search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Include sys-queue.h early to override system queue definitions on BSD
[qemu.git] / hw / eepro100.c
blob68fec9c998965a9907e0b6a757711ff34cf22722
1 /*
2 * QEMU i8255x (PRO100) emulation
3 *
4 * Copyright (c) 2006-2007 Stefan Weil
5 *
6 * Portions of the code are copies from grub / etherboot eepro100.c
7 * and linux e100.c.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 *
22 * Tested features (i82559):
23 * PXE boot (i386) no valid link
24 * Linux networking (i386) ok
25 *
26 * Untested:
27 * non-i386 platforms
28 * Windows networking
29 *
30 * References:
31 *
32 * Intel 8255x 10/100 Mbps Ethernet Controller Family
33 * Open Source Software Developer Manual
34 */
35
36 #if defined(TARGET_I386)
37 # warning "PXE boot still not working!"
38 #endif
39
40 #include <stddef.h> /* offsetof */
41 #include <stdbool.h>
42 #include "hw.h"
43 #include "pci.h"
44 #include "net.h"
45 #include "eeprom93xx.h"
46
47 /* Common declarations for all PCI devices. */
48
49 #define PCI_CONFIG_8(offset, value) \
50 (pci_conf[offset] = (value))
51 #define PCI_CONFIG_16(offset, value) \
52 (*(uint16_t *)&pci_conf[offset] = cpu_to_le16(value))
53 #define PCI_CONFIG_32(offset, value) \
54 (*(uint32_t *)&pci_conf[offset] = cpu_to_le32(value))
55
56 #define KiB 1024
57
58 /* debug EEPRO100 card */
59 //~ #define DEBUG_EEPRO100
60
61 #ifdef DEBUG_EEPRO100
62 #define logout(fmt, ...) fprintf(stderr, "EE100\t%-24s" fmt, __func__, ## __VA_ARGS__)
63 #else
64 #define logout(fmt, ...) ((void)0)
65 #endif
66
67 /* Set flags to 0 to disable debug output. */
68 #define MDI 0
69
70 #define TRACE(flag, command) ((flag) ? (command) : (void)0)
71
72 #define missing(text) assert(!"feature is missing in this emulation: " text)
73
74 #define MAX_ETH_FRAME_SIZE 1514
75
76 /* This driver supports several different devices which are declared here. */
77 #define i82551 0x82551
78 #define i82557B 0x82557b
79 #define i82557C 0x82557c
80 #define i82558B 0x82558b
81 #define i82559C 0x82559c
82 #define i82559ER 0x82559e
83 #define i82562 0x82562
84
85 #define EEPROM_SIZE 64
86
87 #define PCI_MEM_SIZE (4 * KiB)
88 #define PCI_IO_SIZE 64
89 #define PCI_FLASH_SIZE (128 * KiB)
90
91 #define BIT(n) (1 << (n))
92 #define BITS(n, m) (((0xffffffffU << (31 - n)) >> (31 - n + m)) << m)
93
94 /* The SCB accepts the following controls for the Tx and Rx units: */
95 #define CU_NOP 0x0000 /* No operation. */
96 #define CU_START 0x0010 /* CU start. */
97 #define CU_RESUME 0x0020 /* CU resume. */
98 #define CU_STATSADDR 0x0040 /* Load dump counters address. */
99 #define CU_SHOWSTATS 0x0050 /* Dump statistical counters. */
100 #define CU_CMD_BASE 0x0060 /* Load CU base address. */
101 #define CU_DUMPSTATS 0x0070 /* Dump and reset statistical counters. */
102 #define CU_SRESUME 0x00a0 /* CU static resume. */
103
104 #define RU_NOP 0x0000
105 #define RX_START 0x0001
106 #define RX_RESUME 0x0002
107 #define RX_ABORT 0x0004
108 #define RX_ADDR_LOAD 0x0006
109 #define RX_RESUMENR 0x0007
110 #define INT_MASK 0x0100
111 #define DRVR_INT 0x0200 /* Driver generated interrupt. */
112
113 /* Offsets to the various registers.
114 All accesses need not be longword aligned. */
115 enum speedo_offsets {
116 SCBStatus = 0,
117 SCBAck = 1,
118 SCBCmd = 2, /* Rx/Command Unit command and status. */
119 SCBIntmask = 3,
120 SCBPointer = 4, /* General purpose pointer. */
121 SCBPort = 8, /* Misc. commands and operands. */
122 SCBflash = 12, SCBeeprom = 14, /* EEPROM and flash memory control. */
123 SCBCtrlMDI = 16, /* MDI interface control. */
124 SCBEarlyRx = 20, /* Early receive byte count. */
125 SCBFlow = 24,
126 };
127
128 /* A speedo3 transmit buffer descriptor with two buffers... */
129 typedef struct {
130 uint16_t status;
131 uint16_t command;
132 uint32_t link; /* void * */
133 uint32_t tx_desc_addr; /* transmit buffer decsriptor array address. */
134 uint16_t tcb_bytes; /* transmit command block byte count (in lower 14 bits */
135 uint8_t tx_threshold; /* transmit threshold */
136 uint8_t tbd_count; /* TBD number */
137 //~ /* This constitutes two "TBD" entries: hdr and data */
138 //~ uint32_t tx_buf_addr0; /* void *, header of frame to be transmitted. */
139 //~ int32_t tx_buf_size0; /* Length of Tx hdr. */
140 //~ uint32_t tx_buf_addr1; /* void *, data to be transmitted. */
141 //~ int32_t tx_buf_size1; /* Length of Tx data. */
142 } eepro100_tx_t;
143
144 /* Receive frame descriptor. */
145 typedef struct {
146 int16_t status;
147 uint16_t command;
148 uint32_t link; /* struct RxFD * */
149 uint32_t rx_buf_addr; /* void * */
150 uint16_t count;
151 uint16_t size;
152 char packet[MAX_ETH_FRAME_SIZE + 4];
153 } eepro100_rx_t;
154
155 typedef struct {
156 uint32_t tx_good_frames, tx_max_collisions, tx_late_collisions,
157 tx_underruns, tx_lost_crs, tx_deferred, tx_single_collisions,
158 tx_multiple_collisions, tx_total_collisions;
159 uint32_t rx_good_frames, rx_crc_errors, rx_alignment_errors,
160 rx_resource_errors, rx_overrun_errors, rx_cdt_errors,
161 rx_short_frame_errors;
162 uint32_t fc_xmt_pause, fc_rcv_pause, fc_rcv_unsupported;
163 uint16_t xmt_tco_frames, rcv_tco_frames;
164 uint32_t complete;
165 } eepro100_stats_t;
166
167 typedef enum {
168 cu_idle = 0,
169 cu_suspended = 1,
170 cu_active = 2,
171 cu_lpq_active = 2,
172 cu_hqp_active = 3
173 } cu_state_t;
174
175 typedef enum {
176 ru_idle = 0,
177 ru_suspended = 1,
178 ru_no_resources = 2,
179 ru_ready = 4
180 } ru_state_t;
181
182 typedef struct {
183 PCIDevice dev;
184 #if 1
185 uint8_t cmd;
186 uint32_t start;
187 uint32_t stop;
188 uint8_t boundary;
189 uint8_t tsr;
190 uint8_t tpsr;
191 uint16_t tcnt;
192 uint16_t rcnt;
193 uint32_t rsar;
194 uint8_t rsr;
195 uint8_t rxcr;
196 uint8_t isr;
197 uint8_t dcfg;
198 uint8_t imr;
199 uint8_t phys[6]; /* mac address */
200 uint8_t curpag;
201 uint8_t mult[8]; /* multicast mask array */
202 int mmio_index;
203 VLANClientState *vc;
204 #endif
205 uint8_t scb_stat; /* SCB stat/ack byte */
206 uint8_t int_stat; /* PCI interrupt status */
207 uint32_t region[3]; /* PCI region addresses */
208 uint8_t macaddr[6];
209 uint32_t statcounter[19];
210 uint16_t mdimem[32];
211 eeprom_t *eeprom;
212 uint32_t device; /* device variant */
213 uint32_t pointer;
214 /* (cu_base + cu_offset) address the next command block in the command block list. */
215 uint32_t cu_base; /* CU base address */
216 uint32_t cu_offset; /* CU address offset */
217 /* (ru_base + ru_offset) address the RFD in the Receive Frame Area. */
218 uint32_t ru_base; /* RU base address */
219 uint32_t ru_offset; /* RU address offset */
220 uint32_t statsaddr; /* pointer to eepro100_stats_t */
221 eepro100_stats_t statistics; /* statistical counters */
222 #if 0
223 uint16_t status;
224 #endif
225
226 /* Configuration bytes. */
227 uint8_t configuration[22];
228
229 /* Data in mem is always in the byte order of the controller (le). */
230 uint8_t mem[PCI_MEM_SIZE];
231 } EEPRO100State;
232
233 /* Default values for MDI (PHY) registers */
234 static const uint16_t eepro100_mdi_default[] = {
235 /* MDI Registers 0 - 6, 7 */
236 0x3000, 0x780d, 0x02a8, 0x0154, 0x05e1, 0x0000, 0x0000, 0x0000,
237 /* MDI Registers 8 - 15 */
238 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
239 /* MDI Registers 16 - 31 */
240 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
241 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
242 };
243
244 /* Readonly mask for MDI (PHY) registers */
245 static const uint16_t eepro100_mdi_mask[] = {
246 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000,
247 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
248 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
249 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
250 };
251
252 #define POLYNOMIAL 0x04c11db6
253
254 /* From FreeBSD */
255 /* XXX: optimize */
256 static int compute_mcast_idx(const uint8_t * ep)
257 {
258 uint32_t crc;
259 int carry, i, j;
260 uint8_t b;
261
262 crc = 0xffffffff;
263 for (i = 0; i < 6; i++) {
264 b = *ep++;
265 for (j = 0; j < 8; j++) {
266 carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
267 crc <<= 1;
268 b >>= 1;
269 if (carry)
270 crc = ((crc ^ POLYNOMIAL) | carry);
271 }
272 }
273 return (crc >> 26);
274 }
275
276 #if defined(DEBUG_EEPRO100)
277 static const char *nic_dump(const uint8_t * buf, unsigned size)
278 {
279 static char dump[3 * 16 + 1];
280 char *p = &dump[0];
281 if (size > 16)
282 size = 16;
283 while (size-- > 0) {
284 p += sprintf(p, " %02x", *buf++);
285 }
286 return dump;
287 }
288 #endif /* DEBUG_EEPRO100 */
289
290 enum scb_stat_ack {
291 stat_ack_not_ours = 0x00,
292 stat_ack_sw_gen = 0x04,
293 stat_ack_rnr = 0x10,
294 stat_ack_cu_idle = 0x20,
295 stat_ack_frame_rx = 0x40,
296 stat_ack_cu_cmd_done = 0x80,
297 stat_ack_not_present = 0xFF,
298 stat_ack_rx = (stat_ack_sw_gen | stat_ack_rnr | stat_ack_frame_rx),
299 stat_ack_tx = (stat_ack_cu_idle | stat_ack_cu_cmd_done),
300 };
301
302 static void disable_interrupt(EEPRO100State * s)
303 {
304 if (s->int_stat) {
305 logout("interrupt disabled\n");
306 qemu_irq_lower(s->dev.irq[0]);
307 s->int_stat = 0;
308 }
309 }
310
311 static void enable_interrupt(EEPRO100State * s)
312 {
313 if (!s->int_stat) {
314 logout("interrupt enabled\n");
315 qemu_irq_raise(s->dev.irq[0]);
316 s->int_stat = 1;
317 }
318 }
319
320 static void eepro100_acknowledge(EEPRO100State * s)
321 {
322 s->scb_stat &= ~s->mem[SCBAck];
323 s->mem[SCBAck] = s->scb_stat;
324 if (s->scb_stat == 0) {
325 disable_interrupt(s);
326 }
327 }
328
329 static void eepro100_interrupt(EEPRO100State * s, uint8_t stat)
330 {
331 uint8_t mask = ~s->mem[SCBIntmask];
332 s->mem[SCBAck] |= stat;
333 stat = s->scb_stat = s->mem[SCBAck];
334 stat &= (mask | 0x0f);
335 //~ stat &= (~s->mem[SCBIntmask] | 0x0xf);
336 if (stat && (mask & 0x01)) {
337 /* SCB mask and SCB Bit M do not disable interrupt. */
338 enable_interrupt(s);
339 } else if (s->int_stat) {
340 disable_interrupt(s);
341 }
342 }
343
344 static void eepro100_cx_interrupt(EEPRO100State * s)
345 {
346 /* CU completed action command. */
347 /* Transmit not ok (82557 only, not in emulation). */
348 eepro100_interrupt(s, 0x80);
349 }
350
351 static void eepro100_cna_interrupt(EEPRO100State * s)
352 {
353 /* CU left the active state. */
354 eepro100_interrupt(s, 0x20);
355 }
356
357 static void eepro100_fr_interrupt(EEPRO100State * s)
358 {
359 /* RU received a complete frame. */
360 eepro100_interrupt(s, 0x40);
361 }
362
363 #if 0
364 static void eepro100_rnr_interrupt(EEPRO100State * s)
365 {
366 /* RU is not ready. */
367 eepro100_interrupt(s, 0x10);
368 }
369 #endif
370
371 static void eepro100_mdi_interrupt(EEPRO100State * s)
372 {
373 /* MDI completed read or write cycle. */
374 eepro100_interrupt(s, 0x08);
375 }
376
377 static void eepro100_swi_interrupt(EEPRO100State * s)
378 {
379 /* Software has requested an interrupt. */
380 eepro100_interrupt(s, 0x04);
381 }
382
383 #if 0
384 static void eepro100_fcp_interrupt(EEPRO100State * s)
385 {
386 /* Flow control pause interrupt (82558 and later). */
387 eepro100_interrupt(s, 0x01);
388 }
389 #endif
390
391 static void pci_reset(EEPRO100State * s)
392 {
393 uint32_t device = s->device;
394 uint8_t *pci_conf = s->dev.config;
395
396 logout("%p\n", s);
397
398 /* PCI Vendor ID */
399 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
400 /* PCI Device ID */
401 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82551IT);
402 /* PCI Command */
403 PCI_CONFIG_16(PCI_COMMAND, 0x0000);
404 /* PCI Status */
405 PCI_CONFIG_16(PCI_STATUS, 0x2800);
406 /* PCI Revision ID */
407 PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
408 /* PCI Class Code */
409 PCI_CONFIG_8(0x09, 0x00);
410 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
411 /* PCI Cache Line Size */
412 /* check cache line size!!! */
413 //~ PCI_CONFIG_8(0x0c, 0x00);
414 /* PCI Latency Timer */
415 PCI_CONFIG_8(0x0d, 0x20); // latency timer = 32 clocks
416 /* PCI Header Type */
417 /* BIST (built-in self test) */
418 #if defined(TARGET_I386)
419 // !!! workaround for buggy bios
420 //~ #define PCI_ADDRESS_SPACE_MEM_PREFETCH 0
421 #endif
422 #if 0
423 /* PCI Base Address Registers */
424 /* CSR Memory Mapped Base Address */
425 PCI_CONFIG_32(PCI_BASE_ADDRESS_0,
426 PCI_ADDRESS_SPACE_MEM | PCI_ADDRESS_SPACE_MEM_PREFETCH);
427 /* CSR I/O Mapped Base Address */
428 PCI_CONFIG_32(PCI_BASE_ADDRESS_1, PCI_ADDRESS_SPACE_IO);
429 #if 0
430 /* Flash Memory Mapped Base Address */
431 PCI_CONFIG_32(PCI_BASE_ADDRESS_2, 0xfffe0000 | PCI_ADDRESS_SPACE_MEM);
432 #endif
433 #endif
434 /* Expansion ROM Base Address (depends on boot disable!!!) */
435 PCI_CONFIG_32(0x30, 0x00000000);
436 /* Capability Pointer */
437 PCI_CONFIG_8(0x34, 0xdc);
438 /* Interrupt Pin */
439 PCI_CONFIG_8(0x3d, 1); // interrupt pin 0
440 /* Minimum Grant */
441 PCI_CONFIG_8(0x3e, 0x08);
442 /* Maximum Latency */
443 PCI_CONFIG_8(0x3f, 0x18);
444 /* Power Management Capabilities / Next Item Pointer / Capability ID */
445 PCI_CONFIG_32(0xdc, 0x7e210001);
446
447 switch (device) {
448 case i82551:
449 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
450 PCI_CONFIG_8(PCI_REVISION_ID, 0x0f);
451 break;
452 case i82557B:
453 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
454 PCI_CONFIG_8(PCI_REVISION_ID, 0x02);
455 break;
456 case i82557C:
457 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
458 PCI_CONFIG_8(PCI_REVISION_ID, 0x03);
459 break;
460 case i82558B:
461 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
462 PCI_CONFIG_16(PCI_STATUS, 0x2810);
463 PCI_CONFIG_8(PCI_REVISION_ID, 0x05);
464 break;
465 case i82559C:
466 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
467 PCI_CONFIG_16(PCI_STATUS, 0x2810);
468 //~ PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
469 break;
470 case i82559ER:
471 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
472 PCI_CONFIG_16(PCI_STATUS, 0x2810);
473 PCI_CONFIG_8(PCI_REVISION_ID, 0x09);
474 break;
475 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1029);
476 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1030); /* 82559 InBusiness 10/100 */
477 default:
478 logout("Device %X is undefined!\n", device);
479 }
480
481 if (device == i82557C || device == i82558B || device == i82559C) {
482 logout("Get device id and revision from EEPROM!!!\n");
483 }
484 }
485
486 static void nic_selective_reset(EEPRO100State * s)
487 {
488 size_t i;
489 uint16_t *eeprom_contents = eeprom93xx_data(s->eeprom);
490 //~ eeprom93xx_reset(s->eeprom);
491 memcpy(eeprom_contents, s->macaddr, 6);
492 eeprom_contents[0xa] = 0x4000;
493 uint16_t sum = 0;
494 for (i = 0; i < EEPROM_SIZE - 1; i++) {
495 sum += eeprom_contents[i];
496 }
497 eeprom_contents[EEPROM_SIZE - 1] = 0xbaba - sum;
498
499 memset(s->mem, 0, sizeof(s->mem));
500 uint32_t val = BIT(21);
501 memcpy(&s->mem[SCBCtrlMDI], &val, sizeof(val));
502
503 assert(sizeof(s->mdimem) == sizeof(eepro100_mdi_default));
504 memcpy(&s->mdimem[0], &eepro100_mdi_default[0], sizeof(s->mdimem));
505 }
506
507 static void nic_reset(void *opaque)
508 {
509 EEPRO100State *s = opaque;
510 logout("%p\n", s);
511 static int first;
512 if (!first) {
513 first = 1;
514 }
515 nic_selective_reset(s);
516 }
517
518 #if defined(DEBUG_EEPRO100)
519 static const char *reg[PCI_IO_SIZE / 4] = {
520 "Command/Status",
521 "General Pointer",
522 "Port",
523 "EEPROM/Flash Control",
524 "MDI Control",
525 "Receive DMA Byte Count",
526 "Flow control register",
527 "General Status/Control"
528 };
529
530 static char *regname(uint32_t addr)
531 {
532 static char buf[16];
533 if (addr < PCI_IO_SIZE) {
534 const char *r = reg[addr / 4];
535 if (r != 0) {
536 sprintf(buf, "%s+%u", r, addr % 4);
537 } else {
538 sprintf(buf, "0x%02x", addr);
539 }
540 } else {
541 sprintf(buf, "??? 0x%08x", addr);
542 }
543 return buf;
544 }
545 #endif /* DEBUG_EEPRO100 */
546
547 #if 0
548 static uint16_t eepro100_read_status(EEPRO100State * s)
549 {
550 uint16_t val = s->status;
551 logout("val=0x%04x\n", val);
552 return val;
553 }
554
555 static void eepro100_write_status(EEPRO100State * s, uint16_t val)
556 {
557 logout("val=0x%04x\n", val);
558 s->status = val;
559 }
560 #endif
561
562 /*****************************************************************************
563 *
564 * Command emulation.
565 *
566 ****************************************************************************/
567
568 #if 0
569 static uint16_t eepro100_read_command(EEPRO100State * s)
570 {
571 uint16_t val = 0xffff;
572 //~ logout("val=0x%04x\n", val);
573 return val;
574 }
575 #endif
576
577 /* Commands that can be put in a command list entry. */
578 enum commands {
579 CmdNOp = 0,
580 CmdIASetup = 1,
581 CmdConfigure = 2,
582 CmdMulticastList = 3,
583 CmdTx = 4,
584 CmdTDR = 5, /* load microcode */
585 CmdDump = 6,
586 CmdDiagnose = 7,
587
588 /* And some extra flags: */
589 CmdSuspend = 0x4000, /* Suspend after completion. */
590 CmdIntr = 0x2000, /* Interrupt after completion. */
591 CmdTxFlex = 0x0008, /* Use "Flexible mode" for CmdTx command. */
592 };
593
594 static cu_state_t get_cu_state(EEPRO100State * s)
595 {
596 return ((s->mem[SCBStatus] >> 6) & 0x03);
597 }
598
599 static void set_cu_state(EEPRO100State * s, cu_state_t state)
600 {
601 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0x3f) + (state << 6);
602 }
603
604 static ru_state_t get_ru_state(EEPRO100State * s)
605 {
606 return ((s->mem[SCBStatus] >> 2) & 0x0f);
607 }
608
609 static void set_ru_state(EEPRO100State * s, ru_state_t state)
610 {
611 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0xc3) + (state << 2);
612 }
613
614 static void dump_statistics(EEPRO100State * s)
615 {
616 /* Dump statistical data. Most data is never changed by the emulation
617 * and always 0, so we first just copy the whole block and then those
618 * values which really matter.
619 * Number of data should check configuration!!!
620 */
621 cpu_physical_memory_write(s->statsaddr, (uint8_t *) & s->statistics, 64);
622 stl_phys(s->statsaddr + 0, s->statistics.tx_good_frames);
623 stl_phys(s->statsaddr + 36, s->statistics.rx_good_frames);
624 stl_phys(s->statsaddr + 48, s->statistics.rx_resource_errors);
625 stl_phys(s->statsaddr + 60, s->statistics.rx_short_frame_errors);
626 //~ stw_phys(s->statsaddr + 76, s->statistics.xmt_tco_frames);
627 //~ stw_phys(s->statsaddr + 78, s->statistics.rcv_tco_frames);
628 //~ missing("CU dump statistical counters");
629 }
630
631 static void eepro100_cu_command(EEPRO100State * s, uint8_t val)
632 {
633 eepro100_tx_t tx;
634 uint32_t cb_address;
635 switch (val) {
636 case CU_NOP:
637 /* No operation. */
638 break;
639 case CU_START:
640 if (get_cu_state(s) != cu_idle) {
641 /* Intel documentation says that CU must be idle for the CU
642 * start command. Intel driver for Linux also starts the CU
643 * from suspended state. */
644 logout("CU state is %u, should be %u\n", get_cu_state(s), cu_idle);
645 //~ assert(!"wrong CU state");
646 }
647 set_cu_state(s, cu_active);
648 s->cu_offset = s->pointer;
649 next_command:
650 cb_address = s->cu_base + s->cu_offset;
651 cpu_physical_memory_read(cb_address, (uint8_t *) & tx, sizeof(tx));
652 uint16_t status = le16_to_cpu(tx.status);
653 uint16_t command = le16_to_cpu(tx.command);
654 logout
655 ("val=0x%02x (cu start), status=0x%04x, command=0x%04x, link=0x%08x\n",
656 val, status, command, tx.link);
657 bool bit_el = ((command & 0x8000) != 0);
658 bool bit_s = ((command & 0x4000) != 0);
659 bool bit_i = ((command & 0x2000) != 0);
660 bool bit_nc = ((command & 0x0010) != 0);
661 //~ bool bit_sf = ((command & 0x0008) != 0);
662 uint16_t cmd = command & 0x0007;
663 s->cu_offset = le32_to_cpu(tx.link);
664 switch (cmd) {
665 case CmdNOp:
666 /* Do nothing. */
667 break;
668 case CmdIASetup:
669 cpu_physical_memory_read(cb_address + 8, &s->macaddr[0], 6);
670 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
671 break;
672 case CmdConfigure:
673 cpu_physical_memory_read(cb_address + 8, &s->configuration[0],
674 sizeof(s->configuration));
675 logout("configuration: %s\n", nic_dump(&s->configuration[0], 16));
676 break;
677 case CmdMulticastList:
678 //~ missing("multicast list");
679 break;
680 case CmdTx:
681 (void)0;
682 uint32_t tbd_array = le32_to_cpu(tx.tx_desc_addr);
683 uint16_t tcb_bytes = (le16_to_cpu(tx.tcb_bytes) & 0x3fff);
684 logout
685 ("transmit, TBD array address 0x%08x, TCB byte count 0x%04x, TBD count %u\n",
686 tbd_array, tcb_bytes, tx.tbd_count);
687 assert(!bit_nc);
688 //~ assert(!bit_sf);
689 assert(tcb_bytes <= 2600);
690 /* Next assertion fails for local configuration. */
691 //~ assert((tcb_bytes > 0) || (tbd_array != 0xffffffff));
692 if (!((tcb_bytes > 0) || (tbd_array != 0xffffffff))) {
693 logout
694 ("illegal values of TBD array address and TCB byte count!\n");
695 }
696 // sends larger than MAX_ETH_FRAME_SIZE are allowed, up to 2600 bytes
697 uint8_t buf[2600];
698 uint16_t size = 0;
699 uint32_t tbd_address = cb_address + 0x10;
700 assert(tcb_bytes <= sizeof(buf));
701 while (size < tcb_bytes) {
702 uint32_t tx_buffer_address = ldl_phys(tbd_address);
703 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
704 //~ uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
705 tbd_address += 8;
706 logout
707 ("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n",
708 tx_buffer_address, tx_buffer_size);
709 tx_buffer_size = MIN(tx_buffer_size, sizeof(buf) - size);
710 cpu_physical_memory_read(tx_buffer_address, &buf[size],
711 tx_buffer_size);
712 size += tx_buffer_size;
713 }
714 if (tbd_array == 0xffffffff) {
715 /* Simplified mode. Was already handled by code above. */
716 } else {
717 /* Flexible mode. */
718 uint8_t tbd_count = 0;
719 if ((s->device >= i82558B) && !(s->configuration[6] & BIT(4))) {
720 /* Extended Flexible TCB. */
721 assert(tcb_bytes == 0);
722 for (; tbd_count < 2; tbd_count++) {
723 uint32_t tx_buffer_address = ldl_phys(tbd_address);
724 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
725 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
726 tbd_address += 8;
727 logout
728 ("TBD (extended flexible mode): buffer address 0x%08x, size 0x%04x\n",
729 tx_buffer_address, tx_buffer_size);
730 tx_buffer_size = MIN(tx_buffer_size, sizeof(buf) - size);
731 cpu_physical_memory_read(tx_buffer_address, &buf[size],
732 tx_buffer_size);
733 size += tx_buffer_size;
734 if (tx_buffer_el & 1) {
735 break;
736 }
737 }
738 }
739 tbd_address = tbd_array;
740 for (; tbd_count < tx.tbd_count; tbd_count++) {
741 uint32_t tx_buffer_address = ldl_phys(tbd_address);
742 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
743 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
744 tbd_address += 8;
745 logout
746 ("TBD (flexible mode): buffer address 0x%08x, size 0x%04x\n",
747 tx_buffer_address, tx_buffer_size);
748 tx_buffer_size = MIN(tx_buffer_size, sizeof(buf) - size);
749 cpu_physical_memory_read(tx_buffer_address, &buf[size],
750 tx_buffer_size);
751 size += tx_buffer_size;
752 if (tx_buffer_el & 1) {
753 break;
754 }
755 }
756 }
757 qemu_send_packet(s->vc, buf, size);
758 s->statistics.tx_good_frames++;
759 /* Transmit with bad status would raise an CX/TNO interrupt.
760 * (82557 only). Emulation never has bad status. */
761 //~ eepro100_cx_interrupt(s);
762 break;
763 case CmdTDR:
764 logout("load microcode\n");
765 /* Starting with offset 8, the command contains
766 * 64 dwords microcode which we just ignore here. */
767 break;
768 default:
769 missing("undefined command");
770 }
771 /* Write new status (success). */
772 stw_phys(cb_address, status | 0x8000 | 0x2000);
773 if (bit_i) {
774 /* CU completed action. */
775 eepro100_cx_interrupt(s);
776 }
777 if (bit_el) {
778 /* CU becomes idle. */
779 set_cu_state(s, cu_idle);
780 eepro100_cna_interrupt(s);
781 } else if (bit_s) {
782 /* CU becomes suspended. */
783 set_cu_state(s, cu_suspended);
784 eepro100_cna_interrupt(s);
785 } else {
786 /* More entries in list. */
787 logout("CU list with at least one more entry\n");
788 goto next_command;
789 }
790 logout("CU list empty\n");
791 /* List is empty. Now CU is idle or suspended. */
792 break;
793 case CU_RESUME:
794 if (get_cu_state(s) != cu_suspended) {
795 logout("bad CU resume from CU state %u\n", get_cu_state(s));
796 /* Workaround for bad Linux eepro100 driver which resumes
797 * from idle state. */
798 //~ missing("cu resume");
799 set_cu_state(s, cu_suspended);
800 }
801 if (get_cu_state(s) == cu_suspended) {
802 logout("CU resuming\n");
803 set_cu_state(s, cu_active);
804 goto next_command;
805 }
806 break;
807 case CU_STATSADDR:
808 /* Load dump counters address. */
809 s->statsaddr = s->pointer;
810 logout("val=0x%02x (status address)\n", val);
811 break;
812 case CU_SHOWSTATS:
813 /* Dump statistical counters. */
814 dump_statistics(s);
815 break;
816 case CU_CMD_BASE:
817 /* Load CU base. */
818 logout("val=0x%02x (CU base address)\n", val);
819 s->cu_base = s->pointer;
820 break;
821 case CU_DUMPSTATS:
822 /* Dump and reset statistical counters. */
823 dump_statistics(s);
824 memset(&s->statistics, 0, sizeof(s->statistics));
825 break;
826 case CU_SRESUME:
827 /* CU static resume. */
828 missing("CU static resume");
829 break;
830 default:
831 missing("Undefined CU command");
832 }
833 }
834
835 static void eepro100_ru_command(EEPRO100State * s, uint8_t val)
836 {
837 switch (val) {
838 case RU_NOP:
839 /* No operation. */
840 break;
841 case RX_START:
842 /* RU start. */
843 if (get_ru_state(s) != ru_idle) {
844 logout("RU state is %u, should be %u\n", get_ru_state(s), ru_idle);
845 //~ assert(!"wrong RU state");
846 }
847 set_ru_state(s, ru_ready);
848 s->ru_offset = s->pointer;
849 logout("val=0x%02x (rx start)\n", val);
850 break;
851 case RX_RESUME:
852 /* Restart RU. */
853 if (get_ru_state(s) != ru_suspended) {
854 logout("RU state is %u, should be %u\n", get_ru_state(s),
855 ru_suspended);
856 //~ assert(!"wrong RU state");
857 }
858 set_ru_state(s, ru_ready);
859 break;
860 case RX_ADDR_LOAD:
861 /* Load RU base. */
862 logout("val=0x%02x (RU base address)\n", val);
863 s->ru_base = s->pointer;
864 break;
865 default:
866 logout("val=0x%02x (undefined RU command)\n", val);
867 missing("Undefined SU command");
868 }
869 }
870
871 static void eepro100_write_command(EEPRO100State * s, uint8_t val)
872 {
873 eepro100_ru_command(s, val & 0x0f);
874 eepro100_cu_command(s, val & 0xf0);
875 if ((val) == 0) {
876 logout("val=0x%02x\n", val);
877 }
878 /* Clear command byte after command was accepted. */
879 s->mem[SCBCmd] = 0;
880 }
881
882 /*****************************************************************************
883 *
884 * EEPROM emulation.
885 *
886 ****************************************************************************/
887
888 #define EEPROM_CS 0x02
889 #define EEPROM_SK 0x01
890 #define EEPROM_DI 0x04
891 #define EEPROM_DO 0x08
892
893 static uint16_t eepro100_read_eeprom(EEPRO100State * s)
894 {
895 uint16_t val;
896 memcpy(&val, &s->mem[SCBeeprom], sizeof(val));
897 if (eeprom93xx_read(s->eeprom)) {
898 val |= EEPROM_DO;
899 } else {
900 val &= ~EEPROM_DO;
901 }
902 return val;
903 }
904
905 static void eepro100_write_eeprom(eeprom_t * eeprom, uint8_t val)
906 {
907 logout("write val=0x%02x\n", val);
908
909 /* mask unwriteable bits */
910 //~ val = SET_MASKED(val, 0x31, eeprom->value);
911
912 int eecs = ((val & EEPROM_CS) != 0);
913 int eesk = ((val & EEPROM_SK) != 0);
914 int eedi = ((val & EEPROM_DI) != 0);
915 eeprom93xx_write(eeprom, eecs, eesk, eedi);
916 }
917
918 static void eepro100_write_pointer(EEPRO100State * s, uint32_t val)
919 {
920 s->pointer = le32_to_cpu(val);
921 logout("val=0x%08x\n", val);
922 }
923
924 /*****************************************************************************
925 *
926 * MDI emulation.
927 *
928 ****************************************************************************/
929
930 #if defined(DEBUG_EEPRO100)
931 static const char *mdi_op_name[] = {
932 "opcode 0",
933 "write",
934 "read",
935 "opcode 3"
936 };
937
938 static const char *mdi_reg_name[] = {
939 "Control",
940 "Status",
941 "PHY Identification (Word 1)",
942 "PHY Identification (Word 2)",
943 "Auto-Negotiation Advertisement",
944 "Auto-Negotiation Link Partner Ability",
945 "Auto-Negotiation Expansion"
946 };
947 #endif /* DEBUG_EEPRO100 */
948
949 static uint32_t eepro100_read_mdi(EEPRO100State * s)
950 {
951 uint32_t val;
952 memcpy(&val, &s->mem[0x10], sizeof(val));
953
954 #ifdef DEBUG_EEPRO100
955 uint8_t raiseint = (val & BIT(29)) >> 29;
956 uint8_t opcode = (val & BITS(27, 26)) >> 26;
957 uint8_t phy = (val & BITS(25, 21)) >> 21;
958 uint8_t reg = (val & BITS(20, 16)) >> 16;
959 uint16_t data = (val & BITS(15, 0));
960 #endif
961 /* Emulation takes no time to finish MDI transaction. */
962 val |= BIT(28);
963 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
964 val, raiseint, mdi_op_name[opcode], phy,
965 mdi_reg_name[reg], data));
966 return val;
967 }
968
969 //~ #define BITS(val, upper, lower) (val & ???)
970 static void eepro100_write_mdi(EEPRO100State * s, uint32_t val)
971 {
972 uint8_t raiseint = (val & BIT(29)) >> 29;
973 uint8_t opcode = (val & BITS(27, 26)) >> 26;
974 uint8_t phy = (val & BITS(25, 21)) >> 21;
975 uint8_t reg = (val & BITS(20, 16)) >> 16;
976 uint16_t data = (val & BITS(15, 0));
977 if (phy != 1) {
978 /* Unsupported PHY address. */
979 //~ logout("phy must be 1 but is %u\n", phy);
980 data = 0;
981 } else if (opcode != 1 && opcode != 2) {
982 /* Unsupported opcode. */
983 logout("opcode must be 1 or 2 but is %u\n", opcode);
984 data = 0;
985 } else if (reg > 6) {
986 /* Unsupported register. */
987 logout("register must be 0...6 but is %u\n", reg);
988 data = 0;
989 } else {
990 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
991 val, raiseint, mdi_op_name[opcode], phy,
992 mdi_reg_name[reg], data));
993 if (opcode == 1) {
994 /* MDI write */
995 switch (reg) {
996 case 0: /* Control Register */
997 if (data & 0x8000) {
998 /* Reset status and control registers to default. */
999 s->mdimem[0] = eepro100_mdi_default[0];
1000 s->mdimem[1] = eepro100_mdi_default[1];
1001 data = s->mdimem[reg];
1002 } else {
1003 /* Restart Auto Configuration = Normal Operation */
1004 data &= ~0x0200;
1005 }
1006 break;
1007 case 1: /* Status Register */
1008 missing("not writable");
1009 data = s->mdimem[reg];
1010 break;
1011 case 2: /* PHY Identification Register (Word 1) */
1012 case 3: /* PHY Identification Register (Word 2) */
1013 missing("not implemented");
1014 break;
1015 case 4: /* Auto-Negotiation Advertisement Register */
1016 case 5: /* Auto-Negotiation Link Partner Ability Register */
1017 break;
1018 case 6: /* Auto-Negotiation Expansion Register */
1019 default:
1020 missing("not implemented");
1021 }
1022 s->mdimem[reg] = data;
1023 } else if (opcode == 2) {
1024 /* MDI read */
1025 switch (reg) {
1026 case 0: /* Control Register */
1027 if (data & 0x8000) {
1028 /* Reset status and control registers to default. */
1029 s->mdimem[0] = eepro100_mdi_default[0];
1030 s->mdimem[1] = eepro100_mdi_default[1];
1031 }
1032 break;
1033 case 1: /* Status Register */
1034 s->mdimem[reg] |= 0x0020;
1035 break;
1036 case 2: /* PHY Identification Register (Word 1) */
1037 case 3: /* PHY Identification Register (Word 2) */
1038 case 4: /* Auto-Negotiation Advertisement Register */
1039 break;
1040 case 5: /* Auto-Negotiation Link Partner Ability Register */
1041 s->mdimem[reg] = 0x41fe;
1042 break;
1043 case 6: /* Auto-Negotiation Expansion Register */
1044 s->mdimem[reg] = 0x0001;
1045 break;
1046 }
1047 data = s->mdimem[reg];
1048 }
1049 /* Emulation takes no time to finish MDI transaction.
1050 * Set MDI bit in SCB status register. */
1051 s->mem[SCBAck] |= 0x08;
1052 val |= BIT(28);
1053 if (raiseint) {
1054 eepro100_mdi_interrupt(s);
1055 }
1056 }
1057 val = (val & 0xffff0000) + data;
1058 memcpy(&s->mem[0x10], &val, sizeof(val));
1059 }
1060
1061 /*****************************************************************************
1062 *
1063 * Port emulation.
1064 *
1065 ****************************************************************************/
1066
1067 #define PORT_SOFTWARE_RESET 0
1068 #define PORT_SELFTEST 1
1069 #define PORT_SELECTIVE_RESET 2
1070 #define PORT_DUMP 3
1071 #define PORT_SELECTION_MASK 3
1072
1073 typedef struct {
1074 uint32_t st_sign; /* Self Test Signature */
1075 uint32_t st_result; /* Self Test Results */
1076 } eepro100_selftest_t;
1077
1078 static uint32_t eepro100_read_port(EEPRO100State * s)
1079 {
1080 return 0;
1081 }
1082
1083 static void eepro100_write_port(EEPRO100State * s, uint32_t val)
1084 {
1085 val = le32_to_cpu(val);
1086 uint32_t address = (val & ~PORT_SELECTION_MASK);
1087 uint8_t selection = (val & PORT_SELECTION_MASK);
1088 switch (selection) {
1089 case PORT_SOFTWARE_RESET:
1090 nic_reset(s);
1091 break;
1092 case PORT_SELFTEST:
1093 logout("selftest address=0x%08x\n", address);
1094 eepro100_selftest_t data;
1095 cpu_physical_memory_read(address, (uint8_t *) & data, sizeof(data));
1096 data.st_sign = 0xffffffff;
1097 data.st_result = 0;
1098 cpu_physical_memory_write(address, (uint8_t *) & data, sizeof(data));
1099 break;
1100 case PORT_SELECTIVE_RESET:
1101 logout("selective reset, selftest address=0x%08x\n", address);
1102 nic_selective_reset(s);
1103 break;
1104 default:
1105 logout("val=0x%08x\n", val);
1106 missing("unknown port selection");
1107 }
1108 }
1109
1110 /*****************************************************************************
1111 *
1112 * General hardware emulation.
1113 *
1114 ****************************************************************************/
1115
1116 static uint8_t eepro100_read1(EEPRO100State * s, uint32_t addr)
1117 {
1118 uint8_t val;
1119 if (addr <= sizeof(s->mem) - sizeof(val)) {
1120 memcpy(&val, &s->mem[addr], sizeof(val));
1121 }
1122
1123 switch (addr) {
1124 case SCBStatus:
1125 //~ val = eepro100_read_status(s);
1126 logout("addr=%s val=0x%02x\n", regname(addr), val);
1127 break;
1128 case SCBAck:
1129 //~ val = eepro100_read_status(s);
1130 logout("addr=%s val=0x%02x\n", regname(addr), val);
1131 break;
1132 case SCBCmd:
1133 logout("addr=%s val=0x%02x\n", regname(addr), val);
1134 //~ val = eepro100_read_command(s);
1135 break;
1136 case SCBIntmask:
1137 logout("addr=%s val=0x%02x\n", regname(addr), val);
1138 break;
1139 case SCBPort + 3:
1140 logout("addr=%s val=0x%02x\n", regname(addr), val);
1141 break;
1142 case SCBeeprom:
1143 val = eepro100_read_eeprom(s);
1144 break;
1145 case 0x1b: /* PMDR (power management driver register) */
1146 val = 0;
1147 logout("addr=%s val=0x%02x\n", regname(addr), val);
1148 break;
1149 case 0x1d: /* general status register */
1150 /* 100 Mbps full duplex, valid link */
1151 val = 0x07;
1152 logout("addr=General Status val=%02x\n", val);
1153 break;
1154 default:
1155 logout("addr=%s val=0x%02x\n", regname(addr), val);
1156 missing("unknown byte read");
1157 }
1158 return val;
1159 }
1160
1161 static uint16_t eepro100_read2(EEPRO100State * s, uint32_t addr)
1162 {
1163 uint16_t val;
1164 if (addr <= sizeof(s->mem) - sizeof(val)) {
1165 memcpy(&val, &s->mem[addr], sizeof(val));
1166 }
1167
1168 logout("addr=%s val=0x%04x\n", regname(addr), val);
1169
1170 switch (addr) {
1171 case SCBStatus:
1172 //~ val = eepro100_read_status(s);
1173 break;
1174 case SCBeeprom:
1175 val = eepro100_read_eeprom(s);
1176 break;
1177 default:
1178 logout("addr=%s val=0x%04x\n", regname(addr), val);
1179 missing("unknown word read");
1180 }
1181 return val;
1182 }
1183
1184 static uint32_t eepro100_read4(EEPRO100State * s, uint32_t addr)
1185 {
1186 uint32_t val;
1187 if (addr <= sizeof(s->mem) - sizeof(val)) {
1188 memcpy(&val, &s->mem[addr], sizeof(val));
1189 }
1190
1191 switch (addr) {
1192 case SCBStatus:
1193 //~ val = eepro100_read_status(s);
1194 logout("addr=%s val=0x%08x\n", regname(addr), val);
1195 break;
1196 case SCBPointer:
1197 //~ val = eepro100_read_pointer(s);
1198 logout("addr=%s val=0x%08x\n", regname(addr), val);
1199 break;
1200 case SCBPort:
1201 val = eepro100_read_port(s);
1202 logout("addr=%s val=0x%08x\n", regname(addr), val);
1203 break;
1204 case SCBCtrlMDI:
1205 val = eepro100_read_mdi(s);
1206 break;
1207 default:
1208 logout("addr=%s val=0x%08x\n", regname(addr), val);
1209 missing("unknown longword read");
1210 }
1211 return val;
1212 }
1213
1214 static void eepro100_write1(EEPRO100State * s, uint32_t addr, uint8_t val)
1215 {
1216 if (addr <= sizeof(s->mem) - sizeof(val)) {
1217 memcpy(&s->mem[addr], &val, sizeof(val));
1218 }
1219
1220 logout("addr=%s val=0x%02x\n", regname(addr), val);
1221
1222 switch (addr) {
1223 case SCBStatus:
1224 //~ eepro100_write_status(s, val);
1225 break;
1226 case SCBAck:
1227 eepro100_acknowledge(s);
1228 break;
1229 case SCBCmd:
1230 eepro100_write_command(s, val);
1231 break;
1232 case SCBIntmask:
1233 if (val & BIT(1)) {
1234 eepro100_swi_interrupt(s);
1235 }
1236 eepro100_interrupt(s, 0);
1237 break;
1238 case SCBPort + 3:
1239 case SCBFlow:
1240 case SCBFlow + 1:
1241 case SCBFlow + 2:
1242 case SCBFlow + 3:
1243 logout("addr=%s val=0x%02x\n", regname(addr), val);
1244 break;
1245 case SCBeeprom:
1246 eepro100_write_eeprom(s->eeprom, val);
1247 break;
1248 default:
1249 logout("addr=%s val=0x%02x\n", regname(addr), val);
1250 missing("unknown byte write");
1251 }
1252 }
1253
1254 static void eepro100_write2(EEPRO100State * s, uint32_t addr, uint16_t val)
1255 {
1256 if (addr <= sizeof(s->mem) - sizeof(val)) {
1257 memcpy(&s->mem[addr], &val, sizeof(val));
1258 }
1259
1260 logout("addr=%s val=0x%04x\n", regname(addr), val);
1261
1262 switch (addr) {
1263 case SCBStatus:
1264 //~ eepro100_write_status(s, val);
1265 eepro100_acknowledge(s);
1266 break;
1267 case SCBCmd:
1268 eepro100_write_command(s, val);
1269 eepro100_write1(s, SCBIntmask, val >> 8);
1270 break;
1271 case SCBeeprom:
1272 eepro100_write_eeprom(s->eeprom, val);
1273 break;
1274 default:
1275 logout("addr=%s val=0x%04x\n", regname(addr), val);
1276 missing("unknown word write");
1277 }
1278 }
1279
1280 static void eepro100_write4(EEPRO100State * s, uint32_t addr, uint32_t val)
1281 {
1282 if (addr <= sizeof(s->mem) - sizeof(val)) {
1283 memcpy(&s->mem[addr], &val, sizeof(val));
1284 }
1285
1286 switch (addr) {
1287 case SCBPointer:
1288 eepro100_write_pointer(s, val);
1289 break;
1290 case SCBPort:
1291 logout("addr=%s val=0x%08x\n", regname(addr), val);
1292 eepro100_write_port(s, val);
1293 break;
1294 case SCBCtrlMDI:
1295 eepro100_write_mdi(s, val);
1296 break;
1297 default:
1298 logout("addr=%s val=0x%08x\n", regname(addr), val);
1299 missing("unknown longword write");
1300 }
1301 }
1302
1303 static uint32_t ioport_read1(void *opaque, uint32_t addr)
1304 {
1305 EEPRO100State *s = opaque;
1306 //~ logout("addr=%s\n", regname(addr));
1307 return eepro100_read1(s, addr - s->region[1]);
1308 }
1309
1310 static uint32_t ioport_read2(void *opaque, uint32_t addr)
1311 {
1312 EEPRO100State *s = opaque;
1313 return eepro100_read2(s, addr - s->region[1]);
1314 }
1315
1316 static uint32_t ioport_read4(void *opaque, uint32_t addr)
1317 {
1318 EEPRO100State *s = opaque;
1319 return eepro100_read4(s, addr - s->region[1]);
1320 }
1321
1322 static void ioport_write1(void *opaque, uint32_t addr, uint32_t val)
1323 {
1324 EEPRO100State *s = opaque;
1325 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1326 eepro100_write1(s, addr - s->region[1], val);
1327 }
1328
1329 static void ioport_write2(void *opaque, uint32_t addr, uint32_t val)
1330 {
1331 EEPRO100State *s = opaque;
1332 eepro100_write2(s, addr - s->region[1], val);
1333 }
1334
1335 static void ioport_write4(void *opaque, uint32_t addr, uint32_t val)
1336 {
1337 EEPRO100State *s = opaque;
1338 eepro100_write4(s, addr - s->region[1], val);
1339 }
1340
1341 /***********************************************************/
1342 /* PCI EEPRO100 definitions */
1343
1344 static void pci_map(PCIDevice * pci_dev, int region_num,
1345 uint32_t addr, uint32_t size, int type)
1346 {
1347 EEPRO100State *s = DO_UPCAST(EEPRO100State, dev, pci_dev);
1348
1349 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1350 region_num, addr, size, type);
1351
1352 assert(region_num == 1);
1353 register_ioport_write(addr, size, 1, ioport_write1, s);
1354 register_ioport_read(addr, size, 1, ioport_read1, s);
1355 register_ioport_write(addr, size, 2, ioport_write2, s);
1356 register_ioport_read(addr, size, 2, ioport_read2, s);
1357 register_ioport_write(addr, size, 4, ioport_write4, s);
1358 register_ioport_read(addr, size, 4, ioport_read4, s);
1359
1360 s->region[region_num] = addr;
1361 }
1362
1363 static void pci_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
1364 {
1365 EEPRO100State *s = opaque;
1366 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1367 eepro100_write1(s, addr, val);
1368 }
1369
1370 static void pci_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
1371 {
1372 EEPRO100State *s = opaque;
1373 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1374 eepro100_write2(s, addr, val);
1375 }
1376
1377 static void pci_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
1378 {
1379 EEPRO100State *s = opaque;
1380 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1381 eepro100_write4(s, addr, val);
1382 }
1383
1384 static uint32_t pci_mmio_readb(void *opaque, target_phys_addr_t addr)
1385 {
1386 EEPRO100State *s = opaque;
1387 //~ logout("addr=%s\n", regname(addr));
1388 return eepro100_read1(s, addr);
1389 }
1390
1391 static uint32_t pci_mmio_readw(void *opaque, target_phys_addr_t addr)
1392 {
1393 EEPRO100State *s = opaque;
1394 //~ logout("addr=%s\n", regname(addr));
1395 return eepro100_read2(s, addr);
1396 }
1397
1398 static uint32_t pci_mmio_readl(void *opaque, target_phys_addr_t addr)
1399 {
1400 EEPRO100State *s = opaque;
1401 //~ logout("addr=%s\n", regname(addr));
1402 return eepro100_read4(s, addr);
1403 }
1404
1405 static CPUWriteMemoryFunc * const pci_mmio_write[] = {
1406 pci_mmio_writeb,
1407 pci_mmio_writew,
1408 pci_mmio_writel
1409 };
1410
1411 static CPUReadMemoryFunc * const pci_mmio_read[] = {
1412 pci_mmio_readb,
1413 pci_mmio_readw,
1414 pci_mmio_readl
1415 };
1416
1417 static void pci_mmio_map(PCIDevice * pci_dev, int region_num,
1418 uint32_t addr, uint32_t size, int type)
1419 {
1420 EEPRO100State *s = DO_UPCAST(EEPRO100State, dev, pci_dev);
1421
1422 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1423 region_num, addr, size, type);
1424
1425 if (region_num == 0) {
1426 /* Map control / status registers. */
1427 cpu_register_physical_memory(addr, size, s->mmio_index);
1428 s->region[region_num] = addr;
1429 }
1430 }
1431
1432 static int nic_can_receive(VLANClientState *vc)
1433 {
1434 EEPRO100State *s = vc->opaque;
1435 logout("%p\n", s);
1436 return get_ru_state(s) == ru_ready;
1437 //~ return !eepro100_buffer_full(s);
1438 }
1439
1440 static ssize_t nic_receive(VLANClientState *vc, const uint8_t * buf, size_t size)
1441 {
1442 /* TODO:
1443 * - Magic packets should set bit 30 in power management driver register.
1444 * - Interesting packets should set bit 29 in power management driver register.
1445 */
1446 EEPRO100State *s = vc->opaque;
1447 uint16_t rfd_status = 0xa000;
1448 static const uint8_t broadcast_macaddr[6] =
1449 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
1450
1451 /* TODO: check multiple IA bit. */
1452 assert(!(s->configuration[20] & BIT(6)));
1453
1454 if (s->configuration[8] & 0x80) {
1455 /* CSMA is disabled. */
1456 logout("%p received while CSMA is disabled\n", s);
1457 return -1;
1458 } else if (size < 64 && (s->configuration[7] & 1)) {
1459 /* Short frame and configuration byte 7/0 (discard short receive) set:
1460 * Short frame is discarded */
1461 logout("%p received short frame (%d byte)\n", s, size);
1462 s->statistics.rx_short_frame_errors++;
1463 //~ return -1;
1464 } else if ((size > MAX_ETH_FRAME_SIZE + 4) && !(s->configuration[18] & 8)) {
1465 /* Long frame and configuration byte 18/3 (long receive ok) not set:
1466 * Long frames are discarded. */
1467 logout("%p received long frame (%d byte), ignored\n", s, size);
1468 return -1;
1469 } else if (memcmp(buf, s->macaddr, 6) == 0) { // !!!
1470 /* Frame matches individual address. */
1471 /* TODO: check configuration byte 15/4 (ignore U/L). */
1472 logout("%p received frame for me, len=%d\n", s, size);
1473 } else if (memcmp(buf, broadcast_macaddr, 6) == 0) {
1474 /* Broadcast frame. */
1475 logout("%p received broadcast, len=%d\n", s, size);
1476 rfd_status |= 0x0002;
1477 } else if (buf[0] & 0x01) { // !!!
1478 /* Multicast frame. */
1479 logout("%p received multicast, len=%d\n", s, size);
1480 /* TODO: check multicast all bit. */
1481 assert(!(s->configuration[21] & BIT(3)));
1482 int mcast_idx = compute_mcast_idx(buf);
1483 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7)))) {
1484 return size;
1485 }
1486 rfd_status |= 0x0002;
1487 } else if (s->configuration[15] & 1) {
1488 /* Promiscuous: receive all. */
1489 logout("%p received frame in promiscuous mode, len=%d\n", s, size);
1490 rfd_status |= 0x0004;
1491 } else {
1492 logout("%p received frame, ignored, len=%d,%s\n", s, size,
1493 nic_dump(buf, size));
1494 return size;
1495 }
1496
1497 if (get_ru_state(s) != ru_ready) {
1498 /* No ressources available. */
1499 logout("no ressources, state=%u\n", get_ru_state(s));
1500 s->statistics.rx_resource_errors++;
1501 //~ assert(!"no ressources");
1502 return -1;
1503 }
1504 //~ !!!
1505 //~ $3 = {status = 0x0, command = 0xc000, link = 0x2d220, rx_buf_addr = 0x207dc, count = 0x0, size = 0x5f8, packet = {0x0 <repeats 1518 times>}}
1506 eepro100_rx_t rx;
1507 cpu_physical_memory_read(s->ru_base + s->ru_offset, (uint8_t *) & rx,
1508 offsetof(eepro100_rx_t, packet));
1509 uint16_t rfd_command = le16_to_cpu(rx.command);
1510 uint16_t rfd_size = le16_to_cpu(rx.size);
1511 assert(size <= rfd_size);
1512 if (size < 64) {
1513 rfd_status |= 0x0080;
1514 }
1515 logout("command 0x%04x, link 0x%08x, addr 0x%08x, size %u\n", rfd_command,
1516 rx.link, rx.rx_buf_addr, rfd_size);
1517 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, status),
1518 rfd_status);
1519 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, count), size);
1520 /* Early receive interrupt not supported. */
1521 //~ eepro100_er_interrupt(s);
1522 /* Receive CRC Transfer not supported. */
1523 assert(!(s->configuration[18] & 4));
1524 /* TODO: check stripping enable bit. */
1525 //~ assert(!(s->configuration[17] & 1));
1526 cpu_physical_memory_write(s->ru_base + s->ru_offset +
1527 offsetof(eepro100_rx_t, packet), buf, size);
1528 s->statistics.rx_good_frames++;
1529 eepro100_fr_interrupt(s);
1530 s->ru_offset = le32_to_cpu(rx.link);
1531 if (rfd_command & 0x8000) {
1532 /* EL bit is set, so this was the last frame. */
1533 assert(0);
1534 }
1535 if (rfd_command & 0x4000) {
1536 /* S bit is set. */
1537 set_ru_state(s, ru_suspended);
1538 }
1539 return size;
1540 }
1541
1542 static int nic_load(QEMUFile * f, void *opaque, int version_id)
1543 {
1544 EEPRO100State *s = opaque;
1545 int i;
1546 int ret;
1547
1548 if (version_id > 3)
1549 return -EINVAL;
1550
1551 if (version_id >= 3) {
1552 ret = pci_device_load(&s->dev, f);
1553 if (ret < 0)
1554 return ret;
1555 }
1556
1557 if (version_id >= 2) {
1558 qemu_get_8s(f, &s->rxcr);
1559 } else {
1560 s->rxcr = 0x0c;
1561 }
1562
1563 qemu_get_8s(f, &s->cmd);
1564 qemu_get_be32s(f, &s->start);
1565 qemu_get_be32s(f, &s->stop);
1566 qemu_get_8s(f, &s->boundary);
1567 qemu_get_8s(f, &s->tsr);
1568 qemu_get_8s(f, &s->tpsr);
1569 qemu_get_be16s(f, &s->tcnt);
1570 qemu_get_be16s(f, &s->rcnt);
1571 qemu_get_be32s(f, &s->rsar);
1572 qemu_get_8s(f, &s->rsr);
1573 qemu_get_8s(f, &s->isr);
1574 qemu_get_8s(f, &s->dcfg);
1575 qemu_get_8s(f, &s->imr);
1576 qemu_get_buffer(f, s->phys, 6);
1577 qemu_get_8s(f, &s->curpag);
1578 qemu_get_buffer(f, s->mult, 8);
1579 qemu_get_buffer(f, s->mem, sizeof(s->mem));
1580
1581 /* Restore all members of struct between scv_stat and mem */
1582 qemu_get_8s(f, &s->scb_stat);
1583 qemu_get_8s(f, &s->int_stat);
1584 for (i = 0; i < 3; i++)
1585 qemu_get_be32s(f, &s->region[i]);
1586 qemu_get_buffer(f, s->macaddr, 6);
1587 for (i = 0; i < 19; i++)
1588 qemu_get_be32s(f, &s->statcounter[i]);
1589 for (i = 0; i < 32; i++)
1590 qemu_get_be16s(f, &s->mdimem[i]);
1591 /* The eeprom should be saved and restored by its own routines */
1592 qemu_get_be32s(f, &s->device);
1593 qemu_get_be32s(f, &s->pointer);
1594 qemu_get_be32s(f, &s->cu_base);
1595 qemu_get_be32s(f, &s->cu_offset);
1596 qemu_get_be32s(f, &s->ru_base);
1597 qemu_get_be32s(f, &s->ru_offset);
1598 qemu_get_be32s(f, &s->statsaddr);
1599 /* Restore epro100_stats_t statistics */
1600 qemu_get_be32s(f, &s->statistics.tx_good_frames);
1601 qemu_get_be32s(f, &s->statistics.tx_max_collisions);
1602 qemu_get_be32s(f, &s->statistics.tx_late_collisions);
1603 qemu_get_be32s(f, &s->statistics.tx_underruns);
1604 qemu_get_be32s(f, &s->statistics.tx_lost_crs);
1605 qemu_get_be32s(f, &s->statistics.tx_deferred);
1606 qemu_get_be32s(f, &s->statistics.tx_single_collisions);
1607 qemu_get_be32s(f, &s->statistics.tx_multiple_collisions);
1608 qemu_get_be32s(f, &s->statistics.tx_total_collisions);
1609 qemu_get_be32s(f, &s->statistics.rx_good_frames);
1610 qemu_get_be32s(f, &s->statistics.rx_crc_errors);
1611 qemu_get_be32s(f, &s->statistics.rx_alignment_errors);
1612 qemu_get_be32s(f, &s->statistics.rx_resource_errors);
1613 qemu_get_be32s(f, &s->statistics.rx_overrun_errors);
1614 qemu_get_be32s(f, &s->statistics.rx_cdt_errors);
1615 qemu_get_be32s(f, &s->statistics.rx_short_frame_errors);
1616 qemu_get_be32s(f, &s->statistics.fc_xmt_pause);
1617 qemu_get_be32s(f, &s->statistics.fc_rcv_pause);
1618 qemu_get_be32s(f, &s->statistics.fc_rcv_unsupported);
1619 qemu_get_be16s(f, &s->statistics.xmt_tco_frames);
1620 qemu_get_be16s(f, &s->statistics.rcv_tco_frames);
1621 qemu_get_be32s(f, &s->statistics.complete);
1622 #if 0
1623 qemu_get_be16s(f, &s->status);
1624 #endif
1625
1626 /* Configuration bytes. */
1627 qemu_get_buffer(f, s->configuration, sizeof(s->configuration));
1628
1629 return 0;
1630 }
1631
1632 static void nic_save(QEMUFile * f, void *opaque)
1633 {
1634 EEPRO100State *s = opaque;
1635 int i;
1636
1637 pci_device_save(&s->dev, f);
1638
1639 qemu_put_8s(f, &s->rxcr);
1640
1641 qemu_put_8s(f, &s->cmd);
1642 qemu_put_be32s(f, &s->start);
1643 qemu_put_be32s(f, &s->stop);
1644 qemu_put_8s(f, &s->boundary);
1645 qemu_put_8s(f, &s->tsr);
1646 qemu_put_8s(f, &s->tpsr);
1647 qemu_put_be16s(f, &s->tcnt);
1648 qemu_put_be16s(f, &s->rcnt);
1649 qemu_put_be32s(f, &s->rsar);
1650 qemu_put_8s(f, &s->rsr);
1651 qemu_put_8s(f, &s->isr);
1652 qemu_put_8s(f, &s->dcfg);
1653 qemu_put_8s(f, &s->imr);
1654 qemu_put_buffer(f, s->phys, 6);
1655 qemu_put_8s(f, &s->curpag);
1656 qemu_put_buffer(f, s->mult, 8);
1657 qemu_put_buffer(f, s->mem, sizeof(s->mem));
1658
1659 /* Save all members of struct between scv_stat and mem */
1660 qemu_put_8s(f, &s->scb_stat);
1661 qemu_put_8s(f, &s->int_stat);
1662 for (i = 0; i < 3; i++)
1663 qemu_put_be32s(f, &s->region[i]);
1664 qemu_put_buffer(f, s->macaddr, 6);
1665 for (i = 0; i < 19; i++)
1666 qemu_put_be32s(f, &s->statcounter[i]);
1667 for (i = 0; i < 32; i++)
1668 qemu_put_be16s(f, &s->mdimem[i]);
1669 /* The eeprom should be saved and restored by its own routines */
1670 qemu_put_be32s(f, &s->device);
1671 qemu_put_be32s(f, &s->pointer);
1672 qemu_put_be32s(f, &s->cu_base);
1673 qemu_put_be32s(f, &s->cu_offset);
1674 qemu_put_be32s(f, &s->ru_base);
1675 qemu_put_be32s(f, &s->ru_offset);
1676 qemu_put_be32s(f, &s->statsaddr);
1677 /* Save epro100_stats_t statistics */
1678 qemu_put_be32s(f, &s->statistics.tx_good_frames);
1679 qemu_put_be32s(f, &s->statistics.tx_max_collisions);
1680 qemu_put_be32s(f, &s->statistics.tx_late_collisions);
1681 qemu_put_be32s(f, &s->statistics.tx_underruns);
1682 qemu_put_be32s(f, &s->statistics.tx_lost_crs);
1683 qemu_put_be32s(f, &s->statistics.tx_deferred);
1684 qemu_put_be32s(f, &s->statistics.tx_single_collisions);
1685 qemu_put_be32s(f, &s->statistics.tx_multiple_collisions);
1686 qemu_put_be32s(f, &s->statistics.tx_total_collisions);
1687 qemu_put_be32s(f, &s->statistics.rx_good_frames);
1688 qemu_put_be32s(f, &s->statistics.rx_crc_errors);
1689 qemu_put_be32s(f, &s->statistics.rx_alignment_errors);
1690 qemu_put_be32s(f, &s->statistics.rx_resource_errors);
1691 qemu_put_be32s(f, &s->statistics.rx_overrun_errors);
1692 qemu_put_be32s(f, &s->statistics.rx_cdt_errors);
1693 qemu_put_be32s(f, &s->statistics.rx_short_frame_errors);
1694 qemu_put_be32s(f, &s->statistics.fc_xmt_pause);
1695 qemu_put_be32s(f, &s->statistics.fc_rcv_pause);
1696 qemu_put_be32s(f, &s->statistics.fc_rcv_unsupported);
1697 qemu_put_be16s(f, &s->statistics.xmt_tco_frames);
1698 qemu_put_be16s(f, &s->statistics.rcv_tco_frames);
1699 qemu_put_be32s(f, &s->statistics.complete);
1700 #if 0
1701 qemu_put_be16s(f, &s->status);
1702 #endif
1703
1704 /* Configuration bytes. */
1705 qemu_put_buffer(f, s->configuration, sizeof(s->configuration));
1706 }
1707
1708 static void nic_cleanup(VLANClientState *vc)
1709 {
1710 EEPRO100State *s = vc->opaque;
1711
1712 unregister_savevm(vc->model, s);
1713
1714 eeprom93xx_free(s->eeprom);
1715 }
1716
1717 static int pci_nic_uninit(PCIDevice *dev)
1718 {
1719 EEPRO100State *s = DO_UPCAST(EEPRO100State, dev, dev);
1720
1721 cpu_unregister_io_memory(s->mmio_index);
1722
1723 return 0;
1724 }
1725
1726 static int nic_init(PCIDevice *pci_dev, uint32_t device)
1727 {
1728 EEPRO100State *s = DO_UPCAST(EEPRO100State, dev, pci_dev);
1729
1730 logout("\n");
1731
1732 s->dev.unregister = pci_nic_uninit;
1733
1734 s->device = device;
1735
1736 pci_reset(s);
1737
1738 /* Add 64 * 2 EEPROM. i82557 and i82558 support a 64 word EEPROM,
1739 * i82559 and later support 64 or 256 word EEPROM. */
1740 s->eeprom = eeprom93xx_new(EEPROM_SIZE);
1741
1742 /* Handler for memory-mapped I/O */
1743 s->mmio_index =
1744 cpu_register_io_memory(pci_mmio_read, pci_mmio_write, s);
1745
1746 pci_register_bar(&s->dev, 0, PCI_MEM_SIZE,
1747 PCI_ADDRESS_SPACE_MEM |
1748 PCI_ADDRESS_SPACE_MEM_PREFETCH, pci_mmio_map);
1749 pci_register_bar(&s->dev, 1, PCI_IO_SIZE, PCI_ADDRESS_SPACE_IO,
1750 pci_map);
1751 pci_register_bar(&s->dev, 2, PCI_FLASH_SIZE, PCI_ADDRESS_SPACE_MEM,
1752 pci_mmio_map);
1753
1754 qdev_get_macaddr(&s->dev.qdev, s->macaddr);
1755 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
1756 assert(s->region[1] == 0);
1757
1758 nic_reset(s);
1759
1760 s->vc = qdev_get_vlan_client(&s->dev.qdev,
1761 nic_can_receive, nic_receive, NULL,
1762 nic_cleanup, s);
1763
1764 qemu_format_nic_info_str(s->vc, s->macaddr);
1765
1766 qemu_register_reset(nic_reset, s);
1767
1768 register_savevm(s->vc->model, -1, 3, nic_save, nic_load, s);
1769 return 0;
1770 }
1771
1772 static int pci_i82551_init(PCIDevice *dev)
1773 {
1774 return nic_init(dev, i82551);
1775 }
1776
1777 static int pci_i82557b_init(PCIDevice *dev)
1778 {
1779 return nic_init(dev, i82557B);
1780 }
1781
1782 static int pci_i82559er_init(PCIDevice *dev)
1783 {
1784 return nic_init(dev, i82559ER);
1785 }
1786
1787 static PCIDeviceInfo eepro100_info[] = {
1788 {
1789 .qdev.name = "i82551",
1790 .qdev.size = sizeof(EEPRO100State),
1791 .init = pci_i82551_init,
1792 },{
1793 .qdev.name = "i82557b",
1794 .qdev.size = sizeof(EEPRO100State),
1795 .init = pci_i82557b_init,
1796 },{
1797 .qdev.name = "i82559er",
1798 .qdev.size = sizeof(EEPRO100State),
1799 .init = pci_i82559er_init,
1800 },{
1801 /* end of list */
1802 }
1803 };
1804
1805 static void eepro100_register_devices(void)
1806 {
1807 pci_qdev_register_many(eepro100_info);
1808 }
1809
1810 device_init(eepro100_register_devices)
QEmu