1 /* 2 * SMSC LAN9118 Ethernet interface emulation 3 * 4 * Copyright (c) 2009 CodeSourcery, LLC. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GNU GPL v2 8 * 9 * Contributions after 2012-01-13 are licensed under the terms of the 10 * GNU GPL, version 2 or (at your option) any later version. 11 */ 12 13 #include "qemu/osdep.h" 14 #include "hw/sysbus.h" 15 #include "net/net.h" 16 #include "net/eth.h" 17 #include "hw/irq.h" 18 #include "hw/net/lan9118.h" 19 #include "sysemu/sysemu.h" 20 #include "hw/ptimer.h" 21 #include "qemu/log.h" 22 #include "qemu/module.h" 23 /* For crc32 */ 24 #include <zlib.h> 25 26 //#define DEBUG_LAN9118 27 28 #ifdef DEBUG_LAN9118 29 #define DPRINTF(fmt, ...) \ 30 do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0) 31 #define BADF(fmt, ...) \ 32 do { hw_error("lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 33 #else 34 #define DPRINTF(fmt, ...) do {} while(0) 35 #define BADF(fmt, ...) \ 36 do { fprintf(stderr, "lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 37 #endif 38 39 #define CSR_ID_REV 0x50 40 #define CSR_IRQ_CFG 0x54 41 #define CSR_INT_STS 0x58 42 #define CSR_INT_EN 0x5c 43 #define CSR_BYTE_TEST 0x64 44 #define CSR_FIFO_INT 0x68 45 #define CSR_RX_CFG 0x6c 46 #define CSR_TX_CFG 0x70 47 #define CSR_HW_CFG 0x74 48 #define CSR_RX_DP_CTRL 0x78 49 #define CSR_RX_FIFO_INF 0x7c 50 #define CSR_TX_FIFO_INF 0x80 51 #define CSR_PMT_CTRL 0x84 52 #define CSR_GPIO_CFG 0x88 53 #define CSR_GPT_CFG 0x8c 54 #define CSR_GPT_CNT 0x90 55 #define CSR_WORD_SWAP 0x98 56 #define CSR_FREE_RUN 0x9c 57 #define CSR_RX_DROP 0xa0 58 #define CSR_MAC_CSR_CMD 0xa4 59 #define CSR_MAC_CSR_DATA 0xa8 60 #define CSR_AFC_CFG 0xac 61 #define CSR_E2P_CMD 0xb0 62 #define CSR_E2P_DATA 0xb4 63 64 #define E2P_CMD_MAC_ADDR_LOADED 0x100 65 66 /* IRQ_CFG */ 67 #define IRQ_INT 0x00001000 68 #define IRQ_EN 0x00000100 69 #define IRQ_POL 0x00000010 70 #define IRQ_TYPE 0x00000001 71 72 /* INT_STS/INT_EN */ 73 #define SW_INT 0x80000000 74 #define TXSTOP_INT 0x02000000 75 #define RXSTOP_INT 0x01000000 76 #define RXDFH_INT 0x00800000 77 #define TX_IOC_INT 0x00200000 78 #define RXD_INT 0x00100000 79 #define GPT_INT 0x00080000 80 #define PHY_INT 0x00040000 81 #define PME_INT 0x00020000 82 #define TXSO_INT 0x00010000 83 #define RWT_INT 0x00008000 84 #define RXE_INT 0x00004000 85 #define TXE_INT 0x00002000 86 #define TDFU_INT 0x00000800 87 #define TDFO_INT 0x00000400 88 #define TDFA_INT 0x00000200 89 #define TSFF_INT 0x00000100 90 #define TSFL_INT 0x00000080 91 #define RXDF_INT 0x00000040 92 #define RDFL_INT 0x00000020 93 #define RSFF_INT 0x00000010 94 #define RSFL_INT 0x00000008 95 #define GPIO2_INT 0x00000004 96 #define GPIO1_INT 0x00000002 97 #define GPIO0_INT 0x00000001 98 #define RESERVED_INT 0x7c001000 99 100 #define MAC_CR 1 101 #define MAC_ADDRH 2 102 #define MAC_ADDRL 3 103 #define MAC_HASHH 4 104 #define MAC_HASHL 5 105 #define MAC_MII_ACC 6 106 #define MAC_MII_DATA 7 107 #define MAC_FLOW 8 108 #define MAC_VLAN1 9 /* TODO */ 109 #define MAC_VLAN2 10 /* TODO */ 110 #define MAC_WUFF 11 /* TODO */ 111 #define MAC_WUCSR 12 /* TODO */ 112 113 #define MAC_CR_RXALL 0x80000000 114 #define MAC_CR_RCVOWN 0x00800000 115 #define MAC_CR_LOOPBK 0x00200000 116 #define MAC_CR_FDPX 0x00100000 117 #define MAC_CR_MCPAS 0x00080000 118 #define MAC_CR_PRMS 0x00040000 119 #define MAC_CR_INVFILT 0x00020000 120 #define MAC_CR_PASSBAD 0x00010000 121 #define MAC_CR_HO 0x00008000 122 #define MAC_CR_HPFILT 0x00002000 123 #define MAC_CR_LCOLL 0x00001000 124 #define MAC_CR_BCAST 0x00000800 125 #define MAC_CR_DISRTY 0x00000400 126 #define MAC_CR_PADSTR 0x00000100 127 #define MAC_CR_BOLMT 0x000000c0 128 #define MAC_CR_DFCHK 0x00000020 129 #define MAC_CR_TXEN 0x00000008 130 #define MAC_CR_RXEN 0x00000004 131 #define MAC_CR_RESERVED 0x7f404213 132 133 #define PHY_INT_ENERGYON 0x80 134 #define PHY_INT_AUTONEG_COMPLETE 0x40 135 #define PHY_INT_FAULT 0x20 136 #define PHY_INT_DOWN 0x10 137 #define PHY_INT_AUTONEG_LP 0x08 138 #define PHY_INT_PARFAULT 0x04 139 #define PHY_INT_AUTONEG_PAGE 0x02 140 141 #define GPT_TIMER_EN 0x20000000 142 143 enum tx_state { 144 TX_IDLE, 145 TX_B, 146 TX_DATA 147 }; 148 149 typedef struct { 150 /* state is a tx_state but we can't put enums in VMStateDescriptions. */ 151 uint32_t state; 152 uint32_t cmd_a; 153 uint32_t cmd_b; 154 int32_t buffer_size; 155 int32_t offset; 156 int32_t pad; 157 int32_t fifo_used; 158 int32_t len; 159 uint8_t data[2048]; 160 } LAN9118Packet; 161 162 static const VMStateDescription vmstate_lan9118_packet = { 163 .name = "lan9118_packet", 164 .version_id = 1, 165 .minimum_version_id = 1, 166 .fields = (VMStateField[]) { 167 VMSTATE_UINT32(state, LAN9118Packet), 168 VMSTATE_UINT32(cmd_a, LAN9118Packet), 169 VMSTATE_UINT32(cmd_b, LAN9118Packet), 170 VMSTATE_INT32(buffer_size, LAN9118Packet), 171 VMSTATE_INT32(offset, LAN9118Packet), 172 VMSTATE_INT32(pad, LAN9118Packet), 173 VMSTATE_INT32(fifo_used, LAN9118Packet), 174 VMSTATE_INT32(len, LAN9118Packet), 175 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, 2048), 176 VMSTATE_END_OF_LIST() 177 } 178 }; 179 180 #define LAN9118(obj) OBJECT_CHECK(lan9118_state, (obj), TYPE_LAN9118) 181 182 typedef struct { 183 SysBusDevice parent_obj; 184 185 NICState *nic; 186 NICConf conf; 187 qemu_irq irq; 188 MemoryRegion mmio; 189 ptimer_state *timer; 190 191 uint32_t irq_cfg; 192 uint32_t int_sts; 193 uint32_t int_en; 194 uint32_t fifo_int; 195 uint32_t rx_cfg; 196 uint32_t tx_cfg; 197 uint32_t hw_cfg; 198 uint32_t pmt_ctrl; 199 uint32_t gpio_cfg; 200 uint32_t gpt_cfg; 201 uint32_t word_swap; 202 uint32_t free_timer_start; 203 uint32_t mac_cmd; 204 uint32_t mac_data; 205 uint32_t afc_cfg; 206 uint32_t e2p_cmd; 207 uint32_t e2p_data; 208 209 uint32_t mac_cr; 210 uint32_t mac_hashh; 211 uint32_t mac_hashl; 212 uint32_t mac_mii_acc; 213 uint32_t mac_mii_data; 214 uint32_t mac_flow; 215 216 uint32_t phy_status; 217 uint32_t phy_control; 218 uint32_t phy_advertise; 219 uint32_t phy_int; 220 uint32_t phy_int_mask; 221 222 int32_t eeprom_writable; 223 uint8_t eeprom[128]; 224 225 int32_t tx_fifo_size; 226 LAN9118Packet *txp; 227 LAN9118Packet tx_packet; 228 229 int32_t tx_status_fifo_used; 230 int32_t tx_status_fifo_head; 231 uint32_t tx_status_fifo[512]; 232 233 int32_t rx_status_fifo_size; 234 int32_t rx_status_fifo_used; 235 int32_t rx_status_fifo_head; 236 uint32_t rx_status_fifo[896]; 237 int32_t rx_fifo_size; 238 int32_t rx_fifo_used; 239 int32_t rx_fifo_head; 240 uint32_t rx_fifo[3360]; 241 int32_t rx_packet_size_head; 242 int32_t rx_packet_size_tail; 243 int32_t rx_packet_size[1024]; 244 245 int32_t rxp_offset; 246 int32_t rxp_size; 247 int32_t rxp_pad; 248 249 uint32_t write_word_prev_offset; 250 uint32_t write_word_n; 251 uint16_t write_word_l; 252 uint16_t write_word_h; 253 uint32_t read_word_prev_offset; 254 uint32_t read_word_n; 255 uint32_t read_long; 256 257 uint32_t mode_16bit; 258 } lan9118_state; 259 260 static const VMStateDescription vmstate_lan9118 = { 261 .name = "lan9118", 262 .version_id = 2, 263 .minimum_version_id = 1, 264 .fields = (VMStateField[]) { 265 VMSTATE_PTIMER(timer, lan9118_state), 266 VMSTATE_UINT32(irq_cfg, lan9118_state), 267 VMSTATE_UINT32(int_sts, lan9118_state), 268 VMSTATE_UINT32(int_en, lan9118_state), 269 VMSTATE_UINT32(fifo_int, lan9118_state), 270 VMSTATE_UINT32(rx_cfg, lan9118_state), 271 VMSTATE_UINT32(tx_cfg, lan9118_state), 272 VMSTATE_UINT32(hw_cfg, lan9118_state), 273 VMSTATE_UINT32(pmt_ctrl, lan9118_state), 274 VMSTATE_UINT32(gpio_cfg, lan9118_state), 275 VMSTATE_UINT32(gpt_cfg, lan9118_state), 276 VMSTATE_UINT32(word_swap, lan9118_state), 277 VMSTATE_UINT32(free_timer_start, lan9118_state), 278 VMSTATE_UINT32(mac_cmd, lan9118_state), 279 VMSTATE_UINT32(mac_data, lan9118_state), 280 VMSTATE_UINT32(afc_cfg, lan9118_state), 281 VMSTATE_UINT32(e2p_cmd, lan9118_state), 282 VMSTATE_UINT32(e2p_data, lan9118_state), 283 VMSTATE_UINT32(mac_cr, lan9118_state), 284 VMSTATE_UINT32(mac_hashh, lan9118_state), 285 VMSTATE_UINT32(mac_hashl, lan9118_state), 286 VMSTATE_UINT32(mac_mii_acc, lan9118_state), 287 VMSTATE_UINT32(mac_mii_data, lan9118_state), 288 VMSTATE_UINT32(mac_flow, lan9118_state), 289 VMSTATE_UINT32(phy_status, lan9118_state), 290 VMSTATE_UINT32(phy_control, lan9118_state), 291 VMSTATE_UINT32(phy_advertise, lan9118_state), 292 VMSTATE_UINT32(phy_int, lan9118_state), 293 VMSTATE_UINT32(phy_int_mask, lan9118_state), 294 VMSTATE_INT32(eeprom_writable, lan9118_state), 295 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128), 296 VMSTATE_INT32(tx_fifo_size, lan9118_state), 297 /* txp always points at tx_packet so need not be saved */ 298 VMSTATE_STRUCT(tx_packet, lan9118_state, 0, 299 vmstate_lan9118_packet, LAN9118Packet), 300 VMSTATE_INT32(tx_status_fifo_used, lan9118_state), 301 VMSTATE_INT32(tx_status_fifo_head, lan9118_state), 302 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512), 303 VMSTATE_INT32(rx_status_fifo_size, lan9118_state), 304 VMSTATE_INT32(rx_status_fifo_used, lan9118_state), 305 VMSTATE_INT32(rx_status_fifo_head, lan9118_state), 306 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896), 307 VMSTATE_INT32(rx_fifo_size, lan9118_state), 308 VMSTATE_INT32(rx_fifo_used, lan9118_state), 309 VMSTATE_INT32(rx_fifo_head, lan9118_state), 310 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360), 311 VMSTATE_INT32(rx_packet_size_head, lan9118_state), 312 VMSTATE_INT32(rx_packet_size_tail, lan9118_state), 313 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024), 314 VMSTATE_INT32(rxp_offset, lan9118_state), 315 VMSTATE_INT32(rxp_size, lan9118_state), 316 VMSTATE_INT32(rxp_pad, lan9118_state), 317 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2), 318 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2), 319 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2), 320 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2), 321 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2), 322 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2), 323 VMSTATE_UINT32_V(read_long, lan9118_state, 2), 324 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2), 325 VMSTATE_END_OF_LIST() 326 } 327 }; 328 329 static void lan9118_update(lan9118_state *s) 330 { 331 int level; 332 333 /* TODO: Implement FIFO level IRQs. */ 334 level = (s->int_sts & s->int_en) != 0; 335 if (level) { 336 s->irq_cfg |= IRQ_INT; 337 } else { 338 s->irq_cfg &= ~IRQ_INT; 339 } 340 if ((s->irq_cfg & IRQ_EN) == 0) { 341 level = 0; 342 } 343 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { 344 /* Interrupt is active low unless we're configured as 345 * active-high polarity, push-pull type. 346 */ 347 level = !level; 348 } 349 qemu_set_irq(s->irq, level); 350 } 351 352 static void lan9118_mac_changed(lan9118_state *s) 353 { 354 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 355 } 356 357 static void lan9118_reload_eeprom(lan9118_state *s) 358 { 359 int i; 360 if (s->eeprom[0] != 0xa5) { 361 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED; 362 DPRINTF("MACADDR load failed\n"); 363 return; 364 } 365 for (i = 0; i < 6; i++) { 366 s->conf.macaddr.a[i] = s->eeprom[i + 1]; 367 } 368 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED; 369 DPRINTF("MACADDR loaded from eeprom\n"); 370 lan9118_mac_changed(s); 371 } 372 373 static void phy_update_irq(lan9118_state *s) 374 { 375 if (s->phy_int & s->phy_int_mask) { 376 s->int_sts |= PHY_INT; 377 } else { 378 s->int_sts &= ~PHY_INT; 379 } 380 lan9118_update(s); 381 } 382 383 static void phy_update_link(lan9118_state *s) 384 { 385 /* Autonegotiation status mirrors link status. */ 386 if (qemu_get_queue(s->nic)->link_down) { 387 s->phy_status &= ~0x0024; 388 s->phy_int |= PHY_INT_DOWN; 389 } else { 390 s->phy_status |= 0x0024; 391 s->phy_int |= PHY_INT_ENERGYON; 392 s->phy_int |= PHY_INT_AUTONEG_COMPLETE; 393 } 394 phy_update_irq(s); 395 } 396 397 static void lan9118_set_link(NetClientState *nc) 398 { 399 phy_update_link(qemu_get_nic_opaque(nc)); 400 } 401 402 static void phy_reset(lan9118_state *s) 403 { 404 s->phy_status = 0x7809; 405 s->phy_control = 0x3000; 406 s->phy_advertise = 0x01e1; 407 s->phy_int_mask = 0; 408 s->phy_int = 0; 409 phy_update_link(s); 410 } 411 412 static void lan9118_reset(DeviceState *d) 413 { 414 lan9118_state *s = LAN9118(d); 415 416 s->irq_cfg &= (IRQ_TYPE | IRQ_POL); 417 s->int_sts = 0; 418 s->int_en = 0; 419 s->fifo_int = 0x48000000; 420 s->rx_cfg = 0; 421 s->tx_cfg = 0; 422 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004; 423 s->pmt_ctrl &= 0x45; 424 s->gpio_cfg = 0; 425 s->txp->fifo_used = 0; 426 s->txp->state = TX_IDLE; 427 s->txp->cmd_a = 0xffffffffu; 428 s->txp->cmd_b = 0xffffffffu; 429 s->txp->len = 0; 430 s->txp->fifo_used = 0; 431 s->tx_fifo_size = 4608; 432 s->tx_status_fifo_used = 0; 433 s->rx_status_fifo_size = 704; 434 s->rx_fifo_size = 2640; 435 s->rx_fifo_used = 0; 436 s->rx_status_fifo_size = 176; 437 s->rx_status_fifo_used = 0; 438 s->rxp_offset = 0; 439 s->rxp_size = 0; 440 s->rxp_pad = 0; 441 s->rx_packet_size_tail = s->rx_packet_size_head; 442 s->rx_packet_size[s->rx_packet_size_head] = 0; 443 s->mac_cmd = 0; 444 s->mac_data = 0; 445 s->afc_cfg = 0; 446 s->e2p_cmd = 0; 447 s->e2p_data = 0; 448 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40; 449 450 ptimer_stop(s->timer); 451 ptimer_set_count(s->timer, 0xffff); 452 s->gpt_cfg = 0xffff; 453 454 s->mac_cr = MAC_CR_PRMS; 455 s->mac_hashh = 0; 456 s->mac_hashl = 0; 457 s->mac_mii_acc = 0; 458 s->mac_mii_data = 0; 459 s->mac_flow = 0; 460 461 s->read_word_n = 0; 462 s->write_word_n = 0; 463 464 phy_reset(s); 465 466 s->eeprom_writable = 0; 467 lan9118_reload_eeprom(s); 468 } 469 470 static void rx_fifo_push(lan9118_state *s, uint32_t val) 471 { 472 int fifo_pos; 473 fifo_pos = s->rx_fifo_head + s->rx_fifo_used; 474 if (fifo_pos >= s->rx_fifo_size) 475 fifo_pos -= s->rx_fifo_size; 476 s->rx_fifo[fifo_pos] = val; 477 s->rx_fifo_used++; 478 } 479 480 /* Return nonzero if the packet is accepted by the filter. */ 481 static int lan9118_filter(lan9118_state *s, const uint8_t *addr) 482 { 483 int multicast; 484 uint32_t hash; 485 486 if (s->mac_cr & MAC_CR_PRMS) { 487 return 1; 488 } 489 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff && 490 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) { 491 return (s->mac_cr & MAC_CR_BCAST) == 0; 492 } 493 494 multicast = addr[0] & 1; 495 if (multicast &&s->mac_cr & MAC_CR_MCPAS) { 496 return 1; 497 } 498 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0 499 : (s->mac_cr & MAC_CR_HO) == 0) { 500 /* Exact matching. */ 501 hash = memcmp(addr, s->conf.macaddr.a, 6); 502 if (s->mac_cr & MAC_CR_INVFILT) { 503 return hash != 0; 504 } else { 505 return hash == 0; 506 } 507 } else { 508 /* Hash matching */ 509 hash = net_crc32(addr, ETH_ALEN) >> 26; 510 if (hash & 0x20) { 511 return (s->mac_hashh >> (hash & 0x1f)) & 1; 512 } else { 513 return (s->mac_hashl >> (hash & 0x1f)) & 1; 514 } 515 } 516 } 517 518 static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf, 519 size_t size) 520 { 521 lan9118_state *s = qemu_get_nic_opaque(nc); 522 int fifo_len; 523 int offset; 524 int src_pos; 525 int n; 526 int filter; 527 uint32_t val; 528 uint32_t crc; 529 uint32_t status; 530 531 if ((s->mac_cr & MAC_CR_RXEN) == 0) { 532 return -1; 533 } 534 535 if (size >= 2048 || size < 14) { 536 return -1; 537 } 538 539 /* TODO: Implement FIFO overflow notification. */ 540 if (s->rx_status_fifo_used == s->rx_status_fifo_size) { 541 return -1; 542 } 543 544 filter = lan9118_filter(s, buf); 545 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) { 546 return size; 547 } 548 549 offset = (s->rx_cfg >> 8) & 0x1f; 550 n = offset & 3; 551 fifo_len = (size + n + 3) >> 2; 552 /* Add a word for the CRC. */ 553 fifo_len++; 554 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) { 555 return -1; 556 } 557 558 DPRINTF("Got packet len:%d fifo:%d filter:%s\n", 559 (int)size, fifo_len, filter ? "pass" : "fail"); 560 val = 0; 561 crc = bswap32(crc32(~0, buf, size)); 562 for (src_pos = 0; src_pos < size; src_pos++) { 563 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24); 564 n++; 565 if (n == 4) { 566 n = 0; 567 rx_fifo_push(s, val); 568 val = 0; 569 } 570 } 571 if (n) { 572 val >>= ((4 - n) * 8); 573 val |= crc << (n * 8); 574 rx_fifo_push(s, val); 575 val = crc >> ((4 - n) * 8); 576 rx_fifo_push(s, val); 577 } else { 578 rx_fifo_push(s, crc); 579 } 580 n = s->rx_status_fifo_head + s->rx_status_fifo_used; 581 if (n >= s->rx_status_fifo_size) { 582 n -= s->rx_status_fifo_size; 583 } 584 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len; 585 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023; 586 s->rx_status_fifo_used++; 587 588 status = (size + 4) << 16; 589 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff && 590 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) { 591 status |= 0x00002000; 592 } else if (buf[0] & 1) { 593 status |= 0x00000400; 594 } 595 if (!filter) { 596 status |= 0x40000000; 597 } 598 s->rx_status_fifo[n] = status; 599 600 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) { 601 s->int_sts |= RSFL_INT; 602 } 603 lan9118_update(s); 604 605 return size; 606 } 607 608 static uint32_t rx_fifo_pop(lan9118_state *s) 609 { 610 int n; 611 uint32_t val; 612 613 if (s->rxp_size == 0 && s->rxp_pad == 0) { 614 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head]; 615 s->rx_packet_size[s->rx_packet_size_head] = 0; 616 if (s->rxp_size != 0) { 617 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023; 618 s->rxp_offset = (s->rx_cfg >> 10) & 7; 619 n = s->rxp_offset + s->rxp_size; 620 switch (s->rx_cfg >> 30) { 621 case 1: 622 n = (-n) & 3; 623 break; 624 case 2: 625 n = (-n) & 7; 626 break; 627 default: 628 n = 0; 629 break; 630 } 631 s->rxp_pad = n; 632 DPRINTF("Pop packet size:%d offset:%d pad: %d\n", 633 s->rxp_size, s->rxp_offset, s->rxp_pad); 634 } 635 } 636 if (s->rxp_offset > 0) { 637 s->rxp_offset--; 638 val = 0; 639 } else if (s->rxp_size > 0) { 640 s->rxp_size--; 641 val = s->rx_fifo[s->rx_fifo_head++]; 642 if (s->rx_fifo_head >= s->rx_fifo_size) { 643 s->rx_fifo_head -= s->rx_fifo_size; 644 } 645 s->rx_fifo_used--; 646 } else if (s->rxp_pad > 0) { 647 s->rxp_pad--; 648 val = 0; 649 } else { 650 DPRINTF("RX underflow\n"); 651 s->int_sts |= RXE_INT; 652 val = 0; 653 } 654 lan9118_update(s); 655 return val; 656 } 657 658 static void do_tx_packet(lan9118_state *s) 659 { 660 int n; 661 uint32_t status; 662 663 /* FIXME: Honor TX disable, and allow queueing of packets. */ 664 if (s->phy_control & 0x4000) { 665 /* This assumes the receive routine doesn't touch the VLANClient. */ 666 lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 667 } else { 668 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 669 } 670 s->txp->fifo_used = 0; 671 672 if (s->tx_status_fifo_used == 512) { 673 /* Status FIFO full */ 674 return; 675 } 676 /* Add entry to status FIFO. */ 677 status = s->txp->cmd_b & 0xffff0000u; 678 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len); 679 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511; 680 s->tx_status_fifo[n] = status; 681 s->tx_status_fifo_used++; 682 if (s->tx_status_fifo_used == 512) { 683 s->int_sts |= TSFF_INT; 684 /* TODO: Stop transmission. */ 685 } 686 } 687 688 static uint32_t rx_status_fifo_pop(lan9118_state *s) 689 { 690 uint32_t val; 691 692 val = s->rx_status_fifo[s->rx_status_fifo_head]; 693 if (s->rx_status_fifo_used != 0) { 694 s->rx_status_fifo_used--; 695 s->rx_status_fifo_head++; 696 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) { 697 s->rx_status_fifo_head -= s->rx_status_fifo_size; 698 } 699 /* ??? What value should be returned when the FIFO is empty? */ 700 DPRINTF("RX status pop 0x%08x\n", val); 701 } 702 return val; 703 } 704 705 static uint32_t tx_status_fifo_pop(lan9118_state *s) 706 { 707 uint32_t val; 708 709 val = s->tx_status_fifo[s->tx_status_fifo_head]; 710 if (s->tx_status_fifo_used != 0) { 711 s->tx_status_fifo_used--; 712 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511; 713 /* ??? What value should be returned when the FIFO is empty? */ 714 } 715 return val; 716 } 717 718 static void tx_fifo_push(lan9118_state *s, uint32_t val) 719 { 720 int n; 721 722 if (s->txp->fifo_used == s->tx_fifo_size) { 723 s->int_sts |= TDFO_INT; 724 return; 725 } 726 switch (s->txp->state) { 727 case TX_IDLE: 728 s->txp->cmd_a = val & 0x831f37ff; 729 s->txp->fifo_used++; 730 s->txp->state = TX_B; 731 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11); 732 s->txp->offset = extract32(s->txp->cmd_a, 16, 5); 733 break; 734 case TX_B: 735 if (s->txp->cmd_a & 0x2000) { 736 /* First segment */ 737 s->txp->cmd_b = val; 738 s->txp->fifo_used++; 739 /* End alignment does not include command words. */ 740 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2; 741 switch ((n >> 24) & 3) { 742 case 1: 743 n = (-n) & 3; 744 break; 745 case 2: 746 n = (-n) & 7; 747 break; 748 default: 749 n = 0; 750 } 751 s->txp->pad = n; 752 s->txp->len = 0; 753 } 754 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n", 755 s->txp->buffer_size, s->txp->offset, s->txp->pad, 756 s->txp->cmd_a); 757 s->txp->state = TX_DATA; 758 break; 759 case TX_DATA: 760 if (s->txp->offset >= 4) { 761 s->txp->offset -= 4; 762 break; 763 } 764 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) { 765 s->txp->pad--; 766 } else { 767 n = MIN(4, s->txp->buffer_size + s->txp->offset); 768 while (s->txp->offset) { 769 val >>= 8; 770 n--; 771 s->txp->offset--; 772 } 773 /* Documentation is somewhat unclear on the ordering of bytes 774 in FIFO words. Empirical results show it to be little-endian. 775 */ 776 /* TODO: FIFO overflow checking. */ 777 while (n--) { 778 s->txp->data[s->txp->len] = val & 0xff; 779 s->txp->len++; 780 val >>= 8; 781 s->txp->buffer_size--; 782 } 783 s->txp->fifo_used++; 784 } 785 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) { 786 if (s->txp->cmd_a & 0x1000) { 787 do_tx_packet(s); 788 } 789 if (s->txp->cmd_a & 0x80000000) { 790 s->int_sts |= TX_IOC_INT; 791 } 792 s->txp->state = TX_IDLE; 793 } 794 break; 795 } 796 } 797 798 static uint32_t do_phy_read(lan9118_state *s, int reg) 799 { 800 uint32_t val; 801 802 switch (reg) { 803 case 0: /* Basic Control */ 804 return s->phy_control; 805 case 1: /* Basic Status */ 806 return s->phy_status; 807 case 2: /* ID1 */ 808 return 0x0007; 809 case 3: /* ID2 */ 810 return 0xc0d1; 811 case 4: /* Auto-neg advertisement */ 812 return s->phy_advertise; 813 case 5: /* Auto-neg Link Partner Ability */ 814 return 0x0f71; 815 case 6: /* Auto-neg Expansion */ 816 return 1; 817 /* TODO 17, 18, 27, 29, 30, 31 */ 818 case 29: /* Interrupt source. */ 819 val = s->phy_int; 820 s->phy_int = 0; 821 phy_update_irq(s); 822 return val; 823 case 30: /* Interrupt mask */ 824 return s->phy_int_mask; 825 default: 826 BADF("PHY read reg %d\n", reg); 827 return 0; 828 } 829 } 830 831 static void do_phy_write(lan9118_state *s, int reg, uint32_t val) 832 { 833 switch (reg) { 834 case 0: /* Basic Control */ 835 if (val & 0x8000) { 836 phy_reset(s); 837 break; 838 } 839 s->phy_control = val & 0x7980; 840 /* Complete autonegotiation immediately. */ 841 if (val & 0x1000) { 842 s->phy_status |= 0x0020; 843 } 844 break; 845 case 4: /* Auto-neg advertisement */ 846 s->phy_advertise = (val & 0x2d7f) | 0x80; 847 break; 848 /* TODO 17, 18, 27, 31 */ 849 case 30: /* Interrupt mask */ 850 s->phy_int_mask = val & 0xff; 851 phy_update_irq(s); 852 break; 853 default: 854 BADF("PHY write reg %d = 0x%04x\n", reg, val); 855 } 856 } 857 858 static void do_mac_write(lan9118_state *s, int reg, uint32_t val) 859 { 860 switch (reg) { 861 case MAC_CR: 862 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) { 863 s->int_sts |= RXSTOP_INT; 864 } 865 s->mac_cr = val & ~MAC_CR_RESERVED; 866 DPRINTF("MAC_CR: %08x\n", val); 867 break; 868 case MAC_ADDRH: 869 s->conf.macaddr.a[4] = val & 0xff; 870 s->conf.macaddr.a[5] = (val >> 8) & 0xff; 871 lan9118_mac_changed(s); 872 break; 873 case MAC_ADDRL: 874 s->conf.macaddr.a[0] = val & 0xff; 875 s->conf.macaddr.a[1] = (val >> 8) & 0xff; 876 s->conf.macaddr.a[2] = (val >> 16) & 0xff; 877 s->conf.macaddr.a[3] = (val >> 24) & 0xff; 878 lan9118_mac_changed(s); 879 break; 880 case MAC_HASHH: 881 s->mac_hashh = val; 882 break; 883 case MAC_HASHL: 884 s->mac_hashl = val; 885 break; 886 case MAC_MII_ACC: 887 s->mac_mii_acc = val & 0xffc2; 888 if (val & 2) { 889 DPRINTF("PHY write %d = 0x%04x\n", 890 (val >> 6) & 0x1f, s->mac_mii_data); 891 do_phy_write(s, (val >> 6) & 0x1f, s->mac_mii_data); 892 } else { 893 s->mac_mii_data = do_phy_read(s, (val >> 6) & 0x1f); 894 DPRINTF("PHY read %d = 0x%04x\n", 895 (val >> 6) & 0x1f, s->mac_mii_data); 896 } 897 break; 898 case MAC_MII_DATA: 899 s->mac_mii_data = val & 0xffff; 900 break; 901 case MAC_FLOW: 902 s->mac_flow = val & 0xffff0000; 903 break; 904 case MAC_VLAN1: 905 /* Writing to this register changes a condition for 906 * FrameTooLong bit in rx_status. Since we do not set 907 * FrameTooLong anyway, just ignore write to this. 908 */ 909 break; 910 default: 911 qemu_log_mask(LOG_GUEST_ERROR, 912 "lan9118: Unimplemented MAC register write: %d = 0x%x\n", 913 s->mac_cmd & 0xf, val); 914 } 915 } 916 917 static uint32_t do_mac_read(lan9118_state *s, int reg) 918 { 919 switch (reg) { 920 case MAC_CR: 921 return s->mac_cr; 922 case MAC_ADDRH: 923 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8); 924 case MAC_ADDRL: 925 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8) 926 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24); 927 case MAC_HASHH: 928 return s->mac_hashh; 929 break; 930 case MAC_HASHL: 931 return s->mac_hashl; 932 break; 933 case MAC_MII_ACC: 934 return s->mac_mii_acc; 935 case MAC_MII_DATA: 936 return s->mac_mii_data; 937 case MAC_FLOW: 938 return s->mac_flow; 939 default: 940 qemu_log_mask(LOG_GUEST_ERROR, 941 "lan9118: Unimplemented MAC register read: %d\n", 942 s->mac_cmd & 0xf); 943 return 0; 944 } 945 } 946 947 static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr) 948 { 949 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr; 950 switch (cmd) { 951 case 0: 952 s->e2p_data = s->eeprom[addr]; 953 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data); 954 break; 955 case 1: 956 s->eeprom_writable = 0; 957 DPRINTF("EEPROM Write Disable\n"); 958 break; 959 case 2: /* EWEN */ 960 s->eeprom_writable = 1; 961 DPRINTF("EEPROM Write Enable\n"); 962 break; 963 case 3: /* WRITE */ 964 if (s->eeprom_writable) { 965 s->eeprom[addr] &= s->e2p_data; 966 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data); 967 } else { 968 DPRINTF("EEPROM Write %d (ignored)\n", addr); 969 } 970 break; 971 case 4: /* WRAL */ 972 if (s->eeprom_writable) { 973 for (addr = 0; addr < 128; addr++) { 974 s->eeprom[addr] &= s->e2p_data; 975 } 976 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data); 977 } else { 978 DPRINTF("EEPROM Write All (ignored)\n"); 979 } 980 break; 981 case 5: /* ERASE */ 982 if (s->eeprom_writable) { 983 s->eeprom[addr] = 0xff; 984 DPRINTF("EEPROM Erase %d\n", addr); 985 } else { 986 DPRINTF("EEPROM Erase %d (ignored)\n", addr); 987 } 988 break; 989 case 6: /* ERAL */ 990 if (s->eeprom_writable) { 991 memset(s->eeprom, 0xff, 128); 992 DPRINTF("EEPROM Erase All\n"); 993 } else { 994 DPRINTF("EEPROM Erase All (ignored)\n"); 995 } 996 break; 997 case 7: /* RELOAD */ 998 lan9118_reload_eeprom(s); 999 break; 1000 } 1001 } 1002 1003 static void lan9118_tick(void *opaque) 1004 { 1005 lan9118_state *s = (lan9118_state *)opaque; 1006 if (s->int_en & GPT_INT) { 1007 s->int_sts |= GPT_INT; 1008 } 1009 lan9118_update(s); 1010 } 1011 1012 static void lan9118_writel(void *opaque, hwaddr offset, 1013 uint64_t val, unsigned size) 1014 { 1015 lan9118_state *s = (lan9118_state *)opaque; 1016 offset &= 0xff; 1017 1018 //DPRINTF("Write reg 0x%02x = 0x%08x\n", (int)offset, val); 1019 if (offset >= 0x20 && offset < 0x40) { 1020 /* TX FIFO */ 1021 tx_fifo_push(s, val); 1022 return; 1023 } 1024 switch (offset) { 1025 case CSR_IRQ_CFG: 1026 /* TODO: Implement interrupt deassertion intervals. */ 1027 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); 1028 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; 1029 break; 1030 case CSR_INT_STS: 1031 s->int_sts &= ~val; 1032 break; 1033 case CSR_INT_EN: 1034 s->int_en = val & ~RESERVED_INT; 1035 s->int_sts |= val & SW_INT; 1036 break; 1037 case CSR_FIFO_INT: 1038 DPRINTF("FIFO INT levels %08x\n", val); 1039 s->fifo_int = val; 1040 break; 1041 case CSR_RX_CFG: 1042 if (val & 0x8000) { 1043 /* RX_DUMP */ 1044 s->rx_fifo_used = 0; 1045 s->rx_status_fifo_used = 0; 1046 s->rx_packet_size_tail = s->rx_packet_size_head; 1047 s->rx_packet_size[s->rx_packet_size_head] = 0; 1048 } 1049 s->rx_cfg = val & 0xcfff1ff0; 1050 break; 1051 case CSR_TX_CFG: 1052 if (val & 0x8000) { 1053 s->tx_status_fifo_used = 0; 1054 } 1055 if (val & 0x4000) { 1056 s->txp->state = TX_IDLE; 1057 s->txp->fifo_used = 0; 1058 s->txp->cmd_a = 0xffffffff; 1059 } 1060 s->tx_cfg = val & 6; 1061 break; 1062 case CSR_HW_CFG: 1063 if (val & 1) { 1064 /* SRST */ 1065 lan9118_reset(DEVICE(s)); 1066 } else { 1067 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4); 1068 } 1069 break; 1070 case CSR_RX_DP_CTRL: 1071 if (val & 0x80000000) { 1072 /* Skip forward to next packet. */ 1073 s->rxp_pad = 0; 1074 s->rxp_offset = 0; 1075 if (s->rxp_size == 0) { 1076 /* Pop a word to start the next packet. */ 1077 rx_fifo_pop(s); 1078 s->rxp_pad = 0; 1079 s->rxp_offset = 0; 1080 } 1081 s->rx_fifo_head += s->rxp_size; 1082 if (s->rx_fifo_head >= s->rx_fifo_size) { 1083 s->rx_fifo_head -= s->rx_fifo_size; 1084 } 1085 } 1086 break; 1087 case CSR_PMT_CTRL: 1088 if (val & 0x400) { 1089 phy_reset(s); 1090 } 1091 s->pmt_ctrl &= ~0x34e; 1092 s->pmt_ctrl |= (val & 0x34e); 1093 break; 1094 case CSR_GPIO_CFG: 1095 /* Probably just enabling LEDs. */ 1096 s->gpio_cfg = val & 0x7777071f; 1097 break; 1098 case CSR_GPT_CFG: 1099 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) { 1100 if (val & GPT_TIMER_EN) { 1101 ptimer_set_count(s->timer, val & 0xffff); 1102 ptimer_run(s->timer, 0); 1103 } else { 1104 ptimer_stop(s->timer); 1105 ptimer_set_count(s->timer, 0xffff); 1106 } 1107 } 1108 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff); 1109 break; 1110 case CSR_WORD_SWAP: 1111 /* Ignored because we're in 32-bit mode. */ 1112 s->word_swap = val; 1113 break; 1114 case CSR_MAC_CSR_CMD: 1115 s->mac_cmd = val & 0x4000000f; 1116 if (val & 0x80000000) { 1117 if (val & 0x40000000) { 1118 s->mac_data = do_mac_read(s, val & 0xf); 1119 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data); 1120 } else { 1121 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data); 1122 do_mac_write(s, val & 0xf, s->mac_data); 1123 } 1124 } 1125 break; 1126 case CSR_MAC_CSR_DATA: 1127 s->mac_data = val; 1128 break; 1129 case CSR_AFC_CFG: 1130 s->afc_cfg = val & 0x00ffffff; 1131 break; 1132 case CSR_E2P_CMD: 1133 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f); 1134 break; 1135 case CSR_E2P_DATA: 1136 s->e2p_data = val & 0xff; 1137 break; 1138 1139 default: 1140 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n", 1141 (int)offset, (int)val); 1142 break; 1143 } 1144 lan9118_update(s); 1145 } 1146 1147 static void lan9118_writew(void *opaque, hwaddr offset, 1148 uint32_t val) 1149 { 1150 lan9118_state *s = (lan9118_state *)opaque; 1151 offset &= 0xff; 1152 1153 if (s->write_word_prev_offset != (offset & ~0x3)) { 1154 /* New offset, reset word counter */ 1155 s->write_word_n = 0; 1156 s->write_word_prev_offset = offset & ~0x3; 1157 } 1158 1159 if (offset & 0x2) { 1160 s->write_word_h = val; 1161 } else { 1162 s->write_word_l = val; 1163 } 1164 1165 //DPRINTF("Writew reg 0x%02x = 0x%08x\n", (int)offset, val); 1166 s->write_word_n++; 1167 if (s->write_word_n == 2) { 1168 s->write_word_n = 0; 1169 lan9118_writel(s, offset & ~3, s->write_word_l + 1170 (s->write_word_h << 16), 4); 1171 } 1172 } 1173 1174 static void lan9118_16bit_mode_write(void *opaque, hwaddr offset, 1175 uint64_t val, unsigned size) 1176 { 1177 switch (size) { 1178 case 2: 1179 lan9118_writew(opaque, offset, (uint32_t)val); 1180 return; 1181 case 4: 1182 lan9118_writel(opaque, offset, val, size); 1183 return; 1184 } 1185 1186 hw_error("lan9118_write: Bad size 0x%x\n", size); 1187 } 1188 1189 static uint64_t lan9118_readl(void *opaque, hwaddr offset, 1190 unsigned size) 1191 { 1192 lan9118_state *s = (lan9118_state *)opaque; 1193 1194 //DPRINTF("Read reg 0x%02x\n", (int)offset); 1195 if (offset < 0x20) { 1196 /* RX FIFO */ 1197 return rx_fifo_pop(s); 1198 } 1199 switch (offset) { 1200 case 0x40: 1201 return rx_status_fifo_pop(s); 1202 case 0x44: 1203 return s->rx_status_fifo[s->tx_status_fifo_head]; 1204 case 0x48: 1205 return tx_status_fifo_pop(s); 1206 case 0x4c: 1207 return s->tx_status_fifo[s->tx_status_fifo_head]; 1208 case CSR_ID_REV: 1209 return 0x01180001; 1210 case CSR_IRQ_CFG: 1211 return s->irq_cfg; 1212 case CSR_INT_STS: 1213 return s->int_sts; 1214 case CSR_INT_EN: 1215 return s->int_en; 1216 case CSR_BYTE_TEST: 1217 return 0x87654321; 1218 case CSR_FIFO_INT: 1219 return s->fifo_int; 1220 case CSR_RX_CFG: 1221 return s->rx_cfg; 1222 case CSR_TX_CFG: 1223 return s->tx_cfg; 1224 case CSR_HW_CFG: 1225 return s->hw_cfg; 1226 case CSR_RX_DP_CTRL: 1227 return 0; 1228 case CSR_RX_FIFO_INF: 1229 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2); 1230 case CSR_TX_FIFO_INF: 1231 return (s->tx_status_fifo_used << 16) 1232 | (s->tx_fifo_size - s->txp->fifo_used); 1233 case CSR_PMT_CTRL: 1234 return s->pmt_ctrl; 1235 case CSR_GPIO_CFG: 1236 return s->gpio_cfg; 1237 case CSR_GPT_CFG: 1238 return s->gpt_cfg; 1239 case CSR_GPT_CNT: 1240 return ptimer_get_count(s->timer); 1241 case CSR_WORD_SWAP: 1242 return s->word_swap; 1243 case CSR_FREE_RUN: 1244 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start; 1245 case CSR_RX_DROP: 1246 /* TODO: Implement dropped frames counter. */ 1247 return 0; 1248 case CSR_MAC_CSR_CMD: 1249 return s->mac_cmd; 1250 case CSR_MAC_CSR_DATA: 1251 return s->mac_data; 1252 case CSR_AFC_CFG: 1253 return s->afc_cfg; 1254 case CSR_E2P_CMD: 1255 return s->e2p_cmd; 1256 case CSR_E2P_DATA: 1257 return s->e2p_data; 1258 } 1259 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset); 1260 return 0; 1261 } 1262 1263 static uint32_t lan9118_readw(void *opaque, hwaddr offset) 1264 { 1265 lan9118_state *s = (lan9118_state *)opaque; 1266 uint32_t val; 1267 1268 if (s->read_word_prev_offset != (offset & ~0x3)) { 1269 /* New offset, reset word counter */ 1270 s->read_word_n = 0; 1271 s->read_word_prev_offset = offset & ~0x3; 1272 } 1273 1274 s->read_word_n++; 1275 if (s->read_word_n == 1) { 1276 s->read_long = lan9118_readl(s, offset & ~3, 4); 1277 } else { 1278 s->read_word_n = 0; 1279 } 1280 1281 if (offset & 2) { 1282 val = s->read_long >> 16; 1283 } else { 1284 val = s->read_long & 0xFFFF; 1285 } 1286 1287 //DPRINTF("Readw reg 0x%02x, val 0x%x\n", (int)offset, val); 1288 return val; 1289 } 1290 1291 static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset, 1292 unsigned size) 1293 { 1294 switch (size) { 1295 case 2: 1296 return lan9118_readw(opaque, offset); 1297 case 4: 1298 return lan9118_readl(opaque, offset, size); 1299 } 1300 1301 hw_error("lan9118_read: Bad size 0x%x\n", size); 1302 return 0; 1303 } 1304 1305 static const MemoryRegionOps lan9118_mem_ops = { 1306 .read = lan9118_readl, 1307 .write = lan9118_writel, 1308 .endianness = DEVICE_NATIVE_ENDIAN, 1309 }; 1310 1311 static const MemoryRegionOps lan9118_16bit_mem_ops = { 1312 .read = lan9118_16bit_mode_read, 1313 .write = lan9118_16bit_mode_write, 1314 .endianness = DEVICE_NATIVE_ENDIAN, 1315 }; 1316 1317 static NetClientInfo net_lan9118_info = { 1318 .type = NET_CLIENT_DRIVER_NIC, 1319 .size = sizeof(NICState), 1320 .receive = lan9118_receive, 1321 .link_status_changed = lan9118_set_link, 1322 }; 1323 1324 static void lan9118_realize(DeviceState *dev, Error **errp) 1325 { 1326 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1327 lan9118_state *s = LAN9118(dev); 1328 QEMUBH *bh; 1329 int i; 1330 const MemoryRegionOps *mem_ops = 1331 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops; 1332 1333 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s, 1334 "lan9118-mmio", 0x100); 1335 sysbus_init_mmio(sbd, &s->mmio); 1336 sysbus_init_irq(sbd, &s->irq); 1337 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1338 1339 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf, 1340 object_get_typename(OBJECT(dev)), dev->id, s); 1341 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1342 s->eeprom[0] = 0xa5; 1343 for (i = 0; i < 6; i++) { 1344 s->eeprom[i + 1] = s->conf.macaddr.a[i]; 1345 } 1346 s->pmt_ctrl = 1; 1347 s->txp = &s->tx_packet; 1348 1349 bh = qemu_bh_new(lan9118_tick, s); 1350 s->timer = ptimer_init(bh, PTIMER_POLICY_DEFAULT); 1351 ptimer_set_freq(s->timer, 10000); 1352 ptimer_set_limit(s->timer, 0xffff, 1); 1353 } 1354 1355 static Property lan9118_properties[] = { 1356 DEFINE_NIC_PROPERTIES(lan9118_state, conf), 1357 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0), 1358 DEFINE_PROP_END_OF_LIST(), 1359 }; 1360 1361 static void lan9118_class_init(ObjectClass *klass, void *data) 1362 { 1363 DeviceClass *dc = DEVICE_CLASS(klass); 1364 1365 dc->reset = lan9118_reset; 1366 dc->props = lan9118_properties; 1367 dc->vmsd = &vmstate_lan9118; 1368 dc->realize = lan9118_realize; 1369 } 1370 1371 static const TypeInfo lan9118_info = { 1372 .name = TYPE_LAN9118, 1373 .parent = TYPE_SYS_BUS_DEVICE, 1374 .instance_size = sizeof(lan9118_state), 1375 .class_init = lan9118_class_init, 1376 }; 1377 1378 static void lan9118_register_types(void) 1379 { 1380 type_register_static(&lan9118_info); 1381 } 1382 1383 /* Legacy helper function. Should go away when machine config files are 1384 implemented. */ 1385 void lan9118_init(NICInfo *nd, uint32_t base, qemu_irq irq) 1386 { 1387 DeviceState *dev; 1388 SysBusDevice *s; 1389 1390 qemu_check_nic_model(nd, "lan9118"); 1391 dev = qdev_create(NULL, TYPE_LAN9118); 1392 qdev_set_nic_properties(dev, nd); 1393 qdev_init_nofail(dev); 1394 s = SYS_BUS_DEVICE(dev); 1395 sysbus_mmio_map(s, 0, base); 1396 sysbus_connect_irq(s, 0, irq); 1397 } 1398 1399 type_init(lan9118_register_types) 1400