1 /* 2 * SMSC LAN9118 Ethernet interface emulation 3 * 4 * Copyright (c) 2009 CodeSourcery, LLC. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GNU GPL v2 8 * 9 * Contributions after 2012-01-13 are licensed under the terms of the 10 * GNU GPL, version 2 or (at your option) any later version. 11 */ 12 13 #include "hw/sysbus.h" 14 #include "net/net.h" 15 #include "hw/devices.h" 16 #include "sysemu/sysemu.h" 17 #include "hw/ptimer.h" 18 /* For crc32 */ 19 #include <zlib.h> 20 21 //#define DEBUG_LAN9118 22 23 #ifdef DEBUG_LAN9118 24 #define DPRINTF(fmt, ...) \ 25 do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0) 26 #define BADF(fmt, ...) \ 27 do { hw_error("lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 28 #else 29 #define DPRINTF(fmt, ...) do {} while(0) 30 #define BADF(fmt, ...) \ 31 do { fprintf(stderr, "lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 32 #endif 33 34 #define CSR_ID_REV 0x50 35 #define CSR_IRQ_CFG 0x54 36 #define CSR_INT_STS 0x58 37 #define CSR_INT_EN 0x5c 38 #define CSR_BYTE_TEST 0x64 39 #define CSR_FIFO_INT 0x68 40 #define CSR_RX_CFG 0x6c 41 #define CSR_TX_CFG 0x70 42 #define CSR_HW_CFG 0x74 43 #define CSR_RX_DP_CTRL 0x78 44 #define CSR_RX_FIFO_INF 0x7c 45 #define CSR_TX_FIFO_INF 0x80 46 #define CSR_PMT_CTRL 0x84 47 #define CSR_GPIO_CFG 0x88 48 #define CSR_GPT_CFG 0x8c 49 #define CSR_GPT_CNT 0x90 50 #define CSR_WORD_SWAP 0x98 51 #define CSR_FREE_RUN 0x9c 52 #define CSR_RX_DROP 0xa0 53 #define CSR_MAC_CSR_CMD 0xa4 54 #define CSR_MAC_CSR_DATA 0xa8 55 #define CSR_AFC_CFG 0xac 56 #define CSR_E2P_CMD 0xb0 57 #define CSR_E2P_DATA 0xb4 58 59 #define E2P_CMD_MAC_ADDR_LOADED 0x100 60 61 /* IRQ_CFG */ 62 #define IRQ_INT 0x00001000 63 #define IRQ_EN 0x00000100 64 #define IRQ_POL 0x00000010 65 #define IRQ_TYPE 0x00000001 66 67 /* INT_STS/INT_EN */ 68 #define SW_INT 0x80000000 69 #define TXSTOP_INT 0x02000000 70 #define RXSTOP_INT 0x01000000 71 #define RXDFH_INT 0x00800000 72 #define TX_IOC_INT 0x00200000 73 #define RXD_INT 0x00100000 74 #define GPT_INT 0x00080000 75 #define PHY_INT 0x00040000 76 #define PME_INT 0x00020000 77 #define TXSO_INT 0x00010000 78 #define RWT_INT 0x00008000 79 #define RXE_INT 0x00004000 80 #define TXE_INT 0x00002000 81 #define TDFU_INT 0x00000800 82 #define TDFO_INT 0x00000400 83 #define TDFA_INT 0x00000200 84 #define TSFF_INT 0x00000100 85 #define TSFL_INT 0x00000080 86 #define RXDF_INT 0x00000040 87 #define RDFL_INT 0x00000020 88 #define RSFF_INT 0x00000010 89 #define RSFL_INT 0x00000008 90 #define GPIO2_INT 0x00000004 91 #define GPIO1_INT 0x00000002 92 #define GPIO0_INT 0x00000001 93 #define RESERVED_INT 0x7c001000 94 95 #define MAC_CR 1 96 #define MAC_ADDRH 2 97 #define MAC_ADDRL 3 98 #define MAC_HASHH 4 99 #define MAC_HASHL 5 100 #define MAC_MII_ACC 6 101 #define MAC_MII_DATA 7 102 #define MAC_FLOW 8 103 #define MAC_VLAN1 9 /* TODO */ 104 #define MAC_VLAN2 10 /* TODO */ 105 #define MAC_WUFF 11 /* TODO */ 106 #define MAC_WUCSR 12 /* TODO */ 107 108 #define MAC_CR_RXALL 0x80000000 109 #define MAC_CR_RCVOWN 0x00800000 110 #define MAC_CR_LOOPBK 0x00200000 111 #define MAC_CR_FDPX 0x00100000 112 #define MAC_CR_MCPAS 0x00080000 113 #define MAC_CR_PRMS 0x00040000 114 #define MAC_CR_INVFILT 0x00020000 115 #define MAC_CR_PASSBAD 0x00010000 116 #define MAC_CR_HO 0x00008000 117 #define MAC_CR_HPFILT 0x00002000 118 #define MAC_CR_LCOLL 0x00001000 119 #define MAC_CR_BCAST 0x00000800 120 #define MAC_CR_DISRTY 0x00000400 121 #define MAC_CR_PADSTR 0x00000100 122 #define MAC_CR_BOLMT 0x000000c0 123 #define MAC_CR_DFCHK 0x00000020 124 #define MAC_CR_TXEN 0x00000008 125 #define MAC_CR_RXEN 0x00000004 126 #define MAC_CR_RESERVED 0x7f404213 127 128 #define PHY_INT_ENERGYON 0x80 129 #define PHY_INT_AUTONEG_COMPLETE 0x40 130 #define PHY_INT_FAULT 0x20 131 #define PHY_INT_DOWN 0x10 132 #define PHY_INT_AUTONEG_LP 0x08 133 #define PHY_INT_PARFAULT 0x04 134 #define PHY_INT_AUTONEG_PAGE 0x02 135 136 #define GPT_TIMER_EN 0x20000000 137 138 enum tx_state { 139 TX_IDLE, 140 TX_B, 141 TX_DATA 142 }; 143 144 typedef struct { 145 /* state is a tx_state but we can't put enums in VMStateDescriptions. */ 146 uint32_t state; 147 uint32_t cmd_a; 148 uint32_t cmd_b; 149 int32_t buffer_size; 150 int32_t offset; 151 int32_t pad; 152 int32_t fifo_used; 153 int32_t len; 154 uint8_t data[2048]; 155 } LAN9118Packet; 156 157 static const VMStateDescription vmstate_lan9118_packet = { 158 .name = "lan9118_packet", 159 .version_id = 1, 160 .minimum_version_id = 1, 161 .fields = (VMStateField[]) { 162 VMSTATE_UINT32(state, LAN9118Packet), 163 VMSTATE_UINT32(cmd_a, LAN9118Packet), 164 VMSTATE_UINT32(cmd_b, LAN9118Packet), 165 VMSTATE_INT32(buffer_size, LAN9118Packet), 166 VMSTATE_INT32(offset, LAN9118Packet), 167 VMSTATE_INT32(pad, LAN9118Packet), 168 VMSTATE_INT32(fifo_used, LAN9118Packet), 169 VMSTATE_INT32(len, LAN9118Packet), 170 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, 2048), 171 VMSTATE_END_OF_LIST() 172 } 173 }; 174 175 #define TYPE_LAN9118 "lan9118" 176 #define LAN9118(obj) OBJECT_CHECK(lan9118_state, (obj), TYPE_LAN9118) 177 178 typedef struct { 179 SysBusDevice parent_obj; 180 181 NICState *nic; 182 NICConf conf; 183 qemu_irq irq; 184 MemoryRegion mmio; 185 ptimer_state *timer; 186 187 uint32_t irq_cfg; 188 uint32_t int_sts; 189 uint32_t int_en; 190 uint32_t fifo_int; 191 uint32_t rx_cfg; 192 uint32_t tx_cfg; 193 uint32_t hw_cfg; 194 uint32_t pmt_ctrl; 195 uint32_t gpio_cfg; 196 uint32_t gpt_cfg; 197 uint32_t word_swap; 198 uint32_t free_timer_start; 199 uint32_t mac_cmd; 200 uint32_t mac_data; 201 uint32_t afc_cfg; 202 uint32_t e2p_cmd; 203 uint32_t e2p_data; 204 205 uint32_t mac_cr; 206 uint32_t mac_hashh; 207 uint32_t mac_hashl; 208 uint32_t mac_mii_acc; 209 uint32_t mac_mii_data; 210 uint32_t mac_flow; 211 212 uint32_t phy_status; 213 uint32_t phy_control; 214 uint32_t phy_advertise; 215 uint32_t phy_int; 216 uint32_t phy_int_mask; 217 218 int32_t eeprom_writable; 219 uint8_t eeprom[128]; 220 221 int32_t tx_fifo_size; 222 LAN9118Packet *txp; 223 LAN9118Packet tx_packet; 224 225 int32_t tx_status_fifo_used; 226 int32_t tx_status_fifo_head; 227 uint32_t tx_status_fifo[512]; 228 229 int32_t rx_status_fifo_size; 230 int32_t rx_status_fifo_used; 231 int32_t rx_status_fifo_head; 232 uint32_t rx_status_fifo[896]; 233 int32_t rx_fifo_size; 234 int32_t rx_fifo_used; 235 int32_t rx_fifo_head; 236 uint32_t rx_fifo[3360]; 237 int32_t rx_packet_size_head; 238 int32_t rx_packet_size_tail; 239 int32_t rx_packet_size[1024]; 240 241 int32_t rxp_offset; 242 int32_t rxp_size; 243 int32_t rxp_pad; 244 245 uint32_t write_word_prev_offset; 246 uint32_t write_word_n; 247 uint16_t write_word_l; 248 uint16_t write_word_h; 249 uint32_t read_word_prev_offset; 250 uint32_t read_word_n; 251 uint32_t read_long; 252 253 uint32_t mode_16bit; 254 } lan9118_state; 255 256 static const VMStateDescription vmstate_lan9118 = { 257 .name = "lan9118", 258 .version_id = 2, 259 .minimum_version_id = 1, 260 .fields = (VMStateField[]) { 261 VMSTATE_PTIMER(timer, lan9118_state), 262 VMSTATE_UINT32(irq_cfg, lan9118_state), 263 VMSTATE_UINT32(int_sts, lan9118_state), 264 VMSTATE_UINT32(int_en, lan9118_state), 265 VMSTATE_UINT32(fifo_int, lan9118_state), 266 VMSTATE_UINT32(rx_cfg, lan9118_state), 267 VMSTATE_UINT32(tx_cfg, lan9118_state), 268 VMSTATE_UINT32(hw_cfg, lan9118_state), 269 VMSTATE_UINT32(pmt_ctrl, lan9118_state), 270 VMSTATE_UINT32(gpio_cfg, lan9118_state), 271 VMSTATE_UINT32(gpt_cfg, lan9118_state), 272 VMSTATE_UINT32(word_swap, lan9118_state), 273 VMSTATE_UINT32(free_timer_start, lan9118_state), 274 VMSTATE_UINT32(mac_cmd, lan9118_state), 275 VMSTATE_UINT32(mac_data, lan9118_state), 276 VMSTATE_UINT32(afc_cfg, lan9118_state), 277 VMSTATE_UINT32(e2p_cmd, lan9118_state), 278 VMSTATE_UINT32(e2p_data, lan9118_state), 279 VMSTATE_UINT32(mac_cr, lan9118_state), 280 VMSTATE_UINT32(mac_hashh, lan9118_state), 281 VMSTATE_UINT32(mac_hashl, lan9118_state), 282 VMSTATE_UINT32(mac_mii_acc, lan9118_state), 283 VMSTATE_UINT32(mac_mii_data, lan9118_state), 284 VMSTATE_UINT32(mac_flow, lan9118_state), 285 VMSTATE_UINT32(phy_status, lan9118_state), 286 VMSTATE_UINT32(phy_control, lan9118_state), 287 VMSTATE_UINT32(phy_advertise, lan9118_state), 288 VMSTATE_UINT32(phy_int, lan9118_state), 289 VMSTATE_UINT32(phy_int_mask, lan9118_state), 290 VMSTATE_INT32(eeprom_writable, lan9118_state), 291 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128), 292 VMSTATE_INT32(tx_fifo_size, lan9118_state), 293 /* txp always points at tx_packet so need not be saved */ 294 VMSTATE_STRUCT(tx_packet, lan9118_state, 0, 295 vmstate_lan9118_packet, LAN9118Packet), 296 VMSTATE_INT32(tx_status_fifo_used, lan9118_state), 297 VMSTATE_INT32(tx_status_fifo_head, lan9118_state), 298 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512), 299 VMSTATE_INT32(rx_status_fifo_size, lan9118_state), 300 VMSTATE_INT32(rx_status_fifo_used, lan9118_state), 301 VMSTATE_INT32(rx_status_fifo_head, lan9118_state), 302 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896), 303 VMSTATE_INT32(rx_fifo_size, lan9118_state), 304 VMSTATE_INT32(rx_fifo_used, lan9118_state), 305 VMSTATE_INT32(rx_fifo_head, lan9118_state), 306 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360), 307 VMSTATE_INT32(rx_packet_size_head, lan9118_state), 308 VMSTATE_INT32(rx_packet_size_tail, lan9118_state), 309 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024), 310 VMSTATE_INT32(rxp_offset, lan9118_state), 311 VMSTATE_INT32(rxp_size, lan9118_state), 312 VMSTATE_INT32(rxp_pad, lan9118_state), 313 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2), 314 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2), 315 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2), 316 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2), 317 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2), 318 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2), 319 VMSTATE_UINT32_V(read_long, lan9118_state, 2), 320 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2), 321 VMSTATE_END_OF_LIST() 322 } 323 }; 324 325 static void lan9118_update(lan9118_state *s) 326 { 327 int level; 328 329 /* TODO: Implement FIFO level IRQs. */ 330 level = (s->int_sts & s->int_en) != 0; 331 if (level) { 332 s->irq_cfg |= IRQ_INT; 333 } else { 334 s->irq_cfg &= ~IRQ_INT; 335 } 336 if ((s->irq_cfg & IRQ_EN) == 0) { 337 level = 0; 338 } 339 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { 340 /* Interrupt is active low unless we're configured as 341 * active-high polarity, push-pull type. 342 */ 343 level = !level; 344 } 345 qemu_set_irq(s->irq, level); 346 } 347 348 static void lan9118_mac_changed(lan9118_state *s) 349 { 350 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 351 } 352 353 static void lan9118_reload_eeprom(lan9118_state *s) 354 { 355 int i; 356 if (s->eeprom[0] != 0xa5) { 357 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED; 358 DPRINTF("MACADDR load failed\n"); 359 return; 360 } 361 for (i = 0; i < 6; i++) { 362 s->conf.macaddr.a[i] = s->eeprom[i + 1]; 363 } 364 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED; 365 DPRINTF("MACADDR loaded from eeprom\n"); 366 lan9118_mac_changed(s); 367 } 368 369 static void phy_update_irq(lan9118_state *s) 370 { 371 if (s->phy_int & s->phy_int_mask) { 372 s->int_sts |= PHY_INT; 373 } else { 374 s->int_sts &= ~PHY_INT; 375 } 376 lan9118_update(s); 377 } 378 379 static void phy_update_link(lan9118_state *s) 380 { 381 /* Autonegotiation status mirrors link status. */ 382 if (qemu_get_queue(s->nic)->link_down) { 383 s->phy_status &= ~0x0024; 384 s->phy_int |= PHY_INT_DOWN; 385 } else { 386 s->phy_status |= 0x0024; 387 s->phy_int |= PHY_INT_ENERGYON; 388 s->phy_int |= PHY_INT_AUTONEG_COMPLETE; 389 } 390 phy_update_irq(s); 391 } 392 393 static void lan9118_set_link(NetClientState *nc) 394 { 395 phy_update_link(qemu_get_nic_opaque(nc)); 396 } 397 398 static void phy_reset(lan9118_state *s) 399 { 400 s->phy_status = 0x7809; 401 s->phy_control = 0x3000; 402 s->phy_advertise = 0x01e1; 403 s->phy_int_mask = 0; 404 s->phy_int = 0; 405 phy_update_link(s); 406 } 407 408 static void lan9118_reset(DeviceState *d) 409 { 410 lan9118_state *s = LAN9118(d); 411 412 s->irq_cfg &= (IRQ_TYPE | IRQ_POL); 413 s->int_sts = 0; 414 s->int_en = 0; 415 s->fifo_int = 0x48000000; 416 s->rx_cfg = 0; 417 s->tx_cfg = 0; 418 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004; 419 s->pmt_ctrl &= 0x45; 420 s->gpio_cfg = 0; 421 s->txp->fifo_used = 0; 422 s->txp->state = TX_IDLE; 423 s->txp->cmd_a = 0xffffffffu; 424 s->txp->cmd_b = 0xffffffffu; 425 s->txp->len = 0; 426 s->txp->fifo_used = 0; 427 s->tx_fifo_size = 4608; 428 s->tx_status_fifo_used = 0; 429 s->rx_status_fifo_size = 704; 430 s->rx_fifo_size = 2640; 431 s->rx_fifo_used = 0; 432 s->rx_status_fifo_size = 176; 433 s->rx_status_fifo_used = 0; 434 s->rxp_offset = 0; 435 s->rxp_size = 0; 436 s->rxp_pad = 0; 437 s->rx_packet_size_tail = s->rx_packet_size_head; 438 s->rx_packet_size[s->rx_packet_size_head] = 0; 439 s->mac_cmd = 0; 440 s->mac_data = 0; 441 s->afc_cfg = 0; 442 s->e2p_cmd = 0; 443 s->e2p_data = 0; 444 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40; 445 446 ptimer_stop(s->timer); 447 ptimer_set_count(s->timer, 0xffff); 448 s->gpt_cfg = 0xffff; 449 450 s->mac_cr = MAC_CR_PRMS; 451 s->mac_hashh = 0; 452 s->mac_hashl = 0; 453 s->mac_mii_acc = 0; 454 s->mac_mii_data = 0; 455 s->mac_flow = 0; 456 457 s->read_word_n = 0; 458 s->write_word_n = 0; 459 460 phy_reset(s); 461 462 s->eeprom_writable = 0; 463 lan9118_reload_eeprom(s); 464 } 465 466 static void rx_fifo_push(lan9118_state *s, uint32_t val) 467 { 468 int fifo_pos; 469 fifo_pos = s->rx_fifo_head + s->rx_fifo_used; 470 if (fifo_pos >= s->rx_fifo_size) 471 fifo_pos -= s->rx_fifo_size; 472 s->rx_fifo[fifo_pos] = val; 473 s->rx_fifo_used++; 474 } 475 476 /* Return nonzero if the packet is accepted by the filter. */ 477 static int lan9118_filter(lan9118_state *s, const uint8_t *addr) 478 { 479 int multicast; 480 uint32_t hash; 481 482 if (s->mac_cr & MAC_CR_PRMS) { 483 return 1; 484 } 485 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff && 486 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) { 487 return (s->mac_cr & MAC_CR_BCAST) == 0; 488 } 489 490 multicast = addr[0] & 1; 491 if (multicast &&s->mac_cr & MAC_CR_MCPAS) { 492 return 1; 493 } 494 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0 495 : (s->mac_cr & MAC_CR_HO) == 0) { 496 /* Exact matching. */ 497 hash = memcmp(addr, s->conf.macaddr.a, 6); 498 if (s->mac_cr & MAC_CR_INVFILT) { 499 return hash != 0; 500 } else { 501 return hash == 0; 502 } 503 } else { 504 /* Hash matching */ 505 hash = compute_mcast_idx(addr); 506 if (hash & 0x20) { 507 return (s->mac_hashh >> (hash & 0x1f)) & 1; 508 } else { 509 return (s->mac_hashl >> (hash & 0x1f)) & 1; 510 } 511 } 512 } 513 514 static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf, 515 size_t size) 516 { 517 lan9118_state *s = qemu_get_nic_opaque(nc); 518 int fifo_len; 519 int offset; 520 int src_pos; 521 int n; 522 int filter; 523 uint32_t val; 524 uint32_t crc; 525 uint32_t status; 526 527 if ((s->mac_cr & MAC_CR_RXEN) == 0) { 528 return -1; 529 } 530 531 if (size >= 2048 || size < 14) { 532 return -1; 533 } 534 535 /* TODO: Implement FIFO overflow notification. */ 536 if (s->rx_status_fifo_used == s->rx_status_fifo_size) { 537 return -1; 538 } 539 540 filter = lan9118_filter(s, buf); 541 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) { 542 return size; 543 } 544 545 offset = (s->rx_cfg >> 8) & 0x1f; 546 n = offset & 3; 547 fifo_len = (size + n + 3) >> 2; 548 /* Add a word for the CRC. */ 549 fifo_len++; 550 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) { 551 return -1; 552 } 553 554 DPRINTF("Got packet len:%d fifo:%d filter:%s\n", 555 (int)size, fifo_len, filter ? "pass" : "fail"); 556 val = 0; 557 crc = bswap32(crc32(~0, buf, size)); 558 for (src_pos = 0; src_pos < size; src_pos++) { 559 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24); 560 n++; 561 if (n == 4) { 562 n = 0; 563 rx_fifo_push(s, val); 564 val = 0; 565 } 566 } 567 if (n) { 568 val >>= ((4 - n) * 8); 569 val |= crc << (n * 8); 570 rx_fifo_push(s, val); 571 val = crc >> ((4 - n) * 8); 572 rx_fifo_push(s, val); 573 } else { 574 rx_fifo_push(s, crc); 575 } 576 n = s->rx_status_fifo_head + s->rx_status_fifo_used; 577 if (n >= s->rx_status_fifo_size) { 578 n -= s->rx_status_fifo_size; 579 } 580 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len; 581 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023; 582 s->rx_status_fifo_used++; 583 584 status = (size + 4) << 16; 585 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff && 586 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) { 587 status |= 0x00002000; 588 } else if (buf[0] & 1) { 589 status |= 0x00000400; 590 } 591 if (!filter) { 592 status |= 0x40000000; 593 } 594 s->rx_status_fifo[n] = status; 595 596 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) { 597 s->int_sts |= RSFL_INT; 598 } 599 lan9118_update(s); 600 601 return size; 602 } 603 604 static uint32_t rx_fifo_pop(lan9118_state *s) 605 { 606 int n; 607 uint32_t val; 608 609 if (s->rxp_size == 0 && s->rxp_pad == 0) { 610 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head]; 611 s->rx_packet_size[s->rx_packet_size_head] = 0; 612 if (s->rxp_size != 0) { 613 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023; 614 s->rxp_offset = (s->rx_cfg >> 10) & 7; 615 n = s->rxp_offset + s->rxp_size; 616 switch (s->rx_cfg >> 30) { 617 case 1: 618 n = (-n) & 3; 619 break; 620 case 2: 621 n = (-n) & 7; 622 break; 623 default: 624 n = 0; 625 break; 626 } 627 s->rxp_pad = n; 628 DPRINTF("Pop packet size:%d offset:%d pad: %d\n", 629 s->rxp_size, s->rxp_offset, s->rxp_pad); 630 } 631 } 632 if (s->rxp_offset > 0) { 633 s->rxp_offset--; 634 val = 0; 635 } else if (s->rxp_size > 0) { 636 s->rxp_size--; 637 val = s->rx_fifo[s->rx_fifo_head++]; 638 if (s->rx_fifo_head >= s->rx_fifo_size) { 639 s->rx_fifo_head -= s->rx_fifo_size; 640 } 641 s->rx_fifo_used--; 642 } else if (s->rxp_pad > 0) { 643 s->rxp_pad--; 644 val = 0; 645 } else { 646 DPRINTF("RX underflow\n"); 647 s->int_sts |= RXE_INT; 648 val = 0; 649 } 650 lan9118_update(s); 651 return val; 652 } 653 654 static void do_tx_packet(lan9118_state *s) 655 { 656 int n; 657 uint32_t status; 658 659 /* FIXME: Honor TX disable, and allow queueing of packets. */ 660 if (s->phy_control & 0x4000) { 661 /* This assumes the receive routine doesn't touch the VLANClient. */ 662 lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 663 } else { 664 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 665 } 666 s->txp->fifo_used = 0; 667 668 if (s->tx_status_fifo_used == 512) { 669 /* Status FIFO full */ 670 return; 671 } 672 /* Add entry to status FIFO. */ 673 status = s->txp->cmd_b & 0xffff0000u; 674 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len); 675 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511; 676 s->tx_status_fifo[n] = status; 677 s->tx_status_fifo_used++; 678 if (s->tx_status_fifo_used == 512) { 679 s->int_sts |= TSFF_INT; 680 /* TODO: Stop transmission. */ 681 } 682 } 683 684 static uint32_t rx_status_fifo_pop(lan9118_state *s) 685 { 686 uint32_t val; 687 688 val = s->rx_status_fifo[s->rx_status_fifo_head]; 689 if (s->rx_status_fifo_used != 0) { 690 s->rx_status_fifo_used--; 691 s->rx_status_fifo_head++; 692 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) { 693 s->rx_status_fifo_head -= s->rx_status_fifo_size; 694 } 695 /* ??? What value should be returned when the FIFO is empty? */ 696 DPRINTF("RX status pop 0x%08x\n", val); 697 } 698 return val; 699 } 700 701 static uint32_t tx_status_fifo_pop(lan9118_state *s) 702 { 703 uint32_t val; 704 705 val = s->tx_status_fifo[s->tx_status_fifo_head]; 706 if (s->tx_status_fifo_used != 0) { 707 s->tx_status_fifo_used--; 708 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511; 709 /* ??? What value should be returned when the FIFO is empty? */ 710 } 711 return val; 712 } 713 714 static void tx_fifo_push(lan9118_state *s, uint32_t val) 715 { 716 int n; 717 718 if (s->txp->fifo_used == s->tx_fifo_size) { 719 s->int_sts |= TDFO_INT; 720 return; 721 } 722 switch (s->txp->state) { 723 case TX_IDLE: 724 s->txp->cmd_a = val & 0x831f37ff; 725 s->txp->fifo_used++; 726 s->txp->state = TX_B; 727 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11); 728 s->txp->offset = extract32(s->txp->cmd_a, 16, 5); 729 break; 730 case TX_B: 731 if (s->txp->cmd_a & 0x2000) { 732 /* First segment */ 733 s->txp->cmd_b = val; 734 s->txp->fifo_used++; 735 /* End alignment does not include command words. */ 736 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2; 737 switch ((n >> 24) & 3) { 738 case 1: 739 n = (-n) & 3; 740 break; 741 case 2: 742 n = (-n) & 7; 743 break; 744 default: 745 n = 0; 746 } 747 s->txp->pad = n; 748 s->txp->len = 0; 749 } 750 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n", 751 s->txp->buffer_size, s->txp->offset, s->txp->pad, 752 s->txp->cmd_a); 753 s->txp->state = TX_DATA; 754 break; 755 case TX_DATA: 756 if (s->txp->offset >= 4) { 757 s->txp->offset -= 4; 758 break; 759 } 760 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) { 761 s->txp->pad--; 762 } else { 763 n = MIN(4, s->txp->buffer_size + s->txp->offset); 764 while (s->txp->offset) { 765 val >>= 8; 766 n--; 767 s->txp->offset--; 768 } 769 /* Documentation is somewhat unclear on the ordering of bytes 770 in FIFO words. Empirical results show it to be little-endian. 771 */ 772 /* TODO: FIFO overflow checking. */ 773 while (n--) { 774 s->txp->data[s->txp->len] = val & 0xff; 775 s->txp->len++; 776 val >>= 8; 777 s->txp->buffer_size--; 778 } 779 s->txp->fifo_used++; 780 } 781 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) { 782 if (s->txp->cmd_a & 0x1000) { 783 do_tx_packet(s); 784 } 785 if (s->txp->cmd_a & 0x80000000) { 786 s->int_sts |= TX_IOC_INT; 787 } 788 s->txp->state = TX_IDLE; 789 } 790 break; 791 } 792 } 793 794 static uint32_t do_phy_read(lan9118_state *s, int reg) 795 { 796 uint32_t val; 797 798 switch (reg) { 799 case 0: /* Basic Control */ 800 return s->phy_control; 801 case 1: /* Basic Status */ 802 return s->phy_status; 803 case 2: /* ID1 */ 804 return 0x0007; 805 case 3: /* ID2 */ 806 return 0xc0d1; 807 case 4: /* Auto-neg advertisement */ 808 return s->phy_advertise; 809 case 5: /* Auto-neg Link Partner Ability */ 810 return 0x0f71; 811 case 6: /* Auto-neg Expansion */ 812 return 1; 813 /* TODO 17, 18, 27, 29, 30, 31 */ 814 case 29: /* Interrupt source. */ 815 val = s->phy_int; 816 s->phy_int = 0; 817 phy_update_irq(s); 818 return val; 819 case 30: /* Interrupt mask */ 820 return s->phy_int_mask; 821 default: 822 BADF("PHY read reg %d\n", reg); 823 return 0; 824 } 825 } 826 827 static void do_phy_write(lan9118_state *s, int reg, uint32_t val) 828 { 829 switch (reg) { 830 case 0: /* Basic Control */ 831 if (val & 0x8000) { 832 phy_reset(s); 833 break; 834 } 835 s->phy_control = val & 0x7980; 836 /* Complete autonegotiation immediately. */ 837 if (val & 0x1000) { 838 s->phy_status |= 0x0020; 839 } 840 break; 841 case 4: /* Auto-neg advertisement */ 842 s->phy_advertise = (val & 0x2d7f) | 0x80; 843 break; 844 /* TODO 17, 18, 27, 31 */ 845 case 30: /* Interrupt mask */ 846 s->phy_int_mask = val & 0xff; 847 phy_update_irq(s); 848 break; 849 default: 850 BADF("PHY write reg %d = 0x%04x\n", reg, val); 851 } 852 } 853 854 static void do_mac_write(lan9118_state *s, int reg, uint32_t val) 855 { 856 switch (reg) { 857 case MAC_CR: 858 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) { 859 s->int_sts |= RXSTOP_INT; 860 } 861 s->mac_cr = val & ~MAC_CR_RESERVED; 862 DPRINTF("MAC_CR: %08x\n", val); 863 break; 864 case MAC_ADDRH: 865 s->conf.macaddr.a[4] = val & 0xff; 866 s->conf.macaddr.a[5] = (val >> 8) & 0xff; 867 lan9118_mac_changed(s); 868 break; 869 case MAC_ADDRL: 870 s->conf.macaddr.a[0] = val & 0xff; 871 s->conf.macaddr.a[1] = (val >> 8) & 0xff; 872 s->conf.macaddr.a[2] = (val >> 16) & 0xff; 873 s->conf.macaddr.a[3] = (val >> 24) & 0xff; 874 lan9118_mac_changed(s); 875 break; 876 case MAC_HASHH: 877 s->mac_hashh = val; 878 break; 879 case MAC_HASHL: 880 s->mac_hashl = val; 881 break; 882 case MAC_MII_ACC: 883 s->mac_mii_acc = val & 0xffc2; 884 if (val & 2) { 885 DPRINTF("PHY write %d = 0x%04x\n", 886 (val >> 6) & 0x1f, s->mac_mii_data); 887 do_phy_write(s, (val >> 6) & 0x1f, s->mac_mii_data); 888 } else { 889 s->mac_mii_data = do_phy_read(s, (val >> 6) & 0x1f); 890 DPRINTF("PHY read %d = 0x%04x\n", 891 (val >> 6) & 0x1f, s->mac_mii_data); 892 } 893 break; 894 case MAC_MII_DATA: 895 s->mac_mii_data = val & 0xffff; 896 break; 897 case MAC_FLOW: 898 s->mac_flow = val & 0xffff0000; 899 break; 900 case MAC_VLAN1: 901 /* Writing to this register changes a condition for 902 * FrameTooLong bit in rx_status. Since we do not set 903 * FrameTooLong anyway, just ignore write to this. 904 */ 905 break; 906 default: 907 qemu_log_mask(LOG_GUEST_ERROR, 908 "lan9118: Unimplemented MAC register write: %d = 0x%x\n", 909 s->mac_cmd & 0xf, val); 910 } 911 } 912 913 static uint32_t do_mac_read(lan9118_state *s, int reg) 914 { 915 switch (reg) { 916 case MAC_CR: 917 return s->mac_cr; 918 case MAC_ADDRH: 919 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8); 920 case MAC_ADDRL: 921 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8) 922 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24); 923 case MAC_HASHH: 924 return s->mac_hashh; 925 break; 926 case MAC_HASHL: 927 return s->mac_hashl; 928 break; 929 case MAC_MII_ACC: 930 return s->mac_mii_acc; 931 case MAC_MII_DATA: 932 return s->mac_mii_data; 933 case MAC_FLOW: 934 return s->mac_flow; 935 default: 936 qemu_log_mask(LOG_GUEST_ERROR, 937 "lan9118: Unimplemented MAC register read: %d\n", 938 s->mac_cmd & 0xf); 939 return 0; 940 } 941 } 942 943 static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr) 944 { 945 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr; 946 switch (cmd) { 947 case 0: 948 s->e2p_data = s->eeprom[addr]; 949 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data); 950 break; 951 case 1: 952 s->eeprom_writable = 0; 953 DPRINTF("EEPROM Write Disable\n"); 954 break; 955 case 2: /* EWEN */ 956 s->eeprom_writable = 1; 957 DPRINTF("EEPROM Write Enable\n"); 958 break; 959 case 3: /* WRITE */ 960 if (s->eeprom_writable) { 961 s->eeprom[addr] &= s->e2p_data; 962 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data); 963 } else { 964 DPRINTF("EEPROM Write %d (ignored)\n", addr); 965 } 966 break; 967 case 4: /* WRAL */ 968 if (s->eeprom_writable) { 969 for (addr = 0; addr < 128; addr++) { 970 s->eeprom[addr] &= s->e2p_data; 971 } 972 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data); 973 } else { 974 DPRINTF("EEPROM Write All (ignored)\n"); 975 } 976 break; 977 case 5: /* ERASE */ 978 if (s->eeprom_writable) { 979 s->eeprom[addr] = 0xff; 980 DPRINTF("EEPROM Erase %d\n", addr); 981 } else { 982 DPRINTF("EEPROM Erase %d (ignored)\n", addr); 983 } 984 break; 985 case 6: /* ERAL */ 986 if (s->eeprom_writable) { 987 memset(s->eeprom, 0xff, 128); 988 DPRINTF("EEPROM Erase All\n"); 989 } else { 990 DPRINTF("EEPROM Erase All (ignored)\n"); 991 } 992 break; 993 case 7: /* RELOAD */ 994 lan9118_reload_eeprom(s); 995 break; 996 } 997 } 998 999 static void lan9118_tick(void *opaque) 1000 { 1001 lan9118_state *s = (lan9118_state *)opaque; 1002 if (s->int_en & GPT_INT) { 1003 s->int_sts |= GPT_INT; 1004 } 1005 lan9118_update(s); 1006 } 1007 1008 static void lan9118_writel(void *opaque, hwaddr offset, 1009 uint64_t val, unsigned size) 1010 { 1011 lan9118_state *s = (lan9118_state *)opaque; 1012 offset &= 0xff; 1013 1014 //DPRINTF("Write reg 0x%02x = 0x%08x\n", (int)offset, val); 1015 if (offset >= 0x20 && offset < 0x40) { 1016 /* TX FIFO */ 1017 tx_fifo_push(s, val); 1018 return; 1019 } 1020 switch (offset) { 1021 case CSR_IRQ_CFG: 1022 /* TODO: Implement interrupt deassertion intervals. */ 1023 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); 1024 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; 1025 break; 1026 case CSR_INT_STS: 1027 s->int_sts &= ~val; 1028 break; 1029 case CSR_INT_EN: 1030 s->int_en = val & ~RESERVED_INT; 1031 s->int_sts |= val & SW_INT; 1032 break; 1033 case CSR_FIFO_INT: 1034 DPRINTF("FIFO INT levels %08x\n", val); 1035 s->fifo_int = val; 1036 break; 1037 case CSR_RX_CFG: 1038 if (val & 0x8000) { 1039 /* RX_DUMP */ 1040 s->rx_fifo_used = 0; 1041 s->rx_status_fifo_used = 0; 1042 s->rx_packet_size_tail = s->rx_packet_size_head; 1043 s->rx_packet_size[s->rx_packet_size_head] = 0; 1044 } 1045 s->rx_cfg = val & 0xcfff1ff0; 1046 break; 1047 case CSR_TX_CFG: 1048 if (val & 0x8000) { 1049 s->tx_status_fifo_used = 0; 1050 } 1051 if (val & 0x4000) { 1052 s->txp->state = TX_IDLE; 1053 s->txp->fifo_used = 0; 1054 s->txp->cmd_a = 0xffffffff; 1055 } 1056 s->tx_cfg = val & 6; 1057 break; 1058 case CSR_HW_CFG: 1059 if (val & 1) { 1060 /* SRST */ 1061 lan9118_reset(DEVICE(s)); 1062 } else { 1063 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4); 1064 } 1065 break; 1066 case CSR_RX_DP_CTRL: 1067 if (val & 0x80000000) { 1068 /* Skip forward to next packet. */ 1069 s->rxp_pad = 0; 1070 s->rxp_offset = 0; 1071 if (s->rxp_size == 0) { 1072 /* Pop a word to start the next packet. */ 1073 rx_fifo_pop(s); 1074 s->rxp_pad = 0; 1075 s->rxp_offset = 0; 1076 } 1077 s->rx_fifo_head += s->rxp_size; 1078 if (s->rx_fifo_head >= s->rx_fifo_size) { 1079 s->rx_fifo_head -= s->rx_fifo_size; 1080 } 1081 } 1082 break; 1083 case CSR_PMT_CTRL: 1084 if (val & 0x400) { 1085 phy_reset(s); 1086 } 1087 s->pmt_ctrl &= ~0x34e; 1088 s->pmt_ctrl |= (val & 0x34e); 1089 break; 1090 case CSR_GPIO_CFG: 1091 /* Probably just enabling LEDs. */ 1092 s->gpio_cfg = val & 0x7777071f; 1093 break; 1094 case CSR_GPT_CFG: 1095 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) { 1096 if (val & GPT_TIMER_EN) { 1097 ptimer_set_count(s->timer, val & 0xffff); 1098 ptimer_run(s->timer, 0); 1099 } else { 1100 ptimer_stop(s->timer); 1101 ptimer_set_count(s->timer, 0xffff); 1102 } 1103 } 1104 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff); 1105 break; 1106 case CSR_WORD_SWAP: 1107 /* Ignored because we're in 32-bit mode. */ 1108 s->word_swap = val; 1109 break; 1110 case CSR_MAC_CSR_CMD: 1111 s->mac_cmd = val & 0x4000000f; 1112 if (val & 0x80000000) { 1113 if (val & 0x40000000) { 1114 s->mac_data = do_mac_read(s, val & 0xf); 1115 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data); 1116 } else { 1117 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data); 1118 do_mac_write(s, val & 0xf, s->mac_data); 1119 } 1120 } 1121 break; 1122 case CSR_MAC_CSR_DATA: 1123 s->mac_data = val; 1124 break; 1125 case CSR_AFC_CFG: 1126 s->afc_cfg = val & 0x00ffffff; 1127 break; 1128 case CSR_E2P_CMD: 1129 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f); 1130 break; 1131 case CSR_E2P_DATA: 1132 s->e2p_data = val & 0xff; 1133 break; 1134 1135 default: 1136 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n", 1137 (int)offset, (int)val); 1138 break; 1139 } 1140 lan9118_update(s); 1141 } 1142 1143 static void lan9118_writew(void *opaque, hwaddr offset, 1144 uint32_t val) 1145 { 1146 lan9118_state *s = (lan9118_state *)opaque; 1147 offset &= 0xff; 1148 1149 if (s->write_word_prev_offset != (offset & ~0x3)) { 1150 /* New offset, reset word counter */ 1151 s->write_word_n = 0; 1152 s->write_word_prev_offset = offset & ~0x3; 1153 } 1154 1155 if (offset & 0x2) { 1156 s->write_word_h = val; 1157 } else { 1158 s->write_word_l = val; 1159 } 1160 1161 //DPRINTF("Writew reg 0x%02x = 0x%08x\n", (int)offset, val); 1162 s->write_word_n++; 1163 if (s->write_word_n == 2) { 1164 s->write_word_n = 0; 1165 lan9118_writel(s, offset & ~3, s->write_word_l + 1166 (s->write_word_h << 16), 4); 1167 } 1168 } 1169 1170 static void lan9118_16bit_mode_write(void *opaque, hwaddr offset, 1171 uint64_t val, unsigned size) 1172 { 1173 switch (size) { 1174 case 2: 1175 lan9118_writew(opaque, offset, (uint32_t)val); 1176 return; 1177 case 4: 1178 lan9118_writel(opaque, offset, val, size); 1179 return; 1180 } 1181 1182 hw_error("lan9118_write: Bad size 0x%x\n", size); 1183 } 1184 1185 static uint64_t lan9118_readl(void *opaque, hwaddr offset, 1186 unsigned size) 1187 { 1188 lan9118_state *s = (lan9118_state *)opaque; 1189 1190 //DPRINTF("Read reg 0x%02x\n", (int)offset); 1191 if (offset < 0x20) { 1192 /* RX FIFO */ 1193 return rx_fifo_pop(s); 1194 } 1195 switch (offset) { 1196 case 0x40: 1197 return rx_status_fifo_pop(s); 1198 case 0x44: 1199 return s->rx_status_fifo[s->tx_status_fifo_head]; 1200 case 0x48: 1201 return tx_status_fifo_pop(s); 1202 case 0x4c: 1203 return s->tx_status_fifo[s->tx_status_fifo_head]; 1204 case CSR_ID_REV: 1205 return 0x01180001; 1206 case CSR_IRQ_CFG: 1207 return s->irq_cfg; 1208 case CSR_INT_STS: 1209 return s->int_sts; 1210 case CSR_INT_EN: 1211 return s->int_en; 1212 case CSR_BYTE_TEST: 1213 return 0x87654321; 1214 case CSR_FIFO_INT: 1215 return s->fifo_int; 1216 case CSR_RX_CFG: 1217 return s->rx_cfg; 1218 case CSR_TX_CFG: 1219 return s->tx_cfg; 1220 case CSR_HW_CFG: 1221 return s->hw_cfg; 1222 case CSR_RX_DP_CTRL: 1223 return 0; 1224 case CSR_RX_FIFO_INF: 1225 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2); 1226 case CSR_TX_FIFO_INF: 1227 return (s->tx_status_fifo_used << 16) 1228 | (s->tx_fifo_size - s->txp->fifo_used); 1229 case CSR_PMT_CTRL: 1230 return s->pmt_ctrl; 1231 case CSR_GPIO_CFG: 1232 return s->gpio_cfg; 1233 case CSR_GPT_CFG: 1234 return s->gpt_cfg; 1235 case CSR_GPT_CNT: 1236 return ptimer_get_count(s->timer); 1237 case CSR_WORD_SWAP: 1238 return s->word_swap; 1239 case CSR_FREE_RUN: 1240 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start; 1241 case CSR_RX_DROP: 1242 /* TODO: Implement dropped frames counter. */ 1243 return 0; 1244 case CSR_MAC_CSR_CMD: 1245 return s->mac_cmd; 1246 case CSR_MAC_CSR_DATA: 1247 return s->mac_data; 1248 case CSR_AFC_CFG: 1249 return s->afc_cfg; 1250 case CSR_E2P_CMD: 1251 return s->e2p_cmd; 1252 case CSR_E2P_DATA: 1253 return s->e2p_data; 1254 } 1255 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset); 1256 return 0; 1257 } 1258 1259 static uint32_t lan9118_readw(void *opaque, hwaddr offset) 1260 { 1261 lan9118_state *s = (lan9118_state *)opaque; 1262 uint32_t val; 1263 1264 if (s->read_word_prev_offset != (offset & ~0x3)) { 1265 /* New offset, reset word counter */ 1266 s->read_word_n = 0; 1267 s->read_word_prev_offset = offset & ~0x3; 1268 } 1269 1270 s->read_word_n++; 1271 if (s->read_word_n == 1) { 1272 s->read_long = lan9118_readl(s, offset & ~3, 4); 1273 } else { 1274 s->read_word_n = 0; 1275 } 1276 1277 if (offset & 2) { 1278 val = s->read_long >> 16; 1279 } else { 1280 val = s->read_long & 0xFFFF; 1281 } 1282 1283 //DPRINTF("Readw reg 0x%02x, val 0x%x\n", (int)offset, val); 1284 return val; 1285 } 1286 1287 static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset, 1288 unsigned size) 1289 { 1290 switch (size) { 1291 case 2: 1292 return lan9118_readw(opaque, offset); 1293 case 4: 1294 return lan9118_readl(opaque, offset, size); 1295 } 1296 1297 hw_error("lan9118_read: Bad size 0x%x\n", size); 1298 return 0; 1299 } 1300 1301 static const MemoryRegionOps lan9118_mem_ops = { 1302 .read = lan9118_readl, 1303 .write = lan9118_writel, 1304 .endianness = DEVICE_NATIVE_ENDIAN, 1305 }; 1306 1307 static const MemoryRegionOps lan9118_16bit_mem_ops = { 1308 .read = lan9118_16bit_mode_read, 1309 .write = lan9118_16bit_mode_write, 1310 .endianness = DEVICE_NATIVE_ENDIAN, 1311 }; 1312 1313 static NetClientInfo net_lan9118_info = { 1314 .type = NET_CLIENT_OPTIONS_KIND_NIC, 1315 .size = sizeof(NICState), 1316 .receive = lan9118_receive, 1317 .link_status_changed = lan9118_set_link, 1318 }; 1319 1320 static int lan9118_init1(SysBusDevice *sbd) 1321 { 1322 DeviceState *dev = DEVICE(sbd); 1323 lan9118_state *s = LAN9118(dev); 1324 QEMUBH *bh; 1325 int i; 1326 const MemoryRegionOps *mem_ops = 1327 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops; 1328 1329 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s, 1330 "lan9118-mmio", 0x100); 1331 sysbus_init_mmio(sbd, &s->mmio); 1332 sysbus_init_irq(sbd, &s->irq); 1333 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1334 1335 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf, 1336 object_get_typename(OBJECT(dev)), dev->id, s); 1337 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1338 s->eeprom[0] = 0xa5; 1339 for (i = 0; i < 6; i++) { 1340 s->eeprom[i + 1] = s->conf.macaddr.a[i]; 1341 } 1342 s->pmt_ctrl = 1; 1343 s->txp = &s->tx_packet; 1344 1345 bh = qemu_bh_new(lan9118_tick, s); 1346 s->timer = ptimer_init(bh); 1347 ptimer_set_freq(s->timer, 10000); 1348 ptimer_set_limit(s->timer, 0xffff, 1); 1349 1350 return 0; 1351 } 1352 1353 static Property lan9118_properties[] = { 1354 DEFINE_NIC_PROPERTIES(lan9118_state, conf), 1355 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0), 1356 DEFINE_PROP_END_OF_LIST(), 1357 }; 1358 1359 static void lan9118_class_init(ObjectClass *klass, void *data) 1360 { 1361 DeviceClass *dc = DEVICE_CLASS(klass); 1362 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1363 1364 k->init = lan9118_init1; 1365 dc->reset = lan9118_reset; 1366 dc->props = lan9118_properties; 1367 dc->vmsd = &vmstate_lan9118; 1368 } 1369 1370 static const TypeInfo lan9118_info = { 1371 .name = TYPE_LAN9118, 1372 .parent = TYPE_SYS_BUS_DEVICE, 1373 .instance_size = sizeof(lan9118_state), 1374 .class_init = lan9118_class_init, 1375 }; 1376 1377 static void lan9118_register_types(void) 1378 { 1379 type_register_static(&lan9118_info); 1380 } 1381 1382 /* Legacy helper function. Should go away when machine config files are 1383 implemented. */ 1384 void lan9118_init(NICInfo *nd, uint32_t base, qemu_irq irq) 1385 { 1386 DeviceState *dev; 1387 SysBusDevice *s; 1388 1389 qemu_check_nic_model(nd, "lan9118"); 1390 dev = qdev_create(NULL, TYPE_LAN9118); 1391 qdev_set_nic_properties(dev, nd); 1392 qdev_init_nofail(dev); 1393 s = SYS_BUS_DEVICE(dev); 1394 sysbus_mmio_map(s, 0, base); 1395 sysbus_connect_irq(s, 0, irq); 1396 } 1397 1398 type_init(lan9118_register_types) 1399