_pos; 477 fifo_pos = s->rx_fifo_head + s->rx_fifo_used; 478 if (fifo_pos >= s->rx_fifo_size) 479 fifo_pos -= s->rx_fifo_size; 480 s->rx_fifo[fifo_pos] = val; 481 s->rx_fifo_used++; 482 } 483 484 /* Return nonzero if the packet is accepted by the filter. */ 485 static int lan9118_filter(lan9118_state *s, const uint8_t *addr) 486 { 487 int multicast; 488 uint32_t hash; 489 490 if (s->mac_cr & MAC_CR_PRMS) { 491 return 1; 492 } 493 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff && 494 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) { 495 return (s->mac_cr & MAC_CR_BCAST) == 0; 496 } 497 498 multicast = addr[0] & 1; 499 if (multicast &&s->mac_cr & MAC_CR_MCPAS) { 500 return 1; 501 } 502 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0 503 : (s->mac_cr & MAC_CR_HO) == 0) { 504 /* Exact matching. */ 505 hash = memcmp(addr, s->conf.macaddr.a, 6); 506 if (s->mac_cr & MAC_CR_INVFILT) { 507 return hash != 0; 508 } else { 509 return hash == 0; 510 } 511 } else { 512 /* Hash matching */ 513 hash = net_crc32(addr, ETH_ALEN) >> 26; 514 if (hash & 0x20) { 515 return (s->mac_hashh >> (hash & 0x1f)) & 1; 516 } else { 517 return (s->mac_hashl >> (hash & 0x1f)) & 1; 518 } 519 } 520 } 521 522 static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf, 523 size_t size) 524 { 525 lan9118_state *s = qemu_get_nic_opaque(nc); 526 int fifo_len; 527 int offset; 528 int src_pos; 529 int n; 530 int filter; 531 uint32_t val; 532 uint32_t crc; 533 uint32_t status; 534 535 if ((s->mac_cr & MAC_CR_RXEN) == 0) { 536 return -1; 537 } 538 539 if (size >= 2048 || size < 14) { 540 return -1; 541 } 542 543 /* TODO: Implement FIFO overflow notification. */ 544 if (s->rx_status_fifo_used == s->rx_status_fifo_size) { 545 return -1; 546 } 547 548 filter = lan9118_filter(s, buf); 549 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) { 550 return size; 551 } 552 553 offset = (s->rx_cfg >> 8) & 0x1f; 554 n = offset & 3; 555 fifo_len = (size + n + 3) >> 2; 556 /* Add a word for the CRC. */ 557 fifo_len++; 558 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) { 559 return -1; 560 } 561 562 DPRINTF("Got packet len:%d fifo:%d filter:%s\n", 563 (int)size, fifo_len, filter ? "pass" : "fail"); 564 val = 0; 565 crc = bswap32(crc32(~0, buf, size)); 566 for (src_pos = 0; src_pos < size; src_pos++) { 567 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24); 568 n++; 569 if (n == 4) { 570 n = 0; 571 rx_fifo_push(s, val); 572 val = 0; 573 } 574 } 575 if (n) { 576 val >>= ((4 - n) * 8); 577 val |= crc << (n * 8); 578 rx_fifo_push(s, val); 579 val = crc >> ((4 - n) * 8); 580 rx_fifo_push(s, val); 581 } else { 582 rx_fifo_push(s, crc); 583 } 584 n = s->rx_status_fifo_head + s->rx_status_fifo_used; 585 if (n >= s->rx_status_fifo_size) { 586 n -= s->rx_status_fifo_size; 587 } 588 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len; 589 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023; 590 s->rx_status_fifo_used++; 591 592 status = (size + 4) << 16; 593 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff && 594 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) { 595 status |= 0x00002000; 596 } else if (buf[0] & 1) { 597 status |= 0x00000400; 598 } 599 if (!filter) { 600 status |= 0x40000000; 601 } 602 s->rx_status_fifo[n] = status; 603 604 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) { 605 s->int_sts |= RSFL_INT; 606 } 607 lan9118_update(s); 608 609 return size; 610 } 611 612 static uint32_t rx_fifo_pop(lan9118_state *s) 613 { 614 int n; 615 uint32_t val; 616 617 if (s->rxp_size == 0 && s->rxp_pad == 0) { 618 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head]; 619 s->rx_packet_size[s->rx_packet_size_head] = 0; 620 if (s->rxp_size != 0) { 621 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023; 622 s->rxp_offset = (s->rx_cfg >> 10) & 7; 623 n = s->rxp_offset + s->rxp_size; 624 switch (s->rx_cfg >> 30) { 625 case 1: 626 n = (-n) & 3; 627 break; 628 case 2: 629 n = (-n) & 7; 630 break; 631 default: 632 n = 0; 633 break; 634 } 635 s->rxp_pad = n; 636 DPRINTF("Pop packet size:%d offset:%d pad: %d\n", 637 s->rxp_size, s->rxp_offset, s->rxp_pad); 638 } 639 } 640 if (s->rxp_offset > 0) { 641 s->rxp_offset--; 642 val = 0; 643 } else if (s->rxp_size > 0) { 644 s->rxp_size--; 645 val = s->rx_fifo[s->rx_fifo_head++]; 646 if (s->rx_fifo_head >= s->rx_fifo_size) { 647 s->rx_fifo_head -= s->rx_fifo_size; 648 } 649 s->rx_fifo_used--; 650 } else if (s->rxp_pad > 0) { 651 s->rxp_pad--; 652 val = 0; 653 } else { 654 DPRINTF("RX underflow\n"); 655 s->int_sts |= RXE_INT; 656 val = 0; 657 } 658 lan9118_update(s); 659 return val; 660 } 661 662 static void do_tx_packet(lan9118_state *s) 663 { 664 int n; 665 uint32_t status; 666 667 /* FIXME: Honor TX disable, and allow queueing of packets. */ 668 if (s->phy_control & 0x4000) { 669 /* This assumes the receive routine doesn't touch the VLANClient. */ 670 lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 671 } else { 672 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 673 } 674 s->txp->fifo_used = 0; 675 676 if (s->tx_status_fifo_used == 512) { 677 /* Status FIFO full */ 678 return; 679 } 680 /* Add entry to status FIFO. */ 681 status = s->txp->cmd_b & 0xffff0000u; 682 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len); 683 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511; 684 s->tx_status_fifo[n] = status; 685 s->tx_status_fifo_used++; 686 if (s->tx_status_fifo_used == 512) { 687 s->int_sts |= TSFF_INT; 688 /* TODO: Stop transmission. */ 689 } 690 } 691 692 static uint32_t rx_status_fifo_pop(lan9118_state *s) 693 { 694 uint32_t val; 695 696 val = s->rx_status_fifo[s->rx_status_fifo_head]; 697 if (s->rx_status_fifo_used != 0) { 698 s->rx_status_fifo_used--; 699 s->rx_status_fifo_head++; 700 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) { 701 s->rx_status_fifo_head -= s->rx_status_fifo_size; 702 } 703 /* ??? What value should be returned when the FIFO is empty? */ 704 DPRINTF("RX status pop 0x%08x\n", val); 705 } 706 return val; 707 } 708 709 static uint32_t tx_status_fifo_pop(lan9118_state *s) 710 { 711 uint32_t val; 712 713 val = s->tx_status_fifo[s->tx_status_fifo_head]; 714 if (s->tx_status_fifo_used != 0) { 715 s->tx_status_fifo_used--; 716 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511; 717 /* ??? What value should be returned when the FIFO is empty? */ 718 } 719 return val; 720 } 721 722 static void tx_fifo_push(lan9118_state *s, uint32_t val) 723 { 724 int n; 725 726 if (s->txp->fifo_used == s->tx_fifo_size) { 727 s->int_sts |= TDFO_INT; 728 return; 729 } 730 switch (s->txp->state) { 731 case TX_IDLE: 732 s->txp->cmd_a = val & 0x831f37ff; 733 s->txp->fifo_used++; 734 s->txp->state = TX_B; 735 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11); 736 s->txp->offset = extract32(s->txp->cmd_a, 16, 5); 737 break; 738 case TX_B: 739 if (s->txp->cmd_a & 0x2000) { 740 /* First segment */ 741 s->txp->cmd_b = val; 742 s->txp->fifo_used++; 743 /* End alignment does not include command words. */ 744 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2; 745 switch ((n >> 24) & 3) { 746 case 1: 747 n = (-n) & 3; 748 break; 749 case 2: 750 n = (-n) & 7; 751 break; 752 default: 753 n = 0; 754 } 755 s->txp->pad = n; 756 s->txp->len = 0; 757 } 758 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n", 759 s->txp->buffer_size, s->txp->offset, s->txp->pad, 760 s->txp->cmd_a); 761 s->txp->state = TX_DATA; 762 break; 763 case TX_DATA: 764 if (s->txp->offset >= 4) { 765 s->txp->offset -= 4; 766 break; 767 } 768 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) { 769 s->txp->pad--; 770 } else { 771 n = MIN(4, s->txp->buffer_size + s->txp->offset); 772 while (s->txp->offset) { 773 val >>= 8; 774 n--; 775 s->txp->offset--; 776 } 777 /* Documentation is somewhat unclear on the ordering of bytes 778 in FIFO words. Empirical results show it to be little-endian. 779 */ 780 /* TODO: FIFO overflow checking. */ 781 while (n--) { 782 s->txp->data[s->txp->len] = val & 0xff; 783 s->txp->len++; 784 val >>= 8; 785 s->txp->buffer_size--; 786 } 787 s->txp->fifo_used++; 788 } 789 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) { 790 if (s->txp->cmd_a & 0x1000) { 791 do_tx_packet(s); 792 } 793 if (s->txp->cmd_a & 0x80000000) { 794 s->int_sts |= TX_IOC_INT; 795 } 796 s->txp->state = TX_IDLE; 797 } 798 break; 799 } 800 } 801 802 static uint32_t do_phy_read(lan9118_state *s, int reg) 803 { 804 uint32_t val; 805 806 switch (reg) { 807 case 0: /* Basic Control */ 808 return s->phy_control; 809 case 1: /* Basic Status */ 810 return s->phy_status; 811 case 2: /* ID1 */ 812 return 0x0007; 813 case 3: /* ID2 */ 814 return 0xc0d1; 815 case 4: /* Auto-neg advertisement */ 816 return s->phy_advertise; 817 case 5: /* Auto-neg Link Partner Ability */ 818 return 0x0f71; 819 case 6: /* Auto-neg Expansion */ 820 return 1; 821 /* TODO 17, 18, 27, 29, 30, 31 */ 822 case 29: /* Interrupt source. */ 823 val = s->phy_int; 824 s->phy_int = 0; 825 phy_update_irq(s); 826 return val; 827 case 30: /* Interrupt mask */ 828 return s->phy_int_mask; 829 default: 830 BADF("PHY read reg %d\n", reg); 831 return 0; 832 } 833 } 834 835 static void do_phy_write(lan9118_state *s, int reg, uint32_t val) 836 { 837 switch (reg) { 838 case 0: /* Basic Control */ 839 if (val & 0x8000) { 840 phy_reset(s); 841 break; 842 } 843 s->phy_control = val & 0x7980; 844 /* Complete autonegotiation immediately. */ 845 if (val & 0x1000) { 846 s->phy_status |= 0x0020; 847 } 848 break; 849 case 4: /* Auto-neg advertisement */ 850 s->phy_advertise = (val & 0x2d7f) | 0x80; 851 break; 852 /* TODO 17, 18, 27, 31 */ 853 case 30: /* Interrupt mask */ 854 s->phy_int_mask = val & 0xff; 855 phy_update_irq(s); 856 break; 857 default: 858 BADF("PHY write reg %d = 0x%04x\n", reg, val); 859 } 860 } 861 862 static void do_mac_write(lan9118_state *s, int reg, uint32_t val) 863 { 864 switch (reg) { 865 case MAC_CR: 866 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) { 867 s->int_sts |= RXSTOP_INT; 868 } 869 s->mac_cr = val & ~MAC_CR_RESERVED; 870 DPRINTF("MAC_CR: %08x\n", val); 871 break; 872 case MAC_ADDRH: 873 s->conf.macaddr.a[4] = val & 0xff; 874 s->conf.macaddr.a[5] = (val >> 8) & 0xff; 875 lan9118_mac_changed(s); 876 break; 877 case MAC_ADDRL: 878 s->conf.macaddr.a[0] = val & 0xff; 879 s->conf.macaddr.a[1] = (val >> 8) & 0xff; 880 s->conf.macaddr.a[2] = (val >> 16) & 0xff; 881 s->conf.macaddr.a[3] = (val >> 24) & 0xff; 882 lan9118_mac_changed(s); 883 break; 884 case MAC_HASHH: 885 s->mac_hashh = val; 886 break; 887 case MAC_HASHL: 888 s->mac_hashl = val; 889 break; 890 case MAC_MII_ACC: 891 s->mac_mii_acc = val & 0xffc2; 892 if (val & 2) { 893 DPRINTF("PHY write %d = 0x%04x\n", 894 (val >> 6) & 0x1f, s->mac_mii_data); 895 do_phy_write(s, (val >> 6) & 0x1f, s->mac_mii_data); 896 } else { 897 s->mac_mii_data = do_phy_read(s, (val >> 6) & 0x1f); 898 DPRINTF("PHY read %d = 0x%04x\n", 899 (val >> 6) & 0x1f, s->mac_mii_data); 900 } 901 break; 902 case MAC_MII_DATA: 903 s->mac_mii_data = val & 0xffff; 904 break; 905 case MAC_FLOW: 906 s->mac_flow = val & 0xffff0000; 907 break; 908 case MAC_VLAN1: 909 /* Writing to this register changes a condition for 910 * FrameTooLong bit in rx_status. Since we do not set 911 * FrameTooLong anyway, just ignore write to this. 912 */ 913 break; 914 default: 915 qemu_log_mask(LOG_GUEST_ERROR, 916 "lan9118: Unimplemented MAC register write: %d = 0x%x\n", 917 s->mac_cmd & 0xf, val); 918 } 919 } 920 921 static uint32_t do_mac_read(lan9118_state *s, int reg) 922 { 923 switch (reg) { 924 case MAC_CR: 925 return s->mac_cr; 926 case MAC_ADDRH: 927 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8); 928 case MAC_ADDRL: 929 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8) 930 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24); 931 case MAC_HASHH: 932 return s->mac_hashh; 933 break; 934 case MAC_HASHL: 935 return s->mac_hashl; 936 break; 937 case MAC_MII_ACC: 938 return s->mac_mii_acc; 939 case MAC_MII_DATA: 940 return s->mac_mii_data; 941 case MAC_FLOW: 942 return s->mac_flow; 943 default: 944 qemu_log_mask(LOG_GUEST_ERROR, 945 "lan9118: Unimplemented MAC register read: %d\n", 946 s->mac_cmd & 0xf); 947 return 0; 948 } 949 } 950 951 static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr) 952 { 953 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr; 954 switch (cmd) { 955 case 0: 956 s->e2p_data = s->eeprom[addr]; 957 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data); 958 break; 959 case 1: 960 s->eeprom_writable = 0; 961 DPRINTF("EEPROM Write Disable\n"); 962 break; 963 case 2: /* EWEN */ 964 s->eeprom_writable = 1; 965 DPRINTF("EEPROM Write Enable\n"); 966 break; 967 case 3: /* WRITE */ 968 if (s->eeprom_writable) { 969 s->eeprom[addr] &= s->e2p_data; 970 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data); 971 } else { 972 DPRINTF("EEPROM Write %d (ignored)\n", addr); 973 } 974 break; 975 case 4: /* WRAL */ 976 if (s->eeprom_writable) { 977 for (addr = 0; addr < 128; addr++) { 978 s->eeprom[addr] &= s->e2p_data; 979 } 980 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data); 981 } else { 982 DPRINTF("EEPROM Write All (ignored)\n"); 983 } 984 break; 985 case 5: /* ERASE */ 986 if (s->eeprom_writable) { 987 s->eeprom[addr] = 0xff; 988 DPRINTF("EEPROM Erase %d\n", addr); 989 } else { 990 DPRINTF("EEPROM Erase %d (ignored)\n", addr); 991 } 992 break; 993 case 6: /* ERAL */ 994 if (s->eeprom_writable) { 995 memset(s->eeprom, 0xff, 128); 996 DPRINTF("EEPROM Erase All\n"); 997 } else { 998 DPRINTF("EEPROM Erase All (ignored)\n"); 999 } 1000 break; 1001 case 7: /* RELOAD */ 1002 lan9118_reload_eeprom(s); 1003 break; 1004 } 1005 } 1006 1007 static void lan9118_tick(void *opaque) 1008 { 1009 lan9118_state *s = (lan9118_state *)opaque; 1010 if (s->int_en & GPT_INT) { 1011 s->int_sts |= GPT_INT; 1012 } 1013 lan9118_update(s); 1014 } 1015 1016 static void lan9118_writel(void *opaque, hwaddr offset, 1017 uint64_t val, unsigned size) 1018 { 1019 lan9118_state *s = (lan9118_state *)opaque; 1020 offset &= 0xff; 1021 1022 //DPRINTF("Write reg 0x%02x = 0x%08x\n", (int)offset, val); 1023 if (offset >= 0x20 && offset < 0x40) { 1024 /* TX FIFO */ 1025 tx_fifo_push(s, val); 1026 return; 1027 } 1028 switch (offset) { 1029 case CSR_IRQ_CFG: 1030 /* TODO: Implement interrupt deassertion intervals. */ 1031 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); 1032 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; 1033 break; 1034 case CSR_INT_STS: 1035 s->int_sts &= ~val; 1036 break; 1037 case CSR_INT_EN: 1038 s->int_en = val & ~RESERVED_INT; 1039 s->int_sts |= val & SW_INT; 1040 break; 1041 case CSR_FIFO_INT: 1042 DPRINTF("FIFO INT levels %08x\n", val); 1043 s->fifo_int = val; 1044 break; 1045 case CSR_RX_CFG: 1046 if (val & 0x8000) { 1047 /* RX_DUMP */ 1048 s->rx_fifo_used = 0; 1049 s->rx_status_fifo_used = 0; 1050 s->rx_packet_size_tail = s->rx_packet_size_head; 1051 s->rx_packet_size[s->rx_packet_size_head] = 0; 1052 } 1053 s->rx_cfg = val & 0xcfff1ff0; 1054 break; 1055 case CSR_TX_CFG: 1056 if (val & 0x8000) { 1057 s->tx_status_fifo_used = 0; 1058 } 1059 if (val & 0x4000) { 1060 s->txp->state = TX_IDLE; 1061 s->txp->fifo_used = 0; 1062 s->txp->cmd_a = 0xffffffff; 1063 } 1064 s->tx_cfg = val & 6; 1065 break; 1066 case CSR_HW_CFG: 1067 if (val & 1) { 1068 /* SRST */ 1069 lan9118_reset(DEVICE(s)); 1070 } else { 1071 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4); 1072 } 1073 break; 1074 case CSR_RX_DP_CTRL: 1075 if (val & 0x80000000) { 1076 /* Skip forward to next packet. */ 1077 s->rxp_pad = 0; 1078 s->rxp_offset = 0; 1079 if (s->rxp_size == 0) { 1080 /* Pop a word to start the next packet. */ 1081 rx_fifo_pop(s); 1082 s->rxp_pad = 0; 1083 s->rxp_offset = 0; 1084 } 1085 s->rx_fifo_head += s->rxp_size; 1086 if (s->rx_fifo_head >= s->rx_fifo_size) { 1087 s->rx_fifo_head -= s->rx_fifo_size; 1088 } 1089 } 1090 break; 1091 case CSR_PMT_CTRL: 1092 if (val & 0x400) { 1093 phy_reset(s); 1094 } 1095 s->pmt_ctrl &= ~0x34e; 1096 s->pmt_ctrl |= (val & 0x34e); 1097 break; 1098 case CSR_GPIO_CFG: 1099 /* Probably just enabling LEDs. */ 1100 s->gpio_cfg = val & 0x7777071f; 1101 break; 1102 case CSR_GPT_CFG: 1103 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) { 1104 ptimer_transaction_begin(s->timer); 1105 if (val & GPT_TIMER_EN) { 1106 ptimer_set_count(s->timer, val & 0xffff); 1107 ptimer_run(s->timer, 0); 1108 } else { 1109 ptimer_stop(s->timer); 1110 ptimer_set_count(s->timer, 0xffff); 1111 } 1112 ptimer_transaction_commit(s->timer); 1113 } 1114 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff); 1115 break; 1116 case CSR_WORD_SWAP: 1117 /* Ignored because we're in 32-bit mode. */ 1118 s->word_swap = val; 1119 break; 1120 case CSR_MAC_CSR_CMD: 1121 s->mac_cmd = val & 0x4000000f; 1122 if (val & 0x80000000) { 1123 if (val & 0x40000000) { 1124 s->mac_data = do_mac_read(s, val & 0xf); 1125 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data); 1126 } else { 1127 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data); 1128 do_mac_write(s, val & 0xf, s->mac_data); 1129 } 1130 } 1131 break; 1132 case CSR_MAC_CSR_DATA: 1133 s->mac_data = val; 1134 break; 1135 case CSR_AFC_CFG: 1136 s->afc_cfg = val & 0x00ffffff; 1137 break; 1138 case CSR_E2P_CMD: 1139 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f); 1140 break; 1141 case CSR_E2P_DATA: 1142 s->e2p_data = val & 0xff; 1143 break; 1144 1145 default: 1146 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n", 1147 (int)offset, (int)val); 1148 break; 1149 } 1150 lan9118_update(s); 1151 } 1152 1153 static void lan9118_writew(void *opaque, hwaddr offset, 1154 uint32_t val) 1155 { 1156 lan9118_state *s = (lan9118_state *)opaque; 1157 offset &= 0xff; 1158 1159 if (s->write_word_prev_offset != (offset & ~0x3)) { 1160 /* New offset, reset word counter */ 1161 s->write_word_n = 0; 1162 s->write_word_prev_offset = offset & ~0x3; 1163 } 1164 1165 if (offset & 0x2) { 1166 s->write_word_h = val; 1167 } else { 1168 s->write_word_l = val; 1169 } 1170 1171 //DPRINTF("Writew reg 0x%02x = 0x%08x\n", (int)offset, val); 1172 s->write_word_n++; 1173 if (s->write_word_n == 2) { 1174 s->write_word_n = 0; 1175 lan9118_writel(s, offset & ~3, s->write_word_l + 1176 (s->write_word_h << 16), 4); 1177 } 1178 } 1179 1180 static void lan9118_16bit_mode_write(void *opaque, hwaddr offset, 1181 uint64_t val, unsigned size) 1182 { 1183 switch (size) { 1184 case 2: 1185 lan9118_writew(opaque, offset, (uint32_t)val); 1186 return; 1187 case 4: 1188 lan9118_writel(opaque, offset, val, size); 1189 return; 1190 } 1191 1192 hw_error("lan9118_write: Bad size 0x%x\n", size); 1193 } 1194 1195 static uint64_t lan9118_readl(void *opaque, hwaddr offset, 1196 unsigned size) 1197 { 1198 lan9118_state *s = (lan9118_state *)opaque; 1199 1200 //DPRINTF("Read reg 0x%02x\n", (int)offset); 1201 if (offset < 0x20) { 1202 /* RX FIFO */ 1203 return rx_fifo_pop(s); 1204 } 1205 switch (offset) { 1206 case 0x40: 1207 return rx_status_fifo_pop(s); 1208 case 0x44: 1209 return s->rx_status_fifo[s->tx_status_fifo_head]; 1210 case 0x48: 1211 return tx_status_fifo_pop(s); 1212 case 0x4c: 1213 return s->tx_status_fifo[s->tx_status_fifo_head]; 1214 case CSR_ID_REV: 1215 return 0x01180001; 1216 case CSR_IRQ_CFG: 1217 return s->irq_cfg; 1218 case CSR_INT_STS: 1219 return s->int_sts; 1220 case CSR_INT_EN: 1221 return s->int_en; 1222 case CSR_BYTE_TEST: 1223 return 0x87654321; 1224 case CSR_FIFO_INT: 1225 return s->fifo_int; 1226 case CSR_RX_CFG: 1227 return s->rx_cfg; 1228 case CSR_TX_CFG: 1229 return s->tx_cfg; 1230 case CSR_HW_CFG: 1231 return s->hw_cfg; 1232 case CSR_RX_DP_CTRL: 1233 return 0; 1234 case CSR_RX_FIFO_INF: 1235 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2); 1236 case CSR_TX_FIFO_INF: 1237 return (s->tx_status_fifo_used << 16) 1238 | (s->tx_fifo_size - s->txp->fifo_used); 1239 case CSR_PMT_CTRL: 1240 return s->pmt_ctrl; 1241 case CSR_GPIO_CFG: 1242 return s->gpio_cfg; 1243 case CSR_GPT_CFG: 1244 return s->gpt_cfg; 1245 case CSR_GPT_CNT: 1246 return ptimer_get_count(s->timer); 1247 case CSR_WORD_SWAP: 1248 return s->word_swap; 1249 case CSR_FREE_RUN: 1250 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start; 1251 case CSR_RX_DROP: 1252 /* TODO: Implement dropped frames counter. */ 1253 return 0; 1254 case CSR_MAC_CSR_CMD: 1255 return s->mac_cmd; 1256 case CSR_MAC_CSR_DATA: 1257 return s->mac_data; 1258 case CSR_AFC_CFG: 1259 return s->afc_cfg; 1260 case CSR_E2P_CMD: 1261 return s->e2p_cmd; 1262 case CSR_E2P_DATA: 1263 return s->e2p_data; 1264 } 1265 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset); 1266 return 0; 1267 } 1268 1269 static uint32_t lan9118_readw(void *opaque, hwaddr offset) 1270 { 1271 lan9118_state *s = (lan9118_state *)opaque; 1272 uint32_t val; 1273 1274 if (s->read_word_prev_offset != (offset & ~0x3)) { 1275 /* New offset, reset word counter */ 1276 s->read_word_n = 0; 1277 s->read_word_prev_offset = offset & ~0x3; 1278 } 1279 1280 s->read_word_n++; 1281 if (s->read_word_n == 1) { 1282 s->read_long = lan9118_readl(s, offset & ~3, 4); 1283 } else { 1284 s->read_word_n = 0; 1285 } 1286 1287 if (offset & 2) { 1288 val = s->read_long >> 16; 1289 } else { 1290 val = s->read_long & 0xFFFF; 1291 } 1292 1293 //DPRINTF("Readw reg 0x%02x, val 0x%x\n", (int)offset, val); 1294 return val; 1295 } 1296 1297 static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset, 1298 unsigned size) 1299 { 1300 switch (size) { 1301 case 2: 1302 return lan9118_readw(opaque, offset); 1303 case 4: 1304 return lan9118_readl(opaque, offset, size); 1305 } 1306 1307 hw_error("lan9118_read: Bad size 0x%x\n", size); 1308 return 0; 1309 } 1310 1311 static const MemoryRegionOps lan9118_mem_ops = { 1312 .read = lan9118_readl, 1313 .write = lan9118_writel, 1314 .endianness = DEVICE_NATIVE_ENDIAN, 1315 }; 1316 1317 static const MemoryRegionOps lan9118_16bit_mem_ops = { 1318 .read = lan9118_16bit_mode_read, 1319 .write = lan9118_16bit_mode_write, 1320 .endianness = DEVICE_NATIVE_ENDIAN, 1321 }; 1322 1323 static NetClientInfo net_lan9118_info = { 1324 .type = NET_CLIENT_DRIVER_NIC, 1325 .size = sizeof(NICState), 1326 .receive = lan9118_receive, 1327 .link_status_changed = lan9118_set_link, 1328 }; 1329 1330 static void lan9118_realize(DeviceState *dev, Error **errp) 1331 { 1332 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1333 lan9118_state *s = LAN9118(dev); 1334 int i; 1335 const MemoryRegionOps *mem_ops = 1336 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops; 1337 1338 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s, 1339 "lan9118-mmio", 0x100); 1340 sysbus_init_mmio(sbd, &s->mmio); 1341 sysbus_init_irq(sbd, &s->irq); 1342 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1343 1344 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf, 1345 object_get_typename(OBJECT(dev)), dev->id, s); 1346 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1347 s->eeprom[0] = 0xa5; 1348 for (i = 0; i < 6; i++) { 1349 s->eeprom[i + 1] = s->conf.macaddr.a[i]; 1350 } 1351 s->pmt_ctrl = 1; 1352 s->txp = &s->tx_packet; 1353 1354 s->timer = ptimer_init(lan9118_tick, s, PTIMER_POLICY_DEFAULT); 1355 ptimer_transaction_begin(s->timer); 1356 ptimer_set_freq(s->timer, 10000); 1357 ptimer_set_limit(s->timer, 0xffff, 1); 1358 ptimer_transaction_commit(s->timer); 1359 } 1360 1361 static Property lan9118_properties[] = { 1362 DEFINE_NIC_PROPERTIES(lan9118_state, conf), 1363 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0), 1364 DEFINE_PROP_END_OF_LIST(), 1365 }; 1366 1367 static void lan9118_class_init(ObjectClass *klass, void *data) 1368 { 1369 DeviceClass *dc = DEVICE_CLASS(klass); 1370 1371 dc->reset = lan9118_reset; 1372 device_class_set_props(dc, lan9118_properties); 1373 dc->vmsd = &vmstate_lan9118; 1374 dc->realize = lan9118_realize; 1375 } 1376 1377 static const TypeInfo lan9118_info = { 1378 .name = TYPE_LAN9118, 1379 .parent = TYPE_SYS_BUS_DEVICE, 1380 .instance_size = sizeof(lan9118_state), 1381 .class_init = lan9118_class_init, 1382 }; 1383 1384 static void lan9118_register_types(void) 1385 { 1386 type_register_static(&lan9118_info); 1387 } 1388 1389 /* Legacy helper function. Should go away when machine config files are 1390 implemented. */ 1391 void lan9118_init(NICInfo *nd, uint32_t base, qemu_irq irq) 1392 { 1393 DeviceState *dev; 1394 SysBusDevice *s; 1395 1396 qemu_check_nic_model(nd, "lan9118"); 1397 dev = qdev_create(NULL, TYPE_LAN9118); 1398 qdev_set_nic_properties(dev, nd); 1399 qdev_init_nofail(dev); 1400 s = SYS_BUS_DEVICE(dev); 1401 sysbus_mmio_map(s, 0, base); 1402 sysbus_connect_irq(s, 0, irq); 1403 } 1404 1405 type_init(lan9118_register_types) 1406