search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix typo in comment, by Andreas Faerber.
[qemu/dscho.git] / hw / eepro100.c
blobc39d36483d690278e39073a1358a285996f34894
1 /*
2 * QEMU i8255x (PRO100) emulation
3 *
4 * Copyright (c) 2006-2007 Stefan Weil
5 *
6 * Portions of the code are copies from grub / etherboot eepro100.c
7 * and linux e100.c.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22 *
23 * Tested features (i82559):
24 * PXE boot (i386) no valid link
25 * Linux networking (i386) ok
26 *
27 * Untested:
28 * non-i386 platforms
29 * Windows networking
30 *
31 * References:
32 *
33 * Intel 8255x 10/100 Mbps Ethernet Controller Family
34 * Open Source Software Developer Manual
35 */
36
37 #if defined(TARGET_I386)
38 # warning "PXE boot still not working!"
39 #endif
40
41 #include <assert.h>
42 #include <stddef.h> /* offsetof */
43 #include "vl.h"
44 #include "eeprom93xx.h"
45
46 /* Common declarations for all PCI devices. */
47
48 #define PCI_VENDOR_ID 0x00 /* 16 bits */
49 #define PCI_DEVICE_ID 0x02 /* 16 bits */
50 #define PCI_COMMAND 0x04 /* 16 bits */
51 #define PCI_STATUS 0x06 /* 16 bits */
52
53 #define PCI_REVISION_ID 0x08 /* 8 bits */
54 #define PCI_CLASS_CODE 0x0b /* 8 bits */
55 #define PCI_SUBCLASS_CODE 0x0a /* 8 bits */
56 #define PCI_HEADER_TYPE 0x0e /* 8 bits */
57
58 #define PCI_BASE_ADDRESS_0 0x10 /* 32 bits */
59 #define PCI_BASE_ADDRESS_1 0x14 /* 32 bits */
60 #define PCI_BASE_ADDRESS_2 0x18 /* 32 bits */
61 #define PCI_BASE_ADDRESS_3 0x1c /* 32 bits */
62 #define PCI_BASE_ADDRESS_4 0x20 /* 32 bits */
63 #define PCI_BASE_ADDRESS_5 0x24 /* 32 bits */
64
65 #define PCI_CONFIG_8(offset, value) \
66 (pci_conf[offset] = (value))
67 #define PCI_CONFIG_16(offset, value) \
68 (*(uint16_t *)&pci_conf[offset] = cpu_to_le16(value))
69 #define PCI_CONFIG_32(offset, value) \
70 (*(uint32_t *)&pci_conf[offset] = cpu_to_le32(value))
71
72 #define KiB 1024
73
74 /* debug EEPRO100 card */
75 //~ #define DEBUG_EEPRO100
76
77 #ifdef DEBUG_EEPRO100
78 #define logout(fmt, args...) fprintf(stderr, "EE100\t%-24s" fmt, __func__, ##args)
79 #else
80 #define logout(fmt, args...) ((void)0)
81 #endif
82
83 /* Set flags to 0 to disable debug output. */
84 #define MDI 0
85
86 #define TRACE(flag, command) ((flag) ? (command) : (void)0)
87
88 #define missing(text) assert(!"feature is missing in this emulation: " text)
89
90 #define MAX_ETH_FRAME_SIZE 1514
91
92 /* This driver supports several different devices which are declared here. */
93 #define i82551 0x82551
94 #define i82557B 0x82557b
95 #define i82557C 0x82557c
96 #define i82558B 0x82558b
97 #define i82559C 0x82559c
98 #define i82559ER 0x82559e
99 #define i82562 0x82562
100
101 #define EEPROM_SIZE 64
102
103 #define PCI_MEM_SIZE (4 * KiB)
104 #define PCI_IO_SIZE 64
105 #define PCI_FLASH_SIZE (128 * KiB)
106
107 #define BIT(n) (1 << (n))
108 #define BITS(n, m) (((0xffffffffU << (31 - n)) >> (31 - n + m)) << m)
109
110 /* The SCB accepts the following controls for the Tx and Rx units: */
111 #define CU_NOP 0x0000 /* No operation. */
112 #define CU_START 0x0010 /* CU start. */
113 #define CU_RESUME 0x0020 /* CU resume. */
114 #define CU_STATSADDR 0x0040 /* Load dump counters address. */
115 #define CU_SHOWSTATS 0x0050 /* Dump statistical counters. */
116 #define CU_CMD_BASE 0x0060 /* Load CU base address. */
117 #define CU_DUMPSTATS 0x0070 /* Dump and reset statistical counters. */
118 #define CU_SRESUME 0x00a0 /* CU static resume. */
119
120 #define RU_NOP 0x0000
121 #define RX_START 0x0001
122 #define RX_RESUME 0x0002
123 #define RX_ABORT 0x0004
124 #define RX_ADDR_LOAD 0x0006
125 #define RX_RESUMENR 0x0007
126 #define INT_MASK 0x0100
127 #define DRVR_INT 0x0200 /* Driver generated interrupt. */
128
129 typedef unsigned char bool;
130
131 /* Offsets to the various registers.
132 All accesses need not be longword aligned. */
133 enum speedo_offsets {
134 SCBStatus = 0,
135 SCBAck = 1,
136 SCBCmd = 2, /* Rx/Command Unit command and status. */
137 SCBIntmask = 3,
138 SCBPointer = 4, /* General purpose pointer. */
139 SCBPort = 8, /* Misc. commands and operands. */
140 SCBflash = 12, SCBeeprom = 14, /* EEPROM and flash memory control. */
141 SCBCtrlMDI = 16, /* MDI interface control. */
142 SCBEarlyRx = 20, /* Early receive byte count. */
143 };
144
145 /* A speedo3 transmit buffer descriptor with two buffers... */
146 typedef struct {
147 uint16_t status;
148 uint16_t command;
149 uint32_t link; /* void * */
150 uint32_t tx_desc_addr; /* transmit buffer decsriptor array address. */
151 uint16_t tcb_bytes; /* transmit command block byte count (in lower 14 bits */
152 uint8_t tx_threshold; /* transmit threshold */
153 uint8_t tbd_count; /* TBD number */
154 //~ /* This constitutes two "TBD" entries: hdr and data */
155 //~ uint32_t tx_buf_addr0; /* void *, header of frame to be transmitted. */
156 //~ int32_t tx_buf_size0; /* Length of Tx hdr. */
157 //~ uint32_t tx_buf_addr1; /* void *, data to be transmitted. */
158 //~ int32_t tx_buf_size1; /* Length of Tx data. */
159 } eepro100_tx_t;
160
161 /* Receive frame descriptor. */
162 typedef struct {
163 int16_t status;
164 uint16_t command;
165 uint32_t link; /* struct RxFD * */
166 uint32_t rx_buf_addr; /* void * */
167 uint16_t count;
168 uint16_t size;
169 char packet[MAX_ETH_FRAME_SIZE + 4];
170 } eepro100_rx_t;
171
172 typedef struct {
173 uint32_t tx_good_frames, tx_max_collisions, tx_late_collisions,
174 tx_underruns, tx_lost_crs, tx_deferred, tx_single_collisions,
175 tx_multiple_collisions, tx_total_collisions;
176 uint32_t rx_good_frames, rx_crc_errors, rx_alignment_errors,
177 rx_resource_errors, rx_overrun_errors, rx_cdt_errors,
178 rx_short_frame_errors;
179 uint32_t fc_xmt_pause, fc_rcv_pause, fc_rcv_unsupported;
180 uint16_t xmt_tco_frames, rcv_tco_frames;
181 uint32_t complete;
182 } eepro100_stats_t;
183
184 typedef enum {
185 cu_idle = 0,
186 cu_suspended = 1,
187 cu_active = 2,
188 cu_lpq_active = 2,
189 cu_hqp_active = 3
190 } cu_state_t;
191
192 typedef enum {
193 ru_idle = 0,
194 ru_suspended = 1,
195 ru_no_resources = 2,
196 ru_ready = 4
197 } ru_state_t;
198
199 #if defined(__BIG_ENDIAN_BITFIELD)
200 #define X(a,b) b,a
201 #else
202 #define X(a,b) a,b
203 #endif
204
205 typedef struct {
206 #if 1
207 uint8_t cmd;
208 uint32_t start;
209 uint32_t stop;
210 uint8_t boundary;
211 uint8_t tsr;
212 uint8_t tpsr;
213 uint16_t tcnt;
214 uint16_t rcnt;
215 uint32_t rsar;
216 uint8_t rsr;
217 uint8_t rxcr;
218 uint8_t isr;
219 uint8_t dcfg;
220 uint8_t imr;
221 uint8_t phys[6]; /* mac address */
222 uint8_t curpag;
223 uint8_t mult[8]; /* multicast mask array */
224 int mmio_index;
225 PCIDevice *pci_dev;
226 VLANClientState *vc;
227 #endif
228 uint8_t scb_stat; /* SCB stat/ack byte */
229 uint8_t int_stat; /* PCI interrupt status */
230 uint32_t region[3]; /* PCI region addresses */
231 uint8_t macaddr[6];
232 uint32_t statcounter[19];
233 uint16_t mdimem[32];
234 eeprom_t *eeprom;
235 uint32_t device; /* device variant */
236 uint32_t pointer;
237 /* (cu_base + cu_offset) address the next command block in the command block list. */
238 uint32_t cu_base; /* CU base address */
239 uint32_t cu_offset; /* CU address offset */
240 /* (ru_base + ru_offset) address the RFD in the Receive Frame Area. */
241 uint32_t ru_base; /* RU base address */
242 uint32_t ru_offset; /* RU address offset */
243 uint32_t statsaddr; /* pointer to eepro100_stats_t */
244 eepro100_stats_t statistics; /* statistical counters */
245 #if 0
246 uint16_t status;
247 #endif
248
249 /* Configuration bytes. */
250 uint8_t configuration[22];
251
252 /* Data in mem is always in the byte order of the controller (le). */
253 uint8_t mem[PCI_MEM_SIZE];
254 } EEPRO100State;
255
256 /* Default values for MDI (PHY) registers */
257 static const uint16_t eepro100_mdi_default[] = {
258 /* MDI Registers 0 - 6, 7 */
259 0x3000, 0x780d, 0x02a8, 0x0154, 0x05e1, 0x0000, 0x0000, 0x0000,
260 /* MDI Registers 8 - 15 */
261 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
262 /* MDI Registers 16 - 31 */
263 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
264 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
265 };
266
267 /* Readonly mask for MDI (PHY) registers */
268 static const uint16_t eepro100_mdi_mask[] = {
269 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000,
270 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
271 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
272 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
273 };
274
275 #define POLYNOMIAL 0x04c11db6
276
277 /* From FreeBSD */
278 /* XXX: optimize */
279 static int compute_mcast_idx(const uint8_t * ep)
280 {
281 uint32_t crc;
282 int carry, i, j;
283 uint8_t b;
284
285 crc = 0xffffffff;
286 for (i = 0; i < 6; i++) {
287 b = *ep++;
288 for (j = 0; j < 8; j++) {
289 carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
290 crc <<= 1;
291 b >>= 1;
292 if (carry)
293 crc = ((crc ^ POLYNOMIAL) | carry);
294 }
295 }
296 return (crc >> 26);
297 }
298
299 #if defined(DEBUG_EEPRO100)
300 static const char *nic_dump(const uint8_t * buf, unsigned size)
301 {
302 static char dump[3 * 16 + 1];
303 char *p = &dump[0];
304 if (size > 16)
305 size = 16;
306 while (size-- > 0) {
307 p += sprintf(p, " %02x", *buf++);
308 }
309 return dump;
310 }
311 #endif /* DEBUG_EEPRO100 */
312
313 enum scb_stat_ack {
314 stat_ack_not_ours = 0x00,
315 stat_ack_sw_gen = 0x04,
316 stat_ack_rnr = 0x10,
317 stat_ack_cu_idle = 0x20,
318 stat_ack_frame_rx = 0x40,
319 stat_ack_cu_cmd_done = 0x80,
320 stat_ack_not_present = 0xFF,
321 stat_ack_rx = (stat_ack_sw_gen | stat_ack_rnr | stat_ack_frame_rx),
322 stat_ack_tx = (stat_ack_cu_idle | stat_ack_cu_cmd_done),
323 };
324
325 static void disable_interrupt(EEPRO100State * s)
326 {
327 if (s->int_stat) {
328 logout("interrupt disabled\n");
329 qemu_irq_lower(s->pci_dev->irq[0]);
330 s->int_stat = 0;
331 }
332 }
333
334 static void enable_interrupt(EEPRO100State * s)
335 {
336 if (!s->int_stat) {
337 logout("interrupt enabled\n");
338 qemu_irq_raise(s->pci_dev->irq[0]);
339 s->int_stat = 1;
340 }
341 }
342
343 static void eepro100_acknowledge(EEPRO100State * s)
344 {
345 s->scb_stat &= ~s->mem[SCBAck];
346 s->mem[SCBAck] = s->scb_stat;
347 if (s->scb_stat == 0) {
348 disable_interrupt(s);
349 }
350 }
351
352 static void eepro100_interrupt(EEPRO100State * s, uint8_t stat)
353 {
354 uint8_t mask = ~s->mem[SCBIntmask];
355 s->mem[SCBAck] |= stat;
356 stat = s->scb_stat = s->mem[SCBAck];
357 stat &= (mask | 0x0f);
358 //~ stat &= (~s->mem[SCBIntmask] | 0x0xf);
359 if (stat && (mask & 0x01)) {
360 /* SCB mask and SCB Bit M do not disable interrupt. */
361 enable_interrupt(s);
362 } else if (s->int_stat) {
363 disable_interrupt(s);
364 }
365 }
366
367 static void eepro100_cx_interrupt(EEPRO100State * s)
368 {
369 /* CU completed action command. */
370 /* Transmit not ok (82557 only, not in emulation). */
371 eepro100_interrupt(s, 0x80);
372 }
373
374 static void eepro100_cna_interrupt(EEPRO100State * s)
375 {
376 /* CU left the active state. */
377 eepro100_interrupt(s, 0x20);
378 }
379
380 static void eepro100_fr_interrupt(EEPRO100State * s)
381 {
382 /* RU received a complete frame. */
383 eepro100_interrupt(s, 0x40);
384 }
385
386 #if 0
387 static void eepro100_rnr_interrupt(EEPRO100State * s)
388 {
389 /* RU is not ready. */
390 eepro100_interrupt(s, 0x10);
391 }
392 #endif
393
394 static void eepro100_mdi_interrupt(EEPRO100State * s)
395 {
396 /* MDI completed read or write cycle. */
397 eepro100_interrupt(s, 0x08);
398 }
399
400 static void eepro100_swi_interrupt(EEPRO100State * s)
401 {
402 /* Software has requested an interrupt. */
403 eepro100_interrupt(s, 0x04);
404 }
405
406 #if 0
407 static void eepro100_fcp_interrupt(EEPRO100State * s)
408 {
409 /* Flow control pause interrupt (82558 and later). */
410 eepro100_interrupt(s, 0x01);
411 }
412 #endif
413
414 static void pci_reset(EEPRO100State * s)
415 {
416 uint32_t device = s->device;
417 uint8_t *pci_conf = s->pci_dev->config;
418
419 logout("%p\n", s);
420
421 /* PCI Vendor ID */
422 PCI_CONFIG_16(PCI_VENDOR_ID, 0x8086);
423 /* PCI Device ID */
424 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
425 /* PCI Command */
426 PCI_CONFIG_16(PCI_COMMAND, 0x0000);
427 /* PCI Status */
428 PCI_CONFIG_16(PCI_STATUS, 0x2800);
429 /* PCI Revision ID */
430 PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
431 /* PCI Class Code */
432 PCI_CONFIG_8(0x09, 0x00);
433 PCI_CONFIG_8(PCI_SUBCLASS_CODE, 0x00); // ethernet network controller
434 PCI_CONFIG_8(PCI_CLASS_CODE, 0x02); // network controller
435 /* PCI Cache Line Size */
436 /* check cache line size!!! */
437 //~ PCI_CONFIG_8(0x0c, 0x00);
438 /* PCI Latency Timer */
439 PCI_CONFIG_8(0x0d, 0x20); // latency timer = 32 clocks
440 /* PCI Header Type */
441 /* BIST (built-in self test) */
442 #if defined(TARGET_I386)
443 // !!! workaround for buggy bios
444 //~ #define PCI_ADDRESS_SPACE_MEM_PREFETCH 0
445 #endif
446 #if 0
447 /* PCI Base Address Registers */
448 /* CSR Memory Mapped Base Address */
449 PCI_CONFIG_32(PCI_BASE_ADDRESS_0,
450 PCI_ADDRESS_SPACE_MEM | PCI_ADDRESS_SPACE_MEM_PREFETCH);
451 /* CSR I/O Mapped Base Address */
452 PCI_CONFIG_32(PCI_BASE_ADDRESS_1, PCI_ADDRESS_SPACE_IO);
453 #if 0
454 /* Flash Memory Mapped Base Address */
455 PCI_CONFIG_32(PCI_BASE_ADDRESS_2, 0xfffe0000 | PCI_ADDRESS_SPACE_MEM);
456 #endif
457 #endif
458 /* Expansion ROM Base Address (depends on boot disable!!!) */
459 PCI_CONFIG_32(0x30, 0x00000000);
460 /* Capability Pointer */
461 PCI_CONFIG_8(0x34, 0xdc);
462 /* Interrupt Pin */
463 PCI_CONFIG_8(0x3d, 1); // interrupt pin 0
464 /* Minimum Grant */
465 PCI_CONFIG_8(0x3e, 0x08);
466 /* Maximum Latency */
467 PCI_CONFIG_8(0x3f, 0x18);
468 /* Power Management Capabilities / Next Item Pointer / Capability ID */
469 PCI_CONFIG_32(0xdc, 0x7e210001);
470
471 switch (device) {
472 case i82551:
473 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
474 PCI_CONFIG_8(PCI_REVISION_ID, 0x0f);
475 break;
476 case i82557B:
477 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
478 PCI_CONFIG_8(PCI_REVISION_ID, 0x02);
479 break;
480 case i82557C:
481 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
482 PCI_CONFIG_8(PCI_REVISION_ID, 0x03);
483 break;
484 case i82558B:
485 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
486 PCI_CONFIG_16(PCI_STATUS, 0x2810);
487 PCI_CONFIG_8(PCI_REVISION_ID, 0x05);
488 break;
489 case i82559C:
490 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
491 PCI_CONFIG_16(PCI_STATUS, 0x2810);
492 //~ PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
493 break;
494 case i82559ER:
495 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
496 PCI_CONFIG_16(PCI_STATUS, 0x2810);
497 PCI_CONFIG_8(PCI_REVISION_ID, 0x09);
498 break;
499 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1029);
500 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1030); /* 82559 InBusiness 10/100 */
501 default:
502 logout("Device %X is undefined!\n", device);
503 }
504
505 if (device == i82557C || device == i82558B || device == i82559C) {
506 logout("Get device id and revision from EEPROM!!!\n");
507 }
508 }
509
510 static void nic_selective_reset(EEPRO100State * s)
511 {
512 size_t i;
513 uint16_t *eeprom_contents = eeprom93xx_data(s->eeprom);
514 //~ eeprom93xx_reset(s->eeprom);
515 memcpy(eeprom_contents, s->macaddr, 6);
516 eeprom_contents[0xa] = 0x4000;
517 uint16_t sum = 0;
518 for (i = 0; i < EEPROM_SIZE - 1; i++) {
519 sum += eeprom_contents[i];
520 }
521 eeprom_contents[EEPROM_SIZE - 1] = 0xbaba - sum;
522
523 memset(s->mem, 0, sizeof(s->mem));
524 uint32_t val = BIT(21);
525 memcpy(&s->mem[SCBCtrlMDI], &val, sizeof(val));
526
527 assert(sizeof(s->mdimem) == sizeof(eepro100_mdi_default));
528 memcpy(&s->mdimem[0], &eepro100_mdi_default[0], sizeof(s->mdimem));
529 }
530
531 static void nic_reset(void *opaque)
532 {
533 EEPRO100State *s = (EEPRO100State *) opaque;
534 logout("%p\n", s);
535 static int first;
536 if (!first) {
537 first = 1;
538 }
539 nic_selective_reset(s);
540 }
541
542 #if defined(DEBUG_EEPRO100)
543 static const char *reg[PCI_IO_SIZE / 4] = {
544 "Command/Status",
545 "General Pointer",
546 "Port",
547 "EEPROM/Flash Control",
548 "MDI Control",
549 "Receive DMA Byte Count",
550 "Flow control register",
551 "General Status/Control"
552 };
553
554 static char *regname(uint32_t addr)
555 {
556 static char buf[16];
557 if (addr < PCI_IO_SIZE) {
558 const char *r = reg[addr / 4];
559 if (r != 0) {
560 sprintf(buf, "%s+%u", r, addr % 4);
561 } else {
562 sprintf(buf, "0x%02x", addr);
563 }
564 } else {
565 sprintf(buf, "??? 0x%08x", addr);
566 }
567 return buf;
568 }
569 #endif /* DEBUG_EEPRO100 */
570
571 #if 0
572 static uint16_t eepro100_read_status(EEPRO100State * s)
573 {
574 uint16_t val = s->status;
575 logout("val=0x%04x\n", val);
576 return val;
577 }
578
579 static void eepro100_write_status(EEPRO100State * s, uint16_t val)
580 {
581 logout("val=0x%04x\n", val);
582 s->status = val;
583 }
584 #endif
585
586 /*****************************************************************************
587 *
588 * Command emulation.
589 *
590 ****************************************************************************/
591
592 #if 0
593 static uint16_t eepro100_read_command(EEPRO100State * s)
594 {
595 uint16_t val = 0xffff;
596 //~ logout("val=0x%04x\n", val);
597 return val;
598 }
599 #endif
600
601 /* Commands that can be put in a command list entry. */
602 enum commands {
603 CmdNOp = 0,
604 CmdIASetup = 1,
605 CmdConfigure = 2,
606 CmdMulticastList = 3,
607 CmdTx = 4,
608 CmdTDR = 5, /* load microcode */
609 CmdDump = 6,
610 CmdDiagnose = 7,
611
612 /* And some extra flags: */
613 CmdSuspend = 0x4000, /* Suspend after completion. */
614 CmdIntr = 0x2000, /* Interrupt after completion. */
615 CmdTxFlex = 0x0008, /* Use "Flexible mode" for CmdTx command. */
616 };
617
618 static cu_state_t get_cu_state(EEPRO100State * s)
619 {
620 return ((s->mem[SCBStatus] >> 6) & 0x03);
621 }
622
623 static void set_cu_state(EEPRO100State * s, cu_state_t state)
624 {
625 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0x3f) + (state << 6);
626 }
627
628 static ru_state_t get_ru_state(EEPRO100State * s)
629 {
630 return ((s->mem[SCBStatus] >> 2) & 0x0f);
631 }
632
633 static void set_ru_state(EEPRO100State * s, ru_state_t state)
634 {
635 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0xc3) + (state << 2);
636 }
637
638 static void dump_statistics(EEPRO100State * s)
639 {
640 /* Dump statistical data. Most data is never changed by the emulation
641 * and always 0, so we first just copy the whole block and then those
642 * values which really matter.
643 * Number of data should check configuration!!!
644 */
645 cpu_physical_memory_write(s->statsaddr, (uint8_t *) & s->statistics, 64);
646 stl_phys(s->statsaddr + 0, s->statistics.tx_good_frames);
647 stl_phys(s->statsaddr + 36, s->statistics.rx_good_frames);
648 stl_phys(s->statsaddr + 48, s->statistics.rx_resource_errors);
649 stl_phys(s->statsaddr + 60, s->statistics.rx_short_frame_errors);
650 //~ stw_phys(s->statsaddr + 76, s->statistics.xmt_tco_frames);
651 //~ stw_phys(s->statsaddr + 78, s->statistics.rcv_tco_frames);
652 //~ missing("CU dump statistical counters");
653 }
654
655 static void eepro100_cu_command(EEPRO100State * s, uint8_t val)
656 {
657 eepro100_tx_t tx;
658 uint32_t cb_address;
659 switch (val) {
660 case CU_NOP:
661 /* No operation. */
662 break;
663 case CU_START:
664 if (get_cu_state(s) != cu_idle) {
665 /* Intel documentation says that CU must be idle for the CU
666 * start command. Intel driver for Linux also starts the CU
667 * from suspended state. */
668 logout("CU state is %u, should be %u\n", get_cu_state(s), cu_idle);
669 //~ assert(!"wrong CU state");
670 }
671 set_cu_state(s, cu_active);
672 s->cu_offset = s->pointer;
673 next_command:
674 cb_address = s->cu_base + s->cu_offset;
675 cpu_physical_memory_read(cb_address, (uint8_t *) & tx, sizeof(tx));
676 uint16_t status = le16_to_cpu(tx.status);
677 uint16_t command = le16_to_cpu(tx.command);
678 logout
679 ("val=0x%02x (cu start), status=0x%04x, command=0x%04x, link=0x%08x\n",
680 val, status, command, tx.link);
681 bool bit_el = ((command & 0x8000) != 0);
682 bool bit_s = ((command & 0x4000) != 0);
683 bool bit_i = ((command & 0x2000) != 0);
684 bool bit_nc = ((command & 0x0010) != 0);
685 //~ bool bit_sf = ((command & 0x0008) != 0);
686 uint16_t cmd = command & 0x0007;
687 s->cu_offset = le32_to_cpu(tx.link);
688 switch (cmd) {
689 case CmdNOp:
690 /* Do nothing. */
691 break;
692 case CmdIASetup:
693 cpu_physical_memory_read(cb_address + 8, &s->macaddr[0], 6);
694 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
695 break;
696 case CmdConfigure:
697 cpu_physical_memory_read(cb_address + 8, &s->configuration[0],
698 sizeof(s->configuration));
699 logout("configuration: %s\n", nic_dump(&s->configuration[0], 16));
700 break;
701 case CmdMulticastList:
702 //~ missing("multicast list");
703 break;
704 case CmdTx:
705 (void)0;
706 uint32_t tbd_array = le32_to_cpu(tx.tx_desc_addr);
707 uint16_t tcb_bytes = (le16_to_cpu(tx.tcb_bytes) & 0x3fff);
708 logout
709 ("transmit, TBD array address 0x%08x, TCB byte count 0x%04x, TBD count %u\n",
710 tbd_array, tcb_bytes, tx.tbd_count);
711 assert(!bit_nc);
712 //~ assert(!bit_sf);
713 assert(tcb_bytes <= 2600);
714 /* Next assertion fails for local configuration. */
715 //~ assert((tcb_bytes > 0) || (tbd_array != 0xffffffff));
716 if (!((tcb_bytes > 0) || (tbd_array != 0xffffffff))) {
717 logout
718 ("illegal values of TBD array address and TCB byte count!\n");
719 }
720 uint8_t buf[MAX_ETH_FRAME_SIZE + 4];
721 uint16_t size = 0;
722 uint32_t tbd_address = cb_address + 0x10;
723 assert(tcb_bytes <= sizeof(buf));
724 while (size < tcb_bytes) {
725 uint32_t tx_buffer_address = ldl_phys(tbd_address);
726 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
727 //~ uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
728 tbd_address += 8;
729 logout
730 ("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n",
731 tx_buffer_address, tx_buffer_size);
732 cpu_physical_memory_read(tx_buffer_address, &buf[size],
733 tx_buffer_size);
734 size += tx_buffer_size;
735 }
736 if (tbd_array == 0xffffffff) {
737 /* Simplified mode. Was already handled by code above. */
738 } else {
739 /* Flexible mode. */
740 uint8_t tbd_count = 0;
741 if (!(s->configuration[6] & BIT(4))) {
742 /* Extended TCB. */
743 assert(tcb_bytes == 0);
744 for (; tbd_count < 2; tbd_count++) {
745 uint32_t tx_buffer_address = ldl_phys(tbd_address);
746 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
747 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
748 tbd_address += 8;
749 logout
750 ("TBD (extended mode): buffer address 0x%08x, size 0x%04x\n",
751 tx_buffer_address, tx_buffer_size);
752 cpu_physical_memory_read(tx_buffer_address, &buf[size],
753 tx_buffer_size);
754 size += tx_buffer_size;
755 if (tx_buffer_el & 1) {
756 break;
757 }
758 }
759 }
760 tbd_address = tbd_array;
761 for (; tbd_count < tx.tbd_count; tbd_count++) {
762 uint32_t tx_buffer_address = ldl_phys(tbd_address);
763 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
764 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
765 tbd_address += 8;
766 logout
767 ("TBD (flexible mode): buffer address 0x%08x, size 0x%04x\n",
768 tx_buffer_address, tx_buffer_size);
769 cpu_physical_memory_read(tx_buffer_address, &buf[size],
770 tx_buffer_size);
771 size += tx_buffer_size;
772 if (tx_buffer_el & 1) {
773 break;
774 }
775 }
776 }
777 qemu_send_packet(s->vc, buf, size);
778 s->statistics.tx_good_frames++;
779 /* Transmit with bad status would raise an CX/TNO interrupt.
780 * (82557 only). Emulation never has bad status. */
781 //~ eepro100_cx_interrupt(s);
782 break;
783 case CmdTDR:
784 logout("load microcode\n");
785 /* Starting with offset 8, the command contains
786 * 64 dwords microcode which we just ignore here. */
787 break;
788 default:
789 missing("undefined command");
790 }
791 /* Write new status (success). */
792 stw_phys(cb_address, status | 0x8000 | 0x2000);
793 if (bit_i) {
794 /* CU completed action. */
795 eepro100_cx_interrupt(s);
796 }
797 if (bit_el) {
798 /* CU becomes idle. */
799 set_cu_state(s, cu_idle);
800 eepro100_cna_interrupt(s);
801 } else if (bit_s) {
802 /* CU becomes suspended. */
803 set_cu_state(s, cu_suspended);
804 eepro100_cna_interrupt(s);
805 } else {
806 /* More entries in list. */
807 logout("CU list with at least one more entry\n");
808 goto next_command;
809 }
810 logout("CU list empty\n");
811 /* List is empty. Now CU is idle or suspended. */
812 break;
813 case CU_RESUME:
814 if (get_cu_state(s) != cu_suspended) {
815 logout("bad CU resume from CU state %u\n", get_cu_state(s));
816 /* Workaround for bad Linux eepro100 driver which resumes
817 * from idle state. */
818 //~ missing("cu resume");
819 set_cu_state(s, cu_suspended);
820 }
821 if (get_cu_state(s) == cu_suspended) {
822 logout("CU resuming\n");
823 set_cu_state(s, cu_active);
824 goto next_command;
825 }
826 break;
827 case CU_STATSADDR:
828 /* Load dump counters address. */
829 s->statsaddr = s->pointer;
830 logout("val=0x%02x (status address)\n", val);
831 break;
832 case CU_SHOWSTATS:
833 /* Dump statistical counters. */
834 dump_statistics(s);
835 break;
836 case CU_CMD_BASE:
837 /* Load CU base. */
838 logout("val=0x%02x (CU base address)\n", val);
839 s->cu_base = s->pointer;
840 break;
841 case CU_DUMPSTATS:
842 /* Dump and reset statistical counters. */
843 dump_statistics(s);
844 memset(&s->statistics, 0, sizeof(s->statistics));
845 break;
846 case CU_SRESUME:
847 /* CU static resume. */
848 missing("CU static resume");
849 break;
850 default:
851 missing("Undefined CU command");
852 }
853 }
854
855 static void eepro100_ru_command(EEPRO100State * s, uint8_t val)
856 {
857 switch (val) {
858 case RU_NOP:
859 /* No operation. */
860 break;
861 case RX_START:
862 /* RU start. */
863 if (get_ru_state(s) != ru_idle) {
864 logout("RU state is %u, should be %u\n", get_ru_state(s), ru_idle);
865 //~ assert(!"wrong RU state");
866 }
867 set_ru_state(s, ru_ready);
868 s->ru_offset = s->pointer;
869 logout("val=0x%02x (rx start)\n", val);
870 break;
871 case RX_RESUME:
872 /* Restart RU. */
873 if (get_ru_state(s) != ru_suspended) {
874 logout("RU state is %u, should be %u\n", get_ru_state(s),
875 ru_suspended);
876 //~ assert(!"wrong RU state");
877 }
878 set_ru_state(s, ru_ready);
879 break;
880 case RX_ADDR_LOAD:
881 /* Load RU base. */
882 logout("val=0x%02x (RU base address)\n", val);
883 s->ru_base = s->pointer;
884 break;
885 default:
886 logout("val=0x%02x (undefined RU command)\n", val);
887 missing("Undefined SU command");
888 }
889 }
890
891 static void eepro100_write_command(EEPRO100State * s, uint8_t val)
892 {
893 eepro100_ru_command(s, val & 0x0f);
894 eepro100_cu_command(s, val & 0xf0);
895 if ((val) == 0) {
896 logout("val=0x%02x\n", val);
897 }
898 /* Clear command byte after command was accepted. */
899 s->mem[SCBCmd] = 0;
900 }
901
902 /*****************************************************************************
903 *
904 * EEPROM emulation.
905 *
906 ****************************************************************************/
907
908 #define EEPROM_CS 0x02
909 #define EEPROM_SK 0x01
910 #define EEPROM_DI 0x04
911 #define EEPROM_DO 0x08
912
913 static uint16_t eepro100_read_eeprom(EEPRO100State * s)
914 {
915 uint16_t val;
916 memcpy(&val, &s->mem[SCBeeprom], sizeof(val));
917 if (eeprom93xx_read(s->eeprom)) {
918 val |= EEPROM_DO;
919 } else {
920 val &= ~EEPROM_DO;
921 }
922 return val;
923 }
924
925 static void eepro100_write_eeprom(eeprom_t * eeprom, uint8_t val)
926 {
927 logout("write val=0x%02x\n", val);
928
929 /* mask unwriteable bits */
930 //~ val = SET_MASKED(val, 0x31, eeprom->value);
931
932 int eecs = ((val & EEPROM_CS) != 0);
933 int eesk = ((val & EEPROM_SK) != 0);
934 int eedi = ((val & EEPROM_DI) != 0);
935 eeprom93xx_write(eeprom, eecs, eesk, eedi);
936 }
937
938 static void eepro100_write_pointer(EEPRO100State * s, uint32_t val)
939 {
940 s->pointer = le32_to_cpu(val);
941 logout("val=0x%08x\n", val);
942 }
943
944 /*****************************************************************************
945 *
946 * MDI emulation.
947 *
948 ****************************************************************************/
949
950 #if defined(DEBUG_EEPRO100)
951 static const char *mdi_op_name[] = {
952 "opcode 0",
953 "write",
954 "read",
955 "opcode 3"
956 };
957
958 static const char *mdi_reg_name[] = {
959 "Control",
960 "Status",
961 "PHY Identification (Word 1)",
962 "PHY Identification (Word 2)",
963 "Auto-Negotiation Advertisement",
964 "Auto-Negotiation Link Partner Ability",
965 "Auto-Negotiation Expansion"
966 };
967 #endif /* DEBUG_EEPRO100 */
968
969 static uint32_t eepro100_read_mdi(EEPRO100State * s)
970 {
971 uint32_t val;
972 memcpy(&val, &s->mem[0x10], sizeof(val));
973
974 #ifdef DEBUG_EEPRO100
975 uint8_t raiseint = (val & BIT(29)) >> 29;
976 uint8_t opcode = (val & BITS(27, 26)) >> 26;
977 uint8_t phy = (val & BITS(25, 21)) >> 21;
978 uint8_t reg = (val & BITS(20, 16)) >> 16;
979 uint16_t data = (val & BITS(15, 0));
980 #endif
981 /* Emulation takes no time to finish MDI transaction. */
982 val |= BIT(28);
983 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
984 val, raiseint, mdi_op_name[opcode], phy,
985 mdi_reg_name[reg], data));
986 return val;
987 }
988
989 //~ #define BITS(val, upper, lower) (val & ???)
990 static void eepro100_write_mdi(EEPRO100State * s, uint32_t val)
991 {
992 uint8_t raiseint = (val & BIT(29)) >> 29;
993 uint8_t opcode = (val & BITS(27, 26)) >> 26;
994 uint8_t phy = (val & BITS(25, 21)) >> 21;
995 uint8_t reg = (val & BITS(20, 16)) >> 16;
996 uint16_t data = (val & BITS(15, 0));
997 if (phy != 1) {
998 /* Unsupported PHY address. */
999 //~ logout("phy must be 1 but is %u\n", phy);
1000 data = 0;
1001 } else if (opcode != 1 && opcode != 2) {
1002 /* Unsupported opcode. */
1003 logout("opcode must be 1 or 2 but is %u\n", opcode);
1004 data = 0;
1005 } else if (reg > 6) {
1006 /* Unsupported register. */
1007 logout("register must be 0...6 but is %u\n", reg);
1008 data = 0;
1009 } else {
1010 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
1011 val, raiseint, mdi_op_name[opcode], phy,
1012 mdi_reg_name[reg], data));
1013 if (opcode == 1) {
1014 /* MDI write */
1015 switch (reg) {
1016 case 0: /* Control Register */
1017 if (data & 0x8000) {
1018 /* Reset status and control registers to default. */
1019 s->mdimem[0] = eepro100_mdi_default[0];
1020 s->mdimem[1] = eepro100_mdi_default[1];
1021 data = s->mdimem[reg];
1022 } else {
1023 /* Restart Auto Configuration = Normal Operation */
1024 data &= ~0x0200;
1025 }
1026 break;
1027 case 1: /* Status Register */
1028 missing("not writable");
1029 data = s->mdimem[reg];
1030 break;
1031 case 2: /* PHY Identification Register (Word 1) */
1032 case 3: /* PHY Identification Register (Word 2) */
1033 missing("not implemented");
1034 break;
1035 case 4: /* Auto-Negotiation Advertisement Register */
1036 case 5: /* Auto-Negotiation Link Partner Ability Register */
1037 break;
1038 case 6: /* Auto-Negotiation Expansion Register */
1039 default:
1040 missing("not implemented");
1041 }
1042 s->mdimem[reg] = data;
1043 } else if (opcode == 2) {
1044 /* MDI read */
1045 switch (reg) {
1046 case 0: /* Control Register */
1047 if (data & 0x8000) {
1048 /* Reset status and control registers to default. */
1049 s->mdimem[0] = eepro100_mdi_default[0];
1050 s->mdimem[1] = eepro100_mdi_default[1];
1051 }
1052 break;
1053 case 1: /* Status Register */
1054 s->mdimem[reg] |= 0x0020;
1055 break;
1056 case 2: /* PHY Identification Register (Word 1) */
1057 case 3: /* PHY Identification Register (Word 2) */
1058 case 4: /* Auto-Negotiation Advertisement Register */
1059 break;
1060 case 5: /* Auto-Negotiation Link Partner Ability Register */
1061 s->mdimem[reg] = 0x41fe;
1062 break;
1063 case 6: /* Auto-Negotiation Expansion Register */
1064 s->mdimem[reg] = 0x0001;
1065 break;
1066 }
1067 data = s->mdimem[reg];
1068 }
1069 /* Emulation takes no time to finish MDI transaction.
1070 * Set MDI bit in SCB status register. */
1071 s->mem[SCBAck] |= 0x08;
1072 val |= BIT(28);
1073 if (raiseint) {
1074 eepro100_mdi_interrupt(s);
1075 }
1076 }
1077 val = (val & 0xffff0000) + data;
1078 memcpy(&s->mem[0x10], &val, sizeof(val));
1079 }
1080
1081 /*****************************************************************************
1082 *
1083 * Port emulation.
1084 *
1085 ****************************************************************************/
1086
1087 #define PORT_SOFTWARE_RESET 0
1088 #define PORT_SELFTEST 1
1089 #define PORT_SELECTIVE_RESET 2
1090 #define PORT_DUMP 3
1091 #define PORT_SELECTION_MASK 3
1092
1093 typedef struct {
1094 uint32_t st_sign; /* Self Test Signature */
1095 uint32_t st_result; /* Self Test Results */
1096 } eepro100_selftest_t;
1097
1098 static uint32_t eepro100_read_port(EEPRO100State * s)
1099 {
1100 return 0;
1101 }
1102
1103 static void eepro100_write_port(EEPRO100State * s, uint32_t val)
1104 {
1105 val = le32_to_cpu(val);
1106 uint32_t address = (val & ~PORT_SELECTION_MASK);
1107 uint8_t selection = (val & PORT_SELECTION_MASK);
1108 switch (selection) {
1109 case PORT_SOFTWARE_RESET:
1110 nic_reset(s);
1111 break;
1112 case PORT_SELFTEST:
1113 logout("selftest address=0x%08x\n", address);
1114 eepro100_selftest_t data;
1115 cpu_physical_memory_read(address, (uint8_t *) & data, sizeof(data));
1116 data.st_sign = 0xffffffff;
1117 data.st_result = 0;
1118 cpu_physical_memory_write(address, (uint8_t *) & data, sizeof(data));
1119 break;
1120 case PORT_SELECTIVE_RESET:
1121 logout("selective reset, selftest address=0x%08x\n", address);
1122 nic_selective_reset(s);
1123 break;
1124 default:
1125 logout("val=0x%08x\n", val);
1126 missing("unknown port selection");
1127 }
1128 }
1129
1130 /*****************************************************************************
1131 *
1132 * General hardware emulation.
1133 *
1134 ****************************************************************************/
1135
1136 static uint8_t eepro100_read1(EEPRO100State * s, uint32_t addr)
1137 {
1138 uint8_t val;
1139 if (addr <= sizeof(s->mem) - sizeof(val)) {
1140 memcpy(&val, &s->mem[addr], sizeof(val));
1141 }
1142
1143 switch (addr) {
1144 case SCBStatus:
1145 //~ val = eepro100_read_status(s);
1146 logout("addr=%s val=0x%02x\n", regname(addr), val);
1147 break;
1148 case SCBAck:
1149 //~ val = eepro100_read_status(s);
1150 logout("addr=%s val=0x%02x\n", regname(addr), val);
1151 break;
1152 case SCBCmd:
1153 logout("addr=%s val=0x%02x\n", regname(addr), val);
1154 //~ val = eepro100_read_command(s);
1155 break;
1156 case SCBIntmask:
1157 logout("addr=%s val=0x%02x\n", regname(addr), val);
1158 break;
1159 case SCBPort + 3:
1160 logout("addr=%s val=0x%02x\n", regname(addr), val);
1161 break;
1162 case SCBeeprom:
1163 val = eepro100_read_eeprom(s);
1164 break;
1165 case 0x1b: /* PMDR (power management driver register) */
1166 val = 0;
1167 logout("addr=%s val=0x%02x\n", regname(addr), val);
1168 break;
1169 case 0x1d: /* general status register */
1170 /* 100 Mbps full duplex, valid link */
1171 val = 0x07;
1172 logout("addr=General Status val=%02x\n", val);
1173 break;
1174 default:
1175 logout("addr=%s val=0x%02x\n", regname(addr), val);
1176 missing("unknown byte read");
1177 }
1178 return val;
1179 }
1180
1181 static uint16_t eepro100_read2(EEPRO100State * s, uint32_t addr)
1182 {
1183 uint16_t val;
1184 if (addr <= sizeof(s->mem) - sizeof(val)) {
1185 memcpy(&val, &s->mem[addr], sizeof(val));
1186 }
1187
1188 logout("addr=%s val=0x%04x\n", regname(addr), val);
1189
1190 switch (addr) {
1191 case SCBStatus:
1192 //~ val = eepro100_read_status(s);
1193 break;
1194 case SCBeeprom:
1195 val = eepro100_read_eeprom(s);
1196 break;
1197 default:
1198 logout("addr=%s val=0x%04x\n", regname(addr), val);
1199 missing("unknown word read");
1200 }
1201 return val;
1202 }
1203
1204 static uint32_t eepro100_read4(EEPRO100State * s, uint32_t addr)
1205 {
1206 uint32_t val;
1207 if (addr <= sizeof(s->mem) - sizeof(val)) {
1208 memcpy(&val, &s->mem[addr], sizeof(val));
1209 }
1210
1211 switch (addr) {
1212 case SCBStatus:
1213 //~ val = eepro100_read_status(s);
1214 logout("addr=%s val=0x%08x\n", regname(addr), val);
1215 break;
1216 case SCBPointer:
1217 //~ val = eepro100_read_pointer(s);
1218 logout("addr=%s val=0x%08x\n", regname(addr), val);
1219 break;
1220 case SCBPort:
1221 val = eepro100_read_port(s);
1222 logout("addr=%s val=0x%08x\n", regname(addr), val);
1223 break;
1224 case SCBCtrlMDI:
1225 val = eepro100_read_mdi(s);
1226 break;
1227 default:
1228 logout("addr=%s val=0x%08x\n", regname(addr), val);
1229 missing("unknown longword read");
1230 }
1231 return val;
1232 }
1233
1234 static void eepro100_write1(EEPRO100State * s, uint32_t addr, uint8_t val)
1235 {
1236 if (addr <= sizeof(s->mem) - sizeof(val)) {
1237 memcpy(&s->mem[addr], &val, sizeof(val));
1238 }
1239
1240 logout("addr=%s val=0x%02x\n", regname(addr), val);
1241
1242 switch (addr) {
1243 case SCBStatus:
1244 //~ eepro100_write_status(s, val);
1245 break;
1246 case SCBAck:
1247 eepro100_acknowledge(s);
1248 break;
1249 case SCBCmd:
1250 eepro100_write_command(s, val);
1251 break;
1252 case SCBIntmask:
1253 if (val & BIT(1)) {
1254 eepro100_swi_interrupt(s);
1255 }
1256 eepro100_interrupt(s, 0);
1257 break;
1258 case SCBPort + 3:
1259 logout("addr=%s val=0x%02x\n", regname(addr), val);
1260 break;
1261 case SCBeeprom:
1262 eepro100_write_eeprom(s->eeprom, val);
1263 break;
1264 default:
1265 logout("addr=%s val=0x%02x\n", regname(addr), val);
1266 missing("unknown byte write");
1267 }
1268 }
1269
1270 static void eepro100_write2(EEPRO100State * s, uint32_t addr, uint16_t val)
1271 {
1272 if (addr <= sizeof(s->mem) - sizeof(val)) {
1273 memcpy(&s->mem[addr], &val, sizeof(val));
1274 }
1275
1276 logout("addr=%s val=0x%04x\n", regname(addr), val);
1277
1278 switch (addr) {
1279 case SCBStatus:
1280 //~ eepro100_write_status(s, val);
1281 eepro100_acknowledge(s);
1282 break;
1283 case SCBCmd:
1284 eepro100_write_command(s, val);
1285 eepro100_write1(s, SCBIntmask, val >> 8);
1286 break;
1287 case SCBeeprom:
1288 eepro100_write_eeprom(s->eeprom, val);
1289 break;
1290 default:
1291 logout("addr=%s val=0x%04x\n", regname(addr), val);
1292 missing("unknown word write");
1293 }
1294 }
1295
1296 static void eepro100_write4(EEPRO100State * s, uint32_t addr, uint32_t val)
1297 {
1298 if (addr <= sizeof(s->mem) - sizeof(val)) {
1299 memcpy(&s->mem[addr], &val, sizeof(val));
1300 }
1301
1302 switch (addr) {
1303 case SCBPointer:
1304 eepro100_write_pointer(s, val);
1305 break;
1306 case SCBPort:
1307 logout("addr=%s val=0x%08x\n", regname(addr), val);
1308 eepro100_write_port(s, val);
1309 break;
1310 case SCBCtrlMDI:
1311 eepro100_write_mdi(s, val);
1312 break;
1313 default:
1314 logout("addr=%s val=0x%08x\n", regname(addr), val);
1315 missing("unknown longword write");
1316 }
1317 }
1318
1319 static uint32_t ioport_read1(void *opaque, uint32_t addr)
1320 {
1321 EEPRO100State *s = opaque;
1322 //~ logout("addr=%s\n", regname(addr));
1323 return eepro100_read1(s, addr - s->region[1]);
1324 }
1325
1326 static uint32_t ioport_read2(void *opaque, uint32_t addr)
1327 {
1328 EEPRO100State *s = opaque;
1329 return eepro100_read2(s, addr - s->region[1]);
1330 }
1331
1332 static uint32_t ioport_read4(void *opaque, uint32_t addr)
1333 {
1334 EEPRO100State *s = opaque;
1335 return eepro100_read4(s, addr - s->region[1]);
1336 }
1337
1338 static void ioport_write1(void *opaque, uint32_t addr, uint32_t val)
1339 {
1340 EEPRO100State *s = opaque;
1341 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1342 eepro100_write1(s, addr - s->region[1], val);
1343 }
1344
1345 static void ioport_write2(void *opaque, uint32_t addr, uint32_t val)
1346 {
1347 EEPRO100State *s = opaque;
1348 eepro100_write2(s, addr - s->region[1], val);
1349 }
1350
1351 static void ioport_write4(void *opaque, uint32_t addr, uint32_t val)
1352 {
1353 EEPRO100State *s = opaque;
1354 eepro100_write4(s, addr - s->region[1], val);
1355 }
1356
1357 /***********************************************************/
1358 /* PCI EEPRO100 definitions */
1359
1360 typedef struct PCIEEPRO100State {
1361 PCIDevice dev;
1362 EEPRO100State eepro100;
1363 } PCIEEPRO100State;
1364
1365 static void pci_map(PCIDevice * pci_dev, int region_num,
1366 uint32_t addr, uint32_t size, int type)
1367 {
1368 PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
1369 EEPRO100State *s = &d->eepro100;
1370
1371 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1372 region_num, addr, size, type);
1373
1374 assert(region_num == 1);
1375 register_ioport_write(addr, size, 1, ioport_write1, s);
1376 register_ioport_read(addr, size, 1, ioport_read1, s);
1377 register_ioport_write(addr, size, 2, ioport_write2, s);
1378 register_ioport_read(addr, size, 2, ioport_read2, s);
1379 register_ioport_write(addr, size, 4, ioport_write4, s);
1380 register_ioport_read(addr, size, 4, ioport_read4, s);
1381
1382 s->region[region_num] = addr;
1383 }
1384
1385 static void pci_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
1386 {
1387 EEPRO100State *s = opaque;
1388 addr -= s->region[0];
1389 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1390 eepro100_write1(s, addr, val);
1391 }
1392
1393 static void pci_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
1394 {
1395 EEPRO100State *s = opaque;
1396 addr -= s->region[0];
1397 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1398 eepro100_write2(s, addr, val);
1399 }
1400
1401 static void pci_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
1402 {
1403 EEPRO100State *s = opaque;
1404 addr -= s->region[0];
1405 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1406 eepro100_write4(s, addr, val);
1407 }
1408
1409 static uint32_t pci_mmio_readb(void *opaque, target_phys_addr_t addr)
1410 {
1411 EEPRO100State *s = opaque;
1412 addr -= s->region[0];
1413 //~ logout("addr=%s\n", regname(addr));
1414 return eepro100_read1(s, addr);
1415 }
1416
1417 static uint32_t pci_mmio_readw(void *opaque, target_phys_addr_t addr)
1418 {
1419 EEPRO100State *s = opaque;
1420 addr -= s->region[0];
1421 //~ logout("addr=%s\n", regname(addr));
1422 return eepro100_read2(s, addr);
1423 }
1424
1425 static uint32_t pci_mmio_readl(void *opaque, target_phys_addr_t addr)
1426 {
1427 EEPRO100State *s = opaque;
1428 addr -= s->region[0];
1429 //~ logout("addr=%s\n", regname(addr));
1430 return eepro100_read4(s, addr);
1431 }
1432
1433 static CPUWriteMemoryFunc *pci_mmio_write[] = {
1434 pci_mmio_writeb,
1435 pci_mmio_writew,
1436 pci_mmio_writel
1437 };
1438
1439 static CPUReadMemoryFunc *pci_mmio_read[] = {
1440 pci_mmio_readb,
1441 pci_mmio_readw,
1442 pci_mmio_readl
1443 };
1444
1445 static void pci_mmio_map(PCIDevice * pci_dev, int region_num,
1446 uint32_t addr, uint32_t size, int type)
1447 {
1448 PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
1449
1450 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1451 region_num, addr, size, type);
1452
1453 if (region_num == 0) {
1454 /* Map control / status registers. */
1455 cpu_register_physical_memory(addr, size, d->eepro100.mmio_index);
1456 d->eepro100.region[region_num] = addr;
1457 }
1458 }
1459
1460 static int nic_can_receive(void *opaque)
1461 {
1462 EEPRO100State *s = opaque;
1463 logout("%p\n", s);
1464 return get_ru_state(s) == ru_ready;
1465 //~ return !eepro100_buffer_full(s);
1466 }
1467
1468 #define MIN_BUF_SIZE 60
1469
1470 static void nic_receive(void *opaque, const uint8_t * buf, int size)
1471 {
1472 /* TODO:
1473 * - Magic packets should set bit 30 in power management driver register.
1474 * - Interesting packets should set bit 29 in power management driver register.
1475 */
1476 EEPRO100State *s = opaque;
1477 uint16_t rfd_status = 0xa000;
1478 static const uint8_t broadcast_macaddr[6] =
1479 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
1480
1481 /* TODO: check multiple IA bit. */
1482 assert(!(s->configuration[20] & BIT(6)));
1483
1484 if (s->configuration[8] & 0x80) {
1485 /* CSMA is disabled. */
1486 logout("%p received while CSMA is disabled\n", s);
1487 return;
1488 } else if (size < 64 && (s->configuration[7] & 1)) {
1489 /* Short frame and configuration byte 7/0 (discard short receive) set:
1490 * Short frame is discarded */
1491 logout("%p received short frame (%d byte)\n", s, size);
1492 s->statistics.rx_short_frame_errors++;
1493 //~ return;
1494 } else if ((size > MAX_ETH_FRAME_SIZE + 4) && !(s->configuration[18] & 8)) {
1495 /* Long frame and configuration byte 18/3 (long receive ok) not set:
1496 * Long frames are discarded. */
1497 logout("%p received long frame (%d byte), ignored\n", s, size);
1498 return;
1499 } else if (memcmp(buf, s->macaddr, 6) == 0) { // !!!
1500 /* Frame matches individual address. */
1501 /* TODO: check configuration byte 15/4 (ignore U/L). */
1502 logout("%p received frame for me, len=%d\n", s, size);
1503 } else if (memcmp(buf, broadcast_macaddr, 6) == 0) {
1504 /* Broadcast frame. */
1505 logout("%p received broadcast, len=%d\n", s, size);
1506 rfd_status |= 0x0002;
1507 } else if (buf[0] & 0x01) { // !!!
1508 /* Multicast frame. */
1509 logout("%p received multicast, len=%d\n", s, size);
1510 /* TODO: check multicast all bit. */
1511 assert(!(s->configuration[21] & BIT(3)));
1512 int mcast_idx = compute_mcast_idx(buf);
1513 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7)))) {
1514 return;
1515 }
1516 rfd_status |= 0x0002;
1517 } else if (s->configuration[15] & 1) {
1518 /* Promiscuous: receive all. */
1519 logout("%p received frame in promiscuous mode, len=%d\n", s, size);
1520 rfd_status |= 0x0004;
1521 } else {
1522 logout("%p received frame, ignored, len=%d,%s\n", s, size,
1523 nic_dump(buf, size));
1524 return;
1525 }
1526
1527 if (get_ru_state(s) != ru_ready) {
1528 /* No ressources available. */
1529 logout("no ressources, state=%u\n", get_ru_state(s));
1530 s->statistics.rx_resource_errors++;
1531 //~ assert(!"no ressources");
1532 return;
1533 }
1534 //~ !!!
1535 //~ $3 = {status = 0x0, command = 0xc000, link = 0x2d220, rx_buf_addr = 0x207dc, count = 0x0, size = 0x5f8, packet = {0x0 <repeats 1518 times>}}
1536 eepro100_rx_t rx;
1537 cpu_physical_memory_read(s->ru_base + s->ru_offset, (uint8_t *) & rx,
1538 offsetof(eepro100_rx_t, packet));
1539 uint16_t rfd_command = le16_to_cpu(rx.command);
1540 uint16_t rfd_size = le16_to_cpu(rx.size);
1541 assert(size <= rfd_size);
1542 if (size < 64) {
1543 rfd_status |= 0x0080;
1544 }
1545 logout("command 0x%04x, link 0x%08x, addr 0x%08x, size %u\n", rfd_command,
1546 rx.link, rx.rx_buf_addr, rfd_size);
1547 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, status),
1548 rfd_status);
1549 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, count), size);
1550 /* Early receive interrupt not supported. */
1551 //~ eepro100_er_interrupt(s);
1552 /* Receive CRC Transfer not supported. */
1553 assert(!(s->configuration[18] & 4));
1554 /* TODO: check stripping enable bit. */
1555 //~ assert(!(s->configuration[17] & 1));
1556 cpu_physical_memory_write(s->ru_base + s->ru_offset +
1557 offsetof(eepro100_rx_t, packet), buf, size);
1558 s->statistics.rx_good_frames++;
1559 eepro100_fr_interrupt(s);
1560 s->ru_offset = le32_to_cpu(rx.link);
1561 if (rfd_command & 0x8000) {
1562 /* EL bit is set, so this was the last frame. */
1563 assert(0);
1564 }
1565 if (rfd_command & 0x4000) {
1566 /* S bit is set. */
1567 set_ru_state(s, ru_suspended);
1568 }
1569 }
1570
1571 static int nic_load(QEMUFile * f, void *opaque, int version_id)
1572 {
1573 EEPRO100State *s = (EEPRO100State *) opaque;
1574 int i;
1575 int ret;
1576
1577 if (version_id > 3)
1578 return -EINVAL;
1579
1580 if (s->pci_dev && version_id >= 3) {
1581 ret = pci_device_load(s->pci_dev, f);
1582 if (ret < 0)
1583 return ret;
1584 }
1585
1586 if (version_id >= 2) {
1587 qemu_get_8s(f, &s->rxcr);
1588 } else {
1589 s->rxcr = 0x0c;
1590 }
1591
1592 qemu_get_8s(f, &s->cmd);
1593 qemu_get_be32s(f, &s->start);
1594 qemu_get_be32s(f, &s->stop);
1595 qemu_get_8s(f, &s->boundary);
1596 qemu_get_8s(f, &s->tsr);
1597 qemu_get_8s(f, &s->tpsr);
1598 qemu_get_be16s(f, &s->tcnt);
1599 qemu_get_be16s(f, &s->rcnt);
1600 qemu_get_be32s(f, &s->rsar);
1601 qemu_get_8s(f, &s->rsr);
1602 qemu_get_8s(f, &s->isr);
1603 qemu_get_8s(f, &s->dcfg);
1604 qemu_get_8s(f, &s->imr);
1605 qemu_get_buffer(f, s->phys, 6);
1606 qemu_get_8s(f, &s->curpag);
1607 qemu_get_buffer(f, s->mult, 8);
1608 qemu_get_buffer(f, s->mem, sizeof(s->mem));
1609
1610 /* Restore all members of struct between scv_stat and mem */
1611 qemu_get_8s(f, &s->scb_stat);
1612 qemu_get_8s(f, &s->int_stat);
1613 for (i = 0; i < 3; i++)
1614 qemu_get_be32s(f, &s->region[i]);
1615 qemu_get_buffer(f, s->macaddr, 6);
1616 for (i = 0; i < 19; i++)
1617 qemu_get_be32s(f, &s->statcounter[i]);
1618 for (i = 0; i < 32; i++)
1619 qemu_get_be16s(f, &s->mdimem[i]);
1620 /* The eeprom should be saved and restored by its own routines */
1621 qemu_get_be32s(f, &s->device);
1622 qemu_get_be32s(f, &s->pointer);
1623 qemu_get_be32s(f, &s->cu_base);
1624 qemu_get_be32s(f, &s->cu_offset);
1625 qemu_get_be32s(f, &s->ru_base);
1626 qemu_get_be32s(f, &s->ru_offset);
1627 qemu_get_be32s(f, &s->statsaddr);
1628 /* Restore epro100_stats_t statistics */
1629 qemu_get_be32s(f, &s->statistics.tx_good_frames);
1630 qemu_get_be32s(f, &s->statistics.tx_max_collisions);
1631 qemu_get_be32s(f, &s->statistics.tx_late_collisions);
1632 qemu_get_be32s(f, &s->statistics.tx_underruns);
1633 qemu_get_be32s(f, &s->statistics.tx_lost_crs);
1634 qemu_get_be32s(f, &s->statistics.tx_deferred);
1635 qemu_get_be32s(f, &s->statistics.tx_single_collisions);
1636 qemu_get_be32s(f, &s->statistics.tx_multiple_collisions);
1637 qemu_get_be32s(f, &s->statistics.tx_total_collisions);
1638 qemu_get_be32s(f, &s->statistics.rx_good_frames);
1639 qemu_get_be32s(f, &s->statistics.rx_crc_errors);
1640 qemu_get_be32s(f, &s->statistics.rx_alignment_errors);
1641 qemu_get_be32s(f, &s->statistics.rx_resource_errors);
1642 qemu_get_be32s(f, &s->statistics.rx_overrun_errors);
1643 qemu_get_be32s(f, &s->statistics.rx_cdt_errors);
1644 qemu_get_be32s(f, &s->statistics.rx_short_frame_errors);
1645 qemu_get_be32s(f, &s->statistics.fc_xmt_pause);
1646 qemu_get_be32s(f, &s->statistics.fc_rcv_pause);
1647 qemu_get_be32s(f, &s->statistics.fc_rcv_unsupported);
1648 qemu_get_be16s(f, &s->statistics.xmt_tco_frames);
1649 qemu_get_be16s(f, &s->statistics.rcv_tco_frames);
1650 qemu_get_be32s(f, &s->statistics.complete);
1651 #if 0
1652 qemu_get_be16s(f, &s->status);
1653 #endif
1654
1655 /* Configuration bytes. */
1656 qemu_get_buffer(f, s->configuration, sizeof(s->configuration));
1657
1658 return 0;
1659 }
1660
1661 static void nic_save(QEMUFile * f, void *opaque)
1662 {
1663 EEPRO100State *s = (EEPRO100State *) opaque;
1664 int i;
1665
1666 if (s->pci_dev)
1667 pci_device_save(s->pci_dev, f);
1668
1669 qemu_put_8s(f, &s->rxcr);
1670
1671 qemu_put_8s(f, &s->cmd);
1672 qemu_put_be32s(f, &s->start);
1673 qemu_put_be32s(f, &s->stop);
1674 qemu_put_8s(f, &s->boundary);
1675 qemu_put_8s(f, &s->tsr);
1676 qemu_put_8s(f, &s->tpsr);
1677 qemu_put_be16s(f, &s->tcnt);
1678 qemu_put_be16s(f, &s->rcnt);
1679 qemu_put_be32s(f, &s->rsar);
1680 qemu_put_8s(f, &s->rsr);
1681 qemu_put_8s(f, &s->isr);
1682 qemu_put_8s(f, &s->dcfg);
1683 qemu_put_8s(f, &s->imr);
1684 qemu_put_buffer(f, s->phys, 6);
1685 qemu_put_8s(f, &s->curpag);
1686 qemu_put_buffer(f, s->mult, 8);
1687 qemu_put_buffer(f, s->mem, sizeof(s->mem));
1688
1689 /* Save all members of struct between scv_stat and mem */
1690 qemu_put_8s(f, &s->scb_stat);
1691 qemu_put_8s(f, &s->int_stat);
1692 for (i = 0; i < 3; i++)
1693 qemu_put_be32s(f, &s->region[i]);
1694 qemu_put_buffer(f, s->macaddr, 6);
1695 for (i = 0; i < 19; i++)
1696 qemu_put_be32s(f, &s->statcounter[i]);
1697 for (i = 0; i < 32; i++)
1698 qemu_put_be16s(f, &s->mdimem[i]);
1699 /* The eeprom should be saved and restored by its own routines */
1700 qemu_put_be32s(f, &s->device);
1701 qemu_put_be32s(f, &s->pointer);
1702 qemu_put_be32s(f, &s->cu_base);
1703 qemu_put_be32s(f, &s->cu_offset);
1704 qemu_put_be32s(f, &s->ru_base);
1705 qemu_put_be32s(f, &s->ru_offset);
1706 qemu_put_be32s(f, &s->statsaddr);
1707 /* Save epro100_stats_t statistics */
1708 qemu_put_be32s(f, &s->statistics.tx_good_frames);
1709 qemu_put_be32s(f, &s->statistics.tx_max_collisions);
1710 qemu_put_be32s(f, &s->statistics.tx_late_collisions);
1711 qemu_put_be32s(f, &s->statistics.tx_underruns);
1712 qemu_put_be32s(f, &s->statistics.tx_lost_crs);
1713 qemu_put_be32s(f, &s->statistics.tx_deferred);
1714 qemu_put_be32s(f, &s->statistics.tx_single_collisions);
1715 qemu_put_be32s(f, &s->statistics.tx_multiple_collisions);
1716 qemu_put_be32s(f, &s->statistics.tx_total_collisions);
1717 qemu_put_be32s(f, &s->statistics.rx_good_frames);
1718 qemu_put_be32s(f, &s->statistics.rx_crc_errors);
1719 qemu_put_be32s(f, &s->statistics.rx_alignment_errors);
1720 qemu_put_be32s(f, &s->statistics.rx_resource_errors);
1721 qemu_put_be32s(f, &s->statistics.rx_overrun_errors);
1722 qemu_put_be32s(f, &s->statistics.rx_cdt_errors);
1723 qemu_put_be32s(f, &s->statistics.rx_short_frame_errors);
1724 qemu_put_be32s(f, &s->statistics.fc_xmt_pause);
1725 qemu_put_be32s(f, &s->statistics.fc_rcv_pause);
1726 qemu_put_be32s(f, &s->statistics.fc_rcv_unsupported);
1727 qemu_put_be16s(f, &s->statistics.xmt_tco_frames);
1728 qemu_put_be16s(f, &s->statistics.rcv_tco_frames);
1729 qemu_put_be32s(f, &s->statistics.complete);
1730 #if 0
1731 qemu_put_be16s(f, &s->status);
1732 #endif
1733
1734 /* Configuration bytes. */
1735 qemu_put_buffer(f, s->configuration, sizeof(s->configuration));
1736 }
1737
1738 static void nic_init(PCIBus * bus, NICInfo * nd,
1739 const char *name, uint32_t device)
1740 {
1741 PCIEEPRO100State *d;
1742 EEPRO100State *s;
1743
1744 logout("\n");
1745
1746 d = (PCIEEPRO100State *) pci_register_device(bus, name,
1747 sizeof(PCIEEPRO100State), -1,
1748 NULL, NULL);
1749
1750 s = &d->eepro100;
1751 s->device = device;
1752 s->pci_dev = &d->dev;
1753
1754 pci_reset(s);
1755
1756 /* Add 64 * 2 EEPROM. i82557 and i82558 support a 64 word EEPROM,
1757 * i82559 and later support 64 or 256 word EEPROM. */
1758 s->eeprom = eeprom93xx_new(EEPROM_SIZE);
1759
1760 /* Handler for memory-mapped I/O */
1761 d->eepro100.mmio_index =
1762 cpu_register_io_memory(0, pci_mmio_read, pci_mmio_write, s);
1763
1764 pci_register_io_region(&d->dev, 0, PCI_MEM_SIZE,
1765 PCI_ADDRESS_SPACE_MEM |
1766 PCI_ADDRESS_SPACE_MEM_PREFETCH, pci_mmio_map);
1767 pci_register_io_region(&d->dev, 1, PCI_IO_SIZE, PCI_ADDRESS_SPACE_IO,
1768 pci_map);
1769 pci_register_io_region(&d->dev, 2, PCI_FLASH_SIZE, PCI_ADDRESS_SPACE_MEM,
1770 pci_mmio_map);
1771
1772 memcpy(s->macaddr, nd->macaddr, 6);
1773 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
1774 assert(s->region[1] == 0);
1775
1776 nic_reset(s);
1777
1778 s->vc = qemu_new_vlan_client(nd->vlan, nic_receive, nic_can_receive, s);
1779
1780 snprintf(s->vc->info_str, sizeof(s->vc->info_str),
1781 "eepro100 pci macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
1782 s->macaddr[0],
1783 s->macaddr[1],
1784 s->macaddr[2], s->macaddr[3], s->macaddr[4], s->macaddr[5]);
1785
1786 qemu_register_reset(nic_reset, s);
1787
1788 /* XXX: instance number ? */
1789 register_savevm(name, 0, 3, nic_save, nic_load, s);
1790 }
1791
1792 void pci_i82551_init(PCIBus * bus, NICInfo * nd, int devfn)
1793 {
1794 nic_init(bus, nd, "i82551", i82551);
1795 //~ uint8_t *pci_conf = d->dev.config;
1796 }
1797
1798 void pci_i82557b_init(PCIBus * bus, NICInfo * nd, int devfn)
1799 {
1800 nic_init(bus, nd, "i82557b", i82557B);
1801 }
1802
1803 void pci_i82559er_init(PCIBus * bus, NICInfo * nd, int devfn)
1804 {
1805 nic_init(bus, nd, "i82559er", i82559ER);
1806 }
1807
1808 /* eof */
Random branches for QEmu