1 /** 2 * QEMU RTL8139 emulation 3 * 4 * Copyright (c) 2006 Igor Kovalenko 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 24 * Modifications: 25 * 2006-Jan-28 Mark Malakanov : TSAD and CSCR implementation (for Windows driver) 26 * 27 * 2006-Apr-28 Juergen Lock : EEPROM emulation changes for FreeBSD driver 28 * HW revision ID changes for FreeBSD driver 29 * 30 * 2006-Jul-01 Igor Kovalenko : Implemented loopback mode for FreeBSD driver 31 * Corrected packet transfer reassembly routine for 8139C+ mode 32 * Rearranged debugging print statements 33 * Implemented PCI timer interrupt (disabled by default) 34 * Implemented Tally Counters, increased VM load/save version 35 * Implemented IP/TCP/UDP checksum task offloading 36 * 37 * 2006-Jul-04 Igor Kovalenko : Implemented TCP segmentation offloading 38 * Fixed MTU=1500 for produced ethernet frames 39 * 40 * 2006-Jul-09 Igor Kovalenko : Fixed TCP header length calculation while processing 41 * segmentation offloading 42 * Removed slirp.h dependency 43 * Added rx/tx buffer reset when enabling rx/tx operation 44 * 45 * 2010-Feb-04 Frediano Ziglio: Rewrote timer support using QEMU timer only 46 * when strictly needed (required for for 47 * Darwin) 48 * 2011-Mar-22 Benjamin Poirier: Implemented VLAN offloading 49 */ 50 51 /* For crc32 */ 52 #include <zlib.h> 53 54 #include "hw/hw.h" 55 #include "hw/pci/pci.h" 56 #include "sysemu/dma.h" 57 #include "qemu/timer.h" 58 #include "net/net.h" 59 #include "hw/loader.h" 60 #include "sysemu/sysemu.h" 61 #include "qemu/iov.h" 62 63 /* debug RTL8139 card */ 64 //#define DEBUG_RTL8139 1 65 66 #define PCI_FREQUENCY 33000000L 67 68 #define SET_MASKED(input, mask, curr) \ 69 ( ( (input) & ~(mask) ) | ( (curr) & (mask) ) ) 70 71 /* arg % size for size which is a power of 2 */ 72 #define MOD2(input, size) \ 73 ( ( input ) & ( size - 1 ) ) 74 75 #define ETHER_ADDR_LEN 6 76 #define ETHER_TYPE_LEN 2 77 #define ETH_HLEN (ETHER_ADDR_LEN * 2 + ETHER_TYPE_LEN) 78 #define ETH_P_IP 0x0800 /* Internet Protocol packet */ 79 #define ETH_P_8021Q 0x8100 /* 802.1Q VLAN Extended Header */ 80 #define ETH_MTU 1500 81 82 #define VLAN_TCI_LEN 2 83 #define VLAN_HLEN (ETHER_TYPE_LEN + VLAN_TCI_LEN) 84 85 #if defined (DEBUG_RTL8139) 86 # define DPRINTF(fmt, ...) \ 87 do { fprintf(stderr, "RTL8139: " fmt, ## __VA_ARGS__); } while (0) 88 #else 89 static inline GCC_FMT_ATTR(1, 2) int DPRINTF(const char *fmt, ...) 90 { 91 return 0; 92 } 93 #endif 94 95 /* Symbolic offsets to registers. */ 96 enum RTL8139_registers { 97 MAC0 = 0, /* Ethernet hardware address. */ 98 MAR0 = 8, /* Multicast filter. */ 99 TxStatus0 = 0x10,/* Transmit status (Four 32bit registers). C mode only */ 100 /* Dump Tally Conter control register(64bit). C+ mode only */ 101 TxAddr0 = 0x20, /* Tx descriptors (also four 32bit). */ 102 RxBuf = 0x30, 103 ChipCmd = 0x37, 104 RxBufPtr = 0x38, 105 RxBufAddr = 0x3A, 106 IntrMask = 0x3C, 107 IntrStatus = 0x3E, 108 TxConfig = 0x40, 109 RxConfig = 0x44, 110 Timer = 0x48, /* A general-purpose counter. */ 111 RxMissed = 0x4C, /* 24 bits valid, write clears. */ 112 Cfg9346 = 0x50, 113 Config0 = 0x51, 114 Config1 = 0x52, 115 FlashReg = 0x54, 116 MediaStatus = 0x58, 117 Config3 = 0x59, 118 Config4 = 0x5A, /* absent on RTL-8139A */ 119 HltClk = 0x5B, 120 MultiIntr = 0x5C, 121 PCIRevisionID = 0x5E, 122 TxSummary = 0x60, /* TSAD register. Transmit Status of All Descriptors*/ 123 BasicModeCtrl = 0x62, 124 BasicModeStatus = 0x64, 125 NWayAdvert = 0x66, 126 NWayLPAR = 0x68, 127 NWayExpansion = 0x6A, 128 /* Undocumented registers, but required for proper operation. */ 129 FIFOTMS = 0x70, /* FIFO Control and test. */ 130 CSCR = 0x74, /* Chip Status and Configuration Register. */ 131 PARA78 = 0x78, 132 PARA7c = 0x7c, /* Magic transceiver parameter register. */ 133 Config5 = 0xD8, /* absent on RTL-8139A */ 134 /* C+ mode */ 135 TxPoll = 0xD9, /* Tell chip to check Tx descriptors for work */ 136 RxMaxSize = 0xDA, /* Max size of an Rx packet (8169 only) */ 137 CpCmd = 0xE0, /* C+ Command register (C+ mode only) */ 138 IntrMitigate = 0xE2, /* rx/tx interrupt mitigation control */ 139 RxRingAddrLO = 0xE4, /* 64-bit start addr of Rx ring */ 140 RxRingAddrHI = 0xE8, /* 64-bit start addr of Rx ring */ 141 TxThresh = 0xEC, /* Early Tx threshold */ 142 }; 143 144 enum ClearBitMasks { 145 MultiIntrClear = 0xF000, 146 ChipCmdClear = 0xE2, 147 Config1Clear = (1<<7)|(1<<6)|(1<<3)|(1<<2)|(1<<1), 148 }; 149 150 enum ChipCmdBits { 151 CmdReset = 0x10, 152 CmdRxEnb = 0x08, 153 CmdTxEnb = 0x04, 154 RxBufEmpty = 0x01, 155 }; 156 157 /* C+ mode */ 158 enum CplusCmdBits { 159 CPlusRxVLAN = 0x0040, /* enable receive VLAN detagging */ 160 CPlusRxChkSum = 0x0020, /* enable receive checksum offloading */ 161 CPlusRxEnb = 0x0002, 162 CPlusTxEnb = 0x0001, 163 }; 164 165 /* Interrupt register bits, using my own meaningful names. */ 166 enum IntrStatusBits { 167 PCIErr = 0x8000, 168 PCSTimeout = 0x4000, 169 RxFIFOOver = 0x40, 170 RxUnderrun = 0x20, /* Packet Underrun / Link Change */ 171 RxOverflow = 0x10, 172 TxErr = 0x08, 173 TxOK = 0x04, 174 RxErr = 0x02, 175 RxOK = 0x01, 176 177 RxAckBits = RxFIFOOver | RxOverflow | RxOK, 178 }; 179 180 enum TxStatusBits { 181 TxHostOwns = 0x2000, 182 TxUnderrun = 0x4000, 183 TxStatOK = 0x8000, 184 TxOutOfWindow = 0x20000000, 185 TxAborted = 0x40000000, 186 TxCarrierLost = 0x80000000, 187 }; 188 enum RxStatusBits { 189 RxMulticast = 0x8000, 190 RxPhysical = 0x4000, 191 RxBroadcast = 0x2000, 192 RxBadSymbol = 0x0020, 193 RxRunt = 0x0010, 194 RxTooLong = 0x0008, 195 RxCRCErr = 0x0004, 196 RxBadAlign = 0x0002, 197 RxStatusOK = 0x0001, 198 }; 199 200 /* Bits in RxConfig. */ 201 enum rx_mode_bits { 202 AcceptErr = 0x20, 203 AcceptRunt = 0x10, 204 AcceptBroadcast = 0x08, 205 AcceptMulticast = 0x04, 206 AcceptMyPhys = 0x02, 207 AcceptAllPhys = 0x01, 208 }; 209 210 /* Bits in TxConfig. */ 211 enum tx_config_bits { 212 213 /* Interframe Gap Time. Only TxIFG96 doesn't violate IEEE 802.3 */ 214 TxIFGShift = 24, 215 TxIFG84 = (0 << TxIFGShift), /* 8.4us / 840ns (10 / 100Mbps) */ 216 TxIFG88 = (1 << TxIFGShift), /* 8.8us / 880ns (10 / 100Mbps) */ 217 TxIFG92 = (2 << TxIFGShift), /* 9.2us / 920ns (10 / 100Mbps) */ 218 TxIFG96 = (3 << TxIFGShift), /* 9.6us / 960ns (10 / 100Mbps) */ 219 220 TxLoopBack = (1 << 18) | (1 << 17), /* enable loopback test mode */ 221 TxCRC = (1 << 16), /* DISABLE appending CRC to end of Tx packets */ 222 TxClearAbt = (1 << 0), /* Clear abort (WO) */ 223 TxDMAShift = 8, /* DMA burst value (0-7) is shifted this many bits */ 224 TxRetryShift = 4, /* TXRR value (0-15) is shifted this many bits */ 225 226 TxVersionMask = 0x7C800000, /* mask out version bits 30-26, 23 */ 227 }; 228 229 230 /* Transmit Status of All Descriptors (TSAD) Register */ 231 enum TSAD_bits { 232 TSAD_TOK3 = 1<<15, // TOK bit of Descriptor 3 233 TSAD_TOK2 = 1<<14, // TOK bit of Descriptor 2 234 TSAD_TOK1 = 1<<13, // TOK bit of Descriptor 1 235 TSAD_TOK0 = 1<<12, // TOK bit of Descriptor 0 236 TSAD_TUN3 = 1<<11, // TUN bit of Descriptor 3 237 TSAD_TUN2 = 1<<10, // TUN bit of Descriptor 2 238 TSAD_TUN1 = 1<<9, // TUN bit of Descriptor 1 239 TSAD_TUN0 = 1<<8, // TUN bit of Descriptor 0 240 TSAD_TABT3 = 1<<07, // TABT bit of Descriptor 3 241 TSAD_TABT2 = 1<<06, // TABT bit of Descriptor 2 242 TSAD_TABT1 = 1<<05, // TABT bit of Descriptor 1 243 TSAD_TABT0 = 1<<04, // TABT bit of Descriptor 0 244 TSAD_OWN3 = 1<<03, // OWN bit of Descriptor 3 245 TSAD_OWN2 = 1<<02, // OWN bit of Descriptor 2 246 TSAD_OWN1 = 1<<01, // OWN bit of Descriptor 1 247 TSAD_OWN0 = 1<<00, // OWN bit of Descriptor 0 248 }; 249 250 251 /* Bits in Config1 */ 252 enum Config1Bits { 253 Cfg1_PM_Enable = 0x01, 254 Cfg1_VPD_Enable = 0x02, 255 Cfg1_PIO = 0x04, 256 Cfg1_MMIO = 0x08, 257 LWAKE = 0x10, /* not on 8139, 8139A */ 258 Cfg1_Driver_Load = 0x20, 259 Cfg1_LED0 = 0x40, 260 Cfg1_LED1 = 0x80, 261 SLEEP = (1 << 1), /* only on 8139, 8139A */ 262 PWRDN = (1 << 0), /* only on 8139, 8139A */ 263 }; 264 265 /* Bits in Config3 */ 266 enum Config3Bits { 267 Cfg3_FBtBEn = (1 << 0), /* 1 = Fast Back to Back */ 268 Cfg3_FuncRegEn = (1 << 1), /* 1 = enable CardBus Function registers */ 269 Cfg3_CLKRUN_En = (1 << 2), /* 1 = enable CLKRUN */ 270 Cfg3_CardB_En = (1 << 3), /* 1 = enable CardBus registers */ 271 Cfg3_LinkUp = (1 << 4), /* 1 = wake up on link up */ 272 Cfg3_Magic = (1 << 5), /* 1 = wake up on Magic Packet (tm) */ 273 Cfg3_PARM_En = (1 << 6), /* 0 = software can set twister parameters */ 274 Cfg3_GNTSel = (1 << 7), /* 1 = delay 1 clock from PCI GNT signal */ 275 }; 276 277 /* Bits in Config4 */ 278 enum Config4Bits { 279 LWPTN = (1 << 2), /* not on 8139, 8139A */ 280 }; 281 282 /* Bits in Config5 */ 283 enum Config5Bits { 284 Cfg5_PME_STS = (1 << 0), /* 1 = PCI reset resets PME_Status */ 285 Cfg5_LANWake = (1 << 1), /* 1 = enable LANWake signal */ 286 Cfg5_LDPS = (1 << 2), /* 0 = save power when link is down */ 287 Cfg5_FIFOAddrPtr = (1 << 3), /* Realtek internal SRAM testing */ 288 Cfg5_UWF = (1 << 4), /* 1 = accept unicast wakeup frame */ 289 Cfg5_MWF = (1 << 5), /* 1 = accept multicast wakeup frame */ 290 Cfg5_BWF = (1 << 6), /* 1 = accept broadcast wakeup frame */ 291 }; 292 293 enum RxConfigBits { 294 /* rx fifo threshold */ 295 RxCfgFIFOShift = 13, 296 RxCfgFIFONone = (7 << RxCfgFIFOShift), 297 298 /* Max DMA burst */ 299 RxCfgDMAShift = 8, 300 RxCfgDMAUnlimited = (7 << RxCfgDMAShift), 301 302 /* rx ring buffer length */ 303 RxCfgRcv8K = 0, 304 RxCfgRcv16K = (1 << 11), 305 RxCfgRcv32K = (1 << 12), 306 RxCfgRcv64K = (1 << 11) | (1 << 12), 307 308 /* Disable packet wrap at end of Rx buffer. (not possible with 64k) */ 309 RxNoWrap = (1 << 7), 310 }; 311 312 /* Twister tuning parameters from RealTek. 313 Completely undocumented, but required to tune bad links on some boards. */ 314 /* 315 enum CSCRBits { 316 CSCR_LinkOKBit = 0x0400, 317 CSCR_LinkChangeBit = 0x0800, 318 CSCR_LinkStatusBits = 0x0f000, 319 CSCR_LinkDownOffCmd = 0x003c0, 320 CSCR_LinkDownCmd = 0x0f3c0, 321 */ 322 enum CSCRBits { 323 CSCR_Testfun = 1<<15, /* 1 = Auto-neg speeds up internal timer, WO, def 0 */ 324 CSCR_LD = 1<<9, /* Active low TPI link disable signal. When low, TPI still transmits link pulses and TPI stays in good link state. def 1*/ 325 CSCR_HEART_BIT = 1<<8, /* 1 = HEART BEAT enable, 0 = HEART BEAT disable. HEART BEAT function is only valid in 10Mbps mode. def 1*/ 326 CSCR_JBEN = 1<<7, /* 1 = enable jabber function. 0 = disable jabber function, def 1*/ 327 CSCR_F_LINK_100 = 1<<6, /* Used to login force good link in 100Mbps for diagnostic purposes. 1 = DISABLE, 0 = ENABLE. def 1*/ 328 CSCR_F_Connect = 1<<5, /* Assertion of this bit forces the disconnect function to be bypassed. def 0*/ 329 CSCR_Con_status = 1<<3, /* This bit indicates the status of the connection. 1 = valid connected link detected; 0 = disconnected link detected. RO def 0*/ 330 CSCR_Con_status_En = 1<<2, /* Assertion of this bit configures LED1 pin to indicate connection status. def 0*/ 331 CSCR_PASS_SCR = 1<<0, /* Bypass Scramble, def 0*/ 332 }; 333 334 enum Cfg9346Bits { 335 Cfg9346_Normal = 0x00, 336 Cfg9346_Autoload = 0x40, 337 Cfg9346_Programming = 0x80, 338 Cfg9346_ConfigWrite = 0xC0, 339 }; 340 341 typedef enum { 342 CH_8139 = 0, 343 CH_8139_K, 344 CH_8139A, 345 CH_8139A_G, 346 CH_8139B, 347 CH_8130, 348 CH_8139C, 349 CH_8100, 350 CH_8100B_8139D, 351 CH_8101, 352 } chip_t; 353 354 enum chip_flags { 355 HasHltClk = (1 << 0), 356 HasLWake = (1 << 1), 357 }; 358 359 #define HW_REVID(b30, b29, b28, b27, b26, b23, b22) \ 360 (b30<<30 | b29<<29 | b28<<28 | b27<<27 | b26<<26 | b23<<23 | b22<<22) 361 #define HW_REVID_MASK HW_REVID(1, 1, 1, 1, 1, 1, 1) 362 363 #define RTL8139_PCI_REVID_8139 0x10 364 #define RTL8139_PCI_REVID_8139CPLUS 0x20 365 366 #define RTL8139_PCI_REVID RTL8139_PCI_REVID_8139CPLUS 367 368 /* Size is 64 * 16bit words */ 369 #define EEPROM_9346_ADDR_BITS 6 370 #define EEPROM_9346_SIZE (1 << EEPROM_9346_ADDR_BITS) 371 #define EEPROM_9346_ADDR_MASK (EEPROM_9346_SIZE - 1) 372 373 enum Chip9346Operation 374 { 375 Chip9346_op_mask = 0xc0, /* 10 zzzzzz */ 376 Chip9346_op_read = 0x80, /* 10 AAAAAA */ 377 Chip9346_op_write = 0x40, /* 01 AAAAAA D(15)..D(0) */ 378 Chip9346_op_ext_mask = 0xf0, /* 11 zzzzzz */ 379 Chip9346_op_write_enable = 0x30, /* 00 11zzzz */ 380 Chip9346_op_write_all = 0x10, /* 00 01zzzz */ 381 Chip9346_op_write_disable = 0x00, /* 00 00zzzz */ 382 }; 383 384 enum Chip9346Mode 385 { 386 Chip9346_none = 0, 387 Chip9346_enter_command_mode, 388 Chip9346_read_command, 389 Chip9346_data_read, /* from output register */ 390 Chip9346_data_write, /* to input register, then to contents at specified address */ 391 Chip9346_data_write_all, /* to input register, then filling contents */ 392 }; 393 394 typedef struct EEprom9346 395 { 396 uint16_t contents[EEPROM_9346_SIZE]; 397 int mode; 398 uint32_t tick; 399 uint8_t address; 400 uint16_t input; 401 uint16_t output; 402 403 uint8_t eecs; 404 uint8_t eesk; 405 uint8_t eedi; 406 uint8_t eedo; 407 } EEprom9346; 408 409 typedef struct RTL8139TallyCounters 410 { 411 /* Tally counters */ 412 uint64_t TxOk; 413 uint64_t RxOk; 414 uint64_t TxERR; 415 uint32_t RxERR; 416 uint16_t MissPkt; 417 uint16_t FAE; 418 uint32_t Tx1Col; 419 uint32_t TxMCol; 420 uint64_t RxOkPhy; 421 uint64_t RxOkBrd; 422 uint32_t RxOkMul; 423 uint16_t TxAbt; 424 uint16_t TxUndrn; 425 } RTL8139TallyCounters; 426 427 /* Clears all tally counters */ 428 static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters); 429 430 typedef struct RTL8139State { 431 PCIDevice dev; 432 uint8_t phys[8]; /* mac address */ 433 uint8_t mult[8]; /* multicast mask array */ 434 435 uint32_t TxStatus[4]; /* TxStatus0 in C mode*/ /* also DTCCR[0] and DTCCR[1] in C+ mode */ 436 uint32_t TxAddr[4]; /* TxAddr0 */ 437 uint32_t RxBuf; /* Receive buffer */ 438 uint32_t RxBufferSize;/* internal variable, receive ring buffer size in C mode */ 439 uint32_t RxBufPtr; 440 uint32_t RxBufAddr; 441 442 uint16_t IntrStatus; 443 uint16_t IntrMask; 444 445 uint32_t TxConfig; 446 uint32_t RxConfig; 447 uint32_t RxMissed; 448 449 uint16_t CSCR; 450 451 uint8_t Cfg9346; 452 uint8_t Config0; 453 uint8_t Config1; 454 uint8_t Config3; 455 uint8_t Config4; 456 uint8_t Config5; 457 458 uint8_t clock_enabled; 459 uint8_t bChipCmdState; 460 461 uint16_t MultiIntr; 462 463 uint16_t BasicModeCtrl; 464 uint16_t BasicModeStatus; 465 uint16_t NWayAdvert; 466 uint16_t NWayLPAR; 467 uint16_t NWayExpansion; 468 469 uint16_t CpCmd; 470 uint8_t TxThresh; 471 472 NICState *nic; 473 NICConf conf; 474 475 /* C ring mode */ 476 uint32_t currTxDesc; 477 478 /* C+ mode */ 479 uint32_t cplus_enabled; 480 481 uint32_t currCPlusRxDesc; 482 uint32_t currCPlusTxDesc; 483 484 uint32_t RxRingAddrLO; 485 uint32_t RxRingAddrHI; 486 487 EEprom9346 eeprom; 488 489 uint32_t TCTR; 490 uint32_t TimerInt; 491 int64_t TCTR_base; 492 493 /* Tally counters */ 494 RTL8139TallyCounters tally_counters; 495 496 /* Non-persistent data */ 497 uint8_t *cplus_txbuffer; 498 int cplus_txbuffer_len; 499 int cplus_txbuffer_offset; 500 501 /* PCI interrupt timer */ 502 QEMUTimer *timer; 503 int64_t TimerExpire; 504 505 MemoryRegion bar_io; 506 MemoryRegion bar_mem; 507 508 /* Support migration to/from old versions */ 509 int rtl8139_mmio_io_addr_dummy; 510 } RTL8139State; 511 512 /* Writes tally counters to memory via DMA */ 513 static void RTL8139TallyCounters_dma_write(RTL8139State *s, dma_addr_t tc_addr); 514 515 static void rtl8139_set_next_tctr_time(RTL8139State *s, int64_t current_time); 516 517 static void prom9346_decode_command(EEprom9346 *eeprom, uint8_t command) 518 { 519 DPRINTF("eeprom command 0x%02x\n", command); 520 521 switch (command & Chip9346_op_mask) 522 { 523 case Chip9346_op_read: 524 { 525 eeprom->address = command & EEPROM_9346_ADDR_MASK; 526 eeprom->output = eeprom->contents[eeprom->address]; 527 eeprom->eedo = 0; 528 eeprom->tick = 0; 529 eeprom->mode = Chip9346_data_read; 530 DPRINTF("eeprom read from address 0x%02x data=0x%04x\n", 531 eeprom->address, eeprom->output); 532 } 533 break; 534 535 case Chip9346_op_write: 536 { 537 eeprom->address = command & EEPROM_9346_ADDR_MASK; 538 eeprom->input = 0; 539 eeprom->tick = 0; 540 eeprom->mode = Chip9346_none; /* Chip9346_data_write */ 541 DPRINTF("eeprom begin write to address 0x%02x\n", 542 eeprom->address); 543 } 544 break; 545 default: 546 eeprom->mode = Chip9346_none; 547 switch (command & Chip9346_op_ext_mask) 548 { 549 case Chip9346_op_write_enable: 550 DPRINTF("eeprom write enabled\n"); 551 break; 552 case Chip9346_op_write_all: 553 DPRINTF("eeprom begin write all\n"); 554 break; 555 case Chip9346_op_write_disable: 556 DPRINTF("eeprom write disabled\n"); 557 break; 558 } 559 break; 560 } 561 } 562 563 static void prom9346_shift_clock(EEprom9346 *eeprom) 564 { 565 int bit = eeprom->eedi?1:0; 566 567 ++ eeprom->tick; 568 569 DPRINTF("eeprom: tick %d eedi=%d eedo=%d\n", eeprom->tick, eeprom->eedi, 570 eeprom->eedo); 571 572 switch (eeprom->mode) 573 { 574 case Chip9346_enter_command_mode: 575 if (bit) 576 { 577 eeprom->mode = Chip9346_read_command; 578 eeprom->tick = 0; 579 eeprom->input = 0; 580 DPRINTF("eeprom: +++ synchronized, begin command read\n"); 581 } 582 break; 583 584 case Chip9346_read_command: 585 eeprom->input = (eeprom->input << 1) | (bit & 1); 586 if (eeprom->tick == 8) 587 { 588 prom9346_decode_command(eeprom, eeprom->input & 0xff); 589 } 590 break; 591 592 case Chip9346_data_read: 593 eeprom->eedo = (eeprom->output & 0x8000)?1:0; 594 eeprom->output <<= 1; 595 if (eeprom->tick == 16) 596 { 597 #if 1 598 // the FreeBSD drivers (rl and re) don't explicitly toggle 599 // CS between reads (or does setting Cfg9346 to 0 count too?), 600 // so we need to enter wait-for-command state here 601 eeprom->mode = Chip9346_enter_command_mode; 602 eeprom->input = 0; 603 eeprom->tick = 0; 604 605 DPRINTF("eeprom: +++ end of read, awaiting next command\n"); 606 #else 607 // original behaviour 608 ++eeprom->address; 609 eeprom->address &= EEPROM_9346_ADDR_MASK; 610 eeprom->output = eeprom->contents[eeprom->address]; 611 eeprom->tick = 0; 612 613 DPRINTF("eeprom: +++ read next address 0x%02x data=0x%04x\n", 614 eeprom->address, eeprom->output); 615 #endif 616 } 617 break; 618 619 case Chip9346_data_write: 620 eeprom->input = (eeprom->input << 1) | (bit & 1); 621 if (eeprom->tick == 16) 622 { 623 DPRINTF("eeprom write to address 0x%02x data=0x%04x\n", 624 eeprom->address, eeprom->input); 625 626 eeprom->contents[eeprom->address] = eeprom->input; 627 eeprom->mode = Chip9346_none; /* waiting for next command after CS cycle */ 628 eeprom->tick = 0; 629 eeprom->input = 0; 630 } 631 break; 632 633 case Chip9346_data_write_all: 634 eeprom->input = (eeprom->input << 1) | (bit & 1); 635 if (eeprom->tick == 16) 636 { 637 int i; 638 for (i = 0; i < EEPROM_9346_SIZE; i++) 639 { 640 eeprom->contents[i] = eeprom->input; 641 } 642 DPRINTF("eeprom filled with data=0x%04x\n", eeprom->input); 643 644 eeprom->mode = Chip9346_enter_command_mode; 645 eeprom->tick = 0; 646 eeprom->input = 0; 647 } 648 break; 649 650 default: 651 break; 652 } 653 } 654 655 static int prom9346_get_wire(RTL8139State *s) 656 { 657 EEprom9346 *eeprom = &s->eeprom; 658 if (!eeprom->eecs) 659 return 0; 660 661 return eeprom->eedo; 662 } 663 664 /* FIXME: This should be merged into/replaced by eeprom93xx.c. */ 665 static void prom9346_set_wire(RTL8139State *s, int eecs, int eesk, int eedi) 666 { 667 EEprom9346 *eeprom = &s->eeprom; 668 uint8_t old_eecs = eeprom->eecs; 669 uint8_t old_eesk = eeprom->eesk; 670 671 eeprom->eecs = eecs; 672 eeprom->eesk = eesk; 673 eeprom->eedi = eedi; 674 675 DPRINTF("eeprom: +++ wires CS=%d SK=%d DI=%d DO=%d\n", eeprom->eecs, 676 eeprom->eesk, eeprom->eedi, eeprom->eedo); 677 678 if (!old_eecs && eecs) 679 { 680 /* Synchronize start */ 681 eeprom->tick = 0; 682 eeprom->input = 0; 683 eeprom->output = 0; 684 eeprom->mode = Chip9346_enter_command_mode; 685 686 DPRINTF("=== eeprom: begin access, enter command mode\n"); 687 } 688 689 if (!eecs) 690 { 691 DPRINTF("=== eeprom: end access\n"); 692 return; 693 } 694 695 if (!old_eesk && eesk) 696 { 697 /* SK front rules */ 698 prom9346_shift_clock(eeprom); 699 } 700 } 701 702 static void rtl8139_update_irq(RTL8139State *s) 703 { 704 int isr; 705 isr = (s->IntrStatus & s->IntrMask) & 0xffff; 706 707 DPRINTF("Set IRQ to %d (%04x %04x)\n", isr ? 1 : 0, s->IntrStatus, 708 s->IntrMask); 709 710 qemu_set_irq(s->dev.irq[0], (isr != 0)); 711 } 712 713 static int rtl8139_RxWrap(RTL8139State *s) 714 { 715 /* wrapping enabled; assume 1.5k more buffer space if size < 65536 */ 716 return (s->RxConfig & (1 << 7)); 717 } 718 719 static int rtl8139_receiver_enabled(RTL8139State *s) 720 { 721 return s->bChipCmdState & CmdRxEnb; 722 } 723 724 static int rtl8139_transmitter_enabled(RTL8139State *s) 725 { 726 return s->bChipCmdState & CmdTxEnb; 727 } 728 729 static int rtl8139_cp_receiver_enabled(RTL8139State *s) 730 { 731 return s->CpCmd & CPlusRxEnb; 732 } 733 734 static int rtl8139_cp_transmitter_enabled(RTL8139State *s) 735 { 736 return s->CpCmd & CPlusTxEnb; 737 } 738 739 static void rtl8139_write_buffer(RTL8139State *s, const void *buf, int size) 740 { 741 if (s->RxBufAddr + size > s->RxBufferSize) 742 { 743 int wrapped = MOD2(s->RxBufAddr + size, s->RxBufferSize); 744 745 /* write packet data */ 746 if (wrapped && !(s->RxBufferSize < 65536 && rtl8139_RxWrap(s))) 747 { 748 DPRINTF(">>> rx packet wrapped in buffer at %d\n", size - wrapped); 749 750 if (size > wrapped) 751 { 752 pci_dma_write(&s->dev, s->RxBuf + s->RxBufAddr, 753 buf, size-wrapped); 754 } 755 756 /* reset buffer pointer */ 757 s->RxBufAddr = 0; 758 759 pci_dma_write(&s->dev, s->RxBuf + s->RxBufAddr, 760 buf + (size-wrapped), wrapped); 761 762 s->RxBufAddr = wrapped; 763 764 return; 765 } 766 } 767 768 /* non-wrapping path or overwrapping enabled */ 769 pci_dma_write(&s->dev, s->RxBuf + s->RxBufAddr, buf, size); 770 771 s->RxBufAddr += size; 772 } 773 774 #define MIN_BUF_SIZE 60 775 static inline dma_addr_t rtl8139_addr64(uint32_t low, uint32_t high) 776 { 777 return low | ((uint64_t)high << 32); 778 } 779 780 /* Workaround for buggy guest driver such as linux who allocates rx 781 * rings after the receiver were enabled. */ 782 static bool rtl8139_cp_rx_valid(RTL8139State *s) 783 { 784 return !(s->RxRingAddrLO == 0 && s->RxRingAddrHI == 0); 785 } 786 787 static int rtl8139_can_receive(NetClientState *nc) 788 { 789 RTL8139State *s = qemu_get_nic_opaque(nc); 790 int avail; 791 792 /* Receive (drop) packets if card is disabled. */ 793 if (!s->clock_enabled) 794 return 1; 795 if (!rtl8139_receiver_enabled(s)) 796 return 1; 797 798 if (rtl8139_cp_receiver_enabled(s) && rtl8139_cp_rx_valid(s)) { 799 /* ??? Flow control not implemented in c+ mode. 800 This is a hack to work around slirp deficiencies anyway. */ 801 return 1; 802 } else { 803 avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr, 804 s->RxBufferSize); 805 return (avail == 0 || avail >= 1514 || (s->IntrMask & RxOverflow)); 806 } 807 } 808 809 static ssize_t rtl8139_do_receive(NetClientState *nc, const uint8_t *buf, size_t size_, int do_interrupt) 810 { 811 RTL8139State *s = qemu_get_nic_opaque(nc); 812 /* size is the length of the buffer passed to the driver */ 813 int size = size_; 814 const uint8_t *dot1q_buf = NULL; 815 816 uint32_t packet_header = 0; 817 818 uint8_t buf1[MIN_BUF_SIZE + VLAN_HLEN]; 819 static const uint8_t broadcast_macaddr[6] = 820 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 821 822 DPRINTF(">>> received len=%d\n", size); 823 824 /* test if board clock is stopped */ 825 if (!s->clock_enabled) 826 { 827 DPRINTF("stopped ==========================\n"); 828 return -1; 829 } 830 831 /* first check if receiver is enabled */ 832 833 if (!rtl8139_receiver_enabled(s)) 834 { 835 DPRINTF("receiver disabled ================\n"); 836 return -1; 837 } 838 839 /* XXX: check this */ 840 if (s->RxConfig & AcceptAllPhys) { 841 /* promiscuous: receive all */ 842 DPRINTF(">>> packet received in promiscuous mode\n"); 843 844 } else { 845 if (!memcmp(buf, broadcast_macaddr, 6)) { 846 /* broadcast address */ 847 if (!(s->RxConfig & AcceptBroadcast)) 848 { 849 DPRINTF(">>> broadcast packet rejected\n"); 850 851 /* update tally counter */ 852 ++s->tally_counters.RxERR; 853 854 return size; 855 } 856 857 packet_header |= RxBroadcast; 858 859 DPRINTF(">>> broadcast packet received\n"); 860 861 /* update tally counter */ 862 ++s->tally_counters.RxOkBrd; 863 864 } else if (buf[0] & 0x01) { 865 /* multicast */ 866 if (!(s->RxConfig & AcceptMulticast)) 867 { 868 DPRINTF(">>> multicast packet rejected\n"); 869 870 /* update tally counter */ 871 ++s->tally_counters.RxERR; 872 873 return size; 874 } 875 876 int mcast_idx = compute_mcast_idx(buf); 877 878 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7)))) 879 { 880 DPRINTF(">>> multicast address mismatch\n"); 881 882 /* update tally counter */ 883 ++s->tally_counters.RxERR; 884 885 return size; 886 } 887 888 packet_header |= RxMulticast; 889 890 DPRINTF(">>> multicast packet received\n"); 891 892 /* update tally counter */ 893 ++s->tally_counters.RxOkMul; 894 895 } else if (s->phys[0] == buf[0] && 896 s->phys[1] == buf[1] && 897 s->phys[2] == buf[2] && 898 s->phys[3] == buf[3] && 899 s->phys[4] == buf[4] && 900 s->phys[5] == buf[5]) { 901 /* match */ 902 if (!(s->RxConfig & AcceptMyPhys)) 903 { 904 DPRINTF(">>> rejecting physical address matching packet\n"); 905 906 /* update tally counter */ 907 ++s->tally_counters.RxERR; 908 909 return size; 910 } 911 912 packet_header |= RxPhysical; 913 914 DPRINTF(">>> physical address matching packet received\n"); 915 916 /* update tally counter */ 917 ++s->tally_counters.RxOkPhy; 918 919 } else { 920 921 DPRINTF(">>> unknown packet\n"); 922 923 /* update tally counter */ 924 ++s->tally_counters.RxERR; 925 926 return size; 927 } 928 } 929 930 /* if too small buffer, then expand it 931 * Include some tailroom in case a vlan tag is later removed. */ 932 if (size < MIN_BUF_SIZE + VLAN_HLEN) { 933 memcpy(buf1, buf, size); 934 memset(buf1 + size, 0, MIN_BUF_SIZE + VLAN_HLEN - size); 935 buf = buf1; 936 if (size < MIN_BUF_SIZE) { 937 size = MIN_BUF_SIZE; 938 } 939 } 940 941 if (rtl8139_cp_receiver_enabled(s)) 942 { 943 if (!rtl8139_cp_rx_valid(s)) { 944 return size; 945 } 946 947 DPRINTF("in C+ Rx mode ================\n"); 948 949 /* begin C+ receiver mode */ 950 951 /* w0 ownership flag */ 952 #define CP_RX_OWN (1<<31) 953 /* w0 end of ring flag */ 954 #define CP_RX_EOR (1<<30) 955 /* w0 bits 0...12 : buffer size */ 956 #define CP_RX_BUFFER_SIZE_MASK ((1<<13) - 1) 957 /* w1 tag available flag */ 958 #define CP_RX_TAVA (1<<16) 959 /* w1 bits 0...15 : VLAN tag */ 960 #define CP_RX_VLAN_TAG_MASK ((1<<16) - 1) 961 /* w2 low 32bit of Rx buffer ptr */ 962 /* w3 high 32bit of Rx buffer ptr */ 963 964 int descriptor = s->currCPlusRxDesc; 965 dma_addr_t cplus_rx_ring_desc; 966 967 cplus_rx_ring_desc = rtl8139_addr64(s->RxRingAddrLO, s->RxRingAddrHI); 968 cplus_rx_ring_desc += 16 * descriptor; 969 970 DPRINTF("+++ C+ mode reading RX descriptor %d from host memory at " 971 "%08x %08x = "DMA_ADDR_FMT"\n", descriptor, s->RxRingAddrHI, 972 s->RxRingAddrLO, cplus_rx_ring_desc); 973 974 uint32_t val, rxdw0,rxdw1,rxbufLO,rxbufHI; 975 976 pci_dma_read(&s->dev, cplus_rx_ring_desc, &val, 4); 977 rxdw0 = le32_to_cpu(val); 978 pci_dma_read(&s->dev, cplus_rx_ring_desc+4, &val, 4); 979 rxdw1 = le32_to_cpu(val); 980 pci_dma_read(&s->dev, cplus_rx_ring_desc+8, &val, 4); 981 rxbufLO = le32_to_cpu(val); 982 pci_dma_read(&s->dev, cplus_rx_ring_desc+12, &val, 4); 983 rxbufHI = le32_to_cpu(val); 984 985 DPRINTF("+++ C+ mode RX descriptor %d %08x %08x %08x %08x\n", 986 descriptor, rxdw0, rxdw1, rxbufLO, rxbufHI); 987 988 if (!(rxdw0 & CP_RX_OWN)) 989 { 990 DPRINTF("C+ Rx mode : descriptor %d is owned by host\n", 991 descriptor); 992 993 s->IntrStatus |= RxOverflow; 994 ++s->RxMissed; 995 996 /* update tally counter */ 997 ++s->tally_counters.RxERR; 998 ++s->tally_counters.MissPkt; 999 1000 rtl8139_update_irq(s); 1001 return size_; 1002 } 1003 1004 uint32_t rx_space = rxdw0 & CP_RX_BUFFER_SIZE_MASK; 1005 1006 /* write VLAN info to descriptor variables. */ 1007 if (s->CpCmd & CPlusRxVLAN && be16_to_cpup((uint16_t *) 1008 &buf[ETHER_ADDR_LEN * 2]) == ETH_P_8021Q) { 1009 dot1q_buf = &buf[ETHER_ADDR_LEN * 2]; 1010 size -= VLAN_HLEN; 1011 /* if too small buffer, use the tailroom added duing expansion */ 1012 if (size < MIN_BUF_SIZE) { 1013 size = MIN_BUF_SIZE; 1014 } 1015 1016 rxdw1 &= ~CP_RX_VLAN_TAG_MASK; 1017 /* BE + ~le_to_cpu()~ + cpu_to_le() = BE */ 1018 rxdw1 |= CP_RX_TAVA | le16_to_cpup((uint16_t *) 1019 &dot1q_buf[ETHER_TYPE_LEN]); 1020 1021 DPRINTF("C+ Rx mode : extracted vlan tag with tci: ""%u\n", 1022 be16_to_cpup((uint16_t *)&dot1q_buf[ETHER_TYPE_LEN])); 1023 } else { 1024 /* reset VLAN tag flag */ 1025 rxdw1 &= ~CP_RX_TAVA; 1026 } 1027 1028 /* TODO: scatter the packet over available receive ring descriptors space */ 1029 1030 if (size+4 > rx_space) 1031 { 1032 DPRINTF("C+ Rx mode : descriptor %d size %d received %d + 4\n", 1033 descriptor, rx_space, size); 1034 1035 s->IntrStatus |= RxOverflow; 1036 ++s->RxMissed; 1037 1038 /* update tally counter */ 1039 ++s->tally_counters.RxERR; 1040 ++s->tally_counters.MissPkt; 1041 1042 rtl8139_update_irq(s); 1043 return size_; 1044 } 1045 1046 dma_addr_t rx_addr = rtl8139_addr64(rxbufLO, rxbufHI); 1047 1048 /* receive/copy to target memory */ 1049 if (dot1q_buf) { 1050 pci_dma_write(&s->dev, rx_addr, buf, 2 * ETHER_ADDR_LEN); 1051 pci_dma_write(&s->dev, rx_addr + 2 * ETHER_ADDR_LEN, 1052 buf + 2 * ETHER_ADDR_LEN + VLAN_HLEN, 1053 size - 2 * ETHER_ADDR_LEN); 1054 } else { 1055 pci_dma_write(&s->dev, rx_addr, buf, size); 1056 } 1057 1058 if (s->CpCmd & CPlusRxChkSum) 1059 { 1060 /* do some packet checksumming */ 1061 } 1062 1063 /* write checksum */ 1064 val = cpu_to_le32(crc32(0, buf, size_)); 1065 pci_dma_write(&s->dev, rx_addr+size, (uint8_t *)&val, 4); 1066 1067 /* first segment of received packet flag */ 1068 #define CP_RX_STATUS_FS (1<<29) 1069 /* last segment of received packet flag */ 1070 #define CP_RX_STATUS_LS (1<<28) 1071 /* multicast packet flag */ 1072 #define CP_RX_STATUS_MAR (1<<26) 1073 /* physical-matching packet flag */ 1074 #define CP_RX_STATUS_PAM (1<<25) 1075 /* broadcast packet flag */ 1076 #define CP_RX_STATUS_BAR (1<<24) 1077 /* runt packet flag */ 1078 #define CP_RX_STATUS_RUNT (1<<19) 1079 /* crc error flag */ 1080 #define CP_RX_STATUS_CRC (1<<18) 1081 /* IP checksum error flag */ 1082 #define CP_RX_STATUS_IPF (1<<15) 1083 /* UDP checksum error flag */ 1084 #define CP_RX_STATUS_UDPF (1<<14) 1085 /* TCP checksum error flag */ 1086 #define CP_RX_STATUS_TCPF (1<<13) 1087 1088 /* transfer ownership to target */ 1089 rxdw0 &= ~CP_RX_OWN; 1090 1091 /* set first segment bit */ 1092 rxdw0 |= CP_RX_STATUS_FS; 1093 1094 /* set last segment bit */ 1095 rxdw0 |= CP_RX_STATUS_LS; 1096 1097 /* set received packet type flags */ 1098 if (packet_header & RxBroadcast) 1099 rxdw0 |= CP_RX_STATUS_BAR; 1100 if (packet_header & RxMulticast) 1101 rxdw0 |= CP_RX_STATUS_MAR; 1102 if (packet_header & RxPhysical) 1103 rxdw0 |= CP_RX_STATUS_PAM; 1104 1105 /* set received size */ 1106 rxdw0 &= ~CP_RX_BUFFER_SIZE_MASK; 1107 rxdw0 |= (size+4); 1108 1109 /* update ring data */ 1110 val = cpu_to_le32(rxdw0); 1111 pci_dma_write(&s->dev, cplus_rx_ring_desc, (uint8_t *)&val, 4); 1112 val = cpu_to_le32(rxdw1); 1113 pci_dma_write(&s->dev, cplus_rx_ring_desc+4, (uint8_t *)&val, 4); 1114 1115 /* update tally counter */ 1116 ++s->tally_counters.RxOk; 1117 1118 /* seek to next Rx descriptor */ 1119 if (rxdw0 & CP_RX_EOR) 1120 { 1121 s->currCPlusRxDesc = 0; 1122 } 1123 else 1124 { 1125 ++s->currCPlusRxDesc; 1126 } 1127 1128 DPRINTF("done C+ Rx mode ----------------\n"); 1129 1130 } 1131 else 1132 { 1133 DPRINTF("in ring Rx mode ================\n"); 1134 1135 /* begin ring receiver mode */ 1136 int avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr, s->RxBufferSize); 1137 1138 /* if receiver buffer is empty then avail == 0 */ 1139 1140 if (avail != 0 && size + 8 >= avail) 1141 { 1142 DPRINTF("rx overflow: rx buffer length %d head 0x%04x " 1143 "read 0x%04x === available 0x%04x need 0x%04x\n", 1144 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr, avail, size + 8); 1145 1146 s->IntrStatus |= RxOverflow; 1147 ++s->RxMissed; 1148 rtl8139_update_irq(s); 1149 return size_; 1150 } 1151 1152 packet_header |= RxStatusOK; 1153 1154 packet_header |= (((size+4) << 16) & 0xffff0000); 1155 1156 /* write header */ 1157 uint32_t val = cpu_to_le32(packet_header); 1158 1159 rtl8139_write_buffer(s, (uint8_t *)&val, 4); 1160 1161 rtl8139_write_buffer(s, buf, size); 1162 1163 /* write checksum */ 1164 val = cpu_to_le32(crc32(0, buf, size)); 1165 rtl8139_write_buffer(s, (uint8_t *)&val, 4); 1166 1167 /* correct buffer write pointer */ 1168 s->RxBufAddr = MOD2((s->RxBufAddr + 3) & ~0x3, s->RxBufferSize); 1169 1170 /* now we can signal we have received something */ 1171 1172 DPRINTF("received: rx buffer length %d head 0x%04x read 0x%04x\n", 1173 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr); 1174 } 1175 1176 s->IntrStatus |= RxOK; 1177 1178 if (do_interrupt) 1179 { 1180 rtl8139_update_irq(s); 1181 } 1182 1183 return size_; 1184 } 1185 1186 static ssize_t rtl8139_receive(NetClientState *nc, const uint8_t *buf, size_t size) 1187 { 1188 return rtl8139_do_receive(nc, buf, size, 1); 1189 } 1190 1191 static void rtl8139_reset_rxring(RTL8139State *s, uint32_t bufferSize) 1192 { 1193 s->RxBufferSize = bufferSize; 1194 s->RxBufPtr = 0; 1195 s->RxBufAddr = 0; 1196 } 1197 1198 static void rtl8139_reset(DeviceState *d) 1199 { 1200 RTL8139State *s = container_of(d, RTL8139State, dev.qdev); 1201 int i; 1202 1203 /* restore MAC address */ 1204 memcpy(s->phys, s->conf.macaddr.a, 6); 1205 1206 /* reset interrupt mask */ 1207 s->IntrStatus = 0; 1208 s->IntrMask = 0; 1209 1210 rtl8139_update_irq(s); 1211 1212 /* mark all status registers as owned by host */ 1213 for (i = 0; i < 4; ++i) 1214 { 1215 s->TxStatus[i] = TxHostOwns; 1216 } 1217 1218 s->currTxDesc = 0; 1219 s->currCPlusRxDesc = 0; 1220 s->currCPlusTxDesc = 0; 1221 1222 s->RxRingAddrLO = 0; 1223 s->RxRingAddrHI = 0; 1224 1225 s->RxBuf = 0; 1226 1227 rtl8139_reset_rxring(s, 8192); 1228 1229 /* ACK the reset */ 1230 s->TxConfig = 0; 1231 1232 #if 0 1233 // s->TxConfig |= HW_REVID(1, 0, 0, 0, 0, 0, 0); // RTL-8139 HasHltClk 1234 s->clock_enabled = 0; 1235 #else 1236 s->TxConfig |= HW_REVID(1, 1, 1, 0, 1, 1, 0); // RTL-8139C+ HasLWake 1237 s->clock_enabled = 1; 1238 #endif 1239 1240 s->bChipCmdState = CmdReset; /* RxBufEmpty bit is calculated on read from ChipCmd */; 1241 1242 /* set initial state data */ 1243 s->Config0 = 0x0; /* No boot ROM */ 1244 s->Config1 = 0xC; /* IO mapped and MEM mapped registers available */ 1245 s->Config3 = 0x1; /* fast back-to-back compatible */ 1246 s->Config5 = 0x0; 1247 1248 s->CSCR = CSCR_F_LINK_100 | CSCR_HEART_BIT | CSCR_LD; 1249 1250 s->CpCmd = 0x0; /* reset C+ mode */ 1251 s->cplus_enabled = 0; 1252 1253 1254 // s->BasicModeCtrl = 0x3100; // 100Mbps, full duplex, autonegotiation 1255 // s->BasicModeCtrl = 0x2100; // 100Mbps, full duplex 1256 s->BasicModeCtrl = 0x1000; // autonegotiation 1257 1258 s->BasicModeStatus = 0x7809; 1259 //s->BasicModeStatus |= 0x0040; /* UTP medium */ 1260 s->BasicModeStatus |= 0x0020; /* autonegotiation completed */ 1261 /* preserve link state */ 1262 s->BasicModeStatus |= qemu_get_queue(s->nic)->link_down ? 0 : 0x04; 1263 1264 s->NWayAdvert = 0x05e1; /* all modes, full duplex */ 1265 s->NWayLPAR = 0x05e1; /* all modes, full duplex */ 1266 s->NWayExpansion = 0x0001; /* autonegotiation supported */ 1267 1268 /* also reset timer and disable timer interrupt */ 1269 s->TCTR = 0; 1270 s->TimerInt = 0; 1271 s->TCTR_base = 0; 1272 1273 /* reset tally counters */ 1274 RTL8139TallyCounters_clear(&s->tally_counters); 1275 } 1276 1277 static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters) 1278 { 1279 counters->TxOk = 0; 1280 counters->RxOk = 0; 1281 counters->TxERR = 0; 1282 counters->RxERR = 0; 1283 counters->MissPkt = 0; 1284 counters->FAE = 0; 1285 counters->Tx1Col = 0; 1286 counters->TxMCol = 0; 1287 counters->RxOkPhy = 0; 1288 counters->RxOkBrd = 0; 1289 counters->RxOkMul = 0; 1290 counters->TxAbt = 0; 1291 counters->TxUndrn = 0; 1292 } 1293 1294 static void RTL8139TallyCounters_dma_write(RTL8139State *s, dma_addr_t tc_addr) 1295 { 1296 RTL8139TallyCounters *tally_counters = &s->tally_counters; 1297 uint16_t val16; 1298 uint32_t val32; 1299 uint64_t val64; 1300 1301 val64 = cpu_to_le64(tally_counters->TxOk); 1302 pci_dma_write(&s->dev, tc_addr + 0, (uint8_t *)&val64, 8); 1303 1304 val64 = cpu_to_le64(tally_counters->RxOk); 1305 pci_dma_write(&s->dev, tc_addr + 8, (uint8_t *)&val64, 8); 1306 1307 val64 = cpu_to_le64(tally_counters->TxERR); 1308 pci_dma_write(&s->dev, tc_addr + 16, (uint8_t *)&val64, 8); 1309 1310 val32 = cpu_to_le32(tally_counters->RxERR); 1311 pci_dma_write(&s->dev, tc_addr + 24, (uint8_t *)&val32, 4); 1312 1313 val16 = cpu_to_le16(tally_counters->MissPkt); 1314 pci_dma_write(&s->dev, tc_addr + 28, (uint8_t *)&val16, 2); 1315 1316 val16 = cpu_to_le16(tally_counters->FAE); 1317 pci_dma_write(&s->dev, tc_addr + 30, (uint8_t *)&val16, 2); 1318 1319 val32 = cpu_to_le32(tally_counters->Tx1Col); 1320 pci_dma_write(&s->dev, tc_addr + 32, (uint8_t *)&val32, 4); 1321 1322 val32 = cpu_to_le32(tally_counters->TxMCol); 1323 pci_dma_write(&s->dev, tc_addr + 36, (uint8_t *)&val32, 4); 1324 1325 val64 = cpu_to_le64(tally_counters->RxOkPhy); 1326 pci_dma_write(&s->dev, tc_addr + 40, (uint8_t *)&val64, 8); 1327 1328 val64 = cpu_to_le64(tally_counters->RxOkBrd); 1329 pci_dma_write(&s->dev, tc_addr + 48, (uint8_t *)&val64, 8); 1330 1331 val32 = cpu_to_le32(tally_counters->RxOkMul); 1332 pci_dma_write(&s->dev, tc_addr + 56, (uint8_t *)&val32, 4); 1333 1334 val16 = cpu_to_le16(tally_counters->TxAbt); 1335 pci_dma_write(&s->dev, tc_addr + 60, (uint8_t *)&val16, 2); 1336 1337 val16 = cpu_to_le16(tally_counters->TxUndrn); 1338 pci_dma_write(&s->dev, tc_addr + 62, (uint8_t *)&val16, 2); 1339 } 1340 1341 /* Loads values of tally counters from VM state file */ 1342 1343 static const VMStateDescription vmstate_tally_counters = { 1344 .name = "tally_counters", 1345 .version_id = 1, 1346 .minimum_version_id = 1, 1347 .minimum_version_id_old = 1, 1348 .fields = (VMStateField []) { 1349 VMSTATE_UINT64(TxOk, RTL8139TallyCounters), 1350 VMSTATE_UINT64(RxOk, RTL8139TallyCounters), 1351 VMSTATE_UINT64(TxERR, RTL8139TallyCounters), 1352 VMSTATE_UINT32(RxERR, RTL8139TallyCounters), 1353 VMSTATE_UINT16(MissPkt, RTL8139TallyCounters), 1354 VMSTATE_UINT16(FAE, RTL8139TallyCounters), 1355 VMSTATE_UINT32(Tx1Col, RTL8139TallyCounters), 1356 VMSTATE_UINT32(TxMCol, RTL8139TallyCounters), 1357 VMSTATE_UINT64(RxOkPhy, RTL8139TallyCounters), 1358 VMSTATE_UINT64(RxOkBrd, RTL8139TallyCounters), 1359 VMSTATE_UINT16(TxAbt, RTL8139TallyCounters), 1360 VMSTATE_UINT16(TxUndrn, RTL8139TallyCounters), 1361 VMSTATE_END_OF_LIST() 1362 } 1363 }; 1364 1365 static void rtl8139_ChipCmd_write(RTL8139State *s, uint32_t val) 1366 { 1367 val &= 0xff; 1368 1369 DPRINTF("ChipCmd write val=0x%08x\n", val); 1370 1371 if (val & CmdReset) 1372 { 1373 DPRINTF("ChipCmd reset\n"); 1374 rtl8139_reset(&s->dev.qdev); 1375 } 1376 if (val & CmdRxEnb) 1377 { 1378 DPRINTF("ChipCmd enable receiver\n"); 1379 1380 s->currCPlusRxDesc = 0; 1381 } 1382 if (val & CmdTxEnb) 1383 { 1384 DPRINTF("ChipCmd enable transmitter\n"); 1385 1386 s->currCPlusTxDesc = 0; 1387 } 1388 1389 /* mask unwritable bits */ 1390 val = SET_MASKED(val, 0xe3, s->bChipCmdState); 1391 1392 /* Deassert reset pin before next read */ 1393 val &= ~CmdReset; 1394 1395 s->bChipCmdState = val; 1396 } 1397 1398 static int rtl8139_RxBufferEmpty(RTL8139State *s) 1399 { 1400 int unread = MOD2(s->RxBufferSize + s->RxBufAddr - s->RxBufPtr, s->RxBufferSize); 1401 1402 if (unread != 0) 1403 { 1404 DPRINTF("receiver buffer data available 0x%04x\n", unread); 1405 return 0; 1406 } 1407 1408 DPRINTF("receiver buffer is empty\n"); 1409 1410 return 1; 1411 } 1412 1413 static uint32_t rtl8139_ChipCmd_read(RTL8139State *s) 1414 { 1415 uint32_t ret = s->bChipCmdState; 1416 1417 if (rtl8139_RxBufferEmpty(s)) 1418 ret |= RxBufEmpty; 1419 1420 DPRINTF("ChipCmd read val=0x%04x\n", ret); 1421 1422 return ret; 1423 } 1424 1425 static void rtl8139_CpCmd_write(RTL8139State *s, uint32_t val) 1426 { 1427 val &= 0xffff; 1428 1429 DPRINTF("C+ command register write(w) val=0x%04x\n", val); 1430 1431 s->cplus_enabled = 1; 1432 1433 /* mask unwritable bits */ 1434 val = SET_MASKED(val, 0xff84, s->CpCmd); 1435 1436 s->CpCmd = val; 1437 } 1438 1439 static uint32_t rtl8139_CpCmd_read(RTL8139State *s) 1440 { 1441 uint32_t ret = s->CpCmd; 1442 1443 DPRINTF("C+ command register read(w) val=0x%04x\n", ret); 1444 1445 return ret; 1446 } 1447 1448 static void rtl8139_IntrMitigate_write(RTL8139State *s, uint32_t val) 1449 { 1450 DPRINTF("C+ IntrMitigate register write(w) val=0x%04x\n", val); 1451 } 1452 1453 static uint32_t rtl8139_IntrMitigate_read(RTL8139State *s) 1454 { 1455 uint32_t ret = 0; 1456 1457 DPRINTF("C+ IntrMitigate register read(w) val=0x%04x\n", ret); 1458 1459 return ret; 1460 } 1461 1462 static int rtl8139_config_writable(RTL8139State *s) 1463 { 1464 if ((s->Cfg9346 & Chip9346_op_mask) == Cfg9346_ConfigWrite) 1465 { 1466 return 1; 1467 } 1468 1469 DPRINTF("Configuration registers are write-protected\n"); 1470 1471 return 0; 1472 } 1473 1474 static void rtl8139_BasicModeCtrl_write(RTL8139State *s, uint32_t val) 1475 { 1476 val &= 0xffff; 1477 1478 DPRINTF("BasicModeCtrl register write(w) val=0x%04x\n", val); 1479 1480 /* mask unwritable bits */ 1481 uint32_t mask = 0x4cff; 1482 1483 if (1 || !rtl8139_config_writable(s)) 1484 { 1485 /* Speed setting and autonegotiation enable bits are read-only */ 1486 mask |= 0x3000; 1487 /* Duplex mode setting is read-only */ 1488 mask |= 0x0100; 1489 } 1490 1491 val = SET_MASKED(val, mask, s->BasicModeCtrl); 1492 1493 s->BasicModeCtrl = val; 1494 } 1495 1496 static uint32_t rtl8139_BasicModeCtrl_read(RTL8139State *s) 1497 { 1498 uint32_t ret = s->BasicModeCtrl; 1499 1500 DPRINTF("BasicModeCtrl register read(w) val=0x%04x\n", ret); 1501 1502 return ret; 1503 } 1504 1505 static void rtl8139_BasicModeStatus_write(RTL8139State *s, uint32_t val) 1506 { 1507 val &= 0xffff; 1508 1509 DPRINTF("BasicModeStatus register write(w) val=0x%04x\n", val); 1510 1511 /* mask unwritable bits */ 1512 val = SET_MASKED(val, 0xff3f, s->BasicModeStatus); 1513 1514 s->BasicModeStatus = val; 1515 } 1516 1517 static uint32_t rtl8139_BasicModeStatus_read(RTL8139State *s) 1518 { 1519 uint32_t ret = s->BasicModeStatus; 1520 1521 DPRINTF("BasicModeStatus register read(w) val=0x%04x\n", ret); 1522 1523 return ret; 1524 } 1525 1526 static void rtl8139_Cfg9346_write(RTL8139State *s, uint32_t val) 1527 { 1528 val &= 0xff; 1529 1530 DPRINTF("Cfg9346 write val=0x%02x\n", val); 1531 1532 /* mask unwritable bits */ 1533 val = SET_MASKED(val, 0x31, s->Cfg9346); 1534 1535 uint32_t opmode = val & 0xc0; 1536 uint32_t eeprom_val = val & 0xf; 1537 1538 if (opmode == 0x80) { 1539 /* eeprom access */ 1540 int eecs = (eeprom_val & 0x08)?1:0; 1541 int eesk = (eeprom_val & 0x04)?1:0; 1542 int eedi = (eeprom_val & 0x02)?1:0; 1543 prom9346_set_wire(s, eecs, eesk, eedi); 1544 } else if (opmode == 0x40) { 1545 /* Reset. */ 1546 val = 0; 1547 rtl8139_reset(&s->dev.qdev); 1548 } 1549 1550 s->Cfg9346 = val; 1551 } 1552 1553 static uint32_t rtl8139_Cfg9346_read(RTL8139State *s) 1554 { 1555 uint32_t ret = s->Cfg9346; 1556 1557 uint32_t opmode = ret & 0xc0; 1558 1559 if (opmode == 0x80) 1560 { 1561 /* eeprom access */ 1562 int eedo = prom9346_get_wire(s); 1563 if (eedo) 1564 { 1565 ret |= 0x01; 1566 } 1567 else 1568 { 1569 ret &= ~0x01; 1570 } 1571 } 1572 1573 DPRINTF("Cfg9346 read val=0x%02x\n", ret); 1574 1575 return ret; 1576 } 1577 1578 static void rtl8139_Config0_write(RTL8139State *s, uint32_t val) 1579 { 1580 val &= 0xff; 1581 1582 DPRINTF("Config0 write val=0x%02x\n", val); 1583 1584 if (!rtl8139_config_writable(s)) { 1585 return; 1586 } 1587 1588 /* mask unwritable bits */ 1589 val = SET_MASKED(val, 0xf8, s->Config0); 1590 1591 s->Config0 = val; 1592 } 1593 1594 static uint32_t rtl8139_Config0_read(RTL8139State *s) 1595 { 1596 uint32_t ret = s->Config0; 1597 1598 DPRINTF("Config0 read val=0x%02x\n", ret); 1599 1600 return ret; 1601 } 1602 1603 static void rtl8139_Config1_write(RTL8139State *s, uint32_t val) 1604 { 1605 val &= 0xff; 1606 1607 DPRINTF("Config1 write val=0x%02x\n", val); 1608 1609 if (!rtl8139_config_writable(s)) { 1610 return; 1611 } 1612 1613 /* mask unwritable bits */ 1614 val = SET_MASKED(val, 0xC, s->Config1); 1615 1616 s->Config1 = val; 1617 } 1618 1619 static uint32_t rtl8139_Config1_read(RTL8139State *s) 1620 { 1621 uint32_t ret = s->Config1; 1622 1623 DPRINTF("Config1 read val=0x%02x\n", ret); 1624 1625 return ret; 1626 } 1627 1628 static void rtl8139_Config3_write(RTL8139State *s, uint32_t val) 1629 { 1630 val &= 0xff; 1631 1632 DPRINTF("Config3 write val=0x%02x\n", val); 1633 1634 if (!rtl8139_config_writable(s)) { 1635 return; 1636 } 1637 1638 /* mask unwritable bits */ 1639 val = SET_MASKED(val, 0x8F, s->Config3); 1640 1641 s->Config3 = val; 1642 } 1643 1644 static uint32_t rtl8139_Config3_read(RTL8139State *s) 1645 { 1646 uint32_t ret = s->Config3; 1647 1648 DPRINTF("Config3 read val=0x%02x\n", ret); 1649 1650 return ret; 1651 } 1652 1653 static void rtl8139_Config4_write(RTL8139State *s, uint32_t val) 1654 { 1655 val &= 0xff; 1656 1657 DPRINTF("Config4 write val=0x%02x\n", val); 1658 1659 if (!rtl8139_config_writable(s)) { 1660 return; 1661 } 1662 1663 /* mask unwritable bits */ 1664 val = SET_MASKED(val, 0x0a, s->Config4); 1665 1666 s->Config4 = val; 1667 } 1668 1669 static uint32_t rtl8139_Config4_read(RTL8139State *s) 1670 { 1671 uint32_t ret = s->Config4; 1672 1673 DPRINTF("Config4 read val=0x%02x\n", ret); 1674 1675 return ret; 1676 } 1677 1678 static void rtl8139_Config5_write(RTL8139State *s, uint32_t val) 1679 { 1680 val &= 0xff; 1681 1682 DPRINTF("Config5 write val=0x%02x\n", val); 1683 1684 /* mask unwritable bits */ 1685 val = SET_MASKED(val, 0x80, s->Config5); 1686 1687 s->Config5 = val; 1688 } 1689 1690 static uint32_t rtl8139_Config5_read(RTL8139State *s) 1691 { 1692 uint32_t ret = s->Config5; 1693 1694 DPRINTF("Config5 read val=0x%02x\n", ret); 1695 1696 return ret; 1697 } 1698 1699 static void rtl8139_TxConfig_write(RTL8139State *s, uint32_t val) 1700 { 1701 if (!rtl8139_transmitter_enabled(s)) 1702 { 1703 DPRINTF("transmitter disabled; no TxConfig write val=0x%08x\n", val); 1704 return; 1705 } 1706 1707 DPRINTF("TxConfig write val=0x%08x\n", val); 1708 1709 val = SET_MASKED(val, TxVersionMask | 0x8070f80f, s->TxConfig); 1710 1711 s->TxConfig = val; 1712 } 1713 1714 static void rtl8139_TxConfig_writeb(RTL8139State *s, uint32_t val) 1715 { 1716 DPRINTF("RTL8139C TxConfig via write(b) val=0x%02x\n", val); 1717 1718 uint32_t tc = s->TxConfig; 1719 tc &= 0xFFFFFF00; 1720 tc |= (val & 0x000000FF); 1721 rtl8139_TxConfig_write(s, tc); 1722 } 1723 1724 static uint32_t rtl8139_TxConfig_read(RTL8139State *s) 1725 { 1726 uint32_t ret = s->TxConfig; 1727 1728 DPRINTF("TxConfig read val=0x%04x\n", ret); 1729 1730 return ret; 1731 } 1732 1733 static void rtl8139_RxConfig_write(RTL8139State *s, uint32_t val) 1734 { 1735 DPRINTF("RxConfig write val=0x%08x\n", val); 1736 1737 /* mask unwritable bits */ 1738 val = SET_MASKED(val, 0xf0fc0040, s->RxConfig); 1739 1740 s->RxConfig = val; 1741 1742 /* reset buffer size and read/write pointers */ 1743 rtl8139_reset_rxring(s, 8192 << ((s->RxConfig >> 11) & 0x3)); 1744 1745 DPRINTF("RxConfig write reset buffer size to %d\n", s->RxBufferSize); 1746 } 1747 1748 static uint32_t rtl8139_RxConfig_read(RTL8139State *s) 1749 { 1750 uint32_t ret = s->RxConfig; 1751 1752 DPRINTF("RxConfig read val=0x%08x\n", ret); 1753 1754 return ret; 1755 } 1756 1757 static void rtl8139_transfer_frame(RTL8139State *s, uint8_t *buf, int size, 1758 int do_interrupt, const uint8_t *dot1q_buf) 1759 { 1760 struct iovec *iov = NULL; 1761 1762 if (!size) 1763 { 1764 DPRINTF("+++ empty ethernet frame\n"); 1765 return; 1766 } 1767 1768 if (dot1q_buf && size >= ETHER_ADDR_LEN * 2) { 1769 iov = (struct iovec[3]) { 1770 { .iov_base = buf, .iov_len = ETHER_ADDR_LEN * 2 }, 1771 { .iov_base = (void *) dot1q_buf, .iov_len = VLAN_HLEN }, 1772 { .iov_base = buf + ETHER_ADDR_LEN * 2, 1773 .iov_len = size - ETHER_ADDR_LEN * 2 }, 1774 }; 1775 } 1776 1777 if (TxLoopBack == (s->TxConfig & TxLoopBack)) 1778 { 1779 size_t buf2_size; 1780 uint8_t *buf2; 1781 1782 if (iov) { 1783 buf2_size = iov_size(iov, 3); 1784 buf2 = g_malloc(buf2_size); 1785 iov_to_buf(iov, 3, 0, buf2, buf2_size); 1786 buf = buf2; 1787 } 1788 1789 DPRINTF("+++ transmit loopback mode\n"); 1790 rtl8139_do_receive(qemu_get_queue(s->nic), buf, size, do_interrupt); 1791 1792 if (iov) { 1793 g_free(buf2); 1794 } 1795 } 1796 else 1797 { 1798 if (iov) { 1799 qemu_sendv_packet(qemu_get_queue(s->nic), iov, 3); 1800 } else { 1801 qemu_send_packet(qemu_get_queue(s->nic), buf, size); 1802 } 1803 } 1804 } 1805 1806 static int rtl8139_transmit_one(RTL8139State *s, int descriptor) 1807 { 1808 if (!rtl8139_transmitter_enabled(s)) 1809 { 1810 DPRINTF("+++ cannot transmit from descriptor %d: transmitter " 1811 "disabled\n", descriptor); 1812 return 0; 1813 } 1814 1815 if (s->TxStatus[descriptor] & TxHostOwns) 1816 { 1817 DPRINTF("+++ cannot transmit from descriptor %d: owned by host " 1818 "(%08x)\n", descriptor, s->TxStatus[descriptor]); 1819 return 0; 1820 } 1821 1822 DPRINTF("+++ transmitting from descriptor %d\n", descriptor); 1823 1824 int txsize = s->TxStatus[descriptor] & 0x1fff; 1825 uint8_t txbuffer[0x2000]; 1826 1827 DPRINTF("+++ transmit reading %d bytes from host memory at 0x%08x\n", 1828 txsize, s->TxAddr[descriptor]); 1829 1830 pci_dma_read(&s->dev, s->TxAddr[descriptor], txbuffer, txsize); 1831 1832 /* Mark descriptor as transferred */ 1833 s->TxStatus[descriptor] |= TxHostOwns; 1834 s->TxStatus[descriptor] |= TxStatOK; 1835 1836 rtl8139_transfer_frame(s, txbuffer, txsize, 0, NULL); 1837 1838 DPRINTF("+++ transmitted %d bytes from descriptor %d\n", txsize, 1839 descriptor); 1840 1841 /* update interrupt */ 1842 s->IntrStatus |= TxOK; 1843 rtl8139_update_irq(s); 1844 1845 return 1; 1846 } 1847 1848 /* structures and macros for task offloading */ 1849 typedef struct ip_header 1850 { 1851 uint8_t ip_ver_len; /* version and header length */ 1852 uint8_t ip_tos; /* type of service */ 1853 uint16_t ip_len; /* total length */ 1854 uint16_t ip_id; /* identification */ 1855 uint16_t ip_off; /* fragment offset field */ 1856 uint8_t ip_ttl; /* time to live */ 1857 uint8_t ip_p; /* protocol */ 1858 uint16_t ip_sum; /* checksum */ 1859 uint32_t ip_src,ip_dst; /* source and dest address */ 1860 } ip_header; 1861 1862 #define IP_HEADER_VERSION_4 4 1863 #define IP_HEADER_VERSION(ip) ((ip->ip_ver_len >> 4)&0xf) 1864 #define IP_HEADER_LENGTH(ip) (((ip->ip_ver_len)&0xf) << 2) 1865 1866 typedef struct tcp_header 1867 { 1868 uint16_t th_sport; /* source port */ 1869 uint16_t th_dport; /* destination port */ 1870 uint32_t th_seq; /* sequence number */ 1871 uint32_t th_ack; /* acknowledgement number */ 1872 uint16_t th_offset_flags; /* data offset, reserved 6 bits, TCP protocol flags */ 1873 uint16_t th_win; /* window */ 1874 uint16_t th_sum; /* checksum */ 1875 uint16_t th_urp; /* urgent pointer */ 1876 } tcp_header; 1877 1878 typedef struct udp_header 1879 { 1880 uint16_t uh_sport; /* source port */ 1881 uint16_t uh_dport; /* destination port */ 1882 uint16_t uh_ulen; /* udp length */ 1883 uint16_t uh_sum; /* udp checksum */ 1884 } udp_header; 1885 1886 typedef struct ip_pseudo_header 1887 { 1888 uint32_t ip_src; 1889 uint32_t ip_dst; 1890 uint8_t zeros; 1891 uint8_t ip_proto; 1892 uint16_t ip_payload; 1893 } ip_pseudo_header; 1894 1895 #define IP_PROTO_TCP 6 1896 #define IP_PROTO_UDP 17 1897 1898 #define TCP_HEADER_DATA_OFFSET(tcp) (((be16_to_cpu(tcp->th_offset_flags) >> 12)&0xf) << 2) 1899 #define TCP_FLAGS_ONLY(flags) ((flags)&0x3f) 1900 #define TCP_HEADER_FLAGS(tcp) TCP_FLAGS_ONLY(be16_to_cpu(tcp->th_offset_flags)) 1901 1902 #define TCP_HEADER_CLEAR_FLAGS(tcp, off) ((tcp)->th_offset_flags &= cpu_to_be16(~TCP_FLAGS_ONLY(off))) 1903 1904 #define TCP_FLAG_FIN 0x01 1905 #define TCP_FLAG_PUSH 0x08 1906 1907 /* produces ones' complement sum of data */ 1908 static uint16_t ones_complement_sum(uint8_t *data, size_t len) 1909 { 1910 uint32_t result = 0; 1911 1912 for (; len > 1; data+=2, len-=2) 1913 { 1914 result += *(uint16_t*)data; 1915 } 1916 1917 /* add the remainder byte */ 1918 if (len) 1919 { 1920 uint8_t odd[2] = {*data, 0}; 1921 result += *(uint16_t*)odd; 1922 } 1923 1924 while (result>>16) 1925 result = (result & 0xffff) + (result >> 16); 1926 1927 return result; 1928 } 1929 1930 static uint16_t ip_checksum(void *data, size_t len) 1931 { 1932 return ~ones_complement_sum((uint8_t*)data, len); 1933 } 1934 1935 static int rtl8139_cplus_transmit_one(RTL8139State *s) 1936 { 1937 if (!rtl8139_transmitter_enabled(s)) 1938 { 1939 DPRINTF("+++ C+ mode: transmitter disabled\n"); 1940 return 0; 1941 } 1942 1943 if (!rtl8139_cp_transmitter_enabled(s)) 1944 { 1945 DPRINTF("+++ C+ mode: C+ transmitter disabled\n"); 1946 return 0 ; 1947 } 1948 1949 int descriptor = s->currCPlusTxDesc; 1950 1951 dma_addr_t cplus_tx_ring_desc = rtl8139_addr64(s->TxAddr[0], s->TxAddr[1]); 1952 1953 /* Normal priority ring */ 1954 cplus_tx_ring_desc += 16 * descriptor; 1955 1956 DPRINTF("+++ C+ mode reading TX descriptor %d from host memory at " 1957 "%08x %08x = 0x"DMA_ADDR_FMT"\n", descriptor, s->TxAddr[1], 1958 s->TxAddr[0], cplus_tx_ring_desc); 1959 1960 uint32_t val, txdw0,txdw1,txbufLO,txbufHI; 1961 1962 pci_dma_read(&s->dev, cplus_tx_ring_desc, (uint8_t *)&val, 4); 1963 txdw0 = le32_to_cpu(val); 1964 pci_dma_read(&s->dev, cplus_tx_ring_desc+4, (uint8_t *)&val, 4); 1965 txdw1 = le32_to_cpu(val); 1966 pci_dma_read(&s->dev, cplus_tx_ring_desc+8, (uint8_t *)&val, 4); 1967 txbufLO = le32_to_cpu(val); 1968 pci_dma_read(&s->dev, cplus_tx_ring_desc+12, (uint8_t *)&val, 4); 1969 txbufHI = le32_to_cpu(val); 1970 1971 DPRINTF("+++ C+ mode TX descriptor %d %08x %08x %08x %08x\n", descriptor, 1972 txdw0, txdw1, txbufLO, txbufHI); 1973 1974 /* w0 ownership flag */ 1975 #define CP_TX_OWN (1<<31) 1976 /* w0 end of ring flag */ 1977 #define CP_TX_EOR (1<<30) 1978 /* first segment of received packet flag */ 1979 #define CP_TX_FS (1<<29) 1980 /* last segment of received packet flag */ 1981 #define CP_TX_LS (1<<28) 1982 /* large send packet flag */ 1983 #define CP_TX_LGSEN (1<<27) 1984 /* large send MSS mask, bits 16...25 */ 1985 #define CP_TC_LGSEN_MSS_MASK ((1 << 12) - 1) 1986 1987 /* IP checksum offload flag */ 1988 #define CP_TX_IPCS (1<<18) 1989 /* UDP checksum offload flag */ 1990 #define CP_TX_UDPCS (1<<17) 1991 /* TCP checksum offload flag */ 1992 #define CP_TX_TCPCS (1<<16) 1993 1994 /* w0 bits 0...15 : buffer size */ 1995 #define CP_TX_BUFFER_SIZE (1<<16) 1996 #define CP_TX_BUFFER_SIZE_MASK (CP_TX_BUFFER_SIZE - 1) 1997 /* w1 add tag flag */ 1998 #define CP_TX_TAGC (1<<17) 1999 /* w1 bits 0...15 : VLAN tag (big endian) */ 2000 #define CP_TX_VLAN_TAG_MASK ((1<<16) - 1) 2001 /* w2 low 32bit of Rx buffer ptr */ 2002 /* w3 high 32bit of Rx buffer ptr */ 2003 2004 /* set after transmission */ 2005 /* FIFO underrun flag */ 2006 #define CP_TX_STATUS_UNF (1<<25) 2007 /* transmit error summary flag, valid if set any of three below */ 2008 #define CP_TX_STATUS_TES (1<<23) 2009 /* out-of-window collision flag */ 2010 #define CP_TX_STATUS_OWC (1<<22) 2011 /* link failure flag */ 2012 #define CP_TX_STATUS_LNKF (1<<21) 2013 /* excessive collisions flag */ 2014 #define CP_TX_STATUS_EXC (1<<20) 2015 2016 if (!(txdw0 & CP_TX_OWN)) 2017 { 2018 DPRINTF("C+ Tx mode : descriptor %d is owned by host\n", descriptor); 2019 return 0 ; 2020 } 2021 2022 DPRINTF("+++ C+ Tx mode : transmitting from descriptor %d\n", descriptor); 2023 2024 if (txdw0 & CP_TX_FS) 2025 { 2026 DPRINTF("+++ C+ Tx mode : descriptor %d is first segment " 2027 "descriptor\n", descriptor); 2028 2029 /* reset internal buffer offset */ 2030 s->cplus_txbuffer_offset = 0; 2031 } 2032 2033 int txsize = txdw0 & CP_TX_BUFFER_SIZE_MASK; 2034 dma_addr_t tx_addr = rtl8139_addr64(txbufLO, txbufHI); 2035 2036 /* make sure we have enough space to assemble the packet */ 2037 if (!s->cplus_txbuffer) 2038 { 2039 s->cplus_txbuffer_len = CP_TX_BUFFER_SIZE; 2040 s->cplus_txbuffer = g_malloc(s->cplus_txbuffer_len); 2041 s->cplus_txbuffer_offset = 0; 2042 2043 DPRINTF("+++ C+ mode transmission buffer allocated space %d\n", 2044 s->cplus_txbuffer_len); 2045 } 2046 2047 if (s->cplus_txbuffer_offset + txsize >= s->cplus_txbuffer_len) 2048 { 2049 /* The spec didn't tell the maximum size, stick to CP_TX_BUFFER_SIZE */ 2050 txsize = s->cplus_txbuffer_len - s->cplus_txbuffer_offset; 2051 DPRINTF("+++ C+ mode transmission buffer overrun, truncated descriptor" 2052 "length to %d\n", txsize); 2053 } 2054 2055 if (!s->cplus_txbuffer) 2056 { 2057 /* out of memory */ 2058 2059 DPRINTF("+++ C+ mode transmiter failed to reallocate %d bytes\n", 2060 s->cplus_txbuffer_len); 2061 2062 /* update tally counter */ 2063 ++s->tally_counters.TxERR; 2064 ++s->tally_counters.TxAbt; 2065 2066 return 0; 2067 } 2068 2069 /* append more data to the packet */ 2070 2071 DPRINTF("+++ C+ mode transmit reading %d bytes from host memory at " 2072 DMA_ADDR_FMT" to offset %d\n", txsize, tx_addr, 2073 s->cplus_txbuffer_offset); 2074 2075 pci_dma_read(&s->dev, tx_addr, 2076 s->cplus_txbuffer + s->cplus_txbuffer_offset, txsize); 2077 s->cplus_txbuffer_offset += txsize; 2078 2079 /* seek to next Rx descriptor */ 2080 if (txdw0 & CP_TX_EOR) 2081 { 2082 s->currCPlusTxDesc = 0; 2083 } 2084 else 2085 { 2086 ++s->currCPlusTxDesc; 2087 if (s->currCPlusTxDesc >= 64) 2088 s->currCPlusTxDesc = 0; 2089 } 2090 2091 /* transfer ownership to target */ 2092 txdw0 &= ~CP_RX_OWN; 2093 2094 /* reset error indicator bits */ 2095 txdw0 &= ~CP_TX_STATUS_UNF; 2096 txdw0 &= ~CP_TX_STATUS_TES; 2097 txdw0 &= ~CP_TX_STATUS_OWC; 2098 txdw0 &= ~CP_TX_STATUS_LNKF; 2099 txdw0 &= ~CP_TX_STATUS_EXC; 2100 2101 /* update ring data */ 2102 val = cpu_to_le32(txdw0); 2103 pci_dma_write(&s->dev, cplus_tx_ring_desc, (uint8_t *)&val, 4); 2104 2105 /* Now decide if descriptor being processed is holding the last segment of packet */ 2106 if (txdw0 & CP_TX_LS) 2107 { 2108 uint8_t dot1q_buffer_space[VLAN_HLEN]; 2109 uint16_t *dot1q_buffer; 2110 2111 DPRINTF("+++ C+ Tx mode : descriptor %d is last segment descriptor\n", 2112 descriptor); 2113 2114 /* can transfer fully assembled packet */ 2115 2116 uint8_t *saved_buffer = s->cplus_txbuffer; 2117 int saved_size = s->cplus_txbuffer_offset; 2118 int saved_buffer_len = s->cplus_txbuffer_len; 2119 2120 /* create vlan tag */ 2121 if (txdw1 & CP_TX_TAGC) { 2122 /* the vlan tag is in BE byte order in the descriptor 2123 * BE + le_to_cpu() + ~swap()~ = cpu */ 2124 DPRINTF("+++ C+ Tx mode : inserting vlan tag with ""tci: %u\n", 2125 bswap16(txdw1 & CP_TX_VLAN_TAG_MASK)); 2126 2127 dot1q_buffer = (uint16_t *) dot1q_buffer_space; 2128 dot1q_buffer[0] = cpu_to_be16(ETH_P_8021Q); 2129 /* BE + le_to_cpu() + ~cpu_to_le()~ = BE */ 2130 dot1q_buffer[1] = cpu_to_le16(txdw1 & CP_TX_VLAN_TAG_MASK); 2131 } else { 2132 dot1q_buffer = NULL; 2133 } 2134 2135 /* reset the card space to protect from recursive call */ 2136 s->cplus_txbuffer = NULL; 2137 s->cplus_txbuffer_offset = 0; 2138 s->cplus_txbuffer_len = 0; 2139 2140 if (txdw0 & (CP_TX_IPCS | CP_TX_UDPCS | CP_TX_TCPCS | CP_TX_LGSEN)) 2141 { 2142 DPRINTF("+++ C+ mode offloaded task checksum\n"); 2143 2144 /* ip packet header */ 2145 ip_header *ip = NULL; 2146 int hlen = 0; 2147 uint8_t ip_protocol = 0; 2148 uint16_t ip_data_len = 0; 2149 2150 uint8_t *eth_payload_data = NULL; 2151 size_t eth_payload_len = 0; 2152 2153 int proto = be16_to_cpu(*(uint16_t *)(saved_buffer + 12)); 2154 if (proto == ETH_P_IP) 2155 { 2156 DPRINTF("+++ C+ mode has IP packet\n"); 2157 2158 /* not aligned */ 2159 eth_payload_data = saved_buffer + ETH_HLEN; 2160 eth_payload_len = saved_size - ETH_HLEN; 2161 2162 ip = (ip_header*)eth_payload_data; 2163 2164 if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) { 2165 DPRINTF("+++ C+ mode packet has bad IP version %d " 2166 "expected %d\n", IP_HEADER_VERSION(ip), 2167 IP_HEADER_VERSION_4); 2168 ip = NULL; 2169 } else { 2170 hlen = IP_HEADER_LENGTH(ip); 2171 ip_protocol = ip->ip_p; 2172 ip_data_len = be16_to_cpu(ip->ip_len) - hlen; 2173 } 2174 } 2175 2176 if (ip) 2177 { 2178 if (txdw0 & CP_TX_IPCS) 2179 { 2180 DPRINTF("+++ C+ mode need IP checksum\n"); 2181 2182 if (hlen<sizeof(ip_header) || hlen>eth_payload_len) {/* min header length */ 2183 /* bad packet header len */ 2184 /* or packet too short */ 2185 } 2186 else 2187 { 2188 ip->ip_sum = 0; 2189 ip->ip_sum = ip_checksum(ip, hlen); 2190 DPRINTF("+++ C+ mode IP header len=%d checksum=%04x\n", 2191 hlen, ip->ip_sum); 2192 } 2193 } 2194 2195 if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP) 2196 { 2197 int large_send_mss = (txdw0 >> 16) & CP_TC_LGSEN_MSS_MASK; 2198 2199 DPRINTF("+++ C+ mode offloaded task TSO MTU=%d IP data %d " 2200 "frame data %d specified MSS=%d\n", ETH_MTU, 2201 ip_data_len, saved_size - ETH_HLEN, large_send_mss); 2202 2203 int tcp_send_offset = 0; 2204 int send_count = 0; 2205 2206 /* maximum IP header length is 60 bytes */ 2207 uint8_t saved_ip_header[60]; 2208 2209 /* save IP header template; data area is used in tcp checksum calculation */ 2210 memcpy(saved_ip_header, eth_payload_data, hlen); 2211 2212 /* a placeholder for checksum calculation routine in tcp case */ 2213 uint8_t *data_to_checksum = eth_payload_data + hlen - 12; 2214 // size_t data_to_checksum_len = eth_payload_len - hlen + 12; 2215 2216 /* pointer to TCP header */ 2217 tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen); 2218 2219 int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr); 2220 2221 /* ETH_MTU = ip header len + tcp header len + payload */ 2222 int tcp_data_len = ip_data_len - tcp_hlen; 2223 int tcp_chunk_size = ETH_MTU - hlen - tcp_hlen; 2224 2225 DPRINTF("+++ C+ mode TSO IP data len %d TCP hlen %d TCP " 2226 "data len %d TCP chunk size %d\n", ip_data_len, 2227 tcp_hlen, tcp_data_len, tcp_chunk_size); 2228 2229 /* note the cycle below overwrites IP header data, 2230 but restores it from saved_ip_header before sending packet */ 2231 2232 int is_last_frame = 0; 2233 2234 for (tcp_send_offset = 0; tcp_send_offset < tcp_data_len; tcp_send_offset += tcp_chunk_size) 2235 { 2236 uint16_t chunk_size = tcp_chunk_size; 2237 2238 /* check if this is the last frame */ 2239 if (tcp_send_offset + tcp_chunk_size >= tcp_data_len) 2240 { 2241 is_last_frame = 1; 2242 chunk_size = tcp_data_len - tcp_send_offset; 2243 } 2244 2245 DPRINTF("+++ C+ mode TSO TCP seqno %08x\n", 2246 be32_to_cpu(p_tcp_hdr->th_seq)); 2247 2248 /* add 4 TCP pseudoheader fields */ 2249 /* copy IP source and destination fields */ 2250 memcpy(data_to_checksum, saved_ip_header + 12, 8); 2251 2252 DPRINTF("+++ C+ mode TSO calculating TCP checksum for " 2253 "packet with %d bytes data\n", tcp_hlen + 2254 chunk_size); 2255 2256 if (tcp_send_offset) 2257 { 2258 memcpy((uint8_t*)p_tcp_hdr + tcp_hlen, (uint8_t*)p_tcp_hdr + tcp_hlen + tcp_send_offset, chunk_size); 2259 } 2260 2261 /* keep PUSH and FIN flags only for the last frame */ 2262 if (!is_last_frame) 2263 { 2264 TCP_HEADER_CLEAR_FLAGS(p_tcp_hdr, TCP_FLAG_PUSH|TCP_FLAG_FIN); 2265 } 2266 2267 /* recalculate TCP checksum */ 2268 ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum; 2269 p_tcpip_hdr->zeros = 0; 2270 p_tcpip_hdr->ip_proto = IP_PROTO_TCP; 2271 p_tcpip_hdr->ip_payload = cpu_to_be16(tcp_hlen + chunk_size); 2272 2273 p_tcp_hdr->th_sum = 0; 2274 2275 int tcp_checksum = ip_checksum(data_to_checksum, tcp_hlen + chunk_size + 12); 2276 DPRINTF("+++ C+ mode TSO TCP checksum %04x\n", 2277 tcp_checksum); 2278 2279 p_tcp_hdr->th_sum = tcp_checksum; 2280 2281 /* restore IP header */ 2282 memcpy(eth_payload_data, saved_ip_header, hlen); 2283 2284 /* set IP data length and recalculate IP checksum */ 2285 ip->ip_len = cpu_to_be16(hlen + tcp_hlen + chunk_size); 2286 2287 /* increment IP id for subsequent frames */ 2288 ip->ip_id = cpu_to_be16(tcp_send_offset/tcp_chunk_size + be16_to_cpu(ip->ip_id)); 2289 2290 ip->ip_sum = 0; 2291 ip->ip_sum = ip_checksum(eth_payload_data, hlen); 2292 DPRINTF("+++ C+ mode TSO IP header len=%d " 2293 "checksum=%04x\n", hlen, ip->ip_sum); 2294 2295 int tso_send_size = ETH_HLEN + hlen + tcp_hlen + chunk_size; 2296 DPRINTF("+++ C+ mode TSO transferring packet size " 2297 "%d\n", tso_send_size); 2298 rtl8139_transfer_frame(s, saved_buffer, tso_send_size, 2299 0, (uint8_t *) dot1q_buffer); 2300 2301 /* add transferred count to TCP sequence number */ 2302 p_tcp_hdr->th_seq = cpu_to_be32(chunk_size + be32_to_cpu(p_tcp_hdr->th_seq)); 2303 ++send_count; 2304 } 2305 2306 /* Stop sending this frame */ 2307 saved_size = 0; 2308 } 2309 else if (txdw0 & (CP_TX_TCPCS|CP_TX_UDPCS)) 2310 { 2311 DPRINTF("+++ C+ mode need TCP or UDP checksum\n"); 2312 2313 /* maximum IP header length is 60 bytes */ 2314 uint8_t saved_ip_header[60]; 2315 memcpy(saved_ip_header, eth_payload_data, hlen); 2316 2317 uint8_t *data_to_checksum = eth_payload_data + hlen - 12; 2318 // size_t data_to_checksum_len = eth_payload_len - hlen + 12; 2319 2320 /* add 4 TCP pseudoheader fields */ 2321 /* copy IP source and destination fields */ 2322 memcpy(data_to_checksum, saved_ip_header + 12, 8); 2323 2324 if ((txdw0 & CP_TX_TCPCS) && ip_protocol == IP_PROTO_TCP) 2325 { 2326 DPRINTF("+++ C+ mode calculating TCP checksum for " 2327 "packet with %d bytes data\n", ip_data_len); 2328 2329 ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum; 2330 p_tcpip_hdr->zeros = 0; 2331 p_tcpip_hdr->ip_proto = IP_PROTO_TCP; 2332 p_tcpip_hdr->ip_payload = cpu_to_be16(ip_data_len); 2333 2334 tcp_header* p_tcp_hdr = (tcp_header *) (data_to_checksum+12); 2335 2336 p_tcp_hdr->th_sum = 0; 2337 2338 int tcp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12); 2339 DPRINTF("+++ C+ mode TCP checksum %04x\n", 2340 tcp_checksum); 2341 2342 p_tcp_hdr->th_sum = tcp_checksum; 2343 } 2344 else if ((txdw0 & CP_TX_UDPCS) && ip_protocol == IP_PROTO_UDP) 2345 { 2346 DPRINTF("+++ C+ mode calculating UDP checksum for " 2347 "packet with %d bytes data\n", ip_data_len); 2348 2349 ip_pseudo_header *p_udpip_hdr = (ip_pseudo_header *)data_to_checksum; 2350 p_udpip_hdr->zeros = 0; 2351 p_udpip_hdr->ip_proto = IP_PROTO_UDP; 2352 p_udpip_hdr->ip_payload = cpu_to_be16(ip_data_len); 2353 2354 udp_header *p_udp_hdr = (udp_header *) (data_to_checksum+12); 2355 2356 p_udp_hdr->uh_sum = 0; 2357 2358 int udp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12); 2359 DPRINTF("+++ C+ mode UDP checksum %04x\n", 2360 udp_checksum); 2361 2362 p_udp_hdr->uh_sum = udp_checksum; 2363 } 2364 2365 /* restore IP header */ 2366 memcpy(eth_payload_data, saved_ip_header, hlen); 2367 } 2368 } 2369 } 2370 2371 /* update tally counter */ 2372 ++s->tally_counters.TxOk; 2373 2374 DPRINTF("+++ C+ mode transmitting %d bytes packet\n", saved_size); 2375 2376 rtl8139_transfer_frame(s, saved_buffer, saved_size, 1, 2377 (uint8_t *) dot1q_buffer); 2378 2379 /* restore card space if there was no recursion and reset offset */ 2380 if (!s->cplus_txbuffer) 2381 { 2382 s->cplus_txbuffer = saved_buffer; 2383 s->cplus_txbuffer_len = saved_buffer_len; 2384 s->cplus_txbuffer_offset = 0; 2385 } 2386 else 2387 { 2388 g_free(saved_buffer); 2389 } 2390 } 2391 else 2392 { 2393 DPRINTF("+++ C+ mode transmission continue to next descriptor\n"); 2394 } 2395 2396 return 1; 2397 } 2398 2399 static void rtl8139_cplus_transmit(RTL8139State *s) 2400 { 2401 int txcount = 0; 2402 2403 while (rtl8139_cplus_transmit_one(s)) 2404 { 2405 ++txcount; 2406 } 2407 2408 /* Mark transfer completed */ 2409 if (!txcount) 2410 { 2411 DPRINTF("C+ mode : transmitter queue stalled, current TxDesc = %d\n", 2412 s->currCPlusTxDesc); 2413 } 2414 else 2415 { 2416 /* update interrupt status */ 2417 s->IntrStatus |= TxOK; 2418 rtl8139_update_irq(s); 2419 } 2420 } 2421 2422 static void rtl8139_transmit(RTL8139State *s) 2423 { 2424 int descriptor = s->currTxDesc, txcount = 0; 2425 2426 /*while*/ 2427 if (rtl8139_transmit_one(s, descriptor)) 2428 { 2429 ++s->currTxDesc; 2430 s->currTxDesc %= 4; 2431 ++txcount; 2432 } 2433 2434 /* Mark transfer completed */ 2435 if (!txcount) 2436 { 2437 DPRINTF("transmitter queue stalled, current TxDesc = %d\n", 2438 s->currTxDesc); 2439 } 2440 } 2441 2442 static void rtl8139_TxStatus_write(RTL8139State *s, uint32_t txRegOffset, uint32_t val) 2443 { 2444 2445 int descriptor = txRegOffset/4; 2446 2447 /* handle C+ transmit mode register configuration */ 2448 2449 if (s->cplus_enabled) 2450 { 2451 DPRINTF("RTL8139C+ DTCCR write offset=0x%x val=0x%08x " 2452 "descriptor=%d\n", txRegOffset, val, descriptor); 2453 2454 /* handle Dump Tally Counters command */ 2455 s->TxStatus[descriptor] = val; 2456 2457 if (descriptor == 0 && (val & 0x8)) 2458 { 2459 hwaddr tc_addr = rtl8139_addr64(s->TxStatus[0] & ~0x3f, s->TxStatus[1]); 2460 2461 /* dump tally counters to specified memory location */ 2462 RTL8139TallyCounters_dma_write(s, tc_addr); 2463 2464 /* mark dump completed */ 2465 s->TxStatus[0] &= ~0x8; 2466 } 2467 2468 return; 2469 } 2470 2471 DPRINTF("TxStatus write offset=0x%x val=0x%08x descriptor=%d\n", 2472 txRegOffset, val, descriptor); 2473 2474 /* mask only reserved bits */ 2475 val &= ~0xff00c000; /* these bits are reset on write */ 2476 val = SET_MASKED(val, 0x00c00000, s->TxStatus[descriptor]); 2477 2478 s->TxStatus[descriptor] = val; 2479 2480 /* attempt to start transmission */ 2481 rtl8139_transmit(s); 2482 } 2483 2484 static uint32_t rtl8139_TxStatus_TxAddr_read(RTL8139State *s, uint32_t regs[], 2485 uint32_t base, uint8_t addr, 2486 int size) 2487 { 2488 uint32_t reg = (addr - base) / 4; 2489 uint32_t offset = addr & 0x3; 2490 uint32_t ret = 0; 2491 2492 if (addr & (size - 1)) { 2493 DPRINTF("not implemented read for TxStatus/TxAddr " 2494 "addr=0x%x size=0x%x\n", addr, size); 2495 return ret; 2496 } 2497 2498 switch (size) { 2499 case 1: /* fall through */ 2500 case 2: /* fall through */ 2501 case 4: 2502 ret = (regs[reg] >> offset * 8) & (((uint64_t)1 << (size * 8)) - 1); 2503 DPRINTF("TxStatus/TxAddr[%d] read addr=0x%x size=0x%x val=0x%08x\n", 2504 reg, addr, size, ret); 2505 break; 2506 default: 2507 DPRINTF("unsupported size 0x%x of TxStatus/TxAddr reading\n", size); 2508 break; 2509 } 2510 2511 return ret; 2512 } 2513 2514 static uint16_t rtl8139_TSAD_read(RTL8139State *s) 2515 { 2516 uint16_t ret = 0; 2517 2518 /* Simulate TSAD, it is read only anyway */ 2519 2520 ret = ((s->TxStatus[3] & TxStatOK )?TSAD_TOK3:0) 2521 |((s->TxStatus[2] & TxStatOK )?TSAD_TOK2:0) 2522 |((s->TxStatus[1] & TxStatOK )?TSAD_TOK1:0) 2523 |((s->TxStatus[0] & TxStatOK )?TSAD_TOK0:0) 2524 2525 |((s->TxStatus[3] & TxUnderrun)?TSAD_TUN3:0) 2526 |((s->TxStatus[2] & TxUnderrun)?TSAD_TUN2:0) 2527 |((s->TxStatus[1] & TxUnderrun)?TSAD_TUN1:0) 2528 |((s->TxStatus[0] & TxUnderrun)?TSAD_TUN0:0) 2529 2530 |((s->TxStatus[3] & TxAborted )?TSAD_TABT3:0) 2531 |((s->TxStatus[2] & TxAborted )?TSAD_TABT2:0) 2532 |((s->TxStatus[1] & TxAborted )?TSAD_TABT1:0) 2533 |((s->TxStatus[0] & TxAborted )?TSAD_TABT0:0) 2534 2535 |((s->TxStatus[3] & TxHostOwns )?TSAD_OWN3:0) 2536 |((s->TxStatus[2] & TxHostOwns )?TSAD_OWN2:0) 2537 |((s->TxStatus[1] & TxHostOwns )?TSAD_OWN1:0) 2538 |((s->TxStatus[0] & TxHostOwns )?TSAD_OWN0:0) ; 2539 2540 2541 DPRINTF("TSAD read val=0x%04x\n", ret); 2542 2543 return ret; 2544 } 2545 2546 static uint16_t rtl8139_CSCR_read(RTL8139State *s) 2547 { 2548 uint16_t ret = s->CSCR; 2549 2550 DPRINTF("CSCR read val=0x%04x\n", ret); 2551 2552 return ret; 2553 } 2554 2555 static void rtl8139_TxAddr_write(RTL8139State *s, uint32_t txAddrOffset, uint32_t val) 2556 { 2557 DPRINTF("TxAddr write offset=0x%x val=0x%08x\n", txAddrOffset, val); 2558 2559 s->TxAddr[txAddrOffset/4] = val; 2560 } 2561 2562 static uint32_t rtl8139_TxAddr_read(RTL8139State *s, uint32_t txAddrOffset) 2563 { 2564 uint32_t ret = s->TxAddr[txAddrOffset/4]; 2565 2566 DPRINTF("TxAddr read offset=0x%x val=0x%08x\n", txAddrOffset, ret); 2567 2568 return ret; 2569 } 2570 2571 static void rtl8139_RxBufPtr_write(RTL8139State *s, uint32_t val) 2572 { 2573 DPRINTF("RxBufPtr write val=0x%04x\n", val); 2574 2575 /* this value is off by 16 */ 2576 s->RxBufPtr = MOD2(val + 0x10, s->RxBufferSize); 2577 2578 /* more buffer space may be available so try to receive */ 2579 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 2580 2581 DPRINTF(" CAPR write: rx buffer length %d head 0x%04x read 0x%04x\n", 2582 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr); 2583 } 2584 2585 static uint32_t rtl8139_RxBufPtr_read(RTL8139State *s) 2586 { 2587 /* this value is off by 16 */ 2588 uint32_t ret = s->RxBufPtr - 0x10; 2589 2590 DPRINTF("RxBufPtr read val=0x%04x\n", ret); 2591 2592 return ret; 2593 } 2594 2595 static uint32_t rtl8139_RxBufAddr_read(RTL8139State *s) 2596 { 2597 /* this value is NOT off by 16 */ 2598 uint32_t ret = s->RxBufAddr; 2599 2600 DPRINTF("RxBufAddr read val=0x%04x\n", ret); 2601 2602 return ret; 2603 } 2604 2605 static void rtl8139_RxBuf_write(RTL8139State *s, uint32_t val) 2606 { 2607 DPRINTF("RxBuf write val=0x%08x\n", val); 2608 2609 s->RxBuf = val; 2610 2611 /* may need to reset rxring here */ 2612 } 2613 2614 static uint32_t rtl8139_RxBuf_read(RTL8139State *s) 2615 { 2616 uint32_t ret = s->RxBuf; 2617 2618 DPRINTF("RxBuf read val=0x%08x\n", ret); 2619 2620 return ret; 2621 } 2622 2623 static void rtl8139_IntrMask_write(RTL8139State *s, uint32_t val) 2624 { 2625 DPRINTF("IntrMask write(w) val=0x%04x\n", val); 2626 2627 /* mask unwritable bits */ 2628 val = SET_MASKED(val, 0x1e00, s->IntrMask); 2629 2630 s->IntrMask = val; 2631 2632 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock)); 2633 rtl8139_update_irq(s); 2634 2635 } 2636 2637 static uint32_t rtl8139_IntrMask_read(RTL8139State *s) 2638 { 2639 uint32_t ret = s->IntrMask; 2640 2641 DPRINTF("IntrMask read(w) val=0x%04x\n", ret); 2642 2643 return ret; 2644 } 2645 2646 static void rtl8139_IntrStatus_write(RTL8139State *s, uint32_t val) 2647 { 2648 DPRINTF("IntrStatus write(w) val=0x%04x\n", val); 2649 2650 #if 0 2651 2652 /* writing to ISR has no effect */ 2653 2654 return; 2655 2656 #else 2657 uint16_t newStatus = s->IntrStatus & ~val; 2658 2659 /* mask unwritable bits */ 2660 newStatus = SET_MASKED(newStatus, 0x1e00, s->IntrStatus); 2661 2662 /* writing 1 to interrupt status register bit clears it */ 2663 s->IntrStatus = 0; 2664 rtl8139_update_irq(s); 2665 2666 s->IntrStatus = newStatus; 2667 /* 2668 * Computing if we miss an interrupt here is not that correct but 2669 * considered that we should have had already an interrupt 2670 * and probably emulated is slower is better to assume this resetting was 2671 * done before testing on previous rtl8139_update_irq lead to IRQ losing 2672 */ 2673 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock)); 2674 rtl8139_update_irq(s); 2675 2676 #endif 2677 } 2678 2679 static uint32_t rtl8139_IntrStatus_read(RTL8139State *s) 2680 { 2681 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock)); 2682 2683 uint32_t ret = s->IntrStatus; 2684 2685 DPRINTF("IntrStatus read(w) val=0x%04x\n", ret); 2686 2687 #if 0 2688 2689 /* reading ISR clears all interrupts */ 2690 s->IntrStatus = 0; 2691 2692 rtl8139_update_irq(s); 2693 2694 #endif 2695 2696 return ret; 2697 } 2698 2699 static void rtl8139_MultiIntr_write(RTL8139State *s, uint32_t val) 2700 { 2701 DPRINTF("MultiIntr write(w) val=0x%04x\n", val); 2702 2703 /* mask unwritable bits */ 2704 val = SET_MASKED(val, 0xf000, s->MultiIntr); 2705 2706 s->MultiIntr = val; 2707 } 2708 2709 static uint32_t rtl8139_MultiIntr_read(RTL8139State *s) 2710 { 2711 uint32_t ret = s->MultiIntr; 2712 2713 DPRINTF("MultiIntr read(w) val=0x%04x\n", ret); 2714 2715 return ret; 2716 } 2717 2718 static void rtl8139_io_writeb(void *opaque, uint8_t addr, uint32_t val) 2719 { 2720 RTL8139State *s = opaque; 2721 2722 switch (addr) 2723 { 2724 case MAC0 ... MAC0+5: 2725 s->phys[addr - MAC0] = val; 2726 break; 2727 case MAC0+6 ... MAC0+7: 2728 /* reserved */ 2729 break; 2730 case MAR0 ... MAR0+7: 2731 s->mult[addr - MAR0] = val; 2732 break; 2733 case ChipCmd: 2734 rtl8139_ChipCmd_write(s, val); 2735 break; 2736 case Cfg9346: 2737 rtl8139_Cfg9346_write(s, val); 2738 break; 2739 case TxConfig: /* windows driver sometimes writes using byte-lenth call */ 2740 rtl8139_TxConfig_writeb(s, val); 2741 break; 2742 case Config0: 2743 rtl8139_Config0_write(s, val); 2744 break; 2745 case Config1: 2746 rtl8139_Config1_write(s, val); 2747 break; 2748 case Config3: 2749 rtl8139_Config3_write(s, val); 2750 break; 2751 case Config4: 2752 rtl8139_Config4_write(s, val); 2753 break; 2754 case Config5: 2755 rtl8139_Config5_write(s, val); 2756 break; 2757 case MediaStatus: 2758 /* ignore */ 2759 DPRINTF("not implemented write(b) to MediaStatus val=0x%02x\n", 2760 val); 2761 break; 2762 2763 case HltClk: 2764 DPRINTF("HltClk write val=0x%08x\n", val); 2765 if (val == 'R') 2766 { 2767 s->clock_enabled = 1; 2768 } 2769 else if (val == 'H') 2770 { 2771 s->clock_enabled = 0; 2772 } 2773 break; 2774 2775 case TxThresh: 2776 DPRINTF("C+ TxThresh write(b) val=0x%02x\n", val); 2777 s->TxThresh = val; 2778 break; 2779 2780 case TxPoll: 2781 DPRINTF("C+ TxPoll write(b) val=0x%02x\n", val); 2782 if (val & (1 << 7)) 2783 { 2784 DPRINTF("C+ TxPoll high priority transmission (not " 2785 "implemented)\n"); 2786 //rtl8139_cplus_transmit(s); 2787 } 2788 if (val & (1 << 6)) 2789 { 2790 DPRINTF("C+ TxPoll normal priority transmission\n"); 2791 rtl8139_cplus_transmit(s); 2792 } 2793 2794 break; 2795 2796 default: 2797 DPRINTF("not implemented write(b) addr=0x%x val=0x%02x\n", addr, 2798 val); 2799 break; 2800 } 2801 } 2802 2803 static void rtl8139_io_writew(void *opaque, uint8_t addr, uint32_t val) 2804 { 2805 RTL8139State *s = opaque; 2806 2807 switch (addr) 2808 { 2809 case IntrMask: 2810 rtl8139_IntrMask_write(s, val); 2811 break; 2812 2813 case IntrStatus: 2814 rtl8139_IntrStatus_write(s, val); 2815 break; 2816 2817 case MultiIntr: 2818 rtl8139_MultiIntr_write(s, val); 2819 break; 2820 2821 case RxBufPtr: 2822 rtl8139_RxBufPtr_write(s, val); 2823 break; 2824 2825 case BasicModeCtrl: 2826 rtl8139_BasicModeCtrl_write(s, val); 2827 break; 2828 case BasicModeStatus: 2829 rtl8139_BasicModeStatus_write(s, val); 2830 break; 2831 case NWayAdvert: 2832 DPRINTF("NWayAdvert write(w) val=0x%04x\n", val); 2833 s->NWayAdvert = val; 2834 break; 2835 case NWayLPAR: 2836 DPRINTF("forbidden NWayLPAR write(w) val=0x%04x\n", val); 2837 break; 2838 case NWayExpansion: 2839 DPRINTF("NWayExpansion write(w) val=0x%04x\n", val); 2840 s->NWayExpansion = val; 2841 break; 2842 2843 case CpCmd: 2844 rtl8139_CpCmd_write(s, val); 2845 break; 2846 2847 case IntrMitigate: 2848 rtl8139_IntrMitigate_write(s, val); 2849 break; 2850 2851 default: 2852 DPRINTF("ioport write(w) addr=0x%x val=0x%04x via write(b)\n", 2853 addr, val); 2854 2855 rtl8139_io_writeb(opaque, addr, val & 0xff); 2856 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff); 2857 break; 2858 } 2859 } 2860 2861 static void rtl8139_set_next_tctr_time(RTL8139State *s, int64_t current_time) 2862 { 2863 int64_t pci_time, next_time; 2864 uint32_t low_pci; 2865 2866 DPRINTF("entered rtl8139_set_next_tctr_time\n"); 2867 2868 if (s->TimerExpire && current_time >= s->TimerExpire) { 2869 s->IntrStatus |= PCSTimeout; 2870 rtl8139_update_irq(s); 2871 } 2872 2873 /* Set QEMU timer only if needed that is 2874 * - TimerInt <> 0 (we have a timer) 2875 * - mask = 1 (we want an interrupt timer) 2876 * - irq = 0 (irq is not already active) 2877 * If any of above change we need to compute timer again 2878 * Also we must check if timer is passed without QEMU timer 2879 */ 2880 s->TimerExpire = 0; 2881 if (!s->TimerInt) { 2882 return; 2883 } 2884 2885 pci_time = muldiv64(current_time - s->TCTR_base, PCI_FREQUENCY, 2886 get_ticks_per_sec()); 2887 low_pci = pci_time & 0xffffffff; 2888 pci_time = pci_time - low_pci + s->TimerInt; 2889 if (low_pci >= s->TimerInt) { 2890 pci_time += 0x100000000LL; 2891 } 2892 next_time = s->TCTR_base + muldiv64(pci_time, get_ticks_per_sec(), 2893 PCI_FREQUENCY); 2894 s->TimerExpire = next_time; 2895 2896 if ((s->IntrMask & PCSTimeout) != 0 && (s->IntrStatus & PCSTimeout) == 0) { 2897 qemu_mod_timer(s->timer, next_time); 2898 } 2899 } 2900 2901 static void rtl8139_io_writel(void *opaque, uint8_t addr, uint32_t val) 2902 { 2903 RTL8139State *s = opaque; 2904 2905 switch (addr) 2906 { 2907 case RxMissed: 2908 DPRINTF("RxMissed clearing on write\n"); 2909 s->RxMissed = 0; 2910 break; 2911 2912 case TxConfig: 2913 rtl8139_TxConfig_write(s, val); 2914 break; 2915 2916 case RxConfig: 2917 rtl8139_RxConfig_write(s, val); 2918 break; 2919 2920 case TxStatus0 ... TxStatus0+4*4-1: 2921 rtl8139_TxStatus_write(s, addr-TxStatus0, val); 2922 break; 2923 2924 case TxAddr0 ... TxAddr0+4*4-1: 2925 rtl8139_TxAddr_write(s, addr-TxAddr0, val); 2926 break; 2927 2928 case RxBuf: 2929 rtl8139_RxBuf_write(s, val); 2930 break; 2931 2932 case RxRingAddrLO: 2933 DPRINTF("C+ RxRing low bits write val=0x%08x\n", val); 2934 s->RxRingAddrLO = val; 2935 break; 2936 2937 case RxRingAddrHI: 2938 DPRINTF("C+ RxRing high bits write val=0x%08x\n", val); 2939 s->RxRingAddrHI = val; 2940 break; 2941 2942 case Timer: 2943 DPRINTF("TCTR Timer reset on write\n"); 2944 s->TCTR_base = qemu_get_clock_ns(vm_clock); 2945 rtl8139_set_next_tctr_time(s, s->TCTR_base); 2946 break; 2947 2948 case FlashReg: 2949 DPRINTF("FlashReg TimerInt write val=0x%08x\n", val); 2950 if (s->TimerInt != val) { 2951 s->TimerInt = val; 2952 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock)); 2953 } 2954 break; 2955 2956 default: 2957 DPRINTF("ioport write(l) addr=0x%x val=0x%08x via write(b)\n", 2958 addr, val); 2959 rtl8139_io_writeb(opaque, addr, val & 0xff); 2960 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff); 2961 rtl8139_io_writeb(opaque, addr + 2, (val >> 16) & 0xff); 2962 rtl8139_io_writeb(opaque, addr + 3, (val >> 24) & 0xff); 2963 break; 2964 } 2965 } 2966 2967 static uint32_t rtl8139_io_readb(void *opaque, uint8_t addr) 2968 { 2969 RTL8139State *s = opaque; 2970 int ret; 2971 2972 switch (addr) 2973 { 2974 case MAC0 ... MAC0+5: 2975 ret = s->phys[addr - MAC0]; 2976 break; 2977 case MAC0+6 ... MAC0+7: 2978 ret = 0; 2979 break; 2980 case MAR0 ... MAR0+7: 2981 ret = s->mult[addr - MAR0]; 2982 break; 2983 case TxStatus0 ... TxStatus0+4*4-1: 2984 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxStatus, TxStatus0, 2985 addr, 1); 2986 break; 2987 case ChipCmd: 2988 ret = rtl8139_ChipCmd_read(s); 2989 break; 2990 case Cfg9346: 2991 ret = rtl8139_Cfg9346_read(s); 2992 break; 2993 case Config0: 2994 ret = rtl8139_Config0_read(s); 2995 break; 2996 case Config1: 2997 ret = rtl8139_Config1_read(s); 2998 break; 2999 case Config3: 3000 ret = rtl8139_Config3_read(s); 3001 break; 3002 case Config4: 3003 ret = rtl8139_Config4_read(s); 3004 break; 3005 case Config5: 3006 ret = rtl8139_Config5_read(s); 3007 break; 3008 3009 case MediaStatus: 3010 /* The LinkDown bit of MediaStatus is inverse with link status */ 3011 ret = 0xd0 | (~s->BasicModeStatus & 0x04); 3012 DPRINTF("MediaStatus read 0x%x\n", ret); 3013 break; 3014 3015 case HltClk: 3016 ret = s->clock_enabled; 3017 DPRINTF("HltClk read 0x%x\n", ret); 3018 break; 3019 3020 case PCIRevisionID: 3021 ret = RTL8139_PCI_REVID; 3022 DPRINTF("PCI Revision ID read 0x%x\n", ret); 3023 break; 3024 3025 case TxThresh: 3026 ret = s->TxThresh; 3027 DPRINTF("C+ TxThresh read(b) val=0x%02x\n", ret); 3028 break; 3029 3030 case 0x43: /* Part of TxConfig register. Windows driver tries to read it */ 3031 ret = s->TxConfig >> 24; 3032 DPRINTF("RTL8139C TxConfig at 0x43 read(b) val=0x%02x\n", ret); 3033 break; 3034 3035 default: 3036 DPRINTF("not implemented read(b) addr=0x%x\n", addr); 3037 ret = 0; 3038 break; 3039 } 3040 3041 return ret; 3042 } 3043 3044 static uint32_t rtl8139_io_readw(void *opaque, uint8_t addr) 3045 { 3046 RTL8139State *s = opaque; 3047 uint32_t ret; 3048 3049 switch (addr) 3050 { 3051 case TxAddr0 ... TxAddr0+4*4-1: 3052 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxAddr, TxAddr0, addr, 2); 3053 break; 3054 case IntrMask: 3055 ret = rtl8139_IntrMask_read(s); 3056 break; 3057 3058 case IntrStatus: 3059 ret = rtl8139_IntrStatus_read(s); 3060 break; 3061 3062 case MultiIntr: 3063 ret = rtl8139_MultiIntr_read(s); 3064 break; 3065 3066 case RxBufPtr: 3067 ret = rtl8139_RxBufPtr_read(s); 3068 break; 3069 3070 case RxBufAddr: 3071 ret = rtl8139_RxBufAddr_read(s); 3072 break; 3073 3074 case BasicModeCtrl: 3075 ret = rtl8139_BasicModeCtrl_read(s); 3076 break; 3077 case BasicModeStatus: 3078 ret = rtl8139_BasicModeStatus_read(s); 3079 break; 3080 case NWayAdvert: 3081 ret = s->NWayAdvert; 3082 DPRINTF("NWayAdvert read(w) val=0x%04x\n", ret); 3083 break; 3084 case NWayLPAR: 3085 ret = s->NWayLPAR; 3086 DPRINTF("NWayLPAR read(w) val=0x%04x\n", ret); 3087 break; 3088 case NWayExpansion: 3089 ret = s->NWayExpansion; 3090 DPRINTF("NWayExpansion read(w) val=0x%04x\n", ret); 3091 break; 3092 3093 case CpCmd: 3094 ret = rtl8139_CpCmd_read(s); 3095 break; 3096 3097 case IntrMitigate: 3098 ret = rtl8139_IntrMitigate_read(s); 3099 break; 3100 3101 case TxSummary: 3102 ret = rtl8139_TSAD_read(s); 3103 break; 3104 3105 case CSCR: 3106 ret = rtl8139_CSCR_read(s); 3107 break; 3108 3109 default: 3110 DPRINTF("ioport read(w) addr=0x%x via read(b)\n", addr); 3111 3112 ret = rtl8139_io_readb(opaque, addr); 3113 ret |= rtl8139_io_readb(opaque, addr + 1) << 8; 3114 3115 DPRINTF("ioport read(w) addr=0x%x val=0x%04x\n", addr, ret); 3116 break; 3117 } 3118 3119 return ret; 3120 } 3121 3122 static uint32_t rtl8139_io_readl(void *opaque, uint8_t addr) 3123 { 3124 RTL8139State *s = opaque; 3125 uint32_t ret; 3126 3127 switch (addr) 3128 { 3129 case RxMissed: 3130 ret = s->RxMissed; 3131 3132 DPRINTF("RxMissed read val=0x%08x\n", ret); 3133 break; 3134 3135 case TxConfig: 3136 ret = rtl8139_TxConfig_read(s); 3137 break; 3138 3139 case RxConfig: 3140 ret = rtl8139_RxConfig_read(s); 3141 break; 3142 3143 case TxStatus0 ... TxStatus0+4*4-1: 3144 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxStatus, TxStatus0, 3145 addr, 4); 3146 break; 3147 3148 case TxAddr0 ... TxAddr0+4*4-1: 3149 ret = rtl8139_TxAddr_read(s, addr-TxAddr0); 3150 break; 3151 3152 case RxBuf: 3153 ret = rtl8139_RxBuf_read(s); 3154 break; 3155 3156 case RxRingAddrLO: 3157 ret = s->RxRingAddrLO; 3158 DPRINTF("C+ RxRing low bits read val=0x%08x\n", ret); 3159 break; 3160 3161 case RxRingAddrHI: 3162 ret = s->RxRingAddrHI; 3163 DPRINTF("C+ RxRing high bits read val=0x%08x\n", ret); 3164 break; 3165 3166 case Timer: 3167 ret = muldiv64(qemu_get_clock_ns(vm_clock) - s->TCTR_base, 3168 PCI_FREQUENCY, get_ticks_per_sec()); 3169 DPRINTF("TCTR Timer read val=0x%08x\n", ret); 3170 break; 3171 3172 case FlashReg: 3173 ret = s->TimerInt; 3174 DPRINTF("FlashReg TimerInt read val=0x%08x\n", ret); 3175 break; 3176 3177 default: 3178 DPRINTF("ioport read(l) addr=0x%x via read(b)\n", addr); 3179 3180 ret = rtl8139_io_readb(opaque, addr); 3181 ret |= rtl8139_io_readb(opaque, addr + 1) << 8; 3182 ret |= rtl8139_io_readb(opaque, addr + 2) << 16; 3183 ret |= rtl8139_io_readb(opaque, addr + 3) << 24; 3184 3185 DPRINTF("read(l) addr=0x%x val=%08x\n", addr, ret); 3186 break; 3187 } 3188 3189 return ret; 3190 } 3191 3192 /* */ 3193 3194 static void rtl8139_mmio_writeb(void *opaque, hwaddr addr, uint32_t val) 3195 { 3196 rtl8139_io_writeb(opaque, addr & 0xFF, val); 3197 } 3198 3199 static void rtl8139_mmio_writew(void *opaque, hwaddr addr, uint32_t val) 3200 { 3201 rtl8139_io_writew(opaque, addr & 0xFF, val); 3202 } 3203 3204 static void rtl8139_mmio_writel(void *opaque, hwaddr addr, uint32_t val) 3205 { 3206 rtl8139_io_writel(opaque, addr & 0xFF, val); 3207 } 3208 3209 static uint32_t rtl8139_mmio_readb(void *opaque, hwaddr addr) 3210 { 3211 return rtl8139_io_readb(opaque, addr & 0xFF); 3212 } 3213 3214 static uint32_t rtl8139_mmio_readw(void *opaque, hwaddr addr) 3215 { 3216 uint32_t val = rtl8139_io_readw(opaque, addr & 0xFF); 3217 return val; 3218 } 3219 3220 static uint32_t rtl8139_mmio_readl(void *opaque, hwaddr addr) 3221 { 3222 uint32_t val = rtl8139_io_readl(opaque, addr & 0xFF); 3223 return val; 3224 } 3225 3226 static int rtl8139_post_load(void *opaque, int version_id) 3227 { 3228 RTL8139State* s = opaque; 3229 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock)); 3230 if (version_id < 4) { 3231 s->cplus_enabled = s->CpCmd != 0; 3232 } 3233 3234 /* nc.link_down can't be migrated, so infer link_down according 3235 * to link status bit in BasicModeStatus */ 3236 qemu_get_queue(s->nic)->link_down = (s->BasicModeStatus & 0x04) == 0; 3237 3238 return 0; 3239 } 3240 3241 static bool rtl8139_hotplug_ready_needed(void *opaque) 3242 { 3243 return qdev_machine_modified(); 3244 } 3245 3246 static const VMStateDescription vmstate_rtl8139_hotplug_ready ={ 3247 .name = "rtl8139/hotplug_ready", 3248 .version_id = 1, 3249 .minimum_version_id = 1, 3250 .minimum_version_id_old = 1, 3251 .fields = (VMStateField []) { 3252 VMSTATE_END_OF_LIST() 3253 } 3254 }; 3255 3256 static void rtl8139_pre_save(void *opaque) 3257 { 3258 RTL8139State* s = opaque; 3259 int64_t current_time = qemu_get_clock_ns(vm_clock); 3260 3261 /* set IntrStatus correctly */ 3262 rtl8139_set_next_tctr_time(s, current_time); 3263 s->TCTR = muldiv64(current_time - s->TCTR_base, PCI_FREQUENCY, 3264 get_ticks_per_sec()); 3265 s->rtl8139_mmio_io_addr_dummy = 0; 3266 } 3267 3268 static const VMStateDescription vmstate_rtl8139 = { 3269 .name = "rtl8139", 3270 .version_id = 4, 3271 .minimum_version_id = 3, 3272 .minimum_version_id_old = 3, 3273 .post_load = rtl8139_post_load, 3274 .pre_save = rtl8139_pre_save, 3275 .fields = (VMStateField []) { 3276 VMSTATE_PCI_DEVICE(dev, RTL8139State), 3277 VMSTATE_PARTIAL_BUFFER(phys, RTL8139State, 6), 3278 VMSTATE_BUFFER(mult, RTL8139State), 3279 VMSTATE_UINT32_ARRAY(TxStatus, RTL8139State, 4), 3280 VMSTATE_UINT32_ARRAY(TxAddr, RTL8139State, 4), 3281 3282 VMSTATE_UINT32(RxBuf, RTL8139State), 3283 VMSTATE_UINT32(RxBufferSize, RTL8139State), 3284 VMSTATE_UINT32(RxBufPtr, RTL8139State), 3285 VMSTATE_UINT32(RxBufAddr, RTL8139State), 3286 3287 VMSTATE_UINT16(IntrStatus, RTL8139State), 3288 VMSTATE_UINT16(IntrMask, RTL8139State), 3289 3290 VMSTATE_UINT32(TxConfig, RTL8139State), 3291 VMSTATE_UINT32(RxConfig, RTL8139State), 3292 VMSTATE_UINT32(RxMissed, RTL8139State), 3293 VMSTATE_UINT16(CSCR, RTL8139State), 3294 3295 VMSTATE_UINT8(Cfg9346, RTL8139State), 3296 VMSTATE_UINT8(Config0, RTL8139State), 3297 VMSTATE_UINT8(Config1, RTL8139State), 3298 VMSTATE_UINT8(Config3, RTL8139State), 3299 VMSTATE_UINT8(Config4, RTL8139State), 3300 VMSTATE_UINT8(Config5, RTL8139State), 3301 3302 VMSTATE_UINT8(clock_enabled, RTL8139State), 3303 VMSTATE_UINT8(bChipCmdState, RTL8139State), 3304 3305 VMSTATE_UINT16(MultiIntr, RTL8139State), 3306 3307 VMSTATE_UINT16(BasicModeCtrl, RTL8139State), 3308 VMSTATE_UINT16(BasicModeStatus, RTL8139State), 3309 VMSTATE_UINT16(NWayAdvert, RTL8139State), 3310 VMSTATE_UINT16(NWayLPAR, RTL8139State), 3311 VMSTATE_UINT16(NWayExpansion, RTL8139State), 3312 3313 VMSTATE_UINT16(CpCmd, RTL8139State), 3314 VMSTATE_UINT8(TxThresh, RTL8139State), 3315 3316 VMSTATE_UNUSED(4), 3317 VMSTATE_MACADDR(conf.macaddr, RTL8139State), 3318 VMSTATE_INT32(rtl8139_mmio_io_addr_dummy, RTL8139State), 3319 3320 VMSTATE_UINT32(currTxDesc, RTL8139State), 3321 VMSTATE_UINT32(currCPlusRxDesc, RTL8139State), 3322 VMSTATE_UINT32(currCPlusTxDesc, RTL8139State), 3323 VMSTATE_UINT32(RxRingAddrLO, RTL8139State), 3324 VMSTATE_UINT32(RxRingAddrHI, RTL8139State), 3325 3326 VMSTATE_UINT16_ARRAY(eeprom.contents, RTL8139State, EEPROM_9346_SIZE), 3327 VMSTATE_INT32(eeprom.mode, RTL8139State), 3328 VMSTATE_UINT32(eeprom.tick, RTL8139State), 3329 VMSTATE_UINT8(eeprom.address, RTL8139State), 3330 VMSTATE_UINT16(eeprom.input, RTL8139State), 3331 VMSTATE_UINT16(eeprom.output, RTL8139State), 3332 3333 VMSTATE_UINT8(eeprom.eecs, RTL8139State), 3334 VMSTATE_UINT8(eeprom.eesk, RTL8139State), 3335 VMSTATE_UINT8(eeprom.eedi, RTL8139State), 3336 VMSTATE_UINT8(eeprom.eedo, RTL8139State), 3337 3338 VMSTATE_UINT32(TCTR, RTL8139State), 3339 VMSTATE_UINT32(TimerInt, RTL8139State), 3340 VMSTATE_INT64(TCTR_base, RTL8139State), 3341 3342 VMSTATE_STRUCT(tally_counters, RTL8139State, 0, 3343 vmstate_tally_counters, RTL8139TallyCounters), 3344 3345 VMSTATE_UINT32_V(cplus_enabled, RTL8139State, 4), 3346 VMSTATE_END_OF_LIST() 3347 }, 3348 .subsections = (VMStateSubsection []) { 3349 { 3350 .vmsd = &vmstate_rtl8139_hotplug_ready, 3351 .needed = rtl8139_hotplug_ready_needed, 3352 }, { 3353 /* empty */ 3354 } 3355 } 3356 }; 3357 3358 /***********************************************************/ 3359 /* PCI RTL8139 definitions */ 3360 3361 static void rtl8139_ioport_write(void *opaque, hwaddr addr, 3362 uint64_t val, unsigned size) 3363 { 3364 switch (size) { 3365 case 1: 3366 rtl8139_io_writeb(opaque, addr, val); 3367 break; 3368 case 2: 3369 rtl8139_io_writew(opaque, addr, val); 3370 break; 3371 case 4: 3372 rtl8139_io_writel(opaque, addr, val); 3373 break; 3374 } 3375 } 3376 3377 static uint64_t rtl8139_ioport_read(void *opaque, hwaddr addr, 3378 unsigned size) 3379 { 3380 switch (size) { 3381 case 1: 3382 return rtl8139_io_readb(opaque, addr); 3383 case 2: 3384 return rtl8139_io_readw(opaque, addr); 3385 case 4: 3386 return rtl8139_io_readl(opaque, addr); 3387 } 3388 3389 return -1; 3390 } 3391 3392 static const MemoryRegionOps rtl8139_io_ops = { 3393 .read = rtl8139_ioport_read, 3394 .write = rtl8139_ioport_write, 3395 .impl = { 3396 .min_access_size = 1, 3397 .max_access_size = 4, 3398 }, 3399 .endianness = DEVICE_LITTLE_ENDIAN, 3400 }; 3401 3402 static const MemoryRegionOps rtl8139_mmio_ops = { 3403 .old_mmio = { 3404 .read = { 3405 rtl8139_mmio_readb, 3406 rtl8139_mmio_readw, 3407 rtl8139_mmio_readl, 3408 }, 3409 .write = { 3410 rtl8139_mmio_writeb, 3411 rtl8139_mmio_writew, 3412 rtl8139_mmio_writel, 3413 }, 3414 }, 3415 .endianness = DEVICE_LITTLE_ENDIAN, 3416 }; 3417 3418 static void rtl8139_timer(void *opaque) 3419 { 3420 RTL8139State *s = opaque; 3421 3422 if (!s->clock_enabled) 3423 { 3424 DPRINTF(">>> timer: clock is not running\n"); 3425 return; 3426 } 3427 3428 s->IntrStatus |= PCSTimeout; 3429 rtl8139_update_irq(s); 3430 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock)); 3431 } 3432 3433 static void rtl8139_cleanup(NetClientState *nc) 3434 { 3435 RTL8139State *s = qemu_get_nic_opaque(nc); 3436 3437 s->nic = NULL; 3438 } 3439 3440 static void pci_rtl8139_uninit(PCIDevice *dev) 3441 { 3442 RTL8139State *s = DO_UPCAST(RTL8139State, dev, dev); 3443 3444 memory_region_destroy(&s->bar_io); 3445 memory_region_destroy(&s->bar_mem); 3446 if (s->cplus_txbuffer) { 3447 g_free(s->cplus_txbuffer); 3448 s->cplus_txbuffer = NULL; 3449 } 3450 qemu_del_timer(s->timer); 3451 qemu_free_timer(s->timer); 3452 qemu_del_nic(s->nic); 3453 } 3454 3455 static void rtl8139_set_link_status(NetClientState *nc) 3456 { 3457 RTL8139State *s = qemu_get_nic_opaque(nc); 3458 3459 if (nc->link_down) { 3460 s->BasicModeStatus &= ~0x04; 3461 } else { 3462 s->BasicModeStatus |= 0x04; 3463 } 3464 3465 s->IntrStatus |= RxUnderrun; 3466 rtl8139_update_irq(s); 3467 } 3468 3469 static NetClientInfo net_rtl8139_info = { 3470 .type = NET_CLIENT_OPTIONS_KIND_NIC, 3471 .size = sizeof(NICState), 3472 .can_receive = rtl8139_can_receive, 3473 .receive = rtl8139_receive, 3474 .cleanup = rtl8139_cleanup, 3475 .link_status_changed = rtl8139_set_link_status, 3476 }; 3477 3478 static int pci_rtl8139_init(PCIDevice *dev) 3479 { 3480 RTL8139State * s = DO_UPCAST(RTL8139State, dev, dev); 3481 uint8_t *pci_conf; 3482 3483 pci_conf = s->dev.config; 3484 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */ 3485 /* TODO: start of capability list, but no capability 3486 * list bit in status register, and offset 0xdc seems unused. */ 3487 pci_conf[PCI_CAPABILITY_LIST] = 0xdc; 3488 3489 memory_region_init_io(&s->bar_io, OBJECT(s), &rtl8139_io_ops, s, 3490 "rtl8139", 0x100); 3491 memory_region_init_io(&s->bar_mem, OBJECT(s), &rtl8139_mmio_ops, s, 3492 "rtl8139", 0x100); 3493 pci_register_bar(&s->dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->bar_io); 3494 pci_register_bar(&s->dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->bar_mem); 3495 3496 qemu_macaddr_default_if_unset(&s->conf.macaddr); 3497 3498 /* prepare eeprom */ 3499 s->eeprom.contents[0] = 0x8129; 3500 #if 1 3501 /* PCI vendor and device ID should be mirrored here */ 3502 s->eeprom.contents[1] = PCI_VENDOR_ID_REALTEK; 3503 s->eeprom.contents[2] = PCI_DEVICE_ID_REALTEK_8139; 3504 #endif 3505 s->eeprom.contents[7] = s->conf.macaddr.a[0] | s->conf.macaddr.a[1] << 8; 3506 s->eeprom.contents[8] = s->conf.macaddr.a[2] | s->conf.macaddr.a[3] << 8; 3507 s->eeprom.contents[9] = s->conf.macaddr.a[4] | s->conf.macaddr.a[5] << 8; 3508 3509 s->nic = qemu_new_nic(&net_rtl8139_info, &s->conf, 3510 object_get_typename(OBJECT(dev)), dev->qdev.id, s); 3511 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 3512 3513 s->cplus_txbuffer = NULL; 3514 s->cplus_txbuffer_len = 0; 3515 s->cplus_txbuffer_offset = 0; 3516 3517 s->TimerExpire = 0; 3518 s->timer = qemu_new_timer_ns(vm_clock, rtl8139_timer, s); 3519 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock)); 3520 3521 add_boot_device_path(s->conf.bootindex, &dev->qdev, "/ethernet-phy@0"); 3522 3523 return 0; 3524 } 3525 3526 static Property rtl8139_properties[] = { 3527 DEFINE_NIC_PROPERTIES(RTL8139State, conf), 3528 DEFINE_PROP_END_OF_LIST(), 3529 }; 3530 3531 static void rtl8139_class_init(ObjectClass *klass, void *data) 3532 { 3533 DeviceClass *dc = DEVICE_CLASS(klass); 3534 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 3535 3536 k->init = pci_rtl8139_init; 3537 k->exit = pci_rtl8139_uninit; 3538 k->romfile = "efi-rtl8139.rom"; 3539 k->vendor_id = PCI_VENDOR_ID_REALTEK; 3540 k->device_id = PCI_DEVICE_ID_REALTEK_8139; 3541 k->revision = RTL8139_PCI_REVID; /* >=0x20 is for 8139C+ */ 3542 k->class_id = PCI_CLASS_NETWORK_ETHERNET; 3543 dc->reset = rtl8139_reset; 3544 dc->vmsd = &vmstate_rtl8139; 3545 dc->props = rtl8139_properties; 3546 } 3547 3548 static const TypeInfo rtl8139_info = { 3549 .name = "rtl8139", 3550 .parent = TYPE_PCI_DEVICE, 3551 .instance_size = sizeof(RTL8139State), 3552 .class_init = rtl8139_class_init, 3553 }; 3554 3555 static void rtl8139_register_types(void) 3556 { 3557 type_register_static(&rtl8139_info); 3558 } 3559 3560 type_init(rtl8139_register_types) 3561