]> git.proxmox.com Git - qemu.git/blob - hw/net/rtl8139.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
rtl8139: flush queued packets when RxBufPtr is written
[qemu.git] / hw / net / rtl8139.c
1 /**
2 * QEMU RTL8139 emulation
3 *
4 * Copyright (c) 2006 Igor Kovalenko
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23
24 * Modifications:
25 * 2006-Jan-28 Mark Malakanov : TSAD and CSCR implementation (for Windows driver)
26 *
27 * 2006-Apr-28 Juergen Lock : EEPROM emulation changes for FreeBSD driver
28 * HW revision ID changes for FreeBSD driver
29 *
30 * 2006-Jul-01 Igor Kovalenko : Implemented loopback mode for FreeBSD driver
31 * Corrected packet transfer reassembly routine for 8139C+ mode
32 * Rearranged debugging print statements
33 * Implemented PCI timer interrupt (disabled by default)
34 * Implemented Tally Counters, increased VM load/save version
35 * Implemented IP/TCP/UDP checksum task offloading
36 *
37 * 2006-Jul-04 Igor Kovalenko : Implemented TCP segmentation offloading
38 * Fixed MTU=1500 for produced ethernet frames
39 *
40 * 2006-Jul-09 Igor Kovalenko : Fixed TCP header length calculation while processing
41 * segmentation offloading
42 * Removed slirp.h dependency
43 * Added rx/tx buffer reset when enabling rx/tx operation
44 *
45 * 2010-Feb-04 Frediano Ziglio: Rewrote timer support using QEMU timer only
46 * when strictly needed (required for for
47 * Darwin)
48 * 2011-Mar-22 Benjamin Poirier: Implemented VLAN offloading
49 */
50
51 /* For crc32 */
52 #include <zlib.h>
53
54 #include "hw/hw.h"
55 #include "hw/pci/pci.h"
56 #include "sysemu/dma.h"
57 #include "qemu/timer.h"
58 #include "net/net.h"
59 #include "hw/loader.h"
60 #include "sysemu/sysemu.h"
61 #include "qemu/iov.h"
62
63 /* debug RTL8139 card */
64 //#define DEBUG_RTL8139 1
65
66 #define PCI_FREQUENCY 33000000L
67
68 #define SET_MASKED(input, mask, curr) \
69 ( ( (input) & ~(mask) ) | ( (curr) & (mask) ) )
70
71 /* arg % size for size which is a power of 2 */
72 #define MOD2(input, size) \
73 ( ( input ) & ( size - 1 ) )
74
75 #define ETHER_ADDR_LEN 6
76 #define ETHER_TYPE_LEN 2
77 #define ETH_HLEN (ETHER_ADDR_LEN * 2 + ETHER_TYPE_LEN)
78 #define ETH_P_IP 0x0800 /* Internet Protocol packet */
79 #define ETH_P_8021Q 0x8100 /* 802.1Q VLAN Extended Header */
80 #define ETH_MTU 1500
81
82 #define VLAN_TCI_LEN 2
83 #define VLAN_HLEN (ETHER_TYPE_LEN + VLAN_TCI_LEN)
84
85 #if defined (DEBUG_RTL8139)
86 # define DPRINTF(fmt, ...) \
87 do { fprintf(stderr, "RTL8139: " fmt, ## __VA_ARGS__); } while (0)
88 #else
89 static inline GCC_FMT_ATTR(1, 2) int DPRINTF(const char *fmt, ...)
90 {
91 return 0;
92 }
93 #endif
94
95 /* Symbolic offsets to registers. */
96 enum RTL8139_registers {
97 MAC0 = 0, /* Ethernet hardware address. */
98 MAR0 = 8, /* Multicast filter. */
99 TxStatus0 = 0x10,/* Transmit status (Four 32bit registers). C mode only */
100 /* Dump Tally Conter control register(64bit). C+ mode only */
101 TxAddr0 = 0x20, /* Tx descriptors (also four 32bit). */
102 RxBuf = 0x30,
103 ChipCmd = 0x37,
104 RxBufPtr = 0x38,
105 RxBufAddr = 0x3A,
106 IntrMask = 0x3C,
107 IntrStatus = 0x3E,
108 TxConfig = 0x40,
109 RxConfig = 0x44,
110 Timer = 0x48, /* A general-purpose counter. */
111 RxMissed = 0x4C, /* 24 bits valid, write clears. */
112 Cfg9346 = 0x50,
113 Config0 = 0x51,
114 Config1 = 0x52,
115 FlashReg = 0x54,
116 MediaStatus = 0x58,
117 Config3 = 0x59,
118 Config4 = 0x5A, /* absent on RTL-8139A */
119 HltClk = 0x5B,
120 MultiIntr = 0x5C,
121 PCIRevisionID = 0x5E,
122 TxSummary = 0x60, /* TSAD register. Transmit Status of All Descriptors*/
123 BasicModeCtrl = 0x62,
124 BasicModeStatus = 0x64,
125 NWayAdvert = 0x66,
126 NWayLPAR = 0x68,
127 NWayExpansion = 0x6A,
128 /* Undocumented registers, but required for proper operation. */
129 FIFOTMS = 0x70, /* FIFO Control and test. */
130 CSCR = 0x74, /* Chip Status and Configuration Register. */
131 PARA78 = 0x78,
132 PARA7c = 0x7c, /* Magic transceiver parameter register. */
133 Config5 = 0xD8, /* absent on RTL-8139A */
134 /* C+ mode */
135 TxPoll = 0xD9, /* Tell chip to check Tx descriptors for work */
136 RxMaxSize = 0xDA, /* Max size of an Rx packet (8169 only) */
137 CpCmd = 0xE0, /* C+ Command register (C+ mode only) */
138 IntrMitigate = 0xE2, /* rx/tx interrupt mitigation control */
139 RxRingAddrLO = 0xE4, /* 64-bit start addr of Rx ring */
140 RxRingAddrHI = 0xE8, /* 64-bit start addr of Rx ring */
141 TxThresh = 0xEC, /* Early Tx threshold */
142 };
143
144 enum ClearBitMasks {
145 MultiIntrClear = 0xF000,
146 ChipCmdClear = 0xE2,
147 Config1Clear = (1<<7)|(1<<6)|(1<<3)|(1<<2)|(1<<1),
148 };
149
150 enum ChipCmdBits {
151 CmdReset = 0x10,
152 CmdRxEnb = 0x08,
153 CmdTxEnb = 0x04,
154 RxBufEmpty = 0x01,
155 };
156
157 /* C+ mode */
158 enum CplusCmdBits {
159 CPlusRxVLAN = 0x0040, /* enable receive VLAN detagging */
160 CPlusRxChkSum = 0x0020, /* enable receive checksum offloading */
161 CPlusRxEnb = 0x0002,
162 CPlusTxEnb = 0x0001,
163 };
164
165 /* Interrupt register bits, using my own meaningful names. */
166 enum IntrStatusBits {
167 PCIErr = 0x8000,
168 PCSTimeout = 0x4000,
169 RxFIFOOver = 0x40,
170 RxUnderrun = 0x20, /* Packet Underrun / Link Change */
171 RxOverflow = 0x10,
172 TxErr = 0x08,
173 TxOK = 0x04,
174 RxErr = 0x02,
175 RxOK = 0x01,
176
177 RxAckBits = RxFIFOOver | RxOverflow | RxOK,
178 };
179
180 enum TxStatusBits {
181 TxHostOwns = 0x2000,
182 TxUnderrun = 0x4000,
183 TxStatOK = 0x8000,
184 TxOutOfWindow = 0x20000000,
185 TxAborted = 0x40000000,
186 TxCarrierLost = 0x80000000,
187 };
188 enum RxStatusBits {
189 RxMulticast = 0x8000,
190 RxPhysical = 0x4000,
191 RxBroadcast = 0x2000,
192 RxBadSymbol = 0x0020,
193 RxRunt = 0x0010,
194 RxTooLong = 0x0008,
195 RxCRCErr = 0x0004,
196 RxBadAlign = 0x0002,
197 RxStatusOK = 0x0001,
198 };
199
200 /* Bits in RxConfig. */
201 enum rx_mode_bits {
202 AcceptErr = 0x20,
203 AcceptRunt = 0x10,
204 AcceptBroadcast = 0x08,
205 AcceptMulticast = 0x04,
206 AcceptMyPhys = 0x02,
207 AcceptAllPhys = 0x01,
208 };
209
210 /* Bits in TxConfig. */
211 enum tx_config_bits {
212
213 /* Interframe Gap Time. Only TxIFG96 doesn't violate IEEE 802.3 */
214 TxIFGShift = 24,
215 TxIFG84 = (0 << TxIFGShift), /* 8.4us / 840ns (10 / 100Mbps) */
216 TxIFG88 = (1 << TxIFGShift), /* 8.8us / 880ns (10 / 100Mbps) */
217 TxIFG92 = (2 << TxIFGShift), /* 9.2us / 920ns (10 / 100Mbps) */
218 TxIFG96 = (3 << TxIFGShift), /* 9.6us / 960ns (10 / 100Mbps) */
219
220 TxLoopBack = (1 << 18) | (1 << 17), /* enable loopback test mode */
221 TxCRC = (1 << 16), /* DISABLE appending CRC to end of Tx packets */
222 TxClearAbt = (1 << 0), /* Clear abort (WO) */
223 TxDMAShift = 8, /* DMA burst value (0-7) is shifted this many bits */
224 TxRetryShift = 4, /* TXRR value (0-15) is shifted this many bits */
225
226 TxVersionMask = 0x7C800000, /* mask out version bits 30-26, 23 */
227 };
228
229
230 /* Transmit Status of All Descriptors (TSAD) Register */
231 enum TSAD_bits {
232 TSAD_TOK3 = 1<<15, // TOK bit of Descriptor 3
233 TSAD_TOK2 = 1<<14, // TOK bit of Descriptor 2
234 TSAD_TOK1 = 1<<13, // TOK bit of Descriptor 1
235 TSAD_TOK0 = 1<<12, // TOK bit of Descriptor 0
236 TSAD_TUN3 = 1<<11, // TUN bit of Descriptor 3
237 TSAD_TUN2 = 1<<10, // TUN bit of Descriptor 2
238 TSAD_TUN1 = 1<<9, // TUN bit of Descriptor 1
239 TSAD_TUN0 = 1<<8, // TUN bit of Descriptor 0
240 TSAD_TABT3 = 1<<07, // TABT bit of Descriptor 3
241 TSAD_TABT2 = 1<<06, // TABT bit of Descriptor 2
242 TSAD_TABT1 = 1<<05, // TABT bit of Descriptor 1
243 TSAD_TABT0 = 1<<04, // TABT bit of Descriptor 0
244 TSAD_OWN3 = 1<<03, // OWN bit of Descriptor 3
245 TSAD_OWN2 = 1<<02, // OWN bit of Descriptor 2
246 TSAD_OWN1 = 1<<01, // OWN bit of Descriptor 1
247 TSAD_OWN0 = 1<<00, // OWN bit of Descriptor 0
248 };
249
250
251 /* Bits in Config1 */
252 enum Config1Bits {
253 Cfg1_PM_Enable = 0x01,
254 Cfg1_VPD_Enable = 0x02,
255 Cfg1_PIO = 0x04,
256 Cfg1_MMIO = 0x08,
257 LWAKE = 0x10, /* not on 8139, 8139A */
258 Cfg1_Driver_Load = 0x20,
259 Cfg1_LED0 = 0x40,
260 Cfg1_LED1 = 0x80,
261 SLEEP = (1 << 1), /* only on 8139, 8139A */
262 PWRDN = (1 << 0), /* only on 8139, 8139A */
263 };
264
265 /* Bits in Config3 */
266 enum Config3Bits {
267 Cfg3_FBtBEn = (1 << 0), /* 1 = Fast Back to Back */
268 Cfg3_FuncRegEn = (1 << 1), /* 1 = enable CardBus Function registers */
269 Cfg3_CLKRUN_En = (1 << 2), /* 1 = enable CLKRUN */
270 Cfg3_CardB_En = (1 << 3), /* 1 = enable CardBus registers */
271 Cfg3_LinkUp = (1 << 4), /* 1 = wake up on link up */
272 Cfg3_Magic = (1 << 5), /* 1 = wake up on Magic Packet (tm) */
273 Cfg3_PARM_En = (1 << 6), /* 0 = software can set twister parameters */
274 Cfg3_GNTSel = (1 << 7), /* 1 = delay 1 clock from PCI GNT signal */
275 };
276
277 /* Bits in Config4 */
278 enum Config4Bits {
279 LWPTN = (1 << 2), /* not on 8139, 8139A */
280 };
281
282 /* Bits in Config5 */
283 enum Config5Bits {
284 Cfg5_PME_STS = (1 << 0), /* 1 = PCI reset resets PME_Status */
285 Cfg5_LANWake = (1 << 1), /* 1 = enable LANWake signal */
286 Cfg5_LDPS = (1 << 2), /* 0 = save power when link is down */
287 Cfg5_FIFOAddrPtr = (1 << 3), /* Realtek internal SRAM testing */
288 Cfg5_UWF = (1 << 4), /* 1 = accept unicast wakeup frame */
289 Cfg5_MWF = (1 << 5), /* 1 = accept multicast wakeup frame */
290 Cfg5_BWF = (1 << 6), /* 1 = accept broadcast wakeup frame */
291 };
292
293 enum RxConfigBits {
294 /* rx fifo threshold */
295 RxCfgFIFOShift = 13,
296 RxCfgFIFONone = (7 << RxCfgFIFOShift),
297
298 /* Max DMA burst */
299 RxCfgDMAShift = 8,
300 RxCfgDMAUnlimited = (7 << RxCfgDMAShift),
301
302 /* rx ring buffer length */
303 RxCfgRcv8K = 0,
304 RxCfgRcv16K = (1 << 11),
305 RxCfgRcv32K = (1 << 12),
306 RxCfgRcv64K = (1 << 11) | (1 << 12),
307
308 /* Disable packet wrap at end of Rx buffer. (not possible with 64k) */
309 RxNoWrap = (1 << 7),
310 };
311
312 /* Twister tuning parameters from RealTek.
313 Completely undocumented, but required to tune bad links on some boards. */
314 /*
315 enum CSCRBits {
316 CSCR_LinkOKBit = 0x0400,
317 CSCR_LinkChangeBit = 0x0800,
318 CSCR_LinkStatusBits = 0x0f000,
319 CSCR_LinkDownOffCmd = 0x003c0,
320 CSCR_LinkDownCmd = 0x0f3c0,
321 */
322 enum CSCRBits {
323 CSCR_Testfun = 1<<15, /* 1 = Auto-neg speeds up internal timer, WO, def 0 */
324 CSCR_LD = 1<<9, /* Active low TPI link disable signal. When low, TPI still transmits link pulses and TPI stays in good link state. def 1*/
325 CSCR_HEART_BIT = 1<<8, /* 1 = HEART BEAT enable, 0 = HEART BEAT disable. HEART BEAT function is only valid in 10Mbps mode. def 1*/
326 CSCR_JBEN = 1<<7, /* 1 = enable jabber function. 0 = disable jabber function, def 1*/
327 CSCR_F_LINK_100 = 1<<6, /* Used to login force good link in 100Mbps for diagnostic purposes. 1 = DISABLE, 0 = ENABLE. def 1*/
328 CSCR_F_Connect = 1<<5, /* Assertion of this bit forces the disconnect function to be bypassed. def 0*/
329 CSCR_Con_status = 1<<3, /* This bit indicates the status of the connection. 1 = valid connected link detected; 0 = disconnected link detected. RO def 0*/
330 CSCR_Con_status_En = 1<<2, /* Assertion of this bit configures LED1 pin to indicate connection status. def 0*/
331 CSCR_PASS_SCR = 1<<0, /* Bypass Scramble, def 0*/
332 };
333
334 enum Cfg9346Bits {
335 Cfg9346_Normal = 0x00,
336 Cfg9346_Autoload = 0x40,
337 Cfg9346_Programming = 0x80,
338 Cfg9346_ConfigWrite = 0xC0,
339 };
340
341 typedef enum {
342 CH_8139 = 0,
343 CH_8139_K,
344 CH_8139A,
345 CH_8139A_G,
346 CH_8139B,
347 CH_8130,
348 CH_8139C,
349 CH_8100,
350 CH_8100B_8139D,
351 CH_8101,
352 } chip_t;
353
354 enum chip_flags {
355 HasHltClk = (1 << 0),
356 HasLWake = (1 << 1),
357 };
358
359 #define HW_REVID(b30, b29, b28, b27, b26, b23, b22) \
360 (b30<<30 | b29<<29 | b28<<28 | b27<<27 | b26<<26 | b23<<23 | b22<<22)
361 #define HW_REVID_MASK HW_REVID(1, 1, 1, 1, 1, 1, 1)
362
363 #define RTL8139_PCI_REVID_8139 0x10
364 #define RTL8139_PCI_REVID_8139CPLUS 0x20
365
366 #define RTL8139_PCI_REVID RTL8139_PCI_REVID_8139CPLUS
367
368 /* Size is 64 * 16bit words */
369 #define EEPROM_9346_ADDR_BITS 6
370 #define EEPROM_9346_SIZE (1 << EEPROM_9346_ADDR_BITS)
371 #define EEPROM_9346_ADDR_MASK (EEPROM_9346_SIZE - 1)
372
373 enum Chip9346Operation
374 {
375 Chip9346_op_mask = 0xc0, /* 10 zzzzzz */
376 Chip9346_op_read = 0x80, /* 10 AAAAAA */
377 Chip9346_op_write = 0x40, /* 01 AAAAAA D(15)..D(0) */
378 Chip9346_op_ext_mask = 0xf0, /* 11 zzzzzz */
379 Chip9346_op_write_enable = 0x30, /* 00 11zzzz */
380 Chip9346_op_write_all = 0x10, /* 00 01zzzz */
381 Chip9346_op_write_disable = 0x00, /* 00 00zzzz */
382 };
383
384 enum Chip9346Mode
385 {
386 Chip9346_none = 0,
387 Chip9346_enter_command_mode,
388 Chip9346_read_command,
389 Chip9346_data_read, /* from output register */
390 Chip9346_data_write, /* to input register, then to contents at specified address */
391 Chip9346_data_write_all, /* to input register, then filling contents */
392 };
393
394 typedef struct EEprom9346
395 {
396 uint16_t contents[EEPROM_9346_SIZE];
397 int mode;
398 uint32_t tick;
399 uint8_t address;
400 uint16_t input;
401 uint16_t output;
402
403 uint8_t eecs;
404 uint8_t eesk;
405 uint8_t eedi;
406 uint8_t eedo;
407 } EEprom9346;
408
409 typedef struct RTL8139TallyCounters
410 {
411 /* Tally counters */
412 uint64_t TxOk;
413 uint64_t RxOk;
414 uint64_t TxERR;
415 uint32_t RxERR;
416 uint16_t MissPkt;
417 uint16_t FAE;
418 uint32_t Tx1Col;
419 uint32_t TxMCol;
420 uint64_t RxOkPhy;
421 uint64_t RxOkBrd;
422 uint32_t RxOkMul;
423 uint16_t TxAbt;
424 uint16_t TxUndrn;
425 } RTL8139TallyCounters;
426
427 /* Clears all tally counters */
428 static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters);
429
430 typedef struct RTL8139State {
431 PCIDevice dev;
432 uint8_t phys[8]; /* mac address */
433 uint8_t mult[8]; /* multicast mask array */
434
435 uint32_t TxStatus[4]; /* TxStatus0 in C mode*/ /* also DTCCR[0] and DTCCR[1] in C+ mode */
436 uint32_t TxAddr[4]; /* TxAddr0 */
437 uint32_t RxBuf; /* Receive buffer */
438 uint32_t RxBufferSize;/* internal variable, receive ring buffer size in C mode */
439 uint32_t RxBufPtr;
440 uint32_t RxBufAddr;
441
442 uint16_t IntrStatus;
443 uint16_t IntrMask;
444
445 uint32_t TxConfig;
446 uint32_t RxConfig;
447 uint32_t RxMissed;
448
449 uint16_t CSCR;
450
451 uint8_t Cfg9346;
452 uint8_t Config0;
453 uint8_t Config1;
454 uint8_t Config3;
455 uint8_t Config4;
456 uint8_t Config5;
457
458 uint8_t clock_enabled;
459 uint8_t bChipCmdState;
460
461 uint16_t MultiIntr;
462
463 uint16_t BasicModeCtrl;
464 uint16_t BasicModeStatus;
465 uint16_t NWayAdvert;
466 uint16_t NWayLPAR;
467 uint16_t NWayExpansion;
468
469 uint16_t CpCmd;
470 uint8_t TxThresh;
471
472 NICState *nic;
473 NICConf conf;
474
475 /* C ring mode */
476 uint32_t currTxDesc;
477
478 /* C+ mode */
479 uint32_t cplus_enabled;
480
481 uint32_t currCPlusRxDesc;
482 uint32_t currCPlusTxDesc;
483
484 uint32_t RxRingAddrLO;
485 uint32_t RxRingAddrHI;
486
487 EEprom9346 eeprom;
488
489 uint32_t TCTR;
490 uint32_t TimerInt;
491 int64_t TCTR_base;
492
493 /* Tally counters */
494 RTL8139TallyCounters tally_counters;
495
496 /* Non-persistent data */
497 uint8_t *cplus_txbuffer;
498 int cplus_txbuffer_len;
499 int cplus_txbuffer_offset;
500
501 /* PCI interrupt timer */
502 QEMUTimer *timer;
503 int64_t TimerExpire;
504
505 MemoryRegion bar_io;
506 MemoryRegion bar_mem;
507
508 /* Support migration to/from old versions */
509 int rtl8139_mmio_io_addr_dummy;
510 } RTL8139State;
511
512 /* Writes tally counters to memory via DMA */
513 static void RTL8139TallyCounters_dma_write(RTL8139State *s, dma_addr_t tc_addr);
514
515 static void rtl8139_set_next_tctr_time(RTL8139State *s, int64_t current_time);
516
517 static void prom9346_decode_command(EEprom9346 *eeprom, uint8_t command)
518 {
519 DPRINTF("eeprom command 0x%02x\n", command);
520
521 switch (command & Chip9346_op_mask)
522 {
523 case Chip9346_op_read:
524 {
525 eeprom->address = command & EEPROM_9346_ADDR_MASK;
526 eeprom->output = eeprom->contents[eeprom->address];
527 eeprom->eedo = 0;
528 eeprom->tick = 0;
529 eeprom->mode = Chip9346_data_read;
530 DPRINTF("eeprom read from address 0x%02x data=0x%04x\n",
531 eeprom->address, eeprom->output);
532 }
533 break;
534
535 case Chip9346_op_write:
536 {
537 eeprom->address = command & EEPROM_9346_ADDR_MASK;
538 eeprom->input = 0;
539 eeprom->tick = 0;
540 eeprom->mode = Chip9346_none; /* Chip9346_data_write */
541 DPRINTF("eeprom begin write to address 0x%02x\n",
542 eeprom->address);
543 }
544 break;
545 default:
546 eeprom->mode = Chip9346_none;
547 switch (command & Chip9346_op_ext_mask)
548 {
549 case Chip9346_op_write_enable:
550 DPRINTF("eeprom write enabled\n");
551 break;
552 case Chip9346_op_write_all:
553 DPRINTF("eeprom begin write all\n");
554 break;
555 case Chip9346_op_write_disable:
556 DPRINTF("eeprom write disabled\n");
557 break;
558 }
559 break;
560 }
561 }
562
563 static void prom9346_shift_clock(EEprom9346 *eeprom)
564 {
565 int bit = eeprom->eedi?1:0;
566
567 ++ eeprom->tick;
568
569 DPRINTF("eeprom: tick %d eedi=%d eedo=%d\n", eeprom->tick, eeprom->eedi,
570 eeprom->eedo);
571
572 switch (eeprom->mode)
573 {
574 case Chip9346_enter_command_mode:
575 if (bit)
576 {
577 eeprom->mode = Chip9346_read_command;
578 eeprom->tick = 0;
579 eeprom->input = 0;
580 DPRINTF("eeprom: +++ synchronized, begin command read\n");
581 }
582 break;
583
584 case Chip9346_read_command:
585 eeprom->input = (eeprom->input << 1) | (bit & 1);
586 if (eeprom->tick == 8)
587 {
588 prom9346_decode_command(eeprom, eeprom->input & 0xff);
589 }
590 break;
591
592 case Chip9346_data_read:
593 eeprom->eedo = (eeprom->output & 0x8000)?1:0;
594 eeprom->output <<= 1;
595 if (eeprom->tick == 16)
596 {
597 #if 1
598 // the FreeBSD drivers (rl and re) don't explicitly toggle
599 // CS between reads (or does setting Cfg9346 to 0 count too?),
600 // so we need to enter wait-for-command state here
601 eeprom->mode = Chip9346_enter_command_mode;
602 eeprom->input = 0;
603 eeprom->tick = 0;
604
605 DPRINTF("eeprom: +++ end of read, awaiting next command\n");
606 #else
607 // original behaviour
608 ++eeprom->address;
609 eeprom->address &= EEPROM_9346_ADDR_MASK;
610 eeprom->output = eeprom->contents[eeprom->address];
611 eeprom->tick = 0;
612
613 DPRINTF("eeprom: +++ read next address 0x%02x data=0x%04x\n",
614 eeprom->address, eeprom->output);
615 #endif
616 }
617 break;
618
619 case Chip9346_data_write:
620 eeprom->input = (eeprom->input << 1) | (bit & 1);
621 if (eeprom->tick == 16)
622 {
623 DPRINTF("eeprom write to address 0x%02x data=0x%04x\n",
624 eeprom->address, eeprom->input);
625
626 eeprom->contents[eeprom->address] = eeprom->input;
627 eeprom->mode = Chip9346_none; /* waiting for next command after CS cycle */
628 eeprom->tick = 0;
629 eeprom->input = 0;
630 }
631 break;
632
633 case Chip9346_data_write_all:
634 eeprom->input = (eeprom->input << 1) | (bit & 1);
635 if (eeprom->tick == 16)
636 {
637 int i;
638 for (i = 0; i < EEPROM_9346_SIZE; i++)
639 {
640 eeprom->contents[i] = eeprom->input;
641 }
642 DPRINTF("eeprom filled with data=0x%04x\n", eeprom->input);
643
644 eeprom->mode = Chip9346_enter_command_mode;
645 eeprom->tick = 0;
646 eeprom->input = 0;
647 }
648 break;
649
650 default:
651 break;
652 }
653 }
654
655 static int prom9346_get_wire(RTL8139State *s)
656 {
657 EEprom9346 *eeprom = &s->eeprom;
658 if (!eeprom->eecs)
659 return 0;
660
661 return eeprom->eedo;
662 }
663
664 /* FIXME: This should be merged into/replaced by eeprom93xx.c. */
665 static void prom9346_set_wire(RTL8139State *s, int eecs, int eesk, int eedi)
666 {
667 EEprom9346 *eeprom = &s->eeprom;
668 uint8_t old_eecs = eeprom->eecs;
669 uint8_t old_eesk = eeprom->eesk;
670
671 eeprom->eecs = eecs;
672 eeprom->eesk = eesk;
673 eeprom->eedi = eedi;
674
675 DPRINTF("eeprom: +++ wires CS=%d SK=%d DI=%d DO=%d\n", eeprom->eecs,
676 eeprom->eesk, eeprom->eedi, eeprom->eedo);
677
678 if (!old_eecs && eecs)
679 {
680 /* Synchronize start */
681 eeprom->tick = 0;
682 eeprom->input = 0;
683 eeprom->output = 0;
684 eeprom->mode = Chip9346_enter_command_mode;
685
686 DPRINTF("=== eeprom: begin access, enter command mode\n");
687 }
688
689 if (!eecs)
690 {
691 DPRINTF("=== eeprom: end access\n");
692 return;
693 }
694
695 if (!old_eesk && eesk)
696 {
697 /* SK front rules */
698 prom9346_shift_clock(eeprom);
699 }
700 }
701
702 static void rtl8139_update_irq(RTL8139State *s)
703 {
704 int isr;
705 isr = (s->IntrStatus & s->IntrMask) & 0xffff;
706
707 DPRINTF("Set IRQ to %d (%04x %04x)\n", isr ? 1 : 0, s->IntrStatus,
708 s->IntrMask);
709
710 qemu_set_irq(s->dev.irq[0], (isr != 0));
711 }
712
713 static int rtl8139_RxWrap(RTL8139State *s)
714 {
715 /* wrapping enabled; assume 1.5k more buffer space if size < 65536 */
716 return (s->RxConfig & (1 << 7));
717 }
718
719 static int rtl8139_receiver_enabled(RTL8139State *s)
720 {
721 return s->bChipCmdState & CmdRxEnb;
722 }
723
724 static int rtl8139_transmitter_enabled(RTL8139State *s)
725 {
726 return s->bChipCmdState & CmdTxEnb;
727 }
728
729 static int rtl8139_cp_receiver_enabled(RTL8139State *s)
730 {
731 return s->CpCmd & CPlusRxEnb;
732 }
733
734 static int rtl8139_cp_transmitter_enabled(RTL8139State *s)
735 {
736 return s->CpCmd & CPlusTxEnb;
737 }
738
739 static void rtl8139_write_buffer(RTL8139State *s, const void *buf, int size)
740 {
741 if (s->RxBufAddr + size > s->RxBufferSize)
742 {
743 int wrapped = MOD2(s->RxBufAddr + size, s->RxBufferSize);
744
745 /* write packet data */
746 if (wrapped && !(s->RxBufferSize < 65536 && rtl8139_RxWrap(s)))
747 {
748 DPRINTF(">>> rx packet wrapped in buffer at %d\n", size - wrapped);
749
750 if (size > wrapped)
751 {
752 pci_dma_write(&s->dev, s->RxBuf + s->RxBufAddr,
753 buf, size-wrapped);
754 }
755
756 /* reset buffer pointer */
757 s->RxBufAddr = 0;
758
759 pci_dma_write(&s->dev, s->RxBuf + s->RxBufAddr,
760 buf + (size-wrapped), wrapped);
761
762 s->RxBufAddr = wrapped;
763
764 return;
765 }
766 }
767
768 /* non-wrapping path or overwrapping enabled */
769 pci_dma_write(&s->dev, s->RxBuf + s->RxBufAddr, buf, size);
770
771 s->RxBufAddr += size;
772 }
773
774 #define MIN_BUF_SIZE 60
775 static inline dma_addr_t rtl8139_addr64(uint32_t low, uint32_t high)
776 {
777 return low | ((uint64_t)high << 32);
778 }
779
780 /* Workaround for buggy guest driver such as linux who allocates rx
781 * rings after the receiver were enabled. */
782 static bool rtl8139_cp_rx_valid(RTL8139State *s)
783 {
784 return !(s->RxRingAddrLO == 0 && s->RxRingAddrHI == 0);
785 }
786
787 static int rtl8139_can_receive(NetClientState *nc)
788 {
789 RTL8139State *s = qemu_get_nic_opaque(nc);
790 int avail;
791
792 /* Receive (drop) packets if card is disabled. */
793 if (!s->clock_enabled)
794 return 1;
795 if (!rtl8139_receiver_enabled(s))
796 return 1;
797
798 if (rtl8139_cp_receiver_enabled(s) && rtl8139_cp_rx_valid(s)) {
799 /* ??? Flow control not implemented in c+ mode.
800 This is a hack to work around slirp deficiencies anyway. */
801 return 1;
802 } else {
803 avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr,
804 s->RxBufferSize);
805 return (avail == 0 || avail >= 1514 || (s->IntrMask & RxOverflow));
806 }
807 }
808
809 static ssize_t rtl8139_do_receive(NetClientState *nc, const uint8_t *buf, size_t size_, int do_interrupt)
810 {
811 RTL8139State *s = qemu_get_nic_opaque(nc);
812 /* size is the length of the buffer passed to the driver */
813 int size = size_;
814 const uint8_t *dot1q_buf = NULL;
815
816 uint32_t packet_header = 0;
817
818 uint8_t buf1[MIN_BUF_SIZE + VLAN_HLEN];
819 static const uint8_t broadcast_macaddr[6] =
820 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
821
822 DPRINTF(">>> received len=%d\n", size);
823
824 /* test if board clock is stopped */
825 if (!s->clock_enabled)
826 {
827 DPRINTF("stopped ==========================\n");
828 return -1;
829 }
830
831 /* first check if receiver is enabled */
832
833 if (!rtl8139_receiver_enabled(s))
834 {
835 DPRINTF("receiver disabled ================\n");
836 return -1;
837 }
838
839 /* XXX: check this */
840 if (s->RxConfig & AcceptAllPhys) {
841 /* promiscuous: receive all */
842 DPRINTF(">>> packet received in promiscuous mode\n");
843
844 } else {
845 if (!memcmp(buf, broadcast_macaddr, 6)) {
846 /* broadcast address */
847 if (!(s->RxConfig & AcceptBroadcast))
848 {
849 DPRINTF(">>> broadcast packet rejected\n");
850
851 /* update tally counter */
852 ++s->tally_counters.RxERR;
853
854 return size;
855 }
856
857 packet_header |= RxBroadcast;
858
859 DPRINTF(">>> broadcast packet received\n");
860
861 /* update tally counter */
862 ++s->tally_counters.RxOkBrd;
863
864 } else if (buf[0] & 0x01) {
865 /* multicast */
866 if (!(s->RxConfig & AcceptMulticast))
867 {
868 DPRINTF(">>> multicast packet rejected\n");
869
870 /* update tally counter */
871 ++s->tally_counters.RxERR;
872
873 return size;
874 }
875
876 int mcast_idx = compute_mcast_idx(buf);
877
878 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7))))
879 {
880 DPRINTF(">>> multicast address mismatch\n");
881
882 /* update tally counter */
883 ++s->tally_counters.RxERR;
884
885 return size;
886 }
887
888 packet_header |= RxMulticast;
889
890 DPRINTF(">>> multicast packet received\n");
891
892 /* update tally counter */
893 ++s->tally_counters.RxOkMul;
894
895 } else if (s->phys[0] == buf[0] &&
896 s->phys[1] == buf[1] &&
897 s->phys[2] == buf[2] &&
898 s->phys[3] == buf[3] &&
899 s->phys[4] == buf[4] &&
900 s->phys[5] == buf[5]) {
901 /* match */
902 if (!(s->RxConfig & AcceptMyPhys))
903 {
904 DPRINTF(">>> rejecting physical address matching packet\n");
905
906 /* update tally counter */
907 ++s->tally_counters.RxERR;
908
909 return size;
910 }
911
912 packet_header |= RxPhysical;
913
914 DPRINTF(">>> physical address matching packet received\n");
915
916 /* update tally counter */
917 ++s->tally_counters.RxOkPhy;
918
919 } else {
920
921 DPRINTF(">>> unknown packet\n");
922
923 /* update tally counter */
924 ++s->tally_counters.RxERR;
925
926 return size;
927 }
928 }
929
930 /* if too small buffer, then expand it
931 * Include some tailroom in case a vlan tag is later removed. */
932 if (size < MIN_BUF_SIZE + VLAN_HLEN) {
933 memcpy(buf1, buf, size);
934 memset(buf1 + size, 0, MIN_BUF_SIZE + VLAN_HLEN - size);
935 buf = buf1;
936 if (size < MIN_BUF_SIZE) {
937 size = MIN_BUF_SIZE;
938 }
939 }
940
941 if (rtl8139_cp_receiver_enabled(s))
942 {
943 if (!rtl8139_cp_rx_valid(s)) {
944 return size;
945 }
946
947 DPRINTF("in C+ Rx mode ================\n");
948
949 /* begin C+ receiver mode */
950
951 /* w0 ownership flag */
952 #define CP_RX_OWN (1<<31)
953 /* w0 end of ring flag */
954 #define CP_RX_EOR (1<<30)
955 /* w0 bits 0...12 : buffer size */
956 #define CP_RX_BUFFER_SIZE_MASK ((1<<13) - 1)
957 /* w1 tag available flag */
958 #define CP_RX_TAVA (1<<16)
959 /* w1 bits 0...15 : VLAN tag */
960 #define CP_RX_VLAN_TAG_MASK ((1<<16) - 1)
961 /* w2 low 32bit of Rx buffer ptr */
962 /* w3 high 32bit of Rx buffer ptr */
963
964 int descriptor = s->currCPlusRxDesc;
965 dma_addr_t cplus_rx_ring_desc;
966
967 cplus_rx_ring_desc = rtl8139_addr64(s->RxRingAddrLO, s->RxRingAddrHI);
968 cplus_rx_ring_desc += 16 * descriptor;
969
970 DPRINTF("+++ C+ mode reading RX descriptor %d from host memory at "
971 "%08x %08x = "DMA_ADDR_FMT"\n", descriptor, s->RxRingAddrHI,
972 s->RxRingAddrLO, cplus_rx_ring_desc);
973
974 uint32_t val, rxdw0,rxdw1,rxbufLO,rxbufHI;
975
976 pci_dma_read(&s->dev, cplus_rx_ring_desc, &val, 4);
977 rxdw0 = le32_to_cpu(val);
978 pci_dma_read(&s->dev, cplus_rx_ring_desc+4, &val, 4);
979 rxdw1 = le32_to_cpu(val);
980 pci_dma_read(&s->dev, cplus_rx_ring_desc+8, &val, 4);
981 rxbufLO = le32_to_cpu(val);
982 pci_dma_read(&s->dev, cplus_rx_ring_desc+12, &val, 4);
983 rxbufHI = le32_to_cpu(val);
984
985 DPRINTF("+++ C+ mode RX descriptor %d %08x %08x %08x %08x\n",
986 descriptor, rxdw0, rxdw1, rxbufLO, rxbufHI);
987
988 if (!(rxdw0 & CP_RX_OWN))
989 {
990 DPRINTF("C+ Rx mode : descriptor %d is owned by host\n",
991 descriptor);
992
993 s->IntrStatus |= RxOverflow;
994 ++s->RxMissed;
995
996 /* update tally counter */
997 ++s->tally_counters.RxERR;
998 ++s->tally_counters.MissPkt;
999
1000 rtl8139_update_irq(s);
1001 return size_;
1002 }
1003
1004 uint32_t rx_space = rxdw0 & CP_RX_BUFFER_SIZE_MASK;
1005
1006 /* write VLAN info to descriptor variables. */
1007 if (s->CpCmd & CPlusRxVLAN && be16_to_cpup((uint16_t *)
1008 &buf[ETHER_ADDR_LEN * 2]) == ETH_P_8021Q) {
1009 dot1q_buf = &buf[ETHER_ADDR_LEN * 2];
1010 size -= VLAN_HLEN;
1011 /* if too small buffer, use the tailroom added duing expansion */
1012 if (size < MIN_BUF_SIZE) {
1013 size = MIN_BUF_SIZE;
1014 }
1015
1016 rxdw1 &= ~CP_RX_VLAN_TAG_MASK;
1017 /* BE + ~le_to_cpu()~ + cpu_to_le() = BE */
1018 rxdw1 |= CP_RX_TAVA | le16_to_cpup((uint16_t *)
1019 &dot1q_buf[ETHER_TYPE_LEN]);
1020
1021 DPRINTF("C+ Rx mode : extracted vlan tag with tci: ""%u\n",
1022 be16_to_cpup((uint16_t *)&dot1q_buf[ETHER_TYPE_LEN]));
1023 } else {
1024 /* reset VLAN tag flag */
1025 rxdw1 &= ~CP_RX_TAVA;
1026 }
1027
1028 /* TODO: scatter the packet over available receive ring descriptors space */
1029
1030 if (size+4 > rx_space)
1031 {
1032 DPRINTF("C+ Rx mode : descriptor %d size %d received %d + 4\n",
1033 descriptor, rx_space, size);
1034
1035 s->IntrStatus |= RxOverflow;
1036 ++s->RxMissed;
1037
1038 /* update tally counter */
1039 ++s->tally_counters.RxERR;
1040 ++s->tally_counters.MissPkt;
1041
1042 rtl8139_update_irq(s);
1043 return size_;
1044 }
1045
1046 dma_addr_t rx_addr = rtl8139_addr64(rxbufLO, rxbufHI);
1047
1048 /* receive/copy to target memory */
1049 if (dot1q_buf) {
1050 pci_dma_write(&s->dev, rx_addr, buf, 2 * ETHER_ADDR_LEN);
1051 pci_dma_write(&s->dev, rx_addr + 2 * ETHER_ADDR_LEN,
1052 buf + 2 * ETHER_ADDR_LEN + VLAN_HLEN,
1053 size - 2 * ETHER_ADDR_LEN);
1054 } else {
1055 pci_dma_write(&s->dev, rx_addr, buf, size);
1056 }
1057
1058 if (s->CpCmd & CPlusRxChkSum)
1059 {
1060 /* do some packet checksumming */
1061 }
1062
1063 /* write checksum */
1064 val = cpu_to_le32(crc32(0, buf, size_));
1065 pci_dma_write(&s->dev, rx_addr+size, (uint8_t *)&val, 4);
1066
1067 /* first segment of received packet flag */
1068 #define CP_RX_STATUS_FS (1<<29)
1069 /* last segment of received packet flag */
1070 #define CP_RX_STATUS_LS (1<<28)
1071 /* multicast packet flag */
1072 #define CP_RX_STATUS_MAR (1<<26)
1073 /* physical-matching packet flag */
1074 #define CP_RX_STATUS_PAM (1<<25)
1075 /* broadcast packet flag */
1076 #define CP_RX_STATUS_BAR (1<<24)
1077 /* runt packet flag */
1078 #define CP_RX_STATUS_RUNT (1<<19)
1079 /* crc error flag */
1080 #define CP_RX_STATUS_CRC (1<<18)
1081 /* IP checksum error flag */
1082 #define CP_RX_STATUS_IPF (1<<15)
1083 /* UDP checksum error flag */
1084 #define CP_RX_STATUS_UDPF (1<<14)
1085 /* TCP checksum error flag */
1086 #define CP_RX_STATUS_TCPF (1<<13)
1087
1088 /* transfer ownership to target */
1089 rxdw0 &= ~CP_RX_OWN;
1090
1091 /* set first segment bit */
1092 rxdw0 |= CP_RX_STATUS_FS;
1093
1094 /* set last segment bit */
1095 rxdw0 |= CP_RX_STATUS_LS;
1096
1097 /* set received packet type flags */
1098 if (packet_header & RxBroadcast)
1099 rxdw0 |= CP_RX_STATUS_BAR;
1100 if (packet_header & RxMulticast)
1101 rxdw0 |= CP_RX_STATUS_MAR;
1102 if (packet_header & RxPhysical)
1103 rxdw0 |= CP_RX_STATUS_PAM;
1104
1105 /* set received size */
1106 rxdw0 &= ~CP_RX_BUFFER_SIZE_MASK;
1107 rxdw0 |= (size+4);
1108
1109 /* update ring data */
1110 val = cpu_to_le32(rxdw0);
1111 pci_dma_write(&s->dev, cplus_rx_ring_desc, (uint8_t *)&val, 4);
1112 val = cpu_to_le32(rxdw1);
1113 pci_dma_write(&s->dev, cplus_rx_ring_desc+4, (uint8_t *)&val, 4);
1114
1115 /* update tally counter */
1116 ++s->tally_counters.RxOk;
1117
1118 /* seek to next Rx descriptor */
1119 if (rxdw0 & CP_RX_EOR)
1120 {
1121 s->currCPlusRxDesc = 0;
1122 }
1123 else
1124 {
1125 ++s->currCPlusRxDesc;
1126 }
1127
1128 DPRINTF("done C+ Rx mode ----------------\n");
1129
1130 }
1131 else
1132 {
1133 DPRINTF("in ring Rx mode ================\n");
1134
1135 /* begin ring receiver mode */
1136 int avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr, s->RxBufferSize);
1137
1138 /* if receiver buffer is empty then avail == 0 */
1139
1140 if (avail != 0 && size + 8 >= avail)
1141 {
1142 DPRINTF("rx overflow: rx buffer length %d head 0x%04x "
1143 "read 0x%04x === available 0x%04x need 0x%04x\n",
1144 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr, avail, size + 8);
1145
1146 s->IntrStatus |= RxOverflow;
1147 ++s->RxMissed;
1148 rtl8139_update_irq(s);
1149 return size_;
1150 }
1151
1152 packet_header |= RxStatusOK;
1153
1154 packet_header |= (((size+4) << 16) & 0xffff0000);
1155
1156 /* write header */
1157 uint32_t val = cpu_to_le32(packet_header);
1158
1159 rtl8139_write_buffer(s, (uint8_t *)&val, 4);
1160
1161 rtl8139_write_buffer(s, buf, size);
1162
1163 /* write checksum */
1164 val = cpu_to_le32(crc32(0, buf, size));
1165 rtl8139_write_buffer(s, (uint8_t *)&val, 4);
1166
1167 /* correct buffer write pointer */
1168 s->RxBufAddr = MOD2((s->RxBufAddr + 3) & ~0x3, s->RxBufferSize);
1169
1170 /* now we can signal we have received something */
1171
1172 DPRINTF("received: rx buffer length %d head 0x%04x read 0x%04x\n",
1173 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr);
1174 }
1175
1176 s->IntrStatus |= RxOK;
1177
1178 if (do_interrupt)
1179 {
1180 rtl8139_update_irq(s);
1181 }
1182
1183 return size_;
1184 }
1185
1186 static ssize_t rtl8139_receive(NetClientState *nc, const uint8_t *buf, size_t size)
1187 {
1188 return rtl8139_do_receive(nc, buf, size, 1);
1189 }
1190
1191 static void rtl8139_reset_rxring(RTL8139State *s, uint32_t bufferSize)
1192 {
1193 s->RxBufferSize = bufferSize;
1194 s->RxBufPtr = 0;
1195 s->RxBufAddr = 0;
1196 }
1197
1198 static void rtl8139_reset(DeviceState *d)
1199 {
1200 RTL8139State *s = container_of(d, RTL8139State, dev.qdev);
1201 int i;
1202
1203 /* restore MAC address */
1204 memcpy(s->phys, s->conf.macaddr.a, 6);
1205
1206 /* reset interrupt mask */
1207 s->IntrStatus = 0;
1208 s->IntrMask = 0;
1209
1210 rtl8139_update_irq(s);
1211
1212 /* mark all status registers as owned by host */
1213 for (i = 0; i < 4; ++i)
1214 {
1215 s->TxStatus[i] = TxHostOwns;
1216 }
1217
1218 s->currTxDesc = 0;
1219 s->currCPlusRxDesc = 0;
1220 s->currCPlusTxDesc = 0;
1221
1222 s->RxRingAddrLO = 0;
1223 s->RxRingAddrHI = 0;
1224
1225 s->RxBuf = 0;
1226
1227 rtl8139_reset_rxring(s, 8192);
1228
1229 /* ACK the reset */
1230 s->TxConfig = 0;
1231
1232 #if 0
1233 // s->TxConfig |= HW_REVID(1, 0, 0, 0, 0, 0, 0); // RTL-8139 HasHltClk
1234 s->clock_enabled = 0;
1235 #else
1236 s->TxConfig |= HW_REVID(1, 1, 1, 0, 1, 1, 0); // RTL-8139C+ HasLWake
1237 s->clock_enabled = 1;
1238 #endif
1239
1240 s->bChipCmdState = CmdReset; /* RxBufEmpty bit is calculated on read from ChipCmd */;
1241
1242 /* set initial state data */
1243 s->Config0 = 0x0; /* No boot ROM */
1244 s->Config1 = 0xC; /* IO mapped and MEM mapped registers available */
1245 s->Config3 = 0x1; /* fast back-to-back compatible */
1246 s->Config5 = 0x0;
1247
1248 s->CSCR = CSCR_F_LINK_100 | CSCR_HEART_BIT | CSCR_LD;
1249
1250 s->CpCmd = 0x0; /* reset C+ mode */
1251 s->cplus_enabled = 0;
1252
1253
1254 // s->BasicModeCtrl = 0x3100; // 100Mbps, full duplex, autonegotiation
1255 // s->BasicModeCtrl = 0x2100; // 100Mbps, full duplex
1256 s->BasicModeCtrl = 0x1000; // autonegotiation
1257
1258 s->BasicModeStatus = 0x7809;
1259 //s->BasicModeStatus |= 0x0040; /* UTP medium */
1260 s->BasicModeStatus |= 0x0020; /* autonegotiation completed */
1261 /* preserve link state */
1262 s->BasicModeStatus |= qemu_get_queue(s->nic)->link_down ? 0 : 0x04;
1263
1264 s->NWayAdvert = 0x05e1; /* all modes, full duplex */
1265 s->NWayLPAR = 0x05e1; /* all modes, full duplex */
1266 s->NWayExpansion = 0x0001; /* autonegotiation supported */
1267
1268 /* also reset timer and disable timer interrupt */
1269 s->TCTR = 0;
1270 s->TimerInt = 0;
1271 s->TCTR_base = 0;
1272
1273 /* reset tally counters */
1274 RTL8139TallyCounters_clear(&s->tally_counters);
1275 }
1276
1277 static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters)
1278 {
1279 counters->TxOk = 0;
1280 counters->RxOk = 0;
1281 counters->TxERR = 0;
1282 counters->RxERR = 0;
1283 counters->MissPkt = 0;
1284 counters->FAE = 0;
1285 counters->Tx1Col = 0;
1286 counters->TxMCol = 0;
1287 counters->RxOkPhy = 0;
1288 counters->RxOkBrd = 0;
1289 counters->RxOkMul = 0;
1290 counters->TxAbt = 0;
1291 counters->TxUndrn = 0;
1292 }
1293
1294 static void RTL8139TallyCounters_dma_write(RTL8139State *s, dma_addr_t tc_addr)
1295 {
1296 RTL8139TallyCounters *tally_counters = &s->tally_counters;
1297 uint16_t val16;
1298 uint32_t val32;
1299 uint64_t val64;
1300
1301 val64 = cpu_to_le64(tally_counters->TxOk);
1302 pci_dma_write(&s->dev, tc_addr + 0, (uint8_t *)&val64, 8);
1303
1304 val64 = cpu_to_le64(tally_counters->RxOk);
1305 pci_dma_write(&s->dev, tc_addr + 8, (uint8_t *)&val64, 8);
1306
1307 val64 = cpu_to_le64(tally_counters->TxERR);
1308 pci_dma_write(&s->dev, tc_addr + 16, (uint8_t *)&val64, 8);
1309
1310 val32 = cpu_to_le32(tally_counters->RxERR);
1311 pci_dma_write(&s->dev, tc_addr + 24, (uint8_t *)&val32, 4);
1312
1313 val16 = cpu_to_le16(tally_counters->MissPkt);
1314 pci_dma_write(&s->dev, tc_addr + 28, (uint8_t *)&val16, 2);
1315
1316 val16 = cpu_to_le16(tally_counters->FAE);
1317 pci_dma_write(&s->dev, tc_addr + 30, (uint8_t *)&val16, 2);
1318
1319 val32 = cpu_to_le32(tally_counters->Tx1Col);
1320 pci_dma_write(&s->dev, tc_addr + 32, (uint8_t *)&val32, 4);
1321
1322 val32 = cpu_to_le32(tally_counters->TxMCol);
1323 pci_dma_write(&s->dev, tc_addr + 36, (uint8_t *)&val32, 4);
1324
1325 val64 = cpu_to_le64(tally_counters->RxOkPhy);
1326 pci_dma_write(&s->dev, tc_addr + 40, (uint8_t *)&val64, 8);
1327
1328 val64 = cpu_to_le64(tally_counters->RxOkBrd);
1329 pci_dma_write(&s->dev, tc_addr + 48, (uint8_t *)&val64, 8);
1330
1331 val32 = cpu_to_le32(tally_counters->RxOkMul);
1332 pci_dma_write(&s->dev, tc_addr + 56, (uint8_t *)&val32, 4);
1333
1334 val16 = cpu_to_le16(tally_counters->TxAbt);
1335 pci_dma_write(&s->dev, tc_addr + 60, (uint8_t *)&val16, 2);
1336
1337 val16 = cpu_to_le16(tally_counters->TxUndrn);
1338 pci_dma_write(&s->dev, tc_addr + 62, (uint8_t *)&val16, 2);
1339 }
1340
1341 /* Loads values of tally counters from VM state file */
1342
1343 static const VMStateDescription vmstate_tally_counters = {
1344 .name = "tally_counters",
1345 .version_id = 1,
1346 .minimum_version_id = 1,
1347 .minimum_version_id_old = 1,
1348 .fields = (VMStateField []) {
1349 VMSTATE_UINT64(TxOk, RTL8139TallyCounters),
1350 VMSTATE_UINT64(RxOk, RTL8139TallyCounters),
1351 VMSTATE_UINT64(TxERR, RTL8139TallyCounters),
1352 VMSTATE_UINT32(RxERR, RTL8139TallyCounters),
1353 VMSTATE_UINT16(MissPkt, RTL8139TallyCounters),
1354 VMSTATE_UINT16(FAE, RTL8139TallyCounters),
1355 VMSTATE_UINT32(Tx1Col, RTL8139TallyCounters),
1356 VMSTATE_UINT32(TxMCol, RTL8139TallyCounters),
1357 VMSTATE_UINT64(RxOkPhy, RTL8139TallyCounters),
1358 VMSTATE_UINT64(RxOkBrd, RTL8139TallyCounters),
1359 VMSTATE_UINT16(TxAbt, RTL8139TallyCounters),
1360 VMSTATE_UINT16(TxUndrn, RTL8139TallyCounters),
1361 VMSTATE_END_OF_LIST()
1362 }
1363 };
1364
1365 static void rtl8139_ChipCmd_write(RTL8139State *s, uint32_t val)
1366 {
1367 val &= 0xff;
1368
1369 DPRINTF("ChipCmd write val=0x%08x\n", val);
1370
1371 if (val & CmdReset)
1372 {
1373 DPRINTF("ChipCmd reset\n");
1374 rtl8139_reset(&s->dev.qdev);
1375 }
1376 if (val & CmdRxEnb)
1377 {
1378 DPRINTF("ChipCmd enable receiver\n");
1379
1380 s->currCPlusRxDesc = 0;
1381 }
1382 if (val & CmdTxEnb)
1383 {
1384 DPRINTF("ChipCmd enable transmitter\n");
1385
1386 s->currCPlusTxDesc = 0;
1387 }
1388
1389 /* mask unwritable bits */
1390 val = SET_MASKED(val, 0xe3, s->bChipCmdState);
1391
1392 /* Deassert reset pin before next read */
1393 val &= ~CmdReset;
1394
1395 s->bChipCmdState = val;
1396 }
1397
1398 static int rtl8139_RxBufferEmpty(RTL8139State *s)
1399 {
1400 int unread = MOD2(s->RxBufferSize + s->RxBufAddr - s->RxBufPtr, s->RxBufferSize);
1401
1402 if (unread != 0)
1403 {
1404 DPRINTF("receiver buffer data available 0x%04x\n", unread);
1405 return 0;
1406 }
1407
1408 DPRINTF("receiver buffer is empty\n");
1409
1410 return 1;
1411 }
1412
1413 static uint32_t rtl8139_ChipCmd_read(RTL8139State *s)
1414 {
1415 uint32_t ret = s->bChipCmdState;
1416
1417 if (rtl8139_RxBufferEmpty(s))
1418 ret |= RxBufEmpty;
1419
1420 DPRINTF("ChipCmd read val=0x%04x\n", ret);
1421
1422 return ret;
1423 }
1424
1425 static void rtl8139_CpCmd_write(RTL8139State *s, uint32_t val)
1426 {
1427 val &= 0xffff;
1428
1429 DPRINTF("C+ command register write(w) val=0x%04x\n", val);
1430
1431 s->cplus_enabled = 1;
1432
1433 /* mask unwritable bits */
1434 val = SET_MASKED(val, 0xff84, s->CpCmd);
1435
1436 s->CpCmd = val;
1437 }
1438
1439 static uint32_t rtl8139_CpCmd_read(RTL8139State *s)
1440 {
1441 uint32_t ret = s->CpCmd;
1442
1443 DPRINTF("C+ command register read(w) val=0x%04x\n", ret);
1444
1445 return ret;
1446 }
1447
1448 static void rtl8139_IntrMitigate_write(RTL8139State *s, uint32_t val)
1449 {
1450 DPRINTF("C+ IntrMitigate register write(w) val=0x%04x\n", val);
1451 }
1452
1453 static uint32_t rtl8139_IntrMitigate_read(RTL8139State *s)
1454 {
1455 uint32_t ret = 0;
1456
1457 DPRINTF("C+ IntrMitigate register read(w) val=0x%04x\n", ret);
1458
1459 return ret;
1460 }
1461
1462 static int rtl8139_config_writable(RTL8139State *s)
1463 {
1464 if ((s->Cfg9346 & Chip9346_op_mask) == Cfg9346_ConfigWrite)
1465 {
1466 return 1;
1467 }
1468
1469 DPRINTF("Configuration registers are write-protected\n");
1470
1471 return 0;
1472 }
1473
1474 static void rtl8139_BasicModeCtrl_write(RTL8139State *s, uint32_t val)
1475 {
1476 val &= 0xffff;
1477
1478 DPRINTF("BasicModeCtrl register write(w) val=0x%04x\n", val);
1479
1480 /* mask unwritable bits */
1481 uint32_t mask = 0x4cff;
1482
1483 if (1 || !rtl8139_config_writable(s))
1484 {
1485 /* Speed setting and autonegotiation enable bits are read-only */
1486 mask |= 0x3000;
1487 /* Duplex mode setting is read-only */
1488 mask |= 0x0100;
1489 }
1490
1491 val = SET_MASKED(val, mask, s->BasicModeCtrl);
1492
1493 s->BasicModeCtrl = val;
1494 }
1495
1496 static uint32_t rtl8139_BasicModeCtrl_read(RTL8139State *s)
1497 {
1498 uint32_t ret = s->BasicModeCtrl;
1499
1500 DPRINTF("BasicModeCtrl register read(w) val=0x%04x\n", ret);
1501
1502 return ret;
1503 }
1504
1505 static void rtl8139_BasicModeStatus_write(RTL8139State *s, uint32_t val)
1506 {
1507 val &= 0xffff;
1508
1509 DPRINTF("BasicModeStatus register write(w) val=0x%04x\n", val);
1510
1511 /* mask unwritable bits */
1512 val = SET_MASKED(val, 0xff3f, s->BasicModeStatus);
1513
1514 s->BasicModeStatus = val;
1515 }
1516
1517 static uint32_t rtl8139_BasicModeStatus_read(RTL8139State *s)
1518 {
1519 uint32_t ret = s->BasicModeStatus;
1520
1521 DPRINTF("BasicModeStatus register read(w) val=0x%04x\n", ret);
1522
1523 return ret;
1524 }
1525
1526 static void rtl8139_Cfg9346_write(RTL8139State *s, uint32_t val)
1527 {
1528 val &= 0xff;
1529
1530 DPRINTF("Cfg9346 write val=0x%02x\n", val);
1531
1532 /* mask unwritable bits */
1533 val = SET_MASKED(val, 0x31, s->Cfg9346);
1534
1535 uint32_t opmode = val & 0xc0;
1536 uint32_t eeprom_val = val & 0xf;
1537
1538 if (opmode == 0x80) {
1539 /* eeprom access */
1540 int eecs = (eeprom_val & 0x08)?1:0;
1541 int eesk = (eeprom_val & 0x04)?1:0;
1542 int eedi = (eeprom_val & 0x02)?1:0;
1543 prom9346_set_wire(s, eecs, eesk, eedi);
1544 } else if (opmode == 0x40) {
1545 /* Reset. */
1546 val = 0;
1547 rtl8139_reset(&s->dev.qdev);
1548 }
1549
1550 s->Cfg9346 = val;
1551 }
1552
1553 static uint32_t rtl8139_Cfg9346_read(RTL8139State *s)
1554 {
1555 uint32_t ret = s->Cfg9346;
1556
1557 uint32_t opmode = ret & 0xc0;
1558
1559 if (opmode == 0x80)
1560 {
1561 /* eeprom access */
1562 int eedo = prom9346_get_wire(s);
1563 if (eedo)
1564 {
1565 ret |= 0x01;
1566 }
1567 else
1568 {
1569 ret &= ~0x01;
1570 }
1571 }
1572
1573 DPRINTF("Cfg9346 read val=0x%02x\n", ret);
1574
1575 return ret;
1576 }
1577
1578 static void rtl8139_Config0_write(RTL8139State *s, uint32_t val)
1579 {
1580 val &= 0xff;
1581
1582 DPRINTF("Config0 write val=0x%02x\n", val);
1583
1584 if (!rtl8139_config_writable(s)) {
1585 return;
1586 }
1587
1588 /* mask unwritable bits */
1589 val = SET_MASKED(val, 0xf8, s->Config0);
1590
1591 s->Config0 = val;
1592 }
1593
1594 static uint32_t rtl8139_Config0_read(RTL8139State *s)
1595 {
1596 uint32_t ret = s->Config0;
1597
1598 DPRINTF("Config0 read val=0x%02x\n", ret);
1599
1600 return ret;
1601 }
1602
1603 static void rtl8139_Config1_write(RTL8139State *s, uint32_t val)
1604 {
1605 val &= 0xff;
1606
1607 DPRINTF("Config1 write val=0x%02x\n", val);
1608
1609 if (!rtl8139_config_writable(s)) {
1610 return;
1611 }
1612
1613 /* mask unwritable bits */
1614 val = SET_MASKED(val, 0xC, s->Config1);
1615
1616 s->Config1 = val;
1617 }
1618
1619 static uint32_t rtl8139_Config1_read(RTL8139State *s)
1620 {
1621 uint32_t ret = s->Config1;
1622
1623 DPRINTF("Config1 read val=0x%02x\n", ret);
1624
1625 return ret;
1626 }
1627
1628 static void rtl8139_Config3_write(RTL8139State *s, uint32_t val)
1629 {
1630 val &= 0xff;
1631
1632 DPRINTF("Config3 write val=0x%02x\n", val);
1633
1634 if (!rtl8139_config_writable(s)) {
1635 return;
1636 }
1637
1638 /* mask unwritable bits */
1639 val = SET_MASKED(val, 0x8F, s->Config3);
1640
1641 s->Config3 = val;
1642 }
1643
1644 static uint32_t rtl8139_Config3_read(RTL8139State *s)
1645 {
1646 uint32_t ret = s->Config3;
1647
1648 DPRINTF("Config3 read val=0x%02x\n", ret);
1649
1650 return ret;
1651 }
1652
1653 static void rtl8139_Config4_write(RTL8139State *s, uint32_t val)
1654 {
1655 val &= 0xff;
1656
1657 DPRINTF("Config4 write val=0x%02x\n", val);
1658
1659 if (!rtl8139_config_writable(s)) {
1660 return;
1661 }
1662
1663 /* mask unwritable bits */
1664 val = SET_MASKED(val, 0x0a, s->Config4);
1665
1666 s->Config4 = val;
1667 }
1668
1669 static uint32_t rtl8139_Config4_read(RTL8139State *s)
1670 {
1671 uint32_t ret = s->Config4;
1672
1673 DPRINTF("Config4 read val=0x%02x\n", ret);
1674
1675 return ret;
1676 }
1677
1678 static void rtl8139_Config5_write(RTL8139State *s, uint32_t val)
1679 {
1680 val &= 0xff;
1681
1682 DPRINTF("Config5 write val=0x%02x\n", val);
1683
1684 /* mask unwritable bits */
1685 val = SET_MASKED(val, 0x80, s->Config5);
1686
1687 s->Config5 = val;
1688 }
1689
1690 static uint32_t rtl8139_Config5_read(RTL8139State *s)
1691 {
1692 uint32_t ret = s->Config5;
1693
1694 DPRINTF("Config5 read val=0x%02x\n", ret);
1695
1696 return ret;
1697 }
1698
1699 static void rtl8139_TxConfig_write(RTL8139State *s, uint32_t val)
1700 {
1701 if (!rtl8139_transmitter_enabled(s))
1702 {
1703 DPRINTF("transmitter disabled; no TxConfig write val=0x%08x\n", val);
1704 return;
1705 }
1706
1707 DPRINTF("TxConfig write val=0x%08x\n", val);
1708
1709 val = SET_MASKED(val, TxVersionMask | 0x8070f80f, s->TxConfig);
1710
1711 s->TxConfig = val;
1712 }
1713
1714 static void rtl8139_TxConfig_writeb(RTL8139State *s, uint32_t val)
1715 {
1716 DPRINTF("RTL8139C TxConfig via write(b) val=0x%02x\n", val);
1717
1718 uint32_t tc = s->TxConfig;
1719 tc &= 0xFFFFFF00;
1720 tc |= (val & 0x000000FF);
1721 rtl8139_TxConfig_write(s, tc);
1722 }
1723
1724 static uint32_t rtl8139_TxConfig_read(RTL8139State *s)
1725 {
1726 uint32_t ret = s->TxConfig;
1727
1728 DPRINTF("TxConfig read val=0x%04x\n", ret);
1729
1730 return ret;
1731 }
1732
1733 static void rtl8139_RxConfig_write(RTL8139State *s, uint32_t val)
1734 {
1735 DPRINTF("RxConfig write val=0x%08x\n", val);
1736
1737 /* mask unwritable bits */
1738 val = SET_MASKED(val, 0xf0fc0040, s->RxConfig);
1739
1740 s->RxConfig = val;
1741
1742 /* reset buffer size and read/write pointers */
1743 rtl8139_reset_rxring(s, 8192 << ((s->RxConfig >> 11) & 0x3));
1744
1745 DPRINTF("RxConfig write reset buffer size to %d\n", s->RxBufferSize);
1746 }
1747
1748 static uint32_t rtl8139_RxConfig_read(RTL8139State *s)
1749 {
1750 uint32_t ret = s->RxConfig;
1751
1752 DPRINTF("RxConfig read val=0x%08x\n", ret);
1753
1754 return ret;
1755 }
1756
1757 static void rtl8139_transfer_frame(RTL8139State *s, uint8_t *buf, int size,
1758 int do_interrupt, const uint8_t *dot1q_buf)
1759 {
1760 struct iovec *iov = NULL;
1761
1762 if (!size)
1763 {
1764 DPRINTF("+++ empty ethernet frame\n");
1765 return;
1766 }
1767
1768 if (dot1q_buf && size >= ETHER_ADDR_LEN * 2) {
1769 iov = (struct iovec[3]) {
1770 { .iov_base = buf, .iov_len = ETHER_ADDR_LEN * 2 },
1771 { .iov_base = (void *) dot1q_buf, .iov_len = VLAN_HLEN },
1772 { .iov_base = buf + ETHER_ADDR_LEN * 2,
1773 .iov_len = size - ETHER_ADDR_LEN * 2 },
1774 };
1775 }
1776
1777 if (TxLoopBack == (s->TxConfig & TxLoopBack))
1778 {
1779 size_t buf2_size;
1780 uint8_t *buf2;
1781
1782 if (iov) {
1783 buf2_size = iov_size(iov, 3);
1784 buf2 = g_malloc(buf2_size);
1785 iov_to_buf(iov, 3, 0, buf2, buf2_size);
1786 buf = buf2;
1787 }
1788
1789 DPRINTF("+++ transmit loopback mode\n");
1790 rtl8139_do_receive(qemu_get_queue(s->nic), buf, size, do_interrupt);
1791
1792 if (iov) {
1793 g_free(buf2);
1794 }
1795 }
1796 else
1797 {
1798 if (iov) {
1799 qemu_sendv_packet(qemu_get_queue(s->nic), iov, 3);
1800 } else {
1801 qemu_send_packet(qemu_get_queue(s->nic), buf, size);
1802 }
1803 }
1804 }
1805
1806 static int rtl8139_transmit_one(RTL8139State *s, int descriptor)
1807 {
1808 if (!rtl8139_transmitter_enabled(s))
1809 {
1810 DPRINTF("+++ cannot transmit from descriptor %d: transmitter "
1811 "disabled\n", descriptor);
1812 return 0;
1813 }
1814
1815 if (s->TxStatus[descriptor] & TxHostOwns)
1816 {
1817 DPRINTF("+++ cannot transmit from descriptor %d: owned by host "
1818 "(%08x)\n", descriptor, s->TxStatus[descriptor]);
1819 return 0;
1820 }
1821
1822 DPRINTF("+++ transmitting from descriptor %d\n", descriptor);
1823
1824 int txsize = s->TxStatus[descriptor] & 0x1fff;
1825 uint8_t txbuffer[0x2000];
1826
1827 DPRINTF("+++ transmit reading %d bytes from host memory at 0x%08x\n",
1828 txsize, s->TxAddr[descriptor]);
1829
1830 pci_dma_read(&s->dev, s->TxAddr[descriptor], txbuffer, txsize);
1831
1832 /* Mark descriptor as transferred */
1833 s->TxStatus[descriptor] |= TxHostOwns;
1834 s->TxStatus[descriptor] |= TxStatOK;
1835
1836 rtl8139_transfer_frame(s, txbuffer, txsize, 0, NULL);
1837
1838 DPRINTF("+++ transmitted %d bytes from descriptor %d\n", txsize,
1839 descriptor);
1840
1841 /* update interrupt */
1842 s->IntrStatus |= TxOK;
1843 rtl8139_update_irq(s);
1844
1845 return 1;
1846 }
1847
1848 /* structures and macros for task offloading */
1849 typedef struct ip_header
1850 {
1851 uint8_t ip_ver_len; /* version and header length */
1852 uint8_t ip_tos; /* type of service */
1853 uint16_t ip_len; /* total length */
1854 uint16_t ip_id; /* identification */
1855 uint16_t ip_off; /* fragment offset field */
1856 uint8_t ip_ttl; /* time to live */
1857 uint8_t ip_p; /* protocol */
1858 uint16_t ip_sum; /* checksum */
1859 uint32_t ip_src,ip_dst; /* source and dest address */
1860 } ip_header;
1861
1862 #define IP_HEADER_VERSION_4 4
1863 #define IP_HEADER_VERSION(ip) ((ip->ip_ver_len >> 4)&0xf)
1864 #define IP_HEADER_LENGTH(ip) (((ip->ip_ver_len)&0xf) << 2)
1865
1866 typedef struct tcp_header
1867 {
1868 uint16_t th_sport; /* source port */
1869 uint16_t th_dport; /* destination port */
1870 uint32_t th_seq; /* sequence number */
1871 uint32_t th_ack; /* acknowledgement number */
1872 uint16_t th_offset_flags; /* data offset, reserved 6 bits, TCP protocol flags */
1873 uint16_t th_win; /* window */
1874 uint16_t th_sum; /* checksum */
1875 uint16_t th_urp; /* urgent pointer */
1876 } tcp_header;
1877
1878 typedef struct udp_header
1879 {
1880 uint16_t uh_sport; /* source port */
1881 uint16_t uh_dport; /* destination port */
1882 uint16_t uh_ulen; /* udp length */
1883 uint16_t uh_sum; /* udp checksum */
1884 } udp_header;
1885
1886 typedef struct ip_pseudo_header
1887 {
1888 uint32_t ip_src;
1889 uint32_t ip_dst;
1890 uint8_t zeros;
1891 uint8_t ip_proto;
1892 uint16_t ip_payload;
1893 } ip_pseudo_header;
1894
1895 #define IP_PROTO_TCP 6
1896 #define IP_PROTO_UDP 17
1897
1898 #define TCP_HEADER_DATA_OFFSET(tcp) (((be16_to_cpu(tcp->th_offset_flags) >> 12)&0xf) << 2)
1899 #define TCP_FLAGS_ONLY(flags) ((flags)&0x3f)
1900 #define TCP_HEADER_FLAGS(tcp) TCP_FLAGS_ONLY(be16_to_cpu(tcp->th_offset_flags))
1901
1902 #define TCP_HEADER_CLEAR_FLAGS(tcp, off) ((tcp)->th_offset_flags &= cpu_to_be16(~TCP_FLAGS_ONLY(off)))
1903
1904 #define TCP_FLAG_FIN 0x01
1905 #define TCP_FLAG_PUSH 0x08
1906
1907 /* produces ones' complement sum of data */
1908 static uint16_t ones_complement_sum(uint8_t *data, size_t len)
1909 {
1910 uint32_t result = 0;
1911
1912 for (; len > 1; data+=2, len-=2)
1913 {
1914 result += *(uint16_t*)data;
1915 }
1916
1917 /* add the remainder byte */
1918 if (len)
1919 {
1920 uint8_t odd[2] = {*data, 0};
1921 result += *(uint16_t*)odd;
1922 }
1923
1924 while (result>>16)
1925 result = (result & 0xffff) + (result >> 16);
1926
1927 return result;
1928 }
1929
1930 static uint16_t ip_checksum(void *data, size_t len)
1931 {
1932 return ~ones_complement_sum((uint8_t*)data, len);
1933 }
1934
1935 static int rtl8139_cplus_transmit_one(RTL8139State *s)
1936 {
1937 if (!rtl8139_transmitter_enabled(s))
1938 {
1939 DPRINTF("+++ C+ mode: transmitter disabled\n");
1940 return 0;
1941 }
1942
1943 if (!rtl8139_cp_transmitter_enabled(s))
1944 {
1945 DPRINTF("+++ C+ mode: C+ transmitter disabled\n");
1946 return 0 ;
1947 }
1948
1949 int descriptor = s->currCPlusTxDesc;
1950
1951 dma_addr_t cplus_tx_ring_desc = rtl8139_addr64(s->TxAddr[0], s->TxAddr[1]);
1952
1953 /* Normal priority ring */
1954 cplus_tx_ring_desc += 16 * descriptor;
1955
1956 DPRINTF("+++ C+ mode reading TX descriptor %d from host memory at "
1957 "%08x %08x = 0x"DMA_ADDR_FMT"\n", descriptor, s->TxAddr[1],
1958 s->TxAddr[0], cplus_tx_ring_desc);
1959
1960 uint32_t val, txdw0,txdw1,txbufLO,txbufHI;
1961
1962 pci_dma_read(&s->dev, cplus_tx_ring_desc, (uint8_t *)&val, 4);
1963 txdw0 = le32_to_cpu(val);
1964 pci_dma_read(&s->dev, cplus_tx_ring_desc+4, (uint8_t *)&val, 4);
1965 txdw1 = le32_to_cpu(val);
1966 pci_dma_read(&s->dev, cplus_tx_ring_desc+8, (uint8_t *)&val, 4);
1967 txbufLO = le32_to_cpu(val);
1968 pci_dma_read(&s->dev, cplus_tx_ring_desc+12, (uint8_t *)&val, 4);
1969 txbufHI = le32_to_cpu(val);
1970
1971 DPRINTF("+++ C+ mode TX descriptor %d %08x %08x %08x %08x\n", descriptor,
1972 txdw0, txdw1, txbufLO, txbufHI);
1973
1974 /* w0 ownership flag */
1975 #define CP_TX_OWN (1<<31)
1976 /* w0 end of ring flag */
1977 #define CP_TX_EOR (1<<30)
1978 /* first segment of received packet flag */
1979 #define CP_TX_FS (1<<29)
1980 /* last segment of received packet flag */
1981 #define CP_TX_LS (1<<28)
1982 /* large send packet flag */
1983 #define CP_TX_LGSEN (1<<27)
1984 /* large send MSS mask, bits 16...25 */
1985 #define CP_TC_LGSEN_MSS_MASK ((1 << 12) - 1)
1986
1987 /* IP checksum offload flag */
1988 #define CP_TX_IPCS (1<<18)
1989 /* UDP checksum offload flag */
1990 #define CP_TX_UDPCS (1<<17)
1991 /* TCP checksum offload flag */
1992 #define CP_TX_TCPCS (1<<16)
1993
1994 /* w0 bits 0...15 : buffer size */
1995 #define CP_TX_BUFFER_SIZE (1<<16)
1996 #define CP_TX_BUFFER_SIZE_MASK (CP_TX_BUFFER_SIZE - 1)
1997 /* w1 add tag flag */
1998 #define CP_TX_TAGC (1<<17)
1999 /* w1 bits 0...15 : VLAN tag (big endian) */
2000 #define CP_TX_VLAN_TAG_MASK ((1<<16) - 1)
2001 /* w2 low 32bit of Rx buffer ptr */
2002 /* w3 high 32bit of Rx buffer ptr */
2003
2004 /* set after transmission */
2005 /* FIFO underrun flag */
2006 #define CP_TX_STATUS_UNF (1<<25)
2007 /* transmit error summary flag, valid if set any of three below */
2008 #define CP_TX_STATUS_TES (1<<23)
2009 /* out-of-window collision flag */
2010 #define CP_TX_STATUS_OWC (1<<22)
2011 /* link failure flag */
2012 #define CP_TX_STATUS_LNKF (1<<21)
2013 /* excessive collisions flag */
2014 #define CP_TX_STATUS_EXC (1<<20)
2015
2016 if (!(txdw0 & CP_TX_OWN))
2017 {
2018 DPRINTF("C+ Tx mode : descriptor %d is owned by host\n", descriptor);
2019 return 0 ;
2020 }
2021
2022 DPRINTF("+++ C+ Tx mode : transmitting from descriptor %d\n", descriptor);
2023
2024 if (txdw0 & CP_TX_FS)
2025 {
2026 DPRINTF("+++ C+ Tx mode : descriptor %d is first segment "
2027 "descriptor\n", descriptor);
2028
2029 /* reset internal buffer offset */
2030 s->cplus_txbuffer_offset = 0;
2031 }
2032
2033 int txsize = txdw0 & CP_TX_BUFFER_SIZE_MASK;
2034 dma_addr_t tx_addr = rtl8139_addr64(txbufLO, txbufHI);
2035
2036 /* make sure we have enough space to assemble the packet */
2037 if (!s->cplus_txbuffer)
2038 {
2039 s->cplus_txbuffer_len = CP_TX_BUFFER_SIZE;
2040 s->cplus_txbuffer = g_malloc(s->cplus_txbuffer_len);
2041 s->cplus_txbuffer_offset = 0;
2042
2043 DPRINTF("+++ C+ mode transmission buffer allocated space %d\n",
2044 s->cplus_txbuffer_len);
2045 }
2046
2047 if (s->cplus_txbuffer_offset + txsize >= s->cplus_txbuffer_len)
2048 {
2049 /* The spec didn't tell the maximum size, stick to CP_TX_BUFFER_SIZE */
2050 txsize = s->cplus_txbuffer_len - s->cplus_txbuffer_offset;
2051 DPRINTF("+++ C+ mode transmission buffer overrun, truncated descriptor"
2052 "length to %d\n", txsize);
2053 }
2054
2055 if (!s->cplus_txbuffer)
2056 {
2057 /* out of memory */
2058
2059 DPRINTF("+++ C+ mode transmiter failed to reallocate %d bytes\n",
2060 s->cplus_txbuffer_len);
2061
2062 /* update tally counter */
2063 ++s->tally_counters.TxERR;
2064 ++s->tally_counters.TxAbt;
2065
2066 return 0;
2067 }
2068
2069 /* append more data to the packet */
2070
2071 DPRINTF("+++ C+ mode transmit reading %d bytes from host memory at "
2072 DMA_ADDR_FMT" to offset %d\n", txsize, tx_addr,
2073 s->cplus_txbuffer_offset);
2074
2075 pci_dma_read(&s->dev, tx_addr,
2076 s->cplus_txbuffer + s->cplus_txbuffer_offset, txsize);
2077 s->cplus_txbuffer_offset += txsize;
2078
2079 /* seek to next Rx descriptor */
2080 if (txdw0 & CP_TX_EOR)
2081 {
2082 s->currCPlusTxDesc = 0;
2083 }
2084 else
2085 {
2086 ++s->currCPlusTxDesc;
2087 if (s->currCPlusTxDesc >= 64)
2088 s->currCPlusTxDesc = 0;
2089 }
2090
2091 /* transfer ownership to target */
2092 txdw0 &= ~CP_RX_OWN;
2093
2094 /* reset error indicator bits */
2095 txdw0 &= ~CP_TX_STATUS_UNF;
2096 txdw0 &= ~CP_TX_STATUS_TES;
2097 txdw0 &= ~CP_TX_STATUS_OWC;
2098 txdw0 &= ~CP_TX_STATUS_LNKF;
2099 txdw0 &= ~CP_TX_STATUS_EXC;
2100
2101 /* update ring data */
2102 val = cpu_to_le32(txdw0);
2103 pci_dma_write(&s->dev, cplus_tx_ring_desc, (uint8_t *)&val, 4);
2104
2105 /* Now decide if descriptor being processed is holding the last segment of packet */
2106 if (txdw0 & CP_TX_LS)
2107 {
2108 uint8_t dot1q_buffer_space[VLAN_HLEN];
2109 uint16_t *dot1q_buffer;
2110
2111 DPRINTF("+++ C+ Tx mode : descriptor %d is last segment descriptor\n",
2112 descriptor);
2113
2114 /* can transfer fully assembled packet */
2115
2116 uint8_t *saved_buffer = s->cplus_txbuffer;
2117 int saved_size = s->cplus_txbuffer_offset;
2118 int saved_buffer_len = s->cplus_txbuffer_len;
2119
2120 /* create vlan tag */
2121 if (txdw1 & CP_TX_TAGC) {
2122 /* the vlan tag is in BE byte order in the descriptor
2123 * BE + le_to_cpu() + ~swap()~ = cpu */
2124 DPRINTF("+++ C+ Tx mode : inserting vlan tag with ""tci: %u\n",
2125 bswap16(txdw1 & CP_TX_VLAN_TAG_MASK));
2126
2127 dot1q_buffer = (uint16_t *) dot1q_buffer_space;
2128 dot1q_buffer[0] = cpu_to_be16(ETH_P_8021Q);
2129 /* BE + le_to_cpu() + ~cpu_to_le()~ = BE */
2130 dot1q_buffer[1] = cpu_to_le16(txdw1 & CP_TX_VLAN_TAG_MASK);
2131 } else {
2132 dot1q_buffer = NULL;
2133 }
2134
2135 /* reset the card space to protect from recursive call */
2136 s->cplus_txbuffer = NULL;
2137 s->cplus_txbuffer_offset = 0;
2138 s->cplus_txbuffer_len = 0;
2139
2140 if (txdw0 & (CP_TX_IPCS | CP_TX_UDPCS | CP_TX_TCPCS | CP_TX_LGSEN))
2141 {
2142 DPRINTF("+++ C+ mode offloaded task checksum\n");
2143
2144 /* ip packet header */
2145 ip_header *ip = NULL;
2146 int hlen = 0;
2147 uint8_t ip_protocol = 0;
2148 uint16_t ip_data_len = 0;
2149
2150 uint8_t *eth_payload_data = NULL;
2151 size_t eth_payload_len = 0;
2152
2153 int proto = be16_to_cpu(*(uint16_t *)(saved_buffer + 12));
2154 if (proto == ETH_P_IP)
2155 {
2156 DPRINTF("+++ C+ mode has IP packet\n");
2157
2158 /* not aligned */
2159 eth_payload_data = saved_buffer + ETH_HLEN;
2160 eth_payload_len = saved_size - ETH_HLEN;
2161
2162 ip = (ip_header*)eth_payload_data;
2163
2164 if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) {
2165 DPRINTF("+++ C+ mode packet has bad IP version %d "
2166 "expected %d\n", IP_HEADER_VERSION(ip),
2167 IP_HEADER_VERSION_4);
2168 ip = NULL;
2169 } else {
2170 hlen = IP_HEADER_LENGTH(ip);
2171 ip_protocol = ip->ip_p;
2172 ip_data_len = be16_to_cpu(ip->ip_len) - hlen;
2173 }
2174 }
2175
2176 if (ip)
2177 {
2178 if (txdw0 & CP_TX_IPCS)
2179 {
2180 DPRINTF("+++ C+ mode need IP checksum\n");
2181
2182 if (hlen<sizeof(ip_header) || hlen>eth_payload_len) {/* min header length */
2183 /* bad packet header len */
2184 /* or packet too short */
2185 }
2186 else
2187 {
2188 ip->ip_sum = 0;
2189 ip->ip_sum = ip_checksum(ip, hlen);
2190 DPRINTF("+++ C+ mode IP header len=%d checksum=%04x\n",
2191 hlen, ip->ip_sum);
2192 }
2193 }
2194
2195 if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP)
2196 {
2197 int large_send_mss = (txdw0 >> 16) & CP_TC_LGSEN_MSS_MASK;
2198
2199 DPRINTF("+++ C+ mode offloaded task TSO MTU=%d IP data %d "
2200 "frame data %d specified MSS=%d\n", ETH_MTU,
2201 ip_data_len, saved_size - ETH_HLEN, large_send_mss);
2202
2203 int tcp_send_offset = 0;
2204 int send_count = 0;
2205
2206 /* maximum IP header length is 60 bytes */
2207 uint8_t saved_ip_header[60];
2208
2209 /* save IP header template; data area is used in tcp checksum calculation */
2210 memcpy(saved_ip_header, eth_payload_data, hlen);
2211
2212 /* a placeholder for checksum calculation routine in tcp case */
2213 uint8_t *data_to_checksum = eth_payload_data + hlen - 12;
2214 // size_t data_to_checksum_len = eth_payload_len - hlen + 12;
2215
2216 /* pointer to TCP header */
2217 tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen);
2218
2219 int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr);
2220
2221 /* ETH_MTU = ip header len + tcp header len + payload */
2222 int tcp_data_len = ip_data_len - tcp_hlen;
2223 int tcp_chunk_size = ETH_MTU - hlen - tcp_hlen;
2224
2225 DPRINTF("+++ C+ mode TSO IP data len %d TCP hlen %d TCP "
2226 "data len %d TCP chunk size %d\n", ip_data_len,
2227 tcp_hlen, tcp_data_len, tcp_chunk_size);
2228
2229 /* note the cycle below overwrites IP header data,
2230 but restores it from saved_ip_header before sending packet */
2231
2232 int is_last_frame = 0;
2233
2234 for (tcp_send_offset = 0; tcp_send_offset < tcp_data_len; tcp_send_offset += tcp_chunk_size)
2235 {
2236 uint16_t chunk_size = tcp_chunk_size;
2237
2238 /* check if this is the last frame */
2239 if (tcp_send_offset + tcp_chunk_size >= tcp_data_len)
2240 {
2241 is_last_frame = 1;
2242 chunk_size = tcp_data_len - tcp_send_offset;
2243 }
2244
2245 DPRINTF("+++ C+ mode TSO TCP seqno %08x\n",
2246 be32_to_cpu(p_tcp_hdr->th_seq));
2247
2248 /* add 4 TCP pseudoheader fields */
2249 /* copy IP source and destination fields */
2250 memcpy(data_to_checksum, saved_ip_header + 12, 8);
2251
2252 DPRINTF("+++ C+ mode TSO calculating TCP checksum for "
2253 "packet with %d bytes data\n", tcp_hlen +
2254 chunk_size);
2255
2256 if (tcp_send_offset)
2257 {
2258 memcpy((uint8_t*)p_tcp_hdr + tcp_hlen, (uint8_t*)p_tcp_hdr + tcp_hlen + tcp_send_offset, chunk_size);
2259 }
2260
2261 /* keep PUSH and FIN flags only for the last frame */
2262 if (!is_last_frame)
2263 {
2264 TCP_HEADER_CLEAR_FLAGS(p_tcp_hdr, TCP_FLAG_PUSH|TCP_FLAG_FIN);
2265 }
2266
2267 /* recalculate TCP checksum */
2268 ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum;
2269 p_tcpip_hdr->zeros = 0;
2270 p_tcpip_hdr->ip_proto = IP_PROTO_TCP;
2271 p_tcpip_hdr->ip_payload = cpu_to_be16(tcp_hlen + chunk_size);
2272
2273 p_tcp_hdr->th_sum = 0;
2274
2275 int tcp_checksum = ip_checksum(data_to_checksum, tcp_hlen + chunk_size + 12);
2276 DPRINTF("+++ C+ mode TSO TCP checksum %04x\n",
2277 tcp_checksum);
2278
2279 p_tcp_hdr->th_sum = tcp_checksum;
2280
2281 /* restore IP header */
2282 memcpy(eth_payload_data, saved_ip_header, hlen);
2283
2284 /* set IP data length and recalculate IP checksum */
2285 ip->ip_len = cpu_to_be16(hlen + tcp_hlen + chunk_size);
2286
2287 /* increment IP id for subsequent frames */
2288 ip->ip_id = cpu_to_be16(tcp_send_offset/tcp_chunk_size + be16_to_cpu(ip->ip_id));
2289
2290 ip->ip_sum = 0;
2291 ip->ip_sum = ip_checksum(eth_payload_data, hlen);
2292 DPRINTF("+++ C+ mode TSO IP header len=%d "
2293 "checksum=%04x\n", hlen, ip->ip_sum);
2294
2295 int tso_send_size = ETH_HLEN + hlen + tcp_hlen + chunk_size;
2296 DPRINTF("+++ C+ mode TSO transferring packet size "
2297 "%d\n", tso_send_size);
2298 rtl8139_transfer_frame(s, saved_buffer, tso_send_size,
2299 0, (uint8_t *) dot1q_buffer);
2300
2301 /* add transferred count to TCP sequence number */
2302 p_tcp_hdr->th_seq = cpu_to_be32(chunk_size + be32_to_cpu(p_tcp_hdr->th_seq));
2303 ++send_count;
2304 }
2305
2306 /* Stop sending this frame */
2307 saved_size = 0;
2308 }
2309 else if (txdw0 & (CP_TX_TCPCS|CP_TX_UDPCS))
2310 {
2311 DPRINTF("+++ C+ mode need TCP or UDP checksum\n");
2312
2313 /* maximum IP header length is 60 bytes */
2314 uint8_t saved_ip_header[60];
2315 memcpy(saved_ip_header, eth_payload_data, hlen);
2316
2317 uint8_t *data_to_checksum = eth_payload_data + hlen - 12;
2318 // size_t data_to_checksum_len = eth_payload_len - hlen + 12;
2319
2320 /* add 4 TCP pseudoheader fields */
2321 /* copy IP source and destination fields */
2322 memcpy(data_to_checksum, saved_ip_header + 12, 8);
2323
2324 if ((txdw0 & CP_TX_TCPCS) && ip_protocol == IP_PROTO_TCP)
2325 {
2326 DPRINTF("+++ C+ mode calculating TCP checksum for "
2327 "packet with %d bytes data\n", ip_data_len);
2328
2329 ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum;
2330 p_tcpip_hdr->zeros = 0;
2331 p_tcpip_hdr->ip_proto = IP_PROTO_TCP;
2332 p_tcpip_hdr->ip_payload = cpu_to_be16(ip_data_len);
2333
2334 tcp_header* p_tcp_hdr = (tcp_header *) (data_to_checksum+12);
2335
2336 p_tcp_hdr->th_sum = 0;
2337
2338 int tcp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12);
2339 DPRINTF("+++ C+ mode TCP checksum %04x\n",
2340 tcp_checksum);
2341
2342 p_tcp_hdr->th_sum = tcp_checksum;
2343 }
2344 else if ((txdw0 & CP_TX_UDPCS) && ip_protocol == IP_PROTO_UDP)
2345 {
2346 DPRINTF("+++ C+ mode calculating UDP checksum for "
2347 "packet with %d bytes data\n", ip_data_len);
2348
2349 ip_pseudo_header *p_udpip_hdr = (ip_pseudo_header *)data_to_checksum;
2350 p_udpip_hdr->zeros = 0;
2351 p_udpip_hdr->ip_proto = IP_PROTO_UDP;
2352 p_udpip_hdr->ip_payload = cpu_to_be16(ip_data_len);
2353
2354 udp_header *p_udp_hdr = (udp_header *) (data_to_checksum+12);
2355
2356 p_udp_hdr->uh_sum = 0;
2357
2358 int udp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12);
2359 DPRINTF("+++ C+ mode UDP checksum %04x\n",
2360 udp_checksum);
2361
2362 p_udp_hdr->uh_sum = udp_checksum;
2363 }
2364
2365 /* restore IP header */
2366 memcpy(eth_payload_data, saved_ip_header, hlen);
2367 }
2368 }
2369 }
2370
2371 /* update tally counter */
2372 ++s->tally_counters.TxOk;
2373
2374 DPRINTF("+++ C+ mode transmitting %d bytes packet\n", saved_size);
2375
2376 rtl8139_transfer_frame(s, saved_buffer, saved_size, 1,
2377 (uint8_t *) dot1q_buffer);
2378
2379 /* restore card space if there was no recursion and reset offset */
2380 if (!s->cplus_txbuffer)
2381 {
2382 s->cplus_txbuffer = saved_buffer;
2383 s->cplus_txbuffer_len = saved_buffer_len;
2384 s->cplus_txbuffer_offset = 0;
2385 }
2386 else
2387 {
2388 g_free(saved_buffer);
2389 }
2390 }
2391 else
2392 {
2393 DPRINTF("+++ C+ mode transmission continue to next descriptor\n");
2394 }
2395
2396 return 1;
2397 }
2398
2399 static void rtl8139_cplus_transmit(RTL8139State *s)
2400 {
2401 int txcount = 0;
2402
2403 while (rtl8139_cplus_transmit_one(s))
2404 {
2405 ++txcount;
2406 }
2407
2408 /* Mark transfer completed */
2409 if (!txcount)
2410 {
2411 DPRINTF("C+ mode : transmitter queue stalled, current TxDesc = %d\n",
2412 s->currCPlusTxDesc);
2413 }
2414 else
2415 {
2416 /* update interrupt status */
2417 s->IntrStatus |= TxOK;
2418 rtl8139_update_irq(s);
2419 }
2420 }
2421
2422 static void rtl8139_transmit(RTL8139State *s)
2423 {
2424 int descriptor = s->currTxDesc, txcount = 0;
2425
2426 /*while*/
2427 if (rtl8139_transmit_one(s, descriptor))
2428 {
2429 ++s->currTxDesc;
2430 s->currTxDesc %= 4;
2431 ++txcount;
2432 }
2433
2434 /* Mark transfer completed */
2435 if (!txcount)
2436 {
2437 DPRINTF("transmitter queue stalled, current TxDesc = %d\n",
2438 s->currTxDesc);
2439 }
2440 }
2441
2442 static void rtl8139_TxStatus_write(RTL8139State *s, uint32_t txRegOffset, uint32_t val)
2443 {
2444
2445 int descriptor = txRegOffset/4;
2446
2447 /* handle C+ transmit mode register configuration */
2448
2449 if (s->cplus_enabled)
2450 {
2451 DPRINTF("RTL8139C+ DTCCR write offset=0x%x val=0x%08x "
2452 "descriptor=%d\n", txRegOffset, val, descriptor);
2453
2454 /* handle Dump Tally Counters command */
2455 s->TxStatus[descriptor] = val;
2456
2457 if (descriptor == 0 && (val & 0x8))
2458 {
2459 hwaddr tc_addr = rtl8139_addr64(s->TxStatus[0] & ~0x3f, s->TxStatus[1]);
2460
2461 /* dump tally counters to specified memory location */
2462 RTL8139TallyCounters_dma_write(s, tc_addr);
2463
2464 /* mark dump completed */
2465 s->TxStatus[0] &= ~0x8;
2466 }
2467
2468 return;
2469 }
2470
2471 DPRINTF("TxStatus write offset=0x%x val=0x%08x descriptor=%d\n",
2472 txRegOffset, val, descriptor);
2473
2474 /* mask only reserved bits */
2475 val &= ~0xff00c000; /* these bits are reset on write */
2476 val = SET_MASKED(val, 0x00c00000, s->TxStatus[descriptor]);
2477
2478 s->TxStatus[descriptor] = val;
2479
2480 /* attempt to start transmission */
2481 rtl8139_transmit(s);
2482 }
2483
2484 static uint32_t rtl8139_TxStatus_TxAddr_read(RTL8139State *s, uint32_t regs[],
2485 uint32_t base, uint8_t addr,
2486 int size)
2487 {
2488 uint32_t reg = (addr - base) / 4;
2489 uint32_t offset = addr & 0x3;
2490 uint32_t ret = 0;
2491
2492 if (addr & (size - 1)) {
2493 DPRINTF("not implemented read for TxStatus/TxAddr "
2494 "addr=0x%x size=0x%x\n", addr, size);
2495 return ret;
2496 }
2497
2498 switch (size) {
2499 case 1: /* fall through */
2500 case 2: /* fall through */
2501 case 4:
2502 ret = (regs[reg] >> offset * 8) & (((uint64_t)1 << (size * 8)) - 1);
2503 DPRINTF("TxStatus/TxAddr[%d] read addr=0x%x size=0x%x val=0x%08x\n",
2504 reg, addr, size, ret);
2505 break;
2506 default:
2507 DPRINTF("unsupported size 0x%x of TxStatus/TxAddr reading\n", size);
2508 break;
2509 }
2510
2511 return ret;
2512 }
2513
2514 static uint16_t rtl8139_TSAD_read(RTL8139State *s)
2515 {
2516 uint16_t ret = 0;
2517
2518 /* Simulate TSAD, it is read only anyway */
2519
2520 ret = ((s->TxStatus[3] & TxStatOK )?TSAD_TOK3:0)
2521 |((s->TxStatus[2] & TxStatOK )?TSAD_TOK2:0)
2522 |((s->TxStatus[1] & TxStatOK )?TSAD_TOK1:0)
2523 |((s->TxStatus[0] & TxStatOK )?TSAD_TOK0:0)
2524
2525 |((s->TxStatus[3] & TxUnderrun)?TSAD_TUN3:0)
2526 |((s->TxStatus[2] & TxUnderrun)?TSAD_TUN2:0)
2527 |((s->TxStatus[1] & TxUnderrun)?TSAD_TUN1:0)
2528 |((s->TxStatus[0] & TxUnderrun)?TSAD_TUN0:0)
2529
2530 |((s->TxStatus[3] & TxAborted )?TSAD_TABT3:0)
2531 |((s->TxStatus[2] & TxAborted )?TSAD_TABT2:0)
2532 |((s->TxStatus[1] & TxAborted )?TSAD_TABT1:0)
2533 |((s->TxStatus[0] & TxAborted )?TSAD_TABT0:0)
2534
2535 |((s->TxStatus[3] & TxHostOwns )?TSAD_OWN3:0)
2536 |((s->TxStatus[2] & TxHostOwns )?TSAD_OWN2:0)
2537 |((s->TxStatus[1] & TxHostOwns )?TSAD_OWN1:0)
2538 |((s->TxStatus[0] & TxHostOwns )?TSAD_OWN0:0) ;
2539
2540
2541 DPRINTF("TSAD read val=0x%04x\n", ret);
2542
2543 return ret;
2544 }
2545
2546 static uint16_t rtl8139_CSCR_read(RTL8139State *s)
2547 {
2548 uint16_t ret = s->CSCR;
2549
2550 DPRINTF("CSCR read val=0x%04x\n", ret);
2551
2552 return ret;
2553 }
2554
2555 static void rtl8139_TxAddr_write(RTL8139State *s, uint32_t txAddrOffset, uint32_t val)
2556 {
2557 DPRINTF("TxAddr write offset=0x%x val=0x%08x\n", txAddrOffset, val);
2558
2559 s->TxAddr[txAddrOffset/4] = val;
2560 }
2561
2562 static uint32_t rtl8139_TxAddr_read(RTL8139State *s, uint32_t txAddrOffset)
2563 {
2564 uint32_t ret = s->TxAddr[txAddrOffset/4];
2565
2566 DPRINTF("TxAddr read offset=0x%x val=0x%08x\n", txAddrOffset, ret);
2567
2568 return ret;
2569 }
2570
2571 static void rtl8139_RxBufPtr_write(RTL8139State *s, uint32_t val)
2572 {
2573 DPRINTF("RxBufPtr write val=0x%04x\n", val);
2574
2575 /* this value is off by 16 */
2576 s->RxBufPtr = MOD2(val + 0x10, s->RxBufferSize);
2577
2578 /* more buffer space may be available so try to receive */
2579 qemu_flush_queued_packets(qemu_get_queue(s->nic));
2580
2581 DPRINTF(" CAPR write: rx buffer length %d head 0x%04x read 0x%04x\n",
2582 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr);
2583 }
2584
2585 static uint32_t rtl8139_RxBufPtr_read(RTL8139State *s)
2586 {
2587 /* this value is off by 16 */
2588 uint32_t ret = s->RxBufPtr - 0x10;
2589
2590 DPRINTF("RxBufPtr read val=0x%04x\n", ret);
2591
2592 return ret;
2593 }
2594
2595 static uint32_t rtl8139_RxBufAddr_read(RTL8139State *s)
2596 {
2597 /* this value is NOT off by 16 */
2598 uint32_t ret = s->RxBufAddr;
2599
2600 DPRINTF("RxBufAddr read val=0x%04x\n", ret);
2601
2602 return ret;
2603 }
2604
2605 static void rtl8139_RxBuf_write(RTL8139State *s, uint32_t val)
2606 {
2607 DPRINTF("RxBuf write val=0x%08x\n", val);
2608
2609 s->RxBuf = val;
2610
2611 /* may need to reset rxring here */
2612 }
2613
2614 static uint32_t rtl8139_RxBuf_read(RTL8139State *s)
2615 {
2616 uint32_t ret = s->RxBuf;
2617
2618 DPRINTF("RxBuf read val=0x%08x\n", ret);
2619
2620 return ret;
2621 }
2622
2623 static void rtl8139_IntrMask_write(RTL8139State *s, uint32_t val)
2624 {
2625 DPRINTF("IntrMask write(w) val=0x%04x\n", val);
2626
2627 /* mask unwritable bits */
2628 val = SET_MASKED(val, 0x1e00, s->IntrMask);
2629
2630 s->IntrMask = val;
2631
2632 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock));
2633 rtl8139_update_irq(s);
2634
2635 }
2636
2637 static uint32_t rtl8139_IntrMask_read(RTL8139State *s)
2638 {
2639 uint32_t ret = s->IntrMask;
2640
2641 DPRINTF("IntrMask read(w) val=0x%04x\n", ret);
2642
2643 return ret;
2644 }
2645
2646 static void rtl8139_IntrStatus_write(RTL8139State *s, uint32_t val)
2647 {
2648 DPRINTF("IntrStatus write(w) val=0x%04x\n", val);
2649
2650 #if 0
2651
2652 /* writing to ISR has no effect */
2653
2654 return;
2655
2656 #else
2657 uint16_t newStatus = s->IntrStatus & ~val;
2658
2659 /* mask unwritable bits */
2660 newStatus = SET_MASKED(newStatus, 0x1e00, s->IntrStatus);
2661
2662 /* writing 1 to interrupt status register bit clears it */
2663 s->IntrStatus = 0;
2664 rtl8139_update_irq(s);
2665
2666 s->IntrStatus = newStatus;
2667 /*
2668 * Computing if we miss an interrupt here is not that correct but
2669 * considered that we should have had already an interrupt
2670 * and probably emulated is slower is better to assume this resetting was
2671 * done before testing on previous rtl8139_update_irq lead to IRQ losing
2672 */
2673 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock));
2674 rtl8139_update_irq(s);
2675
2676 #endif
2677 }
2678
2679 static uint32_t rtl8139_IntrStatus_read(RTL8139State *s)
2680 {
2681 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock));
2682
2683 uint32_t ret = s->IntrStatus;
2684
2685 DPRINTF("IntrStatus read(w) val=0x%04x\n", ret);
2686
2687 #if 0
2688
2689 /* reading ISR clears all interrupts */
2690 s->IntrStatus = 0;
2691
2692 rtl8139_update_irq(s);
2693
2694 #endif
2695
2696 return ret;
2697 }
2698
2699 static void rtl8139_MultiIntr_write(RTL8139State *s, uint32_t val)
2700 {
2701 DPRINTF("MultiIntr write(w) val=0x%04x\n", val);
2702
2703 /* mask unwritable bits */
2704 val = SET_MASKED(val, 0xf000, s->MultiIntr);
2705
2706 s->MultiIntr = val;
2707 }
2708
2709 static uint32_t rtl8139_MultiIntr_read(RTL8139State *s)
2710 {
2711 uint32_t ret = s->MultiIntr;
2712
2713 DPRINTF("MultiIntr read(w) val=0x%04x\n", ret);
2714
2715 return ret;
2716 }
2717
2718 static void rtl8139_io_writeb(void *opaque, uint8_t addr, uint32_t val)
2719 {
2720 RTL8139State *s = opaque;
2721
2722 switch (addr)
2723 {
2724 case MAC0 ... MAC0+5:
2725 s->phys[addr - MAC0] = val;
2726 break;
2727 case MAC0+6 ... MAC0+7:
2728 /* reserved */
2729 break;
2730 case MAR0 ... MAR0+7:
2731 s->mult[addr - MAR0] = val;
2732 break;
2733 case ChipCmd:
2734 rtl8139_ChipCmd_write(s, val);
2735 break;
2736 case Cfg9346:
2737 rtl8139_Cfg9346_write(s, val);
2738 break;
2739 case TxConfig: /* windows driver sometimes writes using byte-lenth call */
2740 rtl8139_TxConfig_writeb(s, val);
2741 break;
2742 case Config0:
2743 rtl8139_Config0_write(s, val);
2744 break;
2745 case Config1:
2746 rtl8139_Config1_write(s, val);
2747 break;
2748 case Config3:
2749 rtl8139_Config3_write(s, val);
2750 break;
2751 case Config4:
2752 rtl8139_Config4_write(s, val);
2753 break;
2754 case Config5:
2755 rtl8139_Config5_write(s, val);
2756 break;
2757 case MediaStatus:
2758 /* ignore */
2759 DPRINTF("not implemented write(b) to MediaStatus val=0x%02x\n",
2760 val);
2761 break;
2762
2763 case HltClk:
2764 DPRINTF("HltClk write val=0x%08x\n", val);
2765 if (val == 'R')
2766 {
2767 s->clock_enabled = 1;
2768 }
2769 else if (val == 'H')
2770 {
2771 s->clock_enabled = 0;
2772 }
2773 break;
2774
2775 case TxThresh:
2776 DPRINTF("C+ TxThresh write(b) val=0x%02x\n", val);
2777 s->TxThresh = val;
2778 break;
2779
2780 case TxPoll:
2781 DPRINTF("C+ TxPoll write(b) val=0x%02x\n", val);
2782 if (val & (1 << 7))
2783 {
2784 DPRINTF("C+ TxPoll high priority transmission (not "
2785 "implemented)\n");
2786 //rtl8139_cplus_transmit(s);
2787 }
2788 if (val & (1 << 6))
2789 {
2790 DPRINTF("C+ TxPoll normal priority transmission\n");
2791 rtl8139_cplus_transmit(s);
2792 }
2793
2794 break;
2795
2796 default:
2797 DPRINTF("not implemented write(b) addr=0x%x val=0x%02x\n", addr,
2798 val);
2799 break;
2800 }
2801 }
2802
2803 static void rtl8139_io_writew(void *opaque, uint8_t addr, uint32_t val)
2804 {
2805 RTL8139State *s = opaque;
2806
2807 switch (addr)
2808 {
2809 case IntrMask:
2810 rtl8139_IntrMask_write(s, val);
2811 break;
2812
2813 case IntrStatus:
2814 rtl8139_IntrStatus_write(s, val);
2815 break;
2816
2817 case MultiIntr:
2818 rtl8139_MultiIntr_write(s, val);
2819 break;
2820
2821 case RxBufPtr:
2822 rtl8139_RxBufPtr_write(s, val);
2823 break;
2824
2825 case BasicModeCtrl:
2826 rtl8139_BasicModeCtrl_write(s, val);
2827 break;
2828 case BasicModeStatus:
2829 rtl8139_BasicModeStatus_write(s, val);
2830 break;
2831 case NWayAdvert:
2832 DPRINTF("NWayAdvert write(w) val=0x%04x\n", val);
2833 s->NWayAdvert = val;
2834 break;
2835 case NWayLPAR:
2836 DPRINTF("forbidden NWayLPAR write(w) val=0x%04x\n", val);
2837 break;
2838 case NWayExpansion:
2839 DPRINTF("NWayExpansion write(w) val=0x%04x\n", val);
2840 s->NWayExpansion = val;
2841 break;
2842
2843 case CpCmd:
2844 rtl8139_CpCmd_write(s, val);
2845 break;
2846
2847 case IntrMitigate:
2848 rtl8139_IntrMitigate_write(s, val);
2849 break;
2850
2851 default:
2852 DPRINTF("ioport write(w) addr=0x%x val=0x%04x via write(b)\n",
2853 addr, val);
2854
2855 rtl8139_io_writeb(opaque, addr, val & 0xff);
2856 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff);
2857 break;
2858 }
2859 }
2860
2861 static void rtl8139_set_next_tctr_time(RTL8139State *s, int64_t current_time)
2862 {
2863 int64_t pci_time, next_time;
2864 uint32_t low_pci;
2865
2866 DPRINTF("entered rtl8139_set_next_tctr_time\n");
2867
2868 if (s->TimerExpire && current_time >= s->TimerExpire) {
2869 s->IntrStatus |= PCSTimeout;
2870 rtl8139_update_irq(s);
2871 }
2872
2873 /* Set QEMU timer only if needed that is
2874 * - TimerInt <> 0 (we have a timer)
2875 * - mask = 1 (we want an interrupt timer)
2876 * - irq = 0 (irq is not already active)
2877 * If any of above change we need to compute timer again
2878 * Also we must check if timer is passed without QEMU timer
2879 */
2880 s->TimerExpire = 0;
2881 if (!s->TimerInt) {
2882 return;
2883 }
2884
2885 pci_time = muldiv64(current_time - s->TCTR_base, PCI_FREQUENCY,
2886 get_ticks_per_sec());
2887 low_pci = pci_time & 0xffffffff;
2888 pci_time = pci_time - low_pci + s->TimerInt;
2889 if (low_pci >= s->TimerInt) {
2890 pci_time += 0x100000000LL;
2891 }
2892 next_time = s->TCTR_base + muldiv64(pci_time, get_ticks_per_sec(),
2893 PCI_FREQUENCY);
2894 s->TimerExpire = next_time;
2895
2896 if ((s->IntrMask & PCSTimeout) != 0 && (s->IntrStatus & PCSTimeout) == 0) {
2897 qemu_mod_timer(s->timer, next_time);
2898 }
2899 }
2900
2901 static void rtl8139_io_writel(void *opaque, uint8_t addr, uint32_t val)
2902 {
2903 RTL8139State *s = opaque;
2904
2905 switch (addr)
2906 {
2907 case RxMissed:
2908 DPRINTF("RxMissed clearing on write\n");
2909 s->RxMissed = 0;
2910 break;
2911
2912 case TxConfig:
2913 rtl8139_TxConfig_write(s, val);
2914 break;
2915
2916 case RxConfig:
2917 rtl8139_RxConfig_write(s, val);
2918 break;
2919
2920 case TxStatus0 ... TxStatus0+4*4-1:
2921 rtl8139_TxStatus_write(s, addr-TxStatus0, val);
2922 break;
2923
2924 case TxAddr0 ... TxAddr0+4*4-1:
2925 rtl8139_TxAddr_write(s, addr-TxAddr0, val);
2926 break;
2927
2928 case RxBuf:
2929 rtl8139_RxBuf_write(s, val);
2930 break;
2931
2932 case RxRingAddrLO:
2933 DPRINTF("C+ RxRing low bits write val=0x%08x\n", val);
2934 s->RxRingAddrLO = val;
2935 break;
2936
2937 case RxRingAddrHI:
2938 DPRINTF("C+ RxRing high bits write val=0x%08x\n", val);
2939 s->RxRingAddrHI = val;
2940 break;
2941
2942 case Timer:
2943 DPRINTF("TCTR Timer reset on write\n");
2944 s->TCTR_base = qemu_get_clock_ns(vm_clock);
2945 rtl8139_set_next_tctr_time(s, s->TCTR_base);
2946 break;
2947
2948 case FlashReg:
2949 DPRINTF("FlashReg TimerInt write val=0x%08x\n", val);
2950 if (s->TimerInt != val) {
2951 s->TimerInt = val;
2952 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock));
2953 }
2954 break;
2955
2956 default:
2957 DPRINTF("ioport write(l) addr=0x%x val=0x%08x via write(b)\n",
2958 addr, val);
2959 rtl8139_io_writeb(opaque, addr, val & 0xff);
2960 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff);
2961 rtl8139_io_writeb(opaque, addr + 2, (val >> 16) & 0xff);
2962 rtl8139_io_writeb(opaque, addr + 3, (val >> 24) & 0xff);
2963 break;
2964 }
2965 }
2966
2967 static uint32_t rtl8139_io_readb(void *opaque, uint8_t addr)
2968 {
2969 RTL8139State *s = opaque;
2970 int ret;
2971
2972 switch (addr)
2973 {
2974 case MAC0 ... MAC0+5:
2975 ret = s->phys[addr - MAC0];
2976 break;
2977 case MAC0+6 ... MAC0+7:
2978 ret = 0;
2979 break;
2980 case MAR0 ... MAR0+7:
2981 ret = s->mult[addr - MAR0];
2982 break;
2983 case TxStatus0 ... TxStatus0+4*4-1:
2984 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxStatus, TxStatus0,
2985 addr, 1);
2986 break;
2987 case ChipCmd:
2988 ret = rtl8139_ChipCmd_read(s);
2989 break;
2990 case Cfg9346:
2991 ret = rtl8139_Cfg9346_read(s);
2992 break;
2993 case Config0:
2994 ret = rtl8139_Config0_read(s);
2995 break;
2996 case Config1:
2997 ret = rtl8139_Config1_read(s);
2998 break;
2999 case Config3:
3000 ret = rtl8139_Config3_read(s);
3001 break;
3002 case Config4:
3003 ret = rtl8139_Config4_read(s);
3004 break;
3005 case Config5:
3006 ret = rtl8139_Config5_read(s);
3007 break;
3008
3009 case MediaStatus:
3010 /* The LinkDown bit of MediaStatus is inverse with link status */
3011 ret = 0xd0 | (~s->BasicModeStatus & 0x04);
3012 DPRINTF("MediaStatus read 0x%x\n", ret);
3013 break;
3014
3015 case HltClk:
3016 ret = s->clock_enabled;
3017 DPRINTF("HltClk read 0x%x\n", ret);
3018 break;
3019
3020 case PCIRevisionID:
3021 ret = RTL8139_PCI_REVID;
3022 DPRINTF("PCI Revision ID read 0x%x\n", ret);
3023 break;
3024
3025 case TxThresh:
3026 ret = s->TxThresh;
3027 DPRINTF("C+ TxThresh read(b) val=0x%02x\n", ret);
3028 break;
3029
3030 case 0x43: /* Part of TxConfig register. Windows driver tries to read it */
3031 ret = s->TxConfig >> 24;
3032 DPRINTF("RTL8139C TxConfig at 0x43 read(b) val=0x%02x\n", ret);
3033 break;
3034
3035 default:
3036 DPRINTF("not implemented read(b) addr=0x%x\n", addr);
3037 ret = 0;
3038 break;
3039 }
3040
3041 return ret;
3042 }
3043
3044 static uint32_t rtl8139_io_readw(void *opaque, uint8_t addr)
3045 {
3046 RTL8139State *s = opaque;
3047 uint32_t ret;
3048
3049 switch (addr)
3050 {
3051 case TxAddr0 ... TxAddr0+4*4-1:
3052 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxAddr, TxAddr0, addr, 2);
3053 break;
3054 case IntrMask:
3055 ret = rtl8139_IntrMask_read(s);
3056 break;
3057
3058 case IntrStatus:
3059 ret = rtl8139_IntrStatus_read(s);
3060 break;
3061
3062 case MultiIntr:
3063 ret = rtl8139_MultiIntr_read(s);
3064 break;
3065
3066 case RxBufPtr:
3067 ret = rtl8139_RxBufPtr_read(s);
3068 break;
3069
3070 case RxBufAddr:
3071 ret = rtl8139_RxBufAddr_read(s);
3072 break;
3073
3074 case BasicModeCtrl:
3075 ret = rtl8139_BasicModeCtrl_read(s);
3076 break;
3077 case BasicModeStatus:
3078 ret = rtl8139_BasicModeStatus_read(s);
3079 break;
3080 case NWayAdvert:
3081 ret = s->NWayAdvert;
3082 DPRINTF("NWayAdvert read(w) val=0x%04x\n", ret);
3083 break;
3084 case NWayLPAR:
3085 ret = s->NWayLPAR;
3086 DPRINTF("NWayLPAR read(w) val=0x%04x\n", ret);
3087 break;
3088 case NWayExpansion:
3089 ret = s->NWayExpansion;
3090 DPRINTF("NWayExpansion read(w) val=0x%04x\n", ret);
3091 break;
3092
3093 case CpCmd:
3094 ret = rtl8139_CpCmd_read(s);
3095 break;
3096
3097 case IntrMitigate:
3098 ret = rtl8139_IntrMitigate_read(s);
3099 break;
3100
3101 case TxSummary:
3102 ret = rtl8139_TSAD_read(s);
3103 break;
3104
3105 case CSCR:
3106 ret = rtl8139_CSCR_read(s);
3107 break;
3108
3109 default:
3110 DPRINTF("ioport read(w) addr=0x%x via read(b)\n", addr);
3111
3112 ret = rtl8139_io_readb(opaque, addr);
3113 ret |= rtl8139_io_readb(opaque, addr + 1) << 8;
3114
3115 DPRINTF("ioport read(w) addr=0x%x val=0x%04x\n", addr, ret);
3116 break;
3117 }
3118
3119 return ret;
3120 }
3121
3122 static uint32_t rtl8139_io_readl(void *opaque, uint8_t addr)
3123 {
3124 RTL8139State *s = opaque;
3125 uint32_t ret;
3126
3127 switch (addr)
3128 {
3129 case RxMissed:
3130 ret = s->RxMissed;
3131
3132 DPRINTF("RxMissed read val=0x%08x\n", ret);
3133 break;
3134
3135 case TxConfig:
3136 ret = rtl8139_TxConfig_read(s);
3137 break;
3138
3139 case RxConfig:
3140 ret = rtl8139_RxConfig_read(s);
3141 break;
3142
3143 case TxStatus0 ... TxStatus0+4*4-1:
3144 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxStatus, TxStatus0,
3145 addr, 4);
3146 break;
3147
3148 case TxAddr0 ... TxAddr0+4*4-1:
3149 ret = rtl8139_TxAddr_read(s, addr-TxAddr0);
3150 break;
3151
3152 case RxBuf:
3153 ret = rtl8139_RxBuf_read(s);
3154 break;
3155
3156 case RxRingAddrLO:
3157 ret = s->RxRingAddrLO;
3158 DPRINTF("C+ RxRing low bits read val=0x%08x\n", ret);
3159 break;
3160
3161 case RxRingAddrHI:
3162 ret = s->RxRingAddrHI;
3163 DPRINTF("C+ RxRing high bits read val=0x%08x\n", ret);
3164 break;
3165
3166 case Timer:
3167 ret = muldiv64(qemu_get_clock_ns(vm_clock) - s->TCTR_base,
3168 PCI_FREQUENCY, get_ticks_per_sec());
3169 DPRINTF("TCTR Timer read val=0x%08x\n", ret);
3170 break;
3171
3172 case FlashReg:
3173 ret = s->TimerInt;
3174 DPRINTF("FlashReg TimerInt read val=0x%08x\n", ret);
3175 break;
3176
3177 default:
3178 DPRINTF("ioport read(l) addr=0x%x via read(b)\n", addr);
3179
3180 ret = rtl8139_io_readb(opaque, addr);
3181 ret |= rtl8139_io_readb(opaque, addr + 1) << 8;
3182 ret |= rtl8139_io_readb(opaque, addr + 2) << 16;
3183 ret |= rtl8139_io_readb(opaque, addr + 3) << 24;
3184
3185 DPRINTF("read(l) addr=0x%x val=%08x\n", addr, ret);
3186 break;
3187 }
3188
3189 return ret;
3190 }
3191
3192 /* */
3193
3194 static void rtl8139_mmio_writeb(void *opaque, hwaddr addr, uint32_t val)
3195 {
3196 rtl8139_io_writeb(opaque, addr & 0xFF, val);
3197 }
3198
3199 static void rtl8139_mmio_writew(void *opaque, hwaddr addr, uint32_t val)
3200 {
3201 rtl8139_io_writew(opaque, addr & 0xFF, val);
3202 }
3203
3204 static void rtl8139_mmio_writel(void *opaque, hwaddr addr, uint32_t val)
3205 {
3206 rtl8139_io_writel(opaque, addr & 0xFF, val);
3207 }
3208
3209 static uint32_t rtl8139_mmio_readb(void *opaque, hwaddr addr)
3210 {
3211 return rtl8139_io_readb(opaque, addr & 0xFF);
3212 }
3213
3214 static uint32_t rtl8139_mmio_readw(void *opaque, hwaddr addr)
3215 {
3216 uint32_t val = rtl8139_io_readw(opaque, addr & 0xFF);
3217 return val;
3218 }
3219
3220 static uint32_t rtl8139_mmio_readl(void *opaque, hwaddr addr)
3221 {
3222 uint32_t val = rtl8139_io_readl(opaque, addr & 0xFF);
3223 return val;
3224 }
3225
3226 static int rtl8139_post_load(void *opaque, int version_id)
3227 {
3228 RTL8139State* s = opaque;
3229 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock));
3230 if (version_id < 4) {
3231 s->cplus_enabled = s->CpCmd != 0;
3232 }
3233
3234 /* nc.link_down can't be migrated, so infer link_down according
3235 * to link status bit in BasicModeStatus */
3236 qemu_get_queue(s->nic)->link_down = (s->BasicModeStatus & 0x04) == 0;
3237
3238 return 0;
3239 }
3240
3241 static bool rtl8139_hotplug_ready_needed(void *opaque)
3242 {
3243 return qdev_machine_modified();
3244 }
3245
3246 static const VMStateDescription vmstate_rtl8139_hotplug_ready ={
3247 .name = "rtl8139/hotplug_ready",
3248 .version_id = 1,
3249 .minimum_version_id = 1,
3250 .minimum_version_id_old = 1,
3251 .fields = (VMStateField []) {
3252 VMSTATE_END_OF_LIST()
3253 }
3254 };
3255
3256 static void rtl8139_pre_save(void *opaque)
3257 {
3258 RTL8139State* s = opaque;
3259 int64_t current_time = qemu_get_clock_ns(vm_clock);
3260
3261 /* set IntrStatus correctly */
3262 rtl8139_set_next_tctr_time(s, current_time);
3263 s->TCTR = muldiv64(current_time - s->TCTR_base, PCI_FREQUENCY,
3264 get_ticks_per_sec());
3265 s->rtl8139_mmio_io_addr_dummy = 0;
3266 }
3267
3268 static const VMStateDescription vmstate_rtl8139 = {
3269 .name = "rtl8139",
3270 .version_id = 4,
3271 .minimum_version_id = 3,
3272 .minimum_version_id_old = 3,
3273 .post_load = rtl8139_post_load,
3274 .pre_save = rtl8139_pre_save,
3275 .fields = (VMStateField []) {
3276 VMSTATE_PCI_DEVICE(dev, RTL8139State),
3277 VMSTATE_PARTIAL_BUFFER(phys, RTL8139State, 6),
3278 VMSTATE_BUFFER(mult, RTL8139State),
3279 VMSTATE_UINT32_ARRAY(TxStatus, RTL8139State, 4),
3280 VMSTATE_UINT32_ARRAY(TxAddr, RTL8139State, 4),
3281
3282 VMSTATE_UINT32(RxBuf, RTL8139State),
3283 VMSTATE_UINT32(RxBufferSize, RTL8139State),
3284 VMSTATE_UINT32(RxBufPtr, RTL8139State),
3285 VMSTATE_UINT32(RxBufAddr, RTL8139State),
3286
3287 VMSTATE_UINT16(IntrStatus, RTL8139State),
3288 VMSTATE_UINT16(IntrMask, RTL8139State),
3289
3290 VMSTATE_UINT32(TxConfig, RTL8139State),
3291 VMSTATE_UINT32(RxConfig, RTL8139State),
3292 VMSTATE_UINT32(RxMissed, RTL8139State),
3293 VMSTATE_UINT16(CSCR, RTL8139State),
3294
3295 VMSTATE_UINT8(Cfg9346, RTL8139State),
3296 VMSTATE_UINT8(Config0, RTL8139State),
3297 VMSTATE_UINT8(Config1, RTL8139State),
3298 VMSTATE_UINT8(Config3, RTL8139State),
3299 VMSTATE_UINT8(Config4, RTL8139State),
3300 VMSTATE_UINT8(Config5, RTL8139State),
3301
3302 VMSTATE_UINT8(clock_enabled, RTL8139State),
3303 VMSTATE_UINT8(bChipCmdState, RTL8139State),
3304
3305 VMSTATE_UINT16(MultiIntr, RTL8139State),
3306
3307 VMSTATE_UINT16(BasicModeCtrl, RTL8139State),
3308 VMSTATE_UINT16(BasicModeStatus, RTL8139State),
3309 VMSTATE_UINT16(NWayAdvert, RTL8139State),
3310 VMSTATE_UINT16(NWayLPAR, RTL8139State),
3311 VMSTATE_UINT16(NWayExpansion, RTL8139State),
3312
3313 VMSTATE_UINT16(CpCmd, RTL8139State),
3314 VMSTATE_UINT8(TxThresh, RTL8139State),
3315
3316 VMSTATE_UNUSED(4),
3317 VMSTATE_MACADDR(conf.macaddr, RTL8139State),
3318 VMSTATE_INT32(rtl8139_mmio_io_addr_dummy, RTL8139State),
3319
3320 VMSTATE_UINT32(currTxDesc, RTL8139State),
3321 VMSTATE_UINT32(currCPlusRxDesc, RTL8139State),
3322 VMSTATE_UINT32(currCPlusTxDesc, RTL8139State),
3323 VMSTATE_UINT32(RxRingAddrLO, RTL8139State),
3324 VMSTATE_UINT32(RxRingAddrHI, RTL8139State),
3325
3326 VMSTATE_UINT16_ARRAY(eeprom.contents, RTL8139State, EEPROM_9346_SIZE),
3327 VMSTATE_INT32(eeprom.mode, RTL8139State),
3328 VMSTATE_UINT32(eeprom.tick, RTL8139State),
3329 VMSTATE_UINT8(eeprom.address, RTL8139State),
3330 VMSTATE_UINT16(eeprom.input, RTL8139State),
3331 VMSTATE_UINT16(eeprom.output, RTL8139State),
3332
3333 VMSTATE_UINT8(eeprom.eecs, RTL8139State),
3334 VMSTATE_UINT8(eeprom.eesk, RTL8139State),
3335 VMSTATE_UINT8(eeprom.eedi, RTL8139State),
3336 VMSTATE_UINT8(eeprom.eedo, RTL8139State),
3337
3338 VMSTATE_UINT32(TCTR, RTL8139State),
3339 VMSTATE_UINT32(TimerInt, RTL8139State),
3340 VMSTATE_INT64(TCTR_base, RTL8139State),
3341
3342 VMSTATE_STRUCT(tally_counters, RTL8139State, 0,
3343 vmstate_tally_counters, RTL8139TallyCounters),
3344
3345 VMSTATE_UINT32_V(cplus_enabled, RTL8139State, 4),
3346 VMSTATE_END_OF_LIST()
3347 },
3348 .subsections = (VMStateSubsection []) {
3349 {
3350 .vmsd = &vmstate_rtl8139_hotplug_ready,
3351 .needed = rtl8139_hotplug_ready_needed,
3352 }, {
3353 /* empty */
3354 }
3355 }
3356 };
3357
3358 /***********************************************************/
3359 /* PCI RTL8139 definitions */
3360
3361 static void rtl8139_ioport_write(void *opaque, hwaddr addr,
3362 uint64_t val, unsigned size)
3363 {
3364 switch (size) {
3365 case 1:
3366 rtl8139_io_writeb(opaque, addr, val);
3367 break;
3368 case 2:
3369 rtl8139_io_writew(opaque, addr, val);
3370 break;
3371 case 4:
3372 rtl8139_io_writel(opaque, addr, val);
3373 break;
3374 }
3375 }
3376
3377 static uint64_t rtl8139_ioport_read(void *opaque, hwaddr addr,
3378 unsigned size)
3379 {
3380 switch (size) {
3381 case 1:
3382 return rtl8139_io_readb(opaque, addr);
3383 case 2:
3384 return rtl8139_io_readw(opaque, addr);
3385 case 4:
3386 return rtl8139_io_readl(opaque, addr);
3387 }
3388
3389 return -1;
3390 }
3391
3392 static const MemoryRegionOps rtl8139_io_ops = {
3393 .read = rtl8139_ioport_read,
3394 .write = rtl8139_ioport_write,
3395 .impl = {
3396 .min_access_size = 1,
3397 .max_access_size = 4,
3398 },
3399 .endianness = DEVICE_LITTLE_ENDIAN,
3400 };
3401
3402 static const MemoryRegionOps rtl8139_mmio_ops = {
3403 .old_mmio = {
3404 .read = {
3405 rtl8139_mmio_readb,
3406 rtl8139_mmio_readw,
3407 rtl8139_mmio_readl,
3408 },
3409 .write = {
3410 rtl8139_mmio_writeb,
3411 rtl8139_mmio_writew,
3412 rtl8139_mmio_writel,
3413 },
3414 },
3415 .endianness = DEVICE_LITTLE_ENDIAN,
3416 };
3417
3418 static void rtl8139_timer(void *opaque)
3419 {
3420 RTL8139State *s = opaque;
3421
3422 if (!s->clock_enabled)
3423 {
3424 DPRINTF(">>> timer: clock is not running\n");
3425 return;
3426 }
3427
3428 s->IntrStatus |= PCSTimeout;
3429 rtl8139_update_irq(s);
3430 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock));
3431 }
3432
3433 static void rtl8139_cleanup(NetClientState *nc)
3434 {
3435 RTL8139State *s = qemu_get_nic_opaque(nc);
3436
3437 s->nic = NULL;
3438 }
3439
3440 static void pci_rtl8139_uninit(PCIDevice *dev)
3441 {
3442 RTL8139State *s = DO_UPCAST(RTL8139State, dev, dev);
3443
3444 memory_region_destroy(&s->bar_io);
3445 memory_region_destroy(&s->bar_mem);
3446 if (s->cplus_txbuffer) {
3447 g_free(s->cplus_txbuffer);
3448 s->cplus_txbuffer = NULL;
3449 }
3450 qemu_del_timer(s->timer);
3451 qemu_free_timer(s->timer);
3452 qemu_del_nic(s->nic);
3453 }
3454
3455 static void rtl8139_set_link_status(NetClientState *nc)
3456 {
3457 RTL8139State *s = qemu_get_nic_opaque(nc);
3458
3459 if (nc->link_down) {
3460 s->BasicModeStatus &= ~0x04;
3461 } else {
3462 s->BasicModeStatus |= 0x04;
3463 }
3464
3465 s->IntrStatus |= RxUnderrun;
3466 rtl8139_update_irq(s);
3467 }
3468
3469 static NetClientInfo net_rtl8139_info = {
3470 .type = NET_CLIENT_OPTIONS_KIND_NIC,
3471 .size = sizeof(NICState),
3472 .can_receive = rtl8139_can_receive,
3473 .receive = rtl8139_receive,
3474 .cleanup = rtl8139_cleanup,
3475 .link_status_changed = rtl8139_set_link_status,
3476 };
3477
3478 static int pci_rtl8139_init(PCIDevice *dev)
3479 {
3480 RTL8139State * s = DO_UPCAST(RTL8139State, dev, dev);
3481 uint8_t *pci_conf;
3482
3483 pci_conf = s->dev.config;
3484 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */
3485 /* TODO: start of capability list, but no capability
3486 * list bit in status register, and offset 0xdc seems unused. */
3487 pci_conf[PCI_CAPABILITY_LIST] = 0xdc;
3488
3489 memory_region_init_io(&s->bar_io, &rtl8139_io_ops, s, "rtl8139", 0x100);
3490 memory_region_init_io(&s->bar_mem, &rtl8139_mmio_ops, s, "rtl8139", 0x100);
3491 pci_register_bar(&s->dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->bar_io);
3492 pci_register_bar(&s->dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->bar_mem);
3493
3494 qemu_macaddr_default_if_unset(&s->conf.macaddr);
3495
3496 /* prepare eeprom */
3497 s->eeprom.contents[0] = 0x8129;
3498 #if 1
3499 /* PCI vendor and device ID should be mirrored here */
3500 s->eeprom.contents[1] = PCI_VENDOR_ID_REALTEK;
3501 s->eeprom.contents[2] = PCI_DEVICE_ID_REALTEK_8139;
3502 #endif
3503 s->eeprom.contents[7] = s->conf.macaddr.a[0] | s->conf.macaddr.a[1] << 8;
3504 s->eeprom.contents[8] = s->conf.macaddr.a[2] | s->conf.macaddr.a[3] << 8;
3505 s->eeprom.contents[9] = s->conf.macaddr.a[4] | s->conf.macaddr.a[5] << 8;
3506
3507 s->nic = qemu_new_nic(&net_rtl8139_info, &s->conf,
3508 object_get_typename(OBJECT(dev)), dev->qdev.id, s);
3509 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a);
3510
3511 s->cplus_txbuffer = NULL;
3512 s->cplus_txbuffer_len = 0;
3513 s->cplus_txbuffer_offset = 0;
3514
3515 s->TimerExpire = 0;
3516 s->timer = qemu_new_timer_ns(vm_clock, rtl8139_timer, s);
3517 rtl8139_set_next_tctr_time(s, qemu_get_clock_ns(vm_clock));
3518
3519 add_boot_device_path(s->conf.bootindex, &dev->qdev, "/ethernet-phy@0");
3520
3521 return 0;
3522 }
3523
3524 static Property rtl8139_properties[] = {
3525 DEFINE_NIC_PROPERTIES(RTL8139State, conf),
3526 DEFINE_PROP_END_OF_LIST(),
3527 };
3528
3529 static void rtl8139_class_init(ObjectClass *klass, void *data)
3530 {
3531 DeviceClass *dc = DEVICE_CLASS(klass);
3532 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
3533
3534 k->init = pci_rtl8139_init;
3535 k->exit = pci_rtl8139_uninit;
3536 k->romfile = "efi-rtl8139.rom";
3537 k->vendor_id = PCI_VENDOR_ID_REALTEK;
3538 k->device_id = PCI_DEVICE_ID_REALTEK_8139;
3539 k->revision = RTL8139_PCI_REVID; /* >=0x20 is for 8139C+ */
3540 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
3541 dc->reset = rtl8139_reset;
3542 dc->vmsd = &vmstate_rtl8139;
3543 dc->props = rtl8139_properties;
3544 }
3545
3546 static const TypeInfo rtl8139_info = {
3547 .name = "rtl8139",
3548 .parent = TYPE_PCI_DEVICE,
3549 .instance_size = sizeof(RTL8139State),
3550 .class_init = rtl8139_class_init,
3551 };
3552
3553 static void rtl8139_register_types(void)
3554 {
3555 type_register_static(&rtl8139_info);
3556 }
3557
3558 type_init(rtl8139_register_types)
Qemu copy for testing