]> git.proxmox.com Git - mirror_qemu.git/blame - hw/eepro100.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix infinite loop in VNC support, by Marc Bevand.
[mirror_qemu.git] / hw / eepro100.c
CommitLineData
663e8e51
TS		 1/*
2 * QEMU i8255x (PRO100) emulation
3 *
4 * Copyright (c) 2006-2007 Stefan Weil
5 *
6 * Portions of the code are copies from grub / etherboot eepro100.c
7 * and linux e100.c.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22 *
23 * Tested features (i82559):
24 * PXE boot (i386) no valid link
25 * Linux networking (i386) ok
26 *
27 * Untested:
28 * non-i386 platforms
29 * Windows networking
30 *
31 * References:
32 *
33 * Intel 8255x 10/100 Mbps Ethernet Controller Family
34 * Open Source Software Developer Manual
35 */
36
37#if defined(TARGET_I386)
38# warning "PXE boot still not working!"
39#endif
40
41#include <assert.h>
42#include <stddef.h> /* offsetof */
43#include "vl.h"
44#include "eeprom93xx.h"
45
46/* Common declarations for all PCI devices. */
47
48#define PCI_VENDOR_ID 0x00 /* 16 bits */
49#define PCI_DEVICE_ID 0x02 /* 16 bits */
50#define PCI_COMMAND 0x04 /* 16 bits */
51#define PCI_STATUS 0x06 /* 16 bits */
52
53#define PCI_REVISION_ID 0x08 /* 8 bits */
54#define PCI_CLASS_CODE 0x0b /* 8 bits */
55#define PCI_SUBCLASS_CODE 0x0a /* 8 bits */
56#define PCI_HEADER_TYPE 0x0e /* 8 bits */
57
58#define PCI_BASE_ADDRESS_0 0x10 /* 32 bits */
59#define PCI_BASE_ADDRESS_1 0x14 /* 32 bits */
60#define PCI_BASE_ADDRESS_2 0x18 /* 32 bits */
61#define PCI_BASE_ADDRESS_3 0x1c /* 32 bits */
62#define PCI_BASE_ADDRESS_4 0x20 /* 32 bits */
63#define PCI_BASE_ADDRESS_5 0x24 /* 32 bits */
64
65#define PCI_CONFIG_8(offset, value) \
66 (pci_conf[offset] = (value))
67#define PCI_CONFIG_16(offset, value) \
68 (*(uint16_t *)&pci_conf[offset] = cpu_to_le16(value))
69#define PCI_CONFIG_32(offset, value) \
70 (*(uint32_t *)&pci_conf[offset] = cpu_to_le32(value))
71
72#define KiB 1024
73
74/* debug EEPRO100 card */
75//~ #define DEBUG_EEPRO100
76
77#ifdef DEBUG_EEPRO100
78#define logout(fmt, args...) fprintf(stderr, "EE100\t%-24s" fmt, __func__, ##args)
79#else
80#define logout(fmt, args...) ((void)0)
81#endif
82
83/* Set flags to 0 to disable debug output. */
84#define MDI 0
85
86#define TRACE(flag, command) ((flag) ? (command) : (void)0)
87
88#define missing(text) assert(!"feature is missing in this emulation: " text)
89
90#define MAX_ETH_FRAME_SIZE 1514
91
92/* This driver supports several different devices which are declared here. */
93#define i82551 0x82551
94#define i82557B 0x82557b
95#define i82557C 0x82557c
96#define i82558B 0x82558b
97#define i82559C 0x82559c
98#define i82559ER 0x82559e
99#define i82562 0x82562
100
101#define EEPROM_SIZE 64
102
103#define PCI_MEM_SIZE (4 * KiB)
104#define PCI_IO_SIZE 64
105#define PCI_FLASH_SIZE (128 * KiB)
106
107#define BIT(n) (1 << (n))
108#define BITS(n, m) (((0xffffffffU << (31 - n)) >> (31 - n + m)) << m)
109
110/* The SCB accepts the following controls for the Tx and Rx units: */
111#define CU_NOP 0x0000 /* No operation. */
112#define CU_START 0x0010 /* CU start. */
113#define CU_RESUME 0x0020 /* CU resume. */
114#define CU_STATSADDR 0x0040 /* Load dump counters address. */
115#define CU_SHOWSTATS 0x0050 /* Dump statistical counters. */
116#define CU_CMD_BASE 0x0060 /* Load CU base address. */
117#define CU_DUMPSTATS 0x0070 /* Dump and reset statistical counters. */
118#define CU_SRESUME 0x00a0 /* CU static resume. */
119
120#define RU_NOP 0x0000
121#define RX_START 0x0001
122#define RX_RESUME 0x0002
123#define RX_ABORT 0x0004
124#define RX_ADDR_LOAD 0x0006
125#define RX_RESUMENR 0x0007
126#define INT_MASK 0x0100
127#define DRVR_INT 0x0200 /* Driver generated interrupt. */
128
129typedef unsigned char bool;
130
131/* Offsets to the various registers.
132 All accesses need not be longword aligned. */
133enum speedo_offsets {
134 SCBStatus = 0,
135 SCBAck = 1,
136 SCBCmd = 2, /* Rx/Command Unit command and status. */
137 SCBIntmask = 3,
138 SCBPointer = 4, /* General purpose pointer. */
139 SCBPort = 8, /* Misc. commands and operands. */
140 SCBflash = 12, SCBeeprom = 14, /* EEPROM and flash memory control. */
141 SCBCtrlMDI = 16, /* MDI interface control. */
142 SCBEarlyRx = 20, /* Early receive byte count. */
143};
144
145/* A speedo3 transmit buffer descriptor with two buffers... */
146typedef struct {
147 uint16_t status;
148 uint16_t command;
149 uint32_t link; /* void * */
150 uint32_t tx_desc_addr; /* transmit buffer decsriptor array address. */
151 uint16_t tcb_bytes; /* transmit command block byte count (in lower 14 bits */
152 uint8_t tx_threshold; /* transmit threshold */
153 uint8_t tbd_count; /* TBD number */
154 //~ /* This constitutes two "TBD" entries: hdr and data */
155 //~ uint32_t tx_buf_addr0; /* void *, header of frame to be transmitted. */
156 //~ int32_t tx_buf_size0; /* Length of Tx hdr. */
157 //~ uint32_t tx_buf_addr1; /* void *, data to be transmitted. */
158 //~ int32_t tx_buf_size1; /* Length of Tx data. */
159} eepro100_tx_t;
160
161/* Receive frame descriptor. */
162typedef struct {
163 int16_t status;
164 uint16_t command;
165 uint32_t link; /* struct RxFD * */
166 uint32_t rx_buf_addr; /* void * */
167 uint16_t count;
168 uint16_t size;
169 char packet[MAX_ETH_FRAME_SIZE + 4];
170} eepro100_rx_t;
171
172typedef struct {
173 uint32_t tx_good_frames, tx_max_collisions, tx_late_collisions,
174 tx_underruns, tx_lost_crs, tx_deferred, tx_single_collisions,
175 tx_multiple_collisions, tx_total_collisions;
176 uint32_t rx_good_frames, rx_crc_errors, rx_alignment_errors,
177 rx_resource_errors, rx_overrun_errors, rx_cdt_errors,
178 rx_short_frame_errors;
179 uint32_t fc_xmt_pause, fc_rcv_pause, fc_rcv_unsupported;
180 uint16_t xmt_tco_frames, rcv_tco_frames;
181 uint32_t complete;
182} eepro100_stats_t;
183
184typedef enum {
185 cu_idle = 0,
186 cu_suspended = 1,
187 cu_active = 2,
188 cu_lpq_active = 2,
189 cu_hqp_active = 3
190} cu_state_t;
191
192typedef enum {
193 ru_idle = 0,
194 ru_suspended = 1,
195 ru_no_resources = 2,
196 ru_ready = 4
197} ru_state_t;
198
199#if defined(__BIG_ENDIAN_BITFIELD)
200#define X(a,b) b,a
201#else
202#define X(a,b) a,b
203#endif
204
205typedef struct {
206#if 1
207 uint8_t cmd;
208 uint32_t start;
209 uint32_t stop;
210 uint8_t boundary;
211 uint8_t tsr;
212 uint8_t tpsr;
213 uint16_t tcnt;
214 uint16_t rcnt;
215 uint32_t rsar;
216 uint8_t rsr;
217 uint8_t rxcr;
218 uint8_t isr;
219 uint8_t dcfg;
220 uint8_t imr;
221 uint8_t phys[6]; /* mac address */
222 uint8_t curpag;
223 uint8_t mult[8]; /* multicast mask array */
224 int mmio_index;
225 PCIDevice *pci_dev;
226 VLANClientState *vc;
227#endif
228 uint8_t scb_stat; /* SCB stat/ack byte */
229 uint8_t int_stat; /* PCI interrupt status */
230 uint32_t region[3]; /* PCI region addresses */
231 uint8_t macaddr[6];
232 uint32_t statcounter[19];
233 uint16_t mdimem[32];
234 eeprom_t *eeprom;
235 uint32_t device; /* device variant */
236 uint32_t pointer;
237 /* (cu_base + cu_offset) address the next command block in the command block list. */
238 uint32_t cu_base; /* CU base address */
239 uint32_t cu_offset; /* CU address offset */
240 /* (ru_base + ru_offset) address the RFD in the Receive Frame Area. */
241 uint32_t ru_base; /* RU base address */
242 uint32_t ru_offset; /* RU address offset */
243 uint32_t statsaddr; /* pointer to eepro100_stats_t */
244 eepro100_stats_t statistics; /* statistical counters */
245#if 0
246 uint16_t status;
247#endif
248
249 /* Configuration bytes. */
250 uint8_t configuration[22];
251
252 /* Data in mem is always in the byte order of the controller (le). */
253 uint8_t mem[PCI_MEM_SIZE];
254} EEPRO100State;
255
256/* Default values for MDI (PHY) registers */
257static const uint16_t eepro100_mdi_default[] = {
258 /* MDI Registers 0 - 6, 7 */
259 0x3000, 0x780d, 0x02a8, 0x0154, 0x05e1, 0x0000, 0x0000, 0x0000,
260 /* MDI Registers 8 - 15 */
261 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
262 /* MDI Registers 16 - 31 */
263 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
264 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
265};
266
267/* Readonly mask for MDI (PHY) registers */
268static const uint16_t eepro100_mdi_mask[] = {
269 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000,
270 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
271 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
272 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
273};
274
275#define POLYNOMIAL 0x04c11db6
276
277/* From FreeBSD */
278/* XXX: optimize */
279static int compute_mcast_idx(const uint8_t * ep)
280{
281 uint32_t crc;
282 int carry, i, j;
283 uint8_t b;
284
285 crc = 0xffffffff;
286 for (i = 0; i < 6; i++) {
287 b = *ep++;
288 for (j = 0; j < 8; j++) {
289 carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
290 crc <<= 1;
291 b >>= 1;
292 if (carry)
293 crc = ((crc ^ POLYNOMIAL) | carry);
294 }
295 }
296 return (crc >> 26);
297}
298
299#if defined(DEBUG_EEPRO100)
300static const char *nic_dump(const uint8_t * buf, unsigned size)
301{
302 static char dump[3 * 16 + 1];
303 char *p = &dump[0];
304 if (size > 16)
305 size = 16;
306 while (size-- > 0) {
307 p += sprintf(p, " %02x", *buf++);
308 }
309 return dump;
310}
311#endif /* DEBUG_EEPRO100 */
312
313enum scb_stat_ack {
314 stat_ack_not_ours = 0x00,
315 stat_ack_sw_gen = 0x04,
316 stat_ack_rnr = 0x10,
317 stat_ack_cu_idle = 0x20,
318 stat_ack_frame_rx = 0x40,
319 stat_ack_cu_cmd_done = 0x80,
320 stat_ack_not_present = 0xFF,
321 stat_ack_rx = (stat_ack_sw_gen | stat_ack_rnr | stat_ack_frame_rx),
322 stat_ack_tx = (stat_ack_cu_idle | stat_ack_cu_cmd_done),
323};
324
325static void disable_interrupt(EEPRO100State * s)
326{
327 if (s->int_stat) {
328 logout("interrupt disabled\n");
d537cf6c 329 qemu_irq_lower(s->pci_dev->irq[0]);
663e8e51
TS		 330 s->int_stat = 0;
331 }
332}
333
334static void enable_interrupt(EEPRO100State * s)
335{
336 if (!s->int_stat) {
337 logout("interrupt enabled\n");
d537cf6c 338 qemu_irq_raise(s->pci_dev->irq[0]);
663e8e51
TS		 339 s->int_stat = 1;
340 }
341}
342
343static void eepro100_acknowledge(EEPRO100State * s)
344{
345 s->scb_stat &= ~s->mem[SCBAck];
346 s->mem[SCBAck] = s->scb_stat;
347 if (s->scb_stat == 0) {
348 disable_interrupt(s);
349 }
350}
351
352static void eepro100_interrupt(EEPRO100State * s, uint8_t stat)
353{
354 uint8_t mask = ~s->mem[SCBIntmask];
355 s->mem[SCBAck] |= stat;
356 stat = s->scb_stat = s->mem[SCBAck];
357 stat &= (mask | 0x0f);
358 //~ stat &= (~s->mem[SCBIntmask] | 0x0xf);
359 if (stat && (mask & 0x01)) {
360 /* SCB mask and SCB Bit M do not disable interrupt. */
361 enable_interrupt(s);
362 } else if (s->int_stat) {
363 disable_interrupt(s);
364 }
365}
366
367static void eepro100_cx_interrupt(EEPRO100State * s)
368{
369 /* CU completed action command. */
370 /* Transmit not ok (82557 only, not in emulation). */
371 eepro100_interrupt(s, 0x80);
372}
373
374static void eepro100_cna_interrupt(EEPRO100State * s)
375{
376 /* CU left the active state. */
377 eepro100_interrupt(s, 0x20);
378}
379
380static void eepro100_fr_interrupt(EEPRO100State * s)
381{
382 /* RU received a complete frame. */
383 eepro100_interrupt(s, 0x40);
384}
385
386#if 0
387static void eepro100_rnr_interrupt(EEPRO100State * s)
388{
389 /* RU is not ready. */
390 eepro100_interrupt(s, 0x10);
391}
392#endif
393
394static void eepro100_mdi_interrupt(EEPRO100State * s)
395{
396 /* MDI completed read or write cycle. */
397 eepro100_interrupt(s, 0x08);
398}
399
400static void eepro100_swi_interrupt(EEPRO100State * s)
401{
402 /* Software has requested an interrupt. */
403 eepro100_interrupt(s, 0x04);
404}
405
406#if 0
407static void eepro100_fcp_interrupt(EEPRO100State * s)
408{
409 /* Flow control pause interrupt (82558 and later). */
410 eepro100_interrupt(s, 0x01);
411}
412#endif
413
414static void pci_reset(EEPRO100State * s)
415{
416 uint32_t device = s->device;
417 uint8_t *pci_conf = s->pci_dev->config;
418
419 logout("%p\n", s);
420
421 /* PCI Vendor ID */
422 PCI_CONFIG_16(PCI_VENDOR_ID, 0x8086);
423 /* PCI Device ID */
424 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
425 /* PCI Command */
426 PCI_CONFIG_16(PCI_COMMAND, 0x0000);
427 /* PCI Status */
428 PCI_CONFIG_16(PCI_STATUS, 0x2800);
429 /* PCI Revision ID */
430 PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
431 /* PCI Class Code */
432 PCI_CONFIG_8(0x09, 0x00);
433 PCI_CONFIG_8(PCI_SUBCLASS_CODE, 0x00); // ethernet network controller
434 PCI_CONFIG_8(PCI_CLASS_CODE, 0x02); // network controller
435 /* PCI Cache Line Size */
436 /* check cache line size!!! */
437 //~ PCI_CONFIG_8(0x0c, 0x00);
438 /* PCI Latency Timer */
439 PCI_CONFIG_8(0x0d, 0x20); // latency timer = 32 clocks
440 /* PCI Header Type */
441 /* BIST (built-in self test) */
442#if defined(TARGET_I386)
443// !!! workaround for buggy bios
444//~ #define PCI_ADDRESS_SPACE_MEM_PREFETCH 0
445#endif
446#if 0
447 /* PCI Base Address Registers */
448 /* CSR Memory Mapped Base Address */
449 PCI_CONFIG_32(PCI_BASE_ADDRESS_0,
450 PCI_ADDRESS_SPACE_MEM | PCI_ADDRESS_SPACE_MEM_PREFETCH);
451 /* CSR I/O Mapped Base Address */
452 PCI_CONFIG_32(PCI_BASE_ADDRESS_1, PCI_ADDRESS_SPACE_IO);
453#if 0
454 /* Flash Memory Mapped Base Address */
455 PCI_CONFIG_32(PCI_BASE_ADDRESS_2, 0xfffe0000 | PCI_ADDRESS_SPACE_MEM);
456#endif
457#endif
458 /* Expansion ROM Base Address (depends on boot disable!!!) */
459 PCI_CONFIG_32(0x30, 0x00000000);
460 /* Capability Pointer */
461 PCI_CONFIG_8(0x34, 0xdc);
462 /* Interrupt Pin */
463 PCI_CONFIG_8(0x3d, 1); // interrupt pin 0
464 /* Minimum Grant */
465 PCI_CONFIG_8(0x3e, 0x08);
466 /* Maximum Latency */
467 PCI_CONFIG_8(0x3f, 0x18);
468 /* Power Management Capabilities / Next Item Pointer / Capability ID */
469 PCI_CONFIG_32(0xdc, 0x7e210001);
470
471 switch (device) {
472 case i82551:
473 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
474 PCI_CONFIG_8(PCI_REVISION_ID, 0x0f);
475 break;
476 case i82557B:
477 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
478 PCI_CONFIG_8(PCI_REVISION_ID, 0x02);
479 break;
480 case i82557C:
481 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
482 PCI_CONFIG_8(PCI_REVISION_ID, 0x03);
483 break;
484 case i82558B:
485 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
486 PCI_CONFIG_16(PCI_STATUS, 0x2810);
487 PCI_CONFIG_8(PCI_REVISION_ID, 0x05);
488 break;
489 case i82559C:
490 PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
491 PCI_CONFIG_16(PCI_STATUS, 0x2810);
492 //~ PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
493 break;
494 case i82559ER:
495 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
496 PCI_CONFIG_16(PCI_STATUS, 0x2810);
497 PCI_CONFIG_8(PCI_REVISION_ID, 0x09);
498 break;
499 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1029);
500 //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1030); /* 82559 InBusiness 10/100 */
501 default:
502 logout("Device %X is undefined!\n", device);
503 }
504
505 if (device == i82557C || device == i82558B || device == i82559C) {
506 logout("Get device id and revision from EEPROM!!!\n");
507 }
508}
509
510static void nic_selective_reset(EEPRO100State * s)
511{
512 size_t i;
513 uint16_t *eeprom_contents = eeprom93xx_data(s->eeprom);
514 //~ eeprom93xx_reset(s->eeprom);
515 memcpy(eeprom_contents, s->macaddr, 6);
516 eeprom_contents[0xa] = 0x4000;
517 uint16_t sum = 0;
518 for (i = 0; i < EEPROM_SIZE - 1; i++) {
519 sum += eeprom_contents[i];
520 }
521 eeprom_contents[EEPROM_SIZE - 1] = 0xbaba - sum;
522
523 memset(s->mem, 0, sizeof(s->mem));
524 uint32_t val = BIT(21);
525 memcpy(&s->mem[SCBCtrlMDI], &val, sizeof(val));
526
527 assert(sizeof(s->mdimem) == sizeof(eepro100_mdi_default));
528 memcpy(&s->mdimem[0], &eepro100_mdi_default[0], sizeof(s->mdimem));
529}
530
531static void nic_reset(void *opaque)
532{
533 EEPRO100State *s = (EEPRO100State *) opaque;
534 logout("%p\n", s);
535 static int first;
536 if (!first) {
537 first = 1;
538 }
539 nic_selective_reset(s);
540}
541
542#if defined(DEBUG_EEPRO100)
543static const char *reg[PCI_IO_SIZE / 4] = {
544 "Command/Status",
545 "General Pointer",
546 "Port",
547 "EEPROM/Flash Control",
548 "MDI Control",
549 "Receive DMA Byte Count",
550 "Flow control register",
551 "General Status/Control"
552};
553
554static char *regname(uint32_t addr)
555{
556 static char buf[16];
557 if (addr < PCI_IO_SIZE) {
558 const char *r = reg[addr / 4];
559 if (r != 0) {
560 sprintf(buf, "%s+%u", r, addr % 4);
561 } else {
562 sprintf(buf, "0x%02x", addr);
563 }
564 } else {
565 sprintf(buf, "??? 0x%08x", addr);
566 }
567 return buf;
568}
569#endif /* DEBUG_EEPRO100 */
570
571#if 0
572static uint16_t eepro100_read_status(EEPRO100State * s)
573{
574 uint16_t val = s->status;
575 logout("val=0x%04x\n", val);
576 return val;
577}
578
579static void eepro100_write_status(EEPRO100State * s, uint16_t val)
580{
581 logout("val=0x%04x\n", val);
582 s->status = val;
583}
584#endif
585
586/*****************************************************************************
587 *
588 * Command emulation.
589 *
590 ****************************************************************************/
591
592#if 0
593static uint16_t eepro100_read_command(EEPRO100State * s)
594{
595 uint16_t val = 0xffff;
596 //~ logout("val=0x%04x\n", val);
597 return val;
598}
599#endif
600
601/* Commands that can be put in a command list entry. */
602enum commands {
603 CmdNOp = 0,
604 CmdIASetup = 1,
605 CmdConfigure = 2,
606 CmdMulticastList = 3,
607 CmdTx = 4,
608 CmdTDR = 5, /* load microcode */
609 CmdDump = 6,
610 CmdDiagnose = 7,
611
612 /* And some extra flags: */
613 CmdSuspend = 0x4000, /* Suspend after completion. */
614 CmdIntr = 0x2000, /* Interrupt after completion. */
615 CmdTxFlex = 0x0008, /* Use "Flexible mode" for CmdTx command. */
616};
617
618static cu_state_t get_cu_state(EEPRO100State * s)
619{
620 return ((s->mem[SCBStatus] >> 6) & 0x03);
621}
622
623static void set_cu_state(EEPRO100State * s, cu_state_t state)
624{
625 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0x3f) + (state << 6);
626}
627
628static ru_state_t get_ru_state(EEPRO100State * s)
629{
630 return ((s->mem[SCBStatus] >> 2) & 0x0f);
631}
632
633static void set_ru_state(EEPRO100State * s, ru_state_t state)
634{
635 s->mem[SCBStatus] = (s->mem[SCBStatus] & 0xc3) + (state << 2);
636}
637
638static void dump_statistics(EEPRO100State * s)
639{
640 /* Dump statistical data. Most data is never changed by the emulation
641 * and always 0, so we first just copy the whole block and then those
642 * values which really matter.
643 * Number of data should check configuration!!!
644 */
645 cpu_physical_memory_write(s->statsaddr, (uint8_t *) & s->statistics, 64);
646 stl_phys(s->statsaddr + 0, s->statistics.tx_good_frames);
647 stl_phys(s->statsaddr + 36, s->statistics.rx_good_frames);
648 stl_phys(s->statsaddr + 48, s->statistics.rx_resource_errors);
649 stl_phys(s->statsaddr + 60, s->statistics.rx_short_frame_errors);
650 //~ stw_phys(s->statsaddr + 76, s->statistics.xmt_tco_frames);
651 //~ stw_phys(s->statsaddr + 78, s->statistics.rcv_tco_frames);
652 //~ missing("CU dump statistical counters");
653}
654
655static void eepro100_cu_command(EEPRO100State * s, uint8_t val)
656{
657 eepro100_tx_t tx;
658 uint32_t cb_address;
659 switch (val) {
660 case CU_NOP:
661 /* No operation. */
662 break;
663 case CU_START:
664 if (get_cu_state(s) != cu_idle) {
665 /* Intel documentation says that CU must be idle for the CU
666 * start command. Intel driver for Linux also starts the CU
667 * from suspended state. */
668 logout("CU state is %u, should be %u\n", get_cu_state(s), cu_idle);
669 //~ assert(!"wrong CU state");
670 }
671 set_cu_state(s, cu_active);
672 s->cu_offset = s->pointer;
673 next_command:
674 cb_address = s->cu_base + s->cu_offset;
675 cpu_physical_memory_read(cb_address, (uint8_t *) & tx, sizeof(tx));
676 uint16_t status = le16_to_cpu(tx.status);
677 uint16_t command = le16_to_cpu(tx.command);
678 logout
679 ("val=0x%02x (cu start), status=0x%04x, command=0x%04x, link=0x%08x\n",
680 val, status, command, tx.link);
681 bool bit_el = ((command & 0x8000) != 0);
682 bool bit_s = ((command & 0x4000) != 0);
683 bool bit_i = ((command & 0x2000) != 0);
684 bool bit_nc = ((command & 0x0010) != 0);
685 //~ bool bit_sf = ((command & 0x0008) != 0);
686 uint16_t cmd = command & 0x0007;
687 s->cu_offset = le32_to_cpu(tx.link);
688 switch (cmd) {
689 case CmdNOp:
690 /* Do nothing. */
691 break;
692 case CmdIASetup:
693 cpu_physical_memory_read(cb_address + 8, &s->macaddr[0], 6);
694 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
695 break;
696 case CmdConfigure:
697 cpu_physical_memory_read(cb_address + 8, &s->configuration[0],
698 sizeof(s->configuration));
699 logout("configuration: %s\n", nic_dump(&s->configuration[0], 16));
700 break;
701 case CmdMulticastList:
702 //~ missing("multicast list");
703 break;
704 case CmdTx:
705 (void)0;
706 uint32_t tbd_array = le32_to_cpu(tx.tx_desc_addr);
707 uint16_t tcb_bytes = (le16_to_cpu(tx.tcb_bytes) & 0x3fff);
708 logout
709 ("transmit, TBD array address 0x%08x, TCB byte count 0x%04x, TBD count %u\n",
710 tbd_array, tcb_bytes, tx.tbd_count);
711 assert(!bit_nc);
712 //~ assert(!bit_sf);
713 assert(tcb_bytes <= 2600);
714 /* Next assertion fails for local configuration. */
715 //~ assert((tcb_bytes > 0) || (tbd_array != 0xffffffff));
716 if (!((tcb_bytes > 0) || (tbd_array != 0xffffffff))) {
717 logout
718 ("illegal values of TBD array address and TCB byte count!\n");
719 }
720 uint8_t buf[MAX_ETH_FRAME_SIZE + 4];
721 uint16_t size = 0;
722 uint32_t tbd_address = cb_address + 0x10;
723 assert(tcb_bytes <= sizeof(buf));
724 while (size < tcb_bytes) {
725 uint32_t tx_buffer_address = ldl_phys(tbd_address);
726 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
727 //~ uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
728 tbd_address += 8;
729 logout
730 ("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n",
731 tx_buffer_address, tx_buffer_size);
732 cpu_physical_memory_read(tx_buffer_address, &buf[size],
733 tx_buffer_size);
734 size += tx_buffer_size;
735 }
736 if (tbd_array == 0xffffffff) {
737 /* Simplified mode. Was already handled by code above. */
738 } else {
739 /* Flexible mode. */
740 uint8_t tbd_count = 0;
741 if (!(s->configuration[6] & BIT(4))) {
742 /* Extended TCB. */
743 assert(tcb_bytes == 0);
744 for (; tbd_count < 2; tbd_count++) {
745 uint32_t tx_buffer_address = ldl_phys(tbd_address);
746 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
747 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
748 tbd_address += 8;
749 logout
750 ("TBD (extended mode): buffer address 0x%08x, size 0x%04x\n",
751 tx_buffer_address, tx_buffer_size);
752 cpu_physical_memory_read(tx_buffer_address, &buf[size],
753 tx_buffer_size);
754 size += tx_buffer_size;
755 if (tx_buffer_el & 1) {
756 break;
757 }
758 }
759 }
760 tbd_address = tbd_array;
761 for (; tbd_count < tx.tbd_count; tbd_count++) {
762 uint32_t tx_buffer_address = ldl_phys(tbd_address);
763 uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
764 uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
765 tbd_address += 8;
766 logout
767 ("TBD (flexible mode): buffer address 0x%08x, size 0x%04x\n",
768 tx_buffer_address, tx_buffer_size);
769 cpu_physical_memory_read(tx_buffer_address, &buf[size],
770 tx_buffer_size);
771 size += tx_buffer_size;
772 if (tx_buffer_el & 1) {
773 break;
774 }
775 }
776 }
777 qemu_send_packet(s->vc, buf, size);
778 s->statistics.tx_good_frames++;
779 /* Transmit with bad status would raise an CX/TNO interrupt.
780 * (82557 only). Emulation never has bad status. */
781 //~ eepro100_cx_interrupt(s);
782 break;
783 case CmdTDR:
784 logout("load microcode\n");
785 /* Starting with offset 8, the command contains
786 * 64 dwords microcode which we just ignore here. */
787 break;
788 default:
789 missing("undefined command");
790 }
791 /* Write new status (success). */
792 stw_phys(cb_address, status | 0x8000 | 0x2000);
793 if (bit_i) {
794 /* CU completed action. */
795 eepro100_cx_interrupt(s);
796 }
797 if (bit_el) {
798 /* CU becomes idle. */
799 set_cu_state(s, cu_idle);
800 eepro100_cna_interrupt(s);
801 } else if (bit_s) {
802 /* CU becomes suspended. */
803 set_cu_state(s, cu_suspended);
804 eepro100_cna_interrupt(s);
805 } else {
806 /* More entries in list. */
807 logout("CU list with at least one more entry\n");
808 goto next_command;
809 }
810 logout("CU list empty\n");
811 /* List is empty. Now CU is idle or suspended. */
812 break;
813 case CU_RESUME:
814 if (get_cu_state(s) != cu_suspended) {
815 logout("bad CU resume from CU state %u\n", get_cu_state(s));
816 /* Workaround for bad Linux eepro100 driver which resumes
817 * from idle state. */
818 //~ missing("cu resume");
819 set_cu_state(s, cu_suspended);
820 }
821 if (get_cu_state(s) == cu_suspended) {
822 logout("CU resuming\n");
823 set_cu_state(s, cu_active);
824 goto next_command;
825 }
826 break;
827 case CU_STATSADDR:
828 /* Load dump counters address. */
829 s->statsaddr = s->pointer;
830 logout("val=0x%02x (status address)\n", val);
831 break;
832 case CU_SHOWSTATS:
833 /* Dump statistical counters. */
834 dump_statistics(s);
835 break;
836 case CU_CMD_BASE:
837 /* Load CU base. */
838 logout("val=0x%02x (CU base address)\n", val);
839 s->cu_base = s->pointer;
840 break;
841 case CU_DUMPSTATS:
842 /* Dump and reset statistical counters. */
843 dump_statistics(s);
844 memset(&s->statistics, 0, sizeof(s->statistics));
845 break;
846 case CU_SRESUME:
847 /* CU static resume. */
848 missing("CU static resume");
849 break;
850 default:
851 missing("Undefined CU command");
852 }
853}
854
855static void eepro100_ru_command(EEPRO100State * s, uint8_t val)
856{
857 switch (val) {
858 case RU_NOP:
859 /* No operation. */
860 break;
861 case RX_START:
862 /* RU start. */
863 if (get_ru_state(s) != ru_idle) {
864 logout("RU state is %u, should be %u\n", get_ru_state(s), ru_idle);
865 //~ assert(!"wrong RU state");
866 }
867 set_ru_state(s, ru_ready);
868 s->ru_offset = s->pointer;
869 logout("val=0x%02x (rx start)\n", val);
870 break;
871 case RX_RESUME:
872 /* Restart RU. */
873 if (get_ru_state(s) != ru_suspended) {
874 logout("RU state is %u, should be %u\n", get_ru_state(s),
875 ru_suspended);
876 //~ assert(!"wrong RU state");
877 }
878 set_ru_state(s, ru_ready);
879 break;
880 case RX_ADDR_LOAD:
881 /* Load RU base. */
882 logout("val=0x%02x (RU base address)\n", val);
883 s->ru_base = s->pointer;
884 break;
885 default:
886 logout("val=0x%02x (undefined RU command)\n", val);
887 missing("Undefined SU command");
888 }
889}
890
891static void eepro100_write_command(EEPRO100State * s, uint8_t val)
892{
893 eepro100_ru_command(s, val & 0x0f);
894 eepro100_cu_command(s, val & 0xf0);
895 if ((val) == 0) {
896 logout("val=0x%02x\n", val);
897 }
898 /* Clear command byte after command was accepted. */
899 s->mem[SCBCmd] = 0;
900}
901
902/*****************************************************************************
903 *
904 * EEPROM emulation.
905 *
906 ****************************************************************************/
907
908#define EEPROM_CS 0x02
909#define EEPROM_SK 0x01
910#define EEPROM_DI 0x04
911#define EEPROM_DO 0x08
912
913static uint16_t eepro100_read_eeprom(EEPRO100State * s)
914{
915 uint16_t val;
916 memcpy(&val, &s->mem[SCBeeprom], sizeof(val));
917 if (eeprom93xx_read(s->eeprom)) {
918 val |= EEPROM_DO;
919 } else {
920 val &= ~EEPROM_DO;
921 }
922 return val;
923}
924
925static void eepro100_write_eeprom(eeprom_t * eeprom, uint8_t val)
926{
927 logout("write val=0x%02x\n", val);
928
929 /* mask unwriteable bits */
930 //~ val = SET_MASKED(val, 0x31, eeprom->value);
931
932 int eecs = ((val & EEPROM_CS) != 0);
933 int eesk = ((val & EEPROM_SK) != 0);
934 int eedi = ((val & EEPROM_DI) != 0);
935 eeprom93xx_write(eeprom, eecs, eesk, eedi);
936}
937
938static void eepro100_write_pointer(EEPRO100State * s, uint32_t val)
939{
940 s->pointer = le32_to_cpu(val);
941 logout("val=0x%08x\n", val);
942}
943
944/*****************************************************************************
945 *
946 * MDI emulation.
947 *
948 ****************************************************************************/
949
950#if defined(DEBUG_EEPRO100)
951static const char *mdi_op_name[] = {
952 "opcode 0",
953 "write",
954 "read",
955 "opcode 3"
956};
957
958static const char *mdi_reg_name[] = {
959 "Control",
960 "Status",
961 "PHY Identification (Word 1)",
962 "PHY Identification (Word 2)",
963 "Auto-Negotiation Advertisement",
964 "Auto-Negotiation Link Partner Ability",
965 "Auto-Negotiation Expansion"
966};
967#endif /* DEBUG_EEPRO100 */
968
969static uint32_t eepro100_read_mdi(EEPRO100State * s)
970{
971 uint32_t val;
972 memcpy(&val, &s->mem[0x10], sizeof(val));
973
974#ifdef DEBUG_EEPRO100
975 uint8_t raiseint = (val & BIT(29)) >> 29;
976 uint8_t opcode = (val & BITS(27, 26)) >> 26;
977 uint8_t phy = (val & BITS(25, 21)) >> 21;
978 uint8_t reg = (val & BITS(20, 16)) >> 16;
979 uint16_t data = (val & BITS(15, 0));
980#endif
981 /* Emulation takes no time to finish MDI transaction. */
982 val |= BIT(28);
983 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
984 val, raiseint, mdi_op_name[opcode], phy,
985 mdi_reg_name[reg], data));
986 return val;
987}
988
989//~ #define BITS(val, upper, lower) (val & ???)
990static void eepro100_write_mdi(EEPRO100State * s, uint32_t val)
991{
992 uint8_t raiseint = (val & BIT(29)) >> 29;
993 uint8_t opcode = (val & BITS(27, 26)) >> 26;
994 uint8_t phy = (val & BITS(25, 21)) >> 21;
995 uint8_t reg = (val & BITS(20, 16)) >> 16;
996 uint16_t data = (val & BITS(15, 0));
997 if (phy != 1) {
998 /* Unsupported PHY address. */
999 //~ logout("phy must be 1 but is %u\n", phy);
1000 data = 0;
1001 } else if (opcode != 1 && opcode != 2) {
1002 /* Unsupported opcode. */
1003 logout("opcode must be 1 or 2 but is %u\n", opcode);
1004 data = 0;
1005 } else if (reg > 6) {
1006 /* Unsupported register. */
1007 logout("register must be 0...6 but is %u\n", reg);
1008 data = 0;
1009 } else {
1010 TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
1011 val, raiseint, mdi_op_name[opcode], phy,
1012 mdi_reg_name[reg], data));
1013 if (opcode == 1) {
1014 /* MDI write */
1015 switch (reg) {
1016 case 0: /* Control Register */
1017 if (data & 0x8000) {
1018 /* Reset status and control registers to default. */
1019 s->mdimem[0] = eepro100_mdi_default[0];
1020 s->mdimem[1] = eepro100_mdi_default[1];
1021 data = s->mdimem[reg];
1022 } else {
1023 /* Restart Auto Configuration = Normal Operation */
1024 data &= ~0x0200;
1025 }
1026 break;
1027 case 1: /* Status Register */
1028 missing("not writable");
1029 data = s->mdimem[reg];
1030 break;
1031 case 2: /* PHY Identification Register (Word 1) */
1032 case 3: /* PHY Identification Register (Word 2) */
1033 missing("not implemented");
1034 break;
1035 case 4: /* Auto-Negotiation Advertisement Register */
1036 case 5: /* Auto-Negotiation Link Partner Ability Register */
1037 break;
1038 case 6: /* Auto-Negotiation Expansion Register */
1039 default:
1040 missing("not implemented");
1041 }
1042 s->mdimem[reg] = data;
1043 } else if (opcode == 2) {
1044 /* MDI read */
1045 switch (reg) {
1046 case 0: /* Control Register */
1047 if (data & 0x8000) {
1048 /* Reset status and control registers to default. */
1049 s->mdimem[0] = eepro100_mdi_default[0];
1050 s->mdimem[1] = eepro100_mdi_default[1];
1051 }
1052 break;
1053 case 1: /* Status Register */
1054 s->mdimem[reg] |= 0x0020;
1055 break;
1056 case 2: /* PHY Identification Register (Word 1) */
1057 case 3: /* PHY Identification Register (Word 2) */
1058 case 4: /* Auto-Negotiation Advertisement Register */
1059 break;
1060 case 5: /* Auto-Negotiation Link Partner Ability Register */
1061 s->mdimem[reg] = 0x41fe;
1062 break;
1063 case 6: /* Auto-Negotiation Expansion Register */
1064 s->mdimem[reg] = 0x0001;
1065 break;
1066 }
1067 data = s->mdimem[reg];
1068 }
1069 /* Emulation takes no time to finish MDI transaction.
1070 * Set MDI bit in SCB status register. */
1071 s->mem[SCBAck] |= 0x08;
1072 val |= BIT(28);
1073 if (raiseint) {
1074 eepro100_mdi_interrupt(s);
1075 }
1076 }
1077 val = (val & 0xffff0000) + data;
1078 memcpy(&s->mem[0x10], &val, sizeof(val));
1079}
1080
1081/*****************************************************************************
1082 *
1083 * Port emulation.
1084 *
1085 ****************************************************************************/
1086
1087#define PORT_SOFTWARE_RESET 0
1088#define PORT_SELFTEST 1
1089#define PORT_SELECTIVE_RESET 2
1090#define PORT_DUMP 3
1091#define PORT_SELECTION_MASK 3
1092
1093typedef struct {
1094 uint32_t st_sign; /* Self Test Signature */
1095 uint32_t st_result; /* Self Test Results */
1096} eepro100_selftest_t;
1097
1098static uint32_t eepro100_read_port(EEPRO100State * s)
1099{
1100 return 0;
1101}
1102
1103static void eepro100_write_port(EEPRO100State * s, uint32_t val)
1104{
1105 val = le32_to_cpu(val);
1106 uint32_t address = (val & ~PORT_SELECTION_MASK);
1107 uint8_t selection = (val & PORT_SELECTION_MASK);
1108 switch (selection) {
1109 case PORT_SOFTWARE_RESET:
1110 nic_reset(s);
1111 break;
1112 case PORT_SELFTEST:
1113 logout("selftest address=0x%08x\n", address);
1114 eepro100_selftest_t data;
1115 cpu_physical_memory_read(address, (uint8_t *) & data, sizeof(data));
1116 data.st_sign = 0xffffffff;
1117 data.st_result = 0;
1118 cpu_physical_memory_write(address, (uint8_t *) & data, sizeof(data));
1119 break;
1120 case PORT_SELECTIVE_RESET:
1121 logout("selective reset, selftest address=0x%08x\n", address);
1122 nic_selective_reset(s);
1123 break;
1124 default:
1125 logout("val=0x%08x\n", val);
1126 missing("unknown port selection");
1127 }
1128}
1129
1130/*****************************************************************************
1131 *
1132 * General hardware emulation.
1133 *
1134 ****************************************************************************/
1135
1136static uint8_t eepro100_read1(EEPRO100State * s, uint32_t addr)
1137{
1138 uint8_t val;
1139 if (addr <= sizeof(s->mem) - sizeof(val)) {
1140 memcpy(&val, &s->mem[addr], sizeof(val));
1141 }
1142
1143 switch (addr) {
1144 case SCBStatus:
1145 //~ val = eepro100_read_status(s);
1146 logout("addr=%s val=0x%02x\n", regname(addr), val);
1147 break;
1148 case SCBAck:
1149 //~ val = eepro100_read_status(s);
1150 logout("addr=%s val=0x%02x\n", regname(addr), val);
1151 break;
1152 case SCBCmd:
1153 logout("addr=%s val=0x%02x\n", regname(addr), val);
1154 //~ val = eepro100_read_command(s);
1155 break;
1156 case SCBIntmask:
1157 logout("addr=%s val=0x%02x\n", regname(addr), val);
1158 break;
1159 case SCBPort + 3:
1160 logout("addr=%s val=0x%02x\n", regname(addr), val);
1161 break;
1162 case SCBeeprom:
1163 val = eepro100_read_eeprom(s);
1164 break;
1165 case 0x1b: /* PMDR (power management driver register) */
1166 val = 0;
1167 logout("addr=%s val=0x%02x\n", regname(addr), val);
1168 break;
1169 case 0x1d: /* general status register */
1170 /* 100 Mbps full duplex, valid link */
1171 val = 0x07;
1172 logout("addr=General Status val=%02x\n", val);
1173 break;
1174 default:
1175 logout("addr=%s val=0x%02x\n", regname(addr), val);
1176 missing("unknown byte read");
1177 }
1178 return val;
1179}
1180
1181static uint16_t eepro100_read2(EEPRO100State * s, uint32_t addr)
1182{
1183 uint16_t val;
1184 if (addr <= sizeof(s->mem) - sizeof(val)) {
1185 memcpy(&val, &s->mem[addr], sizeof(val));
1186 }
1187
1188 logout("addr=%s val=0x%04x\n", regname(addr), val);
1189
1190 switch (addr) {
1191 case SCBStatus:
1192 //~ val = eepro100_read_status(s);
1193 break;
1194 case SCBeeprom:
1195 val = eepro100_read_eeprom(s);
1196 break;
1197 default:
1198 logout("addr=%s val=0x%04x\n", regname(addr), val);
1199 missing("unknown word read");
1200 }
1201 return val;
1202}
1203
1204static uint32_t eepro100_read4(EEPRO100State * s, uint32_t addr)
1205{
1206 uint32_t val;
1207 if (addr <= sizeof(s->mem) - sizeof(val)) {
1208 memcpy(&val, &s->mem[addr], sizeof(val));
1209 }
1210
1211 switch (addr) {
1212 case SCBStatus:
1213 //~ val = eepro100_read_status(s);
1214 logout("addr=%s val=0x%08x\n", regname(addr), val);
1215 break;
1216 case SCBPointer:
1217 //~ val = eepro100_read_pointer(s);
1218 logout("addr=%s val=0x%08x\n", regname(addr), val);
1219 break;
1220 case SCBPort:
1221 val = eepro100_read_port(s);
1222 logout("addr=%s val=0x%08x\n", regname(addr), val);
1223 break;
1224 case SCBCtrlMDI:
1225 val = eepro100_read_mdi(s);
1226 break;
1227 default:
1228 logout("addr=%s val=0x%08x\n", regname(addr), val);
1229 missing("unknown longword read");
1230 }
1231 return val;
1232}
1233
1234static void eepro100_write1(EEPRO100State * s, uint32_t addr, uint8_t val)
1235{
1236 if (addr <= sizeof(s->mem) - sizeof(val)) {
1237 memcpy(&s->mem[addr], &val, sizeof(val));
1238 }
1239
1240 logout("addr=%s val=0x%02x\n", regname(addr), val);
1241
1242 switch (addr) {
1243 case SCBStatus:
1244 //~ eepro100_write_status(s, val);
1245 break;
1246 case SCBAck:
1247 eepro100_acknowledge(s);
1248 break;
1249 case SCBCmd:
1250 eepro100_write_command(s, val);
1251 break;
1252 case SCBIntmask:
1253 if (val & BIT(1)) {
1254 eepro100_swi_interrupt(s);
1255 }
1256 eepro100_interrupt(s, 0);
1257 break;
1258 case SCBPort + 3:
bde7600c
TS		 1259 case 24:
1260 case 25:
1261 case 26:
1262 case 27:
663e8e51
TS		 1263 logout("addr=%s val=0x%02x\n", regname(addr), val);
1264 break;
1265 case SCBeeprom:
1266 eepro100_write_eeprom(s->eeprom, val);
1267 break;
1268 default:
1269 logout("addr=%s val=0x%02x\n", regname(addr), val);
1270 missing("unknown byte write");
1271 }
1272}
1273
1274static void eepro100_write2(EEPRO100State * s, uint32_t addr, uint16_t val)
1275{
1276 if (addr <= sizeof(s->mem) - sizeof(val)) {
1277 memcpy(&s->mem[addr], &val, sizeof(val));
1278 }
1279
1280 logout("addr=%s val=0x%04x\n", regname(addr), val);
1281
1282 switch (addr) {
1283 case SCBStatus:
1284 //~ eepro100_write_status(s, val);
1285 eepro100_acknowledge(s);
1286 break;
1287 case SCBCmd:
1288 eepro100_write_command(s, val);
1289 eepro100_write1(s, SCBIntmask, val >> 8);
1290 break;
1291 case SCBeeprom:
1292 eepro100_write_eeprom(s->eeprom, val);
1293 break;
1294 default:
1295 logout("addr=%s val=0x%04x\n", regname(addr), val);
1296 missing("unknown word write");
1297 }
1298}
1299
1300static void eepro100_write4(EEPRO100State * s, uint32_t addr, uint32_t val)
1301{
1302 if (addr <= sizeof(s->mem) - sizeof(val)) {
1303 memcpy(&s->mem[addr], &val, sizeof(val));
1304 }
1305
1306 switch (addr) {
1307 case SCBPointer:
1308 eepro100_write_pointer(s, val);
1309 break;
1310 case SCBPort:
1311 logout("addr=%s val=0x%08x\n", regname(addr), val);
1312 eepro100_write_port(s, val);
1313 break;
1314 case SCBCtrlMDI:
1315 eepro100_write_mdi(s, val);
1316 break;
1317 default:
1318 logout("addr=%s val=0x%08x\n", regname(addr), val);
1319 missing("unknown longword write");
1320 }
1321}
1322
1323static uint32_t ioport_read1(void *opaque, uint32_t addr)
1324{
1325 EEPRO100State *s = opaque;
1326 //~ logout("addr=%s\n", regname(addr));
1327 return eepro100_read1(s, addr - s->region[1]);
1328}
1329
1330static uint32_t ioport_read2(void *opaque, uint32_t addr)
1331{
1332 EEPRO100State *s = opaque;
1333 return eepro100_read2(s, addr - s->region[1]);
1334}
1335
1336static uint32_t ioport_read4(void *opaque, uint32_t addr)
1337{
1338 EEPRO100State *s = opaque;
1339 return eepro100_read4(s, addr - s->region[1]);
1340}
1341
1342static void ioport_write1(void *opaque, uint32_t addr, uint32_t val)
1343{
1344 EEPRO100State *s = opaque;
1345 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1346 eepro100_write1(s, addr - s->region[1], val);
1347}
1348
1349static void ioport_write2(void *opaque, uint32_t addr, uint32_t val)
1350{
1351 EEPRO100State *s = opaque;
1352 eepro100_write2(s, addr - s->region[1], val);
1353}
1354
1355static void ioport_write4(void *opaque, uint32_t addr, uint32_t val)
1356{
1357 EEPRO100State *s = opaque;
1358 eepro100_write4(s, addr - s->region[1], val);
1359}
1360
1361/***********************************************************/
1362/* PCI EEPRO100 definitions */
1363
1364typedef struct PCIEEPRO100State {
1365 PCIDevice dev;
1366 EEPRO100State eepro100;
1367} PCIEEPRO100State;
1368
1369static void pci_map(PCIDevice * pci_dev, int region_num,
1370 uint32_t addr, uint32_t size, int type)
1371{
1372 PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
1373 EEPRO100State *s = &d->eepro100;
1374
1375 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1376 region_num, addr, size, type);
1377
1378 assert(region_num == 1);
1379 register_ioport_write(addr, size, 1, ioport_write1, s);
1380 register_ioport_read(addr, size, 1, ioport_read1, s);
1381 register_ioport_write(addr, size, 2, ioport_write2, s);
1382 register_ioport_read(addr, size, 2, ioport_read2, s);
1383 register_ioport_write(addr, size, 4, ioport_write4, s);
1384 register_ioport_read(addr, size, 4, ioport_read4, s);
1385
1386 s->region[region_num] = addr;
1387}
1388
1389static void pci_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
1390{
1391 EEPRO100State *s = opaque;
1392 addr -= s->region[0];
1393 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1394 eepro100_write1(s, addr, val);
1395}
1396
1397static void pci_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
1398{
1399 EEPRO100State *s = opaque;
1400 addr -= s->region[0];
1401 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1402 eepro100_write2(s, addr, val);
1403}
1404
1405static void pci_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
1406{
1407 EEPRO100State *s = opaque;
1408 addr -= s->region[0];
1409 //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
1410 eepro100_write4(s, addr, val);
1411}
1412
1413static uint32_t pci_mmio_readb(void *opaque, target_phys_addr_t addr)
1414{
1415 EEPRO100State *s = opaque;
1416 addr -= s->region[0];
1417 //~ logout("addr=%s\n", regname(addr));
1418 return eepro100_read1(s, addr);
1419}
1420
1421static uint32_t pci_mmio_readw(void *opaque, target_phys_addr_t addr)
1422{
1423 EEPRO100State *s = opaque;
1424 addr -= s->region[0];
1425 //~ logout("addr=%s\n", regname(addr));
1426 return eepro100_read2(s, addr);
1427}
1428
1429static uint32_t pci_mmio_readl(void *opaque, target_phys_addr_t addr)
1430{
1431 EEPRO100State *s = opaque;
1432 addr -= s->region[0];
1433 //~ logout("addr=%s\n", regname(addr));
1434 return eepro100_read4(s, addr);
1435}
1436
1437static CPUWriteMemoryFunc *pci_mmio_write[] = {
1438 pci_mmio_writeb,
1439 pci_mmio_writew,
1440 pci_mmio_writel
1441};
1442
1443static CPUReadMemoryFunc *pci_mmio_read[] = {
1444 pci_mmio_readb,
1445 pci_mmio_readw,
1446 pci_mmio_readl
1447};
1448
1449static void pci_mmio_map(PCIDevice * pci_dev, int region_num,
1450 uint32_t addr, uint32_t size, int type)
1451{
1452 PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
1453
1454 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
1455 region_num, addr, size, type);
1456
1457 if (region_num == 0) {
1458 /* Map control / status registers. */
1459 cpu_register_physical_memory(addr, size, d->eepro100.mmio_index);
1460 d->eepro100.region[region_num] = addr;
1461 }
1462}
1463
1464static int nic_can_receive(void *opaque)
1465{
1466 EEPRO100State *s = opaque;
1467 logout("%p\n", s);
1468 return get_ru_state(s) == ru_ready;
1469 //~ return !eepro100_buffer_full(s);
1470}
1471
1472#define MIN_BUF_SIZE 60
1473
1474static void nic_receive(void *opaque, const uint8_t * buf, int size)
1475{
1476 /* TODO:
1477 * - Magic packets should set bit 30 in power management driver register.
1478 * - Interesting packets should set bit 29 in power management driver register.
1479 */
1480 EEPRO100State *s = opaque;
1481 uint16_t rfd_status = 0xa000;
1482 static const uint8_t broadcast_macaddr[6] =
1483 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
1484
1485 /* TODO: check multiple IA bit. */
1486 assert(!(s->configuration[20] & BIT(6)));
1487
1488 if (s->configuration[8] & 0x80) {
1489 /* CSMA is disabled. */
1490 logout("%p received while CSMA is disabled\n", s);
1491 return;
1492 } else if (size < 64 && (s->configuration[7] & 1)) {
1493 /* Short frame and configuration byte 7/0 (discard short receive) set:
1494 * Short frame is discarded */
1495 logout("%p received short frame (%d byte)\n", s, size);
1496 s->statistics.rx_short_frame_errors++;
1497 //~ return;
1498 } else if ((size > MAX_ETH_FRAME_SIZE + 4) && !(s->configuration[18] & 8)) {
1499 /* Long frame and configuration byte 18/3 (long receive ok) not set:
1500 * Long frames are discarded. */
1501 logout("%p received long frame (%d byte), ignored\n", s, size);
1502 return;
1503 } else if (memcmp(buf, s->macaddr, 6) == 0) { // !!!
1504 /* Frame matches individual address. */
1505 /* TODO: check configuration byte 15/4 (ignore U/L). */
1506 logout("%p received frame for me, len=%d\n", s, size);
1507 } else if (memcmp(buf, broadcast_macaddr, 6) == 0) {
1508 /* Broadcast frame. */
1509 logout("%p received broadcast, len=%d\n", s, size);
1510 rfd_status |= 0x0002;
1511 } else if (buf[0] & 0x01) { // !!!
1512 /* Multicast frame. */
1513 logout("%p received multicast, len=%d\n", s, size);
1514 /* TODO: check multicast all bit. */
1515 assert(!(s->configuration[21] & BIT(3)));
1516 int mcast_idx = compute_mcast_idx(buf);
1517 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7)))) {
1518 return;
1519 }
1520 rfd_status |= 0x0002;
1521 } else if (s->configuration[15] & 1) {
1522 /* Promiscuous: receive all. */
1523 logout("%p received frame in promiscuous mode, len=%d\n", s, size);
1524 rfd_status |= 0x0004;
1525 } else {
1526 logout("%p received frame, ignored, len=%d,%s\n", s, size,
1527 nic_dump(buf, size));
1528 return;
1529 }
1530
1531 if (get_ru_state(s) != ru_ready) {
1532 /* No ressources available. */
1533 logout("no ressources, state=%u\n", get_ru_state(s));
1534 s->statistics.rx_resource_errors++;
1535 //~ assert(!"no ressources");
1536 return;
1537 }
1538 //~ !!!
1539//~ $3 = {status = 0x0, command = 0xc000, link = 0x2d220, rx_buf_addr = 0x207dc, count = 0x0, size = 0x5f8, packet = {0x0 <repeats 1518 times>}}
1540 eepro100_rx_t rx;
1541 cpu_physical_memory_read(s->ru_base + s->ru_offset, (uint8_t *) & rx,
1542 offsetof(eepro100_rx_t, packet));
1543 uint16_t rfd_command = le16_to_cpu(rx.command);
1544 uint16_t rfd_size = le16_to_cpu(rx.size);
1545 assert(size <= rfd_size);
1546 if (size < 64) {
1547 rfd_status |= 0x0080;
1548 }
1549 logout("command 0x%04x, link 0x%08x, addr 0x%08x, size %u\n", rfd_command,
1550 rx.link, rx.rx_buf_addr, rfd_size);
1551 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, status),
1552 rfd_status);
1553 stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, count), size);
1554 /* Early receive interrupt not supported. */
1555 //~ eepro100_er_interrupt(s);
1556 /* Receive CRC Transfer not supported. */
1557 assert(!(s->configuration[18] & 4));
1558 /* TODO: check stripping enable bit. */
1559 //~ assert(!(s->configuration[17] & 1));
1560 cpu_physical_memory_write(s->ru_base + s->ru_offset +
1561 offsetof(eepro100_rx_t, packet), buf, size);
1562 s->statistics.rx_good_frames++;
1563 eepro100_fr_interrupt(s);
1564 s->ru_offset = le32_to_cpu(rx.link);
1565 if (rfd_command & 0x8000) {
1566 /* EL bit is set, so this was the last frame. */
1567 assert(0);
1568 }
1569 if (rfd_command & 0x4000) {
1570 /* S bit is set. */
1571 set_ru_state(s, ru_suspended);
1572 }
1573}
1574
1575static int nic_load(QEMUFile * f, void *opaque, int version_id)
1576{
1577 EEPRO100State *s = (EEPRO100State *) opaque;
2657c663 1578 int i;
663e8e51
TS		 1579 int ret;
1580
663e8e51
TS		 1581 if (version_id > 3)
1582 return -EINVAL;
1583
1584 if (s->pci_dev && version_id >= 3) {
1585 ret = pci_device_load(s->pci_dev, f);
1586 if (ret < 0)
1587 return ret;
1588 }
1589
1590 if (version_id >= 2) {
1591 qemu_get_8s(f, &s->rxcr);
1592 } else {
1593 s->rxcr = 0x0c;
1594 }
1595
1596 qemu_get_8s(f, &s->cmd);
1597 qemu_get_be32s(f, &s->start);
1598 qemu_get_be32s(f, &s->stop);
1599 qemu_get_8s(f, &s->boundary);
1600 qemu_get_8s(f, &s->tsr);
1601 qemu_get_8s(f, &s->tpsr);
1602 qemu_get_be16s(f, &s->tcnt);
1603 qemu_get_be16s(f, &s->rcnt);
1604 qemu_get_be32s(f, &s->rsar);
1605 qemu_get_8s(f, &s->rsr);
1606 qemu_get_8s(f, &s->isr);
1607 qemu_get_8s(f, &s->dcfg);
1608 qemu_get_8s(f, &s->imr);
1609 qemu_get_buffer(f, s->phys, 6);
1610 qemu_get_8s(f, &s->curpag);
1611 qemu_get_buffer(f, s->mult, 8);
1612 qemu_get_buffer(f, s->mem, sizeof(s->mem));
1613
2657c663
AZ		 1614 /* Restore all members of struct between scv_stat and mem */
1615 qemu_get_8s(f, &s->scb_stat);
1616 qemu_get_8s(f, &s->int_stat);
1617 for (i = 0; i < 3; i++)
1618 qemu_get_be32s(f, &s->region[i]);
1619 qemu_get_buffer(f, s->macaddr, 6);
1620 for (i = 0; i < 19; i++)
1621 qemu_get_be32s(f, &s->statcounter[i]);
1622 for (i = 0; i < 32; i++)
1623 qemu_get_be16s(f, &s->mdimem[i]);
1624 /* The eeprom should be saved and restored by its own routines */
1625 qemu_get_be32s(f, &s->device);
1626 qemu_get_be32s(f, &s->pointer);
1627 qemu_get_be32s(f, &s->cu_base);
1628 qemu_get_be32s(f, &s->cu_offset);
1629 qemu_get_be32s(f, &s->ru_base);
1630 qemu_get_be32s(f, &s->ru_offset);
1631 qemu_get_be32s(f, &s->statsaddr);
1632 /* Restore epro100_stats_t statistics */
1633 qemu_get_be32s(f, &s->statistics.tx_good_frames);
1634 qemu_get_be32s(f, &s->statistics.tx_max_collisions);
1635 qemu_get_be32s(f, &s->statistics.tx_late_collisions);
1636 qemu_get_be32s(f, &s->statistics.tx_underruns);
1637 qemu_get_be32s(f, &s->statistics.tx_lost_crs);
1638 qemu_get_be32s(f, &s->statistics.tx_deferred);
1639 qemu_get_be32s(f, &s->statistics.tx_single_collisions);
1640 qemu_get_be32s(f, &s->statistics.tx_multiple_collisions);
1641 qemu_get_be32s(f, &s->statistics.tx_total_collisions);
1642 qemu_get_be32s(f, &s->statistics.rx_good_frames);
1643 qemu_get_be32s(f, &s->statistics.rx_crc_errors);
1644 qemu_get_be32s(f, &s->statistics.rx_alignment_errors);
1645 qemu_get_be32s(f, &s->statistics.rx_resource_errors);
1646 qemu_get_be32s(f, &s->statistics.rx_overrun_errors);
1647 qemu_get_be32s(f, &s->statistics.rx_cdt_errors);
1648 qemu_get_be32s(f, &s->statistics.rx_short_frame_errors);
1649 qemu_get_be32s(f, &s->statistics.fc_xmt_pause);
1650 qemu_get_be32s(f, &s->statistics.fc_rcv_pause);
1651 qemu_get_be32s(f, &s->statistics.fc_rcv_unsupported);
1652 qemu_get_be16s(f, &s->statistics.xmt_tco_frames);
1653 qemu_get_be16s(f, &s->statistics.rcv_tco_frames);
1654 qemu_get_be32s(f, &s->statistics.complete);
1655#if 0
1656 qemu_get_be16s(f, &s->status);
1657#endif
1658
1659 /* Configuration bytes. */
1660 qemu_get_buffer(f, s->configuration, sizeof(s->configuration));
1661
663e8e51
TS		 1662 return 0;
1663}
1664
1665static void nic_save(QEMUFile * f, void *opaque)
1666{
1667 EEPRO100State *s = (EEPRO100State *) opaque;
2657c663 1668 int i;
663e8e51
TS		 1669
1670 if (s->pci_dev)
1671 pci_device_save(s->pci_dev, f);
1672
1673 qemu_put_8s(f, &s->rxcr);
1674
1675 qemu_put_8s(f, &s->cmd);
1676 qemu_put_be32s(f, &s->start);
1677 qemu_put_be32s(f, &s->stop);
1678 qemu_put_8s(f, &s->boundary);
1679 qemu_put_8s(f, &s->tsr);
1680 qemu_put_8s(f, &s->tpsr);
1681 qemu_put_be16s(f, &s->tcnt);
1682 qemu_put_be16s(f, &s->rcnt);
1683 qemu_put_be32s(f, &s->rsar);
1684 qemu_put_8s(f, &s->rsr);
1685 qemu_put_8s(f, &s->isr);
1686 qemu_put_8s(f, &s->dcfg);
1687 qemu_put_8s(f, &s->imr);
1688 qemu_put_buffer(f, s->phys, 6);
1689 qemu_put_8s(f, &s->curpag);
1690 qemu_put_buffer(f, s->mult, 8);
1691 qemu_put_buffer(f, s->mem, sizeof(s->mem));
2657c663
AZ		 1692
1693 /* Save all members of struct between scv_stat and mem */
1694 qemu_put_8s(f, &s->scb_stat);
1695 qemu_put_8s(f, &s->int_stat);
1696 for (i = 0; i < 3; i++)
1697 qemu_put_be32s(f, &s->region[i]);
1698 qemu_put_buffer(f, s->macaddr, 6);
1699 for (i = 0; i < 19; i++)
1700 qemu_put_be32s(f, &s->statcounter[i]);
1701 for (i = 0; i < 32; i++)
1702 qemu_put_be16s(f, &s->mdimem[i]);
1703 /* The eeprom should be saved and restored by its own routines */
1704 qemu_put_be32s(f, &s->device);
1705 qemu_put_be32s(f, &s->pointer);
1706 qemu_put_be32s(f, &s->cu_base);
1707 qemu_put_be32s(f, &s->cu_offset);
1708 qemu_put_be32s(f, &s->ru_base);
1709 qemu_put_be32s(f, &s->ru_offset);
1710 qemu_put_be32s(f, &s->statsaddr);
1711 /* Save epro100_stats_t statistics */
1712 qemu_put_be32s(f, &s->statistics.tx_good_frames);
1713 qemu_put_be32s(f, &s->statistics.tx_max_collisions);
1714 qemu_put_be32s(f, &s->statistics.tx_late_collisions);
1715 qemu_put_be32s(f, &s->statistics.tx_underruns);
1716 qemu_put_be32s(f, &s->statistics.tx_lost_crs);
1717 qemu_put_be32s(f, &s->statistics.tx_deferred);
1718 qemu_put_be32s(f, &s->statistics.tx_single_collisions);
1719 qemu_put_be32s(f, &s->statistics.tx_multiple_collisions);
1720 qemu_put_be32s(f, &s->statistics.tx_total_collisions);
1721 qemu_put_be32s(f, &s->statistics.rx_good_frames);
1722 qemu_put_be32s(f, &s->statistics.rx_crc_errors);
1723 qemu_put_be32s(f, &s->statistics.rx_alignment_errors);
1724 qemu_put_be32s(f, &s->statistics.rx_resource_errors);
1725 qemu_put_be32s(f, &s->statistics.rx_overrun_errors);
1726 qemu_put_be32s(f, &s->statistics.rx_cdt_errors);
1727 qemu_put_be32s(f, &s->statistics.rx_short_frame_errors);
1728 qemu_put_be32s(f, &s->statistics.fc_xmt_pause);
1729 qemu_put_be32s(f, &s->statistics.fc_rcv_pause);
1730 qemu_put_be32s(f, &s->statistics.fc_rcv_unsupported);
1731 qemu_put_be16s(f, &s->statistics.xmt_tco_frames);
1732 qemu_put_be16s(f, &s->statistics.rcv_tco_frames);
1733 qemu_put_be32s(f, &s->statistics.complete);
1734#if 0
1735 qemu_put_be16s(f, &s->status);
1736#endif
1737
1738 /* Configuration bytes. */
1739 qemu_put_buffer(f, s->configuration, sizeof(s->configuration));
663e8e51
TS		 1740}
1741
1742static void nic_init(PCIBus * bus, NICInfo * nd,
1743 const char *name, uint32_t device)
1744{
1745 PCIEEPRO100State *d;
1746 EEPRO100State *s;
1747
1748 logout("\n");
1749
1750 d = (PCIEEPRO100State *) pci_register_device(bus, name,
1751 sizeof(PCIEEPRO100State), -1,
1752 NULL, NULL);
1753
1754 s = &d->eepro100;
1755 s->device = device;
1756 s->pci_dev = &d->dev;
1757
1758 pci_reset(s);
1759
1760 /* Add 64 * 2 EEPROM. i82557 and i82558 support a 64 word EEPROM,
1761 * i82559 and later support 64 or 256 word EEPROM. */
1762 s->eeprom = eeprom93xx_new(EEPROM_SIZE);
1763
1764 /* Handler for memory-mapped I/O */
1765 d->eepro100.mmio_index =
1766 cpu_register_io_memory(0, pci_mmio_read, pci_mmio_write, s);
1767
1768 pci_register_io_region(&d->dev, 0, PCI_MEM_SIZE,
1769 PCI_ADDRESS_SPACE_MEM |
1770 PCI_ADDRESS_SPACE_MEM_PREFETCH, pci_mmio_map);
1771 pci_register_io_region(&d->dev, 1, PCI_IO_SIZE, PCI_ADDRESS_SPACE_IO,
1772 pci_map);
1773 pci_register_io_region(&d->dev, 2, PCI_FLASH_SIZE, PCI_ADDRESS_SPACE_MEM,
1774 pci_mmio_map);
1775
1776 memcpy(s->macaddr, nd->macaddr, 6);
1777 logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
1778 assert(s->region[1] == 0);
1779
1780 nic_reset(s);
1781
1782 s->vc = qemu_new_vlan_client(nd->vlan, nic_receive, nic_can_receive, s);
1783
1784 snprintf(s->vc->info_str, sizeof(s->vc->info_str),
1785 "eepro100 pci macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
1786 s->macaddr[0],
1787 s->macaddr[1],
1788 s->macaddr[2], s->macaddr[3], s->macaddr[4], s->macaddr[5]);
1789
1790 qemu_register_reset(nic_reset, s);
1791
1792 /* XXX: instance number ? */
1793 register_savevm(name, 0, 3, nic_save, nic_load, s);
1794}
1795
1796void pci_i82551_init(PCIBus * bus, NICInfo * nd, int devfn)
1797{
1798 nic_init(bus, nd, "i82551", i82551);
1799 //~ uint8_t *pci_conf = d->dev.config;
1800}
1801
1802void pci_i82557b_init(PCIBus * bus, NICInfo * nd, int devfn)
1803{
1804 nic_init(bus, nd, "i82557b", i82557B);
1805}
1806
1807void pci_i82559er_init(PCIBus * bus, NICInfo * nd, int devfn)
1808{
1809 nic_init(bus, nd, "i82559er", i82559ER);
1810}
1811
1812/* eof */
QEMU mirror