1
2
3
4
5
6
7
8
9#include "qemu/osdep.h"
10#include "qemu/log.h"
11#include "hw/irq.h"
12#include "hw/pci/pci.h"
13#include "hw/qdev-properties.h"
14#include "hw/nvram/eeprom93xx.h"
15#include "migration/vmstate.h"
16#include "sysemu/sysemu.h"
17#include "tulip.h"
18#include "trace.h"
19#include "net/eth.h"
20
21typedef struct TULIPState {
22 PCIDevice dev;
23 MemoryRegion io;
24 MemoryRegion memory;
25 NICConf c;
26 qemu_irq irq;
27 NICState *nic;
28 eeprom_t *eeprom;
29 uint32_t csr[16];
30
31
32 uint32_t old_csr9;
33 uint32_t mii_word;
34 uint32_t mii_bitcnt;
35
36 hwaddr current_rx_desc;
37 hwaddr current_tx_desc;
38
39 uint8_t rx_frame[2048];
40 uint8_t tx_frame[2048];
41 uint16_t tx_frame_len;
42 uint16_t rx_frame_len;
43 uint16_t rx_frame_size;
44
45 uint32_t rx_status;
46 uint8_t filter[16][6];
47} TULIPState;
48
49static const VMStateDescription vmstate_pci_tulip = {
50 .name = "tulip",
51 .fields = (VMStateField[]) {
52 VMSTATE_PCI_DEVICE(dev, TULIPState),
53 VMSTATE_UINT32_ARRAY(csr, TULIPState, 16),
54 VMSTATE_UINT32(old_csr9, TULIPState),
55 VMSTATE_UINT32(mii_word, TULIPState),
56 VMSTATE_UINT32(mii_bitcnt, TULIPState),
57 VMSTATE_UINT64(current_rx_desc, TULIPState),
58 VMSTATE_UINT64(current_tx_desc, TULIPState),
59 VMSTATE_BUFFER(rx_frame, TULIPState),
60 VMSTATE_BUFFER(tx_frame, TULIPState),
61 VMSTATE_UINT16(rx_frame_len, TULIPState),
62 VMSTATE_UINT16(tx_frame_len, TULIPState),
63 VMSTATE_UINT16(rx_frame_size, TULIPState),
64 VMSTATE_UINT32(rx_status, TULIPState),
65 VMSTATE_UINT8_2DARRAY(filter, TULIPState, 16, 6),
66 VMSTATE_END_OF_LIST()
67 }
68};
69
70static void tulip_desc_read(TULIPState *s, hwaddr p,
71 struct tulip_descriptor *desc)
72{
73 if (s->csr[0] & CSR0_DBO) {
74 desc->status = ldl_be_pci_dma(&s->dev, p);
75 desc->control = ldl_be_pci_dma(&s->dev, p + 4);
76 desc->buf_addr1 = ldl_be_pci_dma(&s->dev, p + 8);
77 desc->buf_addr2 = ldl_be_pci_dma(&s->dev, p + 12);
78 } else {
79 desc->status = ldl_le_pci_dma(&s->dev, p);
80 desc->control = ldl_le_pci_dma(&s->dev, p + 4);
81 desc->buf_addr1 = ldl_le_pci_dma(&s->dev, p + 8);
82 desc->buf_addr2 = ldl_le_pci_dma(&s->dev, p + 12);
83 }
84}
85
86static void tulip_desc_write(TULIPState *s, hwaddr p,
87 struct tulip_descriptor *desc)
88{
89 if (s->csr[0] & CSR0_DBO) {
90 stl_be_pci_dma(&s->dev, p, desc->status);
91 stl_be_pci_dma(&s->dev, p + 4, desc->control);
92 stl_be_pci_dma(&s->dev, p + 8, desc->buf_addr1);
93 stl_be_pci_dma(&s->dev, p + 12, desc->buf_addr2);
94 } else {
95 stl_le_pci_dma(&s->dev, p, desc->status);
96 stl_le_pci_dma(&s->dev, p + 4, desc->control);
97 stl_le_pci_dma(&s->dev, p + 8, desc->buf_addr1);
98 stl_le_pci_dma(&s->dev, p + 12, desc->buf_addr2);
99 }
100}
101
102static void tulip_update_int(TULIPState *s)
103{
104 uint32_t ie = s->csr[5] & s->csr[7];
105 bool assert = false;
106
107 s->csr[5] &= ~(CSR5_AIS | CSR5_NIS);
108
109 if (ie & (CSR5_TI | CSR5_TU | CSR5_RI | CSR5_GTE | CSR5_ERI)) {
110 s->csr[5] |= CSR5_NIS;
111 }
112
113 if (ie & (CSR5_LC | CSR5_GPI | CSR5_FBE | CSR5_LNF | CSR5_ETI | CSR5_RWT |
114 CSR5_RPS | CSR5_RU | CSR5_UNF | CSR5_LNP_ANC | CSR5_TJT |
115 CSR5_TPS)) {
116 s->csr[5] |= CSR5_AIS;
117 }
118
119 assert = s->csr[5] & s->csr[7] & (CSR5_AIS | CSR5_NIS);
120 trace_tulip_irq(s->csr[5], s->csr[7], assert ? "assert" : "deassert");
121 qemu_set_irq(s->irq, assert);
122}
123
124static bool tulip_rx_stopped(TULIPState *s)
125{
126 return ((s->csr[5] >> CSR5_RS_SHIFT) & CSR5_RS_MASK) == CSR5_RS_STOPPED;
127}
128
129static void tulip_dump_tx_descriptor(TULIPState *s,
130 struct tulip_descriptor *desc)
131{
132 trace_tulip_descriptor("TX ", s->current_tx_desc,
133 desc->status, desc->control >> 22,
134 desc->control & 0x7ff, (desc->control >> 11) & 0x7ff,
135 desc->buf_addr1, desc->buf_addr2);
136}
137
138static void tulip_dump_rx_descriptor(TULIPState *s,
139 struct tulip_descriptor *desc)
140{
141 trace_tulip_descriptor("RX ", s->current_rx_desc,
142 desc->status, desc->control >> 22,
143 desc->control & 0x7ff, (desc->control >> 11) & 0x7ff,
144 desc->buf_addr1, desc->buf_addr2);
145}
146
147static void tulip_next_rx_descriptor(TULIPState *s,
148 struct tulip_descriptor *desc)
149{
150 if (desc->control & RDES1_RER) {
151 s->current_rx_desc = s->csr[3];
152 } else if (desc->control & RDES1_RCH) {
153 s->current_rx_desc = desc->buf_addr2;
154 } else {
155 s->current_rx_desc += sizeof(struct tulip_descriptor) +
156 (((s->csr[0] >> CSR0_DSL_SHIFT) & CSR0_DSL_MASK) << 2);
157 }
158 s->current_rx_desc &= ~3ULL;
159}
160
161static void tulip_copy_rx_bytes(TULIPState *s, struct tulip_descriptor *desc)
162{
163 int len1 = (desc->control >> RDES1_BUF1_SIZE_SHIFT) & RDES1_BUF1_SIZE_MASK;
164 int len2 = (desc->control >> RDES1_BUF2_SIZE_SHIFT) & RDES1_BUF2_SIZE_MASK;
165 int len;
166
167 if (s->rx_frame_len && len1) {
168 if (s->rx_frame_len > len1) {
169 len = len1;
170 } else {
171 len = s->rx_frame_len;
172 }
173 pci_dma_write(&s->dev, desc->buf_addr1, s->rx_frame +
174 (s->rx_frame_size - s->rx_frame_len), len);
175 s->rx_frame_len -= len;
176 }
177
178 if (s->rx_frame_len && len2) {
179 if (s->rx_frame_len > len2) {
180 len = len2;
181 } else {
182 len = s->rx_frame_len;
183 }
184 pci_dma_write(&s->dev, desc->buf_addr2, s->rx_frame +
185 (s->rx_frame_size - s->rx_frame_len), len);
186 s->rx_frame_len -= len;
187 }
188}
189
190static bool tulip_filter_address(TULIPState *s, const uint8_t *addr)
191{
192 static const char broadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
193 bool ret = false;
194 int i;
195
196 for (i = 0; i < 16 && ret == false; i++) {
197 if (!memcmp(&s->filter[i], addr, ETH_ALEN)) {
198 ret = true;
199 }
200 }
201
202 if (!memcmp(addr, broadcast, ETH_ALEN)) {
203 return true;
204 }
205
206 if (s->csr[6] & (CSR6_PR | CSR6_RA)) {
207
208 s->rx_status |= RDES0_FF;
209 return true;
210 }
211
212 if ((s->csr[6] & CSR6_PM) && (addr[0] & 1)) {
213
214 s->rx_status |= RDES0_MF;
215 return true;
216 }
217
218 if (s->csr[6] & CSR6_IF) {
219 ret ^= true;
220 }
221 return ret;
222}
223
224static ssize_t tulip_receive(TULIPState *s, const uint8_t *buf, size_t size)
225{
226 struct tulip_descriptor desc;
227
228 trace_tulip_receive(buf, size);
229
230 if (size < 14 || size > 2048 || s->rx_frame_len || tulip_rx_stopped(s)) {
231 return 0;
232 }
233
234 if (!tulip_filter_address(s, buf)) {
235 return size;
236 }
237
238 do {
239 tulip_desc_read(s, s->current_rx_desc, &desc);
240 tulip_dump_rx_descriptor(s, &desc);
241
242 if (!(desc.status & RDES0_OWN)) {
243 s->csr[5] |= CSR5_RU;
244 tulip_update_int(s);
245 return s->rx_frame_size - s->rx_frame_len;
246 }
247 desc.status = 0;
248
249 if (!s->rx_frame_len) {
250 s->rx_frame_size = size + 4;
251 s->rx_status = RDES0_LS |
252 ((s->rx_frame_size & RDES0_FL_MASK) << RDES0_FL_SHIFT);
253 desc.status |= RDES0_FS;
254 memcpy(s->rx_frame, buf, size);
255 s->rx_frame_len = s->rx_frame_size;
256 }
257
258 tulip_copy_rx_bytes(s, &desc);
259
260 if (!s->rx_frame_len) {
261 desc.status |= s->rx_status;
262 s->csr[5] |= CSR5_RI;
263 tulip_update_int(s);
264 }
265 tulip_dump_rx_descriptor(s, &desc);
266 tulip_desc_write(s, s->current_rx_desc, &desc);
267 tulip_next_rx_descriptor(s, &desc);
268 } while (s->rx_frame_len);
269 return size;
270}
271
272static ssize_t tulip_receive_nc(NetClientState *nc,
273 const uint8_t *buf, size_t size)
274{
275 return tulip_receive(qemu_get_nic_opaque(nc), buf, size);
276}
277
278
279static NetClientInfo net_tulip_info = {
280 .type = NET_CLIENT_DRIVER_NIC,
281 .size = sizeof(NICState),
282 .receive = tulip_receive_nc,
283};
284
285static const char *tulip_reg_name(const hwaddr addr)
286{
287 switch (addr) {
288 case CSR(0):
289 return "CSR0";
290
291 case CSR(1):
292 return "CSR1";
293
294 case CSR(2):
295 return "CSR2";
296
297 case CSR(3):
298 return "CSR3";
299
300 case CSR(4):
301 return "CSR4";
302
303 case CSR(5):
304 return "CSR5";
305
306 case CSR(6):
307 return "CSR6";
308
309 case CSR(7):
310 return "CSR7";
311
312 case CSR(8):
313 return "CSR8";
314
315 case CSR(9):
316 return "CSR9";
317
318 case CSR(10):
319 return "CSR10";
320
321 case CSR(11):
322 return "CSR11";
323
324 case CSR(12):
325 return "CSR12";
326
327 case CSR(13):
328 return "CSR13";
329
330 case CSR(14):
331 return "CSR14";
332
333 case CSR(15):
334 return "CSR15";
335
336 default:
337 break;
338 }
339 return "";
340}
341
342static const char *tulip_rx_state_name(int state)
343{
344 switch (state) {
345 case CSR5_RS_STOPPED:
346 return "STOPPED";
347
348 case CSR5_RS_RUNNING_FETCH:
349 return "RUNNING/FETCH";
350
351 case CSR5_RS_RUNNING_CHECK_EOR:
352 return "RUNNING/CHECK EOR";
353
354 case CSR5_RS_RUNNING_WAIT_RECEIVE:
355 return "WAIT RECEIVE";
356
357 case CSR5_RS_SUSPENDED:
358 return "SUSPENDED";
359
360 case CSR5_RS_RUNNING_CLOSE:
361 return "RUNNING/CLOSE";
362
363 case CSR5_RS_RUNNING_FLUSH:
364 return "RUNNING/FLUSH";
365
366 case CSR5_RS_RUNNING_QUEUE:
367 return "RUNNING/QUEUE";
368
369 default:
370 break;
371 }
372 return "";
373}
374
375static const char *tulip_tx_state_name(int state)
376{
377 switch (state) {
378 case CSR5_TS_STOPPED:
379 return "STOPPED";
380
381 case CSR5_TS_RUNNING_FETCH:
382 return "RUNNING/FETCH";
383
384 case CSR5_TS_RUNNING_WAIT_EOT:
385 return "RUNNING/WAIT EOT";
386
387 case CSR5_TS_RUNNING_READ_BUF:
388 return "RUNNING/READ BUF";
389
390 case CSR5_TS_RUNNING_SETUP:
391 return "RUNNING/SETUP";
392
393 case CSR5_TS_SUSPENDED:
394 return "SUSPENDED";
395
396 case CSR5_TS_RUNNING_CLOSE:
397 return "RUNNING/CLOSE";
398
399 default:
400 break;
401 }
402 return "";
403}
404
405static void tulip_update_rs(TULIPState *s, int state)
406{
407 s->csr[5] &= ~(CSR5_RS_MASK << CSR5_RS_SHIFT);
408 s->csr[5] |= (state & CSR5_RS_MASK) << CSR5_RS_SHIFT;
409 trace_tulip_rx_state(tulip_rx_state_name(state));
410}
411
412static uint16_t tulip_mdi_default[] = {
413
414 0x3100, 0xf02c, 0x7810, 0x0000, 0x0501, 0x4181, 0x0000, 0x0000,
415
416 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
417
418 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
419 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
420};
421
422
423static const uint16_t tulip_mdi_mask[] = {
424 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000,
425 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
426 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
427 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
428};
429
430static uint16_t tulip_mii_read(TULIPState *s, int phy, int reg)
431{
432 uint16_t ret = 0;
433 if (phy == 1) {
434 ret = tulip_mdi_default[reg];
435 }
436 trace_tulip_mii_read(phy, reg, ret);
437 return ret;
438}
439
440static void tulip_mii_write(TULIPState *s, int phy, int reg, uint16_t data)
441{
442 trace_tulip_mii_write(phy, reg, data);
443
444 if (phy != 1) {
445 return;
446 }
447
448 tulip_mdi_default[reg] &= ~tulip_mdi_mask[reg];
449 tulip_mdi_default[reg] |= (data & tulip_mdi_mask[reg]);
450}
451
452static void tulip_mii(TULIPState *s)
453{
454 uint32_t changed = s->old_csr9 ^ s->csr[9];
455 uint16_t data;
456 int op, phy, reg;
457
458 if (!(changed & CSR9_MDC)) {
459 return;
460 }
461
462 if (!(s->csr[9] & CSR9_MDC)) {
463 return;
464 }
465
466 s->mii_bitcnt++;
467 s->mii_word <<= 1;
468
469 if (s->csr[9] & CSR9_MDO && (s->mii_bitcnt < 16 ||
470 !(s->csr[9] & CSR9_MII))) {
471
472 s->mii_word |= 1;
473 }
474
475 if (s->mii_bitcnt >= 16 && (s->csr[9] & CSR9_MII)) {
476 if (s->mii_word & 0x8000) {
477 s->csr[9] |= CSR9_MDI;
478 } else {
479 s->csr[9] &= ~CSR9_MDI;
480 }
481 }
482
483 if (s->mii_word == 0xffffffff) {
484 s->mii_bitcnt = 0;
485 } else if (s->mii_bitcnt == 16) {
486 op = (s->mii_word >> 12) & 0x0f;
487 phy = (s->mii_word >> 7) & 0x1f;
488 reg = (s->mii_word >> 2) & 0x1f;
489
490 if (op == 6) {
491 s->mii_word = tulip_mii_read(s, phy, reg);
492 }
493 } else if (s->mii_bitcnt == 32) {
494 op = (s->mii_word >> 28) & 0x0f;
495 phy = (s->mii_word >> 23) & 0x1f;
496 reg = (s->mii_word >> 18) & 0x1f;
497 data = s->mii_word & 0xffff;
498
499 if (op == 5) {
500 tulip_mii_write(s, phy, reg, data);
501 }
502 }
503}
504
505static uint32_t tulip_csr9_read(TULIPState *s)
506{
507 if (s->csr[9] & CSR9_SR) {
508 if (eeprom93xx_read(s->eeprom)) {
509 s->csr[9] |= CSR9_SR_DO;
510 } else {
511 s->csr[9] &= ~CSR9_SR_DO;
512 }
513 }
514
515 tulip_mii(s);
516 return s->csr[9];
517}
518
519static void tulip_update_ts(TULIPState *s, int state)
520{
521 s->csr[5] &= ~(CSR5_TS_MASK << CSR5_TS_SHIFT);
522 s->csr[5] |= (state & CSR5_TS_MASK) << CSR5_TS_SHIFT;
523 trace_tulip_tx_state(tulip_tx_state_name(state));
524}
525
526static uint64_t tulip_read(void *opaque, hwaddr addr,
527 unsigned size)
528{
529 TULIPState *s = opaque;
530 uint64_t data = 0;
531
532 switch (addr) {
533 case CSR(9):
534 data = tulip_csr9_read(s);
535 break;
536
537 case CSR(12):
538
539 data = 5 << CSR12_ANS_SHIFT;
540 break;
541
542 default:
543 if (addr & 7) {
544 qemu_log_mask(LOG_GUEST_ERROR, "%s: read access at unknown address"
545 " 0x%"PRIx64"\n", __func__, addr);
546 } else {
547 data = s->csr[addr >> 3];
548 }
549 break;
550 }
551 trace_tulip_reg_read(addr, tulip_reg_name(addr), size, data);
552 return data;
553}
554
555static void tulip_tx(TULIPState *s, struct tulip_descriptor *desc)
556{
557 if (s->tx_frame_len) {
558 if ((s->csr[6] >> CSR6_OM_SHIFT) & CSR6_OM_MASK) {
559
560 tulip_receive(s, s->tx_frame, s->tx_frame_len);
561 } else {
562 qemu_send_packet(qemu_get_queue(s->nic),
563 s->tx_frame, s->tx_frame_len);
564 }
565 }
566
567 if (desc->control & TDES1_IC) {
568 s->csr[5] |= CSR5_TI;
569 tulip_update_int(s);
570 }
571}
572
573static void tulip_copy_tx_buffers(TULIPState *s, struct tulip_descriptor *desc)
574{
575 int len1 = (desc->control >> TDES1_BUF1_SIZE_SHIFT) & TDES1_BUF1_SIZE_MASK;
576 int len2 = (desc->control >> TDES1_BUF2_SIZE_SHIFT) & TDES1_BUF2_SIZE_MASK;
577
578 if (len1) {
579 pci_dma_read(&s->dev, desc->buf_addr1,
580 s->tx_frame + s->tx_frame_len, len1);
581 s->tx_frame_len += len1;
582 }
583
584 if (len2) {
585 pci_dma_read(&s->dev, desc->buf_addr2,
586 s->tx_frame + s->tx_frame_len, len2);
587 s->tx_frame_len += len2;
588 }
589 desc->status = (len1 + len2) ? 0 : 0x7fffffff;
590}
591
592static void tulip_setup_filter_addr(TULIPState *s, uint8_t *buf, int n)
593{
594 int offset = n * 12;
595
596 s->filter[n][0] = buf[offset];
597 s->filter[n][1] = buf[offset + 1];
598
599 s->filter[n][2] = buf[offset + 4];
600 s->filter[n][3] = buf[offset + 5];
601
602 s->filter[n][4] = buf[offset + 8];
603 s->filter[n][5] = buf[offset + 9];
604
605 trace_tulip_setup_filter(n, s->filter[n][5], s->filter[n][4],
606 s->filter[n][3], s->filter[n][2], s->filter[n][1], s->filter[n][0]);
607}
608
609static void tulip_setup_frame(TULIPState *s,
610 struct tulip_descriptor *desc)
611{
612 uint8_t buf[4096];
613 int len = (desc->control >> TDES1_BUF1_SIZE_SHIFT) & TDES1_BUF1_SIZE_MASK;
614 int i;
615
616 trace_tulip_setup_frame();
617
618 if (len == 192) {
619 pci_dma_read(&s->dev, desc->buf_addr1, buf, len);
620 for (i = 0; i < 16; i++) {
621 tulip_setup_filter_addr(s, buf, i);
622 }
623 }
624
625 desc->status = 0x7fffffff;
626
627 if (desc->control & TDES1_IC) {
628 s->csr[5] |= CSR5_TI;
629 tulip_update_int(s);
630 }
631}
632
633static void tulip_next_tx_descriptor(TULIPState *s,
634 struct tulip_descriptor *desc)
635{
636 if (desc->control & TDES1_TER) {
637 s->current_tx_desc = s->csr[4];
638 } else if (desc->control & TDES1_TCH) {
639 s->current_tx_desc = desc->buf_addr2;
640 } else {
641 s->current_tx_desc += sizeof(struct tulip_descriptor) +
642 (((s->csr[0] >> CSR0_DSL_SHIFT) & CSR0_DSL_MASK) << 2);
643 }
644 s->current_tx_desc &= ~3ULL;
645}
646
647static uint32_t tulip_ts(TULIPState *s)
648{
649 return (s->csr[5] >> CSR5_TS_SHIFT) & CSR5_TS_MASK;
650}
651
652static void tulip_xmit_list_update(TULIPState *s)
653{
654 struct tulip_descriptor desc;
655
656 if (tulip_ts(s) != CSR5_TS_SUSPENDED) {
657 return;
658 }
659
660 for (;;) {
661 tulip_desc_read(s, s->current_tx_desc, &desc);
662 tulip_dump_tx_descriptor(s, &desc);
663
664 if (!(desc.status & TDES0_OWN)) {
665 tulip_update_ts(s, CSR5_TS_SUSPENDED);
666 s->csr[5] |= CSR5_TU;
667 tulip_update_int(s);
668 return;
669 }
670
671 if (desc.control & TDES1_SET) {
672 tulip_setup_frame(s, &desc);
673 } else {
674 if (desc.control & TDES1_FS) {
675 s->tx_frame_len = 0;
676 }
677
678 tulip_copy_tx_buffers(s, &desc);
679
680 if (desc.control & TDES1_LS) {
681 tulip_tx(s, &desc);
682 }
683 }
684 tulip_desc_write(s, s->current_tx_desc, &desc);
685 tulip_next_tx_descriptor(s, &desc);
686 }
687}
688
689static void tulip_csr9_write(TULIPState *s, uint32_t old_val,
690 uint32_t new_val)
691{
692 if (new_val & CSR9_SR) {
693 eeprom93xx_write(s->eeprom,
694 !!(new_val & CSR9_SR_CS),
695 !!(new_val & CSR9_SR_SK),
696 !!(new_val & CSR9_SR_DI));
697 }
698}
699
700static void tulip_reset(TULIPState *s)
701{
702 trace_tulip_reset();
703
704 s->csr[0] = 0xfe000000;
705 s->csr[1] = 0xffffffff;
706 s->csr[2] = 0xffffffff;
707 s->csr[5] = 0xf0000000;
708 s->csr[6] = 0x32000040;
709 s->csr[7] = 0xf3fe0000;
710 s->csr[8] = 0xe0000000;
711 s->csr[9] = 0xfff483ff;
712 s->csr[11] = 0xfffe0000;
713 s->csr[12] = 0x000000c6;
714 s->csr[13] = 0xffff0000;
715 s->csr[14] = 0xffffffff;
716 s->csr[15] = 0x8ff00000;
717}
718
719static void tulip_qdev_reset(DeviceState *dev)
720{
721 PCIDevice *d = PCI_DEVICE(dev);
722 TULIPState *s = TULIP(d);
723
724 tulip_reset(s);
725}
726
727static void tulip_write(void *opaque, hwaddr addr,
728 uint64_t data, unsigned size)
729{
730 TULIPState *s = opaque;
731 trace_tulip_reg_write(addr, tulip_reg_name(addr), size, data);
732
733 switch (addr) {
734 case CSR(0):
735 s->csr[0] = data;
736 if (data & CSR0_SWR) {
737 tulip_reset(s);
738 tulip_update_int(s);
739 }
740 break;
741
742 case CSR(1):
743 tulip_xmit_list_update(s);
744 break;
745
746 case CSR(2):
747 qemu_flush_queued_packets(qemu_get_queue(s->nic));
748 break;
749
750 case CSR(3):
751 s->csr[3] = data & ~3ULL;
752 s->current_rx_desc = s->csr[3];
753 qemu_flush_queued_packets(qemu_get_queue(s->nic));
754 break;
755
756 case CSR(4):
757 s->csr[4] = data & ~3ULL;
758 s->current_tx_desc = s->csr[4];
759 tulip_xmit_list_update(s);
760 break;
761
762 case CSR(5):
763
764 s->csr[5] &= ~(data & (CSR5_TI | CSR5_TPS | CSR5_TU | CSR5_TJT |
765 CSR5_LNP_ANC | CSR5_UNF | CSR5_RI | CSR5_RU |
766 CSR5_RPS | CSR5_RWT | CSR5_ETI | CSR5_GTE |
767 CSR5_LNF | CSR5_FBE | CSR5_ERI | CSR5_AIS |
768 CSR5_NIS | CSR5_GPI | CSR5_LC));
769 tulip_update_int(s);
770 break;
771
772 case CSR(6):
773 s->csr[6] = data;
774 if (s->csr[6] & CSR6_SR) {
775 tulip_update_rs(s, CSR5_RS_RUNNING_WAIT_RECEIVE);
776 qemu_flush_queued_packets(qemu_get_queue(s->nic));
777 } else {
778 tulip_update_rs(s, CSR5_RS_STOPPED);
779 }
780
781 if (s->csr[6] & CSR6_ST) {
782 tulip_update_ts(s, CSR5_TS_SUSPENDED);
783 tulip_xmit_list_update(s);
784 } else {
785 tulip_update_ts(s, CSR5_TS_STOPPED);
786 }
787 break;
788
789 case CSR(7):
790 s->csr[7] = data;
791 tulip_update_int(s);
792 break;
793
794 case CSR(8):
795 s->csr[9] = data;
796 break;
797
798 case CSR(9):
799 tulip_csr9_write(s, s->csr[9], data);
800
801 s->csr[9] &= CSR9_MDI;
802 s->csr[9] |= (data & ~CSR9_MDI);
803 tulip_mii(s);
804 s->old_csr9 = s->csr[9];
805 break;
806
807 case CSR(10):
808 s->csr[10] = data;
809 break;
810
811 case CSR(11):
812 s->csr[11] = data;
813 break;
814
815 case CSR(12):
816
817 s->csr[12] &= ~(data & (CSR12_MRA | CSR12_TRA | CSR12_ARA));
818 break;
819
820 case CSR(13):
821 s->csr[13] = data;
822 break;
823
824 case CSR(14):
825 s->csr[14] = data;
826 break;
827
828 case CSR(15):
829 s->csr[15] = data;
830 break;
831
832 default:
833 qemu_log_mask(LOG_GUEST_ERROR, "%s: write to CSR at unknown address "
834 "0x%"PRIx64"\n", __func__, addr);
835 break;
836 }
837}
838
839static const MemoryRegionOps tulip_ops = {
840 .read = tulip_read,
841 .write = tulip_write,
842 .endianness = DEVICE_LITTLE_ENDIAN,
843 .impl = {
844 .min_access_size = 4,
845 .max_access_size = 4,
846 },
847};
848
849static void tulip_idblock_crc(TULIPState *s, uint16_t *srom)
850{
851 int word, n;
852 int bit;
853 unsigned char bitval, crc;
854 const int len = 9;
855 n = 0;
856 crc = -1;
857
858 for (word = 0; word < len; word++) {
859 for (bit = 15; bit >= 0; bit--) {
860 if ((word == (len - 1)) && (bit == 7)) {
861
862
863
864
865 srom[len - 1] = (srom[len - 1] & 0xff00) | (unsigned short)crc;
866 break;
867 }
868 n++;
869 bitval = ((srom[word] >> bit) & 1) ^ ((crc >> 7) & 1);
870 crc = crc << 1;
871 if (bitval == 1) {
872 crc ^= 6;
873 crc |= 0x01;
874 }
875 }
876 }
877}
878
879static uint16_t tulip_srom_crc(TULIPState *s, uint8_t *eeprom, size_t len)
880{
881 unsigned long crc = 0xffffffff;
882 unsigned long flippedcrc = 0;
883 unsigned char currentbyte;
884 unsigned int msb, bit, i;
885
886 for (i = 0; i < len; i++) {
887 currentbyte = eeprom[i];
888 for (bit = 0; bit < 8; bit++) {
889 msb = (crc >> 31) & 1;
890 crc <<= 1;
891 if (msb ^ (currentbyte & 1)) {
892 crc ^= 0x04c11db6;
893 crc |= 0x00000001;
894 }
895 currentbyte >>= 1;
896 }
897 }
898
899 for (i = 0; i < 32; i++) {
900 flippedcrc <<= 1;
901 bit = crc & 1;
902 crc >>= 1;
903 flippedcrc += bit;
904 }
905 return (flippedcrc ^ 0xffffffff) & 0xffff;
906}
907
908static const uint8_t eeprom_default[128] = {
909 0x3c, 0x10, 0x4f, 0x10, 0x00, 0x00, 0x00, 0x00,
910 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
911 0x56, 0x08, 0x04, 0x01, 0x00, 0x80, 0x48, 0xb3,
912 0x0e, 0xa7, 0x00, 0x1e, 0x00, 0x00, 0x00, 0x08,
913 0x01, 0x8d, 0x03, 0x00, 0x00, 0x00, 0x00, 0x78,
914 0xe0, 0x01, 0x00, 0x50, 0x00, 0x18, 0x00, 0x00,
915 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
916 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
917 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
918 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
919 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
920 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe8, 0x6b,
921 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
922 0x48, 0xb3, 0x0e, 0xa7, 0x40, 0x00, 0x00, 0x00,
923 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
924 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
925};
926
927static void tulip_fill_eeprom(TULIPState *s)
928{
929 uint16_t *eeprom = eeprom93xx_data(s->eeprom);
930 memcpy(eeprom, eeprom_default, 128);
931
932
933 eeprom[10] = cpu_to_le16(s->c.macaddr.a[0] | (s->c.macaddr.a[1] << 8));
934 eeprom[11] = cpu_to_le16(s->c.macaddr.a[2] | (s->c.macaddr.a[3] << 8));
935 eeprom[12] = cpu_to_le16(s->c.macaddr.a[4] | (s->c.macaddr.a[5] << 8));
936 tulip_idblock_crc(s, eeprom);
937 eeprom[63] = cpu_to_le16(tulip_srom_crc(s, (uint8_t *)eeprom, 126));
938}
939
940static void pci_tulip_realize(PCIDevice *pci_dev, Error **errp)
941{
942 TULIPState *s = DO_UPCAST(TULIPState, dev, pci_dev);
943 uint8_t *pci_conf;
944
945 pci_conf = s->dev.config;
946 pci_conf[PCI_INTERRUPT_PIN] = 1;
947
948 s->eeprom = eeprom93xx_new(&pci_dev->qdev, 64);
949 tulip_fill_eeprom(s);
950
951 memory_region_init_io(&s->io, OBJECT(&s->dev), &tulip_ops, s,
952 "tulip-io", 128);
953
954 memory_region_init_io(&s->memory, OBJECT(&s->dev), &tulip_ops, s,
955 "tulip-mem", 128);
956
957 pci_register_bar(&s->dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io);
958 pci_register_bar(&s->dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->memory);
959
960 s->irq = pci_allocate_irq(&s->dev);
961
962 qemu_macaddr_default_if_unset(&s->c.macaddr);
963
964 s->nic = qemu_new_nic(&net_tulip_info, &s->c,
965 object_get_typename(OBJECT(pci_dev)),
966 pci_dev->qdev.id, s);
967 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->c.macaddr.a);
968}
969
970static void pci_tulip_exit(PCIDevice *pci_dev)
971{
972 TULIPState *s = DO_UPCAST(TULIPState, dev, pci_dev);
973
974 qemu_del_nic(s->nic);
975 qemu_free_irq(s->irq);
976 eeprom93xx_free(&pci_dev->qdev, s->eeprom);
977}
978
979static void tulip_instance_init(Object *obj)
980{
981 PCIDevice *pci_dev = PCI_DEVICE(obj);
982 TULIPState *d = DO_UPCAST(TULIPState, dev, pci_dev);
983
984 device_add_bootindex_property(obj, &d->c.bootindex,
985 "bootindex", "/ethernet-phy@0",
986 &pci_dev->qdev, NULL);
987}
988
989static Property tulip_properties[] = {
990 DEFINE_NIC_PROPERTIES(TULIPState, c),
991 DEFINE_PROP_END_OF_LIST(),
992};
993
994static void tulip_class_init(ObjectClass *klass, void *data)
995{
996 DeviceClass *dc = DEVICE_CLASS(klass);
997 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
998
999 k->realize = pci_tulip_realize;
1000 k->exit = pci_tulip_exit;
1001 k->vendor_id = PCI_VENDOR_ID_DEC;
1002 k->device_id = PCI_DEVICE_ID_DEC_21143;
1003 k->subsystem_vendor_id = 0x103c;
1004 k->subsystem_id = 0x104f;
1005 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
1006 dc->vmsd = &vmstate_pci_tulip;
1007 dc->props = tulip_properties;
1008 dc->reset = tulip_qdev_reset;
1009 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
1010}
1011
1012static const TypeInfo tulip_info = {
1013 .name = TYPE_TULIP,
1014 .parent = TYPE_PCI_DEVICE,
1015 .instance_size = sizeof(TULIPState),
1016 .class_init = tulip_class_init,
1017 .instance_init = tulip_instance_init,
1018 .interfaces = (InterfaceInfo[]) {
1019 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
1020 { },
1021 },
1022};
1023
1024static void tulip_register_types(void)
1025{
1026 type_register_static(&tulip_info);
1027}
1028
1029type_init(tulip_register_types)
1030
