1 /* 2 * Faraday FTGMAC100 Gigabit Ethernet 3 * 4 * Copyright (C) 2016-2017, IBM Corporation. 5 * 6 * Based on Coldfire Fast Ethernet Controller emulation. 7 * 8 * Copyright (c) 2007 CodeSourcery. 9 * 10 * This code is licensed under the GPL version 2 or later. See the 11 * COPYING file in the top-level directory. 12 */ 13 14 #include "qemu/osdep.h" 15 #include "hw/irq.h" 16 #include "hw/net/ftgmac100.h" 17 #include "sysemu/dma.h" 18 #include "qapi/error.h" 19 #include "qemu/log.h" 20 #include "qemu/module.h" 21 #include "net/checksum.h" 22 #include "net/eth.h" 23 #include "hw/net/mii.h" 24 #include "hw/qdev-properties.h" 25 #include "migration/vmstate.h" 26 27 /* For crc32 */ 28 #include <zlib.h> 29 30 /* 31 * FTGMAC100 registers 32 */ 33 #define FTGMAC100_ISR 0x00 34 #define FTGMAC100_IER 0x04 35 #define FTGMAC100_MAC_MADR 0x08 36 #define FTGMAC100_MAC_LADR 0x0c 37 #define FTGMAC100_MATH0 0x10 38 #define FTGMAC100_MATH1 0x14 39 #define FTGMAC100_NPTXPD 0x18 40 #define FTGMAC100_RXPD 0x1C 41 #define FTGMAC100_NPTXR_BADR 0x20 42 #define FTGMAC100_RXR_BADR 0x24 43 #define FTGMAC100_HPTXPD 0x28 44 #define FTGMAC100_HPTXR_BADR 0x2c 45 #define FTGMAC100_ITC 0x30 46 #define FTGMAC100_APTC 0x34 47 #define FTGMAC100_DBLAC 0x38 48 #define FTGMAC100_REVR 0x40 49 #define FTGMAC100_FEAR1 0x44 50 #define FTGMAC100_RBSR 0x4c 51 #define FTGMAC100_TPAFCR 0x48 52 53 #define FTGMAC100_MACCR 0x50 54 #define FTGMAC100_MACSR 0x54 55 #define FTGMAC100_PHYCR 0x60 56 #define FTGMAC100_PHYDATA 0x64 57 #define FTGMAC100_FCR 0x68 58 59 /* 60 * FTGMAC100 registers high 61 * 62 * values below are offset by - FTGMAC100_REG_HIGH_OFFSET from datasheet 63 * because its memory region is start at FTGMAC100_REG_HIGH_OFFSET 64 */ 65 #define FTGMAC100_NPTXR_BADR_HIGH (0x17C - FTGMAC100_REG_HIGH_OFFSET) 66 #define FTGMAC100_HPTXR_BADR_HIGH (0x184 - FTGMAC100_REG_HIGH_OFFSET) 67 #define FTGMAC100_RXR_BADR_HIGH (0x18C - FTGMAC100_REG_HIGH_OFFSET) 68 69 /* 70 * Interrupt status register & interrupt enable register 71 */ 72 #define FTGMAC100_INT_RPKT_BUF (1 << 0) 73 #define FTGMAC100_INT_RPKT_FIFO (1 << 1) 74 #define FTGMAC100_INT_NO_RXBUF (1 << 2) 75 #define FTGMAC100_INT_RPKT_LOST (1 << 3) 76 #define FTGMAC100_INT_XPKT_ETH (1 << 4) 77 #define FTGMAC100_INT_XPKT_FIFO (1 << 5) 78 #define FTGMAC100_INT_NO_NPTXBUF (1 << 6) 79 #define FTGMAC100_INT_XPKT_LOST (1 << 7) 80 #define FTGMAC100_INT_AHB_ERR (1 << 8) 81 #define FTGMAC100_INT_PHYSTS_CHG (1 << 9) 82 #define FTGMAC100_INT_NO_HPTXBUF (1 << 10) 83 84 /* 85 * Automatic polling timer control register 86 */ 87 #define FTGMAC100_APTC_RXPOLL_CNT(x) ((x) & 0xf) 88 #define FTGMAC100_APTC_RXPOLL_TIME_SEL (1 << 4) 89 #define FTGMAC100_APTC_TXPOLL_CNT(x) (((x) >> 8) & 0xf) 90 #define FTGMAC100_APTC_TXPOLL_TIME_SEL (1 << 12) 91 92 /* 93 * DMA burst length and arbitration control register 94 */ 95 #define FTGMAC100_DBLAC_RXBURST_SIZE(x) (((x) >> 8) & 0x3) 96 #define FTGMAC100_DBLAC_TXBURST_SIZE(x) (((x) >> 10) & 0x3) 97 #define FTGMAC100_DBLAC_RXDES_SIZE(x) ((((x) >> 12) & 0xf) * 8) 98 #define FTGMAC100_DBLAC_TXDES_SIZE(x) ((((x) >> 16) & 0xf) * 8) 99 #define FTGMAC100_DBLAC_IFG_CNT(x) (((x) >> 20) & 0x7) 100 #define FTGMAC100_DBLAC_IFG_INC (1 << 23) 101 102 /* 103 * PHY control register 104 */ 105 #define FTGMAC100_PHYCR_MIIRD (1 << 26) 106 #define FTGMAC100_PHYCR_MIIWR (1 << 27) 107 108 #define FTGMAC100_PHYCR_DEV(x) (((x) >> 16) & 0x1f) 109 #define FTGMAC100_PHYCR_REG(x) (((x) >> 21) & 0x1f) 110 111 /* 112 * PHY data register 113 */ 114 #define FTGMAC100_PHYDATA_MIIWDATA(x) ((x) & 0xffff) 115 #define FTGMAC100_PHYDATA_MIIRDATA(x) (((x) >> 16) & 0xffff) 116 117 /* 118 * PHY control register - New MDC/MDIO interface 119 */ 120 #define FTGMAC100_PHYCR_NEW_DATA(x) (((x) >> 16) & 0xffff) 121 #define FTGMAC100_PHYCR_NEW_FIRE (1 << 15) 122 #define FTGMAC100_PHYCR_NEW_ST_22 (1 << 12) 123 #define FTGMAC100_PHYCR_NEW_OP(x) (((x) >> 10) & 3) 124 #define FTGMAC100_PHYCR_NEW_OP_WRITE 0x1 125 #define FTGMAC100_PHYCR_NEW_OP_READ 0x2 126 #define FTGMAC100_PHYCR_NEW_DEV(x) (((x) >> 5) & 0x1f) 127 #define FTGMAC100_PHYCR_NEW_REG(x) ((x) & 0x1f) 128 129 /* 130 * Feature Register 131 */ 132 #define FTGMAC100_REVR_NEW_MDIO_INTERFACE (1 << 31) 133 134 /* 135 * MAC control register 136 */ 137 #define FTGMAC100_MACCR_TXDMA_EN (1 << 0) 138 #define FTGMAC100_MACCR_RXDMA_EN (1 << 1) 139 #define FTGMAC100_MACCR_TXMAC_EN (1 << 2) 140 #define FTGMAC100_MACCR_RXMAC_EN (1 << 3) 141 #define FTGMAC100_MACCR_RM_VLAN (1 << 4) 142 #define FTGMAC100_MACCR_HPTXR_EN (1 << 5) 143 #define FTGMAC100_MACCR_LOOP_EN (1 << 6) 144 #define FTGMAC100_MACCR_ENRX_IN_HALFTX (1 << 7) 145 #define FTGMAC100_MACCR_FULLDUP (1 << 8) 146 #define FTGMAC100_MACCR_GIGA_MODE (1 << 9) 147 #define FTGMAC100_MACCR_CRC_APD (1 << 10) /* not needed */ 148 #define FTGMAC100_MACCR_RX_RUNT (1 << 12) 149 #define FTGMAC100_MACCR_JUMBO_LF (1 << 13) 150 #define FTGMAC100_MACCR_RX_ALL (1 << 14) 151 #define FTGMAC100_MACCR_HT_MULTI_EN (1 << 15) 152 #define FTGMAC100_MACCR_RX_MULTIPKT (1 << 16) 153 #define FTGMAC100_MACCR_RX_BROADPKT (1 << 17) 154 #define FTGMAC100_MACCR_DISCARD_CRCERR (1 << 18) 155 #define FTGMAC100_MACCR_FAST_MODE (1 << 19) 156 #define FTGMAC100_MACCR_SW_RST (1 << 31) 157 158 /* 159 * Transmit descriptor 160 */ 161 #define FTGMAC100_TXDES0_TXBUF_SIZE(x) ((x) & 0x3fff) 162 #define FTGMAC100_TXDES0_EDOTR (1 << 15) 163 #define FTGMAC100_TXDES0_CRC_ERR (1 << 19) 164 #define FTGMAC100_TXDES0_LTS (1 << 28) 165 #define FTGMAC100_TXDES0_FTS (1 << 29) 166 #define FTGMAC100_TXDES0_EDOTR_ASPEED (1 << 30) 167 #define FTGMAC100_TXDES0_TXDMA_OWN (1 << 31) 168 169 #define FTGMAC100_TXDES1_VLANTAG_CI(x) ((x) & 0xffff) 170 #define FTGMAC100_TXDES1_INS_VLANTAG (1 << 16) 171 #define FTGMAC100_TXDES1_TCP_CHKSUM (1 << 17) 172 #define FTGMAC100_TXDES1_UDP_CHKSUM (1 << 18) 173 #define FTGMAC100_TXDES1_IP_CHKSUM (1 << 19) 174 #define FTGMAC100_TXDES1_LLC (1 << 22) 175 #define FTGMAC100_TXDES1_TX2FIC (1 << 30) 176 #define FTGMAC100_TXDES1_TXIC (1 << 31) 177 178 /* 179 * Receive descriptor 180 */ 181 #define FTGMAC100_RXDES0_VDBC 0x3fff 182 #define FTGMAC100_RXDES0_EDORR (1 << 15) 183 #define FTGMAC100_RXDES0_MULTICAST (1 << 16) 184 #define FTGMAC100_RXDES0_BROADCAST (1 << 17) 185 #define FTGMAC100_RXDES0_RX_ERR (1 << 18) 186 #define FTGMAC100_RXDES0_CRC_ERR (1 << 19) 187 #define FTGMAC100_RXDES0_FTL (1 << 20) 188 #define FTGMAC100_RXDES0_RUNT (1 << 21) 189 #define FTGMAC100_RXDES0_RX_ODD_NB (1 << 22) 190 #define FTGMAC100_RXDES0_FIFO_FULL (1 << 23) 191 #define FTGMAC100_RXDES0_PAUSE_OPCODE (1 << 24) 192 #define FTGMAC100_RXDES0_PAUSE_FRAME (1 << 25) 193 #define FTGMAC100_RXDES0_LRS (1 << 28) 194 #define FTGMAC100_RXDES0_FRS (1 << 29) 195 #define FTGMAC100_RXDES0_EDORR_ASPEED (1 << 30) 196 #define FTGMAC100_RXDES0_RXPKT_RDY (1 << 31) 197 198 #define FTGMAC100_RXDES1_VLANTAG_CI 0xffff 199 #define FTGMAC100_RXDES1_PROT_MASK (0x3 << 20) 200 #define FTGMAC100_RXDES1_PROT_NONIP (0x0 << 20) 201 #define FTGMAC100_RXDES1_PROT_IP (0x1 << 20) 202 #define FTGMAC100_RXDES1_PROT_TCPIP (0x2 << 20) 203 #define FTGMAC100_RXDES1_PROT_UDPIP (0x3 << 20) 204 #define FTGMAC100_RXDES1_LLC (1 << 22) 205 #define FTGMAC100_RXDES1_DF (1 << 23) 206 #define FTGMAC100_RXDES1_VLANTAG_AVAIL (1 << 24) 207 #define FTGMAC100_RXDES1_TCP_CHKSUM_ERR (1 << 25) 208 #define FTGMAC100_RXDES1_UDP_CHKSUM_ERR (1 << 26) 209 #define FTGMAC100_RXDES1_IP_CHKSUM_ERR (1 << 27) 210 211 /* 212 * Receive and transmit Buffer Descriptor 213 */ 214 typedef struct { 215 uint32_t des0; 216 uint32_t des1; 217 uint32_t des2; /* not used by HW */ 218 uint32_t des3; 219 } FTGMAC100Desc; 220 221 #define FTGMAC100_DESC_ALIGNMENT 16 222 223 /* 224 * Specific RTL8211E MII Registers 225 */ 226 #define RTL8211E_MII_PHYCR 16 /* PHY Specific Control */ 227 #define RTL8211E_MII_PHYSR 17 /* PHY Specific Status */ 228 #define RTL8211E_MII_INER 18 /* Interrupt Enable */ 229 #define RTL8211E_MII_INSR 19 /* Interrupt Status */ 230 #define RTL8211E_MII_RXERC 24 /* Receive Error Counter */ 231 #define RTL8211E_MII_LDPSR 27 /* Link Down Power Saving */ 232 #define RTL8211E_MII_EPAGSR 30 /* Extension Page Select */ 233 #define RTL8211E_MII_PAGSEL 31 /* Page Select */ 234 235 /* 236 * RTL8211E Interrupt Status 237 */ 238 #define PHY_INT_AUTONEG_ERROR (1 << 15) 239 #define PHY_INT_PAGE_RECV (1 << 12) 240 #define PHY_INT_AUTONEG_COMPLETE (1 << 11) 241 #define PHY_INT_LINK_STATUS (1 << 10) 242 #define PHY_INT_ERROR (1 << 9) 243 #define PHY_INT_DOWN (1 << 8) 244 #define PHY_INT_JABBER (1 << 0) 245 246 /* 247 * Max frame size for the receiving buffer 248 */ 249 #define FTGMAC100_MAX_FRAME_SIZE 9220 250 251 /* 252 * Limits depending on the type of the frame 253 * 254 * 9216 for Jumbo frames (+ 4 for VLAN) 255 * 1518 for other frames (+ 4 for VLAN) 256 */ 257 static int ftgmac100_max_frame_size(FTGMAC100State *s, uint16_t proto) 258 { 259 int max = (s->maccr & FTGMAC100_MACCR_JUMBO_LF ? 9216 : 1518); 260 261 return max + (proto == ETH_P_VLAN ? 4 : 0); 262 } 263 264 static void ftgmac100_update_irq(FTGMAC100State *s) 265 { 266 qemu_set_irq(s->irq, s->isr & s->ier); 267 } 268 269 /* 270 * The MII phy could raise a GPIO to the processor which in turn 271 * could be handled as an interrpt by the OS. 272 * For now we don't handle any GPIO/interrupt line, so the OS will 273 * have to poll for the PHY status. 274 */ 275 static void phy_update_irq(FTGMAC100State *s) 276 { 277 ftgmac100_update_irq(s); 278 } 279 280 static void phy_update_link(FTGMAC100State *s) 281 { 282 /* Autonegotiation status mirrors link status. */ 283 if (qemu_get_queue(s->nic)->link_down) { 284 s->phy_status &= ~(MII_BMSR_LINK_ST | MII_BMSR_AN_COMP); 285 s->phy_int |= PHY_INT_DOWN; 286 } else { 287 s->phy_status |= (MII_BMSR_LINK_ST | MII_BMSR_AN_COMP); 288 s->phy_int |= PHY_INT_AUTONEG_COMPLETE; 289 } 290 phy_update_irq(s); 291 } 292 293 static void ftgmac100_set_link(NetClientState *nc) 294 { 295 phy_update_link(FTGMAC100(qemu_get_nic_opaque(nc))); 296 } 297 298 static void phy_reset(FTGMAC100State *s) 299 { 300 s->phy_status = (MII_BMSR_100TX_FD | MII_BMSR_100TX_HD | MII_BMSR_10T_FD | 301 MII_BMSR_10T_HD | MII_BMSR_EXTSTAT | MII_BMSR_MFPS | 302 MII_BMSR_AN_COMP | MII_BMSR_AUTONEG | MII_BMSR_LINK_ST | 303 MII_BMSR_EXTCAP); 304 s->phy_control = (MII_BMCR_AUTOEN | MII_BMCR_FD | MII_BMCR_SPEED1000); 305 s->phy_advertise = (MII_ANAR_PAUSE_ASYM | MII_ANAR_PAUSE | MII_ANAR_TXFD | 306 MII_ANAR_TX | MII_ANAR_10FD | MII_ANAR_10 | 307 MII_ANAR_CSMACD); 308 s->phy_int_mask = 0; 309 s->phy_int = 0; 310 } 311 312 static uint16_t do_phy_read(FTGMAC100State *s, uint8_t reg) 313 { 314 uint16_t val; 315 316 switch (reg) { 317 case MII_BMCR: /* Basic Control */ 318 val = s->phy_control; 319 break; 320 case MII_BMSR: /* Basic Status */ 321 val = s->phy_status; 322 break; 323 case MII_PHYID1: /* ID1 */ 324 val = RTL8211E_PHYID1; 325 break; 326 case MII_PHYID2: /* ID2 */ 327 val = RTL8211E_PHYID2; 328 break; 329 case MII_ANAR: /* Auto-neg advertisement */ 330 val = s->phy_advertise; 331 break; 332 case MII_ANLPAR: /* Auto-neg Link Partner Ability */ 333 val = (MII_ANLPAR_ACK | MII_ANLPAR_PAUSE | MII_ANLPAR_TXFD | 334 MII_ANLPAR_TX | MII_ANLPAR_10FD | MII_ANLPAR_10 | 335 MII_ANLPAR_CSMACD); 336 break; 337 case MII_ANER: /* Auto-neg Expansion */ 338 val = MII_ANER_NWAY; 339 break; 340 case MII_CTRL1000: /* 1000BASE-T control */ 341 val = (MII_CTRL1000_HALF | MII_CTRL1000_FULL); 342 break; 343 case MII_STAT1000: /* 1000BASE-T status */ 344 val = MII_STAT1000_FULL; 345 break; 346 case RTL8211E_MII_INSR: /* Interrupt status. */ 347 val = s->phy_int; 348 s->phy_int = 0; 349 phy_update_irq(s); 350 break; 351 case RTL8211E_MII_INER: /* Interrupt enable */ 352 val = s->phy_int_mask; 353 break; 354 case RTL8211E_MII_PHYCR: 355 case RTL8211E_MII_PHYSR: 356 case RTL8211E_MII_RXERC: 357 case RTL8211E_MII_LDPSR: 358 case RTL8211E_MII_EPAGSR: 359 case RTL8211E_MII_PAGSEL: 360 qemu_log_mask(LOG_UNIMP, "%s: reg %d not implemented\n", 361 __func__, reg); 362 val = 0; 363 break; 364 default: 365 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address at offset %d\n", 366 __func__, reg); 367 val = 0; 368 break; 369 } 370 371 return val; 372 } 373 374 #define MII_BMCR_MASK (MII_BMCR_LOOPBACK | MII_BMCR_SPEED100 | \ 375 MII_BMCR_SPEED | MII_BMCR_AUTOEN | MII_BMCR_PDOWN | \ 376 MII_BMCR_FD | MII_BMCR_CTST) 377 #define MII_ANAR_MASK 0x2d7f 378 379 static void do_phy_write(FTGMAC100State *s, uint8_t reg, uint16_t val) 380 { 381 switch (reg) { 382 case MII_BMCR: /* Basic Control */ 383 if (val & MII_BMCR_RESET) { 384 phy_reset(s); 385 } else { 386 s->phy_control = val & MII_BMCR_MASK; 387 /* Complete autonegotiation immediately. */ 388 if (val & MII_BMCR_AUTOEN) { 389 s->phy_status |= MII_BMSR_AN_COMP; 390 } 391 } 392 break; 393 case MII_ANAR: /* Auto-neg advertisement */ 394 s->phy_advertise = (val & MII_ANAR_MASK) | MII_ANAR_TX; 395 break; 396 case RTL8211E_MII_INER: /* Interrupt enable */ 397 s->phy_int_mask = val & 0xff; 398 phy_update_irq(s); 399 break; 400 case RTL8211E_MII_PHYCR: 401 case RTL8211E_MII_PHYSR: 402 case RTL8211E_MII_RXERC: 403 case RTL8211E_MII_LDPSR: 404 case RTL8211E_MII_EPAGSR: 405 case RTL8211E_MII_PAGSEL: 406 qemu_log_mask(LOG_UNIMP, "%s: reg %d not implemented\n", 407 __func__, reg); 408 break; 409 default: 410 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address at offset %d\n", 411 __func__, reg); 412 break; 413 } 414 } 415 416 static void do_phy_new_ctl(FTGMAC100State *s) 417 { 418 uint8_t reg; 419 uint16_t data; 420 421 if (!(s->phycr & FTGMAC100_PHYCR_NEW_ST_22)) { 422 qemu_log_mask(LOG_UNIMP, "%s: unsupported ST code\n", __func__); 423 return; 424 } 425 426 /* Nothing to do */ 427 if (!(s->phycr & FTGMAC100_PHYCR_NEW_FIRE)) { 428 return; 429 } 430 431 reg = FTGMAC100_PHYCR_NEW_REG(s->phycr); 432 data = FTGMAC100_PHYCR_NEW_DATA(s->phycr); 433 434 switch (FTGMAC100_PHYCR_NEW_OP(s->phycr)) { 435 case FTGMAC100_PHYCR_NEW_OP_WRITE: 436 do_phy_write(s, reg, data); 437 break; 438 case FTGMAC100_PHYCR_NEW_OP_READ: 439 s->phydata = do_phy_read(s, reg) & 0xffff; 440 break; 441 default: 442 qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid OP code %08x\n", 443 __func__, s->phycr); 444 } 445 446 s->phycr &= ~FTGMAC100_PHYCR_NEW_FIRE; 447 } 448 449 static void do_phy_ctl(FTGMAC100State *s) 450 { 451 uint8_t reg = FTGMAC100_PHYCR_REG(s->phycr); 452 453 if (s->phycr & FTGMAC100_PHYCR_MIIWR) { 454 do_phy_write(s, reg, s->phydata & 0xffff); 455 s->phycr &= ~FTGMAC100_PHYCR_MIIWR; 456 } else if (s->phycr & FTGMAC100_PHYCR_MIIRD) { 457 s->phydata = do_phy_read(s, reg) << 16; 458 s->phycr &= ~FTGMAC100_PHYCR_MIIRD; 459 } else { 460 qemu_log_mask(LOG_GUEST_ERROR, "%s: no OP code %08x\n", 461 __func__, s->phycr); 462 } 463 } 464 465 static int ftgmac100_read_bd(FTGMAC100Desc *bd, dma_addr_t addr) 466 { 467 if (dma_memory_read(&address_space_memory, addr, 468 bd, sizeof(*bd), MEMTXATTRS_UNSPECIFIED)) { 469 qemu_log_mask(LOG_GUEST_ERROR, "%s: failed to read descriptor @ 0x%" 470 HWADDR_PRIx "\n", __func__, addr); 471 return -1; 472 } 473 bd->des0 = le32_to_cpu(bd->des0); 474 bd->des1 = le32_to_cpu(bd->des1); 475 bd->des2 = le32_to_cpu(bd->des2); 476 bd->des3 = le32_to_cpu(bd->des3); 477 return 0; 478 } 479 480 static int ftgmac100_write_bd(FTGMAC100Desc *bd, dma_addr_t addr) 481 { 482 FTGMAC100Desc lebd; 483 484 lebd.des0 = cpu_to_le32(bd->des0); 485 lebd.des1 = cpu_to_le32(bd->des1); 486 lebd.des2 = cpu_to_le32(bd->des2); 487 lebd.des3 = cpu_to_le32(bd->des3); 488 if (dma_memory_write(&address_space_memory, addr, 489 &lebd, sizeof(lebd), MEMTXATTRS_UNSPECIFIED)) { 490 qemu_log_mask(LOG_GUEST_ERROR, "%s: failed to write descriptor @ 0x%" 491 HWADDR_PRIx "\n", __func__, addr); 492 return -1; 493 } 494 return 0; 495 } 496 497 static int ftgmac100_insert_vlan(FTGMAC100State *s, int frame_size, 498 uint8_t vlan_tci) 499 { 500 uint8_t *vlan_hdr = s->frame + (ETH_ALEN * 2); 501 uint8_t *payload = vlan_hdr + sizeof(struct vlan_header); 502 503 if (frame_size < sizeof(struct eth_header)) { 504 qemu_log_mask(LOG_GUEST_ERROR, 505 "%s: frame too small for VLAN insertion : %d bytes\n", 506 __func__, frame_size); 507 s->isr |= FTGMAC100_INT_XPKT_LOST; 508 goto out; 509 } 510 511 if (frame_size + sizeof(struct vlan_header) > sizeof(s->frame)) { 512 qemu_log_mask(LOG_GUEST_ERROR, 513 "%s: frame too big : %d bytes\n", 514 __func__, frame_size); 515 s->isr |= FTGMAC100_INT_XPKT_LOST; 516 frame_size -= sizeof(struct vlan_header); 517 } 518 519 memmove(payload, vlan_hdr, frame_size - (ETH_ALEN * 2)); 520 stw_be_p(vlan_hdr, ETH_P_VLAN); 521 stw_be_p(vlan_hdr + 2, vlan_tci); 522 frame_size += sizeof(struct vlan_header); 523 524 out: 525 return frame_size; 526 } 527 528 static void ftgmac100_do_tx(FTGMAC100State *s, uint64_t tx_ring, 529 uint64_t tx_descriptor) 530 { 531 int frame_size = 0; 532 uint8_t *ptr = s->frame; 533 uint64_t addr = tx_descriptor; 534 uint32_t flags = 0; 535 536 while (1) { 537 FTGMAC100Desc bd; 538 int len; 539 540 if (ftgmac100_read_bd(&bd, addr) || 541 ((bd.des0 & FTGMAC100_TXDES0_TXDMA_OWN) == 0)) { 542 /* Run out of descriptors to transmit. */ 543 s->isr |= FTGMAC100_INT_NO_NPTXBUF; 544 break; 545 } 546 547 /* 548 * record transmit flags as they are valid only on the first 549 * segment 550 */ 551 if (bd.des0 & FTGMAC100_TXDES0_FTS) { 552 flags = bd.des1; 553 } 554 555 len = FTGMAC100_TXDES0_TXBUF_SIZE(bd.des0); 556 if (!len) { 557 /* 558 * 0 is an invalid size, however the HW does not raise any 559 * interrupt. Flag an error because the guest is buggy. 560 */ 561 qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid segment size\n", 562 __func__); 563 } 564 565 if (frame_size + len > sizeof(s->frame)) { 566 qemu_log_mask(LOG_GUEST_ERROR, "%s: frame too big : %d bytes\n", 567 __func__, len); 568 s->isr |= FTGMAC100_INT_XPKT_LOST; 569 len = sizeof(s->frame) - frame_size; 570 } 571 572 if (dma_memory_read(&address_space_memory, bd.des3, 573 ptr, len, MEMTXATTRS_UNSPECIFIED)) { 574 qemu_log_mask(LOG_GUEST_ERROR, "%s: failed to read packet @ 0x%x\n", 575 __func__, bd.des3); 576 s->isr |= FTGMAC100_INT_AHB_ERR; 577 break; 578 } 579 580 ptr += len; 581 frame_size += len; 582 if (bd.des0 & FTGMAC100_TXDES0_LTS) { 583 int csum = 0; 584 585 /* Check for VLAN */ 586 if (flags & FTGMAC100_TXDES1_INS_VLANTAG && 587 be16_to_cpu(PKT_GET_ETH_HDR(s->frame)->h_proto) != ETH_P_VLAN) { 588 frame_size = ftgmac100_insert_vlan(s, frame_size, 589 FTGMAC100_TXDES1_VLANTAG_CI(flags)); 590 } 591 592 if (flags & FTGMAC100_TXDES1_IP_CHKSUM) { 593 csum |= CSUM_IP; 594 } 595 if (flags & FTGMAC100_TXDES1_TCP_CHKSUM) { 596 csum |= CSUM_TCP; 597 } 598 if (flags & FTGMAC100_TXDES1_UDP_CHKSUM) { 599 csum |= CSUM_UDP; 600 } 601 if (csum) { 602 net_checksum_calculate(s->frame, frame_size, csum); 603 } 604 605 /* Last buffer in frame. */ 606 qemu_send_packet(qemu_get_queue(s->nic), s->frame, frame_size); 607 ptr = s->frame; 608 frame_size = 0; 609 s->isr |= FTGMAC100_INT_XPKT_ETH; 610 } 611 612 if (flags & FTGMAC100_TXDES1_TX2FIC) { 613 s->isr |= FTGMAC100_INT_XPKT_FIFO; 614 } 615 bd.des0 &= ~FTGMAC100_TXDES0_TXDMA_OWN; 616 617 /* Write back the modified descriptor. */ 618 ftgmac100_write_bd(&bd, addr); 619 /* Advance to the next descriptor. */ 620 if (bd.des0 & s->txdes0_edotr) { 621 addr = tx_ring; 622 } else { 623 addr += FTGMAC100_DBLAC_TXDES_SIZE(s->dblac); 624 } 625 } 626 627 s->tx_descriptor = addr; 628 629 ftgmac100_update_irq(s); 630 } 631 632 static bool ftgmac100_can_receive(NetClientState *nc) 633 { 634 FTGMAC100State *s = FTGMAC100(qemu_get_nic_opaque(nc)); 635 FTGMAC100Desc bd; 636 637 if ((s->maccr & (FTGMAC100_MACCR_RXDMA_EN | FTGMAC100_MACCR_RXMAC_EN)) 638 != (FTGMAC100_MACCR_RXDMA_EN | FTGMAC100_MACCR_RXMAC_EN)) { 639 return false; 640 } 641 642 if (ftgmac100_read_bd(&bd, s->rx_descriptor)) { 643 return false; 644 } 645 return !(bd.des0 & FTGMAC100_RXDES0_RXPKT_RDY); 646 } 647 648 /* 649 * This is purely informative. The HW can poll the RW (and RX) ring 650 * buffers for available descriptors but we don't need to trigger a 651 * timer for that in qemu. 652 */ 653 static uint32_t ftgmac100_rxpoll(FTGMAC100State *s) 654 { 655 /* 656 * Polling times : 657 * 658 * Speed TIME_SEL=0 TIME_SEL=1 659 * 660 * 10 51.2 ms 819.2 ms 661 * 100 5.12 ms 81.92 ms 662 * 1000 1.024 ms 16.384 ms 663 */ 664 static const int div[] = { 20, 200, 1000 }; 665 666 uint32_t cnt = 1024 * FTGMAC100_APTC_RXPOLL_CNT(s->aptcr); 667 uint32_t speed = (s->maccr & FTGMAC100_MACCR_FAST_MODE) ? 1 : 0; 668 669 if (s->aptcr & FTGMAC100_APTC_RXPOLL_TIME_SEL) { 670 cnt <<= 4; 671 } 672 673 if (s->maccr & FTGMAC100_MACCR_GIGA_MODE) { 674 speed = 2; 675 } 676 677 return cnt / div[speed]; 678 } 679 680 static void ftgmac100_do_reset(FTGMAC100State *s, bool sw_reset) 681 { 682 /* Reset the FTGMAC100 */ 683 s->isr = 0; 684 s->ier = 0; 685 s->rx_enabled = 0; 686 s->rx_ring = 0; 687 s->rbsr = 0x640; 688 s->rx_descriptor = 0; 689 s->tx_ring = 0; 690 s->tx_descriptor = 0; 691 s->math[0] = 0; 692 s->math[1] = 0; 693 s->itc = 0; 694 s->aptcr = 1; 695 s->dblac = 0x00022f00; 696 s->revr = 0; 697 s->fear1 = 0; 698 s->tpafcr = 0xf1; 699 700 if (sw_reset) { 701 s->maccr &= FTGMAC100_MACCR_GIGA_MODE | FTGMAC100_MACCR_FAST_MODE; 702 } else { 703 s->maccr = 0; 704 } 705 706 s->phycr = 0; 707 s->phydata = 0; 708 s->fcr = 0x400; 709 710 /* and the PHY */ 711 phy_reset(s); 712 } 713 714 static void ftgmac100_reset(DeviceState *d) 715 { 716 ftgmac100_do_reset(FTGMAC100(d), false); 717 } 718 719 static uint64_t ftgmac100_read(void *opaque, hwaddr addr, unsigned size) 720 { 721 FTGMAC100State *s = FTGMAC100(opaque); 722 723 switch (addr & 0xff) { 724 case FTGMAC100_ISR: 725 return s->isr; 726 case FTGMAC100_IER: 727 return s->ier; 728 case FTGMAC100_MAC_MADR: 729 return (s->conf.macaddr.a[0] << 8) | s->conf.macaddr.a[1]; 730 case FTGMAC100_MAC_LADR: 731 return ((uint32_t) s->conf.macaddr.a[2] << 24) | 732 (s->conf.macaddr.a[3] << 16) | (s->conf.macaddr.a[4] << 8) | 733 s->conf.macaddr.a[5]; 734 case FTGMAC100_MATH0: 735 return s->math[0]; 736 case FTGMAC100_MATH1: 737 return s->math[1]; 738 case FTGMAC100_RXR_BADR: 739 return extract64(s->rx_ring, 0, 32); 740 case FTGMAC100_NPTXR_BADR: 741 return extract64(s->tx_ring, 0, 32); 742 case FTGMAC100_ITC: 743 return s->itc; 744 case FTGMAC100_DBLAC: 745 return s->dblac; 746 case FTGMAC100_REVR: 747 return s->revr; 748 case FTGMAC100_FEAR1: 749 return s->fear1; 750 case FTGMAC100_TPAFCR: 751 return s->tpafcr; 752 case FTGMAC100_FCR: 753 return s->fcr; 754 case FTGMAC100_MACCR: 755 return s->maccr; 756 case FTGMAC100_PHYCR: 757 return s->phycr; 758 case FTGMAC100_PHYDATA: 759 return s->phydata; 760 761 /* We might want to support these one day */ 762 case FTGMAC100_HPTXPD: /* High Priority Transmit Poll Demand */ 763 case FTGMAC100_HPTXR_BADR: /* High Priority Transmit Ring Base Address */ 764 case FTGMAC100_MACSR: /* MAC Status Register (MACSR) */ 765 qemu_log_mask(LOG_UNIMP, "%s: read to unimplemented register 0x%" 766 HWADDR_PRIx "\n", __func__, addr); 767 return 0; 768 default: 769 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address at offset 0x%" 770 HWADDR_PRIx "\n", __func__, addr); 771 return 0; 772 } 773 } 774 775 static void ftgmac100_write(void *opaque, hwaddr addr, 776 uint64_t value, unsigned size) 777 { 778 FTGMAC100State *s = FTGMAC100(opaque); 779 780 switch (addr & 0xff) { 781 case FTGMAC100_ISR: /* Interrupt status */ 782 s->isr &= ~value; 783 break; 784 case FTGMAC100_IER: /* Interrupt control */ 785 s->ier = value; 786 break; 787 case FTGMAC100_MAC_MADR: /* MAC */ 788 s->conf.macaddr.a[0] = value >> 8; 789 s->conf.macaddr.a[1] = value; 790 break; 791 case FTGMAC100_MAC_LADR: 792 s->conf.macaddr.a[2] = value >> 24; 793 s->conf.macaddr.a[3] = value >> 16; 794 s->conf.macaddr.a[4] = value >> 8; 795 s->conf.macaddr.a[5] = value; 796 break; 797 case FTGMAC100_MATH0: /* Multicast Address Hash Table 0 */ 798 s->math[0] = value; 799 break; 800 case FTGMAC100_MATH1: /* Multicast Address Hash Table 1 */ 801 s->math[1] = value; 802 break; 803 case FTGMAC100_ITC: /* TODO: Interrupt Timer Control */ 804 s->itc = value; 805 break; 806 case FTGMAC100_RXR_BADR: /* Ring buffer address */ 807 if (!QEMU_IS_ALIGNED(value, FTGMAC100_DESC_ALIGNMENT)) { 808 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad RX buffer alignment 0x%" 809 HWADDR_PRIx "\n", __func__, value); 810 return; 811 } 812 s->rx_ring = deposit64(s->rx_ring, 0, 32, value); 813 s->rx_descriptor = deposit64(s->rx_descriptor, 0, 32, value); 814 break; 815 816 case FTGMAC100_RBSR: /* DMA buffer size */ 817 s->rbsr = value; 818 break; 819 820 case FTGMAC100_NPTXR_BADR: /* Transmit buffer address */ 821 if (!QEMU_IS_ALIGNED(value, FTGMAC100_DESC_ALIGNMENT)) { 822 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad TX buffer alignment 0x%" 823 HWADDR_PRIx "\n", __func__, value); 824 return; 825 } 826 s->tx_ring = deposit64(s->tx_ring, 0, 32, value); 827 s->tx_descriptor = deposit64(s->tx_descriptor, 0, 32, value); 828 break; 829 830 case FTGMAC100_NPTXPD: /* Trigger transmit */ 831 if ((s->maccr & (FTGMAC100_MACCR_TXDMA_EN | FTGMAC100_MACCR_TXMAC_EN)) 832 == (FTGMAC100_MACCR_TXDMA_EN | FTGMAC100_MACCR_TXMAC_EN)) { 833 /* TODO: high priority tx ring */ 834 ftgmac100_do_tx(s, s->tx_ring, s->tx_descriptor); 835 } 836 if (ftgmac100_can_receive(qemu_get_queue(s->nic))) { 837 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 838 } 839 break; 840 841 case FTGMAC100_RXPD: /* Receive Poll Demand Register */ 842 if (ftgmac100_can_receive(qemu_get_queue(s->nic))) { 843 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 844 } 845 break; 846 847 case FTGMAC100_APTC: /* Automatic polling */ 848 s->aptcr = value; 849 850 if (FTGMAC100_APTC_RXPOLL_CNT(s->aptcr)) { 851 ftgmac100_rxpoll(s); 852 } 853 854 if (FTGMAC100_APTC_TXPOLL_CNT(s->aptcr)) { 855 qemu_log_mask(LOG_UNIMP, "%s: no transmit polling\n", __func__); 856 } 857 break; 858 859 case FTGMAC100_MACCR: /* MAC Device control */ 860 s->maccr = value; 861 if (value & FTGMAC100_MACCR_SW_RST) { 862 ftgmac100_do_reset(s, true); 863 } 864 865 if (ftgmac100_can_receive(qemu_get_queue(s->nic))) { 866 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 867 } 868 break; 869 870 case FTGMAC100_PHYCR: /* PHY Device control */ 871 s->phycr = value; 872 if (s->revr & FTGMAC100_REVR_NEW_MDIO_INTERFACE) { 873 do_phy_new_ctl(s); 874 } else { 875 do_phy_ctl(s); 876 } 877 break; 878 case FTGMAC100_PHYDATA: 879 s->phydata = value & 0xffff; 880 break; 881 case FTGMAC100_DBLAC: /* DMA Burst Length and Arbitration Control */ 882 if (FTGMAC100_DBLAC_TXDES_SIZE(value) < sizeof(FTGMAC100Desc)) { 883 qemu_log_mask(LOG_GUEST_ERROR, 884 "%s: transmit descriptor too small: %" PRIx64 885 " bytes\n", __func__, 886 FTGMAC100_DBLAC_TXDES_SIZE(value)); 887 break; 888 } 889 if (FTGMAC100_DBLAC_RXDES_SIZE(value) < sizeof(FTGMAC100Desc)) { 890 qemu_log_mask(LOG_GUEST_ERROR, 891 "%s: receive descriptor too small : %" PRIx64 892 " bytes\n", __func__, 893 FTGMAC100_DBLAC_RXDES_SIZE(value)); 894 break; 895 } 896 s->dblac = value; 897 break; 898 case FTGMAC100_REVR: /* Feature Register */ 899 s->revr = value; 900 break; 901 case FTGMAC100_FEAR1: /* Feature Register 1 */ 902 s->fear1 = value; 903 break; 904 case FTGMAC100_TPAFCR: /* Transmit Priority Arbitration and FIFO Control */ 905 s->tpafcr = value; 906 break; 907 case FTGMAC100_FCR: /* Flow Control */ 908 s->fcr = value; 909 break; 910 911 case FTGMAC100_HPTXPD: /* High Priority Transmit Poll Demand */ 912 case FTGMAC100_HPTXR_BADR: /* High Priority Transmit Ring Base Address */ 913 case FTGMAC100_MACSR: /* MAC Status Register (MACSR) */ 914 qemu_log_mask(LOG_UNIMP, "%s: write to unimplemented register 0x%" 915 HWADDR_PRIx "\n", __func__, addr); 916 break; 917 default: 918 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address at offset 0x%" 919 HWADDR_PRIx "\n", __func__, addr); 920 break; 921 } 922 923 ftgmac100_update_irq(s); 924 } 925 926 static uint64_t ftgmac100_high_read(void *opaque, hwaddr addr, unsigned size) 927 { 928 FTGMAC100State *s = FTGMAC100(opaque); 929 uint64_t val = 0; 930 931 switch (addr) { 932 case FTGMAC100_NPTXR_BADR_HIGH: 933 val = extract64(s->tx_ring, 32, 32); 934 break; 935 case FTGMAC100_HPTXR_BADR_HIGH: 936 /* High Priority Transmit Ring Base High Address */ 937 qemu_log_mask(LOG_UNIMP, "%s: read to unimplemented register 0x%" 938 HWADDR_PRIx "\n", __func__, addr); 939 break; 940 case FTGMAC100_RXR_BADR_HIGH: 941 val = extract64(s->rx_ring, 32, 32); 942 break; 943 default: 944 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address at offset 0x%" 945 HWADDR_PRIx "\n", __func__, addr); 946 break; 947 } 948 949 return val; 950 } 951 952 static void ftgmac100_high_write(void *opaque, hwaddr addr, 953 uint64_t value, unsigned size) 954 { 955 FTGMAC100State *s = FTGMAC100(opaque); 956 957 switch (addr) { 958 case FTGMAC100_NPTXR_BADR_HIGH: 959 s->tx_ring = deposit64(s->tx_ring, 32, 32, value); 960 s->tx_descriptor = deposit64(s->tx_descriptor, 32, 32, value); 961 break; 962 case FTGMAC100_HPTXR_BADR_HIGH: 963 /* High Priority Transmit Ring Base High Address */ 964 qemu_log_mask(LOG_UNIMP, "%s: write to unimplemented register 0x%" 965 HWADDR_PRIx "\n", __func__, addr); 966 break; 967 case FTGMAC100_RXR_BADR_HIGH: 968 s->rx_ring = deposit64(s->rx_ring, 32, 32, value); 969 s->rx_descriptor = deposit64(s->rx_descriptor, 32, 32, value); 970 break; 971 default: 972 qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad address at offset 0x%" 973 HWADDR_PRIx "\n", __func__, addr); 974 break; 975 } 976 977 ftgmac100_update_irq(s); 978 } 979 980 static int ftgmac100_filter(FTGMAC100State *s, const uint8_t *buf, size_t len) 981 { 982 unsigned mcast_idx; 983 984 if (s->maccr & FTGMAC100_MACCR_RX_ALL) { 985 return 1; 986 } 987 988 switch (get_eth_packet_type(PKT_GET_ETH_HDR(buf))) { 989 case ETH_PKT_BCAST: 990 if (!(s->maccr & FTGMAC100_MACCR_RX_BROADPKT)) { 991 return 0; 992 } 993 break; 994 case ETH_PKT_MCAST: 995 if (!(s->maccr & FTGMAC100_MACCR_RX_MULTIPKT)) { 996 if (!(s->maccr & FTGMAC100_MACCR_HT_MULTI_EN)) { 997 return 0; 998 } 999 1000 mcast_idx = net_crc32_le(buf, ETH_ALEN); 1001 mcast_idx = (~(mcast_idx >> 2)) & 0x3f; 1002 if (!(s->math[mcast_idx / 32] & (1 << (mcast_idx % 32)))) { 1003 return 0; 1004 } 1005 } 1006 break; 1007 case ETH_PKT_UCAST: 1008 if (memcmp(s->conf.macaddr.a, buf, 6)) { 1009 return 0; 1010 } 1011 break; 1012 } 1013 1014 return 1; 1015 } 1016 1017 static ssize_t ftgmac100_receive(NetClientState *nc, const uint8_t *buf, 1018 size_t len) 1019 { 1020 FTGMAC100State *s = FTGMAC100(qemu_get_nic_opaque(nc)); 1021 FTGMAC100Desc bd; 1022 uint32_t flags = 0; 1023 uint64_t addr; 1024 uint32_t crc; 1025 uint32_t buf_addr; 1026 uint8_t *crc_ptr; 1027 uint32_t buf_len; 1028 size_t size = len; 1029 uint32_t first = FTGMAC100_RXDES0_FRS; 1030 uint16_t proto = be16_to_cpu(PKT_GET_ETH_HDR(buf)->h_proto); 1031 int max_frame_size = ftgmac100_max_frame_size(s, proto); 1032 1033 if ((s->maccr & (FTGMAC100_MACCR_RXDMA_EN | FTGMAC100_MACCR_RXMAC_EN)) 1034 != (FTGMAC100_MACCR_RXDMA_EN | FTGMAC100_MACCR_RXMAC_EN)) { 1035 return -1; 1036 } 1037 1038 if (!ftgmac100_filter(s, buf, size)) { 1039 return size; 1040 } 1041 1042 crc = cpu_to_be32(crc32(~0, buf, size)); 1043 /* Increase size by 4, loop below reads the last 4 bytes from crc_ptr. */ 1044 size += 4; 1045 crc_ptr = (uint8_t *) &crc; 1046 1047 /* Huge frames are truncated. */ 1048 if (size > max_frame_size) { 1049 qemu_log_mask(LOG_GUEST_ERROR, "%s: frame too big : %zd bytes\n", 1050 __func__, size); 1051 size = max_frame_size; 1052 flags |= FTGMAC100_RXDES0_FTL; 1053 } 1054 1055 switch (get_eth_packet_type(PKT_GET_ETH_HDR(buf))) { 1056 case ETH_PKT_BCAST: 1057 flags |= FTGMAC100_RXDES0_BROADCAST; 1058 break; 1059 case ETH_PKT_MCAST: 1060 flags |= FTGMAC100_RXDES0_MULTICAST; 1061 break; 1062 case ETH_PKT_UCAST: 1063 break; 1064 } 1065 1066 s->isr |= FTGMAC100_INT_RPKT_FIFO; 1067 addr = s->rx_descriptor; 1068 while (size > 0) { 1069 if (!ftgmac100_can_receive(nc)) { 1070 qemu_log_mask(LOG_GUEST_ERROR, "%s: Unexpected packet\n", __func__); 1071 return -1; 1072 } 1073 1074 if (ftgmac100_read_bd(&bd, addr) || 1075 (bd.des0 & FTGMAC100_RXDES0_RXPKT_RDY)) { 1076 /* No descriptors available. Bail out. */ 1077 qemu_log_mask(LOG_GUEST_ERROR, "%s: Lost end of frame\n", 1078 __func__); 1079 s->isr |= FTGMAC100_INT_NO_RXBUF; 1080 break; 1081 } 1082 buf_len = (size <= s->rbsr) ? size : s->rbsr; 1083 bd.des0 |= buf_len & 0x3fff; 1084 size -= buf_len; 1085 1086 /* The last 4 bytes are the CRC. */ 1087 if (size < 4) { 1088 buf_len += size - 4; 1089 } 1090 buf_addr = bd.des3; 1091 if (first && proto == ETH_P_VLAN && buf_len >= 18) { 1092 bd.des1 = lduw_be_p(buf + 14) | FTGMAC100_RXDES1_VLANTAG_AVAIL; 1093 1094 if (s->maccr & FTGMAC100_MACCR_RM_VLAN) { 1095 dma_memory_write(&address_space_memory, buf_addr, buf, 12, 1096 MEMTXATTRS_UNSPECIFIED); 1097 dma_memory_write(&address_space_memory, buf_addr + 12, 1098 buf + 16, buf_len - 16, 1099 MEMTXATTRS_UNSPECIFIED); 1100 } else { 1101 dma_memory_write(&address_space_memory, buf_addr, buf, 1102 buf_len, MEMTXATTRS_UNSPECIFIED); 1103 } 1104 } else { 1105 bd.des1 = 0; 1106 dma_memory_write(&address_space_memory, buf_addr, buf, buf_len, 1107 MEMTXATTRS_UNSPECIFIED); 1108 } 1109 buf += buf_len; 1110 if (size < 4) { 1111 dma_memory_write(&address_space_memory, buf_addr + buf_len, 1112 crc_ptr, 4 - size, MEMTXATTRS_UNSPECIFIED); 1113 crc_ptr += 4 - size; 1114 } 1115 1116 bd.des0 |= first | FTGMAC100_RXDES0_RXPKT_RDY; 1117 first = 0; 1118 if (size == 0) { 1119 /* Last buffer in frame. */ 1120 bd.des0 |= flags | FTGMAC100_RXDES0_LRS; 1121 s->isr |= FTGMAC100_INT_RPKT_BUF; 1122 } 1123 ftgmac100_write_bd(&bd, addr); 1124 if (bd.des0 & s->rxdes0_edorr) { 1125 addr = s->rx_ring; 1126 } else { 1127 addr += FTGMAC100_DBLAC_RXDES_SIZE(s->dblac); 1128 } 1129 } 1130 s->rx_descriptor = addr; 1131 1132 ftgmac100_update_irq(s); 1133 return len; 1134 } 1135 1136 static const MemoryRegionOps ftgmac100_ops = { 1137 .read = ftgmac100_read, 1138 .write = ftgmac100_write, 1139 .valid.min_access_size = 4, 1140 .valid.max_access_size = 4, 1141 .endianness = DEVICE_LITTLE_ENDIAN, 1142 }; 1143 1144 static const MemoryRegionOps ftgmac100_high_ops = { 1145 .read = ftgmac100_high_read, 1146 .write = ftgmac100_high_write, 1147 .valid.min_access_size = 4, 1148 .valid.max_access_size = 4, 1149 .endianness = DEVICE_LITTLE_ENDIAN, 1150 }; 1151 1152 static void ftgmac100_cleanup(NetClientState *nc) 1153 { 1154 FTGMAC100State *s = FTGMAC100(qemu_get_nic_opaque(nc)); 1155 1156 s->nic = NULL; 1157 } 1158 1159 static NetClientInfo net_ftgmac100_info = { 1160 .type = NET_CLIENT_DRIVER_NIC, 1161 .size = sizeof(NICState), 1162 .can_receive = ftgmac100_can_receive, 1163 .receive = ftgmac100_receive, 1164 .cleanup = ftgmac100_cleanup, 1165 .link_status_changed = ftgmac100_set_link, 1166 }; 1167 1168 static void ftgmac100_realize(DeviceState *dev, Error **errp) 1169 { 1170 FTGMAC100State *s = FTGMAC100(dev); 1171 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1172 1173 if (s->aspeed) { 1174 s->txdes0_edotr = FTGMAC100_TXDES0_EDOTR_ASPEED; 1175 s->rxdes0_edorr = FTGMAC100_RXDES0_EDORR_ASPEED; 1176 } else { 1177 s->txdes0_edotr = FTGMAC100_TXDES0_EDOTR; 1178 s->rxdes0_edorr = FTGMAC100_RXDES0_EDORR; 1179 } 1180 1181 memory_region_init(&s->iomem_container, OBJECT(s), 1182 TYPE_FTGMAC100 ".container", FTGMAC100_MEM_SIZE); 1183 sysbus_init_mmio(sbd, &s->iomem_container); 1184 1185 memory_region_init_io(&s->iomem, OBJECT(s), &ftgmac100_ops, s, 1186 TYPE_FTGMAC100 ".regs", FTGMAC100_REG_MEM_SIZE); 1187 memory_region_add_subregion(&s->iomem_container, 0x0, &s->iomem); 1188 1189 if (s->dma64) { 1190 memory_region_init_io(&s->iomem_high, OBJECT(s), &ftgmac100_high_ops, 1191 s, TYPE_FTGMAC100 ".regs.high", 1192 FTGMAC100_REG_HIGH_MEM_SIZE); 1193 memory_region_add_subregion(&s->iomem_container, 1194 FTGMAC100_REG_HIGH_OFFSET, 1195 &s->iomem_high); 1196 } 1197 1198 sysbus_init_irq(sbd, &s->irq); 1199 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1200 1201 s->nic = qemu_new_nic(&net_ftgmac100_info, &s->conf, 1202 object_get_typename(OBJECT(dev)), dev->id, 1203 &dev->mem_reentrancy_guard, s); 1204 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1205 } 1206 1207 static const VMStateDescription vmstate_ftgmac100 = { 1208 .name = TYPE_FTGMAC100, 1209 .version_id = 2, 1210 .minimum_version_id = 2, 1211 .fields = (const VMStateField[]) { 1212 VMSTATE_UINT32(irq_state, FTGMAC100State), 1213 VMSTATE_UINT32(isr, FTGMAC100State), 1214 VMSTATE_UINT32(ier, FTGMAC100State), 1215 VMSTATE_UINT32(rx_enabled, FTGMAC100State), 1216 VMSTATE_UINT32(rbsr, FTGMAC100State), 1217 VMSTATE_UINT32_ARRAY(math, FTGMAC100State, 2), 1218 VMSTATE_UINT32(itc, FTGMAC100State), 1219 VMSTATE_UINT32(aptcr, FTGMAC100State), 1220 VMSTATE_UINT32(dblac, FTGMAC100State), 1221 VMSTATE_UINT32(revr, FTGMAC100State), 1222 VMSTATE_UINT32(fear1, FTGMAC100State), 1223 VMSTATE_UINT32(tpafcr, FTGMAC100State), 1224 VMSTATE_UINT32(maccr, FTGMAC100State), 1225 VMSTATE_UINT32(phycr, FTGMAC100State), 1226 VMSTATE_UINT32(phydata, FTGMAC100State), 1227 VMSTATE_UINT32(fcr, FTGMAC100State), 1228 VMSTATE_UINT32(phy_status, FTGMAC100State), 1229 VMSTATE_UINT32(phy_control, FTGMAC100State), 1230 VMSTATE_UINT32(phy_advertise, FTGMAC100State), 1231 VMSTATE_UINT32(phy_int, FTGMAC100State), 1232 VMSTATE_UINT32(phy_int_mask, FTGMAC100State), 1233 VMSTATE_UINT32(txdes0_edotr, FTGMAC100State), 1234 VMSTATE_UINT32(rxdes0_edorr, FTGMAC100State), 1235 VMSTATE_UINT64(rx_ring, FTGMAC100State), 1236 VMSTATE_UINT64(tx_ring, FTGMAC100State), 1237 VMSTATE_UINT64(rx_descriptor, FTGMAC100State), 1238 VMSTATE_UINT64(tx_descriptor, FTGMAC100State), 1239 VMSTATE_END_OF_LIST() 1240 } 1241 }; 1242 1243 static Property ftgmac100_properties[] = { 1244 DEFINE_PROP_BOOL("aspeed", FTGMAC100State, aspeed, false), 1245 DEFINE_NIC_PROPERTIES(FTGMAC100State, conf), 1246 DEFINE_PROP_BOOL("dma64", FTGMAC100State, dma64, false), 1247 DEFINE_PROP_END_OF_LIST(), 1248 }; 1249 1250 static void ftgmac100_class_init(ObjectClass *klass, void *data) 1251 { 1252 DeviceClass *dc = DEVICE_CLASS(klass); 1253 1254 dc->vmsd = &vmstate_ftgmac100; 1255 dc->reset = ftgmac100_reset; 1256 device_class_set_props(dc, ftgmac100_properties); 1257 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories); 1258 dc->realize = ftgmac100_realize; 1259 dc->desc = "Faraday FTGMAC100 Gigabit Ethernet emulation"; 1260 } 1261 1262 static const TypeInfo ftgmac100_info = { 1263 .name = TYPE_FTGMAC100, 1264 .parent = TYPE_SYS_BUS_DEVICE, 1265 .instance_size = sizeof(FTGMAC100State), 1266 .class_init = ftgmac100_class_init, 1267 }; 1268 1269 /* 1270 * AST2600 MII controller 1271 */ 1272 #define ASPEED_MII_PHYCR_FIRE BIT(31) 1273 #define ASPEED_MII_PHYCR_ST_22 BIT(28) 1274 #define ASPEED_MII_PHYCR_OP(x) ((x) & (ASPEED_MII_PHYCR_OP_WRITE | \ 1275 ASPEED_MII_PHYCR_OP_READ)) 1276 #define ASPEED_MII_PHYCR_OP_WRITE BIT(26) 1277 #define ASPEED_MII_PHYCR_OP_READ BIT(27) 1278 #define ASPEED_MII_PHYCR_DATA(x) (x & 0xffff) 1279 #define ASPEED_MII_PHYCR_PHY(x) (((x) >> 21) & 0x1f) 1280 #define ASPEED_MII_PHYCR_REG(x) (((x) >> 16) & 0x1f) 1281 1282 #define ASPEED_MII_PHYDATA_IDLE BIT(16) 1283 1284 static void aspeed_mii_transition(AspeedMiiState *s, bool fire) 1285 { 1286 if (fire) { 1287 s->phycr |= ASPEED_MII_PHYCR_FIRE; 1288 s->phydata &= ~ASPEED_MII_PHYDATA_IDLE; 1289 } else { 1290 s->phycr &= ~ASPEED_MII_PHYCR_FIRE; 1291 s->phydata |= ASPEED_MII_PHYDATA_IDLE; 1292 } 1293 } 1294 1295 static void aspeed_mii_do_phy_ctl(AspeedMiiState *s) 1296 { 1297 uint8_t reg; 1298 uint16_t data; 1299 1300 if (!(s->phycr & ASPEED_MII_PHYCR_ST_22)) { 1301 aspeed_mii_transition(s, !ASPEED_MII_PHYCR_FIRE); 1302 qemu_log_mask(LOG_UNIMP, "%s: unsupported ST code\n", __func__); 1303 return; 1304 } 1305 1306 /* Nothing to do */ 1307 if (!(s->phycr & ASPEED_MII_PHYCR_FIRE)) { 1308 return; 1309 } 1310 1311 reg = ASPEED_MII_PHYCR_REG(s->phycr); 1312 data = ASPEED_MII_PHYCR_DATA(s->phycr); 1313 1314 switch (ASPEED_MII_PHYCR_OP(s->phycr)) { 1315 case ASPEED_MII_PHYCR_OP_WRITE: 1316 do_phy_write(s->nic, reg, data); 1317 break; 1318 case ASPEED_MII_PHYCR_OP_READ: 1319 s->phydata = (s->phydata & ~0xffff) | do_phy_read(s->nic, reg); 1320 break; 1321 default: 1322 qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid OP code %08x\n", 1323 __func__, s->phycr); 1324 } 1325 1326 aspeed_mii_transition(s, !ASPEED_MII_PHYCR_FIRE); 1327 } 1328 1329 static uint64_t aspeed_mii_read(void *opaque, hwaddr addr, unsigned size) 1330 { 1331 AspeedMiiState *s = ASPEED_MII(opaque); 1332 1333 switch (addr) { 1334 case 0x0: 1335 return s->phycr; 1336 case 0x4: 1337 return s->phydata; 1338 default: 1339 g_assert_not_reached(); 1340 } 1341 } 1342 1343 static void aspeed_mii_write(void *opaque, hwaddr addr, 1344 uint64_t value, unsigned size) 1345 { 1346 AspeedMiiState *s = ASPEED_MII(opaque); 1347 1348 switch (addr) { 1349 case 0x0: 1350 s->phycr = value & ~(s->phycr & ASPEED_MII_PHYCR_FIRE); 1351 break; 1352 case 0x4: 1353 s->phydata = value & ~(0xffff | ASPEED_MII_PHYDATA_IDLE); 1354 break; 1355 default: 1356 g_assert_not_reached(); 1357 } 1358 1359 aspeed_mii_transition(s, !!(s->phycr & ASPEED_MII_PHYCR_FIRE)); 1360 aspeed_mii_do_phy_ctl(s); 1361 } 1362 1363 static const MemoryRegionOps aspeed_mii_ops = { 1364 .read = aspeed_mii_read, 1365 .write = aspeed_mii_write, 1366 .valid.min_access_size = 4, 1367 .valid.max_access_size = 4, 1368 .endianness = DEVICE_LITTLE_ENDIAN, 1369 }; 1370 1371 static void aspeed_mii_reset(DeviceState *dev) 1372 { 1373 AspeedMiiState *s = ASPEED_MII(dev); 1374 1375 s->phycr = 0; 1376 s->phydata = 0; 1377 1378 aspeed_mii_transition(s, !!(s->phycr & ASPEED_MII_PHYCR_FIRE)); 1379 }; 1380 1381 static void aspeed_mii_realize(DeviceState *dev, Error **errp) 1382 { 1383 AspeedMiiState *s = ASPEED_MII(dev); 1384 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1385 1386 assert(s->nic); 1387 1388 memory_region_init_io(&s->iomem, OBJECT(dev), &aspeed_mii_ops, s, 1389 TYPE_ASPEED_MII, 0x8); 1390 sysbus_init_mmio(sbd, &s->iomem); 1391 } 1392 1393 static const VMStateDescription vmstate_aspeed_mii = { 1394 .name = TYPE_ASPEED_MII, 1395 .version_id = 1, 1396 .minimum_version_id = 1, 1397 .fields = (const VMStateField[]) { 1398 VMSTATE_UINT32(phycr, FTGMAC100State), 1399 VMSTATE_UINT32(phydata, FTGMAC100State), 1400 VMSTATE_END_OF_LIST() 1401 } 1402 }; 1403 1404 static Property aspeed_mii_properties[] = { 1405 DEFINE_PROP_LINK("nic", AspeedMiiState, nic, TYPE_FTGMAC100, 1406 FTGMAC100State *), 1407 DEFINE_PROP_END_OF_LIST(), 1408 }; 1409 1410 static void aspeed_mii_class_init(ObjectClass *klass, void *data) 1411 { 1412 DeviceClass *dc = DEVICE_CLASS(klass); 1413 1414 dc->vmsd = &vmstate_aspeed_mii; 1415 dc->reset = aspeed_mii_reset; 1416 dc->realize = aspeed_mii_realize; 1417 dc->desc = "Aspeed MII controller"; 1418 device_class_set_props(dc, aspeed_mii_properties); 1419 } 1420 1421 static const TypeInfo aspeed_mii_info = { 1422 .name = TYPE_ASPEED_MII, 1423 .parent = TYPE_SYS_BUS_DEVICE, 1424 .instance_size = sizeof(AspeedMiiState), 1425 .class_init = aspeed_mii_class_init, 1426 }; 1427 1428 static void ftgmac100_register_types(void) 1429 { 1430 type_register_static(&ftgmac100_info); 1431 type_register_static(&aspeed_mii_info); 1432 } 1433 1434 type_init(ftgmac100_register_types) 1435