1
2
3
4
5
6
7
8
9
10
11
12
13#include "qemu/osdep.h"
14#include "hw/sysbus.h"
15#include "migration/vmstate.h"
16#include "net/net.h"
17#include "net/eth.h"
18#include "hw/irq.h"
19#include "hw/net/lan9118.h"
20#include "hw/ptimer.h"
21#include "hw/qdev-properties.h"
22#include "qapi/error.h"
23#include "qemu/log.h"
24#include "qemu/module.h"
25
26#include <zlib.h>
27#include "qom/object.h"
28
29
30
31#ifdef DEBUG_LAN9118
32#define DPRINTF(fmt, ...) \
33do { printf("lan9118: " fmt , ## __VA_ARGS__); } while (0)
34#else
35#define DPRINTF(fmt, ...) do {} while(0)
36#endif
37
38
39#define RX_DATA_FIFO_PORT_FIRST 0x00
40#define RX_DATA_FIFO_PORT_LAST 0x1f
41#define TX_DATA_FIFO_PORT_FIRST 0x20
42#define TX_DATA_FIFO_PORT_LAST 0x3f
43
44#define RX_STATUS_FIFO_PORT 0x40
45#define RX_STATUS_FIFO_PEEK 0x44
46#define TX_STATUS_FIFO_PORT 0x48
47#define TX_STATUS_FIFO_PEEK 0x4c
48
49#define CSR_ID_REV 0x50
50#define CSR_IRQ_CFG 0x54
51#define CSR_INT_STS 0x58
52#define CSR_INT_EN 0x5c
53#define CSR_BYTE_TEST 0x64
54#define CSR_FIFO_INT 0x68
55#define CSR_RX_CFG 0x6c
56#define CSR_TX_CFG 0x70
57#define CSR_HW_CFG 0x74
58#define CSR_RX_DP_CTRL 0x78
59#define CSR_RX_FIFO_INF 0x7c
60#define CSR_TX_FIFO_INF 0x80
61#define CSR_PMT_CTRL 0x84
62#define CSR_GPIO_CFG 0x88
63#define CSR_GPT_CFG 0x8c
64#define CSR_GPT_CNT 0x90
65#define CSR_WORD_SWAP 0x98
66#define CSR_FREE_RUN 0x9c
67#define CSR_RX_DROP 0xa0
68#define CSR_MAC_CSR_CMD 0xa4
69#define CSR_MAC_CSR_DATA 0xa8
70#define CSR_AFC_CFG 0xac
71#define CSR_E2P_CMD 0xb0
72#define CSR_E2P_DATA 0xb4
73
74#define E2P_CMD_MAC_ADDR_LOADED 0x100
75
76
77#define IRQ_INT 0x00001000
78#define IRQ_EN 0x00000100
79#define IRQ_POL 0x00000010
80#define IRQ_TYPE 0x00000001
81
82
83#define SW_INT 0x80000000
84#define TXSTOP_INT 0x02000000
85#define RXSTOP_INT 0x01000000
86#define RXDFH_INT 0x00800000
87#define TX_IOC_INT 0x00200000
88#define RXD_INT 0x00100000
89#define GPT_INT 0x00080000
90#define PHY_INT 0x00040000
91#define PME_INT 0x00020000
92#define TXSO_INT 0x00010000
93#define RWT_INT 0x00008000
94#define RXE_INT 0x00004000
95#define TXE_INT 0x00002000
96#define TDFU_INT 0x00000800
97#define TDFO_INT 0x00000400
98#define TDFA_INT 0x00000200
99#define TSFF_INT 0x00000100
100#define TSFL_INT 0x00000080
101#define RXDF_INT 0x00000040
102#define RDFL_INT 0x00000020
103#define RSFF_INT 0x00000010
104#define RSFL_INT 0x00000008
105#define GPIO2_INT 0x00000004
106#define GPIO1_INT 0x00000002
107#define GPIO0_INT 0x00000001
108#define RESERVED_INT 0x7c001000
109
110#define MAC_CR 1
111#define MAC_ADDRH 2
112#define MAC_ADDRL 3
113#define MAC_HASHH 4
114#define MAC_HASHL 5
115#define MAC_MII_ACC 6
116#define MAC_MII_DATA 7
117#define MAC_FLOW 8
118#define MAC_VLAN1 9
119#define MAC_VLAN2 10
120#define MAC_WUFF 11
121#define MAC_WUCSR 12
122
123#define MAC_CR_RXALL 0x80000000
124#define MAC_CR_RCVOWN 0x00800000
125#define MAC_CR_LOOPBK 0x00200000
126#define MAC_CR_FDPX 0x00100000
127#define MAC_CR_MCPAS 0x00080000
128#define MAC_CR_PRMS 0x00040000
129#define MAC_CR_INVFILT 0x00020000
130#define MAC_CR_PASSBAD 0x00010000
131#define MAC_CR_HO 0x00008000
132#define MAC_CR_HPFILT 0x00002000
133#define MAC_CR_LCOLL 0x00001000
134#define MAC_CR_BCAST 0x00000800
135#define MAC_CR_DISRTY 0x00000400
136#define MAC_CR_PADSTR 0x00000100
137#define MAC_CR_BOLMT 0x000000c0
138#define MAC_CR_DFCHK 0x00000020
139#define MAC_CR_TXEN 0x00000008
140#define MAC_CR_RXEN 0x00000004
141#define MAC_CR_RESERVED 0x7f404213
142
143#define PHY_INT_ENERGYON 0x80
144#define PHY_INT_AUTONEG_COMPLETE 0x40
145#define PHY_INT_FAULT 0x20
146#define PHY_INT_DOWN 0x10
147#define PHY_INT_AUTONEG_LP 0x08
148#define PHY_INT_PARFAULT 0x04
149#define PHY_INT_AUTONEG_PAGE 0x02
150
151#define GPT_TIMER_EN 0x20000000
152
153enum tx_state {
154 TX_IDLE,
155 TX_B,
156 TX_DATA
157};
158
159typedef struct {
160
161 uint32_t state;
162 uint32_t cmd_a;
163 uint32_t cmd_b;
164 int32_t buffer_size;
165 int32_t offset;
166 int32_t pad;
167 int32_t fifo_used;
168 int32_t len;
169 uint8_t data[2048];
170} LAN9118Packet;
171
172static const VMStateDescription vmstate_lan9118_packet = {
173 .name = "lan9118_packet",
174 .version_id = 1,
175 .minimum_version_id = 1,
176 .fields = (VMStateField[]) {
177 VMSTATE_UINT32(state, LAN9118Packet),
178 VMSTATE_UINT32(cmd_a, LAN9118Packet),
179 VMSTATE_UINT32(cmd_b, LAN9118Packet),
180 VMSTATE_INT32(buffer_size, LAN9118Packet),
181 VMSTATE_INT32(offset, LAN9118Packet),
182 VMSTATE_INT32(pad, LAN9118Packet),
183 VMSTATE_INT32(fifo_used, LAN9118Packet),
184 VMSTATE_INT32(len, LAN9118Packet),
185 VMSTATE_UINT8_ARRAY(data, LAN9118Packet, 2048),
186 VMSTATE_END_OF_LIST()
187 }
188};
189
190OBJECT_DECLARE_SIMPLE_TYPE(lan9118_state, LAN9118)
191
192struct lan9118_state {
193 SysBusDevice parent_obj;
194
195 NICState *nic;
196 NICConf conf;
197 qemu_irq irq;
198 MemoryRegion mmio;
199 ptimer_state *timer;
200
201 uint32_t irq_cfg;
202 uint32_t int_sts;
203 uint32_t int_en;
204 uint32_t fifo_int;
205 uint32_t rx_cfg;
206 uint32_t tx_cfg;
207 uint32_t hw_cfg;
208 uint32_t pmt_ctrl;
209 uint32_t gpio_cfg;
210 uint32_t gpt_cfg;
211 uint32_t word_swap;
212 uint32_t free_timer_start;
213 uint32_t mac_cmd;
214 uint32_t mac_data;
215 uint32_t afc_cfg;
216 uint32_t e2p_cmd;
217 uint32_t e2p_data;
218
219 uint32_t mac_cr;
220 uint32_t mac_hashh;
221 uint32_t mac_hashl;
222 uint32_t mac_mii_acc;
223 uint32_t mac_mii_data;
224 uint32_t mac_flow;
225
226 uint32_t phy_status;
227 uint32_t phy_control;
228 uint32_t phy_advertise;
229 uint32_t phy_int;
230 uint32_t phy_int_mask;
231
232 int32_t eeprom_writable;
233 uint8_t eeprom[128];
234
235 int32_t tx_fifo_size;
236 LAN9118Packet *txp;
237 LAN9118Packet tx_packet;
238
239 int32_t tx_status_fifo_used;
240 int32_t tx_status_fifo_head;
241 uint32_t tx_status_fifo[512];
242
243 int32_t rx_status_fifo_size;
244 int32_t rx_status_fifo_used;
245 int32_t rx_status_fifo_head;
246 uint32_t rx_status_fifo[896];
247 int32_t rx_fifo_size;
248 int32_t rx_fifo_used;
249 int32_t rx_fifo_head;
250 uint32_t rx_fifo[3360];
251 int32_t rx_packet_size_head;
252 int32_t rx_packet_size_tail;
253 int32_t rx_packet_size[1024];
254
255 int32_t rxp_offset;
256 int32_t rxp_size;
257 int32_t rxp_pad;
258
259 uint32_t write_word_prev_offset;
260 uint32_t write_word_n;
261 uint16_t write_word_l;
262 uint16_t write_word_h;
263 uint32_t read_word_prev_offset;
264 uint32_t read_word_n;
265 uint32_t read_long;
266
267 uint32_t mode_16bit;
268};
269
270static const VMStateDescription vmstate_lan9118 = {
271 .name = "lan9118",
272 .version_id = 2,
273 .minimum_version_id = 1,
274 .fields = (VMStateField[]) {
275 VMSTATE_PTIMER(timer, lan9118_state),
276 VMSTATE_UINT32(irq_cfg, lan9118_state),
277 VMSTATE_UINT32(int_sts, lan9118_state),
278 VMSTATE_UINT32(int_en, lan9118_state),
279 VMSTATE_UINT32(fifo_int, lan9118_state),
280 VMSTATE_UINT32(rx_cfg, lan9118_state),
281 VMSTATE_UINT32(tx_cfg, lan9118_state),
282 VMSTATE_UINT32(hw_cfg, lan9118_state),
283 VMSTATE_UINT32(pmt_ctrl, lan9118_state),
284 VMSTATE_UINT32(gpio_cfg, lan9118_state),
285 VMSTATE_UINT32(gpt_cfg, lan9118_state),
286 VMSTATE_UINT32(word_swap, lan9118_state),
287 VMSTATE_UINT32(free_timer_start, lan9118_state),
288 VMSTATE_UINT32(mac_cmd, lan9118_state),
289 VMSTATE_UINT32(mac_data, lan9118_state),
290 VMSTATE_UINT32(afc_cfg, lan9118_state),
291 VMSTATE_UINT32(e2p_cmd, lan9118_state),
292 VMSTATE_UINT32(e2p_data, lan9118_state),
293 VMSTATE_UINT32(mac_cr, lan9118_state),
294 VMSTATE_UINT32(mac_hashh, lan9118_state),
295 VMSTATE_UINT32(mac_hashl, lan9118_state),
296 VMSTATE_UINT32(mac_mii_acc, lan9118_state),
297 VMSTATE_UINT32(mac_mii_data, lan9118_state),
298 VMSTATE_UINT32(mac_flow, lan9118_state),
299 VMSTATE_UINT32(phy_status, lan9118_state),
300 VMSTATE_UINT32(phy_control, lan9118_state),
301 VMSTATE_UINT32(phy_advertise, lan9118_state),
302 VMSTATE_UINT32(phy_int, lan9118_state),
303 VMSTATE_UINT32(phy_int_mask, lan9118_state),
304 VMSTATE_INT32(eeprom_writable, lan9118_state),
305 VMSTATE_UINT8_ARRAY(eeprom, lan9118_state, 128),
306 VMSTATE_INT32(tx_fifo_size, lan9118_state),
307
308 VMSTATE_STRUCT(tx_packet, lan9118_state, 0,
309 vmstate_lan9118_packet, LAN9118Packet),
310 VMSTATE_INT32(tx_status_fifo_used, lan9118_state),
311 VMSTATE_INT32(tx_status_fifo_head, lan9118_state),
312 VMSTATE_UINT32_ARRAY(tx_status_fifo, lan9118_state, 512),
313 VMSTATE_INT32(rx_status_fifo_size, lan9118_state),
314 VMSTATE_INT32(rx_status_fifo_used, lan9118_state),
315 VMSTATE_INT32(rx_status_fifo_head, lan9118_state),
316 VMSTATE_UINT32_ARRAY(rx_status_fifo, lan9118_state, 896),
317 VMSTATE_INT32(rx_fifo_size, lan9118_state),
318 VMSTATE_INT32(rx_fifo_used, lan9118_state),
319 VMSTATE_INT32(rx_fifo_head, lan9118_state),
320 VMSTATE_UINT32_ARRAY(rx_fifo, lan9118_state, 3360),
321 VMSTATE_INT32(rx_packet_size_head, lan9118_state),
322 VMSTATE_INT32(rx_packet_size_tail, lan9118_state),
323 VMSTATE_INT32_ARRAY(rx_packet_size, lan9118_state, 1024),
324 VMSTATE_INT32(rxp_offset, lan9118_state),
325 VMSTATE_INT32(rxp_size, lan9118_state),
326 VMSTATE_INT32(rxp_pad, lan9118_state),
327 VMSTATE_UINT32_V(write_word_prev_offset, lan9118_state, 2),
328 VMSTATE_UINT32_V(write_word_n, lan9118_state, 2),
329 VMSTATE_UINT16_V(write_word_l, lan9118_state, 2),
330 VMSTATE_UINT16_V(write_word_h, lan9118_state, 2),
331 VMSTATE_UINT32_V(read_word_prev_offset, lan9118_state, 2),
332 VMSTATE_UINT32_V(read_word_n, lan9118_state, 2),
333 VMSTATE_UINT32_V(read_long, lan9118_state, 2),
334 VMSTATE_UINT32_V(mode_16bit, lan9118_state, 2),
335 VMSTATE_END_OF_LIST()
336 }
337};
338
339static void lan9118_update(lan9118_state *s)
340{
341 int level;
342
343
344 level = (s->int_sts & s->int_en) != 0;
345 if (level) {
346 s->irq_cfg |= IRQ_INT;
347 } else {
348 s->irq_cfg &= ~IRQ_INT;
349 }
350 if ((s->irq_cfg & IRQ_EN) == 0) {
351 level = 0;
352 }
353 if ((s->irq_cfg & (IRQ_TYPE | IRQ_POL)) != (IRQ_TYPE | IRQ_POL)) {
354
355
356
357 level = !level;
358 }
359 qemu_set_irq(s->irq, level);
360}
361
362static void lan9118_mac_changed(lan9118_state *s)
363{
364 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a);
365}
366
367static void lan9118_reload_eeprom(lan9118_state *s)
368{
369 int i;
370 if (s->eeprom[0] != 0xa5) {
371 s->e2p_cmd &= ~E2P_CMD_MAC_ADDR_LOADED;
372 DPRINTF("MACADDR load failed\n");
373 return;
374 }
375 for (i = 0; i < 6; i++) {
376 s->conf.macaddr.a[i] = s->eeprom[i + 1];
377 }
378 s->e2p_cmd |= E2P_CMD_MAC_ADDR_LOADED;
379 DPRINTF("MACADDR loaded from eeprom\n");
380 lan9118_mac_changed(s);
381}
382
383static void phy_update_irq(lan9118_state *s)
384{
385 if (s->phy_int & s->phy_int_mask) {
386 s->int_sts |= PHY_INT;
387 } else {
388 s->int_sts &= ~PHY_INT;
389 }
390 lan9118_update(s);
391}
392
393static void phy_update_link(lan9118_state *s)
394{
395
396 if (qemu_get_queue(s->nic)->link_down) {
397 s->phy_status &= ~0x0024;
398 s->phy_int |= PHY_INT_DOWN;
399 } else {
400 s->phy_status |= 0x0024;
401 s->phy_int |= PHY_INT_ENERGYON;
402 s->phy_int |= PHY_INT_AUTONEG_COMPLETE;
403 }
404 phy_update_irq(s);
405}
406
407static void lan9118_set_link(NetClientState *nc)
408{
409 phy_update_link(qemu_get_nic_opaque(nc));
410}
411
412static void phy_reset(lan9118_state *s)
413{
414 s->phy_status = 0x7809;
415 s->phy_control = 0x3000;
416 s->phy_advertise = 0x01e1;
417 s->phy_int_mask = 0;
418 s->phy_int = 0;
419 phy_update_link(s);
420}
421
422static void lan9118_reset(DeviceState *d)
423{
424 lan9118_state *s = LAN9118(d);
425
426 s->irq_cfg &= (IRQ_TYPE | IRQ_POL);
427 s->int_sts = 0;
428 s->int_en = 0;
429 s->fifo_int = 0x48000000;
430 s->rx_cfg = 0;
431 s->tx_cfg = 0;
432 s->hw_cfg = s->mode_16bit ? 0x00050000 : 0x00050004;
433 s->pmt_ctrl &= 0x45;
434 s->gpio_cfg = 0;
435 s->txp->fifo_used = 0;
436 s->txp->state = TX_IDLE;
437 s->txp->cmd_a = 0xffffffffu;
438 s->txp->cmd_b = 0xffffffffu;
439 s->txp->len = 0;
440 s->txp->fifo_used = 0;
441 s->tx_fifo_size = 4608;
442 s->tx_status_fifo_used = 0;
443 s->rx_status_fifo_size = 704;
444 s->rx_fifo_size = 2640;
445 s->rx_fifo_used = 0;
446 s->rx_status_fifo_size = 176;
447 s->rx_status_fifo_used = 0;
448 s->rxp_offset = 0;
449 s->rxp_size = 0;
450 s->rxp_pad = 0;
451 s->rx_packet_size_tail = s->rx_packet_size_head;
452 s->rx_packet_size[s->rx_packet_size_head] = 0;
453 s->mac_cmd = 0;
454 s->mac_data = 0;
455 s->afc_cfg = 0;
456 s->e2p_cmd = 0;
457 s->e2p_data = 0;
458 s->free_timer_start = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40;
459
460 ptimer_transaction_begin(s->timer);
461 ptimer_stop(s->timer);
462 ptimer_set_count(s->timer, 0xffff);
463 ptimer_transaction_commit(s->timer);
464 s->gpt_cfg = 0xffff;
465
466 s->mac_cr = MAC_CR_PRMS;
467 s->mac_hashh = 0;
468 s->mac_hashl = 0;
469 s->mac_mii_acc = 0;
470 s->mac_mii_data = 0;
471 s->mac_flow = 0;
472
473 s->read_word_n = 0;
474 s->write_word_n = 0;
475
476 phy_reset(s);
477
478 s->eeprom_writable = 0;
479 lan9118_reload_eeprom(s);
480}
481
482static void rx_fifo_push(lan9118_state *s, uint32_t val)
483{
484 int fifo_pos;
485 fifo_pos = s->rx_fifo_head + s->rx_fifo_used;
486 if (fifo_pos >= s->rx_fifo_size)
487 fifo_pos -= s->rx_fifo_size;
488 s->rx_fifo[fifo_pos] = val;
489 s->rx_fifo_used++;
490}
491
492
493static int lan9118_filter(lan9118_state *s, const uint8_t *addr)
494{
495 int multicast;
496 uint32_t hash;
497
498 if (s->mac_cr & MAC_CR_PRMS) {
499 return 1;
500 }
501 if (addr[0] == 0xff && addr[1] == 0xff && addr[2] == 0xff &&
502 addr[3] == 0xff && addr[4] == 0xff && addr[5] == 0xff) {
503 return (s->mac_cr & MAC_CR_BCAST) == 0;
504 }
505
506 multicast = addr[0] & 1;
507 if (multicast &&s->mac_cr & MAC_CR_MCPAS) {
508 return 1;
509 }
510 if (multicast ? (s->mac_cr & MAC_CR_HPFILT) == 0
511 : (s->mac_cr & MAC_CR_HO) == 0) {
512
513 hash = memcmp(addr, s->conf.macaddr.a, 6);
514 if (s->mac_cr & MAC_CR_INVFILT) {
515 return hash != 0;
516 } else {
517 return hash == 0;
518 }
519 } else {
520
521 hash = net_crc32(addr, ETH_ALEN) >> 26;
522 if (hash & 0x20) {
523 return (s->mac_hashh >> (hash & 0x1f)) & 1;
524 } else {
525 return (s->mac_hashl >> (hash & 0x1f)) & 1;
526 }
527 }
528}
529
530static ssize_t lan9118_receive(NetClientState *nc, const uint8_t *buf,
531 size_t size)
532{
533 lan9118_state *s = qemu_get_nic_opaque(nc);
534 int fifo_len;
535 int offset;
536 int src_pos;
537 int n;
538 int filter;
539 uint32_t val;
540 uint32_t crc;
541 uint32_t status;
542
543 if ((s->mac_cr & MAC_CR_RXEN) == 0) {
544 return -1;
545 }
546
547 if (size >= 2048 || size < 14) {
548 return -1;
549 }
550
551
552 if (s->rx_status_fifo_used == s->rx_status_fifo_size) {
553 return -1;
554 }
555
556 filter = lan9118_filter(s, buf);
557 if (!filter && (s->mac_cr & MAC_CR_RXALL) == 0) {
558 return size;
559 }
560
561 offset = (s->rx_cfg >> 8) & 0x1f;
562 n = offset & 3;
563 fifo_len = (size + n + 3) >> 2;
564
565 fifo_len++;
566 if (s->rx_fifo_size - s->rx_fifo_used < fifo_len) {
567 return -1;
568 }
569
570 DPRINTF("Got packet len:%d fifo:%d filter:%s\n",
571 (int)size, fifo_len, filter ? "pass" : "fail");
572 val = 0;
573 crc = bswap32(crc32(~0, buf, size));
574 for (src_pos = 0; src_pos < size; src_pos++) {
575 val = (val >> 8) | ((uint32_t)buf[src_pos] << 24);
576 n++;
577 if (n == 4) {
578 n = 0;
579 rx_fifo_push(s, val);
580 val = 0;
581 }
582 }
583 if (n) {
584 val >>= ((4 - n) * 8);
585 val |= crc << (n * 8);
586 rx_fifo_push(s, val);
587 val = crc >> ((4 - n) * 8);
588 rx_fifo_push(s, val);
589 } else {
590 rx_fifo_push(s, crc);
591 }
592 n = s->rx_status_fifo_head + s->rx_status_fifo_used;
593 if (n >= s->rx_status_fifo_size) {
594 n -= s->rx_status_fifo_size;
595 }
596 s->rx_packet_size[s->rx_packet_size_tail] = fifo_len;
597 s->rx_packet_size_tail = (s->rx_packet_size_tail + 1023) & 1023;
598 s->rx_status_fifo_used++;
599
600 status = (size + 4) << 16;
601 if (buf[0] == 0xff && buf[1] == 0xff && buf[2] == 0xff &&
602 buf[3] == 0xff && buf[4] == 0xff && buf[5] == 0xff) {
603 status |= 0x00002000;
604 } else if (buf[0] & 1) {
605 status |= 0x00000400;
606 }
607 if (!filter) {
608 status |= 0x40000000;
609 }
610 s->rx_status_fifo[n] = status;
611
612 if (s->rx_status_fifo_used > (s->fifo_int & 0xff)) {
613 s->int_sts |= RSFL_INT;
614 }
615 lan9118_update(s);
616
617 return size;
618}
619
620static uint32_t rx_fifo_pop(lan9118_state *s)
621{
622 int n;
623 uint32_t val;
624
625 if (s->rxp_size == 0 && s->rxp_pad == 0) {
626 s->rxp_size = s->rx_packet_size[s->rx_packet_size_head];
627 s->rx_packet_size[s->rx_packet_size_head] = 0;
628 if (s->rxp_size != 0) {
629 s->rx_packet_size_head = (s->rx_packet_size_head + 1023) & 1023;
630 s->rxp_offset = (s->rx_cfg >> 10) & 7;
631 n = s->rxp_offset + s->rxp_size;
632 switch (s->rx_cfg >> 30) {
633 case 1:
634 n = (-n) & 3;
635 break;
636 case 2:
637 n = (-n) & 7;
638 break;
639 default:
640 n = 0;
641 break;
642 }
643 s->rxp_pad = n;
644 DPRINTF("Pop packet size:%d offset:%d pad: %d\n",
645 s->rxp_size, s->rxp_offset, s->rxp_pad);
646 }
647 }
648 if (s->rxp_offset > 0) {
649 s->rxp_offset--;
650 val = 0;
651 } else if (s->rxp_size > 0) {
652 s->rxp_size--;
653 val = s->rx_fifo[s->rx_fifo_head++];
654 if (s->rx_fifo_head >= s->rx_fifo_size) {
655 s->rx_fifo_head -= s->rx_fifo_size;
656 }
657 s->rx_fifo_used--;
658 } else if (s->rxp_pad > 0) {
659 s->rxp_pad--;
660 val = 0;
661 } else {
662 DPRINTF("RX underflow\n");
663 s->int_sts |= RXE_INT;
664 val = 0;
665 }
666 lan9118_update(s);
667 return val;
668}
669
670static void do_tx_packet(lan9118_state *s)
671{
672 int n;
673 uint32_t status;
674
675
676 if (s->phy_control & 0x4000) {
677
678 qemu_receive_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len);
679 } else {
680 qemu_send_packet(qemu_get_queue(s->nic), s->txp->data, s->txp->len);
681 }
682 s->txp->fifo_used = 0;
683
684 if (s->tx_status_fifo_used == 512) {
685
686 return;
687 }
688
689 status = s->txp->cmd_b & 0xffff0000u;
690 DPRINTF("Sent packet tag:%04x len %d\n", status >> 16, s->txp->len);
691 n = (s->tx_status_fifo_head + s->tx_status_fifo_used) & 511;
692 s->tx_status_fifo[n] = status;
693 s->tx_status_fifo_used++;
694
695
696
697
698
699 if (s->tx_status_fifo_used > ((s->fifo_int >> 16) & 0xff)) {
700 s->int_sts |= TSFL_INT;
701 }
702 if (s->tx_status_fifo_used == 512) {
703 s->int_sts |= TSFF_INT;
704
705 }
706}
707
708static uint32_t rx_status_fifo_pop(lan9118_state *s)
709{
710 uint32_t val;
711
712 val = s->rx_status_fifo[s->rx_status_fifo_head];
713 if (s->rx_status_fifo_used != 0) {
714 s->rx_status_fifo_used--;
715 s->rx_status_fifo_head++;
716 if (s->rx_status_fifo_head >= s->rx_status_fifo_size) {
717 s->rx_status_fifo_head -= s->rx_status_fifo_size;
718 }
719
720 DPRINTF("RX status pop 0x%08x\n", val);
721 }
722 return val;
723}
724
725static uint32_t tx_status_fifo_pop(lan9118_state *s)
726{
727 uint32_t val;
728
729 val = s->tx_status_fifo[s->tx_status_fifo_head];
730 if (s->tx_status_fifo_used != 0) {
731 s->tx_status_fifo_used--;
732 s->tx_status_fifo_head = (s->tx_status_fifo_head + 1) & 511;
733
734 }
735 return val;
736}
737
738static void tx_fifo_push(lan9118_state *s, uint32_t val)
739{
740 int n;
741
742 if (s->txp->fifo_used == s->tx_fifo_size) {
743 s->int_sts |= TDFO_INT;
744 return;
745 }
746 switch (s->txp->state) {
747 case TX_IDLE:
748 s->txp->cmd_a = val & 0x831f37ff;
749 s->txp->fifo_used++;
750 s->txp->state = TX_B;
751 s->txp->buffer_size = extract32(s->txp->cmd_a, 0, 11);
752 s->txp->offset = extract32(s->txp->cmd_a, 16, 5);
753 break;
754 case TX_B:
755 if (s->txp->cmd_a & 0x2000) {
756
757 s->txp->cmd_b = val;
758 s->txp->fifo_used++;
759
760 n = (s->txp->buffer_size + s->txp->offset + 3) >> 2;
761 switch ((n >> 24) & 3) {
762 case 1:
763 n = (-n) & 3;
764 break;
765 case 2:
766 n = (-n) & 7;
767 break;
768 default:
769 n = 0;
770 }
771 s->txp->pad = n;
772 s->txp->len = 0;
773 }
774 DPRINTF("Block len:%d offset:%d pad:%d cmd %08x\n",
775 s->txp->buffer_size, s->txp->offset, s->txp->pad,
776 s->txp->cmd_a);
777 s->txp->state = TX_DATA;
778 break;
779 case TX_DATA:
780 if (s->txp->offset >= 4) {
781 s->txp->offset -= 4;
782 break;
783 }
784 if (s->txp->buffer_size <= 0 && s->txp->pad != 0) {
785 s->txp->pad--;
786 } else {
787 n = MIN(4, s->txp->buffer_size + s->txp->offset);
788 while (s->txp->offset) {
789 val >>= 8;
790 n--;
791 s->txp->offset--;
792 }
793
794
795
796
797 while (n--) {
798 s->txp->data[s->txp->len] = val & 0xff;
799 s->txp->len++;
800 val >>= 8;
801 s->txp->buffer_size--;
802 }
803 s->txp->fifo_used++;
804 }
805 if (s->txp->buffer_size <= 0 && s->txp->pad == 0) {
806 if (s->txp->cmd_a & 0x1000) {
807 do_tx_packet(s);
808 }
809 if (s->txp->cmd_a & 0x80000000) {
810 s->int_sts |= TX_IOC_INT;
811 }
812 s->txp->state = TX_IDLE;
813 }
814 break;
815 }
816}
817
818static uint32_t do_phy_read(lan9118_state *s, int reg)
819{
820 uint32_t val;
821
822 switch (reg) {
823 case 0:
824 return s->phy_control;
825 case 1:
826 return s->phy_status;
827 case 2:
828 return 0x0007;
829 case 3:
830 return 0xc0d1;
831 case 4:
832 return s->phy_advertise;
833 case 5:
834 return 0x0f71;
835 case 6:
836 return 1;
837
838 case 29:
839 val = s->phy_int;
840 s->phy_int = 0;
841 phy_update_irq(s);
842 return val;
843 case 30:
844 return s->phy_int_mask;
845 default:
846 qemu_log_mask(LOG_GUEST_ERROR,
847 "do_phy_read: PHY read reg %d\n", reg);
848 return 0;
849 }
850}
851
852static void do_phy_write(lan9118_state *s, int reg, uint32_t val)
853{
854 switch (reg) {
855 case 0:
856 if (val & 0x8000) {
857 phy_reset(s);
858 break;
859 }
860 s->phy_control = val & 0x7980;
861
862 if (val & 0x1000) {
863 s->phy_status |= 0x0020;
864 }
865 break;
866 case 4:
867 s->phy_advertise = (val & 0x2d7f) | 0x80;
868 break;
869
870 case 30:
871 s->phy_int_mask = val & 0xff;
872 phy_update_irq(s);
873 break;
874 default:
875 qemu_log_mask(LOG_GUEST_ERROR,
876 "do_phy_write: PHY write reg %d = 0x%04x\n", reg, val);
877 }
878}
879
880static void do_mac_write(lan9118_state *s, int reg, uint32_t val)
881{
882 switch (reg) {
883 case MAC_CR:
884 if ((s->mac_cr & MAC_CR_RXEN) != 0 && (val & MAC_CR_RXEN) == 0) {
885 s->int_sts |= RXSTOP_INT;
886 }
887 s->mac_cr = val & ~MAC_CR_RESERVED;
888 DPRINTF("MAC_CR: %08x\n", val);
889 break;
890 case MAC_ADDRH:
891 s->conf.macaddr.a[4] = val & 0xff;
892 s->conf.macaddr.a[5] = (val >> 8) & 0xff;
893 lan9118_mac_changed(s);
894 break;
895 case MAC_ADDRL:
896 s->conf.macaddr.a[0] = val & 0xff;
897 s->conf.macaddr.a[1] = (val >> 8) & 0xff;
898 s->conf.macaddr.a[2] = (val >> 16) & 0xff;
899 s->conf.macaddr.a[3] = (val >> 24) & 0xff;
900 lan9118_mac_changed(s);
901 break;
902 case MAC_HASHH:
903 s->mac_hashh = val;
904 break;
905 case MAC_HASHL:
906 s->mac_hashl = val;
907 break;
908 case MAC_MII_ACC:
909 s->mac_mii_acc = val & 0xffc2;
910 if (val & 2) {
911 DPRINTF("PHY write %d = 0x%04x\n",
912 (val >> 6) & 0x1f, s->mac_mii_data);
913 do_phy_write(s, (val >> 6) & 0x1f, s->mac_mii_data);
914 } else {
915 s->mac_mii_data = do_phy_read(s, (val >> 6) & 0x1f);
916 DPRINTF("PHY read %d = 0x%04x\n",
917 (val >> 6) & 0x1f, s->mac_mii_data);
918 }
919 break;
920 case MAC_MII_DATA:
921 s->mac_mii_data = val & 0xffff;
922 break;
923 case MAC_FLOW:
924 s->mac_flow = val & 0xffff0000;
925 break;
926 case MAC_VLAN1:
927
928
929
930
931 break;
932 default:
933 qemu_log_mask(LOG_GUEST_ERROR,
934 "lan9118: Unimplemented MAC register write: %d = 0x%x\n",
935 s->mac_cmd & 0xf, val);
936 }
937}
938
939static uint32_t do_mac_read(lan9118_state *s, int reg)
940{
941 switch (reg) {
942 case MAC_CR:
943 return s->mac_cr;
944 case MAC_ADDRH:
945 return s->conf.macaddr.a[4] | (s->conf.macaddr.a[5] << 8);
946 case MAC_ADDRL:
947 return s->conf.macaddr.a[0] | (s->conf.macaddr.a[1] << 8)
948 | (s->conf.macaddr.a[2] << 16) | (s->conf.macaddr.a[3] << 24);
949 case MAC_HASHH:
950 return s->mac_hashh;
951 case MAC_HASHL:
952 return s->mac_hashl;
953 case MAC_MII_ACC:
954 return s->mac_mii_acc;
955 case MAC_MII_DATA:
956 return s->mac_mii_data;
957 case MAC_FLOW:
958 return s->mac_flow;
959 default:
960 qemu_log_mask(LOG_GUEST_ERROR,
961 "lan9118: Unimplemented MAC register read: %d\n",
962 s->mac_cmd & 0xf);
963 return 0;
964 }
965}
966
967static void lan9118_eeprom_cmd(lan9118_state *s, int cmd, int addr)
968{
969 s->e2p_cmd = (s->e2p_cmd & E2P_CMD_MAC_ADDR_LOADED) | (cmd << 28) | addr;
970 switch (cmd) {
971 case 0:
972 s->e2p_data = s->eeprom[addr];
973 DPRINTF("EEPROM Read %d = 0x%02x\n", addr, s->e2p_data);
974 break;
975 case 1:
976 s->eeprom_writable = 0;
977 DPRINTF("EEPROM Write Disable\n");
978 break;
979 case 2:
980 s->eeprom_writable = 1;
981 DPRINTF("EEPROM Write Enable\n");
982 break;
983 case 3:
984 if (s->eeprom_writable) {
985 s->eeprom[addr] &= s->e2p_data;
986 DPRINTF("EEPROM Write %d = 0x%02x\n", addr, s->e2p_data);
987 } else {
988 DPRINTF("EEPROM Write %d (ignored)\n", addr);
989 }
990 break;
991 case 4:
992 if (s->eeprom_writable) {
993 for (addr = 0; addr < 128; addr++) {
994 s->eeprom[addr] &= s->e2p_data;
995 }
996 DPRINTF("EEPROM Write All 0x%02x\n", s->e2p_data);
997 } else {
998 DPRINTF("EEPROM Write All (ignored)\n");
999 }
1000 break;
1001 case 5:
1002 if (s->eeprom_writable) {
1003 s->eeprom[addr] = 0xff;
1004 DPRINTF("EEPROM Erase %d\n", addr);
1005 } else {
1006 DPRINTF("EEPROM Erase %d (ignored)\n", addr);
1007 }
1008 break;
1009 case 6:
1010 if (s->eeprom_writable) {
1011 memset(s->eeprom, 0xff, 128);
1012 DPRINTF("EEPROM Erase All\n");
1013 } else {
1014 DPRINTF("EEPROM Erase All (ignored)\n");
1015 }
1016 break;
1017 case 7:
1018 lan9118_reload_eeprom(s);
1019 break;
1020 }
1021}
1022
1023static void lan9118_tick(void *opaque)
1024{
1025 lan9118_state *s = (lan9118_state *)opaque;
1026 if (s->int_en & GPT_INT) {
1027 s->int_sts |= GPT_INT;
1028 }
1029 lan9118_update(s);
1030}
1031
1032static void lan9118_writel(void *opaque, hwaddr offset,
1033 uint64_t val, unsigned size)
1034{
1035 lan9118_state *s = (lan9118_state *)opaque;
1036 offset &= 0xff;
1037
1038
1039 if (offset >= TX_DATA_FIFO_PORT_FIRST &&
1040 offset <= TX_DATA_FIFO_PORT_LAST) {
1041
1042 tx_fifo_push(s, val);
1043 return;
1044 }
1045 switch (offset) {
1046 case CSR_IRQ_CFG:
1047
1048 val &= (IRQ_EN | IRQ_POL | IRQ_TYPE);
1049 s->irq_cfg = (s->irq_cfg & IRQ_INT) | val;
1050 break;
1051 case CSR_INT_STS:
1052 s->int_sts &= ~val;
1053 break;
1054 case CSR_INT_EN:
1055 s->int_en = val & ~RESERVED_INT;
1056 s->int_sts |= val & SW_INT;
1057 break;
1058 case CSR_FIFO_INT:
1059 DPRINTF("FIFO INT levels %08x\n", val);
1060 s->fifo_int = val;
1061 break;
1062 case CSR_RX_CFG:
1063 if (val & 0x8000) {
1064
1065 s->rx_fifo_used = 0;
1066 s->rx_status_fifo_used = 0;
1067 s->rx_packet_size_tail = s->rx_packet_size_head;
1068 s->rx_packet_size[s->rx_packet_size_head] = 0;
1069 }
1070 s->rx_cfg = val & 0xcfff1ff0;
1071 break;
1072 case CSR_TX_CFG:
1073 if (val & 0x8000) {
1074 s->tx_status_fifo_used = 0;
1075 }
1076 if (val & 0x4000) {
1077 s->txp->state = TX_IDLE;
1078 s->txp->fifo_used = 0;
1079 s->txp->cmd_a = 0xffffffff;
1080 }
1081 s->tx_cfg = val & 6;
1082 break;
1083 case CSR_HW_CFG:
1084 if (val & 1) {
1085
1086 lan9118_reset(DEVICE(s));
1087 } else {
1088 s->hw_cfg = (val & 0x003f300) | (s->hw_cfg & 0x4);
1089 }
1090 break;
1091 case CSR_RX_DP_CTRL:
1092 if (val & 0x80000000) {
1093
1094 s->rxp_pad = 0;
1095 s->rxp_offset = 0;
1096 if (s->rxp_size == 0) {
1097
1098 rx_fifo_pop(s);
1099 s->rxp_pad = 0;
1100 s->rxp_offset = 0;
1101 }
1102 s->rx_fifo_head += s->rxp_size;
1103 if (s->rx_fifo_head >= s->rx_fifo_size) {
1104 s->rx_fifo_head -= s->rx_fifo_size;
1105 }
1106 }
1107 break;
1108 case CSR_PMT_CTRL:
1109 if (val & 0x400) {
1110 phy_reset(s);
1111 }
1112 s->pmt_ctrl &= ~0x34e;
1113 s->pmt_ctrl |= (val & 0x34e);
1114 break;
1115 case CSR_GPIO_CFG:
1116
1117 s->gpio_cfg = val & 0x7777071f;
1118 break;
1119 case CSR_GPT_CFG:
1120 if ((s->gpt_cfg ^ val) & GPT_TIMER_EN) {
1121 ptimer_transaction_begin(s->timer);
1122 if (val & GPT_TIMER_EN) {
1123 ptimer_set_count(s->timer, val & 0xffff);
1124 ptimer_run(s->timer, 0);
1125 } else {
1126 ptimer_stop(s->timer);
1127 ptimer_set_count(s->timer, 0xffff);
1128 }
1129 ptimer_transaction_commit(s->timer);
1130 }
1131 s->gpt_cfg = val & (GPT_TIMER_EN | 0xffff);
1132 break;
1133 case CSR_WORD_SWAP:
1134
1135 s->word_swap = val;
1136 break;
1137 case CSR_MAC_CSR_CMD:
1138 s->mac_cmd = val & 0x4000000f;
1139 if (val & 0x80000000) {
1140 if (val & 0x40000000) {
1141 s->mac_data = do_mac_read(s, val & 0xf);
1142 DPRINTF("MAC read %d = 0x%08x\n", val & 0xf, s->mac_data);
1143 } else {
1144 DPRINTF("MAC write %d = 0x%08x\n", val & 0xf, s->mac_data);
1145 do_mac_write(s, val & 0xf, s->mac_data);
1146 }
1147 }
1148 break;
1149 case CSR_MAC_CSR_DATA:
1150 s->mac_data = val;
1151 break;
1152 case CSR_AFC_CFG:
1153 s->afc_cfg = val & 0x00ffffff;
1154 break;
1155 case CSR_E2P_CMD:
1156 lan9118_eeprom_cmd(s, (val >> 28) & 7, val & 0x7f);
1157 break;
1158 case CSR_E2P_DATA:
1159 s->e2p_data = val & 0xff;
1160 break;
1161
1162 default:
1163 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_write: Bad reg 0x%x = %x\n",
1164 (int)offset, (int)val);
1165 break;
1166 }
1167 lan9118_update(s);
1168}
1169
1170static void lan9118_writew(void *opaque, hwaddr offset,
1171 uint32_t val)
1172{
1173 lan9118_state *s = (lan9118_state *)opaque;
1174 offset &= 0xff;
1175
1176 if (s->write_word_prev_offset != (offset & ~0x3)) {
1177
1178 s->write_word_n = 0;
1179 s->write_word_prev_offset = offset & ~0x3;
1180 }
1181
1182 if (offset & 0x2) {
1183 s->write_word_h = val;
1184 } else {
1185 s->write_word_l = val;
1186 }
1187
1188
1189 s->write_word_n++;
1190 if (s->write_word_n == 2) {
1191 s->write_word_n = 0;
1192 lan9118_writel(s, offset & ~3, s->write_word_l +
1193 (s->write_word_h << 16), 4);
1194 }
1195}
1196
1197static void lan9118_16bit_mode_write(void *opaque, hwaddr offset,
1198 uint64_t val, unsigned size)
1199{
1200 switch (size) {
1201 case 2:
1202 lan9118_writew(opaque, offset, (uint32_t)val);
1203 return;
1204 case 4:
1205 lan9118_writel(opaque, offset, val, size);
1206 return;
1207 }
1208
1209 qemu_log_mask(LOG_GUEST_ERROR,
1210 "lan9118_16bit_mode_write: Bad size 0x%x\n", size);
1211}
1212
1213static uint64_t lan9118_readl(void *opaque, hwaddr offset,
1214 unsigned size)
1215{
1216 lan9118_state *s = (lan9118_state *)opaque;
1217
1218
1219 if (offset <= RX_DATA_FIFO_PORT_LAST) {
1220
1221 return rx_fifo_pop(s);
1222 }
1223 switch (offset) {
1224 case RX_STATUS_FIFO_PORT:
1225 return rx_status_fifo_pop(s);
1226 case RX_STATUS_FIFO_PEEK:
1227 return s->rx_status_fifo[s->rx_status_fifo_head];
1228 case TX_STATUS_FIFO_PORT:
1229 return tx_status_fifo_pop(s);
1230 case TX_STATUS_FIFO_PEEK:
1231 return s->tx_status_fifo[s->tx_status_fifo_head];
1232 case CSR_ID_REV:
1233 return 0x01180001;
1234 case CSR_IRQ_CFG:
1235 return s->irq_cfg;
1236 case CSR_INT_STS:
1237 return s->int_sts;
1238 case CSR_INT_EN:
1239 return s->int_en;
1240 case CSR_BYTE_TEST:
1241 return 0x87654321;
1242 case CSR_FIFO_INT:
1243 return s->fifo_int;
1244 case CSR_RX_CFG:
1245 return s->rx_cfg;
1246 case CSR_TX_CFG:
1247 return s->tx_cfg;
1248 case CSR_HW_CFG:
1249 return s->hw_cfg;
1250 case CSR_RX_DP_CTRL:
1251 return 0;
1252 case CSR_RX_FIFO_INF:
1253 return (s->rx_status_fifo_used << 16) | (s->rx_fifo_used << 2);
1254 case CSR_TX_FIFO_INF:
1255 return (s->tx_status_fifo_used << 16)
1256 | (s->tx_fifo_size - s->txp->fifo_used);
1257 case CSR_PMT_CTRL:
1258 return s->pmt_ctrl;
1259 case CSR_GPIO_CFG:
1260 return s->gpio_cfg;
1261 case CSR_GPT_CFG:
1262 return s->gpt_cfg;
1263 case CSR_GPT_CNT:
1264 return ptimer_get_count(s->timer);
1265 case CSR_WORD_SWAP:
1266 return s->word_swap;
1267 case CSR_FREE_RUN:
1268 return (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 40) - s->free_timer_start;
1269 case CSR_RX_DROP:
1270
1271 return 0;
1272 case CSR_MAC_CSR_CMD:
1273 return s->mac_cmd;
1274 case CSR_MAC_CSR_DATA:
1275 return s->mac_data;
1276 case CSR_AFC_CFG:
1277 return s->afc_cfg;
1278 case CSR_E2P_CMD:
1279 return s->e2p_cmd;
1280 case CSR_E2P_DATA:
1281 return s->e2p_data;
1282 }
1283 qemu_log_mask(LOG_GUEST_ERROR, "lan9118_read: Bad reg 0x%x\n", (int)offset);
1284 return 0;
1285}
1286
1287static uint32_t lan9118_readw(void *opaque, hwaddr offset)
1288{
1289 lan9118_state *s = (lan9118_state *)opaque;
1290 uint32_t val;
1291
1292 if (s->read_word_prev_offset != (offset & ~0x3)) {
1293
1294 s->read_word_n = 0;
1295 s->read_word_prev_offset = offset & ~0x3;
1296 }
1297
1298 s->read_word_n++;
1299 if (s->read_word_n == 1) {
1300 s->read_long = lan9118_readl(s, offset & ~3, 4);
1301 } else {
1302 s->read_word_n = 0;
1303 }
1304
1305 if (offset & 2) {
1306 val = s->read_long >> 16;
1307 } else {
1308 val = s->read_long & 0xFFFF;
1309 }
1310
1311
1312 return val;
1313}
1314
1315static uint64_t lan9118_16bit_mode_read(void *opaque, hwaddr offset,
1316 unsigned size)
1317{
1318 switch (size) {
1319 case 2:
1320 return lan9118_readw(opaque, offset);
1321 case 4:
1322 return lan9118_readl(opaque, offset, size);
1323 }
1324
1325 qemu_log_mask(LOG_GUEST_ERROR,
1326 "lan9118_16bit_mode_read: Bad size 0x%x\n", size);
1327 return 0;
1328}
1329
1330static const MemoryRegionOps lan9118_mem_ops = {
1331 .read = lan9118_readl,
1332 .write = lan9118_writel,
1333 .endianness = DEVICE_NATIVE_ENDIAN,
1334};
1335
1336static const MemoryRegionOps lan9118_16bit_mem_ops = {
1337 .read = lan9118_16bit_mode_read,
1338 .write = lan9118_16bit_mode_write,
1339 .endianness = DEVICE_NATIVE_ENDIAN,
1340};
1341
1342static NetClientInfo net_lan9118_info = {
1343 .type = NET_CLIENT_DRIVER_NIC,
1344 .size = sizeof(NICState),
1345 .receive = lan9118_receive,
1346 .link_status_changed = lan9118_set_link,
1347};
1348
1349static void lan9118_realize(DeviceState *dev, Error **errp)
1350{
1351 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
1352 lan9118_state *s = LAN9118(dev);
1353 int i;
1354 const MemoryRegionOps *mem_ops =
1355 s->mode_16bit ? &lan9118_16bit_mem_ops : &lan9118_mem_ops;
1356
1357 memory_region_init_io(&s->mmio, OBJECT(dev), mem_ops, s,
1358 "lan9118-mmio", 0x100);
1359 sysbus_init_mmio(sbd, &s->mmio);
1360 sysbus_init_irq(sbd, &s->irq);
1361 qemu_macaddr_default_if_unset(&s->conf.macaddr);
1362
1363 s->nic = qemu_new_nic(&net_lan9118_info, &s->conf,
1364 object_get_typename(OBJECT(dev)), dev->id, s);
1365 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a);
1366 s->eeprom[0] = 0xa5;
1367 for (i = 0; i < 6; i++) {
1368 s->eeprom[i + 1] = s->conf.macaddr.a[i];
1369 }
1370 s->pmt_ctrl = 1;
1371 s->txp = &s->tx_packet;
1372
1373 s->timer = ptimer_init(lan9118_tick, s, PTIMER_POLICY_LEGACY);
1374 ptimer_transaction_begin(s->timer);
1375 ptimer_set_freq(s->timer, 10000);
1376 ptimer_set_limit(s->timer, 0xffff, 1);
1377 ptimer_transaction_commit(s->timer);
1378}
1379
1380static Property lan9118_properties[] = {
1381 DEFINE_NIC_PROPERTIES(lan9118_state, conf),
1382 DEFINE_PROP_UINT32("mode_16bit", lan9118_state, mode_16bit, 0),
1383 DEFINE_PROP_END_OF_LIST(),
1384};
1385
1386static void lan9118_class_init(ObjectClass *klass, void *data)
1387{
1388 DeviceClass *dc = DEVICE_CLASS(klass);
1389
1390 dc->reset = lan9118_reset;
1391 device_class_set_props(dc, lan9118_properties);
1392 dc->vmsd = &vmstate_lan9118;
1393 dc->realize = lan9118_realize;
1394}
1395
1396static const TypeInfo lan9118_info = {
1397 .name = TYPE_LAN9118,
1398 .parent = TYPE_SYS_BUS_DEVICE,
1399 .instance_size = sizeof(lan9118_state),
1400 .class_init = lan9118_class_init,
1401};
1402
1403static void lan9118_register_types(void)
1404{
1405 type_register_static(&lan9118_info);
1406}
1407
1408
1409
1410void lan9118_init(NICInfo *nd, uint32_t base, qemu_irq irq)
1411{
1412 DeviceState *dev;
1413 SysBusDevice *s;
1414
1415 qemu_check_nic_model(nd, "lan9118");
1416 dev = qdev_new(TYPE_LAN9118);
1417 qdev_set_nic_properties(dev, nd);
1418 s = SYS_BUS_DEVICE(dev);
1419 sysbus_realize_and_unref(s, &error_fatal);
1420 sysbus_mmio_map(s, 0, base);
1421 sysbus_connect_irq(s, 0, irq);
1422}
1423
1424type_init(lan9118_register_types)
1425
