rtl8139.c (99740B)
1/** 2 * QEMU RTL8139 emulation 3 * 4 * Copyright (c) 2006 Igor Kovalenko 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 24 * Modifications: 25 * 2006-Jan-28 Mark Malakanov : TSAD and CSCR implementation (for Windows driver) 26 * 27 * 2006-Apr-28 Juergen Lock : EEPROM emulation changes for FreeBSD driver 28 * HW revision ID changes for FreeBSD driver 29 * 30 * 2006-Jul-01 Igor Kovalenko : Implemented loopback mode for FreeBSD driver 31 * Corrected packet transfer reassembly routine for 8139C+ mode 32 * Rearranged debugging print statements 33 * Implemented PCI timer interrupt (disabled by default) 34 * Implemented Tally Counters, increased VM load/save version 35 * Implemented IP/TCP/UDP checksum task offloading 36 * 37 * 2006-Jul-04 Igor Kovalenko : Implemented TCP segmentation offloading 38 * Fixed MTU=1500 for produced ethernet frames 39 * 40 * 2006-Jul-09 Igor Kovalenko : Fixed TCP header length calculation while processing 41 * segmentation offloading 42 * Removed slirp.h dependency 43 * Added rx/tx buffer reset when enabling rx/tx operation 44 * 45 * 2010-Feb-04 Frediano Ziglio: Rewrote timer support using QEMU timer only 46 * when strictly needed (required for 47 * Darwin) 48 * 2011-Mar-22 Benjamin Poirier: Implemented VLAN offloading 49 */ 50 51/* For crc32 */ 52 53#include "qemu/osdep.h" 54#include <zlib.h> 55 56#include "hw/pci/pci.h" 57#include "hw/qdev-properties.h" 58#include "migration/vmstate.h" 59#include "sysemu/dma.h" 60#include "qemu/module.h" 61#include "qemu/timer.h" 62#include "net/net.h" 63#include "net/eth.h" 64#include "sysemu/sysemu.h" 65#include "qom/object.h" 66 67/* debug RTL8139 card */ 68//#define DEBUG_RTL8139 1 69 70#define PCI_PERIOD 30 /* 30 ns period = 33.333333 Mhz frequency */ 71 72#define SET_MASKED(input, mask, curr) \ 73 ( ( (input) & ~(mask) ) | ( (curr) & (mask) ) ) 74 75/* arg % size for size which is a power of 2 */ 76#define MOD2(input, size) \ 77 ( ( input ) & ( size - 1 ) ) 78 79#define ETHER_TYPE_LEN 2 80#define ETH_MTU 1500 81 82#define VLAN_TCI_LEN 2 83#define VLAN_HLEN (ETHER_TYPE_LEN + VLAN_TCI_LEN) 84 85#if defined (DEBUG_RTL8139) 86# define DPRINTF(fmt, ...) \ 87 do { fprintf(stderr, "RTL8139: " fmt, ## __VA_ARGS__); } while (0) 88#else 89static inline GCC_FMT_ATTR(1, 2) int DPRINTF(const char *fmt, ...) 90{ 91 return 0; 92} 93#endif 94 95#define TYPE_RTL8139 "rtl8139" 96 97OBJECT_DECLARE_SIMPLE_TYPE(RTL8139State, RTL8139) 98 99/* Symbolic offsets to registers. */ 100enum RTL8139_registers { 101 MAC0 = 0, /* Ethernet hardware address. */ 102 MAR0 = 8, /* Multicast filter. */ 103 TxStatus0 = 0x10,/* Transmit status (Four 32bit registers). C mode only */ 104 /* Dump Tally Conter control register(64bit). C+ mode only */ 105 TxAddr0 = 0x20, /* Tx descriptors (also four 32bit). */ 106 RxBuf = 0x30, 107 ChipCmd = 0x37, 108 RxBufPtr = 0x38, 109 RxBufAddr = 0x3A, 110 IntrMask = 0x3C, 111 IntrStatus = 0x3E, 112 TxConfig = 0x40, 113 RxConfig = 0x44, 114 Timer = 0x48, /* A general-purpose counter. */ 115 RxMissed = 0x4C, /* 24 bits valid, write clears. */ 116 Cfg9346 = 0x50, 117 Config0 = 0x51, 118 Config1 = 0x52, 119 FlashReg = 0x54, 120 MediaStatus = 0x58, 121 Config3 = 0x59, 122 Config4 = 0x5A, /* absent on RTL-8139A */ 123 HltClk = 0x5B, 124 MultiIntr = 0x5C, 125 PCIRevisionID = 0x5E, 126 TxSummary = 0x60, /* TSAD register. Transmit Status of All Descriptors*/ 127 BasicModeCtrl = 0x62, 128 BasicModeStatus = 0x64, 129 NWayAdvert = 0x66, 130 NWayLPAR = 0x68, 131 NWayExpansion = 0x6A, 132 /* Undocumented registers, but required for proper operation. */ 133 FIFOTMS = 0x70, /* FIFO Control and test. */ 134 CSCR = 0x74, /* Chip Status and Configuration Register. */ 135 PARA78 = 0x78, 136 PARA7c = 0x7c, /* Magic transceiver parameter register. */ 137 Config5 = 0xD8, /* absent on RTL-8139A */ 138 /* C+ mode */ 139 TxPoll = 0xD9, /* Tell chip to check Tx descriptors for work */ 140 RxMaxSize = 0xDA, /* Max size of an Rx packet (8169 only) */ 141 CpCmd = 0xE0, /* C+ Command register (C+ mode only) */ 142 IntrMitigate = 0xE2, /* rx/tx interrupt mitigation control */ 143 RxRingAddrLO = 0xE4, /* 64-bit start addr of Rx ring */ 144 RxRingAddrHI = 0xE8, /* 64-bit start addr of Rx ring */ 145 TxThresh = 0xEC, /* Early Tx threshold */ 146}; 147 148enum ClearBitMasks { 149 MultiIntrClear = 0xF000, 150 ChipCmdClear = 0xE2, 151 Config1Clear = (1<<7)|(1<<6)|(1<<3)|(1<<2)|(1<<1), 152}; 153 154enum ChipCmdBits { 155 CmdReset = 0x10, 156 CmdRxEnb = 0x08, 157 CmdTxEnb = 0x04, 158 RxBufEmpty = 0x01, 159}; 160 161/* C+ mode */ 162enum CplusCmdBits { 163 CPlusRxVLAN = 0x0040, /* enable receive VLAN detagging */ 164 CPlusRxChkSum = 0x0020, /* enable receive checksum offloading */ 165 CPlusRxEnb = 0x0002, 166 CPlusTxEnb = 0x0001, 167}; 168 169/* Interrupt register bits, using my own meaningful names. */ 170enum IntrStatusBits { 171 PCIErr = 0x8000, 172 PCSTimeout = 0x4000, 173 RxFIFOOver = 0x40, 174 RxUnderrun = 0x20, /* Packet Underrun / Link Change */ 175 RxOverflow = 0x10, 176 TxErr = 0x08, 177 TxOK = 0x04, 178 RxErr = 0x02, 179 RxOK = 0x01, 180 181 RxAckBits = RxFIFOOver | RxOverflow | RxOK, 182}; 183 184enum TxStatusBits { 185 TxHostOwns = 0x2000, 186 TxUnderrun = 0x4000, 187 TxStatOK = 0x8000, 188 TxOutOfWindow = 0x20000000, 189 TxAborted = 0x40000000, 190 TxCarrierLost = 0x80000000, 191}; 192enum RxStatusBits { 193 RxMulticast = 0x8000, 194 RxPhysical = 0x4000, 195 RxBroadcast = 0x2000, 196 RxBadSymbol = 0x0020, 197 RxRunt = 0x0010, 198 RxTooLong = 0x0008, 199 RxCRCErr = 0x0004, 200 RxBadAlign = 0x0002, 201 RxStatusOK = 0x0001, 202}; 203 204/* Bits in RxConfig. */ 205enum rx_mode_bits { 206 AcceptErr = 0x20, 207 AcceptRunt = 0x10, 208 AcceptBroadcast = 0x08, 209 AcceptMulticast = 0x04, 210 AcceptMyPhys = 0x02, 211 AcceptAllPhys = 0x01, 212}; 213 214/* Bits in TxConfig. */ 215enum tx_config_bits { 216 217 /* Interframe Gap Time. Only TxIFG96 doesn't violate IEEE 802.3 */ 218 TxIFGShift = 24, 219 TxIFG84 = (0 << TxIFGShift), /* 8.4us / 840ns (10 / 100Mbps) */ 220 TxIFG88 = (1 << TxIFGShift), /* 8.8us / 880ns (10 / 100Mbps) */ 221 TxIFG92 = (2 << TxIFGShift), /* 9.2us / 920ns (10 / 100Mbps) */ 222 TxIFG96 = (3 << TxIFGShift), /* 9.6us / 960ns (10 / 100Mbps) */ 223 224 TxLoopBack = (1 << 18) | (1 << 17), /* enable loopback test mode */ 225 TxCRC = (1 << 16), /* DISABLE appending CRC to end of Tx packets */ 226 TxClearAbt = (1 << 0), /* Clear abort (WO) */ 227 TxDMAShift = 8, /* DMA burst value (0-7) is shifted this many bits */ 228 TxRetryShift = 4, /* TXRR value (0-15) is shifted this many bits */ 229 230 TxVersionMask = 0x7C800000, /* mask out version bits 30-26, 23 */ 231}; 232 233 234/* Transmit Status of All Descriptors (TSAD) Register */ 235enum TSAD_bits { 236 TSAD_TOK3 = 1<<15, // TOK bit of Descriptor 3 237 TSAD_TOK2 = 1<<14, // TOK bit of Descriptor 2 238 TSAD_TOK1 = 1<<13, // TOK bit of Descriptor 1 239 TSAD_TOK0 = 1<<12, // TOK bit of Descriptor 0 240 TSAD_TUN3 = 1<<11, // TUN bit of Descriptor 3 241 TSAD_TUN2 = 1<<10, // TUN bit of Descriptor 2 242 TSAD_TUN1 = 1<<9, // TUN bit of Descriptor 1 243 TSAD_TUN0 = 1<<8, // TUN bit of Descriptor 0 244 TSAD_TABT3 = 1<<07, // TABT bit of Descriptor 3 245 TSAD_TABT2 = 1<<06, // TABT bit of Descriptor 2 246 TSAD_TABT1 = 1<<05, // TABT bit of Descriptor 1 247 TSAD_TABT0 = 1<<04, // TABT bit of Descriptor 0 248 TSAD_OWN3 = 1<<03, // OWN bit of Descriptor 3 249 TSAD_OWN2 = 1<<02, // OWN bit of Descriptor 2 250 TSAD_OWN1 = 1<<01, // OWN bit of Descriptor 1 251 TSAD_OWN0 = 1<<00, // OWN bit of Descriptor 0 252}; 253 254 255/* Bits in Config1 */ 256enum Config1Bits { 257 Cfg1_PM_Enable = 0x01, 258 Cfg1_VPD_Enable = 0x02, 259 Cfg1_PIO = 0x04, 260 Cfg1_MMIO = 0x08, 261 LWAKE = 0x10, /* not on 8139, 8139A */ 262 Cfg1_Driver_Load = 0x20, 263 Cfg1_LED0 = 0x40, 264 Cfg1_LED1 = 0x80, 265 SLEEP = (1 << 1), /* only on 8139, 8139A */ 266 PWRDN = (1 << 0), /* only on 8139, 8139A */ 267}; 268 269/* Bits in Config3 */ 270enum Config3Bits { 271 Cfg3_FBtBEn = (1 << 0), /* 1 = Fast Back to Back */ 272 Cfg3_FuncRegEn = (1 << 1), /* 1 = enable CardBus Function registers */ 273 Cfg3_CLKRUN_En = (1 << 2), /* 1 = enable CLKRUN */ 274 Cfg3_CardB_En = (1 << 3), /* 1 = enable CardBus registers */ 275 Cfg3_LinkUp = (1 << 4), /* 1 = wake up on link up */ 276 Cfg3_Magic = (1 << 5), /* 1 = wake up on Magic Packet (tm) */ 277 Cfg3_PARM_En = (1 << 6), /* 0 = software can set twister parameters */ 278 Cfg3_GNTSel = (1 << 7), /* 1 = delay 1 clock from PCI GNT signal */ 279}; 280 281/* Bits in Config4 */ 282enum Config4Bits { 283 LWPTN = (1 << 2), /* not on 8139, 8139A */ 284}; 285 286/* Bits in Config5 */ 287enum Config5Bits { 288 Cfg5_PME_STS = (1 << 0), /* 1 = PCI reset resets PME_Status */ 289 Cfg5_LANWake = (1 << 1), /* 1 = enable LANWake signal */ 290 Cfg5_LDPS = (1 << 2), /* 0 = save power when link is down */ 291 Cfg5_FIFOAddrPtr = (1 << 3), /* Realtek internal SRAM testing */ 292 Cfg5_UWF = (1 << 4), /* 1 = accept unicast wakeup frame */ 293 Cfg5_MWF = (1 << 5), /* 1 = accept multicast wakeup frame */ 294 Cfg5_BWF = (1 << 6), /* 1 = accept broadcast wakeup frame */ 295}; 296 297enum RxConfigBits { 298 /* rx fifo threshold */ 299 RxCfgFIFOShift = 13, 300 RxCfgFIFONone = (7 << RxCfgFIFOShift), 301 302 /* Max DMA burst */ 303 RxCfgDMAShift = 8, 304 RxCfgDMAUnlimited = (7 << RxCfgDMAShift), 305 306 /* rx ring buffer length */ 307 RxCfgRcv8K = 0, 308 RxCfgRcv16K = (1 << 11), 309 RxCfgRcv32K = (1 << 12), 310 RxCfgRcv64K = (1 << 11) | (1 << 12), 311 312 /* Disable packet wrap at end of Rx buffer. (not possible with 64k) */ 313 RxNoWrap = (1 << 7), 314}; 315 316/* Twister tuning parameters from RealTek. 317 Completely undocumented, but required to tune bad links on some boards. */ 318/* 319enum CSCRBits { 320 CSCR_LinkOKBit = 0x0400, 321 CSCR_LinkChangeBit = 0x0800, 322 CSCR_LinkStatusBits = 0x0f000, 323 CSCR_LinkDownOffCmd = 0x003c0, 324 CSCR_LinkDownCmd = 0x0f3c0, 325*/ 326enum CSCRBits { 327 CSCR_Testfun = 1<<15, /* 1 = Auto-neg speeds up internal timer, WO, def 0 */ 328 CSCR_LD = 1<<9, /* Active low TPI link disable signal. When low, TPI still transmits link pulses and TPI stays in good link state. def 1*/ 329 CSCR_HEART_BIT = 1<<8, /* 1 = HEART BEAT enable, 0 = HEART BEAT disable. HEART BEAT function is only valid in 10Mbps mode. def 1*/ 330 CSCR_JBEN = 1<<7, /* 1 = enable jabber function. 0 = disable jabber function, def 1*/ 331 CSCR_F_LINK_100 = 1<<6, /* Used to login force good link in 100Mbps for diagnostic purposes. 1 = DISABLE, 0 = ENABLE. def 1*/ 332 CSCR_F_Connect = 1<<5, /* Assertion of this bit forces the disconnect function to be bypassed. def 0*/ 333 CSCR_Con_status = 1<<3, /* This bit indicates the status of the connection. 1 = valid connected link detected; 0 = disconnected link detected. RO def 0*/ 334 CSCR_Con_status_En = 1<<2, /* Assertion of this bit configures LED1 pin to indicate connection status. def 0*/ 335 CSCR_PASS_SCR = 1<<0, /* Bypass Scramble, def 0*/ 336}; 337 338enum Cfg9346Bits { 339 Cfg9346_Normal = 0x00, 340 Cfg9346_Autoload = 0x40, 341 Cfg9346_Programming = 0x80, 342 Cfg9346_ConfigWrite = 0xC0, 343}; 344 345typedef enum { 346 CH_8139 = 0, 347 CH_8139_K, 348 CH_8139A, 349 CH_8139A_G, 350 CH_8139B, 351 CH_8130, 352 CH_8139C, 353 CH_8100, 354 CH_8100B_8139D, 355 CH_8101, 356} chip_t; 357 358enum chip_flags { 359 HasHltClk = (1 << 0), 360 HasLWake = (1 << 1), 361}; 362 363#define HW_REVID(b30, b29, b28, b27, b26, b23, b22) \ 364 (b30<<30 | b29<<29 | b28<<28 | b27<<27 | b26<<26 | b23<<23 | b22<<22) 365#define HW_REVID_MASK HW_REVID(1, 1, 1, 1, 1, 1, 1) 366 367#define RTL8139_PCI_REVID_8139 0x10 368#define RTL8139_PCI_REVID_8139CPLUS 0x20 369 370#define RTL8139_PCI_REVID RTL8139_PCI_REVID_8139CPLUS 371 372/* Size is 64 * 16bit words */ 373#define EEPROM_9346_ADDR_BITS 6 374#define EEPROM_9346_SIZE (1 << EEPROM_9346_ADDR_BITS) 375#define EEPROM_9346_ADDR_MASK (EEPROM_9346_SIZE - 1) 376 377enum Chip9346Operation 378{ 379 Chip9346_op_mask = 0xc0, /* 10 zzzzzz */ 380 Chip9346_op_read = 0x80, /* 10 AAAAAA */ 381 Chip9346_op_write = 0x40, /* 01 AAAAAA D(15)..D(0) */ 382 Chip9346_op_ext_mask = 0xf0, /* 11 zzzzzz */ 383 Chip9346_op_write_enable = 0x30, /* 00 11zzzz */ 384 Chip9346_op_write_all = 0x10, /* 00 01zzzz */ 385 Chip9346_op_write_disable = 0x00, /* 00 00zzzz */ 386}; 387 388enum Chip9346Mode 389{ 390 Chip9346_none = 0, 391 Chip9346_enter_command_mode, 392 Chip9346_read_command, 393 Chip9346_data_read, /* from output register */ 394 Chip9346_data_write, /* to input register, then to contents at specified address */ 395 Chip9346_data_write_all, /* to input register, then filling contents */ 396}; 397 398typedef struct EEprom9346 399{ 400 uint16_t contents[EEPROM_9346_SIZE]; 401 int mode; 402 uint32_t tick; 403 uint8_t address; 404 uint16_t input; 405 uint16_t output; 406 407 uint8_t eecs; 408 uint8_t eesk; 409 uint8_t eedi; 410 uint8_t eedo; 411} EEprom9346; 412 413typedef struct RTL8139TallyCounters 414{ 415 /* Tally counters */ 416 uint64_t TxOk; 417 uint64_t RxOk; 418 uint64_t TxERR; 419 uint32_t RxERR; 420 uint16_t MissPkt; 421 uint16_t FAE; 422 uint32_t Tx1Col; 423 uint32_t TxMCol; 424 uint64_t RxOkPhy; 425 uint64_t RxOkBrd; 426 uint32_t RxOkMul; 427 uint16_t TxAbt; 428 uint16_t TxUndrn; 429} RTL8139TallyCounters; 430 431/* Clears all tally counters */ 432static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters); 433 434struct RTL8139State { 435 /*< private >*/ 436 PCIDevice parent_obj; 437 /*< public >*/ 438 439 uint8_t phys[8]; /* mac address */ 440 uint8_t mult[8]; /* multicast mask array */ 441 442 uint32_t TxStatus[4]; /* TxStatus0 in C mode*/ /* also DTCCR[0] and DTCCR[1] in C+ mode */ 443 uint32_t TxAddr[4]; /* TxAddr0 */ 444 uint32_t RxBuf; /* Receive buffer */ 445 uint32_t RxBufferSize;/* internal variable, receive ring buffer size in C mode */ 446 uint32_t RxBufPtr; 447 uint32_t RxBufAddr; 448 449 uint16_t IntrStatus; 450 uint16_t IntrMask; 451 452 uint32_t TxConfig; 453 uint32_t RxConfig; 454 uint32_t RxMissed; 455 456 uint16_t CSCR; 457 458 uint8_t Cfg9346; 459 uint8_t Config0; 460 uint8_t Config1; 461 uint8_t Config3; 462 uint8_t Config4; 463 uint8_t Config5; 464 465 uint8_t clock_enabled; 466 uint8_t bChipCmdState; 467 468 uint16_t MultiIntr; 469 470 uint16_t BasicModeCtrl; 471 uint16_t BasicModeStatus; 472 uint16_t NWayAdvert; 473 uint16_t NWayLPAR; 474 uint16_t NWayExpansion; 475 476 uint16_t CpCmd; 477 uint8_t TxThresh; 478 479 NICState *nic; 480 NICConf conf; 481 482 /* C ring mode */ 483 uint32_t currTxDesc; 484 485 /* C+ mode */ 486 uint32_t cplus_enabled; 487 488 uint32_t currCPlusRxDesc; 489 uint32_t currCPlusTxDesc; 490 491 uint32_t RxRingAddrLO; 492 uint32_t RxRingAddrHI; 493 494 EEprom9346 eeprom; 495 496 uint32_t TCTR; 497 uint32_t TimerInt; 498 int64_t TCTR_base; 499 500 /* Tally counters */ 501 RTL8139TallyCounters tally_counters; 502 503 /* Non-persistent data */ 504 uint8_t *cplus_txbuffer; 505 int cplus_txbuffer_len; 506 int cplus_txbuffer_offset; 507 508 /* PCI interrupt timer */ 509 QEMUTimer *timer; 510 511 MemoryRegion bar_io; 512 MemoryRegion bar_mem; 513 514 /* Support migration to/from old versions */ 515 int rtl8139_mmio_io_addr_dummy; 516}; 517 518/* Writes tally counters to memory via DMA */ 519static void RTL8139TallyCounters_dma_write(RTL8139State *s, dma_addr_t tc_addr); 520 521static void rtl8139_set_next_tctr_time(RTL8139State *s); 522 523static void prom9346_decode_command(EEprom9346 *eeprom, uint8_t command) 524{ 525 DPRINTF("eeprom command 0x%02x\n", command); 526 527 switch (command & Chip9346_op_mask) 528 { 529 case Chip9346_op_read: 530 { 531 eeprom->address = command & EEPROM_9346_ADDR_MASK; 532 eeprom->output = eeprom->contents[eeprom->address]; 533 eeprom->eedo = 0; 534 eeprom->tick = 0; 535 eeprom->mode = Chip9346_data_read; 536 DPRINTF("eeprom read from address 0x%02x data=0x%04x\n", 537 eeprom->address, eeprom->output); 538 } 539 break; 540 541 case Chip9346_op_write: 542 { 543 eeprom->address = command & EEPROM_9346_ADDR_MASK; 544 eeprom->input = 0; 545 eeprom->tick = 0; 546 eeprom->mode = Chip9346_none; /* Chip9346_data_write */ 547 DPRINTF("eeprom begin write to address 0x%02x\n", 548 eeprom->address); 549 } 550 break; 551 default: 552 eeprom->mode = Chip9346_none; 553 switch (command & Chip9346_op_ext_mask) 554 { 555 case Chip9346_op_write_enable: 556 DPRINTF("eeprom write enabled\n"); 557 break; 558 case Chip9346_op_write_all: 559 DPRINTF("eeprom begin write all\n"); 560 break; 561 case Chip9346_op_write_disable: 562 DPRINTF("eeprom write disabled\n"); 563 break; 564 } 565 break; 566 } 567} 568 569static void prom9346_shift_clock(EEprom9346 *eeprom) 570{ 571 int bit = eeprom->eedi?1:0; 572 573 ++ eeprom->tick; 574 575 DPRINTF("eeprom: tick %d eedi=%d eedo=%d\n", eeprom->tick, eeprom->eedi, 576 eeprom->eedo); 577 578 switch (eeprom->mode) 579 { 580 case Chip9346_enter_command_mode: 581 if (bit) 582 { 583 eeprom->mode = Chip9346_read_command; 584 eeprom->tick = 0; 585 eeprom->input = 0; 586 DPRINTF("eeprom: +++ synchronized, begin command read\n"); 587 } 588 break; 589 590 case Chip9346_read_command: 591 eeprom->input = (eeprom->input << 1) | (bit & 1); 592 if (eeprom->tick == 8) 593 { 594 prom9346_decode_command(eeprom, eeprom->input & 0xff); 595 } 596 break; 597 598 case Chip9346_data_read: 599 eeprom->eedo = (eeprom->output & 0x8000)?1:0; 600 eeprom->output <<= 1; 601 if (eeprom->tick == 16) 602 { 603#if 1 604 // the FreeBSD drivers (rl and re) don't explicitly toggle 605 // CS between reads (or does setting Cfg9346 to 0 count too?), 606 // so we need to enter wait-for-command state here 607 eeprom->mode = Chip9346_enter_command_mode; 608 eeprom->input = 0; 609 eeprom->tick = 0; 610 611 DPRINTF("eeprom: +++ end of read, awaiting next command\n"); 612#else 613 // original behaviour 614 ++eeprom->address; 615 eeprom->address &= EEPROM_9346_ADDR_MASK; 616 eeprom->output = eeprom->contents[eeprom->address]; 617 eeprom->tick = 0; 618 619 DPRINTF("eeprom: +++ read next address 0x%02x data=0x%04x\n", 620 eeprom->address, eeprom->output); 621#endif 622 } 623 break; 624 625 case Chip9346_data_write: 626 eeprom->input = (eeprom->input << 1) | (bit & 1); 627 if (eeprom->tick == 16) 628 { 629 DPRINTF("eeprom write to address 0x%02x data=0x%04x\n", 630 eeprom->address, eeprom->input); 631 632 eeprom->contents[eeprom->address] = eeprom->input; 633 eeprom->mode = Chip9346_none; /* waiting for next command after CS cycle */ 634 eeprom->tick = 0; 635 eeprom->input = 0; 636 } 637 break; 638 639 case Chip9346_data_write_all: 640 eeprom->input = (eeprom->input << 1) | (bit & 1); 641 if (eeprom->tick == 16) 642 { 643 int i; 644 for (i = 0; i < EEPROM_9346_SIZE; i++) 645 { 646 eeprom->contents[i] = eeprom->input; 647 } 648 DPRINTF("eeprom filled with data=0x%04x\n", eeprom->input); 649 650 eeprom->mode = Chip9346_enter_command_mode; 651 eeprom->tick = 0; 652 eeprom->input = 0; 653 } 654 break; 655 656 default: 657 break; 658 } 659} 660 661static int prom9346_get_wire(RTL8139State *s) 662{ 663 EEprom9346 *eeprom = &s->eeprom; 664 if (!eeprom->eecs) 665 return 0; 666 667 return eeprom->eedo; 668} 669 670/* FIXME: This should be merged into/replaced by eeprom93xx.c. */ 671static void prom9346_set_wire(RTL8139State *s, int eecs, int eesk, int eedi) 672{ 673 EEprom9346 *eeprom = &s->eeprom; 674 uint8_t old_eecs = eeprom->eecs; 675 uint8_t old_eesk = eeprom->eesk; 676 677 eeprom->eecs = eecs; 678 eeprom->eesk = eesk; 679 eeprom->eedi = eedi; 680 681 DPRINTF("eeprom: +++ wires CS=%d SK=%d DI=%d DO=%d\n", eeprom->eecs, 682 eeprom->eesk, eeprom->eedi, eeprom->eedo); 683 684 if (!old_eecs && eecs) 685 { 686 /* Synchronize start */ 687 eeprom->tick = 0; 688 eeprom->input = 0; 689 eeprom->output = 0; 690 eeprom->mode = Chip9346_enter_command_mode; 691 692 DPRINTF("=== eeprom: begin access, enter command mode\n"); 693 } 694 695 if (!eecs) 696 { 697 DPRINTF("=== eeprom: end access\n"); 698 return; 699 } 700 701 if (!old_eesk && eesk) 702 { 703 /* SK front rules */ 704 prom9346_shift_clock(eeprom); 705 } 706} 707 708static void rtl8139_update_irq(RTL8139State *s) 709{ 710 PCIDevice *d = PCI_DEVICE(s); 711 int isr; 712 isr = (s->IntrStatus & s->IntrMask) & 0xffff; 713 714 DPRINTF("Set IRQ to %d (%04x %04x)\n", isr ? 1 : 0, s->IntrStatus, 715 s->IntrMask); 716 717 pci_set_irq(d, (isr != 0)); 718} 719 720static int rtl8139_RxWrap(RTL8139State *s) 721{ 722 /* wrapping enabled; assume 1.5k more buffer space if size < 65536 */ 723 return (s->RxConfig & (1 << 7)); 724} 725 726static int rtl8139_receiver_enabled(RTL8139State *s) 727{ 728 return s->bChipCmdState & CmdRxEnb; 729} 730 731static int rtl8139_transmitter_enabled(RTL8139State *s) 732{ 733 return s->bChipCmdState & CmdTxEnb; 734} 735 736static int rtl8139_cp_receiver_enabled(RTL8139State *s) 737{ 738 return s->CpCmd & CPlusRxEnb; 739} 740 741static int rtl8139_cp_transmitter_enabled(RTL8139State *s) 742{ 743 return s->CpCmd & CPlusTxEnb; 744} 745 746static void rtl8139_write_buffer(RTL8139State *s, const void *buf, int size) 747{ 748 PCIDevice *d = PCI_DEVICE(s); 749 750 if (s->RxBufAddr + size > s->RxBufferSize) 751 { 752 int wrapped = MOD2(s->RxBufAddr + size, s->RxBufferSize); 753 754 /* write packet data */ 755 if (wrapped && !(s->RxBufferSize < 65536 && rtl8139_RxWrap(s))) 756 { 757 DPRINTF(">>> rx packet wrapped in buffer at %d\n", size - wrapped); 758 759 if (size > wrapped) 760 { 761 pci_dma_write(d, s->RxBuf + s->RxBufAddr, 762 buf, size-wrapped); 763 } 764 765 /* reset buffer pointer */ 766 s->RxBufAddr = 0; 767 768 pci_dma_write(d, s->RxBuf + s->RxBufAddr, 769 buf + (size-wrapped), wrapped); 770 771 s->RxBufAddr = wrapped; 772 773 return; 774 } 775 } 776 777 /* non-wrapping path or overwrapping enabled */ 778 pci_dma_write(d, s->RxBuf + s->RxBufAddr, buf, size); 779 780 s->RxBufAddr += size; 781} 782 783#define MIN_BUF_SIZE 60 784static inline dma_addr_t rtl8139_addr64(uint32_t low, uint32_t high) 785{ 786 return low | ((uint64_t)high << 32); 787} 788 789/* Workaround for buggy guest driver such as linux who allocates rx 790 * rings after the receiver were enabled. */ 791static bool rtl8139_cp_rx_valid(RTL8139State *s) 792{ 793 return !(s->RxRingAddrLO == 0 && s->RxRingAddrHI == 0); 794} 795 796static bool rtl8139_can_receive(NetClientState *nc) 797{ 798 RTL8139State *s = qemu_get_nic_opaque(nc); 799 int avail; 800 801 /* Receive (drop) packets if card is disabled. */ 802 if (!s->clock_enabled) { 803 return true; 804 } 805 if (!rtl8139_receiver_enabled(s)) { 806 return true; 807 } 808 809 if (rtl8139_cp_receiver_enabled(s) && rtl8139_cp_rx_valid(s)) { 810 /* ??? Flow control not implemented in c+ mode. 811 This is a hack to work around slirp deficiencies anyway. */ 812 return true; 813 } 814 815 avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr, 816 s->RxBufferSize); 817 return avail == 0 || avail >= 1514 || (s->IntrMask & RxOverflow); 818} 819 820static ssize_t rtl8139_do_receive(NetClientState *nc, const uint8_t *buf, size_t size_, int do_interrupt) 821{ 822 RTL8139State *s = qemu_get_nic_opaque(nc); 823 PCIDevice *d = PCI_DEVICE(s); 824 /* size is the length of the buffer passed to the driver */ 825 size_t size = size_; 826 const uint8_t *dot1q_buf = NULL; 827 828 uint32_t packet_header = 0; 829 830 uint8_t buf1[MIN_BUF_SIZE + VLAN_HLEN]; 831 static const uint8_t broadcast_macaddr[6] = 832 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 833 834 DPRINTF(">>> received len=%zu\n", size); 835 836 /* test if board clock is stopped */ 837 if (!s->clock_enabled) 838 { 839 DPRINTF("stopped ==========================\n"); 840 return -1; 841 } 842 843 /* first check if receiver is enabled */ 844 845 if (!rtl8139_receiver_enabled(s)) 846 { 847 DPRINTF("receiver disabled ================\n"); 848 return -1; 849 } 850 851 /* XXX: check this */ 852 if (s->RxConfig & AcceptAllPhys) { 853 /* promiscuous: receive all */ 854 DPRINTF(">>> packet received in promiscuous mode\n"); 855 856 } else { 857 if (!memcmp(buf, broadcast_macaddr, 6)) { 858 /* broadcast address */ 859 if (!(s->RxConfig & AcceptBroadcast)) 860 { 861 DPRINTF(">>> broadcast packet rejected\n"); 862 863 /* update tally counter */ 864 ++s->tally_counters.RxERR; 865 866 return size; 867 } 868 869 packet_header |= RxBroadcast; 870 871 DPRINTF(">>> broadcast packet received\n"); 872 873 /* update tally counter */ 874 ++s->tally_counters.RxOkBrd; 875 876 } else if (buf[0] & 0x01) { 877 /* multicast */ 878 if (!(s->RxConfig & AcceptMulticast)) 879 { 880 DPRINTF(">>> multicast packet rejected\n"); 881 882 /* update tally counter */ 883 ++s->tally_counters.RxERR; 884 885 return size; 886 } 887 888 int mcast_idx = net_crc32(buf, ETH_ALEN) >> 26; 889 890 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7)))) 891 { 892 DPRINTF(">>> multicast address mismatch\n"); 893 894 /* update tally counter */ 895 ++s->tally_counters.RxERR; 896 897 return size; 898 } 899 900 packet_header |= RxMulticast; 901 902 DPRINTF(">>> multicast packet received\n"); 903 904 /* update tally counter */ 905 ++s->tally_counters.RxOkMul; 906 907 } else if (s->phys[0] == buf[0] && 908 s->phys[1] == buf[1] && 909 s->phys[2] == buf[2] && 910 s->phys[3] == buf[3] && 911 s->phys[4] == buf[4] && 912 s->phys[5] == buf[5]) { 913 /* match */ 914 if (!(s->RxConfig & AcceptMyPhys)) 915 { 916 DPRINTF(">>> rejecting physical address matching packet\n"); 917 918 /* update tally counter */ 919 ++s->tally_counters.RxERR; 920 921 return size; 922 } 923 924 packet_header |= RxPhysical; 925 926 DPRINTF(">>> physical address matching packet received\n"); 927 928 /* update tally counter */ 929 ++s->tally_counters.RxOkPhy; 930 931 } else { 932 933 DPRINTF(">>> unknown packet\n"); 934 935 /* update tally counter */ 936 ++s->tally_counters.RxERR; 937 938 return size; 939 } 940 } 941 942 /* if too small buffer, then expand it 943 * Include some tailroom in case a vlan tag is later removed. */ 944 if (size < MIN_BUF_SIZE + VLAN_HLEN) { 945 memcpy(buf1, buf, size); 946 memset(buf1 + size, 0, MIN_BUF_SIZE + VLAN_HLEN - size); 947 buf = buf1; 948 if (size < MIN_BUF_SIZE) { 949 size = MIN_BUF_SIZE; 950 } 951 } 952 953 if (rtl8139_cp_receiver_enabled(s)) 954 { 955 if (!rtl8139_cp_rx_valid(s)) { 956 return size; 957 } 958 959 DPRINTF("in C+ Rx mode ================\n"); 960 961 /* begin C+ receiver mode */ 962 963/* w0 ownership flag */ 964#define CP_RX_OWN (1<<31) 965/* w0 end of ring flag */ 966#define CP_RX_EOR (1<<30) 967/* w0 bits 0...12 : buffer size */ 968#define CP_RX_BUFFER_SIZE_MASK ((1<<13) - 1) 969/* w1 tag available flag */ 970#define CP_RX_TAVA (1<<16) 971/* w1 bits 0...15 : VLAN tag */ 972#define CP_RX_VLAN_TAG_MASK ((1<<16) - 1) 973/* w2 low 32bit of Rx buffer ptr */ 974/* w3 high 32bit of Rx buffer ptr */ 975 976 int descriptor = s->currCPlusRxDesc; 977 dma_addr_t cplus_rx_ring_desc; 978 979 cplus_rx_ring_desc = rtl8139_addr64(s->RxRingAddrLO, s->RxRingAddrHI); 980 cplus_rx_ring_desc += 16 * descriptor; 981 982 DPRINTF("+++ C+ mode reading RX descriptor %d from host memory at " 983 "%08x %08x = "DMA_ADDR_FMT"\n", descriptor, s->RxRingAddrHI, 984 s->RxRingAddrLO, cplus_rx_ring_desc); 985 986 uint32_t val, rxdw0,rxdw1,rxbufLO,rxbufHI; 987 988 pci_dma_read(d, cplus_rx_ring_desc, &val, 4); 989 rxdw0 = le32_to_cpu(val); 990 pci_dma_read(d, cplus_rx_ring_desc+4, &val, 4); 991 rxdw1 = le32_to_cpu(val); 992 pci_dma_read(d, cplus_rx_ring_desc+8, &val, 4); 993 rxbufLO = le32_to_cpu(val); 994 pci_dma_read(d, cplus_rx_ring_desc+12, &val, 4); 995 rxbufHI = le32_to_cpu(val); 996 997 DPRINTF("+++ C+ mode RX descriptor %d %08x %08x %08x %08x\n", 998 descriptor, rxdw0, rxdw1, rxbufLO, rxbufHI); 999 1000 if (!(rxdw0 & CP_RX_OWN)) 1001 { 1002 DPRINTF("C+ Rx mode : descriptor %d is owned by host\n", 1003 descriptor); 1004 1005 s->IntrStatus |= RxOverflow; 1006 ++s->RxMissed; 1007 1008 /* update tally counter */ 1009 ++s->tally_counters.RxERR; 1010 ++s->tally_counters.MissPkt; 1011 1012 rtl8139_update_irq(s); 1013 return size_; 1014 } 1015 1016 uint32_t rx_space = rxdw0 & CP_RX_BUFFER_SIZE_MASK; 1017 1018 /* write VLAN info to descriptor variables. */ 1019 if (s->CpCmd & CPlusRxVLAN && 1020 lduw_be_p(&buf[ETH_ALEN * 2]) == ETH_P_VLAN) { 1021 dot1q_buf = &buf[ETH_ALEN * 2]; 1022 size -= VLAN_HLEN; 1023 /* if too small buffer, use the tailroom added duing expansion */ 1024 if (size < MIN_BUF_SIZE) { 1025 size = MIN_BUF_SIZE; 1026 } 1027 1028 rxdw1 &= ~CP_RX_VLAN_TAG_MASK; 1029 /* BE + ~le_to_cpu()~ + cpu_to_le() = BE */ 1030 rxdw1 |= CP_RX_TAVA | lduw_le_p(&dot1q_buf[ETHER_TYPE_LEN]); 1031 1032 DPRINTF("C+ Rx mode : extracted vlan tag with tci: ""%u\n", 1033 lduw_be_p(&dot1q_buf[ETHER_TYPE_LEN])); 1034 } else { 1035 /* reset VLAN tag flag */ 1036 rxdw1 &= ~CP_RX_TAVA; 1037 } 1038 1039 /* TODO: scatter the packet over available receive ring descriptors space */ 1040 1041 if (size+4 > rx_space) 1042 { 1043 DPRINTF("C+ Rx mode : descriptor %d size %d received %zu + 4\n", 1044 descriptor, rx_space, size); 1045 1046 s->IntrStatus |= RxOverflow; 1047 ++s->RxMissed; 1048 1049 /* update tally counter */ 1050 ++s->tally_counters.RxERR; 1051 ++s->tally_counters.MissPkt; 1052 1053 rtl8139_update_irq(s); 1054 return size_; 1055 } 1056 1057 dma_addr_t rx_addr = rtl8139_addr64(rxbufLO, rxbufHI); 1058 1059 /* receive/copy to target memory */ 1060 if (dot1q_buf) { 1061 pci_dma_write(d, rx_addr, buf, 2 * ETH_ALEN); 1062 pci_dma_write(d, rx_addr + 2 * ETH_ALEN, 1063 buf + 2 * ETH_ALEN + VLAN_HLEN, 1064 size - 2 * ETH_ALEN); 1065 } else { 1066 pci_dma_write(d, rx_addr, buf, size); 1067 } 1068 1069 if (s->CpCmd & CPlusRxChkSum) 1070 { 1071 /* do some packet checksumming */ 1072 } 1073 1074 /* write checksum */ 1075 val = cpu_to_le32(crc32(0, buf, size_)); 1076 pci_dma_write(d, rx_addr+size, (uint8_t *)&val, 4); 1077 1078/* first segment of received packet flag */ 1079#define CP_RX_STATUS_FS (1<<29) 1080/* last segment of received packet flag */ 1081#define CP_RX_STATUS_LS (1<<28) 1082/* multicast packet flag */ 1083#define CP_RX_STATUS_MAR (1<<26) 1084/* physical-matching packet flag */ 1085#define CP_RX_STATUS_PAM (1<<25) 1086/* broadcast packet flag */ 1087#define CP_RX_STATUS_BAR (1<<24) 1088/* runt packet flag */ 1089#define CP_RX_STATUS_RUNT (1<<19) 1090/* crc error flag */ 1091#define CP_RX_STATUS_CRC (1<<18) 1092/* IP checksum error flag */ 1093#define CP_RX_STATUS_IPF (1<<15) 1094/* UDP checksum error flag */ 1095#define CP_RX_STATUS_UDPF (1<<14) 1096/* TCP checksum error flag */ 1097#define CP_RX_STATUS_TCPF (1<<13) 1098 1099 /* transfer ownership to target */ 1100 rxdw0 &= ~CP_RX_OWN; 1101 1102 /* set first segment bit */ 1103 rxdw0 |= CP_RX_STATUS_FS; 1104 1105 /* set last segment bit */ 1106 rxdw0 |= CP_RX_STATUS_LS; 1107 1108 /* set received packet type flags */ 1109 if (packet_header & RxBroadcast) 1110 rxdw0 |= CP_RX_STATUS_BAR; 1111 if (packet_header & RxMulticast) 1112 rxdw0 |= CP_RX_STATUS_MAR; 1113 if (packet_header & RxPhysical) 1114 rxdw0 |= CP_RX_STATUS_PAM; 1115 1116 /* set received size */ 1117 rxdw0 &= ~CP_RX_BUFFER_SIZE_MASK; 1118 rxdw0 |= (size+4); 1119 1120 /* update ring data */ 1121 val = cpu_to_le32(rxdw0); 1122 pci_dma_write(d, cplus_rx_ring_desc, (uint8_t *)&val, 4); 1123 val = cpu_to_le32(rxdw1); 1124 pci_dma_write(d, cplus_rx_ring_desc+4, (uint8_t *)&val, 4); 1125 1126 /* update tally counter */ 1127 ++s->tally_counters.RxOk; 1128 1129 /* seek to next Rx descriptor */ 1130 if (rxdw0 & CP_RX_EOR) 1131 { 1132 s->currCPlusRxDesc = 0; 1133 } 1134 else 1135 { 1136 ++s->currCPlusRxDesc; 1137 } 1138 1139 DPRINTF("done C+ Rx mode ----------------\n"); 1140 1141 } 1142 else 1143 { 1144 DPRINTF("in ring Rx mode ================\n"); 1145 1146 /* begin ring receiver mode */ 1147 int avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr, s->RxBufferSize); 1148 1149 /* if receiver buffer is empty then avail == 0 */ 1150 1151#define RX_ALIGN(x) (((x) + 3) & ~0x3) 1152 1153 if (avail != 0 && RX_ALIGN(size + 8) >= avail) 1154 { 1155 DPRINTF("rx overflow: rx buffer length %d head 0x%04x " 1156 "read 0x%04x === available 0x%04x need 0x%04zx\n", 1157 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr, avail, size + 8); 1158 1159 s->IntrStatus |= RxOverflow; 1160 ++s->RxMissed; 1161 rtl8139_update_irq(s); 1162 return 0; 1163 } 1164 1165 packet_header |= RxStatusOK; 1166 1167 packet_header |= (((size+4) << 16) & 0xffff0000); 1168 1169 /* write header */ 1170 uint32_t val = cpu_to_le32(packet_header); 1171 1172 rtl8139_write_buffer(s, (uint8_t *)&val, 4); 1173 1174 rtl8139_write_buffer(s, buf, size); 1175 1176 /* write checksum */ 1177 val = cpu_to_le32(crc32(0, buf, size)); 1178 rtl8139_write_buffer(s, (uint8_t *)&val, 4); 1179 1180 /* correct buffer write pointer */ 1181 s->RxBufAddr = MOD2(RX_ALIGN(s->RxBufAddr), s->RxBufferSize); 1182 1183 /* now we can signal we have received something */ 1184 1185 DPRINTF("received: rx buffer length %d head 0x%04x read 0x%04x\n", 1186 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr); 1187 } 1188 1189 s->IntrStatus |= RxOK; 1190 1191 if (do_interrupt) 1192 { 1193 rtl8139_update_irq(s); 1194 } 1195 1196 return size_; 1197} 1198 1199static ssize_t rtl8139_receive(NetClientState *nc, const uint8_t *buf, size_t size) 1200{ 1201 return rtl8139_do_receive(nc, buf, size, 1); 1202} 1203 1204static void rtl8139_reset_rxring(RTL8139State *s, uint32_t bufferSize) 1205{ 1206 s->RxBufferSize = bufferSize; 1207 s->RxBufPtr = 0; 1208 s->RxBufAddr = 0; 1209} 1210 1211static void rtl8139_reset_phy(RTL8139State *s) 1212{ 1213 s->BasicModeStatus = 0x7809; 1214 s->BasicModeStatus |= 0x0020; /* autonegotiation completed */ 1215 /* preserve link state */ 1216 s->BasicModeStatus |= qemu_get_queue(s->nic)->link_down ? 0 : 0x04; 1217 1218 s->NWayAdvert = 0x05e1; /* all modes, full duplex */ 1219 s->NWayLPAR = 0x05e1; /* all modes, full duplex */ 1220 s->NWayExpansion = 0x0001; /* autonegotiation supported */ 1221 1222 s->CSCR = CSCR_F_LINK_100 | CSCR_HEART_BIT | CSCR_LD; 1223} 1224 1225static void rtl8139_reset(DeviceState *d) 1226{ 1227 RTL8139State *s = RTL8139(d); 1228 int i; 1229 1230 /* restore MAC address */ 1231 memcpy(s->phys, s->conf.macaddr.a, 6); 1232 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->phys); 1233 1234 /* reset interrupt mask */ 1235 s->IntrStatus = 0; 1236 s->IntrMask = 0; 1237 1238 rtl8139_update_irq(s); 1239 1240 /* mark all status registers as owned by host */ 1241 for (i = 0; i < 4; ++i) 1242 { 1243 s->TxStatus[i] = TxHostOwns; 1244 } 1245 1246 s->currTxDesc = 0; 1247 s->currCPlusRxDesc = 0; 1248 s->currCPlusTxDesc = 0; 1249 1250 s->RxRingAddrLO = 0; 1251 s->RxRingAddrHI = 0; 1252 1253 s->RxBuf = 0; 1254 1255 rtl8139_reset_rxring(s, 8192); 1256 1257 /* ACK the reset */ 1258 s->TxConfig = 0; 1259 1260#if 0 1261// s->TxConfig |= HW_REVID(1, 0, 0, 0, 0, 0, 0); // RTL-8139 HasHltClk 1262 s->clock_enabled = 0; 1263#else 1264 s->TxConfig |= HW_REVID(1, 1, 1, 0, 1, 1, 0); // RTL-8139C+ HasLWake 1265 s->clock_enabled = 1; 1266#endif 1267 1268 s->bChipCmdState = CmdReset; /* RxBufEmpty bit is calculated on read from ChipCmd */; 1269 1270 /* set initial state data */ 1271 s->Config0 = 0x0; /* No boot ROM */ 1272 s->Config1 = 0xC; /* IO mapped and MEM mapped registers available */ 1273 s->Config3 = 0x1; /* fast back-to-back compatible */ 1274 s->Config5 = 0x0; 1275 1276 s->CpCmd = 0x0; /* reset C+ mode */ 1277 s->cplus_enabled = 0; 1278 1279// s->BasicModeCtrl = 0x3100; // 100Mbps, full duplex, autonegotiation 1280// s->BasicModeCtrl = 0x2100; // 100Mbps, full duplex 1281 s->BasicModeCtrl = 0x1000; // autonegotiation 1282 1283 rtl8139_reset_phy(s); 1284 1285 /* also reset timer and disable timer interrupt */ 1286 s->TCTR = 0; 1287 s->TimerInt = 0; 1288 s->TCTR_base = 0; 1289 rtl8139_set_next_tctr_time(s); 1290 1291 /* reset tally counters */ 1292 RTL8139TallyCounters_clear(&s->tally_counters); 1293} 1294 1295static void RTL8139TallyCounters_clear(RTL8139TallyCounters* counters) 1296{ 1297 counters->TxOk = 0; 1298 counters->RxOk = 0; 1299 counters->TxERR = 0; 1300 counters->RxERR = 0; 1301 counters->MissPkt = 0; 1302 counters->FAE = 0; 1303 counters->Tx1Col = 0; 1304 counters->TxMCol = 0; 1305 counters->RxOkPhy = 0; 1306 counters->RxOkBrd = 0; 1307 counters->RxOkMul = 0; 1308 counters->TxAbt = 0; 1309 counters->TxUndrn = 0; 1310} 1311 1312static void RTL8139TallyCounters_dma_write(RTL8139State *s, dma_addr_t tc_addr) 1313{ 1314 PCIDevice *d = PCI_DEVICE(s); 1315 RTL8139TallyCounters *tally_counters = &s->tally_counters; 1316 uint16_t val16; 1317 uint32_t val32; 1318 uint64_t val64; 1319 1320 val64 = cpu_to_le64(tally_counters->TxOk); 1321 pci_dma_write(d, tc_addr + 0, (uint8_t *)&val64, 8); 1322 1323 val64 = cpu_to_le64(tally_counters->RxOk); 1324 pci_dma_write(d, tc_addr + 8, (uint8_t *)&val64, 8); 1325 1326 val64 = cpu_to_le64(tally_counters->TxERR); 1327 pci_dma_write(d, tc_addr + 16, (uint8_t *)&val64, 8); 1328 1329 val32 = cpu_to_le32(tally_counters->RxERR); 1330 pci_dma_write(d, tc_addr + 24, (uint8_t *)&val32, 4); 1331 1332 val16 = cpu_to_le16(tally_counters->MissPkt); 1333 pci_dma_write(d, tc_addr + 28, (uint8_t *)&val16, 2); 1334 1335 val16 = cpu_to_le16(tally_counters->FAE); 1336 pci_dma_write(d, tc_addr + 30, (uint8_t *)&val16, 2); 1337 1338 val32 = cpu_to_le32(tally_counters->Tx1Col); 1339 pci_dma_write(d, tc_addr + 32, (uint8_t *)&val32, 4); 1340 1341 val32 = cpu_to_le32(tally_counters->TxMCol); 1342 pci_dma_write(d, tc_addr + 36, (uint8_t *)&val32, 4); 1343 1344 val64 = cpu_to_le64(tally_counters->RxOkPhy); 1345 pci_dma_write(d, tc_addr + 40, (uint8_t *)&val64, 8); 1346 1347 val64 = cpu_to_le64(tally_counters->RxOkBrd); 1348 pci_dma_write(d, tc_addr + 48, (uint8_t *)&val64, 8); 1349 1350 val32 = cpu_to_le32(tally_counters->RxOkMul); 1351 pci_dma_write(d, tc_addr + 56, (uint8_t *)&val32, 4); 1352 1353 val16 = cpu_to_le16(tally_counters->TxAbt); 1354 pci_dma_write(d, tc_addr + 60, (uint8_t *)&val16, 2); 1355 1356 val16 = cpu_to_le16(tally_counters->TxUndrn); 1357 pci_dma_write(d, tc_addr + 62, (uint8_t *)&val16, 2); 1358} 1359 1360static void rtl8139_ChipCmd_write(RTL8139State *s, uint32_t val) 1361{ 1362 DeviceState *d = DEVICE(s); 1363 1364 val &= 0xff; 1365 1366 DPRINTF("ChipCmd write val=0x%08x\n", val); 1367 1368 if (val & CmdReset) 1369 { 1370 DPRINTF("ChipCmd reset\n"); 1371 rtl8139_reset(d); 1372 } 1373 if (val & CmdRxEnb) 1374 { 1375 DPRINTF("ChipCmd enable receiver\n"); 1376 1377 s->currCPlusRxDesc = 0; 1378 } 1379 if (val & CmdTxEnb) 1380 { 1381 DPRINTF("ChipCmd enable transmitter\n"); 1382 1383 s->currCPlusTxDesc = 0; 1384 } 1385 1386 /* mask unwritable bits */ 1387 val = SET_MASKED(val, 0xe3, s->bChipCmdState); 1388 1389 /* Deassert reset pin before next read */ 1390 val &= ~CmdReset; 1391 1392 s->bChipCmdState = val; 1393} 1394 1395static int rtl8139_RxBufferEmpty(RTL8139State *s) 1396{ 1397 int unread = MOD2(s->RxBufferSize + s->RxBufAddr - s->RxBufPtr, s->RxBufferSize); 1398 1399 if (unread != 0) 1400 { 1401 DPRINTF("receiver buffer data available 0x%04x\n", unread); 1402 return 0; 1403 } 1404 1405 DPRINTF("receiver buffer is empty\n"); 1406 1407 return 1; 1408} 1409 1410static uint32_t rtl8139_ChipCmd_read(RTL8139State *s) 1411{ 1412 uint32_t ret = s->bChipCmdState; 1413 1414 if (rtl8139_RxBufferEmpty(s)) 1415 ret |= RxBufEmpty; 1416 1417 DPRINTF("ChipCmd read val=0x%04x\n", ret); 1418 1419 return ret; 1420} 1421 1422static void rtl8139_CpCmd_write(RTL8139State *s, uint32_t val) 1423{ 1424 val &= 0xffff; 1425 1426 DPRINTF("C+ command register write(w) val=0x%04x\n", val); 1427 1428 s->cplus_enabled = 1; 1429 1430 /* mask unwritable bits */ 1431 val = SET_MASKED(val, 0xff84, s->CpCmd); 1432 1433 s->CpCmd = val; 1434} 1435 1436static uint32_t rtl8139_CpCmd_read(RTL8139State *s) 1437{ 1438 uint32_t ret = s->CpCmd; 1439 1440 DPRINTF("C+ command register read(w) val=0x%04x\n", ret); 1441 1442 return ret; 1443} 1444 1445static void rtl8139_IntrMitigate_write(RTL8139State *s, uint32_t val) 1446{ 1447 DPRINTF("C+ IntrMitigate register write(w) val=0x%04x\n", val); 1448} 1449 1450static uint32_t rtl8139_IntrMitigate_read(RTL8139State *s) 1451{ 1452 uint32_t ret = 0; 1453 1454 DPRINTF("C+ IntrMitigate register read(w) val=0x%04x\n", ret); 1455 1456 return ret; 1457} 1458 1459static int rtl8139_config_writable(RTL8139State *s) 1460{ 1461 if ((s->Cfg9346 & Chip9346_op_mask) == Cfg9346_ConfigWrite) 1462 { 1463 return 1; 1464 } 1465 1466 DPRINTF("Configuration registers are write-protected\n"); 1467 1468 return 0; 1469} 1470 1471static void rtl8139_BasicModeCtrl_write(RTL8139State *s, uint32_t val) 1472{ 1473 val &= 0xffff; 1474 1475 DPRINTF("BasicModeCtrl register write(w) val=0x%04x\n", val); 1476 1477 /* mask unwritable bits */ 1478 uint32_t mask = 0xccff; 1479 1480 if (1 || !rtl8139_config_writable(s)) 1481 { 1482 /* Speed setting and autonegotiation enable bits are read-only */ 1483 mask |= 0x3000; 1484 /* Duplex mode setting is read-only */ 1485 mask |= 0x0100; 1486 } 1487 1488 if (val & 0x8000) { 1489 /* Reset PHY */ 1490 rtl8139_reset_phy(s); 1491 } 1492 1493 val = SET_MASKED(val, mask, s->BasicModeCtrl); 1494 1495 s->BasicModeCtrl = val; 1496} 1497 1498static uint32_t rtl8139_BasicModeCtrl_read(RTL8139State *s) 1499{ 1500 uint32_t ret = s->BasicModeCtrl; 1501 1502 DPRINTF("BasicModeCtrl register read(w) val=0x%04x\n", ret); 1503 1504 return ret; 1505} 1506 1507static void rtl8139_BasicModeStatus_write(RTL8139State *s, uint32_t val) 1508{ 1509 val &= 0xffff; 1510 1511 DPRINTF("BasicModeStatus register write(w) val=0x%04x\n", val); 1512 1513 /* mask unwritable bits */ 1514 val = SET_MASKED(val, 0xff3f, s->BasicModeStatus); 1515 1516 s->BasicModeStatus = val; 1517} 1518 1519static uint32_t rtl8139_BasicModeStatus_read(RTL8139State *s) 1520{ 1521 uint32_t ret = s->BasicModeStatus; 1522 1523 DPRINTF("BasicModeStatus register read(w) val=0x%04x\n", ret); 1524 1525 return ret; 1526} 1527 1528static void rtl8139_Cfg9346_write(RTL8139State *s, uint32_t val) 1529{ 1530 DeviceState *d = DEVICE(s); 1531 1532 val &= 0xff; 1533 1534 DPRINTF("Cfg9346 write val=0x%02x\n", val); 1535 1536 /* mask unwritable bits */ 1537 val = SET_MASKED(val, 0x31, s->Cfg9346); 1538 1539 uint32_t opmode = val & 0xc0; 1540 uint32_t eeprom_val = val & 0xf; 1541 1542 if (opmode == 0x80) { 1543 /* eeprom access */ 1544 int eecs = (eeprom_val & 0x08)?1:0; 1545 int eesk = (eeprom_val & 0x04)?1:0; 1546 int eedi = (eeprom_val & 0x02)?1:0; 1547 prom9346_set_wire(s, eecs, eesk, eedi); 1548 } else if (opmode == 0x40) { 1549 /* Reset. */ 1550 val = 0; 1551 rtl8139_reset(d); 1552 } 1553 1554 s->Cfg9346 = val; 1555} 1556 1557static uint32_t rtl8139_Cfg9346_read(RTL8139State *s) 1558{ 1559 uint32_t ret = s->Cfg9346; 1560 1561 uint32_t opmode = ret & 0xc0; 1562 1563 if (opmode == 0x80) 1564 { 1565 /* eeprom access */ 1566 int eedo = prom9346_get_wire(s); 1567 if (eedo) 1568 { 1569 ret |= 0x01; 1570 } 1571 else 1572 { 1573 ret &= ~0x01; 1574 } 1575 } 1576 1577 DPRINTF("Cfg9346 read val=0x%02x\n", ret); 1578 1579 return ret; 1580} 1581 1582static void rtl8139_Config0_write(RTL8139State *s, uint32_t val) 1583{ 1584 val &= 0xff; 1585 1586 DPRINTF("Config0 write val=0x%02x\n", val); 1587 1588 if (!rtl8139_config_writable(s)) { 1589 return; 1590 } 1591 1592 /* mask unwritable bits */ 1593 val = SET_MASKED(val, 0xf8, s->Config0); 1594 1595 s->Config0 = val; 1596} 1597 1598static uint32_t rtl8139_Config0_read(RTL8139State *s) 1599{ 1600 uint32_t ret = s->Config0; 1601 1602 DPRINTF("Config0 read val=0x%02x\n", ret); 1603 1604 return ret; 1605} 1606 1607static void rtl8139_Config1_write(RTL8139State *s, uint32_t val) 1608{ 1609 val &= 0xff; 1610 1611 DPRINTF("Config1 write val=0x%02x\n", val); 1612 1613 if (!rtl8139_config_writable(s)) { 1614 return; 1615 } 1616 1617 /* mask unwritable bits */ 1618 val = SET_MASKED(val, 0xC, s->Config1); 1619 1620 s->Config1 = val; 1621} 1622 1623static uint32_t rtl8139_Config1_read(RTL8139State *s) 1624{ 1625 uint32_t ret = s->Config1; 1626 1627 DPRINTF("Config1 read val=0x%02x\n", ret); 1628 1629 return ret; 1630} 1631 1632static void rtl8139_Config3_write(RTL8139State *s, uint32_t val) 1633{ 1634 val &= 0xff; 1635 1636 DPRINTF("Config3 write val=0x%02x\n", val); 1637 1638 if (!rtl8139_config_writable(s)) { 1639 return; 1640 } 1641 1642 /* mask unwritable bits */ 1643 val = SET_MASKED(val, 0x8F, s->Config3); 1644 1645 s->Config3 = val; 1646} 1647 1648static uint32_t rtl8139_Config3_read(RTL8139State *s) 1649{ 1650 uint32_t ret = s->Config3; 1651 1652 DPRINTF("Config3 read val=0x%02x\n", ret); 1653 1654 return ret; 1655} 1656 1657static void rtl8139_Config4_write(RTL8139State *s, uint32_t val) 1658{ 1659 val &= 0xff; 1660 1661 DPRINTF("Config4 write val=0x%02x\n", val); 1662 1663 if (!rtl8139_config_writable(s)) { 1664 return; 1665 } 1666 1667 /* mask unwritable bits */ 1668 val = SET_MASKED(val, 0x0a, s->Config4); 1669 1670 s->Config4 = val; 1671} 1672 1673static uint32_t rtl8139_Config4_read(RTL8139State *s) 1674{ 1675 uint32_t ret = s->Config4; 1676 1677 DPRINTF("Config4 read val=0x%02x\n", ret); 1678 1679 return ret; 1680} 1681 1682static void rtl8139_Config5_write(RTL8139State *s, uint32_t val) 1683{ 1684 val &= 0xff; 1685 1686 DPRINTF("Config5 write val=0x%02x\n", val); 1687 1688 /* mask unwritable bits */ 1689 val = SET_MASKED(val, 0x80, s->Config5); 1690 1691 s->Config5 = val; 1692} 1693 1694static uint32_t rtl8139_Config5_read(RTL8139State *s) 1695{ 1696 uint32_t ret = s->Config5; 1697 1698 DPRINTF("Config5 read val=0x%02x\n", ret); 1699 1700 return ret; 1701} 1702 1703static void rtl8139_TxConfig_write(RTL8139State *s, uint32_t val) 1704{ 1705 if (!rtl8139_transmitter_enabled(s)) 1706 { 1707 DPRINTF("transmitter disabled; no TxConfig write val=0x%08x\n", val); 1708 return; 1709 } 1710 1711 DPRINTF("TxConfig write val=0x%08x\n", val); 1712 1713 val = SET_MASKED(val, TxVersionMask | 0x8070f80f, s->TxConfig); 1714 1715 s->TxConfig = val; 1716} 1717 1718static void rtl8139_TxConfig_writeb(RTL8139State *s, uint32_t val) 1719{ 1720 DPRINTF("RTL8139C TxConfig via write(b) val=0x%02x\n", val); 1721 1722 uint32_t tc = s->TxConfig; 1723 tc &= 0xFFFFFF00; 1724 tc |= (val & 0x000000FF); 1725 rtl8139_TxConfig_write(s, tc); 1726} 1727 1728static uint32_t rtl8139_TxConfig_read(RTL8139State *s) 1729{ 1730 uint32_t ret = s->TxConfig; 1731 1732 DPRINTF("TxConfig read val=0x%04x\n", ret); 1733 1734 return ret; 1735} 1736 1737static void rtl8139_RxConfig_write(RTL8139State *s, uint32_t val) 1738{ 1739 DPRINTF("RxConfig write val=0x%08x\n", val); 1740 1741 /* mask unwritable bits */ 1742 val = SET_MASKED(val, 0xf0fc0040, s->RxConfig); 1743 1744 s->RxConfig = val; 1745 1746 /* reset buffer size and read/write pointers */ 1747 rtl8139_reset_rxring(s, 8192 << ((s->RxConfig >> 11) & 0x3)); 1748 1749 DPRINTF("RxConfig write reset buffer size to %d\n", s->RxBufferSize); 1750} 1751 1752static uint32_t rtl8139_RxConfig_read(RTL8139State *s) 1753{ 1754 uint32_t ret = s->RxConfig; 1755 1756 DPRINTF("RxConfig read val=0x%08x\n", ret); 1757 1758 return ret; 1759} 1760 1761static void rtl8139_transfer_frame(RTL8139State *s, uint8_t *buf, int size, 1762 int do_interrupt, const uint8_t *dot1q_buf) 1763{ 1764 struct iovec *iov = NULL; 1765 struct iovec vlan_iov[3]; 1766 1767 if (!size) 1768 { 1769 DPRINTF("+++ empty ethernet frame\n"); 1770 return; 1771 } 1772 1773 if (dot1q_buf && size >= ETH_ALEN * 2) { 1774 iov = (struct iovec[3]) { 1775 { .iov_base = buf, .iov_len = ETH_ALEN * 2 }, 1776 { .iov_base = (void *) dot1q_buf, .iov_len = VLAN_HLEN }, 1777 { .iov_base = buf + ETH_ALEN * 2, 1778 .iov_len = size - ETH_ALEN * 2 }, 1779 }; 1780 1781 memcpy(vlan_iov, iov, sizeof(vlan_iov)); 1782 iov = vlan_iov; 1783 } 1784 1785 if (TxLoopBack == (s->TxConfig & TxLoopBack)) 1786 { 1787 size_t buf2_size; 1788 uint8_t *buf2; 1789 1790 if (iov) { 1791 buf2_size = iov_size(iov, 3); 1792 buf2 = g_malloc(buf2_size); 1793 iov_to_buf(iov, 3, 0, buf2, buf2_size); 1794 buf = buf2; 1795 } 1796 1797 DPRINTF("+++ transmit loopback mode\n"); 1798 qemu_receive_packet(qemu_get_queue(s->nic), buf, size); 1799 1800 if (iov) { 1801 g_free(buf2); 1802 } 1803 } 1804 else 1805 { 1806 if (iov) { 1807 qemu_sendv_packet(qemu_get_queue(s->nic), iov, 3); 1808 } else { 1809 qemu_send_packet(qemu_get_queue(s->nic), buf, size); 1810 } 1811 } 1812} 1813 1814static int rtl8139_transmit_one(RTL8139State *s, int descriptor) 1815{ 1816 if (!rtl8139_transmitter_enabled(s)) 1817 { 1818 DPRINTF("+++ cannot transmit from descriptor %d: transmitter " 1819 "disabled\n", descriptor); 1820 return 0; 1821 } 1822 1823 if (s->TxStatus[descriptor] & TxHostOwns) 1824 { 1825 DPRINTF("+++ cannot transmit from descriptor %d: owned by host " 1826 "(%08x)\n", descriptor, s->TxStatus[descriptor]); 1827 return 0; 1828 } 1829 1830 DPRINTF("+++ transmitting from descriptor %d\n", descriptor); 1831 1832 PCIDevice *d = PCI_DEVICE(s); 1833 int txsize = s->TxStatus[descriptor] & 0x1fff; 1834 uint8_t txbuffer[0x2000]; 1835 1836 DPRINTF("+++ transmit reading %d bytes from host memory at 0x%08x\n", 1837 txsize, s->TxAddr[descriptor]); 1838 1839 pci_dma_read(d, s->TxAddr[descriptor], txbuffer, txsize); 1840 1841 /* Mark descriptor as transferred */ 1842 s->TxStatus[descriptor] |= TxHostOwns; 1843 s->TxStatus[descriptor] |= TxStatOK; 1844 1845 rtl8139_transfer_frame(s, txbuffer, txsize, 0, NULL); 1846 1847 DPRINTF("+++ transmitted %d bytes from descriptor %d\n", txsize, 1848 descriptor); 1849 1850 /* update interrupt */ 1851 s->IntrStatus |= TxOK; 1852 rtl8139_update_irq(s); 1853 1854 return 1; 1855} 1856 1857#define TCP_HEADER_CLEAR_FLAGS(tcp, off) ((tcp)->th_offset_flags &= cpu_to_be16(~TCP_FLAGS_ONLY(off))) 1858 1859/* produces ones' complement sum of data */ 1860static uint16_t ones_complement_sum(uint8_t *data, size_t len) 1861{ 1862 uint32_t result = 0; 1863 1864 for (; len > 1; data+=2, len-=2) 1865 { 1866 result += *(uint16_t*)data; 1867 } 1868 1869 /* add the remainder byte */ 1870 if (len) 1871 { 1872 uint8_t odd[2] = {*data, 0}; 1873 result += *(uint16_t*)odd; 1874 } 1875 1876 while (result>>16) 1877 result = (result & 0xffff) + (result >> 16); 1878 1879 return result; 1880} 1881 1882static uint16_t ip_checksum(void *data, size_t len) 1883{ 1884 return ~ones_complement_sum((uint8_t*)data, len); 1885} 1886 1887static int rtl8139_cplus_transmit_one(RTL8139State *s) 1888{ 1889 if (!rtl8139_transmitter_enabled(s)) 1890 { 1891 DPRINTF("+++ C+ mode: transmitter disabled\n"); 1892 return 0; 1893 } 1894 1895 if (!rtl8139_cp_transmitter_enabled(s)) 1896 { 1897 DPRINTF("+++ C+ mode: C+ transmitter disabled\n"); 1898 return 0 ; 1899 } 1900 1901 PCIDevice *d = PCI_DEVICE(s); 1902 int descriptor = s->currCPlusTxDesc; 1903 1904 dma_addr_t cplus_tx_ring_desc = rtl8139_addr64(s->TxAddr[0], s->TxAddr[1]); 1905 1906 /* Normal priority ring */ 1907 cplus_tx_ring_desc += 16 * descriptor; 1908 1909 DPRINTF("+++ C+ mode reading TX descriptor %d from host memory at " 1910 "%08x %08x = 0x"DMA_ADDR_FMT"\n", descriptor, s->TxAddr[1], 1911 s->TxAddr[0], cplus_tx_ring_desc); 1912 1913 uint32_t val, txdw0,txdw1,txbufLO,txbufHI; 1914 1915 pci_dma_read(d, cplus_tx_ring_desc, (uint8_t *)&val, 4); 1916 txdw0 = le32_to_cpu(val); 1917 pci_dma_read(d, cplus_tx_ring_desc+4, (uint8_t *)&val, 4); 1918 txdw1 = le32_to_cpu(val); 1919 pci_dma_read(d, cplus_tx_ring_desc+8, (uint8_t *)&val, 4); 1920 txbufLO = le32_to_cpu(val); 1921 pci_dma_read(d, cplus_tx_ring_desc+12, (uint8_t *)&val, 4); 1922 txbufHI = le32_to_cpu(val); 1923 1924 DPRINTF("+++ C+ mode TX descriptor %d %08x %08x %08x %08x\n", descriptor, 1925 txdw0, txdw1, txbufLO, txbufHI); 1926 1927/* w0 ownership flag */ 1928#define CP_TX_OWN (1<<31) 1929/* w0 end of ring flag */ 1930#define CP_TX_EOR (1<<30) 1931/* first segment of received packet flag */ 1932#define CP_TX_FS (1<<29) 1933/* last segment of received packet flag */ 1934#define CP_TX_LS (1<<28) 1935/* large send packet flag */ 1936#define CP_TX_LGSEN (1<<27) 1937/* large send MSS mask, bits 16...25 */ 1938#define CP_TC_LGSEN_MSS_MASK ((1 << 12) - 1) 1939 1940/* IP checksum offload flag */ 1941#define CP_TX_IPCS (1<<18) 1942/* UDP checksum offload flag */ 1943#define CP_TX_UDPCS (1<<17) 1944/* TCP checksum offload flag */ 1945#define CP_TX_TCPCS (1<<16) 1946 1947/* w0 bits 0...15 : buffer size */ 1948#define CP_TX_BUFFER_SIZE (1<<16) 1949#define CP_TX_BUFFER_SIZE_MASK (CP_TX_BUFFER_SIZE - 1) 1950/* w1 add tag flag */ 1951#define CP_TX_TAGC (1<<17) 1952/* w1 bits 0...15 : VLAN tag (big endian) */ 1953#define CP_TX_VLAN_TAG_MASK ((1<<16) - 1) 1954/* w2 low 32bit of Rx buffer ptr */ 1955/* w3 high 32bit of Rx buffer ptr */ 1956 1957/* set after transmission */ 1958/* FIFO underrun flag */ 1959#define CP_TX_STATUS_UNF (1<<25) 1960/* transmit error summary flag, valid if set any of three below */ 1961#define CP_TX_STATUS_TES (1<<23) 1962/* out-of-window collision flag */ 1963#define CP_TX_STATUS_OWC (1<<22) 1964/* link failure flag */ 1965#define CP_TX_STATUS_LNKF (1<<21) 1966/* excessive collisions flag */ 1967#define CP_TX_STATUS_EXC (1<<20) 1968 1969 if (!(txdw0 & CP_TX_OWN)) 1970 { 1971 DPRINTF("C+ Tx mode : descriptor %d is owned by host\n", descriptor); 1972 return 0 ; 1973 } 1974 1975 DPRINTF("+++ C+ Tx mode : transmitting from descriptor %d\n", descriptor); 1976 1977 if (txdw0 & CP_TX_FS) 1978 { 1979 DPRINTF("+++ C+ Tx mode : descriptor %d is first segment " 1980 "descriptor\n", descriptor); 1981 1982 /* reset internal buffer offset */ 1983 s->cplus_txbuffer_offset = 0; 1984 } 1985 1986 int txsize = txdw0 & CP_TX_BUFFER_SIZE_MASK; 1987 dma_addr_t tx_addr = rtl8139_addr64(txbufLO, txbufHI); 1988 1989 /* make sure we have enough space to assemble the packet */ 1990 if (!s->cplus_txbuffer) 1991 { 1992 s->cplus_txbuffer_len = CP_TX_BUFFER_SIZE; 1993 s->cplus_txbuffer = g_malloc(s->cplus_txbuffer_len); 1994 s->cplus_txbuffer_offset = 0; 1995 1996 DPRINTF("+++ C+ mode transmission buffer allocated space %d\n", 1997 s->cplus_txbuffer_len); 1998 } 1999 2000 if (s->cplus_txbuffer_offset + txsize >= s->cplus_txbuffer_len) 2001 { 2002 /* The spec didn't tell the maximum size, stick to CP_TX_BUFFER_SIZE */ 2003 txsize = s->cplus_txbuffer_len - s->cplus_txbuffer_offset; 2004 DPRINTF("+++ C+ mode transmission buffer overrun, truncated descriptor" 2005 "length to %d\n", txsize); 2006 } 2007 2008 /* append more data to the packet */ 2009 2010 DPRINTF("+++ C+ mode transmit reading %d bytes from host memory at " 2011 DMA_ADDR_FMT" to offset %d\n", txsize, tx_addr, 2012 s->cplus_txbuffer_offset); 2013 2014 pci_dma_read(d, tx_addr, 2015 s->cplus_txbuffer + s->cplus_txbuffer_offset, txsize); 2016 s->cplus_txbuffer_offset += txsize; 2017 2018 /* seek to next Rx descriptor */ 2019 if (txdw0 & CP_TX_EOR) 2020 { 2021 s->currCPlusTxDesc = 0; 2022 } 2023 else 2024 { 2025 ++s->currCPlusTxDesc; 2026 if (s->currCPlusTxDesc >= 64) 2027 s->currCPlusTxDesc = 0; 2028 } 2029 2030 /* transfer ownership to target */ 2031 txdw0 &= ~CP_TX_OWN; 2032 2033 /* reset error indicator bits */ 2034 txdw0 &= ~CP_TX_STATUS_UNF; 2035 txdw0 &= ~CP_TX_STATUS_TES; 2036 txdw0 &= ~CP_TX_STATUS_OWC; 2037 txdw0 &= ~CP_TX_STATUS_LNKF; 2038 txdw0 &= ~CP_TX_STATUS_EXC; 2039 2040 /* update ring data */ 2041 val = cpu_to_le32(txdw0); 2042 pci_dma_write(d, cplus_tx_ring_desc, (uint8_t *)&val, 4); 2043 2044 /* Now decide if descriptor being processed is holding the last segment of packet */ 2045 if (txdw0 & CP_TX_LS) 2046 { 2047 uint8_t dot1q_buffer_space[VLAN_HLEN]; 2048 uint16_t *dot1q_buffer; 2049 2050 DPRINTF("+++ C+ Tx mode : descriptor %d is last segment descriptor\n", 2051 descriptor); 2052 2053 /* can transfer fully assembled packet */ 2054 2055 uint8_t *saved_buffer = s->cplus_txbuffer; 2056 int saved_size = s->cplus_txbuffer_offset; 2057 int saved_buffer_len = s->cplus_txbuffer_len; 2058 2059 /* create vlan tag */ 2060 if (txdw1 & CP_TX_TAGC) { 2061 /* the vlan tag is in BE byte order in the descriptor 2062 * BE + le_to_cpu() + ~swap()~ = cpu */ 2063 DPRINTF("+++ C+ Tx mode : inserting vlan tag with ""tci: %u\n", 2064 bswap16(txdw1 & CP_TX_VLAN_TAG_MASK)); 2065 2066 dot1q_buffer = (uint16_t *) dot1q_buffer_space; 2067 dot1q_buffer[0] = cpu_to_be16(ETH_P_VLAN); 2068 /* BE + le_to_cpu() + ~cpu_to_le()~ = BE */ 2069 dot1q_buffer[1] = cpu_to_le16(txdw1 & CP_TX_VLAN_TAG_MASK); 2070 } else { 2071 dot1q_buffer = NULL; 2072 } 2073 2074 /* reset the card space to protect from recursive call */ 2075 s->cplus_txbuffer = NULL; 2076 s->cplus_txbuffer_offset = 0; 2077 s->cplus_txbuffer_len = 0; 2078 2079 if (txdw0 & (CP_TX_IPCS | CP_TX_UDPCS | CP_TX_TCPCS | CP_TX_LGSEN)) 2080 { 2081 DPRINTF("+++ C+ mode offloaded task checksum\n"); 2082 2083 /* Large enough for Ethernet and IP headers? */ 2084 if (saved_size < ETH_HLEN + sizeof(struct ip_header)) { 2085 goto skip_offload; 2086 } 2087 2088 /* ip packet header */ 2089 struct ip_header *ip = NULL; 2090 int hlen = 0; 2091 uint8_t ip_protocol = 0; 2092 uint16_t ip_data_len = 0; 2093 2094 uint8_t *eth_payload_data = NULL; 2095 size_t eth_payload_len = 0; 2096 2097 int proto = be16_to_cpu(*(uint16_t *)(saved_buffer + 12)); 2098 if (proto != ETH_P_IP) 2099 { 2100 goto skip_offload; 2101 } 2102 2103 DPRINTF("+++ C+ mode has IP packet\n"); 2104 2105 /* Note on memory alignment: eth_payload_data is 16-bit aligned 2106 * since saved_buffer is allocated with g_malloc() and ETH_HLEN is 2107 * even. 32-bit accesses must use ldl/stl wrappers to avoid 2108 * unaligned accesses. 2109 */ 2110 eth_payload_data = saved_buffer + ETH_HLEN; 2111 eth_payload_len = saved_size - ETH_HLEN; 2112 2113 ip = (struct ip_header*)eth_payload_data; 2114 2115 if (IP_HEADER_VERSION(ip) != IP_HEADER_VERSION_4) { 2116 DPRINTF("+++ C+ mode packet has bad IP version %d " 2117 "expected %d\n", IP_HEADER_VERSION(ip), 2118 IP_HEADER_VERSION_4); 2119 goto skip_offload; 2120 } 2121 2122 hlen = IP_HDR_GET_LEN(ip); 2123 if (hlen < sizeof(struct ip_header) || hlen > eth_payload_len) { 2124 goto skip_offload; 2125 } 2126 2127 ip_protocol = ip->ip_p; 2128 2129 ip_data_len = be16_to_cpu(ip->ip_len); 2130 if (ip_data_len < hlen || ip_data_len > eth_payload_len) { 2131 goto skip_offload; 2132 } 2133 ip_data_len -= hlen; 2134 2135 if (txdw0 & CP_TX_IPCS) 2136 { 2137 DPRINTF("+++ C+ mode need IP checksum\n"); 2138 2139 ip->ip_sum = 0; 2140 ip->ip_sum = ip_checksum(ip, hlen); 2141 DPRINTF("+++ C+ mode IP header len=%d checksum=%04x\n", 2142 hlen, ip->ip_sum); 2143 } 2144 2145 if ((txdw0 & CP_TX_LGSEN) && ip_protocol == IP_PROTO_TCP) 2146 { 2147 /* Large enough for the TCP header? */ 2148 if (ip_data_len < sizeof(tcp_header)) { 2149 goto skip_offload; 2150 } 2151 2152 int large_send_mss = (txdw0 >> 16) & CP_TC_LGSEN_MSS_MASK; 2153 2154 DPRINTF("+++ C+ mode offloaded task TSO MTU=%d IP data %d " 2155 "frame data %d specified MSS=%d\n", ETH_MTU, 2156 ip_data_len, saved_size - ETH_HLEN, large_send_mss); 2157 2158 int tcp_send_offset = 0; 2159 int send_count = 0; 2160 2161 /* maximum IP header length is 60 bytes */ 2162 uint8_t saved_ip_header[60]; 2163 2164 /* save IP header template; data area is used in tcp checksum calculation */ 2165 memcpy(saved_ip_header, eth_payload_data, hlen); 2166 2167 /* a placeholder for checksum calculation routine in tcp case */ 2168 uint8_t *data_to_checksum = eth_payload_data + hlen - 12; 2169 // size_t data_to_checksum_len = eth_payload_len - hlen + 12; 2170 2171 /* pointer to TCP header */ 2172 tcp_header *p_tcp_hdr = (tcp_header*)(eth_payload_data + hlen); 2173 2174 int tcp_hlen = TCP_HEADER_DATA_OFFSET(p_tcp_hdr); 2175 2176 /* Invalid TCP data offset? */ 2177 if (tcp_hlen < sizeof(tcp_header) || tcp_hlen > ip_data_len) { 2178 goto skip_offload; 2179 } 2180 2181 /* ETH_MTU = ip header len + tcp header len + payload */ 2182 int tcp_data_len = ip_data_len - tcp_hlen; 2183 int tcp_chunk_size = ETH_MTU - hlen - tcp_hlen; 2184 2185 DPRINTF("+++ C+ mode TSO IP data len %d TCP hlen %d TCP " 2186 "data len %d TCP chunk size %d\n", ip_data_len, 2187 tcp_hlen, tcp_data_len, tcp_chunk_size); 2188 2189 /* note the cycle below overwrites IP header data, 2190 but restores it from saved_ip_header before sending packet */ 2191 2192 int is_last_frame = 0; 2193 2194 for (tcp_send_offset = 0; tcp_send_offset < tcp_data_len; tcp_send_offset += tcp_chunk_size) 2195 { 2196 uint16_t chunk_size = tcp_chunk_size; 2197 2198 /* check if this is the last frame */ 2199 if (tcp_send_offset + tcp_chunk_size >= tcp_data_len) 2200 { 2201 is_last_frame = 1; 2202 chunk_size = tcp_data_len - tcp_send_offset; 2203 } 2204 2205 DPRINTF("+++ C+ mode TSO TCP seqno %08x\n", 2206 ldl_be_p(&p_tcp_hdr->th_seq)); 2207 2208 /* add 4 TCP pseudoheader fields */ 2209 /* copy IP source and destination fields */ 2210 memcpy(data_to_checksum, saved_ip_header + 12, 8); 2211 2212 DPRINTF("+++ C+ mode TSO calculating TCP checksum for " 2213 "packet with %d bytes data\n", tcp_hlen + 2214 chunk_size); 2215 2216 if (tcp_send_offset) 2217 { 2218 memcpy((uint8_t*)p_tcp_hdr + tcp_hlen, (uint8_t*)p_tcp_hdr + tcp_hlen + tcp_send_offset, chunk_size); 2219 } 2220 2221 /* keep PUSH and FIN flags only for the last frame */ 2222 if (!is_last_frame) 2223 { 2224 TCP_HEADER_CLEAR_FLAGS(p_tcp_hdr, TH_PUSH | TH_FIN); 2225 } 2226 2227 /* recalculate TCP checksum */ 2228 ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum; 2229 p_tcpip_hdr->zeros = 0; 2230 p_tcpip_hdr->ip_proto = IP_PROTO_TCP; 2231 p_tcpip_hdr->ip_payload = cpu_to_be16(tcp_hlen + chunk_size); 2232 2233 p_tcp_hdr->th_sum = 0; 2234 2235 int tcp_checksum = ip_checksum(data_to_checksum, tcp_hlen + chunk_size + 12); 2236 DPRINTF("+++ C+ mode TSO TCP checksum %04x\n", 2237 tcp_checksum); 2238 2239 p_tcp_hdr->th_sum = tcp_checksum; 2240 2241 /* restore IP header */ 2242 memcpy(eth_payload_data, saved_ip_header, hlen); 2243 2244 /* set IP data length and recalculate IP checksum */ 2245 ip->ip_len = cpu_to_be16(hlen + tcp_hlen + chunk_size); 2246 2247 /* increment IP id for subsequent frames */ 2248 ip->ip_id = cpu_to_be16(tcp_send_offset/tcp_chunk_size + be16_to_cpu(ip->ip_id)); 2249 2250 ip->ip_sum = 0; 2251 ip->ip_sum = ip_checksum(eth_payload_data, hlen); 2252 DPRINTF("+++ C+ mode TSO IP header len=%d " 2253 "checksum=%04x\n", hlen, ip->ip_sum); 2254 2255 int tso_send_size = ETH_HLEN + hlen + tcp_hlen + chunk_size; 2256 DPRINTF("+++ C+ mode TSO transferring packet size " 2257 "%d\n", tso_send_size); 2258 rtl8139_transfer_frame(s, saved_buffer, tso_send_size, 2259 0, (uint8_t *) dot1q_buffer); 2260 2261 /* add transferred count to TCP sequence number */ 2262 stl_be_p(&p_tcp_hdr->th_seq, 2263 chunk_size + ldl_be_p(&p_tcp_hdr->th_seq)); 2264 ++send_count; 2265 } 2266 2267 /* Stop sending this frame */ 2268 saved_size = 0; 2269 } 2270 else if (txdw0 & (CP_TX_TCPCS|CP_TX_UDPCS)) 2271 { 2272 DPRINTF("+++ C+ mode need TCP or UDP checksum\n"); 2273 2274 /* maximum IP header length is 60 bytes */ 2275 uint8_t saved_ip_header[60]; 2276 memcpy(saved_ip_header, eth_payload_data, hlen); 2277 2278 uint8_t *data_to_checksum = eth_payload_data + hlen - 12; 2279 // size_t data_to_checksum_len = eth_payload_len - hlen + 12; 2280 2281 /* add 4 TCP pseudoheader fields */ 2282 /* copy IP source and destination fields */ 2283 memcpy(data_to_checksum, saved_ip_header + 12, 8); 2284 2285 if ((txdw0 & CP_TX_TCPCS) && ip_protocol == IP_PROTO_TCP) 2286 { 2287 DPRINTF("+++ C+ mode calculating TCP checksum for " 2288 "packet with %d bytes data\n", ip_data_len); 2289 2290 ip_pseudo_header *p_tcpip_hdr = (ip_pseudo_header *)data_to_checksum; 2291 p_tcpip_hdr->zeros = 0; 2292 p_tcpip_hdr->ip_proto = IP_PROTO_TCP; 2293 p_tcpip_hdr->ip_payload = cpu_to_be16(ip_data_len); 2294 2295 tcp_header* p_tcp_hdr = (tcp_header *) (data_to_checksum+12); 2296 2297 p_tcp_hdr->th_sum = 0; 2298 2299 int tcp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12); 2300 DPRINTF("+++ C+ mode TCP checksum %04x\n", 2301 tcp_checksum); 2302 2303 p_tcp_hdr->th_sum = tcp_checksum; 2304 } 2305 else if ((txdw0 & CP_TX_UDPCS) && ip_protocol == IP_PROTO_UDP) 2306 { 2307 DPRINTF("+++ C+ mode calculating UDP checksum for " 2308 "packet with %d bytes data\n", ip_data_len); 2309 2310 ip_pseudo_header *p_udpip_hdr = (ip_pseudo_header *)data_to_checksum; 2311 p_udpip_hdr->zeros = 0; 2312 p_udpip_hdr->ip_proto = IP_PROTO_UDP; 2313 p_udpip_hdr->ip_payload = cpu_to_be16(ip_data_len); 2314 2315 udp_header *p_udp_hdr = (udp_header *) (data_to_checksum+12); 2316 2317 p_udp_hdr->uh_sum = 0; 2318 2319 int udp_checksum = ip_checksum(data_to_checksum, ip_data_len + 12); 2320 DPRINTF("+++ C+ mode UDP checksum %04x\n", 2321 udp_checksum); 2322 2323 p_udp_hdr->uh_sum = udp_checksum; 2324 } 2325 2326 /* restore IP header */ 2327 memcpy(eth_payload_data, saved_ip_header, hlen); 2328 } 2329 } 2330 2331skip_offload: 2332 /* update tally counter */ 2333 ++s->tally_counters.TxOk; 2334 2335 DPRINTF("+++ C+ mode transmitting %d bytes packet\n", saved_size); 2336 2337 rtl8139_transfer_frame(s, saved_buffer, saved_size, 1, 2338 (uint8_t *) dot1q_buffer); 2339 2340 /* restore card space if there was no recursion and reset offset */ 2341 if (!s->cplus_txbuffer) 2342 { 2343 s->cplus_txbuffer = saved_buffer; 2344 s->cplus_txbuffer_len = saved_buffer_len; 2345 s->cplus_txbuffer_offset = 0; 2346 } 2347 else 2348 { 2349 g_free(saved_buffer); 2350 } 2351 } 2352 else 2353 { 2354 DPRINTF("+++ C+ mode transmission continue to next descriptor\n"); 2355 } 2356 2357 return 1; 2358} 2359 2360static void rtl8139_cplus_transmit(RTL8139State *s) 2361{ 2362 int txcount = 0; 2363 2364 while (txcount < 64 && rtl8139_cplus_transmit_one(s)) 2365 { 2366 ++txcount; 2367 } 2368 2369 /* Mark transfer completed */ 2370 if (!txcount) 2371 { 2372 DPRINTF("C+ mode : transmitter queue stalled, current TxDesc = %d\n", 2373 s->currCPlusTxDesc); 2374 } 2375 else 2376 { 2377 /* update interrupt status */ 2378 s->IntrStatus |= TxOK; 2379 rtl8139_update_irq(s); 2380 } 2381} 2382 2383static void rtl8139_transmit(RTL8139State *s) 2384{ 2385 int descriptor = s->currTxDesc, txcount = 0; 2386 2387 /*while*/ 2388 if (rtl8139_transmit_one(s, descriptor)) 2389 { 2390 ++s->currTxDesc; 2391 s->currTxDesc %= 4; 2392 ++txcount; 2393 } 2394 2395 /* Mark transfer completed */ 2396 if (!txcount) 2397 { 2398 DPRINTF("transmitter queue stalled, current TxDesc = %d\n", 2399 s->currTxDesc); 2400 } 2401} 2402 2403static void rtl8139_TxStatus_write(RTL8139State *s, uint32_t txRegOffset, uint32_t val) 2404{ 2405 2406 int descriptor = txRegOffset/4; 2407 2408 /* handle C+ transmit mode register configuration */ 2409 2410 if (s->cplus_enabled) 2411 { 2412 DPRINTF("RTL8139C+ DTCCR write offset=0x%x val=0x%08x " 2413 "descriptor=%d\n", txRegOffset, val, descriptor); 2414 2415 /* handle Dump Tally Counters command */ 2416 s->TxStatus[descriptor] = val; 2417 2418 if (descriptor == 0 && (val & 0x8)) 2419 { 2420 hwaddr tc_addr = rtl8139_addr64(s->TxStatus[0] & ~0x3f, s->TxStatus[1]); 2421 2422 /* dump tally counters to specified memory location */ 2423 RTL8139TallyCounters_dma_write(s, tc_addr); 2424 2425 /* mark dump completed */ 2426 s->TxStatus[0] &= ~0x8; 2427 } 2428 2429 return; 2430 } 2431 2432 DPRINTF("TxStatus write offset=0x%x val=0x%08x descriptor=%d\n", 2433 txRegOffset, val, descriptor); 2434 2435 /* mask only reserved bits */ 2436 val &= ~0xff00c000; /* these bits are reset on write */ 2437 val = SET_MASKED(val, 0x00c00000, s->TxStatus[descriptor]); 2438 2439 s->TxStatus[descriptor] = val; 2440 2441 /* attempt to start transmission */ 2442 rtl8139_transmit(s); 2443} 2444 2445static uint32_t rtl8139_TxStatus_TxAddr_read(RTL8139State *s, uint32_t regs[], 2446 uint32_t base, uint8_t addr, 2447 int size) 2448{ 2449 uint32_t reg = (addr - base) / 4; 2450 uint32_t offset = addr & 0x3; 2451 uint32_t ret = 0; 2452 2453 if (addr & (size - 1)) { 2454 DPRINTF("not implemented read for TxStatus/TxAddr " 2455 "addr=0x%x size=0x%x\n", addr, size); 2456 return ret; 2457 } 2458 2459 switch (size) { 2460 case 1: /* fall through */ 2461 case 2: /* fall through */ 2462 case 4: 2463 ret = (regs[reg] >> offset * 8) & (((uint64_t)1 << (size * 8)) - 1); 2464 DPRINTF("TxStatus/TxAddr[%d] read addr=0x%x size=0x%x val=0x%08x\n", 2465 reg, addr, size, ret); 2466 break; 2467 default: 2468 DPRINTF("unsupported size 0x%x of TxStatus/TxAddr reading\n", size); 2469 break; 2470 } 2471 2472 return ret; 2473} 2474 2475static uint16_t rtl8139_TSAD_read(RTL8139State *s) 2476{ 2477 uint16_t ret = 0; 2478 2479 /* Simulate TSAD, it is read only anyway */ 2480 2481 ret = ((s->TxStatus[3] & TxStatOK )?TSAD_TOK3:0) 2482 |((s->TxStatus[2] & TxStatOK )?TSAD_TOK2:0) 2483 |((s->TxStatus[1] & TxStatOK )?TSAD_TOK1:0) 2484 |((s->TxStatus[0] & TxStatOK )?TSAD_TOK0:0) 2485 2486 |((s->TxStatus[3] & TxUnderrun)?TSAD_TUN3:0) 2487 |((s->TxStatus[2] & TxUnderrun)?TSAD_TUN2:0) 2488 |((s->TxStatus[1] & TxUnderrun)?TSAD_TUN1:0) 2489 |((s->TxStatus[0] & TxUnderrun)?TSAD_TUN0:0) 2490 2491 |((s->TxStatus[3] & TxAborted )?TSAD_TABT3:0) 2492 |((s->TxStatus[2] & TxAborted )?TSAD_TABT2:0) 2493 |((s->TxStatus[1] & TxAborted )?TSAD_TABT1:0) 2494 |((s->TxStatus[0] & TxAborted )?TSAD_TABT0:0) 2495 2496 |((s->TxStatus[3] & TxHostOwns )?TSAD_OWN3:0) 2497 |((s->TxStatus[2] & TxHostOwns )?TSAD_OWN2:0) 2498 |((s->TxStatus[1] & TxHostOwns )?TSAD_OWN1:0) 2499 |((s->TxStatus[0] & TxHostOwns )?TSAD_OWN0:0) ; 2500 2501 2502 DPRINTF("TSAD read val=0x%04x\n", ret); 2503 2504 return ret; 2505} 2506 2507static uint16_t rtl8139_CSCR_read(RTL8139State *s) 2508{ 2509 uint16_t ret = s->CSCR; 2510 2511 DPRINTF("CSCR read val=0x%04x\n", ret); 2512 2513 return ret; 2514} 2515 2516static void rtl8139_TxAddr_write(RTL8139State *s, uint32_t txAddrOffset, uint32_t val) 2517{ 2518 DPRINTF("TxAddr write offset=0x%x val=0x%08x\n", txAddrOffset, val); 2519 2520 s->TxAddr[txAddrOffset/4] = val; 2521} 2522 2523static uint32_t rtl8139_TxAddr_read(RTL8139State *s, uint32_t txAddrOffset) 2524{ 2525 uint32_t ret = s->TxAddr[txAddrOffset/4]; 2526 2527 DPRINTF("TxAddr read offset=0x%x val=0x%08x\n", txAddrOffset, ret); 2528 2529 return ret; 2530} 2531 2532static void rtl8139_RxBufPtr_write(RTL8139State *s, uint32_t val) 2533{ 2534 DPRINTF("RxBufPtr write val=0x%04x\n", val); 2535 2536 /* this value is off by 16 */ 2537 s->RxBufPtr = MOD2(val + 0x10, s->RxBufferSize); 2538 2539 /* more buffer space may be available so try to receive */ 2540 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 2541 2542 DPRINTF(" CAPR write: rx buffer length %d head 0x%04x read 0x%04x\n", 2543 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr); 2544} 2545 2546static uint32_t rtl8139_RxBufPtr_read(RTL8139State *s) 2547{ 2548 /* this value is off by 16 */ 2549 uint32_t ret = s->RxBufPtr - 0x10; 2550 2551 DPRINTF("RxBufPtr read val=0x%04x\n", ret); 2552 2553 return ret; 2554} 2555 2556static uint32_t rtl8139_RxBufAddr_read(RTL8139State *s) 2557{ 2558 /* this value is NOT off by 16 */ 2559 uint32_t ret = s->RxBufAddr; 2560 2561 DPRINTF("RxBufAddr read val=0x%04x\n", ret); 2562 2563 return ret; 2564} 2565 2566static void rtl8139_RxBuf_write(RTL8139State *s, uint32_t val) 2567{ 2568 DPRINTF("RxBuf write val=0x%08x\n", val); 2569 2570 s->RxBuf = val; 2571 2572 /* may need to reset rxring here */ 2573} 2574 2575static uint32_t rtl8139_RxBuf_read(RTL8139State *s) 2576{ 2577 uint32_t ret = s->RxBuf; 2578 2579 DPRINTF("RxBuf read val=0x%08x\n", ret); 2580 2581 return ret; 2582} 2583 2584static void rtl8139_IntrMask_write(RTL8139State *s, uint32_t val) 2585{ 2586 DPRINTF("IntrMask write(w) val=0x%04x\n", val); 2587 2588 /* mask unwritable bits */ 2589 val = SET_MASKED(val, 0x1e00, s->IntrMask); 2590 2591 s->IntrMask = val; 2592 2593 rtl8139_update_irq(s); 2594 2595} 2596 2597static uint32_t rtl8139_IntrMask_read(RTL8139State *s) 2598{ 2599 uint32_t ret = s->IntrMask; 2600 2601 DPRINTF("IntrMask read(w) val=0x%04x\n", ret); 2602 2603 return ret; 2604} 2605 2606static void rtl8139_IntrStatus_write(RTL8139State *s, uint32_t val) 2607{ 2608 DPRINTF("IntrStatus write(w) val=0x%04x\n", val); 2609 2610#if 0 2611 2612 /* writing to ISR has no effect */ 2613 2614 return; 2615 2616#else 2617 uint16_t newStatus = s->IntrStatus & ~val; 2618 2619 /* mask unwritable bits */ 2620 newStatus = SET_MASKED(newStatus, 0x1e00, s->IntrStatus); 2621 2622 /* writing 1 to interrupt status register bit clears it */ 2623 s->IntrStatus = 0; 2624 rtl8139_update_irq(s); 2625 2626 s->IntrStatus = newStatus; 2627 rtl8139_set_next_tctr_time(s); 2628 rtl8139_update_irq(s); 2629 2630#endif 2631} 2632 2633static uint32_t rtl8139_IntrStatus_read(RTL8139State *s) 2634{ 2635 uint32_t ret = s->IntrStatus; 2636 2637 DPRINTF("IntrStatus read(w) val=0x%04x\n", ret); 2638 2639#if 0 2640 2641 /* reading ISR clears all interrupts */ 2642 s->IntrStatus = 0; 2643 2644 rtl8139_update_irq(s); 2645 2646#endif 2647 2648 return ret; 2649} 2650 2651static void rtl8139_MultiIntr_write(RTL8139State *s, uint32_t val) 2652{ 2653 DPRINTF("MultiIntr write(w) val=0x%04x\n", val); 2654 2655 /* mask unwritable bits */ 2656 val = SET_MASKED(val, 0xf000, s->MultiIntr); 2657 2658 s->MultiIntr = val; 2659} 2660 2661static uint32_t rtl8139_MultiIntr_read(RTL8139State *s) 2662{ 2663 uint32_t ret = s->MultiIntr; 2664 2665 DPRINTF("MultiIntr read(w) val=0x%04x\n", ret); 2666 2667 return ret; 2668} 2669 2670static void rtl8139_io_writeb(void *opaque, uint8_t addr, uint32_t val) 2671{ 2672 RTL8139State *s = opaque; 2673 2674 switch (addr) 2675 { 2676 case MAC0 ... MAC0+4: 2677 s->phys[addr - MAC0] = val; 2678 break; 2679 case MAC0+5: 2680 s->phys[addr - MAC0] = val; 2681 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->phys); 2682 break; 2683 case MAC0+6 ... MAC0+7: 2684 /* reserved */ 2685 break; 2686 case MAR0 ... MAR0+7: 2687 s->mult[addr - MAR0] = val; 2688 break; 2689 case ChipCmd: 2690 rtl8139_ChipCmd_write(s, val); 2691 break; 2692 case Cfg9346: 2693 rtl8139_Cfg9346_write(s, val); 2694 break; 2695 case TxConfig: /* windows driver sometimes writes using byte-lenth call */ 2696 rtl8139_TxConfig_writeb(s, val); 2697 break; 2698 case Config0: 2699 rtl8139_Config0_write(s, val); 2700 break; 2701 case Config1: 2702 rtl8139_Config1_write(s, val); 2703 break; 2704 case Config3: 2705 rtl8139_Config3_write(s, val); 2706 break; 2707 case Config4: 2708 rtl8139_Config4_write(s, val); 2709 break; 2710 case Config5: 2711 rtl8139_Config5_write(s, val); 2712 break; 2713 case MediaStatus: 2714 /* ignore */ 2715 DPRINTF("not implemented write(b) to MediaStatus val=0x%02x\n", 2716 val); 2717 break; 2718 2719 case HltClk: 2720 DPRINTF("HltClk write val=0x%08x\n", val); 2721 if (val == 'R') 2722 { 2723 s->clock_enabled = 1; 2724 } 2725 else if (val == 'H') 2726 { 2727 s->clock_enabled = 0; 2728 } 2729 break; 2730 2731 case TxThresh: 2732 DPRINTF("C+ TxThresh write(b) val=0x%02x\n", val); 2733 s->TxThresh = val; 2734 break; 2735 2736 case TxPoll: 2737 DPRINTF("C+ TxPoll write(b) val=0x%02x\n", val); 2738 if (val & (1 << 7)) 2739 { 2740 DPRINTF("C+ TxPoll high priority transmission (not " 2741 "implemented)\n"); 2742 //rtl8139_cplus_transmit(s); 2743 } 2744 if (val & (1 << 6)) 2745 { 2746 DPRINTF("C+ TxPoll normal priority transmission\n"); 2747 rtl8139_cplus_transmit(s); 2748 } 2749 2750 break; 2751 2752 default: 2753 DPRINTF("not implemented write(b) addr=0x%x val=0x%02x\n", addr, 2754 val); 2755 break; 2756 } 2757} 2758 2759static void rtl8139_io_writew(void *opaque, uint8_t addr, uint32_t val) 2760{ 2761 RTL8139State *s = opaque; 2762 2763 switch (addr) 2764 { 2765 case IntrMask: 2766 rtl8139_IntrMask_write(s, val); 2767 break; 2768 2769 case IntrStatus: 2770 rtl8139_IntrStatus_write(s, val); 2771 break; 2772 2773 case MultiIntr: 2774 rtl8139_MultiIntr_write(s, val); 2775 break; 2776 2777 case RxBufPtr: 2778 rtl8139_RxBufPtr_write(s, val); 2779 break; 2780 2781 case BasicModeCtrl: 2782 rtl8139_BasicModeCtrl_write(s, val); 2783 break; 2784 case BasicModeStatus: 2785 rtl8139_BasicModeStatus_write(s, val); 2786 break; 2787 case NWayAdvert: 2788 DPRINTF("NWayAdvert write(w) val=0x%04x\n", val); 2789 s->NWayAdvert = val; 2790 break; 2791 case NWayLPAR: 2792 DPRINTF("forbidden NWayLPAR write(w) val=0x%04x\n", val); 2793 break; 2794 case NWayExpansion: 2795 DPRINTF("NWayExpansion write(w) val=0x%04x\n", val); 2796 s->NWayExpansion = val; 2797 break; 2798 2799 case CpCmd: 2800 rtl8139_CpCmd_write(s, val); 2801 break; 2802 2803 case IntrMitigate: 2804 rtl8139_IntrMitigate_write(s, val); 2805 break; 2806 2807 default: 2808 DPRINTF("ioport write(w) addr=0x%x val=0x%04x via write(b)\n", 2809 addr, val); 2810 2811 rtl8139_io_writeb(opaque, addr, val & 0xff); 2812 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff); 2813 break; 2814 } 2815} 2816 2817static void rtl8139_set_next_tctr_time(RTL8139State *s) 2818{ 2819 const uint64_t ns_per_period = (uint64_t)PCI_PERIOD << 32; 2820 2821 DPRINTF("entered rtl8139_set_next_tctr_time\n"); 2822 2823 /* This function is called at least once per period, so it is a good 2824 * place to update the timer base. 2825 * 2826 * After one iteration of this loop the value in the Timer register does 2827 * not change, but the device model is counting up by 2^32 ticks (approx. 2828 * 130 seconds). 2829 */ 2830 while (s->TCTR_base + ns_per_period <= qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)) { 2831 s->TCTR_base += ns_per_period; 2832 } 2833 2834 if (!s->TimerInt) { 2835 timer_del(s->timer); 2836 } else { 2837 uint64_t delta = (uint64_t)s->TimerInt * PCI_PERIOD; 2838 if (s->TCTR_base + delta <= qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)) { 2839 delta += ns_per_period; 2840 } 2841 timer_mod(s->timer, s->TCTR_base + delta); 2842 } 2843} 2844 2845static void rtl8139_io_writel(void *opaque, uint8_t addr, uint32_t val) 2846{ 2847 RTL8139State *s = opaque; 2848 2849 switch (addr) 2850 { 2851 case RxMissed: 2852 DPRINTF("RxMissed clearing on write\n"); 2853 s->RxMissed = 0; 2854 break; 2855 2856 case TxConfig: 2857 rtl8139_TxConfig_write(s, val); 2858 break; 2859 2860 case RxConfig: 2861 rtl8139_RxConfig_write(s, val); 2862 break; 2863 2864 case TxStatus0 ... TxStatus0+4*4-1: 2865 rtl8139_TxStatus_write(s, addr-TxStatus0, val); 2866 break; 2867 2868 case TxAddr0 ... TxAddr0+4*4-1: 2869 rtl8139_TxAddr_write(s, addr-TxAddr0, val); 2870 break; 2871 2872 case RxBuf: 2873 rtl8139_RxBuf_write(s, val); 2874 break; 2875 2876 case RxRingAddrLO: 2877 DPRINTF("C+ RxRing low bits write val=0x%08x\n", val); 2878 s->RxRingAddrLO = val; 2879 break; 2880 2881 case RxRingAddrHI: 2882 DPRINTF("C+ RxRing high bits write val=0x%08x\n", val); 2883 s->RxRingAddrHI = val; 2884 break; 2885 2886 case Timer: 2887 DPRINTF("TCTR Timer reset on write\n"); 2888 s->TCTR_base = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 2889 rtl8139_set_next_tctr_time(s); 2890 break; 2891 2892 case FlashReg: 2893 DPRINTF("FlashReg TimerInt write val=0x%08x\n", val); 2894 if (s->TimerInt != val) { 2895 s->TimerInt = val; 2896 rtl8139_set_next_tctr_time(s); 2897 } 2898 break; 2899 2900 default: 2901 DPRINTF("ioport write(l) addr=0x%x val=0x%08x via write(b)\n", 2902 addr, val); 2903 rtl8139_io_writeb(opaque, addr, val & 0xff); 2904 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff); 2905 rtl8139_io_writeb(opaque, addr + 2, (val >> 16) & 0xff); 2906 rtl8139_io_writeb(opaque, addr + 3, (val >> 24) & 0xff); 2907 break; 2908 } 2909} 2910 2911static uint32_t rtl8139_io_readb(void *opaque, uint8_t addr) 2912{ 2913 RTL8139State *s = opaque; 2914 int ret; 2915 2916 switch (addr) 2917 { 2918 case MAC0 ... MAC0+5: 2919 ret = s->phys[addr - MAC0]; 2920 break; 2921 case MAC0+6 ... MAC0+7: 2922 ret = 0; 2923 break; 2924 case MAR0 ... MAR0+7: 2925 ret = s->mult[addr - MAR0]; 2926 break; 2927 case TxStatus0 ... TxStatus0+4*4-1: 2928 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxStatus, TxStatus0, 2929 addr, 1); 2930 break; 2931 case ChipCmd: 2932 ret = rtl8139_ChipCmd_read(s); 2933 break; 2934 case Cfg9346: 2935 ret = rtl8139_Cfg9346_read(s); 2936 break; 2937 case Config0: 2938 ret = rtl8139_Config0_read(s); 2939 break; 2940 case Config1: 2941 ret = rtl8139_Config1_read(s); 2942 break; 2943 case Config3: 2944 ret = rtl8139_Config3_read(s); 2945 break; 2946 case Config4: 2947 ret = rtl8139_Config4_read(s); 2948 break; 2949 case Config5: 2950 ret = rtl8139_Config5_read(s); 2951 break; 2952 2953 case MediaStatus: 2954 /* The LinkDown bit of MediaStatus is inverse with link status */ 2955 ret = 0xd0 | (~s->BasicModeStatus & 0x04); 2956 DPRINTF("MediaStatus read 0x%x\n", ret); 2957 break; 2958 2959 case HltClk: 2960 ret = s->clock_enabled; 2961 DPRINTF("HltClk read 0x%x\n", ret); 2962 break; 2963 2964 case PCIRevisionID: 2965 ret = RTL8139_PCI_REVID; 2966 DPRINTF("PCI Revision ID read 0x%x\n", ret); 2967 break; 2968 2969 case TxThresh: 2970 ret = s->TxThresh; 2971 DPRINTF("C+ TxThresh read(b) val=0x%02x\n", ret); 2972 break; 2973 2974 case 0x43: /* Part of TxConfig register. Windows driver tries to read it */ 2975 ret = s->TxConfig >> 24; 2976 DPRINTF("RTL8139C TxConfig at 0x43 read(b) val=0x%02x\n", ret); 2977 break; 2978 2979 default: 2980 DPRINTF("not implemented read(b) addr=0x%x\n", addr); 2981 ret = 0; 2982 break; 2983 } 2984 2985 return ret; 2986} 2987 2988static uint32_t rtl8139_io_readw(void *opaque, uint8_t addr) 2989{ 2990 RTL8139State *s = opaque; 2991 uint32_t ret; 2992 2993 switch (addr) 2994 { 2995 case TxAddr0 ... TxAddr0+4*4-1: 2996 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxAddr, TxAddr0, addr, 2); 2997 break; 2998 case IntrMask: 2999 ret = rtl8139_IntrMask_read(s); 3000 break; 3001 3002 case IntrStatus: 3003 ret = rtl8139_IntrStatus_read(s); 3004 break; 3005 3006 case MultiIntr: 3007 ret = rtl8139_MultiIntr_read(s); 3008 break; 3009 3010 case RxBufPtr: 3011 ret = rtl8139_RxBufPtr_read(s); 3012 break; 3013 3014 case RxBufAddr: 3015 ret = rtl8139_RxBufAddr_read(s); 3016 break; 3017 3018 case BasicModeCtrl: 3019 ret = rtl8139_BasicModeCtrl_read(s); 3020 break; 3021 case BasicModeStatus: 3022 ret = rtl8139_BasicModeStatus_read(s); 3023 break; 3024 case NWayAdvert: 3025 ret = s->NWayAdvert; 3026 DPRINTF("NWayAdvert read(w) val=0x%04x\n", ret); 3027 break; 3028 case NWayLPAR: 3029 ret = s->NWayLPAR; 3030 DPRINTF("NWayLPAR read(w) val=0x%04x\n", ret); 3031 break; 3032 case NWayExpansion: 3033 ret = s->NWayExpansion; 3034 DPRINTF("NWayExpansion read(w) val=0x%04x\n", ret); 3035 break; 3036 3037 case CpCmd: 3038 ret = rtl8139_CpCmd_read(s); 3039 break; 3040 3041 case IntrMitigate: 3042 ret = rtl8139_IntrMitigate_read(s); 3043 break; 3044 3045 case TxSummary: 3046 ret = rtl8139_TSAD_read(s); 3047 break; 3048 3049 case CSCR: 3050 ret = rtl8139_CSCR_read(s); 3051 break; 3052 3053 default: 3054 DPRINTF("ioport read(w) addr=0x%x via read(b)\n", addr); 3055 3056 ret = rtl8139_io_readb(opaque, addr); 3057 ret |= rtl8139_io_readb(opaque, addr + 1) << 8; 3058 3059 DPRINTF("ioport read(w) addr=0x%x val=0x%04x\n", addr, ret); 3060 break; 3061 } 3062 3063 return ret; 3064} 3065 3066static uint32_t rtl8139_io_readl(void *opaque, uint8_t addr) 3067{ 3068 RTL8139State *s = opaque; 3069 uint32_t ret; 3070 3071 switch (addr) 3072 { 3073 case RxMissed: 3074 ret = s->RxMissed; 3075 3076 DPRINTF("RxMissed read val=0x%08x\n", ret); 3077 break; 3078 3079 case TxConfig: 3080 ret = rtl8139_TxConfig_read(s); 3081 break; 3082 3083 case RxConfig: 3084 ret = rtl8139_RxConfig_read(s); 3085 break; 3086 3087 case TxStatus0 ... TxStatus0+4*4-1: 3088 ret = rtl8139_TxStatus_TxAddr_read(s, s->TxStatus, TxStatus0, 3089 addr, 4); 3090 break; 3091 3092 case TxAddr0 ... TxAddr0+4*4-1: 3093 ret = rtl8139_TxAddr_read(s, addr-TxAddr0); 3094 break; 3095 3096 case RxBuf: 3097 ret = rtl8139_RxBuf_read(s); 3098 break; 3099 3100 case RxRingAddrLO: 3101 ret = s->RxRingAddrLO; 3102 DPRINTF("C+ RxRing low bits read val=0x%08x\n", ret); 3103 break; 3104 3105 case RxRingAddrHI: 3106 ret = s->RxRingAddrHI; 3107 DPRINTF("C+ RxRing high bits read val=0x%08x\n", ret); 3108 break; 3109 3110 case Timer: 3111 ret = (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) - s->TCTR_base) / 3112 PCI_PERIOD; 3113 DPRINTF("TCTR Timer read val=0x%08x\n", ret); 3114 break; 3115 3116 case FlashReg: 3117 ret = s->TimerInt; 3118 DPRINTF("FlashReg TimerInt read val=0x%08x\n", ret); 3119 break; 3120 3121 default: 3122 DPRINTF("ioport read(l) addr=0x%x via read(b)\n", addr); 3123 3124 ret = rtl8139_io_readb(opaque, addr); 3125 ret |= rtl8139_io_readb(opaque, addr + 1) << 8; 3126 ret |= rtl8139_io_readb(opaque, addr + 2) << 16; 3127 ret |= rtl8139_io_readb(opaque, addr + 3) << 24; 3128 3129 DPRINTF("read(l) addr=0x%x val=%08x\n", addr, ret); 3130 break; 3131 } 3132 3133 return ret; 3134} 3135 3136/* */ 3137 3138static int rtl8139_post_load(void *opaque, int version_id) 3139{ 3140 RTL8139State* s = opaque; 3141 rtl8139_set_next_tctr_time(s); 3142 if (version_id < 4) { 3143 s->cplus_enabled = s->CpCmd != 0; 3144 } 3145 3146 /* nc.link_down can't be migrated, so infer link_down according 3147 * to link status bit in BasicModeStatus */ 3148 qemu_get_queue(s->nic)->link_down = (s->BasicModeStatus & 0x04) == 0; 3149 3150 return 0; 3151} 3152 3153static bool rtl8139_hotplug_ready_needed(void *opaque) 3154{ 3155 return qdev_machine_modified(); 3156} 3157 3158static const VMStateDescription vmstate_rtl8139_hotplug_ready ={ 3159 .name = "rtl8139/hotplug_ready", 3160 .version_id = 1, 3161 .minimum_version_id = 1, 3162 .needed = rtl8139_hotplug_ready_needed, 3163 .fields = (VMStateField[]) { 3164 VMSTATE_END_OF_LIST() 3165 } 3166}; 3167 3168static int rtl8139_pre_save(void *opaque) 3169{ 3170 RTL8139State* s = opaque; 3171 int64_t current_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 3172 3173 /* for migration to older versions */ 3174 s->TCTR = (current_time - s->TCTR_base) / PCI_PERIOD; 3175 s->rtl8139_mmio_io_addr_dummy = 0; 3176 3177 return 0; 3178} 3179 3180static const VMStateDescription vmstate_rtl8139 = { 3181 .name = "rtl8139", 3182 .version_id = 5, 3183 .minimum_version_id = 3, 3184 .post_load = rtl8139_post_load, 3185 .pre_save = rtl8139_pre_save, 3186 .fields = (VMStateField[]) { 3187 VMSTATE_PCI_DEVICE(parent_obj, RTL8139State), 3188 VMSTATE_PARTIAL_BUFFER(phys, RTL8139State, 6), 3189 VMSTATE_BUFFER(mult, RTL8139State), 3190 VMSTATE_UINT32_ARRAY(TxStatus, RTL8139State, 4), 3191 VMSTATE_UINT32_ARRAY(TxAddr, RTL8139State, 4), 3192 3193 VMSTATE_UINT32(RxBuf, RTL8139State), 3194 VMSTATE_UINT32(RxBufferSize, RTL8139State), 3195 VMSTATE_UINT32(RxBufPtr, RTL8139State), 3196 VMSTATE_UINT32(RxBufAddr, RTL8139State), 3197 3198 VMSTATE_UINT16(IntrStatus, RTL8139State), 3199 VMSTATE_UINT16(IntrMask, RTL8139State), 3200 3201 VMSTATE_UINT32(TxConfig, RTL8139State), 3202 VMSTATE_UINT32(RxConfig, RTL8139State), 3203 VMSTATE_UINT32(RxMissed, RTL8139State), 3204 VMSTATE_UINT16(CSCR, RTL8139State), 3205 3206 VMSTATE_UINT8(Cfg9346, RTL8139State), 3207 VMSTATE_UINT8(Config0, RTL8139State), 3208 VMSTATE_UINT8(Config1, RTL8139State), 3209 VMSTATE_UINT8(Config3, RTL8139State), 3210 VMSTATE_UINT8(Config4, RTL8139State), 3211 VMSTATE_UINT8(Config5, RTL8139State), 3212 3213 VMSTATE_UINT8(clock_enabled, RTL8139State), 3214 VMSTATE_UINT8(bChipCmdState, RTL8139State), 3215 3216 VMSTATE_UINT16(MultiIntr, RTL8139State), 3217 3218 VMSTATE_UINT16(BasicModeCtrl, RTL8139State), 3219 VMSTATE_UINT16(BasicModeStatus, RTL8139State), 3220 VMSTATE_UINT16(NWayAdvert, RTL8139State), 3221 VMSTATE_UINT16(NWayLPAR, RTL8139State), 3222 VMSTATE_UINT16(NWayExpansion, RTL8139State), 3223 3224 VMSTATE_UINT16(CpCmd, RTL8139State), 3225 VMSTATE_UINT8(TxThresh, RTL8139State), 3226 3227 VMSTATE_UNUSED(4), 3228 VMSTATE_MACADDR(conf.macaddr, RTL8139State), 3229 VMSTATE_INT32(rtl8139_mmio_io_addr_dummy, RTL8139State), 3230 3231 VMSTATE_UINT32(currTxDesc, RTL8139State), 3232 VMSTATE_UINT32(currCPlusRxDesc, RTL8139State), 3233 VMSTATE_UINT32(currCPlusTxDesc, RTL8139State), 3234 VMSTATE_UINT32(RxRingAddrLO, RTL8139State), 3235 VMSTATE_UINT32(RxRingAddrHI, RTL8139State), 3236 3237 VMSTATE_UINT16_ARRAY(eeprom.contents, RTL8139State, EEPROM_9346_SIZE), 3238 VMSTATE_INT32(eeprom.mode, RTL8139State), 3239 VMSTATE_UINT32(eeprom.tick, RTL8139State), 3240 VMSTATE_UINT8(eeprom.address, RTL8139State), 3241 VMSTATE_UINT16(eeprom.input, RTL8139State), 3242 VMSTATE_UINT16(eeprom.output, RTL8139State), 3243 3244 VMSTATE_UINT8(eeprom.eecs, RTL8139State), 3245 VMSTATE_UINT8(eeprom.eesk, RTL8139State), 3246 VMSTATE_UINT8(eeprom.eedi, RTL8139State), 3247 VMSTATE_UINT8(eeprom.eedo, RTL8139State), 3248 3249 VMSTATE_UINT32(TCTR, RTL8139State), 3250 VMSTATE_UINT32(TimerInt, RTL8139State), 3251 VMSTATE_INT64(TCTR_base, RTL8139State), 3252 3253 VMSTATE_UINT64(tally_counters.TxOk, RTL8139State), 3254 VMSTATE_UINT64(tally_counters.RxOk, RTL8139State), 3255 VMSTATE_UINT64(tally_counters.TxERR, RTL8139State), 3256 VMSTATE_UINT32(tally_counters.RxERR, RTL8139State), 3257 VMSTATE_UINT16(tally_counters.MissPkt, RTL8139State), 3258 VMSTATE_UINT16(tally_counters.FAE, RTL8139State), 3259 VMSTATE_UINT32(tally_counters.Tx1Col, RTL8139State), 3260 VMSTATE_UINT32(tally_counters.TxMCol, RTL8139State), 3261 VMSTATE_UINT64(tally_counters.RxOkPhy, RTL8139State), 3262 VMSTATE_UINT64(tally_counters.RxOkBrd, RTL8139State), 3263 VMSTATE_UINT32_V(tally_counters.RxOkMul, RTL8139State, 5), 3264 VMSTATE_UINT16(tally_counters.TxAbt, RTL8139State), 3265 VMSTATE_UINT16(tally_counters.TxUndrn, RTL8139State), 3266 3267 VMSTATE_UINT32_V(cplus_enabled, RTL8139State, 4), 3268 VMSTATE_END_OF_LIST() 3269 }, 3270 .subsections = (const VMStateDescription*[]) { 3271 &vmstate_rtl8139_hotplug_ready, 3272 NULL 3273 } 3274}; 3275 3276/***********************************************************/ 3277/* PCI RTL8139 definitions */ 3278 3279static void rtl8139_ioport_write(void *opaque, hwaddr addr, 3280 uint64_t val, unsigned size) 3281{ 3282 switch (size) { 3283 case 1: 3284 rtl8139_io_writeb(opaque, addr, val); 3285 break; 3286 case 2: 3287 rtl8139_io_writew(opaque, addr, val); 3288 break; 3289 case 4: 3290 rtl8139_io_writel(opaque, addr, val); 3291 break; 3292 } 3293} 3294 3295static uint64_t rtl8139_ioport_read(void *opaque, hwaddr addr, 3296 unsigned size) 3297{ 3298 switch (size) { 3299 case 1: 3300 return rtl8139_io_readb(opaque, addr); 3301 case 2: 3302 return rtl8139_io_readw(opaque, addr); 3303 case 4: 3304 return rtl8139_io_readl(opaque, addr); 3305 } 3306 3307 return -1; 3308} 3309 3310static const MemoryRegionOps rtl8139_io_ops = { 3311 .read = rtl8139_ioport_read, 3312 .write = rtl8139_ioport_write, 3313 .impl = { 3314 .min_access_size = 1, 3315 .max_access_size = 4, 3316 }, 3317 .endianness = DEVICE_LITTLE_ENDIAN, 3318}; 3319 3320static void rtl8139_timer(void *opaque) 3321{ 3322 RTL8139State *s = opaque; 3323 3324 if (!s->clock_enabled) 3325 { 3326 DPRINTF(">>> timer: clock is not running\n"); 3327 return; 3328 } 3329 3330 s->IntrStatus |= PCSTimeout; 3331 rtl8139_update_irq(s); 3332 rtl8139_set_next_tctr_time(s); 3333} 3334 3335static void pci_rtl8139_uninit(PCIDevice *dev) 3336{ 3337 RTL8139State *s = RTL8139(dev); 3338 3339 g_free(s->cplus_txbuffer); 3340 s->cplus_txbuffer = NULL; 3341 timer_free(s->timer); 3342 qemu_del_nic(s->nic); 3343} 3344 3345static void rtl8139_set_link_status(NetClientState *nc) 3346{ 3347 RTL8139State *s = qemu_get_nic_opaque(nc); 3348 3349 if (nc->link_down) { 3350 s->BasicModeStatus &= ~0x04; 3351 } else { 3352 s->BasicModeStatus |= 0x04; 3353 } 3354 3355 s->IntrStatus |= RxUnderrun; 3356 rtl8139_update_irq(s); 3357} 3358 3359static NetClientInfo net_rtl8139_info = { 3360 .type = NET_CLIENT_DRIVER_NIC, 3361 .size = sizeof(NICState), 3362 .can_receive = rtl8139_can_receive, 3363 .receive = rtl8139_receive, 3364 .link_status_changed = rtl8139_set_link_status, 3365}; 3366 3367static void pci_rtl8139_realize(PCIDevice *dev, Error **errp) 3368{ 3369 RTL8139State *s = RTL8139(dev); 3370 DeviceState *d = DEVICE(dev); 3371 uint8_t *pci_conf; 3372 3373 pci_conf = dev->config; 3374 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */ 3375 /* TODO: start of capability list, but no capability 3376 * list bit in status register, and offset 0xdc seems unused. */ 3377 pci_conf[PCI_CAPABILITY_LIST] = 0xdc; 3378 3379 memory_region_init_io(&s->bar_io, OBJECT(s), &rtl8139_io_ops, s, 3380 "rtl8139", 0x100); 3381 memory_region_init_alias(&s->bar_mem, OBJECT(s), "rtl8139-mem", &s->bar_io, 3382 0, 0x100); 3383 3384 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->bar_io); 3385 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->bar_mem); 3386 3387 qemu_macaddr_default_if_unset(&s->conf.macaddr); 3388 3389 /* prepare eeprom */ 3390 s->eeprom.contents[0] = 0x8129; 3391#if 1 3392 /* PCI vendor and device ID should be mirrored here */ 3393 s->eeprom.contents[1] = PCI_VENDOR_ID_REALTEK; 3394 s->eeprom.contents[2] = PCI_DEVICE_ID_REALTEK_8139; 3395#endif 3396 s->eeprom.contents[7] = s->conf.macaddr.a[0] | s->conf.macaddr.a[1] << 8; 3397 s->eeprom.contents[8] = s->conf.macaddr.a[2] | s->conf.macaddr.a[3] << 8; 3398 s->eeprom.contents[9] = s->conf.macaddr.a[4] | s->conf.macaddr.a[5] << 8; 3399 3400 s->nic = qemu_new_nic(&net_rtl8139_info, &s->conf, 3401 object_get_typename(OBJECT(dev)), d->id, s); 3402 qemu_format_nic_info_str(qemu_get_queue(s->nic), s->conf.macaddr.a); 3403 3404 s->cplus_txbuffer = NULL; 3405 s->cplus_txbuffer_len = 0; 3406 s->cplus_txbuffer_offset = 0; 3407 3408 s->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, rtl8139_timer, s); 3409} 3410 3411static void rtl8139_instance_init(Object *obj) 3412{ 3413 RTL8139State *s = RTL8139(obj); 3414 3415 device_add_bootindex_property(obj, &s->conf.bootindex, 3416 "bootindex", "/ethernet-phy@0", 3417 DEVICE(obj)); 3418} 3419 3420static Property rtl8139_properties[] = { 3421 DEFINE_NIC_PROPERTIES(RTL8139State, conf), 3422 DEFINE_PROP_END_OF_LIST(), 3423}; 3424 3425static void rtl8139_class_init(ObjectClass *klass, void *data) 3426{ 3427 DeviceClass *dc = DEVICE_CLASS(klass); 3428 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 3429 3430 k->realize = pci_rtl8139_realize; 3431 k->exit = pci_rtl8139_uninit; 3432 k->romfile = "efi-rtl8139.rom"; 3433 k->vendor_id = PCI_VENDOR_ID_REALTEK; 3434 k->device_id = PCI_DEVICE_ID_REALTEK_8139; 3435 k->revision = RTL8139_PCI_REVID; /* >=0x20 is for 8139C+ */ 3436 k->class_id = PCI_CLASS_NETWORK_ETHERNET; 3437 dc->reset = rtl8139_reset; 3438 dc->vmsd = &vmstate_rtl8139; 3439 device_class_set_props(dc, rtl8139_properties); 3440 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories); 3441} 3442 3443static const TypeInfo rtl8139_info = { 3444 .name = TYPE_RTL8139, 3445 .parent = TYPE_PCI_DEVICE, 3446 .instance_size = sizeof(RTL8139State), 3447 .class_init = rtl8139_class_init, 3448 .instance_init = rtl8139_instance_init, 3449 .interfaces = (InterfaceInfo[]) { 3450 { INTERFACE_CONVENTIONAL_PCI_DEVICE }, 3451 { }, 3452 }, 3453}; 3454 3455static void rtl8139_register_types(void) 3456{ 3457 type_register_static(&rtl8139_info); 3458} 3459 3460type_init(rtl8139_register_types)