1
2
3
4
5
6
7
8
9#include "qemu/osdep.h"
10#include "qemu/log.h"
11#include "hw/irq.h"
12#include "hw/pci/pci.h"
13#include "hw/qdev-properties.h"
14#include "hw/nvram/eeprom93xx.h"
15#include "migration/vmstate.h"
16#include "sysemu/sysemu.h"
17#include "tulip.h"
18#include "trace.h"
19#include "net/eth.h"
20
21typedef struct TULIPState {
22 PCIDevice dev;
23 MemoryRegion io;
24 MemoryRegion memory;
25 NICConf c;
26 qemu_irq irq;
27 NICState *nic;
28 eeprom_t *eeprom;
29 uint32_t csr[16];
30
31
32 uint32_t old_csr9;
33 uint32_t mii_word;
34 uint32_t mii_bitcnt;
35
36 hwaddr current_rx_desc;
37 hwaddr current_tx_desc;
38
39 uint8_t rx_frame[2048];
40 uint8_t tx_frame[2048];
41 uint16_t tx_frame_len;
42 uint16_t rx_frame_len;
43 uint16_t rx_frame_size;
44
45 uint32_t rx_status;
46 uint8_t filter[16][6];
47} TULIPState;
48
49static const VMStateDescription vmstate_pci_tulip = {
50 .name = "tulip",
51 .fields = (VMStateField[]) {
52 VMSTATE_PCI_DEVICE(dev, TULIPState),
53 VMSTATE_UINT32_ARRAY(csr, TULIPState, 16),
54 VMSTATE_UINT32(old_csr9, TULIPState),
55 VMSTATE_UINT32(mii_word, TULIPState),
56 VMSTATE_UINT32(mii_bitcnt, TULIPState),
57 VMSTATE_UINT64(current_rx_desc, TULIPState),
58 VMSTATE_UINT64(current_tx_desc, TULIPState),
59 VMSTATE_BUFFER(rx_frame, TULIPState),
60 VMSTATE_BUFFER(tx_frame, TULIPState),
61 VMSTATE_UINT16(rx_frame_len, TULIPState),
62 VMSTATE_UINT16(tx_frame_len, TULIPState),
63 VMSTATE_UINT16(rx_frame_size, TULIPState),
64 VMSTATE_UINT32(rx_status, TULIPState),
65 VMSTATE_UINT8_2DARRAY(filter, TULIPState, 16, 6),
66 VMSTATE_END_OF_LIST()
67 }
68};
69
70static void tulip_desc_read(TULIPState *s, hwaddr p,
71 struct tulip_descriptor *desc)
72{
73 if (s->csr[0] & CSR0_DBO) {
74 desc->status = ldl_be_pci_dma(&s->dev, p);
75 desc->control = ldl_be_pci_dma(&s->dev, p + 4);
76 desc->buf_addr1 = ldl_be_pci_dma(&s->dev, p + 8);
77 desc->buf_addr2 = ldl_be_pci_dma(&s->dev, p + 12);
78 } else {
79 desc->status = ldl_le_pci_dma(&s->dev, p);
80 desc->control = ldl_le_pci_dma(&s->dev, p + 4);
81 desc->buf_addr1 = ldl_le_pci_dma(&s->dev, p + 8);
82 desc->buf_addr2 = ldl_le_pci_dma(&s->dev, p + 12);
83 }
84}
85
86static void tulip_desc_write(TULIPState *s, hwaddr p,
87 struct tulip_descriptor *desc)
88{
89 if (s->csr[0] & CSR0_DBO) {
90 stl_be_pci_dma(&s->dev, p, desc->status);
91 stl_be_pci_dma(&s->dev, p + 4, desc->control);
92 stl_be_pci_dma(&s->dev, p + 8, desc->buf_addr1);
93 stl_be_pci_dma(&s->dev, p + 12, desc->buf_addr2);
94 } else {
95 stl_le_pci_dma(&s->dev, p, desc->status);
96 stl_le_pci_dma(&s->dev, p + 4, desc->control);
97 stl_le_pci_dma(&s->dev, p + 8, desc->buf_addr1);
98 stl_le_pci_dma(&s->dev, p + 12, desc->buf_addr2);
99 }
100}
101
102static void tulip_update_int(TULIPState *s)
103{
104 uint32_t ie = s->csr[5] & s->csr[7];
105 bool assert = false;
106
107 s->csr[5] &= ~(CSR5_AIS | CSR5_NIS);
108
109 if (ie & (CSR5_TI | CSR5_TU | CSR5_RI | CSR5_GTE | CSR5_ERI)) {
110 s->csr[5] |= CSR5_NIS;
111 }
112
113 if (ie & (CSR5_LC | CSR5_GPI | CSR5_FBE | CSR5_LNF | CSR5_ETI | CSR5_RWT |
114 CSR5_RPS | CSR5_RU | CSR5_UNF | CSR5_LNP_ANC | CSR5_TJT |
115 CSR5_TPS)) {
116 s->csr[5] |= CSR5_AIS;
117 }
118
119 assert = s->csr[5] & s->csr[7] & (CSR5_AIS | CSR5_NIS);
120 trace_tulip_irq(s->csr[5], s->csr[7], assert ? "assert" : "deassert");
121 qemu_set_irq(s->irq, assert);
122}
123
124static bool tulip_rx_stopped(TULIPState *s)
125{
126 return ((s->csr[5] >> CSR5_RS_SHIFT) & CSR5_RS_MASK) == CSR5_RS_STOPPED;
127}
128
129static void tulip_dump_tx_descriptor(TULIPState *s,
130 struct tulip_descriptor *desc)
131{
132 trace_tulip_descriptor("TX ", s->current_tx_desc,
133 desc->status, desc->control >> 22,
134 desc->control & 0x7ff, (desc->control >> 11) & 0x7ff,
135 desc->buf_addr1, desc->buf_addr2);
136}
137
138static void tulip_dump_rx_descriptor(TULIPState *s,
139 struct tulip_descriptor *desc)
140{
141 trace_tulip_descriptor("RX ", s->current_rx_desc,
142 desc->status, desc->control >> 22,
143 desc->control & 0x7ff, (desc->control >> 11) & 0x7ff,
144 desc->buf_addr1, desc->buf_addr2);
145}
146
147static void tulip_next_rx_descriptor(TULIPState *s,
148 struct tulip_descriptor *desc)
149{
150 if (desc->control & RDES1_RER) {
151 s->current_rx_desc = s->csr[3];
152 } else if (desc->control & RDES1_RCH) {
153 s->current_rx_desc = desc->buf_addr2;
154 } else {
155 s->current_rx_desc += sizeof(struct tulip_descriptor) +
156 (((s->csr[0] >> CSR0_DSL_SHIFT) & CSR0_DSL_MASK) << 2);
157 }
158 s->current_rx_desc &= ~3ULL;
159}
160
161static void tulip_copy_rx_bytes(TULIPState *s, struct tulip_descriptor *desc)
162{
163 int len1 = (desc->control >> RDES1_BUF1_SIZE_SHIFT) & RDES1_BUF1_SIZE_MASK;
164 int len2 = (desc->control >> RDES1_BUF2_SIZE_SHIFT) & RDES1_BUF2_SIZE_MASK;
165 int len;
166
167 if (s->rx_frame_len && len1) {
168 if (s->rx_frame_len > len1) {
169 len = len1;
170 } else {
171 len = s->rx_frame_len;
172 }
173
174 if (s->rx_frame_len + len > sizeof(s->rx_frame)) {
175 return;
176 }
177 pci_dma_write(&s->dev, desc->buf_addr1, s->rx_frame +
178 (s->rx_frame_size - s->rx_frame_len), len);
179 s->rx_frame_len -= len;
180 }
181
182 if (s->rx_frame_len && len2) {
183 if (s->rx_frame_len > len2) {
184 len = len2;
185 } else {
186 len = s->rx_frame_len;
187 }
188
189 if (s->rx_frame_len + len > sizeof(s->rx_frame)) {
190 return;
191 }
192 pci_dma_write(&s->dev, desc->buf_addr2, s->rx_frame +
193 (s->rx_frame_size - s->rx_frame_len), len);
194 s->rx_frame_len -= len;
195 }
196}
197
198static bool tulip_filter_address(TULIPState *s, const uint8_t *addr)
199{
200 static const char broadcast[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
201 bool ret = false;
202 int i;
203
204 for (i = 0; i < 16 && ret == false; i++) {
205 if (!memcmp(&s->filter[i], addr, ETH_ALEN)) {
206 ret = true;
207 }
208 }
209
210 if (!memcmp(addr, broadcast, ETH_ALEN)) {
211 return true;
212 }
213
214 if (s->csr[6] & (CSR6_PR | CSR6_RA)) {
215
216 s->rx_status |= RDES0_FF;
217 return true;
218 }
219
220 if ((s->csr[6] & CSR6_PM) && (addr[0] & 1)) {
221
222 s->rx_status |= RDES0_MF;
223 return true;
224 }
225
226 if (s->csr[6] & CSR6_IF) {
227 ret ^= true;
228 }
229 return ret;
230}
231
232static ssize_t tulip_receive(TULIPState *s, const uint8_t *buf, size_t size)
233{
234 struct tulip_descriptor desc;
235
236 trace_tulip_receive(buf, size);
237
238 if (size < 14 || size > sizeof(s->rx_frame) - 4
239 || s->rx_frame_len || tulip_rx_stopped(s)) {
240 return 0;
241 }
242
243 if (!tulip_filter_address(s, buf)) {
244 return size;
245 }
246
247 do {
248 tulip_desc_read(s, s->current_rx_desc, &desc);
249 tulip_dump_rx_descriptor(s, &desc);
250
251 if (!(desc.status & RDES0_OWN)) {
252 s->csr[5] |= CSR5_RU;
253 tulip_update_int(s);
254 return s->rx_frame_size - s->rx_frame_len;
255 }
256 desc.status = 0;
257
258 if (!s->rx_frame_len) {
259 s->rx_frame_size = size + 4;
260 s->rx_status = RDES0_LS |
261 ((s->rx_frame_size & RDES0_FL_MASK) << RDES0_FL_SHIFT);
262 desc.status |= RDES0_FS;
263 memcpy(s->rx_frame, buf, size);
264 s->rx_frame_len = s->rx_frame_size;
265 }
266
267 tulip_copy_rx_bytes(s, &desc);
268
269 if (!s->rx_frame_len) {
270 desc.status |= s->rx_status;
271 s->csr[5] |= CSR5_RI;
272 tulip_update_int(s);
273 }
274 tulip_dump_rx_descriptor(s, &desc);
275 tulip_desc_write(s, s->current_rx_desc, &desc);
276 tulip_next_rx_descriptor(s, &desc);
277 } while (s->rx_frame_len);
278 return size;
279}
280
281static ssize_t tulip_receive_nc(NetClientState *nc,
282 const uint8_t *buf, size_t size)
283{
284 return tulip_receive(qemu_get_nic_opaque(nc), buf, size);
285}
286
287static NetClientInfo net_tulip_info = {
288 .type = NET_CLIENT_DRIVER_NIC,
289 .size = sizeof(NICState),
290 .receive = tulip_receive_nc,
291};
292
293static const char *tulip_reg_name(const hwaddr addr)
294{
295 switch (addr) {
296 case CSR(0):
297 return "CSR0";
298
299 case CSR(1):
300 return "CSR1";
301
302 case CSR(2):
303 return "CSR2";
304
305 case CSR(3):
306 return "CSR3";
307
308 case CSR(4):
309 return "CSR4";
310
311 case CSR(5):
312 return "CSR5";
313
314 case CSR(6):
315 return "CSR6";
316
317 case CSR(7):
318 return "CSR7";
319
320 case CSR(8):
321 return "CSR8";
322
323 case CSR(9):
324 return "CSR9";
325
326 case CSR(10):
327 return "CSR10";
328
329 case CSR(11):
330 return "CSR11";
331
332 case CSR(12):
333 return "CSR12";
334
335 case CSR(13):
336 return "CSR13";
337
338 case CSR(14):
339 return "CSR14";
340
341 case CSR(15):
342 return "CSR15";
343
344 default:
345 break;
346 }
347 return "";
348}
349
350static const char *tulip_rx_state_name(int state)
351{
352 switch (state) {
353 case CSR5_RS_STOPPED:
354 return "STOPPED";
355
356 case CSR5_RS_RUNNING_FETCH:
357 return "RUNNING/FETCH";
358
359 case CSR5_RS_RUNNING_CHECK_EOR:
360 return "RUNNING/CHECK EOR";
361
362 case CSR5_RS_RUNNING_WAIT_RECEIVE:
363 return "WAIT RECEIVE";
364
365 case CSR5_RS_SUSPENDED:
366 return "SUSPENDED";
367
368 case CSR5_RS_RUNNING_CLOSE:
369 return "RUNNING/CLOSE";
370
371 case CSR5_RS_RUNNING_FLUSH:
372 return "RUNNING/FLUSH";
373
374 case CSR5_RS_RUNNING_QUEUE:
375 return "RUNNING/QUEUE";
376
377 default:
378 break;
379 }
380 return "";
381}
382
383static const char *tulip_tx_state_name(int state)
384{
385 switch (state) {
386 case CSR5_TS_STOPPED:
387 return "STOPPED";
388
389 case CSR5_TS_RUNNING_FETCH:
390 return "RUNNING/FETCH";
391
392 case CSR5_TS_RUNNING_WAIT_EOT:
393 return "RUNNING/WAIT EOT";
394
395 case CSR5_TS_RUNNING_READ_BUF:
396 return "RUNNING/READ BUF";
397
398 case CSR5_TS_RUNNING_SETUP:
399 return "RUNNING/SETUP";
400
401 case CSR5_TS_SUSPENDED:
402 return "SUSPENDED";
403
404 case CSR5_TS_RUNNING_CLOSE:
405 return "RUNNING/CLOSE";
406
407 default:
408 break;
409 }
410 return "";
411}
412
413static void tulip_update_rs(TULIPState *s, int state)
414{
415 s->csr[5] &= ~(CSR5_RS_MASK << CSR5_RS_SHIFT);
416 s->csr[5] |= (state & CSR5_RS_MASK) << CSR5_RS_SHIFT;
417 trace_tulip_rx_state(tulip_rx_state_name(state));
418}
419
420static uint16_t tulip_mdi_default[] = {
421
422 0x3100, 0xf02c, 0x7810, 0x0000, 0x0501, 0x4181, 0x0000, 0x0000,
423
424 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
425
426 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
427 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
428};
429
430
431static const uint16_t tulip_mdi_mask[] = {
432 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000,
433 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
434 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
435 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
436};
437
438static uint16_t tulip_mii_read(TULIPState *s, int phy, int reg)
439{
440 uint16_t ret = 0;
441 if (phy == 1) {
442 ret = tulip_mdi_default[reg];
443 }
444 trace_tulip_mii_read(phy, reg, ret);
445 return ret;
446}
447
448static void tulip_mii_write(TULIPState *s, int phy, int reg, uint16_t data)
449{
450 trace_tulip_mii_write(phy, reg, data);
451
452 if (phy != 1) {
453 return;
454 }
455
456 tulip_mdi_default[reg] &= ~tulip_mdi_mask[reg];
457 tulip_mdi_default[reg] |= (data & tulip_mdi_mask[reg]);
458}
459
460static void tulip_mii(TULIPState *s)
461{
462 uint32_t changed = s->old_csr9 ^ s->csr[9];
463 uint16_t data;
464 int op, phy, reg;
465
466 if (!(changed & CSR9_MDC)) {
467 return;
468 }
469
470 if (!(s->csr[9] & CSR9_MDC)) {
471 return;
472 }
473
474 s->mii_bitcnt++;
475 s->mii_word <<= 1;
476
477 if (s->csr[9] & CSR9_MDO && (s->mii_bitcnt < 16 ||
478 !(s->csr[9] & CSR9_MII))) {
479
480 s->mii_word |= 1;
481 }
482
483 if (s->mii_bitcnt >= 16 && (s->csr[9] & CSR9_MII)) {
484 if (s->mii_word & 0x8000) {
485 s->csr[9] |= CSR9_MDI;
486 } else {
487 s->csr[9] &= ~CSR9_MDI;
488 }
489 }
490
491 if (s->mii_word == 0xffffffff) {
492 s->mii_bitcnt = 0;
493 } else if (s->mii_bitcnt == 16) {
494 op = (s->mii_word >> 12) & 0x0f;
495 phy = (s->mii_word >> 7) & 0x1f;
496 reg = (s->mii_word >> 2) & 0x1f;
497
498 if (op == 6) {
499 s->mii_word = tulip_mii_read(s, phy, reg);
500 }
501 } else if (s->mii_bitcnt == 32) {
502 op = (s->mii_word >> 28) & 0x0f;
503 phy = (s->mii_word >> 23) & 0x1f;
504 reg = (s->mii_word >> 18) & 0x1f;
505 data = s->mii_word & 0xffff;
506
507 if (op == 5) {
508 tulip_mii_write(s, phy, reg, data);
509 }
510 }
511}
512
513static uint32_t tulip_csr9_read(TULIPState *s)
514{
515 if (s->csr[9] & CSR9_SR) {
516 if (eeprom93xx_read(s->eeprom)) {
517 s->csr[9] |= CSR9_SR_DO;
518 } else {
519 s->csr[9] &= ~CSR9_SR_DO;
520 }
521 }
522
523 tulip_mii(s);
524 return s->csr[9];
525}
526
527static void tulip_update_ts(TULIPState *s, int state)
528{
529 s->csr[5] &= ~(CSR5_TS_MASK << CSR5_TS_SHIFT);
530 s->csr[5] |= (state & CSR5_TS_MASK) << CSR5_TS_SHIFT;
531 trace_tulip_tx_state(tulip_tx_state_name(state));
532}
533
534static uint64_t tulip_read(void *opaque, hwaddr addr,
535 unsigned size)
536{
537 TULIPState *s = opaque;
538 uint64_t data = 0;
539
540 switch (addr) {
541 case CSR(9):
542 data = tulip_csr9_read(s);
543 break;
544
545 case CSR(12):
546
547 data = 5 << CSR12_ANS_SHIFT;
548 break;
549
550 default:
551 if (addr & 7) {
552 qemu_log_mask(LOG_GUEST_ERROR, "%s: read access at unknown address"
553 " 0x%"PRIx64"\n", __func__, addr);
554 } else {
555 data = s->csr[addr >> 3];
556 }
557 break;
558 }
559 trace_tulip_reg_read(addr, tulip_reg_name(addr), size, data);
560 return data;
561}
562
563static void tulip_tx(TULIPState *s, struct tulip_descriptor *desc)
564{
565 if (s->tx_frame_len) {
566 if ((s->csr[6] >> CSR6_OM_SHIFT) & CSR6_OM_MASK) {
567
568 tulip_receive(s, s->tx_frame, s->tx_frame_len);
569 } else if (s->tx_frame_len <= sizeof(s->tx_frame)) {
570 qemu_send_packet(qemu_get_queue(s->nic),
571 s->tx_frame, s->tx_frame_len);
572 }
573 }
574
575 if (desc->control & TDES1_IC) {
576 s->csr[5] |= CSR5_TI;
577 tulip_update_int(s);
578 }
579}
580
581static int tulip_copy_tx_buffers(TULIPState *s, struct tulip_descriptor *desc)
582{
583 int len1 = (desc->control >> TDES1_BUF1_SIZE_SHIFT) & TDES1_BUF1_SIZE_MASK;
584 int len2 = (desc->control >> TDES1_BUF2_SIZE_SHIFT) & TDES1_BUF2_SIZE_MASK;
585
586 if (s->tx_frame_len + len1 > sizeof(s->tx_frame)) {
587 return -1;
588 }
589 if (len1) {
590 pci_dma_read(&s->dev, desc->buf_addr1,
591 s->tx_frame + s->tx_frame_len, len1);
592 s->tx_frame_len += len1;
593 }
594
595 if (s->tx_frame_len + len2 > sizeof(s->tx_frame)) {
596 return -1;
597 }
598 if (len2) {
599 pci_dma_read(&s->dev, desc->buf_addr2,
600 s->tx_frame + s->tx_frame_len, len2);
601 s->tx_frame_len += len2;
602 }
603 desc->status = (len1 + len2) ? 0 : 0x7fffffff;
604
605 return 0;
606}
607
608static void tulip_setup_filter_addr(TULIPState *s, uint8_t *buf, int n)
609{
610 int offset = n * 12;
611
612 s->filter[n][0] = buf[offset];
613 s->filter[n][1] = buf[offset + 1];
614
615 s->filter[n][2] = buf[offset + 4];
616 s->filter[n][3] = buf[offset + 5];
617
618 s->filter[n][4] = buf[offset + 8];
619 s->filter[n][5] = buf[offset + 9];
620
621 trace_tulip_setup_filter(n, s->filter[n][5], s->filter[n][4],
622 s->filter[n][3], s->filter[n][2], s->filter[n][1], s->filter[n][0]);
623}
624
625static void tulip_setup_frame(TULIPState *s,
626 struct tulip_descriptor *desc)
627{
628 uint8_t buf[4096];
629 int len = (desc->control >> TDES1_BUF1_SIZE_SHIFT) & TDES1_BUF1_SIZE_MASK;
630 int i;
631
632 trace_tulip_setup_frame();
633
634 if (len == 192) {
635 pci_dma_read(&s->dev, desc->buf_addr1, buf, len);
636 for (i = 0; i < 16; i++) {
637 tulip_setup_filter_addr(s, buf, i);
638 }
639 }
640
641 desc->status = 0x7fffffff;
642
643 if (desc->control & TDES1_IC) {
644 s->csr[5] |= CSR5_TI;
645 tulip_update_int(s);
646 }
647}
648
649static void tulip_next_tx_descriptor(TULIPState *s,
650 struct tulip_descriptor *desc)
651{
652 if (desc->control & TDES1_TER) {
653 s->current_tx_desc = s->csr[4];
654 } else if (desc->control & TDES1_TCH) {
655 s->current_tx_desc = desc->buf_addr2;
656 } else {
657 s->current_tx_desc += sizeof(struct tulip_descriptor) +
658 (((s->csr[0] >> CSR0_DSL_SHIFT) & CSR0_DSL_MASK) << 2);
659 }
660 s->current_tx_desc &= ~3ULL;
661}
662
663static uint32_t tulip_ts(TULIPState *s)
664{
665 return (s->csr[5] >> CSR5_TS_SHIFT) & CSR5_TS_MASK;
666}
667
668static void tulip_xmit_list_update(TULIPState *s)
669{
670#define TULIP_DESC_MAX 128
671 uint8_t i = 0;
672 struct tulip_descriptor desc;
673
674 if (tulip_ts(s) != CSR5_TS_SUSPENDED) {
675 return;
676 }
677
678 for (i = 0; i < TULIP_DESC_MAX; i++) {
679 tulip_desc_read(s, s->current_tx_desc, &desc);
680 tulip_dump_tx_descriptor(s, &desc);
681
682 if (!(desc.status & TDES0_OWN)) {
683 tulip_update_ts(s, CSR5_TS_SUSPENDED);
684 s->csr[5] |= CSR5_TU;
685 tulip_update_int(s);
686 return;
687 }
688
689 if (desc.control & TDES1_SET) {
690 tulip_setup_frame(s, &desc);
691 } else {
692 if (desc.control & TDES1_FS) {
693 s->tx_frame_len = 0;
694 }
695
696 if (!tulip_copy_tx_buffers(s, &desc)) {
697 if (desc.control & TDES1_LS) {
698 tulip_tx(s, &desc);
699 }
700 }
701 }
702 tulip_desc_write(s, s->current_tx_desc, &desc);
703 tulip_next_tx_descriptor(s, &desc);
704 }
705}
706
707static void tulip_csr9_write(TULIPState *s, uint32_t old_val,
708 uint32_t new_val)
709{
710 if (new_val & CSR9_SR) {
711 eeprom93xx_write(s->eeprom,
712 !!(new_val & CSR9_SR_CS),
713 !!(new_val & CSR9_SR_SK),
714 !!(new_val & CSR9_SR_DI));
715 }
716}
717
718static void tulip_reset(TULIPState *s)
719{
720 trace_tulip_reset();
721
722 s->csr[0] = 0xfe000000;
723 s->csr[1] = 0xffffffff;
724 s->csr[2] = 0xffffffff;
725 s->csr[5] = 0xf0000000;
726 s->csr[6] = 0x32000040;
727 s->csr[7] = 0xf3fe0000;
728 s->csr[8] = 0xe0000000;
729 s->csr[9] = 0xfff483ff;
730 s->csr[11] = 0xfffe0000;
731 s->csr[12] = 0x000000c6;
732 s->csr[13] = 0xffff0000;
733 s->csr[14] = 0xffffffff;
734 s->csr[15] = 0x8ff00000;
735}
736
737static void tulip_qdev_reset(DeviceState *dev)
738{
739 PCIDevice *d = PCI_DEVICE(dev);
740 TULIPState *s = TULIP(d);
741
742 tulip_reset(s);
743}
744
745static void tulip_write(void *opaque, hwaddr addr,
746 uint64_t data, unsigned size)
747{
748 TULIPState *s = opaque;
749 trace_tulip_reg_write(addr, tulip_reg_name(addr), size, data);
750
751 switch (addr) {
752 case CSR(0):
753 s->csr[0] = data;
754 if (data & CSR0_SWR) {
755 tulip_reset(s);
756 tulip_update_int(s);
757 }
758 break;
759
760 case CSR(1):
761 tulip_xmit_list_update(s);
762 break;
763
764 case CSR(2):
765 qemu_flush_queued_packets(qemu_get_queue(s->nic));
766 break;
767
768 case CSR(3):
769 s->csr[3] = data & ~3ULL;
770 s->current_rx_desc = s->csr[3];
771 qemu_flush_queued_packets(qemu_get_queue(s->nic));
772 break;
773
774 case CSR(4):
775 s->csr[4] = data & ~3ULL;
776 s->current_tx_desc = s->csr[4];
777 tulip_xmit_list_update(s);
778 break;
779
780 case CSR(5):
781
782 s->csr[5] &= ~(data & (CSR5_TI | CSR5_TPS | CSR5_TU | CSR5_TJT |
783 CSR5_LNP_ANC | CSR5_UNF | CSR5_RI | CSR5_RU |
784 CSR5_RPS | CSR5_RWT | CSR5_ETI | CSR5_GTE |
785 CSR5_LNF | CSR5_FBE | CSR5_ERI | CSR5_AIS |
786 CSR5_NIS | CSR5_GPI | CSR5_LC));
787 tulip_update_int(s);
788 break;
789
790 case CSR(6):
791 s->csr[6] = data;
792 if (s->csr[6] & CSR6_SR) {
793 tulip_update_rs(s, CSR5_RS_RUNNING_WAIT_RECEIVE);
794 qemu_flush_queued_packets(qemu_get_queue(s->nic));
795 } else {
796 tulip_update_rs(s, CSR5_RS_STOPPED);
797 }
798
799 if (s->csr[6] & CSR6_ST) {
800 tulip_update_ts(s, CSR5_TS_SUSPENDED);
801 tulip_xmit_list_update(s);
802 } else {
803 tulip_update_ts(s, CSR5_TS_STOPPED);
804 }
805 break;
806
807 case CSR(7):
808 s->csr[7] = data;
809 tulip_update_int(s);
810 break;
811
812 case CSR(8):
813 s->csr[9] = data;
814 break;
815
816 case CSR(9):
817 tulip_csr9_write(s, s->csr[9], data);
818
819 s->csr[9] &= CSR9_MDI;
820 s->csr[9] |= (data & ~CSR9_MDI);
821 tulip_mii(s);
822 s->old_csr9 = s->csr[9];
823 break;
824
825 case CSR(10):
826 s->csr[10] = data;
827 break;
828
829 case CSR(11):
830 s->csr[11] = data;
831 break;
832
833 case CSR(12):
834
835 s->csr[12] &= ~(data & (CSR12_MRA | CSR12_TRA | CSR12_ARA));
836 break;
837
838 case CSR(13):
839 s->csr[13] = data;
840 break;
841
842 case CSR(14):
843 s->csr[14] = data;
844 break;
845
846 case CSR(15):
847 s->csr[15] = data;
848 break;
849
850 default:
851 qemu_log_mask(LOG_GUEST_ERROR, "%s: write to CSR at unknown address "
852 "0x%"PRIx64"\n", __func__, addr);
853 break;
854 }
855}
856
857static const MemoryRegionOps tulip_ops = {
858 .read = tulip_read,
859 .write = tulip_write,
860 .endianness = DEVICE_LITTLE_ENDIAN,
861 .impl = {
862 .min_access_size = 4,
863 .max_access_size = 4,
864 },
865};
866
867static void tulip_idblock_crc(TULIPState *s, uint16_t *srom)
868{
869 int word, n;
870 int bit;
871 unsigned char bitval, crc;
872 const int len = 9;
873 n = 0;
874 crc = -1;
875
876 for (word = 0; word < len; word++) {
877 for (bit = 15; bit >= 0; bit--) {
878 if ((word == (len - 1)) && (bit == 7)) {
879
880
881
882
883 srom[len - 1] = (srom[len - 1] & 0xff00) | (unsigned short)crc;
884 break;
885 }
886 n++;
887 bitval = ((srom[word] >> bit) & 1) ^ ((crc >> 7) & 1);
888 crc = crc << 1;
889 if (bitval == 1) {
890 crc ^= 6;
891 crc |= 0x01;
892 }
893 }
894 }
895}
896
897static uint16_t tulip_srom_crc(TULIPState *s, uint8_t *eeprom, size_t len)
898{
899 unsigned long crc = 0xffffffff;
900 unsigned long flippedcrc = 0;
901 unsigned char currentbyte;
902 unsigned int msb, bit, i;
903
904 for (i = 0; i < len; i++) {
905 currentbyte = eeprom[i];
906 for (bit = 0; bit < 8; bit++) {
907 msb = (crc >> 31) & 1;
908 crc <<= 1;
909 if (msb ^ (currentbyte & 1)) {
910 crc ^= 0x04c11db6;
911 crc |= 0x00000001;
912 }
913 currentbyte >>= 1;
914 }
915 }
916
917 for (i = 0; i < 32; i++) {
918 flippedcrc <<= 1;
919 bit = crc & 1;
920 crc >>= 1;
921 flippedcrc += bit;
922 }
923 return (flippedcrc ^ 0xffffffff) & 0xffff;
924}
925
926static const uint8_t eeprom_default[128] = {
927 0x3c, 0x10, 0x4f, 0x10, 0x00, 0x00, 0x00, 0x00,
928 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
929 0x56, 0x08, 0x04, 0x01, 0x00, 0x80, 0x48, 0xb3,
930 0x0e, 0xa7, 0x00, 0x1e, 0x00, 0x00, 0x00, 0x08,
931 0x01, 0x8d, 0x03, 0x00, 0x00, 0x00, 0x00, 0x78,
932 0xe0, 0x01, 0x00, 0x50, 0x00, 0x18, 0x00, 0x00,
933 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
934 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
935 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
936 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
937 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
938 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe8, 0x6b,
939 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
940 0x48, 0xb3, 0x0e, 0xa7, 0x40, 0x00, 0x00, 0x00,
941 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
942 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
943};
944
945static void tulip_fill_eeprom(TULIPState *s)
946{
947 uint16_t *eeprom = eeprom93xx_data(s->eeprom);
948 memcpy(eeprom, eeprom_default, 128);
949
950
951 eeprom[10] = cpu_to_le16(s->c.macaddr.a[0] | (s->c.macaddr.a[1] << 8));
952 eeprom[11] = cpu_to_le16(s->c.macaddr.a[2] | (s->c.macaddr.a[3] << 8));
953 eeprom[12] = cpu_to_le16(s->c.macaddr.a[4] | (s->c.macaddr.a[5] << 8));
954 tulip_idblock_crc(s, eeprom);
955 eeprom[63] = cpu_to_le16(tulip_srom_crc(s, (uint8_t *)eeprom, 126));
956}
957
958static void pci_tulip_realize(PCIDevice *pci_dev, Error **errp)
959{
960 TULIPState *s = DO_UPCAST(TULIPState, dev, pci_dev);
961 uint8_t *pci_conf;
962
963 pci_conf = s->dev.config;
964 pci_conf[PCI_INTERRUPT_PIN] = 1;
965
966 s->eeprom = eeprom93xx_new(&pci_dev->qdev, 64);
967 tulip_fill_eeprom(s);
968
969 memory_region_init_io(&s->io, OBJECT(&s->dev), &tulip_ops, s,
970 "tulip-io", 128);
971
972 memory_region_init_io(&s->memory, OBJECT(&s->dev), &tulip_ops, s,
973 "tulip-mem", 128);
974
975 pci_register_bar(&s->dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io);
976 pci_register_bar(&s->dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->memory);
977
978 s->irq = pci_allocate_irq(&s->dev);
979
980 qemu_macaddr_default_if_unset(&s->c.macaddr);
981
982 s->nic = qemu_new_nic(&net_tulip_info, &s->c,
983 object_get_typename(OBJECT(pci_dev)),
984 pci_dev->qdev.id, s);
985 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->c.macaddr.a);
986}
987
988static void pci_tulip_exit(PCIDevice *pci_dev)
989{
990 TULIPState *s = DO_UPCAST(TULIPState, dev, pci_dev);
991
992 qemu_del_nic(s->nic);
993 qemu_free_irq(s->irq);
994 eeprom93xx_free(&pci_dev->qdev, s->eeprom);
995}
996
997static void tulip_instance_init(Object *obj)
998{
999 PCIDevice *pci_dev = PCI_DEVICE(obj);
1000 TULIPState *d = DO_UPCAST(TULIPState, dev, pci_dev);
1001
1002 device_add_bootindex_property(obj, &d->c.bootindex,
1003 "bootindex", "/ethernet-phy@0",
1004 &pci_dev->qdev, NULL);
1005}
1006
1007static Property tulip_properties[] = {
1008 DEFINE_NIC_PROPERTIES(TULIPState, c),
1009 DEFINE_PROP_END_OF_LIST(),
1010};
1011
1012static void tulip_class_init(ObjectClass *klass, void *data)
1013{
1014 DeviceClass *dc = DEVICE_CLASS(klass);
1015 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1016
1017 k->realize = pci_tulip_realize;
1018 k->exit = pci_tulip_exit;
1019 k->vendor_id = PCI_VENDOR_ID_DEC;
1020 k->device_id = PCI_DEVICE_ID_DEC_21143;
1021 k->subsystem_vendor_id = 0x103c;
1022 k->subsystem_id = 0x104f;
1023 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
1024 dc->vmsd = &vmstate_pci_tulip;
1025 device_class_set_props(dc, tulip_properties);
1026 dc->reset = tulip_qdev_reset;
1027 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
1028}
1029
1030static const TypeInfo tulip_info = {
1031 .name = TYPE_TULIP,
1032 .parent = TYPE_PCI_DEVICE,
1033 .instance_size = sizeof(TULIPState),
1034 .class_init = tulip_class_init,
1035 .instance_init = tulip_instance_init,
1036 .interfaces = (InterfaceInfo[]) {
1037 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
1038 { },
1039 },
1040};
1041
1042static void tulip_register_types(void)
1043{
1044 type_register_static(&tulip_info);
1045}
1046
1047type_init(tulip_register_types)
1048
