1 /* 2 * SMSC LAN9118 Ethernet interface emulation 3 * 4 * Copyright (c) 2009 CodeSourcery, LLC. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the GNU GPL v2 8 * 9 * Contributions after 2012-01-13 are licensed under the terms of the 10 * GNU GPL, version 2 or (at your option) any later version. 11 */ 12 13 #include "qemu/osdep.h" 14 #include "hw/sysbus.h" 15 #include "net/net.h" 16 #include "hw/devices.h" 17 #include "sysemu/sysemu.h" 18 #include "hw/ptimer.h" 19 /* For crc32 */ 20 #include <zlib.h> 21 22 //#define DEBUG_LAN9118 23 24 #ifdef DEBUG_LAN9118 25 #define DPRINTF(fmt, ...) \ 26 do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0) 27 #define BADF(fmt, ...) \ 28 do { hw_error("lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 29 #else 30 #define DPRINTF(fmt, ...) do {} while(0) 31 #define BADF(fmt, ...) \ 32 do { fprintf(stderr, "lan9118: error: " fmt , ## __VA_ARGS__);} while (0) 33 #endif 34 35 #define CSR_ID_REV 0x50 36 #define CSR_IRQ_CFG 0x54 37 #define CSR_INT_STS 0x58 38 #define CSR_INT_EN 0x5c 39 #define CSR_BYTE_TEST 0x64 40 #define CSR_FIFO_INT 0x68 41 #define CSR_RX_CFG 0x6c 42 #define CSR_TX_CFG 0x70 43 #define CSR_HW_CFG 0x74 44 #define CSR_RX_DP_CTRL 0x78 45 #define CSR_RX_FIFO_INF 0x7c 46 #define CSR_TX_FIFO_INF 0x80 47 #define CSR_PMT_CTRL 0x84 48 #define CSR_GPIO_CFG 0x88 49 #define CSR_GPT_CFG 0x8c 50 #define CSR_GPT_CNT 0x90 51 #define CSR_WORD_SWAP 0x98 52 #define CSR_FREE_RUN 0x9c 53 #define CSR_RX_DROP 0xa0 54 #define CSR_MAC_CSR_CMD 0xa4 55 #define CSR_MAC_CSR_DATA 0xa8 56 #define CSR_AFC_CFG 0xac 57 #define CSR_E2P_CMD 0xb0 58 #define CSR_E2P_DATA 0xb4 59 60 #define E2P_CMD_MAC_ADDR_LOADED 0x100 61 62 /* IRQ_CFG */ 63 #define IRQ_INT 0x00001000 64 #define IRQ_EN 0x00000100 65 #define IRQ_POL 0x00000010 66 #define IRQ_TYPE 0x00000001 67 68 /* INT_STS/INT_EN */ 69 #define SW_INT 0x80000000 70 #define TXSTOP_INT 0x02000000 71 #define RXSTOP_INT 0x01000000 72 #define RXDFH_INT 0x00800000 73 #define TX_IOC_INT 0x00200000 74 #define RXD_INT 0x00100000 75 #define GPT_INT 0x00080000 76 #define PHY_INT 0x00040000 77 #define PME_INT 0x00020000 78 #define TXSO_INT 0x00010000 79 #define RWT_INT 0x00008000 80 #define RXE_INT 0x00004000 81 #define TXE_INT 0x00002000 82 #define TDFU_INT 0x00000800 83 #define TDFO_INT 0x00000400 84 #define TDFA_INT 0x00000200 85 #define TSFF_INT 0x00000100 86 #define TSFL_INT 0x00000080 87 #define RXDF_INT 0x00000040 88 #define RDFL_INT 0x00000020 89 #define RSFF_INT 0x00000010 90 #define RSFL_INT 0x00000008 91 #define GPIO2_INT 0x00000004 92 #define GPIO1_INT 0x00000002 93 #define GPIO0_INT 0x00000001 94 #define RESERVED_INT 0x7c001000 95 96 #define MAC_CR 1 97 #define MAC_ADDRH 2 98 #define MAC_ADDRL 3 99 #define MAC_HASHH 4 100 #define MAC_HASHL 5 101 #define MAC_MII_ACC 6 102 #define MAC_MII_DATA 7 103 #define MAC_FLOW 8 104 #define MAC_VLAN1 9 /* TODO */ 105 #define MAC_VLAN2 10 /* TODO */ 106 #define MAC_WUFF 11 /* TODO */ 107 #define MAC_WUCSR 12 /* TODO */ 108 109 #define MAC_CR_RXALL 0x80000000 110 #define MAC_CR_RCVOWN 0x00800000 111 #define MAC_CR_LOOPBK 0x00200000 112 #define MAC_CR_FDPX 0x00100000 113 #define MAC_CR_MCPAS 0x00080000 114 #define MAC_CR_PRMS 0x00040000 115 #define MAC_CR_INVFILT 0x00020000 116 #define MAC_CR_PASSBAD 0x00010000 117 #define MAC_CR_HO 0x00008000 118 #define MAC_CR_HPFILT 0x00002000 119 #define MAC_CR_LCOLL 0x00001000 120 #define MAC_CR_BCAST 0x00000800 121 #define MAC_CR_DISRTY 0x00000400 122 #define MAC_CR_PADSTR 0x00000100 123 #define MAC_CR_BOLMT 0x000000c0 124 #define MAC_CR_DFCHK 0x00000020 125 #define MAC_CR_TXEN 0x00000008 126 #define MAC_CR_RXEN 0x00000004 127 #define MAC_CR_RESERVED 0x7f404213 128 129 #define PHY_INT_ENERGYON 0x80 130 #define PHY_INT_AUTONEG_COMPLETE 0x40 131 #define PHY_INT_FAULT 0x20 132 #define PHY_INT_DOWN 0x10 133 #define PHY_INT_AUTONEG_LP 0x08 134 #define PHY_INT_PARFAULT 0x04 135 #define PHY_INT_AUTONEG_PAGE 0x02 136 137 #define GPT_TIMER_EN 0x20000000 138 139 enum tx_state { 140 TX_IDLE, 141 TX_B, 142 TX_DATA 143 }; 144 145 typedef struct { 146 /* state is a tx_state but we can't put enums in VMStateDescriptions. */ 147 uint32_t state; 148 uint32_t cmd_a; 149 uint32_t cmd_b; 150 int32_t buffer_size; 151 int32_t offset; 152 int32_t pad; 153 int32_t fifo_used; 154 int32_t len; 155 uint8_t data[2048]; 156 } LAN9118Packet; 157 158 static const VMStateDescription vmstate_lan9118_packet = { 159 .name = "lan9118_packet", 160 .version_id = 1, 161 .minimum_version_id = 1, 162 .fields = (VMStateField[]) { 163 VMSTATE_UINT32(state, LAN9118Packet), 164 VMSTATE_UINT32(cmd_a, LAN9118Packet), 165 VMSTATE_UINT32(cmd_b, LAN9118Packet), 166 VMSTATE_INT32(buffer_size, LAN9118Packet), 167 VMSTATE_INT32(offset, LAN9118Packet), 168 VMSTATE_INT32(pad, LAN9118Packet), 169 VMSTATE_INT32(fifo_used, LAN9118Packet), 170 VMSTATE_INT32(len, LAN9118Packet), 171 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, 2048), 172 VMSTATE_END_OF_LIST() 173 } 174 }; 175 176 #define TYPE_LAN9118 "lan9118" 177 #define LAN9118(obj) OBJECT_CHECK(lan9118_state, (obj), TYPE_LAN9118) 178 179 typedef struct { 180 SysBusDevice parent_obj; 181 182 NICState *nic; 183 NICConf conf; 184 qemu_irq irq; 185 MemoryRegion mmio; 186 ptimer_state *timer; 187 188 uint32_t irq_cfg; 189 uint32_t int_sts; 190 uint32_t int_en; 191 uint32_t fifo_int; 192 uint32_t rx_cfg; 193 uint32_t tx_cfg; 194 uint32_t hw_cfg; 195 uint32_t pmt_ctrl; 196 uint32_t gpio_cfg; 197 uint32_t gpt_cfg; 198 uint32_t word_swap; 199 uint32_t free_timer_start; 200 uint32_t mac_cmd; 201 uint32_t mac_data; 202 uint32_t afc_cfg; 203 uint32_t e2p_cmd; 204 uint32_t e2p_data; 205 206 uint32_t mac_cr; 207 uint32_t mac_hashh; 208 uint32_t mac_hashl; 209 uint32_t mac_mii_acc; 210 uint32_t mac_mii_data; 211 uint32_t mac_flow; 212 213 uint32_t phy_status; 214 uint32_t phy_control; 215 uint32_t phy_advertise; 216 uint32_t phy_int; 217 uint32_t phy_int_mask; 218 219 int32_t eeprom_writable; 220 uint8_t eeprom[128]; 221 222 int32_t tx_fifo_size; 223 LAN9118Packet *txp; 224 LAN9118Packet tx_packet; 225 226 int32_t tx_status_fifo_used; 227 int32_t tx_status_fifo_head; 228 uint32_t tx_status_fifo[512]; 229 230 int32_t rx_status_fifo_size; 231 int32_t rx_status_fifo_used; 232 int32_t rx_status_fifo_head; 233 uint32_t rx_status_fifo[896]; 234 int32_t rx_fifo_size; 235 int32_t rx_fifo_used; 236 int32_t rx_fifo_head; 237 uint32_t rx_fifo[3360]; 238 int32_t rx_packet_size_head; 239 int32_t rx_packet_size_tail; 240 int32_t rx_packet_size[1024]; 241 242 int32_t rxp_offset; 243 int32_t rxp_size; 244 int32_t rxp_pad; 245 246 uint32_t write_word_prev_offset; 247 uint32_t write_word_n; 248 uint16_t write_word_l; 249 uint16_t write_word_h; 250 uint32_t read_word_prev_offset; 251 uint32_t read_word_n; 252 uint32_t read_long; 253 254 uint32_t mode_16bit; 255 } lan9118_state; 256 257 static const VMStateDescription vmstate_lan9118 = { 258 .name = "lan9118", 259 .version_id = 2, 260 .minimum_version_id = 1, 261 .fields = (VMStateField[]) { 262 VMSTATE_PTIMER(timer, lan9118_state), 263 VMSTATE_UINT32(irq_cfg, lan9118_state), 264 VMSTATE_UINT32(int_sts, lan9118_state), 265 VMSTATE_UINT32(int_en, lan9118_state), 266 VMSTATE_UINT32(fifo_int, lan9118_state), 267 VMSTATE_UINT32(rx_cfg, lan9118_state), 268 VMSTATE_UINT32(tx_cfg, lan9118_state), 269 VMSTATE_UINT32(hw_cfg, lan9118_state), 270 VMSTATE_UINT32(pmt_ctrl, lan9118_state), 271 VMSTATE_UINT32(gpio_cfg, lan9118_state), 272 VMSTATE_UINT32(gpt_cfg, lan9118_state), 273 VMSTATE_UINT32(word_swap, lan9118_state), 274 VMSTATE_UINT32(free_timer_start, lan9118_state), 275 VMSTATE_UINT32(mac_cmd, lan9118_state), 276 VMSTATE_UINT32(mac_data, lan9118_state), 277 VMSTATE_UINT32(afc_cfg, lan9118_state), 278 VMSTATE_UINT32(e2p_cmd, lan9118_state), 279 VMSTATE_UINT32(e2p_data, lan9118_state), 280 VMSTATE_UINT32(mac_cr, lan9118_state), 281 VMSTATE_UINT32(mac_hashh, lan9118_state), 282 VMSTATE_UINT32(mac_hashl, lan9118_state), 283 VMSTATE_UINT32(mac_mii_acc, lan9118_state), 284 VMSTATE_UINT32(mac_mii_data, lan9118_state), 285 VMSTATE_UINT32(mac_flow, lan9118_state), 286 VMSTATE_UINT32(phy_status, lan9118_state), 287 VMSTATE_UINT32(phy_control, lan9118_state), 288 VMSTATE_UINT32(phy_advertise, lan9118_state), 289 VMSTATE_UINT32(phy_int, lan9118_state), 290 VMSTATE_UINT32(phy_int_mask, lan9118_state), 291 VMSTATE_INT32(eeprom_writable, lan9118_state), 292 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128), 293 VMSTATE_INT32(tx_fifo_size, lan9118_state), 294 /* txp always points at tx_packet so need not be saved */ 295 VMSTATE_STRUCT(tx_packet, lan9118_state, 0, 296 vmstate_lan9118_packet, LAN9118Packet), 297 VMSTATE_INT32(tx_status_fifo_used, lan9118_state), 298 VMSTATE_INT32(tx_status_fifo_head, lan9118_state), 299 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512), 300 VMSTATE_INT32(rx_status_fifo_size, lan9118_state), 301 VMSTATE_INT32(rx_status_fifo_used, lan9118_state), 302 VMSTATE_INT32(rx_status_fifo_head, lan9118_state), 303 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896), 304 VMSTATE_INT32(rx_fifo_size, lan9118_state), 305 VMSTATE_INT32(rx_fifo_used, lan9118_state), 306 VMSTATE_INT32(rx_fifo_head, lan9118_state), 307 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360), 308 VMSTATE_INT32(rx_packet_size_head, lan9118_state), 309 VMSTATE_INT32(rx_packet_size_tail, lan9118_state), 310 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024), 311 VMSTATE_INT32(rxp_offset, lan9118_state), 312 VMSTATE_INT32(rxp_size, lan9118_state), 313 VMSTATE_INT32(rxp_pad, lan9118_state), 314 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2), 315 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2), 316 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2), 317 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2), 318 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2), 319 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2), 320 VMSTATE_UINT32_V(read_long, lan9118_state, 2), 321 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2), 322 VMSTATE_END_OF_LIST() 323 } 324 }; 325 326 static void lan9118_update(lan9118_state *s) 327 { 328 int level; 329 330 /* TODO: Implement FIFO level IRQs. */ 331 level = (s->int_sts & s->int_en) != 0; 332 if (level) { 333 s->irq_cfg |= IRQ_INT; 334 } else { 335 s->irq_cfg &= ~IRQ_INT; 336 } 337 if ((s->irq_cfg & IRQ_EN) == 0) { 338 level = 0; 339 } 340 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) { 341 /* Interrupt is active low unless we're configured as 342 * active-high polarity, push-pull type. 343 */ 344 level = !level; 345 } 346 qemu_set_irq(s->irq, level); 347 } 348 349 static void lan9118_mac_changed(lan9118_state *s) 350 { 351 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 352 } 353 354 static void lan9118_reload_eeprom(lan9118_state *s) 355 { 356 int i; 357 if (s->eeprom[0] != 0xa5) { 358 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED; 359 DPRINTF("MACADDR load failed\n"); 360 return; 361 } 362 for (i = 0; i < 6; i++) { 363 s->conf.macaddr.a[i] = s->eeprom[i + 1]; 364 } 365 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED; 366 DPRINTF("MACADDR loaded from eeprom\n"); 367 lan9118_mac_changed(s); 368 } 369 370 static void phy_update_irq(lan9118_state *s) 371 { 372 if (s->phy_int & s->phy_int_mask) { 373 s->int_sts |= PHY_INT; 374 } else { 375 s->int_sts &= ~PHY_INT; 376 } 377 lan9118_update(s); 378 } 379 380 static void phy_update_link(lan9118_state *s) 381 { 382 /* Autonegotiation status mirrors link status. */ 383 if (qemu_get_queue(s->nic)->link_down) { 384 s->phy_status &= ~0x0024; 385 s->phy_int |= PHY_INT_DOWN; 386 } else { 387 s->phy_status |= 0x0024; 388 s->phy_int |= PHY_INT_ENERGYON; 389 s->phy_int |= PHY_INT_AUTONEG_COMPLETE; 390 } 391 phy_update_irq(s); 392 } 393 394 static void lan9118_set_link(NetClientState *nc) 395 { 396 phy_update_link(qemu_get_nic_opaque(nc)); 397 } 398 399 static void phy_reset(lan9118_state *s) 400 { 401 s->phy_status = 0x7809; 402 s->phy_control = 0x3000; 403 s->phy_advertise = 0x01e1; 404 s->phy_int_mask = 0; 405 s->phy_int = 0; 406 phy_update_link(s); 407 } 408 409 static void lan9118_reset(DeviceState *d) 410 { 411 lan9118_state *s = LAN9118(d); 412 413 s->irq_cfg &= (IRQ_TYPE | IRQ_POL); 414 s->int_sts = 0; 415 s->int_en = 0; 416 s->fifo_int = 0x48000000; 417 s->rx_cfg = 0; 418 s->tx_cfg = 0; 419 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004; 420 s->pmt_ctrl &= 0x45; 421 s->gpio_cfg = 0; 422 s->txp->fifo_used = 0; 423 s->txp->state = TX_IDLE; 424 s->txp->cmd_a = 0xffffffffu; 425 s->txp->cmd_b = 0xffffffffu; 426 s->txp->len = 0; 427 s->txp->fifo_used = 0; 428 s->tx_fifo_size = 4608; 429 s->tx_status_fifo_used = 0; 430 s->rx_status_fifo_size = 704; 431 s->rx_fifo_size = 2640; 432 s->rx_fifo_used = 0; 433 s->rx_status_fifo_size = 176; 434 s->rx_status_fifo_used = 0; 435 s->rxp_offset = 0; 436 s->rxp_size = 0; 437 s->rxp_pad = 0; 438 s->rx_packet_size_tail = s->rx_packet_size_head; 439 s->rx_packet_size[s->rx_packet_size_head] = 0; 440 s->mac_cmd = 0; 441 s->mac_data = 0; 442 s->afc_cfg = 0; 443 s->e2p_cmd = 0; 444 s->e2p_data = 0; 445 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40; 446 447 ptimer_stop(s->timer); 448 ptimer_set_count(s->timer, 0xffff); 449 s->gpt_cfg = 0xffff; 450 451 s->mac_cr = MAC_CR_PRMS; 452 s->mac_hashh = 0; 453 s->mac_hashl = 0; 454 s->mac_mii_acc = 0; 455 s->mac_mii_data = 0; 456 s->mac_flow = 0; 457 458 s->read_word_n = 0; 459 s->write_word_n = 0; 460 461 phy_reset(s); 462 463 s->eeprom_writable = 0; 464 lan9118_reload_eeprom(s); 465 } 466 467 static void rx_fifo_push(lan9118_state *s, uint32_t val) 468 { 469 int fifo_pos; 470 fifo_pos = s->rx_fifo_head + s->rx_fifo_used; 471 if (fifo_pos >= s->rx_fifo_size) 472 fifo_pos -= s->rx_fifo_size; 473 s->rx_fifo[fifo_pos] = val; 474 s->rx_fifo_used++; 475 } 476 477 /* Return nonzero if the packet is accepted by the filter. */ 478 static int lan9118_filter(lan9118_state *s, const uint8_t *addr) 479 { 480 int multicast; 481 uint32_t hash; 482 483 if (s->mac_cr & MAC_CR_PRMS) { 484 return 1; 485 } 486 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff && 487 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) { 488 return (s->mac_cr & MAC_CR_BCAST) == 0; 489 } 490 491 multicast = addr[0] & 1; 492 if (multicast &&s->mac_cr & MAC_CR_MCPAS) { 493 return 1; 494 } 495 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0 496 : (s->mac_cr & MAC_CR_HO) == 0) { 497 /* Exact matching. */ 498 hash = memcmp(addr, s->conf.macaddr.a, 6); 499 if (s->mac_cr & MAC_CR_INVFILT) { 500 return hash != 0; 501 } else { 502 return hash == 0; 503 } 504 } else { 505 /* Hash matching */ 506 hash = compute_mcast_idx(addr); 507 if (hash & 0x20) { 508 return (s->mac_hashh >> (hash & 0x1f)) & 1; 509 } else { 510 return (s->mac_hashl >> (hash & 0x1f)) & 1; 511 } 512 } 513 } 514 515 static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf, 516 size_t size) 517 { 518 lan9118_state *s = qemu_get_nic_opaque(nc); 519 int fifo_len; 520 int offset; 521 int src_pos; 522 int n; 523 int filter; 524 uint32_t val; 525 uint32_t crc; 526 uint32_t status; 527 528 if ((s->mac_cr & MAC_CR_RXEN) == 0) { 529 return -1; 530 } 531 532 if (size >= 2048 || size < 14) { 533 return -1; 534 } 535 536 /* TODO: Implement FIFO overflow notification. */ 537 if (s->rx_status_fifo_used == s->rx_status_fifo_size) { 538 return -1; 539 } 540 541 filter = lan9118_filter(s, buf); 542 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) { 543 return size; 544 } 545 546 offset = (s->rx_cfg >> 8) & 0x1f; 547 n = offset & 3; 548 fifo_len = (size + n + 3) >> 2; 549 /* Add a word for the CRC. */ 550 fifo_len++; 551 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) { 552 return -1; 553 } 554 555 DPRINTF("Got packet len:%d fifo:%d filter:%s\n", 556 (int)size, fifo_len, filter ? "pass" : "fail"); 557 val = 0; 558 crc = bswap32(crc32(~0, buf, size)); 559 for (src_pos = 0; src_pos < size; src_pos++) { 560 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24); 561 n++; 562 if (n == 4) { 563 n = 0; 564 rx_fifo_push(s, val); 565 val = 0; 566 } 567 } 568 if (n) { 569 val >>= ((4 - n) * 8); 570 val |= crc << (n * 8); 571 rx_fifo_push(s, val); 572 val = crc >> ((4 - n) * 8); 573 rx_fifo_push(s, val); 574 } else { 575 rx_fifo_push(s, crc); 576 } 577 n = s->rx_status_fifo_head + s->rx_status_fifo_used; 578 if (n >= s->rx_status_fifo_size) { 579 n -= s->rx_status_fifo_size; 580 } 581 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len; 582 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023; 583 s->rx_status_fifo_used++; 584 585 status = (size + 4) << 16; 586 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff && 587 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) { 588 status |= 0x00002000; 589 } else if (buf[0] & 1) { 590 status |= 0x00000400; 591 } 592 if (!filter) { 593 status |= 0x40000000; 594 } 595 s->rx_status_fifo[n] = status; 596 597 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) { 598 s->int_sts |= RSFL_INT; 599 } 600 lan9118_update(s); 601 602 return size; 603 } 604 605 static uint32_t rx_fifo_pop(lan9118_state *s) 606 { 607 int n; 608 uint32_t val; 609 610 if (s->rxp_size == 0 && s->rxp_pad == 0) { 611 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head]; 612 s->rx_packet_size[s->rx_packet_size_head] = 0; 613 if (s->rxp_size != 0) { 614 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023; 615 s->rxp_offset = (s->rx_cfg >> 10) & 7; 616 n = s->rxp_offset + s->rxp_size; 617 switch (s->rx_cfg >> 30) { 618 case 1: 619 n = (-n) & 3; 620 break; 621 case 2: 622 n = (-n) & 7; 623 break; 624 default: 625 n = 0; 626 break; 627 } 628 s->rxp_pad = n; 629 DPRINTF("Pop packet size:%d offset:%d pad: %d\n", 630 s->rxp_size, s->rxp_offset, s->rxp_pad); 631 } 632 } 633 if (s->rxp_offset > 0) { 634 s->rxp_offset--; 635 val = 0; 636 } else if (s->rxp_size > 0) { 637 s->rxp_size--; 638 val = s->rx_fifo[s->rx_fifo_head++]; 639 if (s->rx_fifo_head >= s->rx_fifo_size) { 640 s->rx_fifo_head -= s->rx_fifo_size; 641 } 642 s->rx_fifo_used--; 643 } else if (s->rxp_pad > 0) { 644 s->rxp_pad--; 645 val = 0; 646 } else { 647 DPRINTF("RX underflow\n"); 648 s->int_sts |= RXE_INT; 649 val = 0; 650 } 651 lan9118_update(s); 652 return val; 653 } 654 655 static void do_tx_packet(lan9118_state *s) 656 { 657 int n; 658 uint32_t status; 659 660 /* FIXME: Honor TX disable, and allow queueing of packets. */ 661 if (s->phy_control & 0x4000) { 662 /* This assumes the receive routine doesn't touch the VLANClient. */ 663 lan9118_receive(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 664 } else { 665 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len); 666 } 667 s->txp->fifo_used = 0; 668 669 if (s->tx_status_fifo_used == 512) { 670 /* Status FIFO full */ 671 return; 672 } 673 /* Add entry to status FIFO. */ 674 status = s->txp->cmd_b & 0xffff0000u; 675 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len); 676 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511; 677 s->tx_status_fifo[n] = status; 678 s->tx_status_fifo_used++; 679 if (s->tx_status_fifo_used == 512) { 680 s->int_sts |= TSFF_INT; 681 /* TODO: Stop transmission. */ 682 } 683 } 684 685 static uint32_t rx_status_fifo_pop(lan9118_state *s) 686 { 687 uint32_t val; 688 689 val = s->rx_status_fifo[s->rx_status_fifo_head]; 690 if (s->rx_status_fifo_used != 0) { 691 s->rx_status_fifo_used--; 692 s->rx_status_fifo_head++; 693 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) { 694 s->rx_status_fifo_head -= s->rx_status_fifo_size; 695 } 696 /* ??? What value should be returned when the FIFO is empty? */ 697 DPRINTF("RX status pop 0x%08x\n", val); 698 } 699 return val; 700 } 701 702 static uint32_t tx_status_fifo_pop(lan9118_state *s) 703 { 704 uint32_t val; 705 706 val = s->tx_status_fifo[s->tx_status_fifo_head]; 707 if (s->tx_status_fifo_used != 0) { 708 s->tx_status_fifo_used--; 709 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511; 710 /* ??? What value should be returned when the FIFO is empty? */ 711 } 712 return val; 713 } 714 715 static void tx_fifo_push(lan9118_state *s, uint32_t val) 716 { 717 int n; 718 719 if (s->txp->fifo_used == s->tx_fifo_size) { 720 s->int_sts |= TDFO_INT; 721 return; 722 } 723 switch (s->txp->state) { 724 case TX_IDLE: 725 s->txp->cmd_a = val & 0x831f37ff; 726 s->txp->fifo_used++; 727 s->txp->state = TX_B; 728 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11); 729 s->txp->offset = extract32(s->txp->cmd_a, 16, 5); 730 break; 731 case TX_B: 732 if (s->txp->cmd_a & 0x2000) { 733 /* First segment */ 734 s->txp->cmd_b = val; 735 s->txp->fifo_used++; 736 /* End alignment does not include command words. */ 737 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2; 738 switch ((n >> 24) & 3) { 739 case 1: 740 n = (-n) & 3; 741 break; 742 case 2: 743 n = (-n) & 7; 744 break; 745 default: 746 n = 0; 747 } 748 s->txp->pad = n; 749 s->txp->len = 0; 750 } 751 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n", 752 s->txp->buffer_size, s->txp->offset, s->txp->pad, 753 s->txp->cmd_a); 754 s->txp->state = TX_DATA; 755 break; 756 case TX_DATA: 757 if (s->txp->offset >= 4) { 758 s->txp->offset -= 4; 759 break; 760 } 761 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) { 762 s->txp->pad--; 763 } else { 764 n = MIN(4, s->txp->buffer_size + s->txp->offset); 765 while (s->txp->offset) { 766 val >>= 8; 767 n--; 768 s->txp->offset--; 769 } 770 /* Documentation is somewhat unclear on the ordering of bytes 771 in FIFO words. Empirical results show it to be little-endian. 772 */ 773 /* TODO: FIFO overflow checking. */ 774 while (n--) { 775 s->txp->data[s->txp->len] = val & 0xff; 776 s->txp->len++; 777 val >>= 8; 778 s->txp->buffer_size--; 779 } 780 s->txp->fifo_used++; 781 } 782 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) { 783 if (s->txp->cmd_a & 0x1000) { 784 do_tx_packet(s); 785 } 786 if (s->txp->cmd_a & 0x80000000) { 787 s->int_sts |= TX_IOC_INT; 788 } 789 s->txp->state = TX_IDLE; 790 } 791 break; 792 } 793 } 794 795 static uint32_t do_phy_read(lan9118_state *s, int reg) 796 { 797 uint32_t val; 798 799 switch (reg) { 800 case 0: /* Basic Control */ 801 return s->phy_control; 802 case 1: /* Basic Status */ 803 return s->phy_status; 804 case 2: /* ID1 */ 805 return 0x0007; 806 case 3: /* ID2 */ 807 return 0xc0d1; 808 case 4: /* Auto-neg advertisement */ 809 return s->phy_advertise; 810 case 5: /* Auto-neg Link Partner Ability */ 811 return 0x0f71; 812 case 6: /* Auto-neg Expansion */ 813 return 1; 814 /* TODO 17, 18, 27, 29, 30, 31 */ 815 case 29: /* Interrupt source. */ 816 val = s->phy_int; 817 s->phy_int = 0; 818 phy_update_irq(s); 819 return val; 820 case 30: /* Interrupt mask */ 821 return s->phy_int_mask; 822 default: 823 BADF("PHY read reg %d\n", reg); 824 return 0; 825 } 826 } 827 828 static void do_phy_write(lan9118_state *s, int reg, uint32_t val) 829 { 830 switch (reg) { 831 case 0: /* Basic Control */ 832 if (val & 0x8000) { 833 phy_reset(s); 834 break; 835 } 836 s->phy_control = val & 0x7980; 837 /* Complete autonegotiation immediately. */ 838 if (val & 0x1000) { 839 s->phy_status |= 0x0020; 840 } 841 break; 842 case 4: /* Auto-neg advertisement */ 843 s->phy_advertise = (val & 0x2d7f) | 0x80; 844 break; 845 /* TODO 17, 18, 27, 31 */ 846 case 30: /* Interrupt mask */ 847 s->phy_int_mask = val & 0xff; 848 phy_update_irq(s); 849 break; 850 default: 851 BADF("PHY write reg %d = 0x%04x\n", reg, val); 852 } 853 } 854 855 static void do_mac_write(lan9118_state *s, int reg, uint32_t val) 856 { 857 switch (reg) { 858 case MAC_CR: 859 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) { 860 s->int_sts |= RXSTOP_INT; 861 } 862 s->mac_cr = val & ~MAC_CR_RESERVED; 863 DPRINTF("MAC_CR: %08x\n", val); 864 break; 865 case MAC_ADDRH: 866 s->conf.macaddr.a[4] = val & 0xff; 867 s->conf.macaddr.a[5] = (val >> 8) & 0xff; 868 lan9118_mac_changed(s); 869 break; 870 case MAC_ADDRL: 871 s->conf.macaddr.a[0] = val & 0xff; 872 s->conf.macaddr.a[1] = (val >> 8) & 0xff; 873 s->conf.macaddr.a[2] = (val >> 16) & 0xff; 874 s->conf.macaddr.a[3] = (val >> 24) & 0xff; 875 lan9118_mac_changed(s); 876 break; 877 case MAC_HASHH: 878 s->mac_hashh = val; 879 break; 880 case MAC_HASHL: 881 s->mac_hashl = val; 882 break; 883 case MAC_MII_ACC: 884 s->mac_mii_acc = val & 0xffc2; 885 if (val & 2) { 886 DPRINTF("PHY write %d = 0x%04x\n", 887 (val >> 6) & 0x1f, s->mac_mii_data); 888 do_phy_write(s, (val >> 6) & 0x1f, s->mac_mii_data); 889 } else { 890 s->mac_mii_data = do_phy_read(s, (val >> 6) & 0x1f); 891 DPRINTF("PHY read %d = 0x%04x\n", 892 (val >> 6) & 0x1f, s->mac_mii_data); 893 } 894 break; 895 case MAC_MII_DATA: 896 s->mac_mii_data = val & 0xffff; 897 break; 898 case MAC_FLOW: 899 s->mac_flow = val & 0xffff0000; 900 break; 901 case MAC_VLAN1: 902 /* Writing to this register changes a condition for 903 * FrameTooLong bit in rx_status. Since we do not set 904 * FrameTooLong anyway, just ignore write to this. 905 */ 906 break; 907 default: 908 qemu_log_mask(LOG_GUEST_ERROR, 909 "lan9118: Unimplemented MAC register write: %d = 0x%x\n", 910 s->mac_cmd & 0xf, val); 911 } 912 } 913 914 static uint32_t do_mac_read(lan9118_state *s, int reg) 915 { 916 switch (reg) { 917 case MAC_CR: 918 return s->mac_cr; 919 case MAC_ADDRH: 920 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8); 921 case MAC_ADDRL: 922 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8) 923 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24); 924 case MAC_HASHH: 925 return s->mac_hashh; 926 break; 927 case MAC_HASHL: 928 return s->mac_hashl; 929 break; 930 case MAC_MII_ACC: 931 return s->mac_mii_acc; 932 case MAC_MII_DATA: 933 return s->mac_mii_data; 934 case MAC_FLOW: 935 return s->mac_flow; 936 default: 937 qemu_log_mask(LOG_GUEST_ERROR, 938 "lan9118: Unimplemented MAC register read: %d\n", 939 s->mac_cmd & 0xf); 940 return 0; 941 } 942 } 943 944 static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr) 945 { 946 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr; 947 switch (cmd) { 948 case 0: 949 s->e2p_data = s->eeprom[addr]; 950 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data); 951 break; 952 case 1: 953 s->eeprom_writable = 0; 954 DPRINTF("EEPROM Write Disable\n"); 955 break; 956 case 2: /* EWEN */ 957 s->eeprom_writable = 1; 958 DPRINTF("EEPROM Write Enable\n"); 959 break; 960 case 3: /* WRITE */ 961 if (s->eeprom_writable) { 962 s->eeprom[addr] &= s->e2p_data; 963 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data); 964 } else { 965 DPRINTF("EEPROM Write %d (ignored)\n", addr); 966 } 967 break; 968 case 4: /* WRAL */ 969 if (s->eeprom_writable) { 970 for (addr = 0; addr < 128; addr++) { 971 s->eeprom[addr] &= s->e2p_data; 972 } 973 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data); 974 } else { 975 DPRINTF("EEPROM Write All (ignored)\n"); 976 } 977 break; 978 case 5: /* ERASE */ 979 if (s->eeprom_writable) { 980 s->eeprom[addr] = 0xff; 981 DPRINTF("EEPROM Erase %d\n", addr); 982 } else { 983 DPRINTF("EEPROM Erase %d (ignored)\n", addr); 984 } 985 break; 986 case 6: /* ERAL */ 987 if (s->eeprom_writable) { 988 memset(s->eeprom, 0xff, 128); 989 DPRINTF("EEPROM Erase All\n"); 990 } else { 991 DPRINTF("EEPROM Erase All (ignored)\n"); 992 } 993 break; 994 case 7: /* RELOAD */ 995 lan9118_reload_eeprom(s); 996 break; 997 } 998 } 999 1000 static void lan9118_tick(void *opaque) 1001 { 1002 lan9118_state *s = (lan9118_state *)opaque; 1003 if (s->int_en & GPT_INT) { 1004 s->int_sts |= GPT_INT; 1005 } 1006 lan9118_update(s); 1007 } 1008 1009 static void lan9118_writel(void *opaque, hwaddr offset, 1010 uint64_t val, unsigned size) 1011 { 1012 lan9118_state *s = (lan9118_state *)opaque; 1013 offset &= 0xff; 1014 1015 //DPRINTF("Write reg 0x%02x = 0x%08x\n", (int)offset, val); 1016 if (offset >= 0x20 && offset < 0x40) { 1017 /* TX FIFO */ 1018 tx_fifo_push(s, val); 1019 return; 1020 } 1021 switch (offset) { 1022 case CSR_IRQ_CFG: 1023 /* TODO: Implement interrupt deassertion intervals. */ 1024 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE); 1025 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val; 1026 break; 1027 case CSR_INT_STS: 1028 s->int_sts &= ~val; 1029 break; 1030 case CSR_INT_EN: 1031 s->int_en = val & ~RESERVED_INT; 1032 s->int_sts |= val & SW_INT; 1033 break; 1034 case CSR_FIFO_INT: 1035 DPRINTF("FIFO INT levels %08x\n", val); 1036 s->fifo_int = val; 1037 break; 1038 case CSR_RX_CFG: 1039 if (val & 0x8000) { 1040 /* RX_DUMP */ 1041 s->rx_fifo_used = 0; 1042 s->rx_status_fifo_used = 0; 1043 s->rx_packet_size_tail = s->rx_packet_size_head; 1044 s->rx_packet_size[s->rx_packet_size_head] = 0; 1045 } 1046 s->rx_cfg = val & 0xcfff1ff0; 1047 break; 1048 case CSR_TX_CFG: 1049 if (val & 0x8000) { 1050 s->tx_status_fifo_used = 0; 1051 } 1052 if (val & 0x4000) { 1053 s->txp->state = TX_IDLE; 1054 s->txp->fifo_used = 0; 1055 s->txp->cmd_a = 0xffffffff; 1056 } 1057 s->tx_cfg = val & 6; 1058 break; 1059 case CSR_HW_CFG: 1060 if (val & 1) { 1061 /* SRST */ 1062 lan9118_reset(DEVICE(s)); 1063 } else { 1064 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4); 1065 } 1066 break; 1067 case CSR_RX_DP_CTRL: 1068 if (val & 0x80000000) { 1069 /* Skip forward to next packet. */ 1070 s->rxp_pad = 0; 1071 s->rxp_offset = 0; 1072 if (s->rxp_size == 0) { 1073 /* Pop a word to start the next packet. */ 1074 rx_fifo_pop(s); 1075 s->rxp_pad = 0; 1076 s->rxp_offset = 0; 1077 } 1078 s->rx_fifo_head += s->rxp_size; 1079 if (s->rx_fifo_head >= s->rx_fifo_size) { 1080 s->rx_fifo_head -= s->rx_fifo_size; 1081 } 1082 } 1083 break; 1084 case CSR_PMT_CTRL: 1085 if (val & 0x400) { 1086 phy_reset(s); 1087 } 1088 s->pmt_ctrl &= ~0x34e; 1089 s->pmt_ctrl |= (val & 0x34e); 1090 break; 1091 case CSR_GPIO_CFG: 1092 /* Probably just enabling LEDs. */ 1093 s->gpio_cfg = val & 0x7777071f; 1094 break; 1095 case CSR_GPT_CFG: 1096 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) { 1097 if (val & GPT_TIMER_EN) { 1098 ptimer_set_count(s->timer, val & 0xffff); 1099 ptimer_run(s->timer, 0); 1100 } else { 1101 ptimer_stop(s->timer); 1102 ptimer_set_count(s->timer, 0xffff); 1103 } 1104 } 1105 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff); 1106 break; 1107 case CSR_WORD_SWAP: 1108 /* Ignored because we're in 32-bit mode. */ 1109 s->word_swap = val; 1110 break; 1111 case CSR_MAC_CSR_CMD: 1112 s->mac_cmd = val & 0x4000000f; 1113 if (val & 0x80000000) { 1114 if (val & 0x40000000) { 1115 s->mac_data = do_mac_read(s, val & 0xf); 1116 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data); 1117 } else { 1118 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data); 1119 do_mac_write(s, val & 0xf, s->mac_data); 1120 } 1121 } 1122 break; 1123 case CSR_MAC_CSR_DATA: 1124 s->mac_data = val; 1125 break; 1126 case CSR_AFC_CFG: 1127 s->afc_cfg = val & 0x00ffffff; 1128 break; 1129 case CSR_E2P_CMD: 1130 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f); 1131 break; 1132 case CSR_E2P_DATA: 1133 s->e2p_data = val & 0xff; 1134 break; 1135 1136 default: 1137 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n", 1138 (int)offset, (int)val); 1139 break; 1140 } 1141 lan9118_update(s); 1142 } 1143 1144 static void lan9118_writew(void *opaque, hwaddr offset, 1145 uint32_t val) 1146 { 1147 lan9118_state *s = (lan9118_state *)opaque; 1148 offset &= 0xff; 1149 1150 if (s->write_word_prev_offset != (offset & ~0x3)) { 1151 /* New offset, reset word counter */ 1152 s->write_word_n = 0; 1153 s->write_word_prev_offset = offset & ~0x3; 1154 } 1155 1156 if (offset & 0x2) { 1157 s->write_word_h = val; 1158 } else { 1159 s->write_word_l = val; 1160 } 1161 1162 //DPRINTF("Writew reg 0x%02x = 0x%08x\n", (int)offset, val); 1163 s->write_word_n++; 1164 if (s->write_word_n == 2) { 1165 s->write_word_n = 0; 1166 lan9118_writel(s, offset & ~3, s->write_word_l + 1167 (s->write_word_h << 16), 4); 1168 } 1169 } 1170 1171 static void lan9118_16bit_mode_write(void *opaque, hwaddr offset, 1172 uint64_t val, unsigned size) 1173 { 1174 switch (size) { 1175 case 2: 1176 lan9118_writew(opaque, offset, (uint32_t)val); 1177 return; 1178 case 4: 1179 lan9118_writel(opaque, offset, val, size); 1180 return; 1181 } 1182 1183 hw_error("lan9118_write: Bad size 0x%x\n", size); 1184 } 1185 1186 static uint64_t lan9118_readl(void *opaque, hwaddr offset, 1187 unsigned size) 1188 { 1189 lan9118_state *s = (lan9118_state *)opaque; 1190 1191 //DPRINTF("Read reg 0x%02x\n", (int)offset); 1192 if (offset < 0x20) { 1193 /* RX FIFO */ 1194 return rx_fifo_pop(s); 1195 } 1196 switch (offset) { 1197 case 0x40: 1198 return rx_status_fifo_pop(s); 1199 case 0x44: 1200 return s->rx_status_fifo[s->tx_status_fifo_head]; 1201 case 0x48: 1202 return tx_status_fifo_pop(s); 1203 case 0x4c: 1204 return s->tx_status_fifo[s->tx_status_fifo_head]; 1205 case CSR_ID_REV: 1206 return 0x01180001; 1207 case CSR_IRQ_CFG: 1208 return s->irq_cfg; 1209 case CSR_INT_STS: 1210 return s->int_sts; 1211 case CSR_INT_EN: 1212 return s->int_en; 1213 case CSR_BYTE_TEST: 1214 return 0x87654321; 1215 case CSR_FIFO_INT: 1216 return s->fifo_int; 1217 case CSR_RX_CFG: 1218 return s->rx_cfg; 1219 case CSR_TX_CFG: 1220 return s->tx_cfg; 1221 case CSR_HW_CFG: 1222 return s->hw_cfg; 1223 case CSR_RX_DP_CTRL: 1224 return 0; 1225 case CSR_RX_FIFO_INF: 1226 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2); 1227 case CSR_TX_FIFO_INF: 1228 return (s->tx_status_fifo_used << 16) 1229 | (s->tx_fifo_size - s->txp->fifo_used); 1230 case CSR_PMT_CTRL: 1231 return s->pmt_ctrl; 1232 case CSR_GPIO_CFG: 1233 return s->gpio_cfg; 1234 case CSR_GPT_CFG: 1235 return s->gpt_cfg; 1236 case CSR_GPT_CNT: 1237 return ptimer_get_count(s->timer); 1238 case CSR_WORD_SWAP: 1239 return s->word_swap; 1240 case CSR_FREE_RUN: 1241 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start; 1242 case CSR_RX_DROP: 1243 /* TODO: Implement dropped frames counter. */ 1244 return 0; 1245 case CSR_MAC_CSR_CMD: 1246 return s->mac_cmd; 1247 case CSR_MAC_CSR_DATA: 1248 return s->mac_data; 1249 case CSR_AFC_CFG: 1250 return s->afc_cfg; 1251 case CSR_E2P_CMD: 1252 return s->e2p_cmd; 1253 case CSR_E2P_DATA: 1254 return s->e2p_data; 1255 } 1256 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset); 1257 return 0; 1258 } 1259 1260 static uint32_t lan9118_readw(void *opaque, hwaddr offset) 1261 { 1262 lan9118_state *s = (lan9118_state *)opaque; 1263 uint32_t val; 1264 1265 if (s->read_word_prev_offset != (offset & ~0x3)) { 1266 /* New offset, reset word counter */ 1267 s->read_word_n = 0; 1268 s->read_word_prev_offset = offset & ~0x3; 1269 } 1270 1271 s->read_word_n++; 1272 if (s->read_word_n == 1) { 1273 s->read_long = lan9118_readl(s, offset & ~3, 4); 1274 } else { 1275 s->read_word_n = 0; 1276 } 1277 1278 if (offset & 2) { 1279 val = s->read_long >> 16; 1280 } else { 1281 val = s->read_long & 0xFFFF; 1282 } 1283 1284 //DPRINTF("Readw reg 0x%02x, val 0x%x\n", (int)offset, val); 1285 return val; 1286 } 1287 1288 static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset, 1289 unsigned size) 1290 { 1291 switch (size) { 1292 case 2: 1293 return lan9118_readw(opaque, offset); 1294 case 4: 1295 return lan9118_readl(opaque, offset, size); 1296 } 1297 1298 hw_error("lan9118_read: Bad size 0x%x\n", size); 1299 return 0; 1300 } 1301 1302 static const MemoryRegionOps lan9118_mem_ops = { 1303 .read = lan9118_readl, 1304 .write = lan9118_writel, 1305 .endianness = DEVICE_NATIVE_ENDIAN, 1306 }; 1307 1308 static const MemoryRegionOps lan9118_16bit_mem_ops = { 1309 .read = lan9118_16bit_mode_read, 1310 .write = lan9118_16bit_mode_write, 1311 .endianness = DEVICE_NATIVE_ENDIAN, 1312 }; 1313 1314 static NetClientInfo net_lan9118_info = { 1315 .type = NET_CLIENT_OPTIONS_KIND_NIC, 1316 .size = sizeof(NICState), 1317 .receive = lan9118_receive, 1318 .link_status_changed = lan9118_set_link, 1319 }; 1320 1321 static int lan9118_init1(SysBusDevice *sbd) 1322 { 1323 DeviceState *dev = DEVICE(sbd); 1324 lan9118_state *s = LAN9118(dev); 1325 QEMUBH *bh; 1326 int i; 1327 const MemoryRegionOps *mem_ops = 1328 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops; 1329 1330 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s, 1331 "lan9118-mmio", 0x100); 1332 sysbus_init_mmio(sbd, &s->mmio); 1333 sysbus_init_irq(sbd, &s->irq); 1334 qemu_macaddr_default_if_unset(&s->conf.macaddr); 1335 1336 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf, 1337 object_get_typename(OBJECT(dev)), dev->id, s); 1338 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 1339 s->eeprom[0] = 0xa5; 1340 for (i = 0; i < 6; i++) { 1341 s->eeprom[i + 1] = s->conf.macaddr.a[i]; 1342 } 1343 s->pmt_ctrl = 1; 1344 s->txp = &s->tx_packet; 1345 1346 bh = qemu_bh_new(lan9118_tick, s); 1347 s->timer = ptimer_init(bh); 1348 ptimer_set_freq(s->timer, 10000); 1349 ptimer_set_limit(s->timer, 0xffff, 1); 1350 1351 return 0; 1352 } 1353 1354 static Property lan9118_properties[] = { 1355 DEFINE_NIC_PROPERTIES(lan9118_state, conf), 1356 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0), 1357 DEFINE_PROP_END_OF_LIST(), 1358 }; 1359 1360 static void lan9118_class_init(ObjectClass *klass, void *data) 1361 { 1362 DeviceClass *dc = DEVICE_CLASS(klass); 1363 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass); 1364 1365 k->init = lan9118_init1; 1366 dc->reset = lan9118_reset; 1367 dc->props = lan9118_properties; 1368 dc->vmsd = &vmstate_lan9118; 1369 } 1370 1371 static const TypeInfo lan9118_info = { 1372 .name = TYPE_LAN9118, 1373 .parent = TYPE_SYS_BUS_DEVICE, 1374 .instance_size = sizeof(lan9118_state), 1375 .class_init = lan9118_class_init, 1376 }; 1377 1378 static void lan9118_register_types(void) 1379 { 1380 type_register_static(&lan9118_info); 1381 } 1382 1383 /* Legacy helper function. Should go away when machine config files are 1384 implemented. */ 1385 void lan9118_init(NICInfo *nd, uint32_t base, qemu_irq irq) 1386 { 1387 DeviceState *dev; 1388 SysBusDevice *s; 1389 1390 qemu_check_nic_model(nd, "lan9118"); 1391 dev = qdev_create(NULL, TYPE_LAN9118); 1392 qdev_set_nic_properties(dev, nd); 1393 qdev_init_nofail(dev); 1394 s = SYS_BUS_DEVICE(dev); 1395 sysbus_mmio_map(s, 0, base); 1396 sysbus_connect_irq(s, 0, irq); 1397 } 1398 1399 type_init(lan9118_register_types) 1400