1 /* 2 * SMSC LAN9118 Ethernet interface emulation 3 * 4 * Copyright (c) 2009 CodeSourcery, LLC. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GNU GPL v2 8 * 9 * Contributions after 2012-01-13 are licensed under the terms of the 10 * GNU GPL, version 2 or (at your option) any later version. 11 */ 12 13 #include "qemu/osdep.h" 14 #include "hw/sysbus.h" 15 #include "migration/vmstate.h" 16 #include "net/net.h" 17 #include "net/eth.h" 18 #include "hw/irq.h" 19 #include "hw/net/lan9118.h" 20 #include "sysemu/sysemu.h" 21 #include "hw/ptimer.h" 22 #include "qemu/log.h" 23 #include "qemu/module.h" 24 /* For crc32 */ 25 #include <zlib.h> 26 27 //#define DEBUG_LAN9118 28 29 #ifdef DEBUG_LAN9118 30 #define DPRINTF(fmt, ...) \ 31 do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0) 32 #define BADF(fmt, ...) \ 33 do { hw_error("lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 34 #else 35 #define DPRINTF(fmt, ...) do {} while(0) 36 #define BADF(fmt, ...) \ 37 do { fprintf(stderr, "lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 38 #endif 39 40 #define CSR_ID_REV 0x50 41 #define CSR_IRQ_CFG 0x54 42 #define CSR_INT_STS 0x58 43 #define CSR_INT_EN 0x5c 44 #define CSR_BYTE_TEST 0x64 45 #define CSR_FIFO_INT 0x68 46 #define CSR_RX_CFG 0x6c 47 #define CSR_TX_CFG 0x70 48 #define CSR_HW_CFG 0x74 49 #define CSR_RX_DP_CTRL 0x78 50 #define CSR_RX_FIFO_INF 0x7c 51 #define CSR_TX_FIFO_INF 0x80 52 #define CSR_PMT_CTRL 0x84 53 #define CSR_GPIO_CFG 0x88 54 #define CSR_GPT_CFG 0x8c 55 #define CSR_GPT_CNT 0x90 56 #define CSR_WORD_SWAP 0x98 57 #define CSR_FREE_RUN 0x9c 58 #define CSR_RX_DROP 0xa0 59 #define CSR_MAC_CSR_CMD 0xa4 60 #define CSR_MAC_CSR_DATA 0xa8 61 #define CSR_AFC_CFG 0xac 62 #define CSR_E2P_CMD 0xb0 63 #define CSR_E2P_DATA 0xb4 64 65 #define E2P_CMD_MAC_ADDR_LOADED 0x100 66 67 /* IRQ_CFG */ 68 #define IRQ_INT 0x00001000 69 #define IRQ_EN 0x00000100 70 #define IRQ_POL 0x00000010 71 #define IRQ_TYPE 0x00000001 72 73 /* INT_STS/INT_EN */ 74 #define SW_INT 0x80000000 75 #define TXSTOP_INT 0x02000000 76 #define RXSTOP_INT 0x01000000 77 #define RXDFH_INT 0x00800000 78 #define TX_IOC_INT 0x00200000 79 #define RXD_INT 0x00100000 80 #define GPT_INT 0x00080000 81 #define PHY_INT 0x00040000 82 #define PME_INT 0x00020000 83 #define TXSO_INT 0x00010000 84 #define RWT_INT 0x00008000 85 #define RXE_INT 0x00004000 86 #define TXE_INT 0x00002000 87 #define TDFU_INT 0x00000800 88 #define TDFO_INT 0x00000400 89 #define TDFA_INT 0x00000200 90 #define TSFF_INT 0x00000100 91 #define TSFL_INT 0x00000080 92 #define RXDF_INT 0x00000040 93 #define RDFL_INT 0x00000020 94 #define RSFF_INT 0x00000010 95 #define RSFL_INT 0x00000008 96 #define GPIO2_INT 0x00000004 97 #define GPIO1_INT 0x00000002 98 #define GPIO0_INT 0x00000001 99 #define RESERVED_INT 0x7c001000 100 101 #define MAC_CR 1 102 #define MAC_ADDRH 2 103 #define MAC_ADDRL 3 104 #define MAC_HASHH 4 105 #define MAC_HASHL 5 106 #define MAC_MII_ACC 6 107 #define MAC_MII_DATA 7 108 #define MAC_FLOW 8 109 #define MAC_VLAN1 9 /* TODO */ 110 #define MAC_VLAN2 10 /* TODO */ 111 #define MAC_WUFF 11 /* TODO */ 112 #define MAC_WUCSR 12 /* TODO */ 113 114 #define MAC_CR_RXALL 0x80000000 115 #define MAC_CR_RCVOWN 0x00800000 116 #define MAC_CR_LOOPBK 0x00200000 117 #define MAC_CR_FDPX 0x00100000 118 #define MAC_CR_MCPAS 0x00080000 119 #define MAC_CR_PRMS 0x00040000 120 #define MAC_CR_INVFILT 0x00020000 121 #define MAC_CR_PASSBAD 0x00010000 122 #define MAC_CR_HO 0x00008000 123 #define MAC_CR_HPFILT 0x00002000 124 #define MAC_CR_LCOLL 0x00001000 125 #define MAC_CR_BCAST 0x00000800 126 #define MAC_CR_DISRTY 0x00000400 127 #define MAC_CR_PADSTR 0x00000100 128 #define MAC_CR_BOLMT 0x000000c0 129 #define MAC_CR_DFCHK 0x00000020 130 #define MAC_CR_TXEN 0x00000008 131 #define MAC_CR_RXEN 0x00000004 132 #define MAC_CR_RESERVED 0x7f404213 133 134 #define PHY_INT_ENERGYON 0x80 135 #define PHY_INT_AUTONEG_COMPLETE 0x40 136 #define PHY_INT_FAULT 0x20 137 #define PHY_INT_DOWN 0x10 138 #define PHY_INT_AUTONEG_LP 0x08 139 #define PHY_INT_PARFAULT 0x04 140 #define PHY_INT_AUTONEG_PAGE 0x02 141 142 #define GPT_TIMER_EN 0x20000000 143 144 enum tx_state { 145 TX_IDLE, 146 TX_B, 147 TX_DATA 148 }; 149 150 typedef struct { 151 /* state is a tx_state but we can't put enums in VMStateDescriptions. */ 152 uint32_t state; 153 uint32_t cmd_a; 154 uint32_t cmd_b; 155 int32_t buffer_size; 156 int32_t offset; 157 int32_t pad; 158 int32_t fifo_used; 159 int32_t len; 160 uint8_t data[2048]; 161 } LAN9118Packet; 162 163 static const VMStateDescription vmstate_lan9118_packet = { 164 .name = "lan9118_packet", 165 .version_id = 1, 166 .minimum_version_id = 1, 167 .fields = (VMStateField[]) { 168 VMSTATE_UINT32(state, LAN9118Packet), 169 VMSTATE_UINT32(cmd_a, LAN9118Packet), 170 VMSTATE_UINT32(cmd_b, LAN9118Packet), 171 VMSTATE_INT32(buffer_size, LAN9118Packet), 172 VMSTATE_INT32(offset, LAN9118Packet), 173 VMSTATE_INT32(pad, LAN9118Packet), 174 VMSTATE_INT32(fifo_used, LAN9118Packet), 175 VMSTATE_INT32(len, LAN9118Packet), 176 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, 2048), 177 VMSTATE_END_OF_LIST() 178 } 179 }; 180 181 #define LAN9118(obj) OBJECT_CHECK(lan9118_state, (obj), TYPE_LAN9118) 182 183 typedef struct { 184 SysBusDevice parent_obj; 185 186 NICState *nic; 187 NICConf conf; 188 qemu_irq irq; 189 MemoryRegion mmio; 190 ptimer_state *timer; 191 192 uint32_t irq_cfg; 193 uint32_t int_sts; 194 uint32_t int_en; 195 uint32_t fifo_int; 196 uint32_t rx_cfg; 197 uint32_t tx_cfg; 198 uint32_t hw_cfg; 199 uint32_t pmt_ctrl; 200 uint32_t gpio_cfg; 201 uint32_t gpt_cfg; 202 uint32_t word_swap; 203 uint32_t free_timer_start; 204 uint32_t mac_cmd; 205 uint32_t mac_data; 206 uint32_t afc_cfg; 207 uint32_t e2p_cmd; 208 uint32_t e2p_data; 209 210 uint32_t mac_cr; 211 uint32_t mac_hashh; 212 uint32_t mac_hashl; 213 uint32_t mac_mii_acc; 214 uint32_t mac_mii_data; 215 uint32_t mac_flow; 216 217 uint32_t phy_status; 218 uint32_t phy_control; 219 uint32_t phy_advertise; 220 uint32_t phy_int; 221 uint32_t phy_int_mask; 222 223 int32_t eeprom_writable; 224 uint8_t eeprom[128]; 225 226 int32_t tx_fifo_size; 227 LAN9118Packet *txp; 228 LAN9118Packet tx_packet; 229 230 int32_t tx_status_fifo_used; 231 int32_t tx_status_fifo_head; 232 uint32_t tx_status_fifo[512]; 233 234 int32_t rx_status_fifo_size; 235 int32_t rx_status_fifo_used; 236 int32_t rx_status_fifo_head; 237 uint32_t rx_status_fifo[896]; 238 int32_t rx_fifo_size; 239 int32_t rx_fifo_used; 240 int32_t rx_fifo_head; 241 uint32_t rx_fifo[3360]; 242 int32_t rx_packet_size_head; 243 int32_t rx_packet_size_tail; 244 int32_t rx_packet_size[1024]; 245 246 int32_t rxp_offset; 247 int32_t rxp_size; 248 int32_t rxp_pad; 249 250 uint32_t write_word_prev_offset; 251 uint32_t write_word_n; 252 uint16_t write_word_l; 253 uint16_t write_word_h; 254 uint32_t read_word_prev_offset; 255 uint32_t read_word_n; 256 uint32_t read_long; 257 258 uint32_t mode_16bit; 259 } lan9118_state; 260 261 static const VMStateDescription vmstate_lan9118 = { 262 .name = "lan9118", 263 .version_id = 2, 264 .minimum_version_id = 1, 265 .fields = (VMStateField[]) { 266 VMSTATE_PTIMER(timer, lan9118_state), 267 VMSTATE_UINT32(irq_cfg, lan9118_state), 268 VMSTATE_UINT32(int_sts, lan9118_state), 269 VMSTATE_UINT32(int_en, lan9118_state), 270 VMSTATE_UINT32(fifo_int, lan9118_state), 271 VMSTATE_UINT32(rx_cfg, lan9118_state), 272 VMSTATE_UINT32(tx_cfg, lan9118_state), 273 VMSTATE_UINT32(hw_cfg, lan9118_state), 274 VMSTATE_UINT32(pmt_ctrl, lan9118_state), 275 VMSTATE_UINT32(gpio_cfg, lan9118_state), 276 VMSTATE_UINT32(gpt_cfg, lan9118_state), 277 VMSTATE_UINT32(word_swap, lan9118_state), 278 VMSTATE_UINT32(free_timer_start, lan9118_state), 279 VMSTATE_UINT32(mac_cmd, lan9118_state), 280 VMSTATE_UINT32(mac_data, lan9118_state), 281 VMSTATE_UINT32(afc_cfg, lan9118_state), 282 VMSTATE_UINT32(e2p_cmd, lan9118_state), 283 VMSTATE_UINT32(e2p_data, lan9118_state), 284 VMSTATE_UINT32(mac_cr, lan9118_state), 285 VMSTATE_UINT32(mac_hashh, lan9118_state), 286 VMSTATE_UINT32(mac_hashl, lan9118_state), 287 VMSTATE_UINT32(mac_mii_acc, lan9118_state), 288 VMSTATE_UINT32(mac_mii_data, lan9118_state), 289 VMSTATE_UINT32(mac_flow, lan9118_state), 290 VMSTATE_UINT32(phy_status, lan9118_state), 291 VMSTATE_UINT32(phy_control, lan9118_state), 292 VMSTATE_UINT32(phy_advertise, lan9118_state), 293 VMSTATE_UINT32(phy_int, lan9118_state), 294 VMSTATE_UINT32(phy_int_mask, lan9118_state), 295 VMSTATE_INT32(eeprom_writable, lan9118_state), 296 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128), 297 VMSTATE_INT32(tx_fifo_size, lan9118_state), 298 /* txp always points at tx_packet so need not be saved */ 299 VMSTATE_STRUCT(tx_packet, lan9118_state, 0, 300 vmstate_lan9118_packet, LAN9118Packet), 301 VMSTATE_INT32(tx_status_fifo_used, lan9118_state), 302 VMSTATE_INT32(tx_status_fifo_head, lan9118_state), 303 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512), 304 VMSTATE_INT32(rx_status_fifo_size, lan9118_state), 305 VMSTATE_INT32(rx_status_fifo_used, lan9118_state), 306 VMSTATE_INT32(rx_status_fifo_head, lan9118_state), 307 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896), 308 VMSTATE_INT32(rx_fifo_size, lan9118_state), 309 VMSTATE_INT32(rx_fifo_used, lan9118_state), 310 VMSTATE_INT32(rx_fifo_head, lan9118_state), 311 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360), 312 VMSTATE_INT32(rx_packet_size_head, lan9118_state), 313 VMSTATE_INT32(rx_packet_size_tail, lan9118_state), 314 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024), 315 VMSTATE_INT32(rxp_offset, lan9118_state), 316 VMSTATE_INT32(rxp_size, lan9118_state), 317 VMSTATE_INT32(rxp_pad, lan9118_state), 318 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2), 319 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2), 320 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2), 321 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2), 322 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2), 323 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2), 324 VMSTATE_UINT32_V(read_long, lan9118_state, 2), 325 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2), 326 VMSTATE_END_OF_LIST() 327 } 328 }; 329 330 static void lan9118_update(lan9118_state *s) 331 { 332 int level; 333 334 /* TODO: Implement FIFO level IRQs. */ 335 level = (s->int_sts & s->int_en) != 0; 336 if (level) { 337 s->irq_cfg |= IRQ_INT; 338 } else { 339 s->irq_cfg &= ~IRQ_INT; 340 } 341 if ((s->irq_cfg & IRQ_EN) == 0) { 342 level = 0; 343 } 344 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { 345 /* Interrupt is active low unless we're configured as 346 * active-high polarity, push-pull type. 347 */ 348 level = !level; 349 } 350 qemu_set_irq(s->irq, level); 351 } 352 353 static void lan9118_mac_changed(lan9118_state *s) 354 { 355 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 356 } 357 358 static void lan9118_reload_eeprom(lan9118_state *s) 359 { 360 int i; 361 if (s->eeprom[0] != 0xa5) { 362 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED; 363 DPRINTF("MACADDR load failed\n"); 364 return; 365 } 366 for (i = 0; i < 6; i++) { 367 s->conf.macaddr.a[i] = s->eeprom[i + 1]; 368 } 369 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED; 370 DPRINTF("MACADDR loaded from eeprom\n"); 371 lan9118_mac_changed(s); 372 } 373 374 static void phy_update_irq(lan9118_state *s) 375 { 376 if (s->phy_int & s->phy_int_mask) { 377 s->int_sts |= PHY_INT; 378 } else { 379 s->int_sts &= ~PHY_INT; 380 } 381 lan9118_update(s); 382 } 383 384 static void phy_update_link(lan9118_state *s) 385 { 386 /* Autonegotiation status mirrors link status. */ 387 if (qemu_get_queue(s->nic)->link_down) { 388 s->phy_status &= ~0x0024; 389 s->phy_int |= PHY_INT_DOWN; 390 } else { 391 s->phy_status |= 0x0024; 392 s->phy_int |= PHY_INT_ENERGYON; 393 s->phy_int |= PHY_INT_AUTONEG_COMPLETE; 394 } 395 phy_update_irq(s); 396 } 397 398 static void lan9118_set_link(NetClientState *nc) 399 { 400 phy_update_link(qemu_get_nic_opaque(nc)); 401 } 402 403 static void phy_reset(lan9118_state *s) 404 { 405 s->phy_status = 0x7809; 406 s->phy_control = 0x3000; 407 s->phy_advertise = 0x01e1; 408 s->phy_int_mask = 0; 409 s->phy_int = 0; 410 phy_update_link(s); 411 } 412 413 static void lan9118_reset(DeviceState *d) 414 { 415 lan9118_state *s = LAN9118(d); 416 417 s->irq_cfg &= (IRQ_TYPE | IRQ_POL); 418 s->int_sts = 0; 419 s->int_en = 0; 420 s->fifo_int = 0x48000000; 421 s->rx_cfg = 0; 422 s->tx_cfg = 0; 423 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004; 424 s->pmt_ctrl &= 0x45; 425 s->gpio_cfg = 0; 426 s->txp->fifo_used = 0; 427 s->txp->state = TX_IDLE; 428 s->txp->cmd_a = 0xffffffffu; 429 s->txp->cmd_b = 0xffffffffu; 430 s->txp->len = 0; 431 s->txp->fifo_used = 0; 432 s->tx_fifo_size = 4608; 433 s->tx_status_fifo_used = 0; 434 s->rx_status_fifo_size = 704; 435 s->rx_fifo_size = 2640; 436 s->rx_fifo_used = 0; 437 s->rx_status_fifo_size = 176; 438 s->rx_status_fifo_used = 0; 439 s->rxp_offset = 0; 440 s->rxp_size = 0; 441 s->rxp_pad = 0; 442 s->rx_packet_size_tail = s->rx_packet_size_head; 443 s->rx_packet_size[s->rx_packet_size_head] = 0; 444 s->mac_cmd = 0; 445 s->mac_data = 0; 446 s->afc_cfg = 0; 447 s->e2p_cmd = 0; 448 s->e2p_data = 0; 449 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40; 450 451 ptimer_stop(s->timer); 452 ptimer_set_count(s->timer, 0xffff); 453 s->gpt_cfg = 0xffff; 454 455 s->mac_cr = MAC_CR_PRMS; 456 s->mac_hashh = 0; 457 s->mac_hashl = 0; 458 s->mac_mii_acc = 0; 459 s->mac_mii_data = 0; 460 s->mac_flow = 0; 461 462 s->read_word_n = 0; 463 s->write_word_n = 0; 464 465 phy_reset(s); 466 467 s->eeprom_writable = 0; 468 lan9118_reload_eeprom(s); 469 } 470 471 static void rx_fifo_push(lan9118_state *s, uint32_t val) 472 { 473 int fifo_pos; 474 fifo_pos = s->rx_fifo_head + s->rx_fifo_used; 475 if (fifo_pos >= s->rx_fifo_size) 476 fifo_pos -= s->rx_fifo_size; 477 s->rx_fifo[fifo_pos] = val; 478 s->rx_fifo_used++; 479 } 480 481 /* Return nonzero if the packet is accepted by the filter. */ 482 static int lan9118_filter(lan9118_state *s, const uint8_t *addr) 483 { 484 int multicast; 485 uint32_t hash; 486 487 if (s->mac_cr & MAC_CR_PRMS) { 488 return 1; 489 } 490 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff && 491 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) { 492 return (s->mac_cr & MAC_CR_BCAST) == 0; 493 } 494 495 multicast = addr[0] & 1; 496 if (multicast &&s->mac_cr & MAC_CR_MCPAS) { 497 return 1; 498 } 499 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0 500 : (s->mac_cr & MAC_CR_HO) == 0) { 501 /* Exact matching. */ 502 hash = memcmp(addr, s->conf.macaddr.a, 6); 503 if (s->mac_cr & MAC_CR_INVFILT) { 504 return hash != 0; 505 } else { 506 return hash == 0; 507 } 508 } else { 509 /* Hash matching */ 510 hash = net_crc32(addr, ETH_ALEN) >> 26; 511 if (hash & 0x20) { 512 return (s->mac_hashh >> (hash & 0x1f)) & 1; 513 } else { 514 return (s->mac_hashl >> (hash & 0x1f)) & 1; 515 } 516 } 517 } 518 519 static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf, 520 size_t size) 521 { 522 lan9118_state *s = qemu_get_nic_opaque(nc); 523 int fifo_len; 524 int offset; 525 int src_pos; 526 int n; 527 int filter; 528 uint32_t val; 529 uint32_t crc; 530 uint32_t status; 531 532 if ((s->mac_cr & MAC_CR_RXEN) == 0) { 533 return -1; 534 } 535 536 if (size >= 2048 || size < 14) { 537 return -1; 538 } 539 540 /* TODO: Implement FIFO overflow notification. */ 541 if (s->rx_status_fifo_used == s->rx_status_fifo_size) { 542 return -1; 543 } 544 545 filter = lan9118_filter(s, buf); 546 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) { 547 return size; 548 } 549 550 offset = (s->rx_cfg >> 8) & 0x1f; 551 n = offset & 3; 552 fifo_len = (size + n + 3) >> 2; 553 /* Add a word for the CRC. */ 554 fifo_len++; 555 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) { 556 return -1; 557 } 558 559 DPRINTF("Got packet len:%d fifo:%d filter:%s\n", 560 (int)size, fifo_len, filter ? "pass" : "fail"); 561 val = 0; 562 crc = bswap32(crc32(~0, buf, size)); 563 for (src_pos = 0; src_pos < size; src_pos++) { 564 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24); 565 n++; 566 if (n == 4) { 567 n = 0; 568 rx_fifo_push(s, val); 569 val = 0; 570 } 571 } 572 if (n) { 573 val >>= ((4 - n) * 8); 574 val |= crc << (n * 8); 575 rx_fifo_push(s, val); 576 val = crc >> ((4 - n) * 8); 577 rx_fifo_push(s, val); 578 } else { 579 rx_fifo_push(s, crc); 580 } 581 n = s->rx_status_fifo_head + s->rx_status_fifo_used; 582 if (n >= s->rx_status_fifo_size) { 583 n -= s->rx_status_fifo_size; 584 } 585 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len; 586 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023; 587 s->rx_status_fifo_used++; 588 589 status = (size + 4) << 16; 590 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff && 591 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) { 592 status |= 0x00002000; 593 } else if (buf[0] & 1) { 594 status |= 0x00000400; 595 } 596 if (!filter) { 597 status |= 0x40000000; 598 } 599 s->rx_status_fifo[n] = status; 600 601 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) { 602 s->int_sts |= RSFL_INT; 603 } 604 lan9118_update(s); 605 606 return size; 607 } 608 609 static uint32_t rx_fifo_pop(lan9118_state *s) 610 { 611 int n; 612 uint32_t val; 613 614 if (s->rxp_size == 0 && s->rxp_pad == 0) { 615 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head]; 616 s->rx_packet_size[s->rx_packet_size_head] = 0; 617 if (s->rxp_size != 0) { 618 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023; 619 s->rxp_offset = (s->rx_cfg >> 10) & 7; 620 n = s->rxp_offset + s->rxp_size; 621 switch (s->rx_cfg >> 30) { 622 case 1: 623 n = (-n) & 3; 624 break; 625 case 2: 626 n = (-n) & 7; 627 break; 628 default: 629 n = 0; 630 break; 631 } 632 s->rxp_pad = n; 633 DPRINTF("Pop packet size:%d offset:%d pad: %d\n", 634 s->rxp_size, s->rxp_offset, s->rxp_pad); 635 } 636 } 637 if (s->rxp_offset > 0) { 638 s->rxp_offset--; 639 val = 0; 640 } else if (s->rxp_size > 0) { 641 s->rxp_size--; 642 val = s->rx_fifo[s->rx_fifo_head++]; 643 if (s->rx_fifo_head >= s->rx_fifo_size) { 644 s->rx_fifo_head -= s->rx_fifo_size; 645 } 646 s->rx_fifo_used--; 647 } else if (s->rxp_pad > 0) { 648 s->rxp_pad--; 649 val = 0; 650 } else { 651 DPRINTF("RX underflow\n"); 652 s->int_sts |= RXE_INT; 653 val = 0; 654 } 655 lan9118_update(s); 656 return val; 657 } 658 659 static void do_tx_packet(lan9118_state *s) 660 { 661 int n; 662 uint32_t status; 663 664 /* FIXME: Honor TX disable, and allow queueing of packets. */ 665 if (s->phy_control & 0x4000) { 666 /* This assumes the receive routine doesn't touch the VLANClient. */ 667 lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 668 } else { 669 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 670 } 671 s->txp->fifo_used = 0; 672 673 if (s->tx_status_fifo_used == 512) { 674 /* Status FIFO full */ 675 return; 676 } 677 /* Add entry to status FIFO. */ 678 status = s->txp->cmd_b & 0xffff0000u; 679 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len); 680 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511; 681 s->tx_status_fifo[n] = status; 682 s->tx_status_fifo_used++; 683 if (s->tx_status_fifo_used == 512) { 684 s->int_sts |= TSFF_INT; 685 /* TODO: Stop transmission. */ 686 } 687 } 688 689 static uint32_t rx_status_fifo_pop(lan9118_state *s) 690 { 691 uint32_t val; 692 693 val = s->rx_status_fifo[s->rx_status_fifo_head]; 694 if (s->rx_status_fifo_used != 0) { 695 s->rx_status_fifo_used--; 696 s->rx_status_fifo_head++; 697 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) { 698 s->rx_status_fifo_head -= s->rx_status_fifo_size; 699 } 700 /* ??? What value should be returned when the FIFO is empty? */ 701 DPRINTF("RX status pop 0x%08x\n", val); 702 } 703 return val; 704 } 705 706 static uint32_t tx_status_fifo_pop(lan9118_state *s) 707 { 708 uint32_t val; 709 710 val = s->tx_status_fifo[s->tx_status_fifo_head]; 711 if (s->tx_status_fifo_used != 0) { 712 s->tx_status_fifo_used--; 713 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511; 714 /* ??? What value should be returned when the FIFO is empty? */ 715 } 716 return val; 717 } 718 719 static void tx_fifo_push(lan9118_state *s, uint32_t val) 720 { 721 int n; 722 723 if (s->txp->fifo_used == s->tx_fifo_size) { 724 s->int_sts |= TDFO_INT; 725 return; 726 } 727 switch (s->txp->state) { 728 case TX_IDLE: 729 s->txp->cmd_a = val & 0x831f37ff; 730 s->txp->fifo_used++; 731 s->txp->state = TX_B; 732 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11); 733 s->txp->offset = extract32(s->txp->cmd_a, 16, 5); 734 break; 735 case TX_B: 736 if (s->txp->cmd_a & 0x2000) { 737 /* First segment */ 738 s->txp->cmd_b = val; 739 s->txp->fifo_used++; 740 /* End alignment does not include command words. */ 741 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2; 742 switch ((n >> 24) & 3) { 743 case 1: 744 n = (-n) & 3; 745 break; 746 case 2: 747 n = (-n) & 7; 748 break; 749 default: 750 n = 0; 751 } 752 s->txp->pad = n; 753 s->txp->len = 0; 754 } 755 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n", 756 s->txp->buffer_size, s->txp->offset, s->txp->pad, 757 s->txp->cmd_a); 758 s->txp->state = TX_DATA; 759 break; 760 case TX_DATA: 761 if (s->txp->offset >= 4) { 762 s->txp->offset -= 4; 763 break; 764 } 765 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) { 766 s->txp->pad--; 767 } else { 768 n = MIN(4, s->txp->buffer_size + s->txp->offset); 769 while (s->txp->offset) { 770 val >>= 8; 771 n--; 772 s->txp->offset--; 773 } 774 /* Documentation is somewhat unclear on the ordering of bytes 775 in FIFO words. Empirical results show it to be little-endian. 776 */ 777 /* TODO: FIFO overflow checking. */ 778 while (n--) { 779 s->txp->data[s->txp->len] = val & 0xff; 780 s->txp->len++; 781 val >>= 8; 782 s->txp->buffer_size--; 783 } 784 s->txp->fifo_used++; 785 } 786 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) { 787 if (s->txp->cmd_a & 0x1000) { 788 do_tx_packet(s); 789 } 790 if (s->txp->cmd_a & 0x80000000) { 791 s->int_sts |= TX_IOC_INT; 792 } 793 s->txp->state = TX_IDLE; 794 } 795 break; 796 } 797 } 798 799 static uint32_t do_phy_read(lan9118_state *s, int reg) 800 { 801 uint32_t val; 802 803 switch (reg) { 804 case 0: /* Basic Control */ 805 return s->phy_control; 806 case 1: /* Basic Status */ 807 return s->phy_status; 808 case 2: /* ID1 */ 809 return 0x0007; 810 case 3: /* ID2 */ 811 return 0xc0d1; 812 case 4: /* Auto-neg advertisement */ 813 return s->phy_advertise; 814 case 5: /* Auto-neg Link Partner Ability */ 815 return 0x0f71; 816 case 6: /* Auto-neg Expansion */ 817 return 1; 818 /* TODO 17, 18, 27, 29, 30, 31 */ 819 case 29: /* Interrupt source. */ 820 val = s->phy_int; 821 s->phy_int = 0; 822 phy_update_irq(s); 823 return val; 824 case 30: /* Interrupt mask */ 825 return s->phy_int_mask; 826 default: 827 BADF("PHY read reg %d\n", reg); 828 return 0; 829 } 830 } 831 832 static void do_phy_write(lan9118_state *s, int reg, uint32_t val) 833 { 834 switch (reg) { 835 case 0: /* Basic Control */ 836 if (val & 0x8000) { 837 phy_reset(s); 838 break; 839 } 840 s->phy_control = val & 0x7980; 841 /* Complete autonegotiation immediately. */ 842 if (val & 0x1000) { 843 s->phy_status |= 0x0020; 844 } 845 break; 846 case 4: /* Auto-neg advertisement */ 847 s->phy_advertise = (val & 0x2d7f) | 0x80; 848 break; 849 /* TODO 17, 18, 27, 31 */ 850 case 30: /* Interrupt mask */ 851 s->phy_int_mask = val & 0xff; 852 phy_update_irq(s); 853 break; 854 default: 855 BADF("PHY write reg %d = 0x%04x\n", reg, val); 856 } 857 } 858 859 static void do_mac_write(lan9118_state *s, int reg, uint32_t val) 860 { 861 switch (reg) { 862 case MAC_CR: 863 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) { 864 s->int_sts |= RXSTOP_INT; 865 } 866 s->mac_cr = val & ~MAC_CR_RESERVED; 867 DPRINTF("MAC_CR: %08x\n", val); 868 break; 869 case MAC_ADDRH: 870 s->conf.macaddr.a[4] = val & 0xff; 871 s->conf.macaddr.a[5] = (val >> 8) & 0xff; 872 lan9118_mac_changed(s); 873 break; 874 case MAC_ADDRL: 875 s->conf.macaddr.a[0] = val & 0xff; 876 s->conf.macaddr.a[1] = (val >> 8) & 0xff; 877 s->conf.macaddr.a[2] = (val >> 16) & 0xff; 878 s->conf.macaddr.a[3] = (val >> 24) & 0xff; 879 lan9118_mac_changed(s); 880 break; 881 case MAC_HASHH: 882 s->mac_hashh = val; 883 break; 884 case MAC_HASHL: 885 s->mac_hashl = val; 886 break; 887 case MAC_MII_ACC: 888 s->mac_mii_acc = val & 0xffc2; 889 if (val & 2) { 890 DPRINTF("PHY write %d = 0x%04x\n", 891 (val >> 6) & 0x1f, s->mac_mii_data); 892 do_phy_write(s, (val >> 6) & 0x1f, s->mac_mii_data); 893 } else { 894 s->mac_mii_data = do_phy_read(s, (val >> 6) & 0x1f); 895 DPRINTF("PHY read %d = 0x%04x\n", 896 (val >> 6) & 0x1f, s->mac_mii_data); 897 } 898 break; 899 case MAC_MII_DATA: 900 s->mac_mii_data = val & 0xffff; 901 break; 902 case MAC_FLOW: 903 s->mac_flow = val & 0xffff0000; 904 break; 905 case MAC_VLAN1: 906 /* Writing to this register changes a condition for 907 * FrameTooLong bit in rx_status. Since we do not set 908 * FrameTooLong anyway, just ignore write to this. 909 */ 910 break; 911 default: 912 qemu_log_mask(LOG_GUEST_ERROR, 913 "lan9118: Unimplemented MAC register write: %d = 0x%x\n", 914 s->mac_cmd & 0xf, val); 915 } 916 } 917 918 static uint32_t do_mac_read(lan9118_state *s, int reg) 919 { 920 switch (reg) { 921 case MAC_CR: 922 return s->mac_cr; 923 case MAC_ADDRH: 924 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8); 925 case MAC_ADDRL: 926 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8) 927 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24); 928 case MAC_HASHH: 929 return s->mac_hashh; 930 break; 931 case MAC_HASHL: 932 return s->mac_hashl; 933 break; 934 case MAC_MII_ACC: 935 return s->mac_mii_acc; 936 case MAC_MII_DATA: 937 return s->mac_mii_data; 938 case MAC_FLOW: 939 return s->mac_flow; 940 default: 941 qemu_log_mask(LOG_GUEST_ERROR, 942 "lan9118: Unimplemented MAC register read: %d\n", 943 s->mac_cmd & 0xf); 944 return 0; 945 } 946 } 947 948 static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr) 949 { 950 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr; 951 switch (cmd) { 952 case 0: 953 s->e2p_data = s->eeprom[addr]; 954 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data); 955 break; 956 case 1: 957 s->eeprom_writable = 0; 958 DPRINTF("EEPROM Write Disable\n"); 959 break; 960 case 2: /* EWEN */ 961 s->eeprom_writable = 1; 962 DPRINTF("EEPROM Write Enable\n"); 963 break; 964 case 3: /* WRITE */ 965 if (s->eeprom_writable) { 966 s->eeprom[addr] &= s->e2p_data; 967 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data); 968 } else { 969 DPRINTF("EEPROM Write %d (ignored)\n", addr); 970 } 971 break; 972 case 4: /* WRAL */ 973 if (s->eeprom_writable) { 974 for (addr = 0; addr < 128; addr++) { 975 s->eeprom[addr] &= s->e2p_data; 976 } 977 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data); 978 } else { 979 DPRINTF("EEPROM Write All (ignored)\n"); 980 } 981 break; 982 case 5: /* ERASE */ 983 if (s->eeprom_writable) { 984 s->eeprom[addr] = 0xff; 985 DPRINTF("EEPROM Erase %d\n", addr); 986 } else { 987 DPRINTF("EEPROM Erase %d (ignored)\n", addr); 988 } 989 break; 990 case 6: /* ERAL */ 991 if (s->eeprom_writable) { 992 memset(s->eeprom, 0xff, 128); 993 DPRINTF("EEPROM Erase All\n"); 994 } else { 995 DPRINTF("EEPROM Erase All (ignored)\n"); 996 } 997 break; 998 case 7: /* RELOAD */ 999 lan9118_reload_eeprom(s); 1000 break; 1001 } 1002 } 1003 1004 static void lan9118_tick(void *opaque) 1005 { 1006 lan9118_state *s = (lan9118_state *)opaque; 1007 if (s->int_en & GPT_INT) { 1008 s->int_sts |= GPT_INT; 1009 } 1010 lan9118_update(s); 1011 } 1012 1013 static void lan9118_writel(void *opaque, hwaddr offset, 1014 uint64_t val, unsigned size) 1015 { 1016 lan9118_state *s = (lan9118_state *)opaque; 1017 offset &= 0xff; 1018 1019 //DPRINTF("Write reg 0x%02x = 0x%08x\n", (int)offset, val); 1020 if (offset >= 0x20 && offset < 0x40) { 1021 /* TX FIFO */ 1022 tx_fifo_push(s, val); 1023 return; 1024 } 1025 switch (offset) { 1026 case CSR_IRQ_CFG: 1027 /* TODO: Implement interrupt deassertion intervals. */ 1028 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); 1029 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; 1030 break; 1031 case CSR_INT_STS: 1032 s->int_sts &= ~val; 1033 break; 1034 case CSR_INT_EN: 1035 s->int_en = val & ~RESERVED_INT; 1036 s->int_sts |= val & SW_INT; 1037 break; 1038 case CSR_FIFO_INT: 1039 DPRINTF("FIFO INT levels %08x\n", val); 1040 s->fifo_int = val; 1041 break; 1042 case CSR_RX_CFG: 1043 if (val & 0x8000) { 1044 /* RX_DUMP */ 1045 s->rx_fifo_used = 0; 1046 s->rx_status_fifo_used = 0; 1047 s->rx_packet_size_tail = s->rx_packet_size_head; 1048 s->rx_packet_size[s->rx_packet_size_head] = 0; 1049 } 1050 s->rx_cfg = val & 0xcfff1ff0; 1051 break; 1052 case CSR_TX_CFG: 1053 if (val & 0x8000) { 1054 s->tx_status_fifo_used = 0; 1055 } 1056 if (val & 0x4000) { 1057 s->txp->state = TX_IDLE; 1058 s->txp->fifo_used = 0; 1059 s->txp->cmd_a = 0xffffffff; 1060 } 1061 s->tx_cfg = val & 6; 1062 break; 1063 case CSR_HW_CFG: 1064 if (val & 1) { 1065 /* SRST */ 1066 lan9118_reset(DEVICE(s)); 1067 } else { 1068 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4); 1069 } 1070 break; 1071 case CSR_RX_DP_CTRL: 1072 if (val & 0x80000000) { 1073 /* Skip forward to next packet. */ 1074 s->rxp_pad = 0; 1075 s->rxp_offset = 0; 1076 if (s->rxp_size == 0) { 1077 /* Pop a word to start the next packet. */ 1078 rx_fifo_pop(s); 1079 s->rxp_pad = 0; 1080 s->rxp_offset = 0; 1081 } 1082 s->rx_fifo_head += s->rxp_size; 1083 if (s->rx_fifo_head >= s->rx_fifo_size) { 1084 s->rx_fifo_head -= s->rx_fifo_size; 1085 } 1086 } 1087 break; 1088 case CSR_PMT_CTRL: 1089 if (val & 0x400) { 1090 phy_reset(s); 1091 } 1092 s->pmt_ctrl &= ~0x34e; 1093 s->pmt_ctrl |= (val & 0x34e); 1094 break; 1095 case CSR_GPIO_CFG: 1096 /* Probably just enabling LEDs. */ 1097 s->gpio_cfg = val & 0x7777071f; 1098 break; 1099 case CSR_GPT_CFG: 1100 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) { 1101 if (val & GPT_TIMER_EN) { 1102 ptimer_set_count(s->timer, val & 0xffff); 1103 ptimer_run(s->timer, 0); 1104 } else { 1105 ptimer_stop(s->timer); 1106 ptimer_set_count(s->timer, 0xffff); 1107 } 1108 } 1109 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff); 1110 break; 1111 case CSR_WORD_SWAP: 1112 /* Ignored because we're in 32-bit mode. */ 1113 s->word_swap = val; 1114 break; 1115 case CSR_MAC_CSR_CMD: 1116 s->mac_cmd = val & 0x4000000f; 1117 if (val & 0x80000000) { 1118 if (val & 0x40000000) { 1119 s->mac_data = do_mac_read(s, val & 0xf); 1120 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data); 1121 } else { 1122 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data); 1123 do_mac_write(s, val & 0xf, s->mac_data); 1124 } 1125 } 1126 break; 1127 case CSR_MAC_CSR_DATA: 1128 s->mac_data = val; 1129 break; 1130 case CSR_AFC_CFG: 1131 s->afc_cfg = val & 0x00ffffff; 1132 break; 1133 case CSR_E2P_CMD: 1134 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f); 1135 break; 1136 case CSR_E2P_DATA: 1137 s->e2p_data = val & 0xff; 1138 break; 1139 1140 default: 1141 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n", 1142 (int)offset, (int)val); 1143 break; 1144 } 1145 lan9118_update(s); 1146 } 1147 1148 static void lan9118_writew(void *opaque, hwaddr offset, 1149 uint32_t val) 1150 { 1151 lan9118_state *s = (lan9118_state *)opaque; 1152 offset &= 0xff; 1153 1154 if (s->write_word_prev_offset != (offset & ~0x3)) { 1155 /* New offset, reset word counter */ 1156 s->write_word_n = 0; 1157 s->write_word_prev_offset = offset & ~0x3; 1158 } 1159 1160 if (offset & 0x2) { 1161 s->write_word_h = val; 1162 } else { 1163 s->write_word_l = val; 1164 } 1165 1166 //DPRINTF("Writew reg 0x%02x = 0x%08x\n", (int)offset, val); 1167 s->write_word_n++; 1168 if (s->write_word_n == 2) { 1169 s->write_word_n = 0; 1170 lan9118_writel(s, offset & ~3, s->write_word_l + 1171 (s->write_word_h << 16), 4); 1172 } 1173 } 1174 1175 static void lan9118_16bit_mode_write(void *opaque, hwaddr offset, 1176 uint64_t val, unsigned size) 1177 { 1178 switch (size) { 1179 case 2: 1180 lan9118_writew(opaque, offset, (uint32_t)val); 1181 return; 1182 case 4: 1183 lan9118_writel(opaque, offset, val, size); 1184 return; 1185 } 1186 1187 hw_error("lan9118_write: Bad size 0x%x\n", size); 1188 } 1189 1190 static uint64_t lan9118_readl(void *opaque, hwaddr offset, 1191 unsigned size) 1192 { 1193 lan9118_state *s = (lan9118_state *)opaque; 1194 1195 //DPRINTF("Read reg 0x%02x\n", (int)offset); 1196 if (offset < 0x20) { 1197 /* RX FIFO */ 1198 return rx_fifo_pop(s); 1199 } 1200 switch (offset) { 1201 case 0x40: 1202 return rx_status_fifo_pop(s); 1203 case 0x44: 1204 return s->rx_status_fifo[s->tx_status_fifo_head]; 1205 case 0x48: 1206 return tx_status_fifo_pop(s); 1207 case 0x4c: 1208 return s->tx_status_fifo[s->tx_status_fifo_head]; 1209 case CSR_ID_REV: 1210 return 0x01180001; 1211 case CSR_IRQ_CFG: 1212 return s->irq_cfg; 1213 case CSR_INT_STS: 1214 return s->int_sts; 1215 case CSR_INT_EN: 1216 return s->int_en; 1217 case CSR_BYTE_TEST: 1218 return 0x87654321; 1219 case CSR_FIFO_INT: 1220 return s->fifo_int; 1221 case CSR_RX_CFG: 1222 return s->rx_cfg; 1223 case CSR_TX_CFG: 1224 return s->tx_cfg; 1225 case CSR_HW_CFG: 1226 return s->hw_cfg; 1227 case CSR_RX_DP_CTRL: 1228 return 0; 1229 case CSR_RX_FIFO_INF: 1230 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2); 1231 case CSR_TX_FIFO_INF: 1232 return (s->tx_status_fifo_used << 16) 1233 | (s->tx_fifo_size - s->txp->fifo_used); 1234 case CSR_PMT_CTRL: 1235 return s->pmt_ctrl; 1236 case CSR_GPIO_CFG: 1237 return s->gpio_cfg; 1238 case CSR_GPT_CFG: 1239 return s->gpt_cfg; 1240 case CSR_GPT_CNT: 1241 return ptimer_get_count(s->timer); 1242 case CSR_WORD_SWAP: 1243 return s->word_swap; 1244 case CSR_FREE_RUN: 1245 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start; 1246 case CSR_RX_DROP: 1247 /* TODO: Implement dropped frames counter. */ 1248 return 0; 1249 case CSR_MAC_CSR_CMD: 1250 return s->mac_cmd; 1251 case CSR_MAC_CSR_DATA: 1252 return s->mac_data; 1253 case CSR_AFC_CFG: 1254 return s->afc_cfg; 1255 case CSR_E2P_CMD: 1256 return s->e2p_cmd; 1257 case CSR_E2P_DATA: 1258 return s->e2p_data; 1259 } 1260 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset); 1261 return 0; 1262 } 1263 1264 static uint32_t lan9118_readw(void *opaque, hwaddr offset) 1265 { 1266 lan9118_state *s = (lan9118_state *)opaque; 1267 uint32_t val; 1268 1269 if (s->read_word_prev_offset != (offset & ~0x3)) { 1270 /* New offset, reset word counter */ 1271 s->read_word_n = 0; 1272 s->read_word_prev_offset = offset & ~0x3; 1273 } 1274 1275 s->read_word_n++; 1276 if (s->read_word_n == 1) { 1277 s->read_long = lan9118_readl(s, offset & ~3, 4); 1278 } else { 1279 s->read_word_n = 0; 1280 } 1281 1282 if (offset & 2) { 1283 val = s->read_long >> 16; 1284 } else { 1285 val = s->read_long & 0xFFFF; 1286 } 1287 1288 //DPRINTF("Readw reg 0x%02x, val 0x%x\n", (int)offset, val); 1289 return val; 1290 } 1291 1292 static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset, 1293 unsigned size) 1294 { 1295 switch (size) { 1296 case 2: 1297 return lan9118_readw(opaque, offset); 1298 case 4: 1299 return lan9118_readl(opaque, offset, size); 1300 } 1301 1302 hw_error("lan9118_read: Bad size 0x%x\n", size); 1303 return 0; 1304 } 1305 1306 static const MemoryRegionOps lan9118_mem_ops = { 1307 .read = lan9118_readl, 1308 .write = lan9118_writel, 1309 .endianness = DEVICE_NATIVE_ENDIAN, 1310 }; 1311 1312 static const MemoryRegionOps lan9118_16bit_mem_ops = { 1313 .read = lan9118_16bit_mode_read, 1314 .write = lan9118_16bit_mode_write, 1315 .endianness = DEVICE_NATIVE_ENDIAN, 1316 }; 1317 1318 static NetClientInfo net_lan9118_info = { 1319 .type = NET_CLIENT_DRIVER_NIC, 1320 .size = sizeof(NICState), 1321 .receive = lan9118_receive, 1322 .link_status_changed = lan9118_set_link, 1323 }; 1324 1325 static void lan9118_realize(DeviceState *dev, Error **errp) 1326 { 1327 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1328 lan9118_state *s = LAN9118(dev); 1329 QEMUBH *bh; 1330 int i; 1331 const MemoryRegionOps *mem_ops = 1332 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops; 1333 1334 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s, 1335 "lan9118-mmio", 0x100); 1336 sysbus_init_mmio(sbd, &s->mmio); 1337 sysbus_init_irq(sbd, &s->irq); 1338 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1339 1340 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf, 1341 object_get_typename(OBJECT(dev)), dev->id, s); 1342 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1343 s->eeprom[0] = 0xa5; 1344 for (i = 0; i < 6; i++) { 1345 s->eeprom[i + 1] = s->conf.macaddr.a[i]; 1346 } 1347 s->pmt_ctrl = 1; 1348 s->txp = &s->tx_packet; 1349 1350 bh = qemu_bh_new(lan9118_tick, s); 1351 s->timer = ptimer_init(bh, PTIMER_POLICY_DEFAULT); 1352 ptimer_set_freq(s->timer, 10000); 1353 ptimer_set_limit(s->timer, 0xffff, 1); 1354 } 1355 1356 static Property lan9118_properties[] = { 1357 DEFINE_NIC_PROPERTIES(lan9118_state, conf), 1358 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0), 1359 DEFINE_PROP_END_OF_LIST(), 1360 }; 1361 1362 static void lan9118_class_init(ObjectClass *klass, void *data) 1363 { 1364 DeviceClass *dc = DEVICE_CLASS(klass); 1365 1366 dc->reset = lan9118_reset; 1367 dc->props = lan9118_properties; 1368 dc->vmsd = &vmstate_lan9118; 1369 dc->realize = lan9118_realize; 1370 } 1371 1372 static const TypeInfo lan9118_info = { 1373 .name = TYPE_LAN9118, 1374 .parent = TYPE_SYS_BUS_DEVICE, 1375 .instance_size = sizeof(lan9118_state), 1376 .class_init = lan9118_class_init, 1377 }; 1378 1379 static void lan9118_register_types(void) 1380 { 1381 type_register_static(&lan9118_info); 1382 } 1383 1384 /* Legacy helper function. Should go away when machine config files are 1385 implemented. */ 1386 void lan9118_init(NICInfo *nd, uint32_t base, qemu_irq irq) 1387 { 1388 DeviceState *dev; 1389 SysBusDevice *s; 1390 1391 qemu_check_nic_model(nd, "lan9118"); 1392 dev = qdev_create(NULL, TYPE_LAN9118); 1393 qdev_set_nic_properties(dev, nd); 1394 qdev_init_nofail(dev); 1395 s = SYS_BUS_DEVICE(dev); 1396 sysbus_mmio_map(s, 0, base); 1397 sysbus_connect_irq(s, 0, irq); 1398 } 1399 1400 type_init(lan9118_register_types) 1401