1 /* 2 * SMSC LAN9118 Ethernet interface emulation 3 * 4 * Copyright (c) 2009 CodeSourcery, LLC. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GNU GPL v2 8 * 9 * Contributions after 2012-01-13 are licensed under the terms of the 10 * GNU GPL, version 2 or (at your option) any later version. 11 */ 12 13 #include "qemu/osdep.h" 14 #include "hw/sysbus.h" 15 #include "migration/vmstate.h" 16 #include "net/net.h" 17 #include "net/eth.h" 18 #include "hw/irq.h" 19 #include "hw/net/lan9118_phy.h" 20 #include "hw/net/lan9118.h" 21 #include "hw/ptimer.h" 22 #include "hw/qdev-properties.h" 23 #include "qapi/error.h" 24 #include "qemu/log.h" 25 #include "qemu/module.h" 26 #include <zlib.h> /* for crc32 */ 27 #include "qom/object.h" 28 29 //#define DEBUG_LAN9118 30 31 #ifdef DEBUG_LAN9118 32 #define DPRINTF(fmt, ...) \ 33 do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0) 34 #else 35 #define DPRINTF(fmt, ...) do {} while(0) 36 #endif 37 38 /* The tx and rx fifo ports are a range of aliased 32-bit registers */ 39 #define RX_DATA_FIFO_PORT_FIRST 0x00 40 #define RX_DATA_FIFO_PORT_LAST 0x1f 41 #define TX_DATA_FIFO_PORT_FIRST 0x20 42 #define TX_DATA_FIFO_PORT_LAST 0x3f 43 44 #define RX_STATUS_FIFO_PORT 0x40 45 #define RX_STATUS_FIFO_PEEK 0x44 46 #define TX_STATUS_FIFO_PORT 0x48 47 #define TX_STATUS_FIFO_PEEK 0x4c 48 49 #define CSR_ID_REV 0x50 50 #define CSR_IRQ_CFG 0x54 51 #define CSR_INT_STS 0x58 52 #define CSR_INT_EN 0x5c 53 #define CSR_BYTE_TEST 0x64 54 #define CSR_FIFO_INT 0x68 55 #define CSR_RX_CFG 0x6c 56 #define CSR_TX_CFG 0x70 57 #define CSR_HW_CFG 0x74 58 #define CSR_RX_DP_CTRL 0x78 59 #define CSR_RX_FIFO_INF 0x7c 60 #define CSR_TX_FIFO_INF 0x80 61 #define CSR_PMT_CTRL 0x84 62 #define CSR_GPIO_CFG 0x88 63 #define CSR_GPT_CFG 0x8c 64 #define CSR_GPT_CNT 0x90 65 #define CSR_WORD_SWAP 0x98 66 #define CSR_FREE_RUN 0x9c 67 #define CSR_RX_DROP 0xa0 68 #define CSR_MAC_CSR_CMD 0xa4 69 #define CSR_MAC_CSR_DATA 0xa8 70 #define CSR_AFC_CFG 0xac 71 #define CSR_E2P_CMD 0xb0 72 #define CSR_E2P_DATA 0xb4 73 74 #define E2P_CMD_MAC_ADDR_LOADED 0x100 75 76 /* IRQ_CFG */ 77 #define IRQ_INT 0x00001000 78 #define IRQ_EN 0x00000100 79 #define IRQ_POL 0x00000010 80 #define IRQ_TYPE 0x00000001 81 82 /* INT_STS/INT_EN */ 83 #define SW_INT 0x80000000 84 #define TXSTOP_INT 0x02000000 85 #define RXSTOP_INT 0x01000000 86 #define RXDFH_INT 0x00800000 87 #define TX_IOC_INT 0x00200000 88 #define RXD_INT 0x00100000 89 #define GPT_INT 0x00080000 90 #define PHY_INT 0x00040000 91 #define PME_INT 0x00020000 92 #define TXSO_INT 0x00010000 93 #define RWT_INT 0x00008000 94 #define RXE_INT 0x00004000 95 #define TXE_INT 0x00002000 96 #define TDFU_INT 0x00000800 97 #define TDFO_INT 0x00000400 98 #define TDFA_INT 0x00000200 99 #define TSFF_INT 0x00000100 100 #define TSFL_INT 0x00000080 101 #define RXDF_INT 0x00000040 102 #define RDFL_INT 0x00000020 103 #define RSFF_INT 0x00000010 104 #define RSFL_INT 0x00000008 105 #define GPIO2_INT 0x00000004 106 #define GPIO1_INT 0x00000002 107 #define GPIO0_INT 0x00000001 108 #define RESERVED_INT 0x7c001000 109 110 #define MAC_CR 1 111 #define MAC_ADDRH 2 112 #define MAC_ADDRL 3 113 #define MAC_HASHH 4 114 #define MAC_HASHL 5 115 #define MAC_MII_ACC 6 116 #define MAC_MII_DATA 7 117 #define MAC_FLOW 8 118 #define MAC_VLAN1 9 /* TODO */ 119 #define MAC_VLAN2 10 /* TODO */ 120 #define MAC_WUFF 11 /* TODO */ 121 #define MAC_WUCSR 12 /* TODO */ 122 123 #define MAC_CR_RXALL 0x80000000 124 #define MAC_CR_RCVOWN 0x00800000 125 #define MAC_CR_LOOPBK 0x00200000 126 #define MAC_CR_FDPX 0x00100000 127 #define MAC_CR_MCPAS 0x00080000 128 #define MAC_CR_PRMS 0x00040000 129 #define MAC_CR_INVFILT 0x00020000 130 #define MAC_CR_PASSBAD 0x00010000 131 #define MAC_CR_HO 0x00008000 132 #define MAC_CR_HPFILT 0x00002000 133 #define MAC_CR_LCOLL 0x00001000 134 #define MAC_CR_BCAST 0x00000800 135 #define MAC_CR_DISRTY 0x00000400 136 #define MAC_CR_PADSTR 0x00000100 137 #define MAC_CR_BOLMT 0x000000c0 138 #define MAC_CR_DFCHK 0x00000020 139 #define MAC_CR_TXEN 0x00000008 140 #define MAC_CR_RXEN 0x00000004 141 #define MAC_CR_RESERVED 0x7f404213 142 143 #define GPT_TIMER_EN 0x20000000 144 145 /* 146 * The MAC Interface Layer (MIL), within the MAC, contains a 2K Byte transmit 147 * and a 128 Byte receive FIFO which is separate from the TX and RX FIFOs. 148 */ 149 #define MIL_TXFIFO_SIZE 2048 150 151 enum tx_state { 152 TX_IDLE, 153 TX_B, 154 TX_DATA 155 }; 156 157 typedef struct { 158 /* state is a tx_state but we can't put enums in VMStateDescriptions. */ 159 uint32_t state; 160 uint32_t cmd_a; 161 uint32_t cmd_b; 162 int32_t buffer_size; 163 int32_t offset; 164 int32_t pad; 165 int32_t fifo_used; 166 int32_t len; 167 uint8_t data[MIL_TXFIFO_SIZE]; 168 } LAN9118Packet; 169 170 static const VMStateDescription vmstate_lan9118_packet = { 171 .name = "lan9118_packet", 172 .version_id = 1, 173 .minimum_version_id = 1, 174 .fields = (const VMStateField[]) { 175 VMSTATE_UINT32(state, LAN9118Packet), 176 VMSTATE_UINT32(cmd_a, LAN9118Packet), 177 VMSTATE_UINT32(cmd_b, LAN9118Packet), 178 VMSTATE_INT32(buffer_size, LAN9118Packet), 179 VMSTATE_INT32(offset, LAN9118Packet), 180 VMSTATE_INT32(pad, LAN9118Packet), 181 VMSTATE_INT32(fifo_used, LAN9118Packet), 182 VMSTATE_INT32(len, LAN9118Packet), 183 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, MIL_TXFIFO_SIZE), 184 VMSTATE_END_OF_LIST() 185 } 186 }; 187 188 OBJECT_DECLARE_SIMPLE_TYPE(lan9118_state, LAN9118) 189 190 struct lan9118_state { 191 SysBusDevice parent_obj; 192 193 NICState *nic; 194 NICConf conf; 195 qemu_irq irq; 196 MemoryRegion mmio; 197 ptimer_state *timer; 198 199 uint32_t irq_cfg; 200 uint32_t int_sts; 201 uint32_t int_en; 202 uint32_t fifo_int; 203 uint32_t rx_cfg; 204 uint32_t tx_cfg; 205 uint32_t hw_cfg; 206 uint32_t pmt_ctrl; 207 uint32_t gpio_cfg; 208 uint32_t gpt_cfg; 209 uint32_t word_swap; 210 uint32_t free_timer_start; 211 uint32_t mac_cmd; 212 uint32_t mac_data; 213 uint32_t afc_cfg; 214 uint32_t e2p_cmd; 215 uint32_t e2p_data; 216 217 uint32_t mac_cr; 218 uint32_t mac_hashh; 219 uint32_t mac_hashl; 220 uint32_t mac_mii_acc; 221 uint32_t mac_mii_data; 222 uint32_t mac_flow; 223 224 Lan9118PhyState mii; 225 IRQState mii_irq; 226 227 int32_t eeprom_writable; 228 uint8_t eeprom[128]; 229 230 int32_t tx_fifo_size; 231 LAN9118Packet *txp; 232 LAN9118Packet tx_packet; 233 234 int32_t tx_status_fifo_used; 235 int32_t tx_status_fifo_head; 236 uint32_t tx_status_fifo[512]; 237 238 int32_t rx_status_fifo_size; 239 int32_t rx_status_fifo_used; 240 int32_t rx_status_fifo_head; 241 uint32_t rx_status_fifo[896]; 242 int32_t rx_fifo_size; 243 int32_t rx_fifo_used; 244 int32_t rx_fifo_head; 245 uint32_t rx_fifo[3360]; 246 int32_t rx_packet_size_head; 247 int32_t rx_packet_size_tail; 248 int32_t rx_packet_size[1024]; 249 250 int32_t rxp_offset; 251 int32_t rxp_size; 252 int32_t rxp_pad; 253 254 uint32_t write_word_prev_offset; 255 uint32_t write_word_n; 256 uint16_t write_word_l; 257 uint16_t write_word_h; 258 uint32_t read_word_prev_offset; 259 uint32_t read_word_n; 260 uint32_t read_long; 261 262 uint32_t mode_16bit; 263 }; 264 265 static const VMStateDescription vmstate_lan9118 = { 266 .name = "lan9118", 267 .version_id = 3, 268 .minimum_version_id = 3, 269 .fields = (const VMStateField[]) { 270 VMSTATE_PTIMER(timer, lan9118_state), 271 VMSTATE_UINT32(irq_cfg, lan9118_state), 272 VMSTATE_UINT32(int_sts, lan9118_state), 273 VMSTATE_UINT32(int_en, lan9118_state), 274 VMSTATE_UINT32(fifo_int, lan9118_state), 275 VMSTATE_UINT32(rx_cfg, lan9118_state), 276 VMSTATE_UINT32(tx_cfg, lan9118_state), 277 VMSTATE_UINT32(hw_cfg, lan9118_state), 278 VMSTATE_UINT32(pmt_ctrl, lan9118_state), 279 VMSTATE_UINT32(gpio_cfg, lan9118_state), 280 VMSTATE_UINT32(gpt_cfg, lan9118_state), 281 VMSTATE_UINT32(word_swap, lan9118_state), 282 VMSTATE_UINT32(free_timer_start, lan9118_state), 283 VMSTATE_UINT32(mac_cmd, lan9118_state), 284 VMSTATE_UINT32(mac_data, lan9118_state), 285 VMSTATE_UINT32(afc_cfg, lan9118_state), 286 VMSTATE_UINT32(e2p_cmd, lan9118_state), 287 VMSTATE_UINT32(e2p_data, lan9118_state), 288 VMSTATE_UINT32(mac_cr, lan9118_state), 289 VMSTATE_UINT32(mac_hashh, lan9118_state), 290 VMSTATE_UINT32(mac_hashl, lan9118_state), 291 VMSTATE_UINT32(mac_mii_acc, lan9118_state), 292 VMSTATE_UINT32(mac_mii_data, lan9118_state), 293 VMSTATE_UINT32(mac_flow, lan9118_state), 294 VMSTATE_INT32(eeprom_writable, lan9118_state), 295 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128), 296 VMSTATE_INT32(tx_fifo_size, lan9118_state), 297 /* txp always points at tx_packet so need not be saved */ 298 VMSTATE_STRUCT(tx_packet, lan9118_state, 0, 299 vmstate_lan9118_packet, LAN9118Packet), 300 VMSTATE_INT32(tx_status_fifo_used, lan9118_state), 301 VMSTATE_INT32(tx_status_fifo_head, lan9118_state), 302 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512), 303 VMSTATE_INT32(rx_status_fifo_size, lan9118_state), 304 VMSTATE_INT32(rx_status_fifo_used, lan9118_state), 305 VMSTATE_INT32(rx_status_fifo_head, lan9118_state), 306 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896), 307 VMSTATE_INT32(rx_fifo_size, lan9118_state), 308 VMSTATE_INT32(rx_fifo_used, lan9118_state), 309 VMSTATE_INT32(rx_fifo_head, lan9118_state), 310 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360), 311 VMSTATE_INT32(rx_packet_size_head, lan9118_state), 312 VMSTATE_INT32(rx_packet_size_tail, lan9118_state), 313 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024), 314 VMSTATE_INT32(rxp_offset, lan9118_state), 315 VMSTATE_INT32(rxp_size, lan9118_state), 316 VMSTATE_INT32(rxp_pad, lan9118_state), 317 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2), 318 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2), 319 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2), 320 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2), 321 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2), 322 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2), 323 VMSTATE_UINT32_V(read_long, lan9118_state, 2), 324 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2), 325 VMSTATE_END_OF_LIST() 326 } 327 }; 328 329 static void lan9118_update(lan9118_state *s) 330 { 331 int level; 332 333 /* TODO: Implement FIFO level IRQs. */ 334 level = (s->int_sts & s->int_en) != 0; 335 if (level) { 336 s->irq_cfg |= IRQ_INT; 337 } else { 338 s->irq_cfg &= ~IRQ_INT; 339 } 340 if ((s->irq_cfg & IRQ_EN) == 0) { 341 level = 0; 342 } 343 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { 344 /* Interrupt is active low unless we're configured as 345 * active-high polarity, push-pull type. 346 */ 347 level = !level; 348 } 349 qemu_set_irq(s->irq, level); 350 } 351 352 static void lan9118_mac_changed(lan9118_state *s) 353 { 354 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 355 } 356 357 static void lan9118_reload_eeprom(lan9118_state *s) 358 { 359 int i; 360 if (s->eeprom[0] != 0xa5) { 361 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED; 362 DPRINTF("MACADDR load failed\n"); 363 return; 364 } 365 for (i = 0; i < 6; i++) { 366 s->conf.macaddr.a[i] = s->eeprom[i + 1]; 367 } 368 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED; 369 DPRINTF("MACADDR loaded from eeprom\n"); 370 lan9118_mac_changed(s); 371 } 372 373 static void lan9118_update_irq(void *opaque, int n, int level) 374 { 375 lan9118_state *s = opaque; 376 377 if (level) { 378 s->int_sts |= PHY_INT; 379 } else { 380 s->int_sts &= ~PHY_INT; 381 } 382 lan9118_update(s); 383 } 384 385 static void lan9118_set_link(NetClientState *nc) 386 { 387 lan9118_phy_update_link(&LAN9118(qemu_get_nic_opaque(nc))->mii, 388 nc->link_down); 389 } 390 391 static void lan9118_reset(DeviceState *d) 392 { 393 lan9118_state *s = LAN9118(d); 394 395 s->irq_cfg &= (IRQ_TYPE | IRQ_POL); 396 s->int_sts = 0; 397 s->int_en = 0; 398 s->fifo_int = 0x48000000; 399 s->rx_cfg = 0; 400 s->tx_cfg = 0; 401 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004; 402 s->pmt_ctrl &= 0x45; 403 s->gpio_cfg = 0; 404 s->txp->fifo_used = 0; 405 s->txp->state = TX_IDLE; 406 s->txp->cmd_a = 0xffffffffu; 407 s->txp->cmd_b = 0xffffffffu; 408 s->txp->len = 0; 409 s->txp->fifo_used = 0; 410 s->tx_fifo_size = 4608; 411 s->tx_status_fifo_used = 0; 412 s->rx_status_fifo_size = 704; 413 s->rx_fifo_size = 2640; 414 s->rx_fifo_used = 0; 415 s->rx_status_fifo_size = 176; 416 s->rx_status_fifo_used = 0; 417 s->rxp_offset = 0; 418 s->rxp_size = 0; 419 s->rxp_pad = 0; 420 s->rx_packet_size_tail = s->rx_packet_size_head; 421 s->rx_packet_size[s->rx_packet_size_head] = 0; 422 s->mac_cmd = 0; 423 s->mac_data = 0; 424 s->afc_cfg = 0; 425 s->e2p_cmd = 0; 426 s->e2p_data = 0; 427 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40; 428 429 ptimer_transaction_begin(s->timer); 430 ptimer_stop(s->timer); 431 ptimer_set_count(s->timer, 0xffff); 432 ptimer_transaction_commit(s->timer); 433 s->gpt_cfg = 0xffff; 434 435 s->mac_cr = MAC_CR_PRMS; 436 s->mac_hashh = 0; 437 s->mac_hashl = 0; 438 s->mac_mii_acc = 0; 439 s->mac_mii_data = 0; 440 s->mac_flow = 0; 441 442 s->read_word_n = 0; 443 s->write_word_n = 0; 444 445 s->eeprom_writable = 0; 446 lan9118_reload_eeprom(s); 447 } 448 449 static void rx_fifo_push(lan9118_state *s, uint32_t val) 450 { 451 int fifo_pos; 452 fifo_pos = s->rx_fifo_head + s->rx_fifo_used; 453 if (fifo_pos >= s->rx_fifo_size) 454 fifo_pos -= s->rx_fifo_size; 455 s->rx_fifo[fifo_pos] = val; 456 s->rx_fifo_used++; 457 } 458 459 /* Return nonzero if the packet is accepted by the filter. */ 460 static int lan9118_filter(lan9118_state *s, const uint8_t *addr) 461 { 462 int multicast; 463 uint32_t hash; 464 465 if (s->mac_cr & MAC_CR_PRMS) { 466 return 1; 467 } 468 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff && 469 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) { 470 return (s->mac_cr & MAC_CR_BCAST) == 0; 471 } 472 473 multicast = addr[0] & 1; 474 if (multicast &&s->mac_cr & MAC_CR_MCPAS) { 475 return 1; 476 } 477 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0 478 : (s->mac_cr & MAC_CR_HO) == 0) { 479 /* Exact matching. */ 480 hash = memcmp(addr, s->conf.macaddr.a, 6); 481 if (s->mac_cr & MAC_CR_INVFILT) { 482 return hash != 0; 483 } else { 484 return hash == 0; 485 } 486 } else { 487 /* Hash matching */ 488 hash = net_crc32(addr, ETH_ALEN) >> 26; 489 if (hash & 0x20) { 490 return (s->mac_hashh >> (hash & 0x1f)) & 1; 491 } else { 492 return (s->mac_hashl >> (hash & 0x1f)) & 1; 493 } 494 } 495 } 496 497 static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf, 498 size_t size) 499 { 500 lan9118_state *s = qemu_get_nic_opaque(nc); 501 int fifo_len; 502 int offset; 503 int src_pos; 504 int n; 505 int filter; 506 uint32_t val; 507 uint32_t crc; 508 uint32_t status; 509 510 if ((s->mac_cr & MAC_CR_RXEN) == 0) { 511 return -1; 512 } 513 514 if (size >= MIL_TXFIFO_SIZE || size < 14) { 515 return -1; 516 } 517 518 /* TODO: Implement FIFO overflow notification. */ 519 if (s->rx_status_fifo_used == s->rx_status_fifo_size) { 520 return -1; 521 } 522 523 filter = lan9118_filter(s, buf); 524 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) { 525 return size; 526 } 527 528 offset = (s->rx_cfg >> 8) & 0x1f; 529 n = offset & 3; 530 fifo_len = (size + n + 3) >> 2; 531 /* Add a word for the CRC. */ 532 fifo_len++; 533 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) { 534 return -1; 535 } 536 537 DPRINTF("Got packet len:%d fifo:%d filter:%s\n", 538 (int)size, fifo_len, filter ? "pass" : "fail"); 539 val = 0; 540 crc = bswap32(crc32(~0, buf, size)); 541 for (src_pos = 0; src_pos < size; src_pos++) { 542 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24); 543 n++; 544 if (n == 4) { 545 n = 0; 546 rx_fifo_push(s, val); 547 val = 0; 548 } 549 } 550 if (n) { 551 val >>= ((4 - n) * 8); 552 val |= crc << (n * 8); 553 rx_fifo_push(s, val); 554 val = crc >> ((4 - n) * 8); 555 rx_fifo_push(s, val); 556 } else { 557 rx_fifo_push(s, crc); 558 } 559 n = s->rx_status_fifo_head + s->rx_status_fifo_used; 560 if (n >= s->rx_status_fifo_size) { 561 n -= s->rx_status_fifo_size; 562 } 563 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len; 564 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023; 565 s->rx_status_fifo_used++; 566 567 status = (size + 4) << 16; 568 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff && 569 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) { 570 status |= 0x00002000; 571 } else if (buf[0] & 1) { 572 status |= 0x00000400; 573 } 574 if (!filter) { 575 status |= 0x40000000; 576 } 577 s->rx_status_fifo[n] = status; 578 579 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) { 580 s->int_sts |= RSFL_INT; 581 } 582 lan9118_update(s); 583 584 return size; 585 } 586 587 static uint32_t rx_fifo_pop(lan9118_state *s) 588 { 589 int n; 590 uint32_t val; 591 592 if (s->rxp_size == 0 && s->rxp_pad == 0) { 593 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head]; 594 s->rx_packet_size[s->rx_packet_size_head] = 0; 595 if (s->rxp_size != 0) { 596 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023; 597 s->rxp_offset = (s->rx_cfg >> 10) & 7; 598 n = s->rxp_offset + s->rxp_size; 599 switch (s->rx_cfg >> 30) { 600 case 1: 601 n = (-n) & 3; 602 break; 603 case 2: 604 n = (-n) & 7; 605 break; 606 default: 607 n = 0; 608 break; 609 } 610 s->rxp_pad = n; 611 DPRINTF("Pop packet size:%d offset:%d pad: %d\n", 612 s->rxp_size, s->rxp_offset, s->rxp_pad); 613 } 614 } 615 if (s->rxp_offset > 0) { 616 s->rxp_offset--; 617 val = 0; 618 } else if (s->rxp_size > 0) { 619 s->rxp_size--; 620 val = s->rx_fifo[s->rx_fifo_head++]; 621 if (s->rx_fifo_head >= s->rx_fifo_size) { 622 s->rx_fifo_head -= s->rx_fifo_size; 623 } 624 s->rx_fifo_used--; 625 } else if (s->rxp_pad > 0) { 626 s->rxp_pad--; 627 val = 0; 628 } else { 629 DPRINTF("RX underflow\n"); 630 s->int_sts |= RXE_INT; 631 val = 0; 632 } 633 lan9118_update(s); 634 return val; 635 } 636 637 static void do_tx_packet(lan9118_state *s) 638 { 639 int n; 640 uint32_t status; 641 642 /* FIXME: Honor TX disable, and allow queueing of packets. */ 643 if (s->mii.control & 0x4000) { 644 /* This assumes the receive routine doesn't touch the VLANClient. */ 645 qemu_receive_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 646 } else { 647 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 648 } 649 s->txp->fifo_used = 0; 650 651 if (s->tx_status_fifo_used == 512) { 652 /* Status FIFO full */ 653 return; 654 } 655 /* Add entry to status FIFO. */ 656 status = s->txp->cmd_b & 0xffff0000u; 657 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len); 658 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511; 659 s->tx_status_fifo[n] = status; 660 s->tx_status_fifo_used++; 661 662 /* 663 * Generate TSFL interrupt if TX FIFO level exceeds the level 664 * specified in the FIFO_INT TX Status Level field. 665 */ 666 if (s->tx_status_fifo_used > ((s->fifo_int >> 16) & 0xff)) { 667 s->int_sts |= TSFL_INT; 668 } 669 if (s->tx_status_fifo_used == 512) { 670 s->int_sts |= TSFF_INT; 671 /* TODO: Stop transmission. */ 672 } 673 } 674 675 static uint32_t rx_status_fifo_pop(lan9118_state *s) 676 { 677 uint32_t val; 678 679 val = s->rx_status_fifo[s->rx_status_fifo_head]; 680 if (s->rx_status_fifo_used != 0) { 681 s->rx_status_fifo_used--; 682 s->rx_status_fifo_head++; 683 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) { 684 s->rx_status_fifo_head -= s->rx_status_fifo_size; 685 } 686 /* ??? What value should be returned when the FIFO is empty? */ 687 DPRINTF("RX status pop 0x%08x\n", val); 688 } 689 return val; 690 } 691 692 static uint32_t tx_status_fifo_pop(lan9118_state *s) 693 { 694 uint32_t val; 695 696 val = s->tx_status_fifo[s->tx_status_fifo_head]; 697 if (s->tx_status_fifo_used != 0) { 698 s->tx_status_fifo_used--; 699 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511; 700 /* ??? What value should be returned when the FIFO is empty? */ 701 } 702 return val; 703 } 704 705 static void tx_fifo_push(lan9118_state *s, uint32_t val) 706 { 707 int n; 708 709 if (s->txp->fifo_used == s->tx_fifo_size) { 710 s->int_sts |= TDFO_INT; 711 return; 712 } 713 switch (s->txp->state) { 714 case TX_IDLE: 715 s->txp->cmd_a = val & 0x831f37ff; 716 s->txp->fifo_used++; 717 s->txp->state = TX_B; 718 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11); 719 s->txp->offset = extract32(s->txp->cmd_a, 16, 5); 720 break; 721 case TX_B: 722 if (s->txp->cmd_a & 0x2000) { 723 /* First segment */ 724 s->txp->cmd_b = val; 725 s->txp->fifo_used++; 726 /* End alignment does not include command words. */ 727 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2; 728 switch ((n >> 24) & 3) { 729 case 1: 730 n = (-n) & 3; 731 break; 732 case 2: 733 n = (-n) & 7; 734 break; 735 default: 736 n = 0; 737 } 738 s->txp->pad = n; 739 s->txp->len = 0; 740 } 741 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n", 742 s->txp->buffer_size, s->txp->offset, s->txp->pad, 743 s->txp->cmd_a); 744 s->txp->state = TX_DATA; 745 break; 746 case TX_DATA: 747 if (s->txp->offset >= 4) { 748 s->txp->offset -= 4; 749 break; 750 } 751 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) { 752 s->txp->pad--; 753 } else { 754 n = MIN(4, s->txp->buffer_size + s->txp->offset); 755 while (s->txp->offset) { 756 val >>= 8; 757 n--; 758 s->txp->offset--; 759 } 760 /* Documentation is somewhat unclear on the ordering of bytes 761 in FIFO words. Empirical results show it to be little-endian. 762 */ 763 while (n--) { 764 if (s->txp->len == MIL_TXFIFO_SIZE) { 765 /* 766 * No more space in the FIFO. The datasheet is not 767 * precise about this case. We choose what is easiest 768 * to model: the packet is truncated, and TXE is raised. 769 * 770 * Note, it could be a fragmented packet, but we currently 771 * do not handle that (see earlier TX_B case). 772 */ 773 qemu_log_mask(LOG_GUEST_ERROR, 774 "MIL TX FIFO overrun, discarding %u byte%s\n", 775 n, n > 1 ? "s" : ""); 776 s->int_sts |= TXE_INT; 777 break; 778 } 779 s->txp->data[s->txp->len] = val & 0xff; 780 s->txp->len++; 781 val >>= 8; 782 s->txp->buffer_size--; 783 } 784 s->txp->fifo_used++; 785 } 786 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) { 787 if (s->txp->cmd_a & 0x1000) { 788 do_tx_packet(s); 789 } 790 if (s->txp->cmd_a & 0x80000000) { 791 s->int_sts |= TX_IOC_INT; 792 } 793 s->txp->state = TX_IDLE; 794 } 795 break; 796 } 797 } 798 799 static void do_mac_write(lan9118_state *s, int reg, uint32_t val) 800 { 801 switch (reg) { 802 case MAC_CR: 803 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) { 804 s->int_sts |= RXSTOP_INT; 805 } 806 s->mac_cr = val & ~MAC_CR_RESERVED; 807 DPRINTF("MAC_CR: %08x\n", val); 808 break; 809 case MAC_ADDRH: 810 s->conf.macaddr.a[4] = val & 0xff; 811 s->conf.macaddr.a[5] = (val >> 8) & 0xff; 812 lan9118_mac_changed(s); 813 break; 814 case MAC_ADDRL: 815 s->conf.macaddr.a[0] = val & 0xff; 816 s->conf.macaddr.a[1] = (val >> 8) & 0xff; 817 s->conf.macaddr.a[2] = (val >> 16) & 0xff; 818 s->conf.macaddr.a[3] = (val >> 24) & 0xff; 819 lan9118_mac_changed(s); 820 break; 821 case MAC_HASHH: 822 s->mac_hashh = val; 823 break; 824 case MAC_HASHL: 825 s->mac_hashl = val; 826 break; 827 case MAC_MII_ACC: 828 s->mac_mii_acc = val & 0xffc2; 829 if (val & 2) { 830 DPRINTF("PHY write %d = 0x%04x\n", 831 (val >> 6) & 0x1f, s->mac_mii_data); 832 lan9118_phy_write(&s->mii, (val >> 6) & 0x1f, s->mac_mii_data); 833 } else { 834 s->mac_mii_data = lan9118_phy_read(&s->mii, (val >> 6) & 0x1f); 835 DPRINTF("PHY read %d = 0x%04x\n", 836 (val >> 6) & 0x1f, s->mac_mii_data); 837 } 838 break; 839 case MAC_MII_DATA: 840 s->mac_mii_data = val & 0xffff; 841 break; 842 case MAC_FLOW: 843 s->mac_flow = val & 0xffff0000; 844 break; 845 case MAC_VLAN1: 846 /* Writing to this register changes a condition for 847 * FrameTooLong bit in rx_status. Since we do not set 848 * FrameTooLong anyway, just ignore write to this. 849 */ 850 break; 851 default: 852 qemu_log_mask(LOG_GUEST_ERROR, 853 "lan9118: Unimplemented MAC register write: %d = 0x%x\n", 854 s->mac_cmd & 0xf, val); 855 } 856 } 857 858 static uint32_t do_mac_read(lan9118_state *s, int reg) 859 { 860 switch (reg) { 861 case MAC_CR: 862 return s->mac_cr; 863 case MAC_ADDRH: 864 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8); 865 case MAC_ADDRL: 866 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8) 867 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24); 868 case MAC_HASHH: 869 return s->mac_hashh; 870 case MAC_HASHL: 871 return s->mac_hashl; 872 case MAC_MII_ACC: 873 return s->mac_mii_acc; 874 case MAC_MII_DATA: 875 return s->mac_mii_data; 876 case MAC_FLOW: 877 return s->mac_flow; 878 default: 879 qemu_log_mask(LOG_GUEST_ERROR, 880 "lan9118: Unimplemented MAC register read: %d\n", 881 s->mac_cmd & 0xf); 882 return 0; 883 } 884 } 885 886 static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr) 887 { 888 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr; 889 switch (cmd) { 890 case 0: 891 s->e2p_data = s->eeprom[addr]; 892 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data); 893 break; 894 case 1: 895 s->eeprom_writable = 0; 896 DPRINTF("EEPROM Write Disable\n"); 897 break; 898 case 2: /* EWEN */ 899 s->eeprom_writable = 1; 900 DPRINTF("EEPROM Write Enable\n"); 901 break; 902 case 3: /* WRITE */ 903 if (s->eeprom_writable) { 904 s->eeprom[addr] &= s->e2p_data; 905 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data); 906 } else { 907 DPRINTF("EEPROM Write %d (ignored)\n", addr); 908 } 909 break; 910 case 4: /* WRAL */ 911 if (s->eeprom_writable) { 912 for (addr = 0; addr < 128; addr++) { 913 s->eeprom[addr] &= s->e2p_data; 914 } 915 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data); 916 } else { 917 DPRINTF("EEPROM Write All (ignored)\n"); 918 } 919 break; 920 case 5: /* ERASE */ 921 if (s->eeprom_writable) { 922 s->eeprom[addr] = 0xff; 923 DPRINTF("EEPROM Erase %d\n", addr); 924 } else { 925 DPRINTF("EEPROM Erase %d (ignored)\n", addr); 926 } 927 break; 928 case 6: /* ERAL */ 929 if (s->eeprom_writable) { 930 memset(s->eeprom, 0xff, 128); 931 DPRINTF("EEPROM Erase All\n"); 932 } else { 933 DPRINTF("EEPROM Erase All (ignored)\n"); 934 } 935 break; 936 case 7: /* RELOAD */ 937 lan9118_reload_eeprom(s); 938 break; 939 } 940 } 941 942 static void lan9118_tick(void *opaque) 943 { 944 lan9118_state *s = (lan9118_state *)opaque; 945 if (s->int_en & GPT_INT) { 946 s->int_sts |= GPT_INT; 947 } 948 lan9118_update(s); 949 } 950 951 static void lan9118_writel(void *opaque, hwaddr offset, 952 uint64_t val, unsigned size) 953 { 954 lan9118_state *s = (lan9118_state *)opaque; 955 offset &= 0xff; 956 957 //DPRINTF("Write reg 0x%02x = 0x%08x\n", (int)offset, val); 958 if (offset >= TX_DATA_FIFO_PORT_FIRST && 959 offset <= TX_DATA_FIFO_PORT_LAST) { 960 /* TX FIFO */ 961 tx_fifo_push(s, val); 962 return; 963 } 964 switch (offset) { 965 case CSR_IRQ_CFG: 966 /* TODO: Implement interrupt deassertion intervals. */ 967 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); 968 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; 969 break; 970 case CSR_INT_STS: 971 s->int_sts &= ~val; 972 break; 973 case CSR_INT_EN: 974 s->int_en = val & ~RESERVED_INT; 975 s->int_sts |= val & SW_INT; 976 break; 977 case CSR_FIFO_INT: 978 DPRINTF("FIFO INT levels %08x\n", val); 979 s->fifo_int = val; 980 break; 981 case CSR_RX_CFG: 982 if (val & 0x8000) { 983 /* RX_DUMP */ 984 s->rx_fifo_used = 0; 985 s->rx_status_fifo_used = 0; 986 s->rx_packet_size_tail = s->rx_packet_size_head; 987 s->rx_packet_size[s->rx_packet_size_head] = 0; 988 } 989 s->rx_cfg = val & 0xcfff1ff0; 990 break; 991 case CSR_TX_CFG: 992 if (val & 0x8000) { 993 s->tx_status_fifo_used = 0; 994 } 995 if (val & 0x4000) { 996 s->txp->state = TX_IDLE; 997 s->txp->fifo_used = 0; 998 s->txp->cmd_a = 0xffffffff; 999 } 1000 s->tx_cfg = val & 6; 1001 break; 1002 case CSR_HW_CFG: 1003 if (val & 1) { 1004 /* SRST */ 1005 lan9118_reset(DEVICE(s)); 1006 } else { 1007 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4); 1008 } 1009 break; 1010 case CSR_RX_DP_CTRL: 1011 if (val & 0x80000000) { 1012 /* Skip forward to next packet. */ 1013 s->rxp_pad = 0; 1014 s->rxp_offset = 0; 1015 if (s->rxp_size == 0) { 1016 /* Pop a word to start the next packet. */ 1017 rx_fifo_pop(s); 1018 s->rxp_pad = 0; 1019 s->rxp_offset = 0; 1020 } 1021 s->rx_fifo_head += s->rxp_size; 1022 if (s->rx_fifo_head >= s->rx_fifo_size) { 1023 s->rx_fifo_head -= s->rx_fifo_size; 1024 } 1025 } 1026 break; 1027 case CSR_PMT_CTRL: 1028 if (val & 0x400) { 1029 lan9118_phy_reset(&s->mii); 1030 } 1031 s->pmt_ctrl &= ~0x34e; 1032 s->pmt_ctrl |= (val & 0x34e); 1033 break; 1034 case CSR_GPIO_CFG: 1035 /* Probably just enabling LEDs. */ 1036 s->gpio_cfg = val & 0x7777071f; 1037 break; 1038 case CSR_GPT_CFG: 1039 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) { 1040 ptimer_transaction_begin(s->timer); 1041 if (val & GPT_TIMER_EN) { 1042 ptimer_set_count(s->timer, val & 0xffff); 1043 ptimer_run(s->timer, 0); 1044 } else { 1045 ptimer_stop(s->timer); 1046 ptimer_set_count(s->timer, 0xffff); 1047 } 1048 ptimer_transaction_commit(s->timer); 1049 } 1050 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff); 1051 break; 1052 case CSR_WORD_SWAP: 1053 /* Ignored because we're in 32-bit mode. */ 1054 s->word_swap = val; 1055 break; 1056 case CSR_MAC_CSR_CMD: 1057 s->mac_cmd = val & 0x4000000f; 1058 if (val & 0x80000000) { 1059 if (val & 0x40000000) { 1060 s->mac_data = do_mac_read(s, val & 0xf); 1061 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data); 1062 } else { 1063 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data); 1064 do_mac_write(s, val & 0xf, s->mac_data); 1065 } 1066 } 1067 break; 1068 case CSR_MAC_CSR_DATA: 1069 s->mac_data = val; 1070 break; 1071 case CSR_AFC_CFG: 1072 s->afc_cfg = val & 0x00ffffff; 1073 break; 1074 case CSR_E2P_CMD: 1075 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f); 1076 break; 1077 case CSR_E2P_DATA: 1078 s->e2p_data = val & 0xff; 1079 break; 1080 1081 default: 1082 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n", 1083 (int)offset, (int)val); 1084 break; 1085 } 1086 lan9118_update(s); 1087 } 1088 1089 static void lan9118_writew(void *opaque, hwaddr offset, 1090 uint32_t val) 1091 { 1092 lan9118_state *s = (lan9118_state *)opaque; 1093 offset &= 0xff; 1094 1095 if (s->write_word_prev_offset != (offset & ~0x3)) { 1096 /* New offset, reset word counter */ 1097 s->write_word_n = 0; 1098 s->write_word_prev_offset = offset & ~0x3; 1099 } 1100 1101 if (offset & 0x2) { 1102 s->write_word_h = val; 1103 } else { 1104 s->write_word_l = val; 1105 } 1106 1107 //DPRINTF("Writew reg 0x%02x = 0x%08x\n", (int)offset, val); 1108 s->write_word_n++; 1109 if (s->write_word_n == 2) { 1110 s->write_word_n = 0; 1111 lan9118_writel(s, offset & ~3, s->write_word_l + 1112 (s->write_word_h << 16), 4); 1113 } 1114 } 1115 1116 static void lan9118_16bit_mode_write(void *opaque, hwaddr offset, 1117 uint64_t val, unsigned size) 1118 { 1119 switch (size) { 1120 case 2: 1121 lan9118_writew(opaque, offset, (uint32_t)val); 1122 return; 1123 case 4: 1124 lan9118_writel(opaque, offset, val, size); 1125 return; 1126 } 1127 1128 qemu_log_mask(LOG_GUEST_ERROR, 1129 "lan9118_16bit_mode_write: Bad size 0x%x\n", size); 1130 } 1131 1132 static uint64_t lan9118_readl(void *opaque, hwaddr offset, 1133 unsigned size) 1134 { 1135 lan9118_state *s = (lan9118_state *)opaque; 1136 1137 //DPRINTF("Read reg 0x%02x\n", (int)offset); 1138 if (offset <= RX_DATA_FIFO_PORT_LAST) { 1139 /* RX FIFO */ 1140 return rx_fifo_pop(s); 1141 } 1142 switch (offset) { 1143 case RX_STATUS_FIFO_PORT: 1144 return rx_status_fifo_pop(s); 1145 case RX_STATUS_FIFO_PEEK: 1146 return s->rx_status_fifo[s->rx_status_fifo_head]; 1147 case TX_STATUS_FIFO_PORT: 1148 return tx_status_fifo_pop(s); 1149 case TX_STATUS_FIFO_PEEK: 1150 return s->tx_status_fifo[s->tx_status_fifo_head]; 1151 case CSR_ID_REV: 1152 return 0x01180001; 1153 case CSR_IRQ_CFG: 1154 return s->irq_cfg; 1155 case CSR_INT_STS: 1156 return s->int_sts; 1157 case CSR_INT_EN: 1158 return s->int_en; 1159 case CSR_BYTE_TEST: 1160 return 0x87654321; 1161 case CSR_FIFO_INT: 1162 return s->fifo_int; 1163 case CSR_RX_CFG: 1164 return s->rx_cfg; 1165 case CSR_TX_CFG: 1166 return s->tx_cfg; 1167 case CSR_HW_CFG: 1168 return s->hw_cfg; 1169 case CSR_RX_DP_CTRL: 1170 return 0; 1171 case CSR_RX_FIFO_INF: 1172 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2); 1173 case CSR_TX_FIFO_INF: 1174 return (s->tx_status_fifo_used << 16) 1175 | (s->tx_fifo_size - s->txp->fifo_used); 1176 case CSR_PMT_CTRL: 1177 return s->pmt_ctrl; 1178 case CSR_GPIO_CFG: 1179 return s->gpio_cfg; 1180 case CSR_GPT_CFG: 1181 return s->gpt_cfg; 1182 case CSR_GPT_CNT: 1183 return ptimer_get_count(s->timer); 1184 case CSR_WORD_SWAP: 1185 return s->word_swap; 1186 case CSR_FREE_RUN: 1187 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start; 1188 case CSR_RX_DROP: 1189 /* TODO: Implement dropped frames counter. */ 1190 return 0; 1191 case CSR_MAC_CSR_CMD: 1192 return s->mac_cmd; 1193 case CSR_MAC_CSR_DATA: 1194 return s->mac_data; 1195 case CSR_AFC_CFG: 1196 return s->afc_cfg; 1197 case CSR_E2P_CMD: 1198 return s->e2p_cmd; 1199 case CSR_E2P_DATA: 1200 return s->e2p_data; 1201 } 1202 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset); 1203 return 0; 1204 } 1205 1206 static uint32_t lan9118_readw(void *opaque, hwaddr offset) 1207 { 1208 lan9118_state *s = (lan9118_state *)opaque; 1209 uint32_t val; 1210 1211 if (s->read_word_prev_offset != (offset & ~0x3)) { 1212 /* New offset, reset word counter */ 1213 s->read_word_n = 0; 1214 s->read_word_prev_offset = offset & ~0x3; 1215 } 1216 1217 s->read_word_n++; 1218 if (s->read_word_n == 1) { 1219 s->read_long = lan9118_readl(s, offset & ~3, 4); 1220 } else { 1221 s->read_word_n = 0; 1222 } 1223 1224 if (offset & 2) { 1225 val = s->read_long >> 16; 1226 } else { 1227 val = s->read_long & 0xFFFF; 1228 } 1229 1230 //DPRINTF("Readw reg 0x%02x, val 0x%x\n", (int)offset, val); 1231 return val; 1232 } 1233 1234 static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset, 1235 unsigned size) 1236 { 1237 switch (size) { 1238 case 2: 1239 return lan9118_readw(opaque, offset); 1240 case 4: 1241 return lan9118_readl(opaque, offset, size); 1242 } 1243 1244 qemu_log_mask(LOG_GUEST_ERROR, 1245 "lan9118_16bit_mode_read: Bad size 0x%x\n", size); 1246 return 0; 1247 } 1248 1249 static const MemoryRegionOps lan9118_mem_ops = { 1250 .read = lan9118_readl, 1251 .write = lan9118_writel, 1252 .endianness = DEVICE_NATIVE_ENDIAN, 1253 }; 1254 1255 static const MemoryRegionOps lan9118_16bit_mem_ops = { 1256 .read = lan9118_16bit_mode_read, 1257 .write = lan9118_16bit_mode_write, 1258 .endianness = DEVICE_NATIVE_ENDIAN, 1259 }; 1260 1261 static NetClientInfo net_lan9118_info = { 1262 .type = NET_CLIENT_DRIVER_NIC, 1263 .size = sizeof(NICState), 1264 .receive = lan9118_receive, 1265 .link_status_changed = lan9118_set_link, 1266 }; 1267 1268 static void lan9118_realize(DeviceState *dev, Error **errp) 1269 { 1270 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1271 lan9118_state *s = LAN9118(dev); 1272 int i; 1273 const MemoryRegionOps *mem_ops = 1274 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops; 1275 1276 qemu_init_irq(&s->mii_irq, lan9118_update_irq, s, 0); 1277 object_initialize_child(OBJECT(s), "mii", &s->mii, TYPE_LAN9118_PHY); 1278 if (!sysbus_realize_and_unref(SYS_BUS_DEVICE(&s->mii), errp)) { 1279 return; 1280 } 1281 qdev_connect_gpio_out(DEVICE(&s->mii), 0, &s->mii_irq); 1282 1283 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s, 1284 "lan9118-mmio", 0x100); 1285 sysbus_init_mmio(sbd, &s->mmio); 1286 sysbus_init_irq(sbd, &s->irq); 1287 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1288 1289 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf, 1290 object_get_typename(OBJECT(dev)), dev->id, 1291 &dev->mem_reentrancy_guard, s); 1292 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1293 s->eeprom[0] = 0xa5; 1294 for (i = 0; i < 6; i++) { 1295 s->eeprom[i + 1] = s->conf.macaddr.a[i]; 1296 } 1297 s->pmt_ctrl = 1; 1298 s->txp = &s->tx_packet; 1299 1300 s->timer = ptimer_init(lan9118_tick, s, PTIMER_POLICY_LEGACY); 1301 ptimer_transaction_begin(s->timer); 1302 ptimer_set_freq(s->timer, 10000); 1303 ptimer_set_limit(s->timer, 0xffff, 1); 1304 ptimer_transaction_commit(s->timer); 1305 } 1306 1307 static const Property lan9118_properties[] = { 1308 DEFINE_NIC_PROPERTIES(lan9118_state, conf), 1309 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0), 1310 }; 1311 1312 static void lan9118_class_init(ObjectClass *klass, void *data) 1313 { 1314 DeviceClass *dc = DEVICE_CLASS(klass); 1315 1316 device_class_set_legacy_reset(dc, lan9118_reset); 1317 device_class_set_props(dc, lan9118_properties); 1318 dc->vmsd = &vmstate_lan9118; 1319 dc->realize = lan9118_realize; 1320 } 1321 1322 static const TypeInfo lan9118_info = { 1323 .name = TYPE_LAN9118, 1324 .parent = TYPE_SYS_BUS_DEVICE, 1325 .instance_size = sizeof(lan9118_state), 1326 .class_init = lan9118_class_init, 1327 }; 1328 1329 static void lan9118_register_types(void) 1330 { 1331 type_register_static(&lan9118_info); 1332 } 1333 1334 /* Legacy helper function. Should go away when machine config files are 1335 implemented. */ 1336 void lan9118_init(uint32_t base, qemu_irq irq) 1337 { 1338 DeviceState *dev; 1339 SysBusDevice *s; 1340 1341 dev = qdev_new(TYPE_LAN9118); 1342 qemu_configure_nic_device(dev, true, NULL); 1343 s = SYS_BUS_DEVICE(dev); 1344 sysbus_realize_and_unref(s, &error_fatal); 1345 sysbus_mmio_map(s, 0, base); 1346 sysbus_connect_irq(s, 0, irq); 1347 } 1348 1349 type_init(lan9118_register_types) 1350