search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix configurations with more than 4GB of memory
[qemu-kvm/fedora.git] / hw / eepro100.c
blob975aeb1727bb5bffb29ee899eb352ca97c0a7d6b
1 /*
2 * QEMU i8255x (PRO100) emulation
3 *
4 * Copyright (c) 2006-2007 Stefan Weil
5 *
6 * Portions of the code are copies from grub / etherboot eepro100.c
7 * and linux e100.c.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22 *
23 * Tested features (i82559):
24 * PXE boot (i386) no valid link
25 * Linux networking (i386) ok
26 *
27 * Untested:
28 * non-i386 platforms
29 * Windows networking
30 *
31 * References:
32 *
33 * Intel 8255x 10/100 Mbps Ethernet Controller Family
34 * Open Source Software Developer Manual
35 */
36
37 #if defined(TARGET_I386)
38 # warning "PXE boot still not working!"
39 #endif
40
41 #include <assert.h>
42 #include <stddef.h> /* offsetof */
43 #include "vl.h"
44 #include "eeprom93xx.h"
45
46 /* Common declarations for all PCI devices. */
47
48 #define PCI_VENDOR_ID 0x00 /* 16 bits */
49 #define PCI_DEVICE_ID 0x02 /* 16 bits */
50 #define PCI_COMMAND 0x04 /* 16 bits */
51 #define PCI_STATUS 0x06 /* 16 bits */
52
53 #define PCI_REVISION_ID 0x08 /* 8 bits */
54 #define PCI_CLASS_CODE 0x0b /* 8 bits */
55 #define PCI_SUBCLASS_CODE 0x0a /* 8 bits */
56 #define PCI_HEADER_TYPE 0x0e /* 8 bits */
57
58 #define PCI_BASE_ADDRESS_0 0x10 /* 32 bits */
59 #define PCI_BASE_ADDRESS_1 0x14 /* 32 bits */
60 #define PCI_BASE_ADDRESS_2 0x18 /* 32 bits */
61 #define PCI_BASE_ADDRESS_3 0x1c /* 32 bits */
62 #define PCI_BASE_ADDRESS_4 0x20 /* 32 bits */
63 #define PCI_BASE_ADDRESS_5 0x24 /* 32 bits */
64
65 #define PCI_CONFIG_8(offset, value) \
66 (pci_conf[offset] = (value))
67 #define PCI_CONFIG_16(offset, value) \
68 (*(uint16_t *)&pci_conf[offset] = cpu_to_le16(value))
69 #define PCI_CONFIG_32(offset, value) \
70 (*(uint32_t *)&pci_conf[offset] = cpu_to_le32(value))
71
72 #define KiB 1024
73
74 /* debug EEPRO100 card */
75 //~ #define DEBUG_EEPRO100
76
77 #ifdef DEBUG_EEPRO100
78 #define logout(fmt, args...) fprintf(stderr, "EE100\t%-24s" fmt, __func__, ##args)
79 #else
80 #define logout(fmt, args...) ((void)0)
81 #endif
82
83 /* Set flags to 0 to disable debug output. */
84 #define MDI 0
85
86 #define TRACE(flag, command) ((flag) ? (command) : (void)0)
87
88 #define missing(text) assert(!"feature is missing in this emulation: " text)
89
90 #define MAX_ETH_FRAME_SIZE 1514
91
92 /* This driver supports several different devices which are declared here. */
93 #define i82551 0x82551
94 #define i82557B 0x82557b
95 #define i82557C 0x82557c
96 #define i82558B 0x82558b
97 #define i82559C 0x82559c
98 #define i82559ER 0x82559e
99 #define i82562 0x82562
100
101 #define EEPROM_SIZE 64
102
103 #define PCI_MEM_SIZE (4 * KiB)
104 #define PCI_IO_SIZE 64
105 #define PCI_FLASH_SIZE (128 * KiB)
106
107 #define BIT(n) (1 << (n))
108 #define BITS(n, m) (((0xffffffffU << (31 - n)) >> (31 - n + m)) << m)
109
110 /* The SCB accepts the following controls for the Tx and Rx units: */
111 #define CU_NOP 0x0000 /* No operation. */
112 #define CU_START 0x0010 /* CU start. */
113 #define CU_RESUME 0x0020 /* CU resume. */
114 #define CU_STATSADDR 0x0040 /* Load dump counters address. */
115 #define CU_SHOWSTATS 0x0050 /* Dump statistical counters. */
116 #define CU_CMD_BASE 0x0060 /* Load CU base address. */
117 #define CU_DUMPSTATS 0x0070 /* Dump and reset statistical counters. */
118 #define CU_SRESUME 0x00a0 /* CU static resume. */
119
120 #define RU_NOP 0x0000
121 #define RX_START 0x0001
122 #define RX_RESUME 0x0002
123 #define RX_ABORT 0x0004
124 #define RX_ADDR_LOAD 0x0006
125 #define RX_RESUMENR 0x0007
126 #define INT_MASK 0x0100
127 #define DRVR_INT 0x0200 /* Driver generated interrupt. */
128
129 typedef unsigned char bool;
130
131 /* Offsets to the various registers.
132 All accesses need not be longword aligned. */
133 enum speedo_offsets {
134 SCBStatus = 0,
135 SCBAck = 1,
136 SCBCmd = 2, /* Rx/Command Unit command and status. */
137 SCBIntmask = 3,
138 SCBPointer = 4, /* General purpose pointer. */
139 SCBPort = 8, /* Misc. commands and operands. */
140 SCBflash = 12, SCBeeprom = 14, /* EEPROM and flash memory control. */
141 SCBCtrlMDI = 16, /* MDI interface control. */
142 SCBEarlyRx = 20, /* Early receive byte count. */
143 SCBFlow = 24,
144 };
145
146 /* A speedo3 transmit buffer descriptor with two buffers... */
147 typedef struct {
148 uint16_t status;
149 uint16_t command;
150 uint32_t link; /* void * */
151 uint32_t tx_desc_addr; /* transmit buffer decsriptor array address. */
152 uint16_t tcb_bytes; /* transmit command block byte count (in lower 14 bits */
153 uint8_t tx_threshold; /* transmit threshold */
154 uint8_t tbd_count; /* TBD number */
155 //~ /* This constitutes two "TBD" entries: hdr and data */
156 //~ uint32_t tx_buf_addr0; /* void *, header of frame to be transmitted. */
157 //~ int32_t tx_buf_size0; /* Length of Tx hdr. */
158 //~ uint32_t tx_buf_addr1; /* void *, data to be transmitted. */
159 //~ int32_t tx_buf_size1; /* Length of Tx data. */
160 } eepro100_tx_t;
161
162 /* Receive frame descriptor. */
163 typedef struct {
164 int16_t status;
165 uint16_t command;
166 uint32_t link; /* struct RxFD * */
167 uint32_t rx_buf_addr; /* void * */
168 uint16_t count;
169 uint16_t size;
170 char packet[MAX_ETH_FRAME_SIZE + 4];
171 } eepro100_rx_t;
172
173 typedef struct {
174 uint32_t tx_good_frames, tx_max_collisions, tx_late_collisions,
175 tx_underruns, tx_lost_crs, tx_deferred, tx_single_collisions,
176 tx_multiple_collisions, tx_total_collisions;
177 uint32_t rx_good_frames, rx_crc_errors, rx_alignment_errors,
178 rx_resource_errors, rx_overrun_errors, rx_cdt_errors,
179 rx_short_frame_errors;
180 uint32_t fc_xmt_pause, fc_rcv_pause, fc_rcv_unsupported;
181 uint16_t xmt_tco_frames, rcv_tco_frames;
182 uint32_t complete;
183 } eepro100_stats_t;
184
185 typedef enum {
186 cu_idle = 0,
187 cu_suspended = 1,
188 cu_active = 2,
189 cu_lpq_active = 2,
190 cu_hqp_active = 3
191 } cu_state_t;
192
193 typedef enum {
194 ru_idle = 0,
195 ru_suspended = 1,
196 ru_no_resources = 2,
197 ru_ready = 4
198 } ru_state_t;
199
200 #if defined(__BIG_ENDIAN_BITFIELD)
201 #define X(a,b) b,a
202 #else
203 #define X(a,b) a,b
204 #endif
205
206 typedef struct {
207 #if 1
208 uint8_t cmd;
209 uint32_t start;
210 uint32_t stop;
211 uint8_t boundary;
212 uint8_t tsr;
213 uint8_t tpsr;
214 uint16_t tcnt;
215 uint16_t rcnt;
216 uint32_t rsar;
217 uint8_t rsr;
218 uint8_t rxcr;
219 uint8_t isr;
220 uint8_t dcfg;
221 uint8_t imr;
222 uint8_t phys[6]; /* mac address */
223 uint8_t curpag;
224 uint8_t mult[8]; /* multicast mask array */
225 int mmio_index;
226 PCIDevice *pci_dev;
227 VLANClientState *vc;
228 #endif
229 uint8_t scb_stat; /* SCB stat/ack byte */
230 uint8_t int_stat; /* PCI interrupt status */
231 uint32_t region[3]; /* PCI region addresses */
232 uint8_t macaddr[6];
233 uint32_t statcounter[19];
234 uint16_t mdimem[32];
235 eeprom_t *eeprom;
236 uint32_t device; /* device variant */
237 uint32_t pointer;
238 /* (cu_base + cu_offset) address the next command block in the command block list. */
239 uint32_t cu_base; /* CU base address */
240 uint32_t cu_offset; /* CU address offset */
241 /* (ru_base + ru_offset) address the RFD in the Receive Frame Area. */
242 uint32_t ru_base; /* RU base address */
243 uint32_t ru_offset; /* RU address offset */
244 uint32_t statsaddr; /* pointer to eepro100_stats_t */
245 eepro100_stats_t statistics; /* statistical counters */
246 #if 0
247 uint16_t status;
248 #endif
249
250 /* Configuration bytes. */
251 uint8_t configuration[22];
252
253 /* Data in mem is always in the byte order of the controller (le). */
254 uint8_t mem[PCI_MEM_SIZE];
255 } EEPRO100State;
256
257 /* Default values for MDI (PHY) registers */
258 static const uint16_t eepro100_mdi_default[] = {
259 /* MDI Registers 0 - 6, 7 */
260 0x3000, 0x780d, 0x02a8, 0x0154, 0x05e1, 0x0000, 0x0000, 0x0000,
261 /* MDI Registers 8 - 15 */
262 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
263 /* MDI Registers 16 - 31 */
264 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
265 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
266 };
267
268 /* Readonly mask for MDI (PHY) registers */
269 static const uint16_t eepro100_mdi_mask[] = {
270 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000,
271 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
272 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
273 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
274 };
275
276 #define POLYNOMIAL 0x04c11db6
277
278 /* From FreeBSD */
279 /* XXX: optimize */
280 static int compute_mcast_idx(const uint8_t * ep)
281 {
282 uint32_t crc;
283 int carry, i, j;
284 uint8_t b;
285
286 crc = 0xffffffff;
287 for (i = 0; i < 6; i++) {
288 b = *ep++;
289 for (j = 0; j < 8; j++) {
290 carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
291 crc <<= 1;
292 b >>= 1;
293 if (carry)
294 crc = ((crc ^ POLYNOMIAL) | carry);
295 }
296 }
297 return (crc >> 26);
298 }
299
300 #if defined(DEBUG_EEPRO100)
301 static const char *nic_dump(const uint8_t * buf, unsigned size)
302 {
303 static char dump[3 * 16 + 1];
304 char *p = &dump[0];
305 if (size > 16)
306 size = 16;
307 while (size-- > 0) {
308 p += sprintf(p, " %02x", *buf++);
309 }
310 return dump;
311 }
312 #endif /* DEBUG_EEPRO100 */
313
314 enum scb_stat_ack {
315 stat_ack_not_ours = 0x00,
316 stat_ack_sw_gen = 0x04,
317 stat_ack_rnr = 0x10,
318 stat_ack_cu_idle = 0x20,
319 stat_ack_frame_rx = 0x40,
320 stat_ack_cu_cmd_done = 0x80,
321 stat_ack_not_present = 0xFF,
322 stat_ack_rx = (stat_ack_sw_gen | stat_ack_rnr | stat_ack_frame_rx),
323 stat_ack_tx = (stat_ack_cu_idle | stat_ack_cu_cmd_done),
324 };
325
326 static void disable_interrupt(EEPRO100State * s)
327 {
328 if (s->int_stat) {
329 logout("interrupt disabled\n");
330 qemu_irq_lower(s->pci_dev->irq[0]);
331 s->int_stat = 0;
332 }
333 }
334
335 static void enable_interrupt(EEPRO100State * s)
336 {
337 if (!s->int_stat) {
338 logout("interrupt enabled\n");
339 qemu_irq_raise(s->pci_dev->irq[0]);
340 s->int_stat = 1;
341 }
342 }
343
344 static void eepro100_acknowledge(EEPRO100State * s)
345 {
346 s->scb_stat &= ~s->mem[SCBAck];
347 s->mem[SCBAck] = s->scb_stat;
348 if (s->scb_stat == 0) {
349 disable_interrupt(s);
350 }
351 }
352
353 static void eepro100_interrupt(EEPRO100State * s, uint8_t stat)
354 {
355 uint8_t mask = ~s->mem[SCBIntmask];
356 s->mem[SCBAck] |= stat;
357 stat = s->scb_stat = s->mem[SCBAck];
358 stat &= (mask | 0x0f);
359 //~ stat &= (~s->mem[SCBIntmask] | 0x0xf);
360 if (stat && (mask & 0x01)) {
361 /* SCB mask and SCB Bit M do not disable interrupt. */
362 enable_interrupt(s);
363 } else if (s->int_stat) {
364 disable_interrupt(s);
365 }
366 }
367
368 static void eepro100_cx_interrupt(EEPRO100State * s)
369 {
370 /* CU completed action command. */
371 /* Transmit not ok (82557 only, not in emulation). */
372 eepro100_interrupt(s, 0x80);
373 }
374
375 static void eepro100_cna_interrupt(EEPRO100State * s)
376 {
377 /* CU left the active state. */
378 eepro100_interrupt(s, 0x20);
379 }
380
381 static void eepro100_fr_interrupt(EEPRO100State * s)
382 {
383 /* RU received a complete frame. */
384 eepro100_interrupt(s, 0x40);
385 }
386
387 #if 0
388 static void eepro100_rnr_interrupt(EEPRO100State * s)
389 {
390 /* RU is not ready. */
391 eepro100_interrupt(s, 0x10);
392 }
393 #endif
394
395 static void eepro100_mdi_interrupt(EEPRO100State * s)
396 {
397 /* MDI completed read or write cycle. */
398 eepro100_interrupt(s, 0x08);
399 }
400
401 static void eepro100_swi_interrupt(EEPRO100State * s)
402 {
403 /* Software has requested an interrupt. */
404 eepro100_interrupt(s, 0x04);
405 }
406
407 #if 0
408 static void eepro100_fcp_interrupt(EEPRO100State * s)
409 {
410 /* Flow control pause interrupt (82558 and later). */
411 eepro100_interrupt(s, 0x01);
412 }
413 #endif
414
415 static void pci_reset(EEPRO100State * s)
416 {
417 uint32_t device = s->device;
418 uint8_t *pci_conf = s->pci_dev->config;
419
420 logout("%p\n", s);
421
422 /* PCI Vendor ID */
423 PCI_CONFIG_16(PCI_VENDOR_ID, 0x8086);
424 /* PCI Device ID */
425 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
426 /* PCI Command */
427 PCI_CONFIG_16(PCI_COMMAND, 0x0000);
428 /* PCI Status */
429 PCI_CONFIG_16(PCI_STATUS, 0x2800);
430 /* PCI Revision ID */
431 PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
432 /* PCI Class Code */
433 PCI_CONFIG_8(0x09, 0x00);
434 PCI_CONFIG_8(PCI_SUBCLASS_CODE, 0x00); // ethernet network controller
435 PCI_CONFIG_8(PCI_CLASS_CODE, 0x02); // network controller
436 /* PCI Cache Line Size */
437 /* check cache line size!!! */
438 //~ PCI_CONFIG_8(0x0c, 0x00);
439 /* PCI Latency Timer */
440 PCI_CONFIG_8(0x0d, 0x20); // latency timer = 32 clocks
441 /* PCI Header Type */
442 /* BIST (built-in self test) */
443 #if defined(TARGET_I386)
444 // !!! workaround for buggy bios
445 //~ #define PCI_ADDRESS_SPACE_MEM_PREFETCH 0
446 #endif
447 #if 0
448 /* PCI Base Address Registers */
449 /* CSR Memory Mapped Base Address */
450 PCI_CONFIG_32(PCI_BASE_ADDRESS_0,
451 PCI_ADDRESS_SPACE_MEM | PCI_ADDRESS_SPACE_MEM_PREFETCH);
452 /* CSR I/O Mapped Base Address */
453 PCI_CONFIG_32(PCI_BASE_ADDRESS_1, PCI_ADDRESS_SPACE_IO);
454 #if 0
455 /* Flash Memory Mapped Base Address */
456 PCI_CONFIG_32(PCI_BASE_ADDRESS_2, 0xfffe0000 | PCI_ADDRESS_SPACE_MEM);
457 #endif
458 #endif
459 /* Expansion ROM Base Address (depends on boot disable!!!) */
460 PCI_CONFIG_32(0x30, 0x00000000);
461 /* Capability Pointer */
462 PCI_CONFIG_8(0x34, 0xdc);
463 /* Interrupt Pin */
464 PCI_CONFIG_8(0x3d, 1); // interrupt pin 0
465 /* Minimum Grant */
466 PCI_CONFIG_8(0x3e, 0x08);
467 /* Maximum Latency */
468 PCI_CONFIG_8(0x3f, 0x18);
469 /* Power Management Capabilities / Next Item Pointer / Capability ID */
470 PCI_CONFIG_32(0xdc, 0x7e210001);
471
472 switch (device) {
473 case i82551:
474 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
475 PCI_CONFIG_8(PCI_REVISION_ID, 0x0f);
476 break;
477 case i82557B:
478 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
479 PCI_CONFIG_8(PCI_REVISION_ID, 0x02);
480 break;
481 case i82557C:
482 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
483 PCI_CONFIG_8(PCI_REVISION_ID, 0x03);
484 break;
485 case i82558B:
486 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
487 PCI_CONFIG_16(PCI_STATUS, 0x2810);
488 PCI_CONFIG_8(PCI_REVISION_ID, 0x05);
489 break;
490 case i82559C:
491 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
492 PCI_CONFIG_16(PCI_STATUS, 0x2810);
493 //~ PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
494 break;
495 case i82559ER:
496 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
497 PCI_CONFIG_16(PCI_STATUS, 0x2810);
498 PCI_CONFIG_8(PCI_REVISION_ID, 0x09);
499 break;
500 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1029);
501 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1030); /* 82559 InBusiness 10/100 */
502 default:
503 logout("Device %X is undefined!\n", device);
504 }
505
506 if (device == i82557C || device == i82558B || device == i82559C) {
507 logout("Get device id and revision from EEPROM!!!\n");
508 }
509 }
510
511 static void nic_selective_reset(EEPRO100State * s)
512 {
513 size_t i;
514 uint16_t *eeprom_contents = eeprom93xx_data(s->eeprom);
515 //~ eeprom93xx_reset(s->eeprom);
516 memcpy(eeprom_contents, s->macaddr, 6);
517 eeprom_contents[0xa] = 0x4000;
518 uint16_t sum = 0;
519 for (i = 0; i < EEPROM_SIZE - 1; i++) {
520 sum += eeprom_contents[i];
521 }
522 eeprom_contents[EEPROM_SIZE - 1] = 0xbaba - sum;
523
524 memset(s->mem, 0, sizeof(s->mem));
525 uint32_t val = BIT(21);
526 memcpy(&s->mem[SCBCtrlMDI], &val, sizeof(val));
527
528 assert(sizeof(s->mdimem) == sizeof(eepro100_mdi_default));
529 memcpy(&s->mdimem[0], &eepro100_mdi_default[0], sizeof(s->mdimem));
530 }
531
532 static void nic_reset(void *opaque)
533 {
534 EEPRO100State *s = (EEPRO100State *) opaque;
535 logout("%p\n", s);
536 static int first;
537 if (!first) {
538 first = 1;
539 }
540 nic_selective_reset(s);
541 }
542
543 #if defined(DEBUG_EEPRO100)
544 static const char *reg[PCI_IO_SIZE / 4] = {
545 "Command/Status",
546 "General Pointer",
547 "Port",
548 "EEPROM/Flash Control",
549 "MDI Control",
550 "Receive DMA Byte Count",
551 "Flow control register",
552 "General Status/Control"
553 };
554
555 static char *regname(uint32_t addr)
556 {
557 static char buf[16];
558 if (addr < PCI_IO_SIZE) {
559 const char *r = reg[addr / 4];
560 if (r != 0) {
561 sprintf(buf, "%s+%u", r, addr % 4);
562 } else {
563 sprintf(buf, "0x%02x", addr);
564 }
565 } else {
566 sprintf(buf, "??? 0x%08x", addr);
567 }
568 return buf;
569 }
570 #endif /* DEBUG_EEPRO100 */
571
572 #if 0
573 static uint16_t eepro100_read_status(EEPRO100State * s)
574 {
575 uint16_t val = s->status;
576 logout("val=0x%04x\n", val);
577 return val;
578 }
579
580 static void eepro100_write_status(EEPRO100State * s, uint16_t val)
581 {
582 logout("val=0x%04x\n", val);
583 s->status = val;
584 }
585 #endif
586
587 /*****************************************************************************
588 *
589 * Command emulation.
590 *
591 ****************************************************************************/
592
593 #if 0
594 static uint16_t eepro100_read_command(EEPRO100State * s)
595 {
596 uint16_t val = 0xffff;
597 //~ logout("val=0x%04x\n", val);
598 return val;
599 }
600 #endif
601
602 /* Commands that can be put in a command list entry. */
603 enum commands {
604 CmdNOp = 0,
605 CmdIASetup = 1,
606 CmdConfigure = 2,
607 CmdMulticastList = 3,
608 CmdTx = 4,
609 CmdTDR = 5, /* load microcode */
610 CmdDump = 6,
611 CmdDiagnose = 7,
612
613 /* And some extra flags: */
614 CmdSuspend = 0x4000, /* Suspend after completion. */
615 CmdIntr = 0x2000, /* Interrupt after completion. */
616 CmdTxFlex = 0x0008, /* Use "Flexible mode" for CmdTx command. */
617 };
618
619 static cu_state_t get_cu_state(EEPRO100State * s)
620 {
621 return ((s->mem[SCBStatus] >> 6) & 0x03);
622 }
623
624 static void set_cu_state(EEPRO100State * s, cu_state_t state)
625 {
626 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0x3f) + (state << 6);
627 }
628
629 static ru_state_t get_ru_state(EEPRO100State * s)
630 {
631 return ((s->mem[SCBStatus] >> 2) & 0x0f);
632 }
633
634 static void set_ru_state(EEPRO100State * s, ru_state_t state)
635 {
636 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0xc3) + (state << 2);
637 }
638
639 static void dump_statistics(EEPRO100State * s)
640 {
641 /* Dump statistical data. Most data is never changed by the emulation
642 * and always 0, so we first just copy the whole block and then those
643 * values which really matter.
644 * Number of data should check configuration!!!
645 */
646 cpu_physical_memory_write(s->statsaddr, (uint8_t *) & s->statistics, 64);
647 stl_phys(s->statsaddr + 0, s->statistics.tx_good_frames);
648 stl_phys(s->statsaddr + 36, s->statistics.rx_good_frames);
649 stl_phys(s->statsaddr + 48, s->statistics.rx_resource_errors);
650 stl_phys(s->statsaddr + 60, s->statistics.rx_short_frame_errors);
651 //~ stw_phys(s->statsaddr + 76, s->statistics.xmt_tco_frames);
652 //~ stw_phys(s->statsaddr + 78, s->statistics.rcv_tco_frames);
653 //~ missing("CU dump statistical counters");
654 }
655
656 static void eepro100_cu_command(EEPRO100State * s, uint8_t val)
657 {
658 eepro100_tx_t tx;
659 uint32_t cb_address;
660 switch (val) {
661 case CU_NOP:
662 /* No operation. */
663 break;
664 case CU_START:
665 if (get_cu_state(s) != cu_idle) {
666 /* Intel documentation says that CU must be idle for the CU
667 * start command. Intel driver for Linux also starts the CU
668 * from suspended state. */
669 logout("CU state is %u, should be %u\n", get_cu_state(s), cu_idle);
670 //~ assert(!"wrong CU state");
671 }
672 set_cu_state(s, cu_active);
673 s->cu_offset = s->pointer;
674 next_command:
675 cb_address = s->cu_base + s->cu_offset;
676 cpu_physical_memory_read(cb_address, (uint8_t *) & tx, sizeof(tx));
677 uint16_t status = le16_to_cpu(tx.status);
678 uint16_t command = le16_to_cpu(tx.command);
679 logout
680 ("val=0x%02x (cu start), status=0x%04x, command=0x%04x, link=0x%08x\n",
681 val, status, command, tx.link);
682 bool bit_el = ((command & 0x8000) != 0);
683 bool bit_s = ((command & 0x4000) != 0);
684 bool bit_i = ((command & 0x2000) != 0);
685 bool bit_nc = ((command & 0x0010) != 0);
686 //~ bool bit_sf = ((command & 0x0008) != 0);
687 uint16_t cmd = command & 0x0007;
688 s->cu_offset = le32_to_cpu(tx.link);
689 switch (cmd) {
690 case CmdNOp:
691 /* Do nothing. */
692 break;
693 case CmdIASetup:
694 cpu_physical_memory_read(cb_address + 8, &s->macaddr[0], 6);
695 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
696 break;
697 case CmdConfigure:
698 cpu_physical_memory_read(cb_address + 8, &s->configuration[0],
699 sizeof(s->configuration));
700 logout("configuration: %s\n", nic_dump(&s->configuration[0], 16));
701 break;
702 case CmdMulticastList:
703 //~ missing("multicast list");
704 break;
705 case CmdTx:
706 (void)0;
707 uint32_t tbd_array = le32_to_cpu(tx.tx_desc_addr);
708 uint16_t tcb_bytes = (le16_to_cpu(tx.tcb_bytes) & 0x3fff);
709 logout
710 ("transmit, TBD array address 0x%08x, TCB byte count 0x%04x, TBD count %u\n",
711 tbd_array, tcb_bytes, tx.tbd_count);
712 assert(!bit_nc);
713 //~ assert(!bit_sf);
714 assert(tcb_bytes <= 2600);
715 /* Next assertion fails for local configuration. */
716 //~ assert((tcb_bytes > 0) || (tbd_array != 0xffffffff));
717 if (!((tcb_bytes > 0) || (tbd_array != 0xffffffff))) {
718 logout
719 ("illegal values of TBD array address and TCB byte count!\n");
720 }
721 uint8_t buf[MAX_ETH_FRAME_SIZE + 4];
722 uint16_t size = 0;
723 uint32_t tbd_address = cb_address + 0x10;
724 assert(tcb_bytes <= sizeof(buf));
725 while (size < tcb_bytes) {
726 uint32_t tx_buffer_address = ldl_phys(tbd_address);
727 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
728 //~ uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
729 tbd_address += 8;
730 logout
731 ("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n",
732 tx_buffer_address, tx_buffer_size);
733 cpu_physical_memory_read(tx_buffer_address, &buf[size],
734 tx_buffer_size);
735 size += tx_buffer_size;
736 }
737 if (tbd_array == 0xffffffff) {
738 /* Simplified mode. Was already handled by code above. */
739 } else {
740 /* Flexible mode. */
741 uint8_t tbd_count = 0;
742 if (!(s->configuration[6] & BIT(4))) {
743 /* Extended TCB. */
744 assert(tcb_bytes == 0);
745 for (; tbd_count < 2; tbd_count++) {
746 uint32_t tx_buffer_address = ldl_phys(tbd_address);
747 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
748 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
749 tbd_address += 8;
750 logout
751 ("TBD (extended mode): buffer address 0x%08x, size 0x%04x\n",
752 tx_buffer_address, tx_buffer_size);
753 cpu_physical_memory_read(tx_buffer_address, &buf[size],
754 tx_buffer_size);
755 size += tx_buffer_size;
756 if (tx_buffer_el & 1) {
757 break;
758 }
759 }
760 }
761 tbd_address = tbd_array;
762 for (; tbd_count < tx.tbd_count; tbd_count++) {
763 uint32_t tx_buffer_address = ldl_phys(tbd_address);
764 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
765 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
766 tbd_address += 8;
767 logout
768 ("TBD (flexible mode): buffer address 0x%08x, size 0x%04x\n",
769 tx_buffer_address, tx_buffer_size);
770 cpu_physical_memory_read(tx_buffer_address, &buf[size],
771 tx_buffer_size);
772 size += tx_buffer_size;
773 if (tx_buffer_el & 1) {
774 break;
775 }
776 }
777 }
778 qemu_send_packet(s->vc, buf, size);
779 s->statistics.tx_good_frames++;
780 /* Transmit with bad status would raise an CX/TNO interrupt.
781 * (82557 only). Emulation never has bad status. */
782 //~ eepro100_cx_interrupt(s);
783 break;
784 case CmdTDR:
785 logout("load microcode\n");
786 /* Starting with offset 8, the command contains
787 * 64 dwords microcode which we just ignore here. */
788 break;
789 default:
790 missing("undefined command");
791 }
792 /* Write new status (success). */
793 stw_phys(cb_address, status | 0x8000 | 0x2000);
794 if (bit_i) {
795 /* CU completed action. */
796 eepro100_cx_interrupt(s);
797 }
798 if (bit_el) {
799 /* CU becomes idle. */
800 set_cu_state(s, cu_idle);
801 eepro100_cna_interrupt(s);
802 } else if (bit_s) {
803 /* CU becomes suspended. */
804 set_cu_state(s, cu_suspended);
805 eepro100_cna_interrupt(s);
806 } else {
807 /* More entries in list. */
808 logout("CU list with at least one more entry\n");
809 goto next_command;
810 }
811 logout("CU list empty\n");
812 /* List is empty. Now CU is idle or suspended. */
813 break;
814 case CU_RESUME:
815 if (get_cu_state(s) != cu_suspended) {
816 logout("bad CU resume from CU state %u\n", get_cu_state(s));
817 /* Workaround for bad Linux eepro100 driver which resumes
818 * from idle state. */
819 //~ missing("cu resume");
820 set_cu_state(s, cu_suspended);
821 }
822 if (get_cu_state(s) == cu_suspended) {
823 logout("CU resuming\n");
824 set_cu_state(s, cu_active);
825 goto next_command;
826 }
827 break;
828 case CU_STATSADDR:
829 /* Load dump counters address. */
830 s->statsaddr = s->pointer;
831 logout("val=0x%02x (status address)\n", val);
832 break;
833 case CU_SHOWSTATS:
834 /* Dump statistical counters. */
835 dump_statistics(s);
836 break;
837 case CU_CMD_BASE:
838 /* Load CU base. */
839 logout("val=0x%02x (CU base address)\n", val);
840 s->cu_base = s->pointer;
841 break;
842 case CU_DUMPSTATS:
843 /* Dump and reset statistical counters. */
844 dump_statistics(s);
845 memset(&s->statistics, 0, sizeof(s->statistics));
846 break;
847 case CU_SRESUME:
848 /* CU static resume. */
849 missing("CU static resume");
850 break;
851 default:
852 missing("Undefined CU command");
853 }
854 }
855
856 static void eepro100_ru_command(EEPRO100State * s, uint8_t val)
857 {
858 switch (val) {
859 case RU_NOP:
860 /* No operation. */
861 break;
862 case RX_START:
863 /* RU start. */
864 if (get_ru_state(s) != ru_idle) {
865 logout("RU state is %u, should be %u\n", get_ru_state(s), ru_idle);
866 //~ assert(!"wrong RU state");
867 }
868 set_ru_state(s, ru_ready);
869 s->ru_offset = s->pointer;
870 logout("val=0x%02x (rx start)\n", val);
871 break;
872 case RX_RESUME:
873 /* Restart RU. */
874 if (get_ru_state(s) != ru_suspended) {
875 logout("RU state is %u, should be %u\n", get_ru_state(s),
876 ru_suspended);
877 //~ assert(!"wrong RU state");
878 }
879 set_ru_state(s, ru_ready);
880 break;
881 case RX_ADDR_LOAD:
882 /* Load RU base. */
883 logout("val=0x%02x (RU base address)\n", val);
884 s->ru_base = s->pointer;
885 break;
886 default:
887 logout("val=0x%02x (undefined RU command)\n", val);
888 missing("Undefined SU command");
889 }
890 }
891
892 static void eepro100_write_command(EEPRO100State * s, uint8_t val)
893 {
894 eepro100_ru_command(s, val & 0x0f);
895 eepro100_cu_command(s, val & 0xf0);
896 if ((val) == 0) {
897 logout("val=0x%02x\n", val);
898 }
899 /* Clear command byte after command was accepted. */
900 s->mem[SCBCmd] = 0;
901 }
902
903 /*****************************************************************************
904 *
905 * EEPROM emulation.
906 *
907 ****************************************************************************/
908
909 #define EEPROM_CS 0x02
910 #define EEPROM_SK 0x01
911 #define EEPROM_DI 0x04
912 #define EEPROM_DO 0x08
913
914 static uint16_t eepro100_read_eeprom(EEPRO100State * s)
915 {
916 uint16_t val;
917 memcpy(&val, &s->mem[SCBeeprom], sizeof(val));
918 if (eeprom93xx_read(s->eeprom)) {
919 val |= EEPROM_DO;
920 } else {
921 val &= ~EEPROM_DO;
922 }
923 return val;
924 }
925
926 static void eepro100_write_eeprom(eeprom_t * eeprom, uint8_t val)
927 {
928 logout("write val=0x%02x\n", val);
929
930 /* mask unwriteable bits */
931 //~ val = SET_MASKED(val, 0x31, eeprom->value);
932
933 int eecs = ((val & EEPROM_CS) != 0);
934 int eesk = ((val & EEPROM_SK) != 0);
935 int eedi = ((val & EEPROM_DI) != 0);
936 eeprom93xx_write(eeprom, eecs, eesk, eedi);
937 }
938
939 static void eepro100_write_pointer(EEPRO100State * s, uint32_t val)
940 {
941 s->pointer = le32_to_cpu(val);
942 logout("val=0x%08x\n", val);
943 }
944
945 /*****************************************************************************
946 *
947 * MDI emulation.
948 *
949 ****************************************************************************/
950
951 #if defined(DEBUG_EEPRO100)
952 static const char *mdi_op_name[] = {
953 "opcode 0",
954 "write",
955 "read",
956 "opcode 3"
957 };
958
959 static const char *mdi_reg_name[] = {
960 "Control",
961 "Status",
962 "PHY Identification (Word 1)",
963 "PHY Identification (Word 2)",
964 "Auto-Negotiation Advertisement",
965 "Auto-Negotiation Link Partner Ability",
966 "Auto-Negotiation Expansion"
967 };
968 #endif /* DEBUG_EEPRO100 */
969
970 static uint32_t eepro100_read_mdi(EEPRO100State * s)
971 {
972 uint32_t val;
973 memcpy(&val, &s->mem[0x10], sizeof(val));
974
975 #ifdef DEBUG_EEPRO100
976 uint8_t raiseint = (val & BIT(29)) >> 29;
977 uint8_t opcode = (val & BITS(27, 26)) >> 26;
978 uint8_t phy = (val & BITS(25, 21)) >> 21;
979 uint8_t reg = (val & BITS(20, 16)) >> 16;
980 uint16_t data = (val & BITS(15, 0));
981 #endif
982 /* Emulation takes no time to finish MDI transaction. */
983 val |= BIT(28);
984 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
985 val, raiseint, mdi_op_name[opcode], phy,
986 mdi_reg_name[reg], data));
987 return val;
988 }
989
990 //~ #define BITS(val, upper, lower) (val & ???)
991 static void eepro100_write_mdi(EEPRO100State * s, uint32_t val)
992 {
993 uint8_t raiseint = (val & BIT(29)) >> 29;
994 uint8_t opcode = (val & BITS(27, 26)) >> 26;
995 uint8_t phy = (val & BITS(25, 21)) >> 21;
996 uint8_t reg = (val & BITS(20, 16)) >> 16;
997 uint16_t data = (val & BITS(15, 0));
998 if (phy != 1) {
999 /* Unsupported PHY address. */
1000 //~ logout("phy must be 1 but is %u\n", phy);
1001 data = 0;
1002 } else if (opcode != 1 && opcode != 2) {
1003 /* Unsupported opcode. */
1004 logout("opcode must be 1 or 2 but is %u\n", opcode);
1005 data = 0;
1006 } else if (reg > 6) {
1007 /* Unsupported register. */
1008 logout("register must be 0...6 but is %u\n", reg);
1009 data = 0;
1010 } else {
1011 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
1012 val, raiseint, mdi_op_name[opcode], phy,
1013 mdi_reg_name[reg], data));
1014 if (opcode == 1) {
1015 /* MDI write */
1016 switch (reg) {
1017 case 0: /* Control Register */
1018 if (data & 0x8000) {
1019 /* Reset status and control registers to default. */
1020 s->mdimem[0] = eepro100_mdi_default[0];
1021 s->mdimem[1] = eepro100_mdi_default[1];
1022 data = s->mdimem[reg];
1023 } else {
1024 /* Restart Auto Configuration = Normal Operation */
1025 data &= ~0x0200;
1026 }
1027 break;
1028 case 1: /* Status Register */
1029 missing("not writable");
1030 data = s->mdimem[reg];
1031 break;
1032 case 2: /* PHY Identification Register (Word 1) */
1033 case 3: /* PHY Identification Register (Word 2) */
1034 missing("not implemented");
1035 break;
1036 case 4: /* Auto-Negotiation Advertisement Register */
1037 case 5: /* Auto-Negotiation Link Partner Ability Register */
1038 break;
1039 case 6: /* Auto-Negotiation Expansion Register */
1040 default:
1041 missing("not implemented");
1042 }
1043 s->mdimem[reg] = data;
1044 } else if (opcode == 2) {
1045 /* MDI read */
1046 switch (reg) {
1047 case 0: /* Control Register */
1048 if (data & 0x8000) {
1049 /* Reset status and control registers to default. */
1050 s->mdimem[0] = eepro100_mdi_default[0];
1051 s->mdimem[1] = eepro100_mdi_default[1];
1052 }
1053 break;
1054 case 1: /* Status Register */
1055 s->mdimem[reg] |= 0x0020;
1056 break;
1057 case 2: /* PHY Identification Register (Word 1) */
1058 case 3: /* PHY Identification Register (Word 2) */
1059 case 4: /* Auto-Negotiation Advertisement Register */
1060 break;
1061 case 5: /* Auto-Negotiation Link Partner Ability Register */
1062 s->mdimem[reg] = 0x41fe;
1063 break;
1064 case 6: /* Auto-Negotiation Expansion Register */
1065 s->mdimem[reg] = 0x0001;
1066 break;
1067 }
1068 data = s->mdimem[reg];
1069 }
1070 /* Emulation takes no time to finish MDI transaction.
1071 * Set MDI bit in SCB status register. */
1072 s->mem[SCBAck] |= 0x08;
1073 val |= BIT(28);
1074 if (raiseint) {
1075 eepro100_mdi_interrupt(s);
1076 }
1077 }
1078 val = (val & 0xffff0000) + data;
1079 memcpy(&s->mem[0x10], &val, sizeof(val));
1080 }
1081
1082 /*****************************************************************************
1083 *
1084 * Port emulation.
1085 *
1086 ****************************************************************************/
1087
1088 #define PORT_SOFTWARE_RESET 0
1089 #define PORT_SELFTEST 1
1090 #define PORT_SELECTIVE_RESET 2
1091 #define PORT_DUMP 3
1092 #define PORT_SELECTION_MASK 3
1093
1094 typedef struct {
1095 uint32_t st_sign; /* Self Test Signature */
1096 uint32_t st_result; /* Self Test Results */
1097 } eepro100_selftest_t;
1098
1099 static uint32_t eepro100_read_port(EEPRO100State * s)
1100 {
1101 return 0;
1102 }
1103
1104 static void eepro100_write_port(EEPRO100State * s, uint32_t val)
1105 {
1106 val = le32_to_cpu(val);
1107 uint32_t address = (val & ~PORT_SELECTION_MASK);
1108 uint8_t selection = (val & PORT_SELECTION_MASK);
1109 switch (selection) {
1110 case PORT_SOFTWARE_RESET:
1111 nic_reset(s);
1112 break;
1113 case PORT_SELFTEST:
1114 logout("selftest address=0x%08x\n", address);
1115 eepro100_selftest_t data;
1116 cpu_physical_memory_read(address, (uint8_t *) & data, sizeof(data));
1117 data.st_sign = 0xffffffff;
1118 data.st_result = 0;
1119 cpu_physical_memory_write(address, (uint8_t *) & data, sizeof(data));
1120 break;
1121 case PORT_SELECTIVE_RESET:
1122 logout("selective reset, selftest address=0x%08x\n", address);
1123 nic_selective_reset(s);
1124 break;
1125 default:
1126 logout("val=0x%08x\n", val);
1127 missing("unknown port selection");
1128 }
1129 }
1130
1131 /*****************************************************************************
1132 *
1133 * General hardware emulation.
1134 *
1135 ****************************************************************************/
1136
1137 static uint8_t eepro100_read1(EEPRO100State * s, uint32_t addr)
1138 {
1139 uint8_t val;
1140 if (addr <= sizeof(s->mem) - sizeof(val)) {
1141 memcpy(&val, &s->mem[addr], sizeof(val));
1142 }
1143
1144 switch (addr) {
1145 case SCBStatus:
1146 //~ val = eepro100_read_status(s);
1147 logout("addr=%s val=0x%02x\n", regname(addr), val);
1148 break;
1149 case SCBAck:
1150 //~ val = eepro100_read_status(s);
1151 logout("addr=%s val=0x%02x\n", regname(addr), val);
1152 break;
1153 case SCBCmd:
1154 logout("addr=%s val=0x%02x\n", regname(addr), val);
1155 //~ val = eepro100_read_command(s);
1156 break;
1157 case SCBIntmask:
1158 logout("addr=%s val=0x%02x\n", regname(addr), val);
1159 break;
1160 case SCBPort + 3:
1161 logout("addr=%s val=0x%02x\n", regname(addr), val);
1162 break;
1163 case SCBeeprom:
1164 val = eepro100_read_eeprom(s);
1165 break;
1166 case 0x1b: /* PMDR (power management driver register) */
1167 val = 0;
1168 logout("addr=%s val=0x%02x\n", regname(addr), val);
1169 break;
1170 case 0x1d: /* general status register */
1171 /* 100 Mbps full duplex, valid link */
1172 val = 0x07;
1173 logout("addr=General Status val=%02x\n", val);
1174 break;
1175 default:
1176 logout("addr=%s val=0x%02x\n", regname(addr), val);
1177 missing("unknown byte read");
1178 }
1179 return val;
1180 }
1181
1182 static uint16_t eepro100_read2(EEPRO100State * s, uint32_t addr)
1183 {
1184 uint16_t val;
1185 if (addr <= sizeof(s->mem) - sizeof(val)) {
1186 memcpy(&val, &s->mem[addr], sizeof(val));
1187 }
1188
1189 logout("addr=%s val=0x%04x\n", regname(addr), val);
1190
1191 switch (addr) {
1192 case SCBStatus:
1193 //~ val = eepro100_read_status(s);
1194 break;
1195 case SCBeeprom:
1196 val = eepro100_read_eeprom(s);
1197 break;
1198 default:
1199 logout("addr=%s val=0x%04x\n", regname(addr), val);
1200 missing("unknown word read");
1201 }
1202 return val;
1203 }
1204
1205 static uint32_t eepro100_read4(EEPRO100State * s, uint32_t addr)
1206 {
1207 uint32_t val;
1208 if (addr <= sizeof(s->mem) - sizeof(val)) {
1209 memcpy(&val, &s->mem[addr], sizeof(val));
1210 }
1211
1212 switch (addr) {
1213 case SCBStatus:
1214 //~ val = eepro100_read_status(s);
1215 logout("addr=%s val=0x%08x\n", regname(addr), val);
1216 break;
1217 case SCBPointer:
1218 //~ val = eepro100_read_pointer(s);
1219 logout("addr=%s val=0x%08x\n", regname(addr), val);
1220 break;
1221 case SCBPort:
1222 val = eepro100_read_port(s);
1223 logout("addr=%s val=0x%08x\n", regname(addr), val);
1224 break;
1225 case SCBCtrlMDI:
1226 val = eepro100_read_mdi(s);
1227 break;
1228 default:
1229 logout("addr=%s val=0x%08x\n", regname(addr), val);
1230 missing("unknown longword read");
1231 }
1232 return val;
1233 }
1234
1235 static void eepro100_write1(EEPRO100State * s, uint32_t addr, uint8_t val)
1236 {
1237 if (addr <= sizeof(s->mem) - sizeof(val)) {
1238 memcpy(&s->mem[addr], &val, sizeof(val));
1239 }
1240
1241 logout("addr=%s val=0x%02x\n", regname(addr), val);
1242
1243 switch (addr) {
1244 case SCBStatus:
1245 //~ eepro100_write_status(s, val);
1246 break;
1247 case SCBAck:
1248 eepro100_acknowledge(s);
1249 break;
1250 case SCBCmd:
1251 eepro100_write_command(s, val);
1252 break;
1253 case SCBIntmask:
1254 if (val & BIT(1)) {
1255 eepro100_swi_interrupt(s);
1256 }
1257 eepro100_interrupt(s, 0);
1258 break;
1259 case SCBPort + 3:
1260 case SCBFlow:
1261 case SCBFlow + 1:
1262 case SCBFlow + 2:
1263 case SCBFlow + 3:
1264 logout("addr=%s val=0x%02x\n", regname(addr), val);
1265 break;
1266 case SCBeeprom:
1267 eepro100_write_eeprom(s->eeprom, val);
1268 break;
1269 default:
1270 logout("addr=%s val=0x%02x\n", regname(addr), val);
1271 missing("unknown byte write");
1272 }
1273 }
1274
1275 static void eepro100_write2(EEPRO100State * s, uint32_t addr, uint16_t val)
1276 {
1277 if (addr <= sizeof(s->mem) - sizeof(val)) {
1278 memcpy(&s->mem[addr], &val, sizeof(val));
1279 }
1280
1281 logout("addr=%s val=0x%04x\n", regname(addr), val);
1282
1283 switch (addr) {
1284 case SCBStatus:
1285 //~ eepro100_write_status(s, val);
1286 eepro100_acknowledge(s);
1287 break;
1288 case SCBCmd:
1289 eepro100_write_command(s, val);
1290 eepro100_write1(s, SCBIntmask, val >> 8);
1291 break;
1292 case SCBeeprom:
1293 eepro100_write_eeprom(s->eeprom, val);
1294 break;
1295 default:
1296 logout("addr=%s val=0x%04x\n", regname(addr), val);
1297 missing("unknown word write");
1298 }
1299 }
1300
1301 static void eepro100_write4(EEPRO100State * s, uint32_t addr, uint32_t val)
1302 {
1303 if (addr <= sizeof(s->mem) - sizeof(val)) {
1304 memcpy(&s->mem[addr], &val, sizeof(val));
1305 }
1306
1307 switch (addr) {
1308 case SCBPointer:
1309 eepro100_write_pointer(s, val);
1310 break;
1311 case SCBPort:
1312 logout("addr=%s val=0x%08x\n", regname(addr), val);
1313 eepro100_write_port(s, val);
1314 break;
1315 case SCBCtrlMDI:
1316 eepro100_write_mdi(s, val);
1317 break;
1318 default:
1319 logout("addr=%s val=0x%08x\n", regname(addr), val);
1320 missing("unknown longword write");
1321 }
1322 }
1323
1324 static uint32_t ioport_read1(void *opaque, uint32_t addr)
1325 {
1326 EEPRO100State *s = opaque;
1327 //~ logout("addr=%s\n", regname(addr));
1328 return eepro100_read1(s, addr - s->region[1]);
1329 }
1330
1331 static uint32_t ioport_read2(void *opaque, uint32_t addr)
1332 {
1333 EEPRO100State *s = opaque;
1334 return eepro100_read2(s, addr - s->region[1]);
1335 }
1336
1337 static uint32_t ioport_read4(void *opaque, uint32_t addr)
1338 {
1339 EEPRO100State *s = opaque;
1340 return eepro100_read4(s, addr - s->region[1]);
1341 }
1342
1343 static void ioport_write1(void *opaque, uint32_t addr, uint32_t val)
1344 {
1345 EEPRO100State *s = opaque;
1346 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1347 eepro100_write1(s, addr - s->region[1], val);
1348 }
1349
1350 static void ioport_write2(void *opaque, uint32_t addr, uint32_t val)
1351 {
1352 EEPRO100State *s = opaque;
1353 eepro100_write2(s, addr - s->region[1], val);
1354 }
1355
1356 static void ioport_write4(void *opaque, uint32_t addr, uint32_t val)
1357 {
1358 EEPRO100State *s = opaque;
1359 eepro100_write4(s, addr - s->region[1], val);
1360 }
1361
1362 /***********************************************************/
1363 /* PCI EEPRO100 definitions */
1364
1365 typedef struct PCIEEPRO100State {
1366 PCIDevice dev;
1367 EEPRO100State eepro100;
1368 } PCIEEPRO100State;
1369
1370 static void pci_map(PCIDevice * pci_dev, int region_num,
1371 uint32_t addr, uint32_t size, int type)
1372 {
1373 PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
1374 EEPRO100State *s = &d->eepro100;
1375
1376 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1377 region_num, addr, size, type);
1378
1379 assert(region_num == 1);
1380 register_ioport_write(addr, size, 1, ioport_write1, s);
1381 register_ioport_read(addr, size, 1, ioport_read1, s);
1382 register_ioport_write(addr, size, 2, ioport_write2, s);
1383 register_ioport_read(addr, size, 2, ioport_read2, s);
1384 register_ioport_write(addr, size, 4, ioport_write4, s);
1385 register_ioport_read(addr, size, 4, ioport_read4, s);
1386
1387 s->region[region_num] = addr;
1388 }
1389
1390 static void pci_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
1391 {
1392 EEPRO100State *s = opaque;
1393 addr -= s->region[0];
1394 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1395 eepro100_write1(s, addr, val);
1396 }
1397
1398 static void pci_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
1399 {
1400 EEPRO100State *s = opaque;
1401 addr -= s->region[0];
1402 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1403 eepro100_write2(s, addr, val);
1404 }
1405
1406 static void pci_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
1407 {
1408 EEPRO100State *s = opaque;
1409 addr -= s->region[0];
1410 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1411 eepro100_write4(s, addr, val);
1412 }
1413
1414 static uint32_t pci_mmio_readb(void *opaque, target_phys_addr_t addr)
1415 {
1416 EEPRO100State *s = opaque;
1417 addr -= s->region[0];
1418 //~ logout("addr=%s\n", regname(addr));
1419 return eepro100_read1(s, addr);
1420 }
1421
1422 static uint32_t pci_mmio_readw(void *opaque, target_phys_addr_t addr)
1423 {
1424 EEPRO100State *s = opaque;
1425 addr -= s->region[0];
1426 //~ logout("addr=%s\n", regname(addr));
1427 return eepro100_read2(s, addr);
1428 }
1429
1430 static uint32_t pci_mmio_readl(void *opaque, target_phys_addr_t addr)
1431 {
1432 EEPRO100State *s = opaque;
1433 addr -= s->region[0];
1434 //~ logout("addr=%s\n", regname(addr));
1435 return eepro100_read4(s, addr);
1436 }
1437
1438 static CPUWriteMemoryFunc *pci_mmio_write[] = {
1439 pci_mmio_writeb,
1440 pci_mmio_writew,
1441 pci_mmio_writel
1442 };
1443
1444 static CPUReadMemoryFunc *pci_mmio_read[] = {
1445 pci_mmio_readb,
1446 pci_mmio_readw,
1447 pci_mmio_readl
1448 };
1449
1450 static void pci_mmio_map(PCIDevice * pci_dev, int region_num,
1451 uint32_t addr, uint32_t size, int type)
1452 {
1453 PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
1454
1455 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1456 region_num, addr, size, type);
1457
1458 if (region_num == 0) {
1459 /* Map control / status registers. */
1460 cpu_register_physical_memory(addr, size, d->eepro100.mmio_index);
1461 d->eepro100.region[region_num] = addr;
1462 }
1463 }
1464
1465 static int nic_can_receive(void *opaque)
1466 {
1467 EEPRO100State *s = opaque;
1468 logout("%p\n", s);
1469 return get_ru_state(s) == ru_ready;
1470 //~ return !eepro100_buffer_full(s);
1471 }
1472
1473 #define MIN_BUF_SIZE 60
1474
1475 static void nic_receive(void *opaque, const uint8_t * buf, int size)
1476 {
1477 /* TODO:
1478 * - Magic packets should set bit 30 in power management driver register.
1479 * - Interesting packets should set bit 29 in power management driver register.
1480 */
1481 EEPRO100State *s = opaque;
1482 uint16_t rfd_status = 0xa000;
1483 static const uint8_t broadcast_macaddr[6] =
1484 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
1485
1486 /* TODO: check multiple IA bit. */
1487 assert(!(s->configuration[20] & BIT(6)));
1488
1489 if (s->configuration[8] & 0x80) {
1490 /* CSMA is disabled. */
1491 logout("%p received while CSMA is disabled\n", s);
1492 return;
1493 } else if (size < 64 && (s->configuration[7] & 1)) {
1494 /* Short frame and configuration byte 7/0 (discard short receive) set:
1495 * Short frame is discarded */
1496 logout("%p received short frame (%d byte)\n", s, size);
1497 s->statistics.rx_short_frame_errors++;
1498 //~ return;
1499 } else if ((size > MAX_ETH_FRAME_SIZE + 4) && !(s->configuration[18] & 8)) {
1500 /* Long frame and configuration byte 18/3 (long receive ok) not set:
1501 * Long frames are discarded. */
1502 logout("%p received long frame (%d byte), ignored\n", s, size);
1503 return;
1504 } else if (memcmp(buf, s->macaddr, 6) == 0) { // !!!
1505 /* Frame matches individual address. */
1506 /* TODO: check configuration byte 15/4 (ignore U/L). */
1507 logout("%p received frame for me, len=%d\n", s, size);
1508 } else if (memcmp(buf, broadcast_macaddr, 6) == 0) {
1509 /* Broadcast frame. */
1510 logout("%p received broadcast, len=%d\n", s, size);
1511 rfd_status |= 0x0002;
1512 } else if (buf[0] & 0x01) { // !!!
1513 /* Multicast frame. */
1514 logout("%p received multicast, len=%d\n", s, size);
1515 /* TODO: check multicast all bit. */
1516 assert(!(s->configuration[21] & BIT(3)));
1517 int mcast_idx = compute_mcast_idx(buf);
1518 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7)))) {
1519 return;
1520 }
1521 rfd_status |= 0x0002;
1522 } else if (s->configuration[15] & 1) {
1523 /* Promiscuous: receive all. */
1524 logout("%p received frame in promiscuous mode, len=%d\n", s, size);
1525 rfd_status |= 0x0004;
1526 } else {
1527 logout("%p received frame, ignored, len=%d,%s\n", s, size,
1528 nic_dump(buf, size));
1529 return;
1530 }
1531
1532 if (get_ru_state(s) != ru_ready) {
1533 /* No ressources available. */
1534 logout("no ressources, state=%u\n", get_ru_state(s));
1535 s->statistics.rx_resource_errors++;
1536 //~ assert(!"no ressources");
1537 return;
1538 }
1539 //~ !!!
1540 //~ $3 = {status = 0x0, command = 0xc000, link = 0x2d220, rx_buf_addr = 0x207dc, count = 0x0, size = 0x5f8, packet = {0x0 <repeats 1518 times>}}
1541 eepro100_rx_t rx;
1542 cpu_physical_memory_read(s->ru_base + s->ru_offset, (uint8_t *) & rx,
1543 offsetof(eepro100_rx_t, packet));
1544 uint16_t rfd_command = le16_to_cpu(rx.command);
1545 uint16_t rfd_size = le16_to_cpu(rx.size);
1546 assert(size <= rfd_size);
1547 if (size < 64) {
1548 rfd_status |= 0x0080;
1549 }
1550 logout("command 0x%04x, link 0x%08x, addr 0x%08x, size %u\n", rfd_command,
1551 rx.link, rx.rx_buf_addr, rfd_size);
1552 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, status),
1553 rfd_status);
1554 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, count), size);
1555 /* Early receive interrupt not supported. */
1556 //~ eepro100_er_interrupt(s);
1557 /* Receive CRC Transfer not supported. */
1558 assert(!(s->configuration[18] & 4));
1559 /* TODO: check stripping enable bit. */
1560 //~ assert(!(s->configuration[17] & 1));
1561 cpu_physical_memory_write(s->ru_base + s->ru_offset +
1562 offsetof(eepro100_rx_t, packet), buf, size);
1563 s->statistics.rx_good_frames++;
1564 eepro100_fr_interrupt(s);
1565 s->ru_offset = le32_to_cpu(rx.link);
1566 if (rfd_command & 0x8000) {
1567 /* EL bit is set, so this was the last frame. */
1568 assert(0);
1569 }
1570 if (rfd_command & 0x4000) {
1571 /* S bit is set. */
1572 set_ru_state(s, ru_suspended);
1573 }
1574 }
1575
1576 static int nic_load(QEMUFile * f, void *opaque, int version_id)
1577 {
1578 EEPRO100State *s = (EEPRO100State *) opaque;
1579 int i;
1580 int ret;
1581
1582 if (version_id > 3)
1583 return -EINVAL;
1584
1585 if (s->pci_dev && version_id >= 3) {
1586 ret = pci_device_load(s->pci_dev, f);
1587 if (ret < 0)
1588 return ret;
1589 }
1590
1591 if (version_id >= 2) {
1592 qemu_get_8s(f, &s->rxcr);
1593 } else {
1594 s->rxcr = 0x0c;
1595 }
1596
1597 qemu_get_8s(f, &s->cmd);
1598 qemu_get_be32s(f, &s->start);
1599 qemu_get_be32s(f, &s->stop);
1600 qemu_get_8s(f, &s->boundary);
1601 qemu_get_8s(f, &s->tsr);
1602 qemu_get_8s(f, &s->tpsr);
1603 qemu_get_be16s(f, &s->tcnt);
1604 qemu_get_be16s(f, &s->rcnt);
1605 qemu_get_be32s(f, &s->rsar);
1606 qemu_get_8s(f, &s->rsr);
1607 qemu_get_8s(f, &s->isr);
1608 qemu_get_8s(f, &s->dcfg);
1609 qemu_get_8s(f, &s->imr);
1610 qemu_get_buffer(f, s->phys, 6);
1611 qemu_get_8s(f, &s->curpag);
1612 qemu_get_buffer(f, s->mult, 8);
1613 qemu_get_buffer(f, s->mem, sizeof(s->mem));
1614
1615 /* Restore all members of struct between scv_stat and mem */
1616 qemu_get_8s(f, &s->scb_stat);
1617 qemu_get_8s(f, &s->int_stat);
1618 for (i = 0; i < 3; i++)
1619 qemu_get_be32s(f, &s->region[i]);
1620 qemu_get_buffer(f, s->macaddr, 6);
1621 for (i = 0; i < 19; i++)
1622 qemu_get_be32s(f, &s->statcounter[i]);
1623 for (i = 0; i < 32; i++)
1624 qemu_get_be16s(f, &s->mdimem[i]);
1625 /* The eeprom should be saved and restored by its own routines */
1626 qemu_get_be32s(f, &s->device);
1627 qemu_get_be32s(f, &s->pointer);
1628 qemu_get_be32s(f, &s->cu_base);
1629 qemu_get_be32s(f, &s->cu_offset);
1630 qemu_get_be32s(f, &s->ru_base);
1631 qemu_get_be32s(f, &s->ru_offset);
1632 qemu_get_be32s(f, &s->statsaddr);
1633 /* Restore epro100_stats_t statistics */
1634 qemu_get_be32s(f, &s->statistics.tx_good_frames);
1635 qemu_get_be32s(f, &s->statistics.tx_max_collisions);
1636 qemu_get_be32s(f, &s->statistics.tx_late_collisions);
1637 qemu_get_be32s(f, &s->statistics.tx_underruns);
1638 qemu_get_be32s(f, &s->statistics.tx_lost_crs);
1639 qemu_get_be32s(f, &s->statistics.tx_deferred);
1640 qemu_get_be32s(f, &s->statistics.tx_single_collisions);
1641 qemu_get_be32s(f, &s->statistics.tx_multiple_collisions);
1642 qemu_get_be32s(f, &s->statistics.tx_total_collisions);
1643 qemu_get_be32s(f, &s->statistics.rx_good_frames);
1644 qemu_get_be32s(f, &s->statistics.rx_crc_errors);
1645 qemu_get_be32s(f, &s->statistics.rx_alignment_errors);
1646 qemu_get_be32s(f, &s->statistics.rx_resource_errors);
1647 qemu_get_be32s(f, &s->statistics.rx_overrun_errors);
1648 qemu_get_be32s(f, &s->statistics.rx_cdt_errors);
1649 qemu_get_be32s(f, &s->statistics.rx_short_frame_errors);
1650 qemu_get_be32s(f, &s->statistics.fc_xmt_pause);
1651 qemu_get_be32s(f, &s->statistics.fc_rcv_pause);
1652 qemu_get_be32s(f, &s->statistics.fc_rcv_unsupported);
1653 qemu_get_be16s(f, &s->statistics.xmt_tco_frames);
1654 qemu_get_be16s(f, &s->statistics.rcv_tco_frames);
1655 qemu_get_be32s(f, &s->statistics.complete);
1656 #if 0
1657 qemu_get_be16s(f, &s->status);
1658 #endif
1659
1660 /* Configuration bytes. */
1661 qemu_get_buffer(f, s->configuration, sizeof(s->configuration));
1662
1663 return 0;
1664 }
1665
1666 static void nic_save(QEMUFile * f, void *opaque)
1667 {
1668 EEPRO100State *s = (EEPRO100State *) opaque;
1669 int i;
1670
1671 if (s->pci_dev)
1672 pci_device_save(s->pci_dev, f);
1673
1674 qemu_put_8s(f, &s->rxcr);
1675
1676 qemu_put_8s(f, &s->cmd);
1677 qemu_put_be32s(f, &s->start);
1678 qemu_put_be32s(f, &s->stop);
1679 qemu_put_8s(f, &s->boundary);
1680 qemu_put_8s(f, &s->tsr);
1681 qemu_put_8s(f, &s->tpsr);
1682 qemu_put_be16s(f, &s->tcnt);
1683 qemu_put_be16s(f, &s->rcnt);
1684 qemu_put_be32s(f, &s->rsar);
1685 qemu_put_8s(f, &s->rsr);
1686 qemu_put_8s(f, &s->isr);
1687 qemu_put_8s(f, &s->dcfg);
1688 qemu_put_8s(f, &s->imr);
1689 qemu_put_buffer(f, s->phys, 6);
1690 qemu_put_8s(f, &s->curpag);
1691 qemu_put_buffer(f, s->mult, 8);
1692 qemu_put_buffer(f, s->mem, sizeof(s->mem));
1693
1694 /* Save all members of struct between scv_stat and mem */
1695 qemu_put_8s(f, &s->scb_stat);
1696 qemu_put_8s(f, &s->int_stat);
1697 for (i = 0; i < 3; i++)
1698 qemu_put_be32s(f, &s->region[i]);
1699 qemu_put_buffer(f, s->macaddr, 6);
1700 for (i = 0; i < 19; i++)
1701 qemu_put_be32s(f, &s->statcounter[i]);
1702 for (i = 0; i < 32; i++)
1703 qemu_put_be16s(f, &s->mdimem[i]);
1704 /* The eeprom should be saved and restored by its own routines */
1705 qemu_put_be32s(f, &s->device);
1706 qemu_put_be32s(f, &s->pointer);
1707 qemu_put_be32s(f, &s->cu_base);
1708 qemu_put_be32s(f, &s->cu_offset);
1709 qemu_put_be32s(f, &s->ru_base);
1710 qemu_put_be32s(f, &s->ru_offset);
1711 qemu_put_be32s(f, &s->statsaddr);
1712 /* Save epro100_stats_t statistics */
1713 qemu_put_be32s(f, &s->statistics.tx_good_frames);
1714 qemu_put_be32s(f, &s->statistics.tx_max_collisions);
1715 qemu_put_be32s(f, &s->statistics.tx_late_collisions);
1716 qemu_put_be32s(f, &s->statistics.tx_underruns);
1717 qemu_put_be32s(f, &s->statistics.tx_lost_crs);
1718 qemu_put_be32s(f, &s->statistics.tx_deferred);
1719 qemu_put_be32s(f, &s->statistics.tx_single_collisions);
1720 qemu_put_be32s(f, &s->statistics.tx_multiple_collisions);
1721 qemu_put_be32s(f, &s->statistics.tx_total_collisions);
1722 qemu_put_be32s(f, &s->statistics.rx_good_frames);
1723 qemu_put_be32s(f, &s->statistics.rx_crc_errors);
1724 qemu_put_be32s(f, &s->statistics.rx_alignment_errors);
1725 qemu_put_be32s(f, &s->statistics.rx_resource_errors);
1726 qemu_put_be32s(f, &s->statistics.rx_overrun_errors);
1727 qemu_put_be32s(f, &s->statistics.rx_cdt_errors);
1728 qemu_put_be32s(f, &s->statistics.rx_short_frame_errors);
1729 qemu_put_be32s(f, &s->statistics.fc_xmt_pause);
1730 qemu_put_be32s(f, &s->statistics.fc_rcv_pause);
1731 qemu_put_be32s(f, &s->statistics.fc_rcv_unsupported);
1732 qemu_put_be16s(f, &s->statistics.xmt_tco_frames);
1733 qemu_put_be16s(f, &s->statistics.rcv_tco_frames);
1734 qemu_put_be32s(f, &s->statistics.complete);
1735 #if 0
1736 qemu_put_be16s(f, &s->status);
1737 #endif
1738
1739 /* Configuration bytes. */
1740 qemu_put_buffer(f, s->configuration, sizeof(s->configuration));
1741 }
1742
1743 static void nic_init(PCIBus * bus, NICInfo * nd,
1744 const char *name, uint32_t device)
1745 {
1746 PCIEEPRO100State *d;
1747 EEPRO100State *s;
1748
1749 logout("\n");
1750
1751 d = (PCIEEPRO100State *) pci_register_device(bus, name,
1752 sizeof(PCIEEPRO100State), -1,
1753 NULL, NULL);
1754
1755 s = &d->eepro100;
1756 s->device = device;
1757 s->pci_dev = &d->dev;
1758
1759 pci_reset(s);
1760
1761 /* Add 64 * 2 EEPROM. i82557 and i82558 support a 64 word EEPROM,
1762 * i82559 and later support 64 or 256 word EEPROM. */
1763 s->eeprom = eeprom93xx_new(EEPROM_SIZE);
1764
1765 /* Handler for memory-mapped I/O */
1766 d->eepro100.mmio_index =
1767 cpu_register_io_memory(0, pci_mmio_read, pci_mmio_write, s);
1768
1769 pci_register_io_region(&d->dev, 0, PCI_MEM_SIZE,
1770 PCI_ADDRESS_SPACE_MEM |
1771 PCI_ADDRESS_SPACE_MEM_PREFETCH, pci_mmio_map);
1772 pci_register_io_region(&d->dev, 1, PCI_IO_SIZE, PCI_ADDRESS_SPACE_IO,
1773 pci_map);
1774 pci_register_io_region(&d->dev, 2, PCI_FLASH_SIZE, PCI_ADDRESS_SPACE_MEM,
1775 pci_mmio_map);
1776
1777 memcpy(s->macaddr, nd->macaddr, 6);
1778 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
1779 assert(s->region[1] == 0);
1780
1781 nic_reset(s);
1782
1783 s->vc = qemu_new_vlan_client(nd->vlan, nic_receive, nic_can_receive, s);
1784
1785 snprintf(s->vc->info_str, sizeof(s->vc->info_str),
1786 "eepro100 pci macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
1787 s->macaddr[0],
1788 s->macaddr[1],
1789 s->macaddr[2], s->macaddr[3], s->macaddr[4], s->macaddr[5]);
1790
1791 qemu_register_reset(nic_reset, s);
1792
1793 /* XXX: instance number ? */
1794 register_savevm(name, 0, 3, nic_save, nic_load, s);
1795 }
1796
1797 void pci_i82551_init(PCIBus * bus, NICInfo * nd, int devfn)
1798 {
1799 nic_init(bus, nd, "i82551", i82551);
1800 //~ uint8_t *pci_conf = d->dev.config;
1801 }
1802
1803 void pci_i82557b_init(PCIBus * bus, NICInfo * nd, int devfn)
1804 {
1805 nic_init(bus, nd, "i82557b", i82557B);
1806 }
1807
1808 void pci_i82559er_init(PCIBus * bus, NICInfo * nd, int devfn)
1809 {
1810 nic_init(bus, nd, "i82559er", i82559ER);
1811 }
1812
1813 /* eof */
Patches shipped by Fedora