debuggers.hg

view tools/ioemu/hw/e100.c @ 16976:92aa029e7cb1

ioemu: use standard uint8_t instead of uint8 in new e100 s/r code
Signed-off-by: Samuel Thibault <samuel.thibault@eu.citrix.com>
author Keir Fraser <keir.fraser@citrix.com>
date Wed Jan 30 09:37:06 2008 +0000 (2008-01-30)
parents 7aa2149a3b0e
children
line source
1 /*
2 * QEMU E100(i82557) ethernet card emulation
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 *
18 * Copyright (c) 2006-2007 Stefan Weil
19 * Copyright (c) 2006-2007 Zhang Xin(xing.z.zhang@intel.com)
20 *
21 * Support OS:
22 * x86 linux and windows
23 * PAE linux and windows
24 * x86_64 linux and windows
25 * IA64 linux and windows
26 *
27 * Untested:
28 * Big-endian machine
29 *
30 * References:
31 *
32 * Intel 8255x 10/100 Mbps Ethernet Controller Family
33 * Open Source Software Developer Manual
34 */
36 #include <assert.h>
37 #include "vl.h"
39 enum
40 {
41 E100_PCI_VENDOR_ID = 0x00, /* 16 bits */
42 E100_PCI_DEVICE_ID = 0x02, /* 16 bits */
43 E100_PCI_COMMAND = 0x04, /* 16 bits */
44 E100_PCI_STATUS = 0x06, /* 16 bits */
45 E100_PCI_REVISION_ID = 0x08, /* 8 bits */
46 E100_PCI_CLASS_CODE = 0x0b, /* 8 bits */
47 E100_PCI_SUBCLASS_CODE = 0x0a, /* 8 bits */
48 E100_PCI_HEADER_TYPE = 0x0e, /* 8 bits */
49 E100_PCI_BASE_ADDRESS_0 = 0x10, /* 32 bits */
50 E100_PCI_BASE_ADDRESS_1 = 0x14, /* 32 bits */
51 E100_PCI_BASE_ADDRESS_2 = 0x18, /* 32 bits */
52 E100_PCI_BASE_ADDRESS_3 = 0x1c, /* 32 bits */
53 E100_PCI_BASE_ADDRESS_4 = 0x20, /* 32 bits */
54 E100_PCI_BASE_ADDRESS_5 = 0x24 /* 32 bits */
55 }PCI_CONFIGURE_SPACE;
57 #define PCI_CONFIG_8(offset, value) \
58 (*(uint8_t *)&pci_conf[offset] = (value))
59 #define PCI_CONFIG_16(offset, value) \
60 (*(uint16_t *)&pci_conf[offset] = cpu_to_le16(value))
61 #define PCI_CONFIG_32(offset, value) \
62 (*(uint32_t *)&pci_conf[offset] = cpu_to_le32(value))
64 // Alias for Control/Status register read/write
65 #define CSR_STATUS scb_status
66 #define CSR_CMD scb_cmd
67 #define CSR_POINTER scb_pointer
68 #define CSR_PORT port
69 #define CSR_EEPROM eeprom_ctrl
70 #define CSR_MDI mdi_ctrl
71 #define CSR_PM pm_reg
73 #define CSR(class, field) \
74 (s->pci_mem.csr.class.u.field)
75 #define CSR_VAL(class) \
76 (s->pci_mem.csr.class.val)
78 #define CSR_READ(x, type) \
79 ({ \
80 type t; \
81 memcpy(&t, &s->pci_mem.mem[x], sizeof(type)); \
82 t; \
83 })
85 #define CSR_WRITE(x, val, type) \
86 ({ \
87 type t = val; \
88 memcpy(&s->pci_mem.mem[x], &t, sizeof(type)); \
89 })
91 #define SET_CU_STATE(val) \
92 (CSR(CSR_STATUS, cus) = val)
93 #define GET_CU_STATE \
94 (CSR(CSR_STATUS, cus))
96 #define SET_RU_STATE(val) \
97 (CSR(CSR_STATUS, rus) = val)
98 #define GET_RU_STATE \
99 (CSR(CSR_STATUS, rus))
101 #define KiB 1024
103 #define EEPROM_SIZE 64
105 #define BIT(n) (1U << (n))
107 /* debug E100 card */
108 //#define DEBUG_E100
110 #ifdef DEBUG_E100
111 #define logout(fmt, args...) fprintf(stderr, "EE100\t%-28s" fmt, __func__, ##args)
112 #else
113 #define logout(fmt, args...) ((void)0)
114 #endif
116 #define MAX_ETH_FRAME_SIZE 1514
118 /* This driver supports several different devices which are declared here. */
119 #define i82551 0x82551
120 #define i82557B 0x82557b
121 #define i82557C 0x82557c
122 #define i82558B 0x82558b
123 #define i82559C 0x82559c
124 #define i82559ER 0x82559e
125 #define i82562 0x82562
127 #define PCI_MEM_SIZE (4 * KiB)
128 #define PCI_IO_SIZE (64)
129 #define PCI_FLASH_SIZE (128 * KiB)
131 enum
132 {
133 OP_READ,
134 OP_WRITE,
135 } OPERTAION_DIRECTION;
137 /* The SCB accepts the following controls for the Tx and Rx units: */
138 enum
139 {
140 CU_NOP = 0x0000, /* No operation */
141 CU_START = 0x0010, /* CU start */
142 CU_RESUME = 0x0020, /* CU resume */
143 CU_STATSADDR = 0x0040, /* Load dump counters address */
144 CU_SHOWSTATS = 0x0050, /* Dump statistical counters */
145 CU_CMD_BASE = 0x0060, /* Load CU base address */
146 CU_DUMPSTATS = 0x0070, /* Dump and reset statistical counters */
147 CU_S_RESUME = 0x00a0 /* CU static resume */
148 }CONTROL_UNIT_COMMAND;
150 enum
151 {
152 RU_NOP = 0x0000,
153 RU_START = 0x0001,
154 RU_RESUME = 0x0002,
155 RU_DMA_REDIRECT = 0x0003,
156 RU_ABORT = 0x0004,
157 RU_LOAD_HDS = 0x0005,
158 RU_ADDR_LOAD = 0x0006,
159 RU_RESUMENR = 0x0007,
160 }RECEIVE_UNIT_COMMAND;
162 /* SCB status word descriptions */
163 enum
164 {
165 CU_IDLE = 0,
166 CU_SUSPENDED = 1,
167 CU_LPQ_ACTIVE = 2,
168 CU_HQP_ACTIVE = 3
169 } CONTROL_UINT_STATE;
171 enum
172 {
173 RU_IDLE = 0,
174 RU_SUSPENDED = 1,
175 RU_NO_RESOURCES =2,
176 RU_READY = 4
177 } RECEIVE_UNIT_STATE;
179 enum
180 {
181 PORT_SOFTWARE_RESET = 0,
182 PORT_SELF_TEST = 1,
183 PORT_SELECTIVE_RESET = 2,
184 PORT_DUMP = 3,
185 PORT_DUMP_WAKE_UP = 7,
186 }SCB_PORT_SELECTION_FUNCTION;
188 enum
189 {
190 CBL_NOP = 0,
191 CBL_IASETUP = 1,
192 CBL_CONFIGURE = 2,
193 CBL_MULTCAST_ADDR_SETUP = 3,
194 CBL_TRANSMIT = 4,
195 CBL_LOAD_MICROCODE = 5,
196 CBL_DUMP = 6,
197 CBL_DIAGNOSE = 7,
198 }CBL_COMMAND;
200 enum
201 {
202 SCB_STATUS = 0, /* SCB base + 0x00h, RU states + CU states + STAT/ACK */
203 SCB_ACK = 1, /* SCB ack/stat */
204 SCB_CMD = 2, /* RU command + CU command + S bit + M bit */
205 SCB_INTERRUPT_MASK = 3, /* Interrupts mask bits */
206 SCB_POINTER = 4, /* SCB general pointer, depending on command type */
207 SCB_PORT = 8, /* SCB port register */
208 SCB_EEPROM = 0xe, /* SCB eeprom control register */
209 SCB_MDI =0x10, /* SCB MDI control register */
210 } CSR_OFFSETS;
212 enum
213 {
214 EEPROM_SK = 0x01,
215 EEPROM_CS = 0x02,
216 EEPROM_DI = 0x04,
217 EEPROM_DO = 0x08,
218 } EEPROM_CONTROL_REGISTER;
220 enum
221 {
222 EEPROM_READ = 0x2,
223 EEPROM_WRITE = 0x1,
224 EEPROM_ERASE = 0x3,
225 } EEPROM_OPCODE;
227 enum
228 {
229 MDI_WRITE = 0x1,
230 MDI_READ = 0x2,
231 } MDI_OPCODE;
233 enum
234 {
235 INT_FCP = BIT(8),
236 INT_SWI = BIT(10),
237 INT_MDI = BIT(11),
238 INT_RNR = BIT(12),
239 INT_CNA = BIT(13),
240 INT_FR = BIT(14),
241 INT_CX_TNO = BIT(15),
242 } E100_INTERRUPT;
244 enum
245 {
246 CSR_MEMORY_BASE,
247 CSR_IO_BASE,
248 FLASH_MEMORY_BASE,
249 REGION_NUM
250 }E100_PCI_MEMORY_REGION;
252 typedef struct {
253 uint32_t tx_good_frames, // Good frames transmitted
254 tx_max_collisions, // Fatal frames -- had max collisions
255 tx_late_collisions, // Fatal frames -- had a late coll.
256 tx_underruns, // Transmit underruns (fatal or re-transmit)
257 tx_lost_crs, // Frames transmitted without CRS
258 tx_deferred, // Deferred transmits
259 tx_single_collisions, // Transmits that had 1 and only 1 coll.
260 tx_multiple_collisions,// Transmits that had multiple coll.
261 tx_total_collisions, // Transmits that had 1+ collisions.
263 rx_good_frames, // Good frames received
264 rx_crc_errors, // Aligned frames that had a CRC error
265 rx_alignment_errors, // Receives that had alignment errors
266 rx_resource_errors, // Good frame dropped due to lack of resources
267 rx_overrun_errors, // Overrun errors - bus was busy
268 rx_cdt_errors, // Received frames that encountered coll.
269 rx_short_frame_errors, // Received frames that were to short
271 complete_word; // A005h indicates dump cmd completion,
272 // A007h indicates dump and reset cmd completion.
274 // TODO: Add specific field for i82558, i82559
275 } __attribute__ ((packed)) e100_stats_t;
277 #define EEPROM_I82557_ADDRBIT 6
278 /* Below data is dumped from a real I82557 card */
279 static const uint16_t eeprom_i82557[] =
280 {
281 0x300, 0xe147, 0x2fa4, 0x203, 0x0, 0x201, 0x4701, 0x0, 0x7414, 0x6207,
282 0x4082, 0xb, 0x8086, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
283 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
284 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x128, 0x0, 0x0, 0x0, 0x0, 0x0,
285 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc374,
286 };
288 static const uint8_t e100_pci_configure[] =
289 {
290 0x86, 0x80, 0x29, 0x12, 0x17, 0x00, 0x90, 0x02, 0x08, 0x00, 0x00, 0x02, 0x10, 0x20, 0x00, 0x00,
291 0x00, 0x00, 0x10, 0x50, 0x01, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50, 0x00, 0x00, 0x00, 0x00,
292 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x86, 0x80, 0x0b, 0x00,
293 0x00, 0x00, 0xf0, 0xff, 0xdc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09, 0x01, 0x08, 0x38,
294 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
295 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
296 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
297 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
298 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
299 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
300 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
301 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
302 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
303 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x22, 0xfe,
304 0x00, 0x40, 0x00, 0x3a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
305 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
306 };
308 typedef struct
309 {
310 #define OPCODE 0xb
311 #define ADDR 0xc
312 #define DATA 0xd
313 #define NOP 0xe
315 #define EEPROM_RESET_ALL 0xfe
316 #define EEPROM_SELECT_RESET 0xff
317 uint8_t start_bit;
318 uint8_t opcode;
319 uint8_t address;
320 uint16_t data; //This must be 16 bit represents a register in eeprom
322 uint32_t val;
323 uint32_t val_len;
324 uint8_t val_type; // What data type is in DI. opcode?address?data?
326 uint8_t cs;
327 uint8_t sk;
329 // This two fileds only be reset when device init
330 uint16_t addr_len;
331 uint16_t contents[256]; // 256 is enough to all device(i82557 ... i82559)
332 } eeprom_t;
334 // Control/Status register structure
335 typedef struct
336 {
337 /* SCB status word */
338 union
339 {
340 uint16_t val;
341 struct
342 {
343 uint8_t rs1:2; // Reserved
344 uint8_t rus:4; // RU status
345 uint8_t cus:2; // CU status
346 uint8_t stat_ack; // Stat/ACK
347 }u;
348 }scb_status;
350 /* SCB command word */
351 union
352 {
353 uint16_t val;
354 struct
355 {
356 uint8_t ru_cmd:3; // RU command
357 uint8_t rs1:1; // Reserved
358 uint8_t cu_cmd:4; // CU command
359 uint8_t m:1; // Interrup mask bit(1:mask all interrupt)
360 uint8_t si:1; // Use for software cause interrupt
361 uint8_t simb:6; // Specific interrupt mask bit
362 }u;
363 }scb_cmd;
365 /* SCB general pointer */
366 union
367 {
368 uint32_t val;
369 struct
370 {
371 uint32_t scb_ptr;
372 }u;
373 }scb_pointer;
375 /* Port interface */
376 union
377 {
378 uint32_t val;
379 struct
380 {
381 uint8_t opcode:4; // Op code for function selection
382 uint32_t ptr:28; // Result pointer
383 }u;
384 }port;
386 uint16_t rs1; // Reserved
388 /* EEPROM control register */
389 union
390 {
391 uint16_t val;
392 struct
393 {
394 uint8_t eesk:1; // Serial clock
395 uint8_t eecs:1; // Chip select
396 uint8_t eedi:1; // Serial data in
397 uint8_t eedo:1; // Serial data out
398 uint8_t rs1:4; // Reserved
399 uint8_t data;
400 }u;
401 }eeprom_ctrl;
403 /* MDI control register */
404 union
405 {
406 uint32_t val;
407 struct
408 {
409 uint16_t data; // Data
410 uint8_t regaddr:5; // PHY register address
411 uint8_t phyaddr:5; // PHY address
412 uint8_t opcode:2; // Opcode
413 uint8_t r:1; // Ready
414 uint8_t ie:1; // Interrup enable
415 uint8_t rs1:2; // Reserved
416 }u;
417 } mdi_ctrl;
419 /* Receive byte counter register */
420 uint32_t rx_byte_counter;
422 /* Early receive interrupt register */
423 uint8_t early_interrupt;
425 /* Flow control register */
426 union
427 {
428 uint16_t val;
429 }flow_ctrl;
431 /* Power management driver register */
432 union
433 {
434 uint8_t val;
435 struct
436 {
437 uint8_t pme_s:1; // PME status
438 uint8_t tco_r:1; // TCO request
439 uint8_t f_tco_i:1; // Force TCO indication
440 uint8_t tco_re:1; // TCO ready
441 uint8_t rs1:1; // Reserved
442 uint8_t isp:1; // Intersting packet
443 uint8_t mg:1; // Magic packet
444 uint8_t lsci:1; // Link status change indication
445 }u;
446 }pm_reg;
448 /* General control register */
449 uint8_t gen_ctrl;
451 /* General status register */
452 uint8_t gen_status;
454 /* These are reserved or we don't support register */
455 uint8_t others[30];
456 } __attribute__ ((packed)) csr_t;
458 typedef struct
459 {
460 uint8_t byte_count;
461 uint8_t rx_fifo_limit:4;
462 uint8_t tx_fifo_limit:4;
463 uint8_t adpt_inf_spacing;
464 uint8_t rs1;
465 uint8_t rx_dma_max_bytes;
466 uint8_t tx_dma_max_bytes:7;
467 uint8_t dmbc_en:1;
468 uint8_t late_scb:1,
469 rs2:1,
470 tno_intr:1,
471 ci_intr:1,
472 rs3:1,
473 rs4:1,
474 dis_overrun_rx:1,
475 save_bad_frame:1;
476 uint8_t dis_short_rx:1,
477 underrun_retry:2,
478 rs5:5;
479 uint8_t mii:1,
480 rs6:7;
481 uint8_t rs7;
482 uint8_t rs8:3,
483 nsai:1,
484 preamble_len:2,
485 loopback:2;
486 uint8_t linear_prio:3,
487 rs9:5;
488 uint8_t pri_mode:1,
489 rs10:3,
490 interframe_spacing:4;
491 uint16_t rs11;
492 uint8_t promiscuous:1,
493 broadcast_dis:1,
494 rs12:5,
495 crs_cdt:1;
496 uint16_t rs13;
497 uint8_t strip:1,
498 padding:1,
499 rx_crc:1,
500 rs14:5;
501 uint8_t rs15:6,
502 force_fdx:1,
503 fdx_en:1;
504 uint8_t rs16:6,
505 mul_ia:2;
506 uint8_t rs17:3,
507 mul_all:1,
508 rs18:4;
509 } __attribute__ ((packed)) i82557_cfg_t;
511 typedef struct {
512 VLANClientState *vc;
513 PCIDevice *pci_dev;
514 int mmio_index;
515 uint8_t scb_stat; /* SCB stat/ack byte */
516 uint32_t region_base_addr[REGION_NUM]; /* PCI region addresses */
517 uint8_t macaddr[6];
518 uint16_t mdimem[32];
519 eeprom_t eeprom;
520 uint32_t device; /* device variant */
522 uint8_t mult_list[8]; /* Multicast address list */
523 int is_multcast_enable;
525 /* (cu_base + cu_offset) address the next command block in the command block list. */
526 uint32_t cu_base; /* CU base address */
527 uint32_t cu_offset; /* CU address offset */
528 uint32_t cu_next; /* Point to next command when CU go to suspend */
530 /* (ru_base + ru_offset) address the RFD in the Receive Frame Area. */
531 uint32_t ru_base; /* RU base address */
532 uint32_t ru_offset; /* RU address offset */
534 uint32_t statsaddr; /* pointer to e100_stats_t */
536 e100_stats_t statistics; /* statistical counters */
538 /* Configuration bytes. */
539 i82557_cfg_t config;
541 /* FIFO buffer of card. The packet that need to be sent buffered in it */
542 uint8_t pkt_buf[MAX_ETH_FRAME_SIZE+4];
543 /* Data length in FIFO buffer */
544 int pkt_buf_len;
546 /* Data in mem is always in the byte order of the controller (le). */
547 union
548 {
549 csr_t csr;
550 uint8_t mem[PCI_MEM_SIZE];
551 }pci_mem;
553 } E100State;
555 /* CB structure, filled by device driver
556 * This is a common structure of CB. In some
557 * special case such as TRANSMIT command, the
558 * reserved field will be used.
559 */
560 struct control_block
561 {
562 uint16_t rs1:13; /* reserved */
563 uint8_t ok:1; /* 1:command executed without error, otherwise 0 */
564 uint8_t rs2:1;
565 uint8_t c:1; /* execution status. set by device, clean by software */
566 uint8_t cmd:3; /* command */
567 uint16_t rs3:10; /* most time equal to 0 */
568 uint8_t i:1; /* whether trigger interrupt after execution. 1:yes; 0:no */
569 uint8_t s:1; /* suspend */
570 uint8_t el:1; /* end flag */
571 uint32_t link_addr;
572 } __attribute__ ((packed));
574 typedef struct
575 {
576 uint32_t tx_desc_addr; /* transmit buffer decsriptor array address. */
577 uint16_t tcb_bytes:14; /* transmit command block byte count (in lower 14 bits)*/
578 uint8_t rs1:1;
579 uint8_t eof:1;
580 uint8_t tx_threshold; /* transmit threshold */
581 uint8_t tbd_num; /* TBD number */
582 } __attribute__ ((packed)) tbd_t;
584 /* Receive frame descriptore structure */
585 typedef struct
586 {
587 uint16_t status:13; // Result of receive opration
588 uint8_t ok:1; // 1:receive without error, otherwise 0
589 uint8_t rs1:1;
590 uint8_t c:1; // 1:receive complete
591 uint8_t rs2:3;
592 uint8_t sf:1; // 0:simplified mode
593 uint8_t h:1; // 1:header RFD
594 uint16_t rs3:9;
595 uint8_t s:1; // 1:go to suspend
596 uint8_t el:1; // 1:last RFD
597 uint32_t link_addr; // Add on RU base point to next RFD
598 uint32_t rs4;
599 uint16_t count:14; // Number of bytes written into data area
600 uint8_t f:1; // Set by device when count field update
601 uint8_t eof:1; // Set by device when placing data into data area complete
602 uint16_t size:14; // Buffer size (even number)
603 uint8_t rs5:2;
604 } __attribute__ ((packed)) rfd_t;
606 enum
607 {
608 RX_COLLISION = BIT(0), // 1:Receive collision detected
609 RX_IA_MATCH = BIT(1), // 0:Receive frame match individual address
610 RX_NO_MATCH = BIT(2), // 1:Receive frame match no address
611 RX_ERR = BIT(4), // 1:Receive frame error
612 RX_TYPE = BIT(5), // 1:Receive frame is a type frame
613 RX_SHORT = BIT(7), // 1:Receive frame is too short
614 RX_DMA_ERR = BIT(8),
615 RX_LARGE = BIT(9), // 1:Receive frame is too large
616 RX_CRC_ERR = BIT(10),
617 } RFD_STATUS;
619 typedef struct PCIE100State {
620 PCIDevice dev;
621 E100State e100;
622 } PCIE100State;
624 /* Default values for MDI (PHY) registers */
625 static const uint16_t e100_mdi_default[] = {
626 /* MDI Registers 0 - 6, 7 */
627 0x3000, 0x780d, 0x02a8, 0x0154, 0x05e1, 0x0000, 0x0000, 0x0000,
628 /* MDI Registers 8 - 15 */
629 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
630 /* MDI Registers 16 - 31 */
631 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
632 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
633 };
635 static const uint8_t broadcast_macaddr[6] =
636 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
638 /* Debugging codes */
639 #ifdef DEBUG_E100
641 static void e100_dump(char *comment, uint8_t *info, int len)
642 {
643 int i;
645 if ( !comment || !info )
646 return;
648 fprintf(stderr, "EE100\t%-24s%s", __func__, comment);
649 for ( i=0; i<len; i++ )
650 fprintf(stderr, "%x ", info[i]);
652 fprintf(stderr, "\n");
653 }
655 static const char *regname[] =
656 {
657 [0] = "SCB Status", [1] = "SCB Ack",
658 [2] = "SCB Cmd", [3] = "SCB Interrupt Mask",
659 [4] = "SCB Pointer", [8] = "SCB Port",
660 [0xc] = "SCB Flash", [0xe] = "SCB Eeprom",
661 [0x10] = "SCB Ctrl MDI", [0x14] = "SCB Early RX",
662 };
663 #define SCBNAME(x) \
664 ( (x) < (sizeof(regname) / sizeof(regname[0])) ? regname[(x)] : "Unknown SCB Register" )
666 static const char *cb_cmd_name[] =
667 {
668 [CBL_NOP] = "NOP", [CBL_IASETUP] = "Individual address setup",
669 [CBL_CONFIGURE] = "Configure", [CBL_MULTCAST_ADDR_SETUP] = "Set Multcast address list",
670 [CBL_TRANSMIT] = "Transmit", [CBL_LOAD_MICROCODE] = "Load microcode",
671 [CBL_DUMP] = "Dump", [CBL_DIAGNOSE] = "Diagnose",
672 };
673 #define CB_CMD_NAME(x) \
674 ( (x) < (sizeof(cb_cmd_name) / sizeof(cb_cmd_name[0])) ? cb_cmd_name[(x)] : "Unknown CB command" )
676 static const char *eeprom_opcode_name[] =
677 {
678 [0] = "Unknow", [EEPROM_WRITE] = "Write",
679 [EEPROM_READ] = "Read", [EEPROM_ERASE] = "Erase",
680 };
681 #define EEPROM_OPCODE_NAME(x) \
682 ( (x) < (sizeof(eeprom_opcode_name) / sizeof(eeprom_opcode_name[0])) ? \
683 eeprom_opcode_name[(x)] : "Unknown" )
685 static struct eeprom_trace_data
686 {
687 uint8_t eedo[256];
688 uint8_t di[256];
689 int op;
690 int i;
691 uint32_t data;
692 }etd = {.op = NOP};
694 static void eeprom_trace(int eedo, int di, int dir, int next_op, int clr)
695 {
696 int i;
698 if ( clr )
699 {
700 char *opname = NULL;
702 switch ( etd.op )
703 {
704 case NOP:
705 break;
706 case OPCODE:
707 opname = "opcode";
708 break;
709 case ADDR:
710 opname = "address";
711 break;
712 case DATA:
713 opname = "data transfer";
714 break;
715 default:
716 opname = "Unknown";
717 }
719 if ( opname )
720 {
721 logout("EEPROM trace:\n");
722 fprintf(stderr, "\toperation: %s\n", opname);
723 fprintf(stderr, "\tDI track:");
724 for ( i=0; i<etd.i; i++ )
725 fprintf(stderr, "%x ", etd.di[i]);
726 fprintf(stderr, "\n\tDO track:");
727 for ( i=0; i<etd.i; i++ )
728 fprintf(stderr, "%x ", etd.eedo[i]);
729 fprintf(stderr, "\n\tData:%#x\n", etd.data);
730 }
733 memset(&etd, 0x0, sizeof(etd));
734 etd.op = next_op;
736 return;
737 }
739 etd.eedo[etd.i] = eedo;
740 etd.di[etd.i] = di;
741 etd.i ++;
742 if ( dir == EEPROM_READ && etd.op == DATA )
743 etd.data = (etd.data << 1) | eedo;
744 else
745 etd.data = (etd.data << 1) | di;
746 }
748 #define INT_NAME(x) \
749 ({ \
750 char *name = NULL; \
751 switch (x) \
752 { \
753 case INT_FCP: \
754 name = "FCP"; \
755 break; \
756 case INT_SWI: \
757 name = "SWI"; \
758 break; \
759 case INT_MDI: \
760 name = "MDI"; \
761 break; \
762 case INT_RNR: \
763 name = "RNR"; \
764 break; \
765 case INT_CNA: \
766 name = "CNA"; \
767 break; \
768 case INT_FR: \
769 name = "FR"; \
770 break; \
771 case INT_CX_TNO: \
772 name ="CX/TNO"; \
773 break; \
774 default: \
775 name ="Unknown"; \
776 } \
777 name; \
778 })
780 #else
781 static void e100_dump(char *comment, uint8_t *info, int len) {}
782 static void eeprom_trace(int eedo, int di, int dir, int next_op, int clr) {}
783 #endif
785 static void pci_reset(E100State * s)
786 {
787 uint8_t *pci_conf = s->pci_dev->config;
789 memcpy(pci_conf, &e100_pci_configure[0], sizeof(e100_pci_configure));
790 logout("%p\n", s);
792 /* I82557 */
793 PCI_CONFIG_8(E100_PCI_REVISION_ID, 0x01);
795 PCI_CONFIG_8(0x3c, 0x0);
797 }
799 static void e100_selective_reset(E100State * s)
800 {
802 memset(s->pci_mem.mem, 0x0, sizeof(s->pci_mem.mem));
803 // Set RU/CU to idle, maintain the register mentioned in spec,
804 SET_CU_STATE(CU_IDLE);
805 SET_RU_STATE(RU_IDLE);
806 logout("CU and RU go to idle\n");
808 s->ru_offset = 0;
809 s->cu_offset = 0;
810 s->cu_next = 0;
812 // For 82557, special interrupt bits are all 1
813 CSR(CSR_CMD, simb) = 0x3f;
814 // Set PHY to 1
815 CSR_VAL(CSR_MDI) |= BIT(21);
817 /* Initialize EEDO bit to 1. Due to driver would detect dummy 0 at
818 * EEDO bit, so initialize it to 1 is safety a way.
819 */
820 CSR(CSR_EEPROM, eedo) = 1;
821 // no pending interrupts
822 s->scb_stat = 0;
824 return;
825 }
827 static void e100_software_reset(E100State *s)
828 {
829 memset(s->pci_mem.mem, 0x0, sizeof(s->pci_mem.mem));
830 // Clear multicast list
831 memset(s->mult_list, 0x0, sizeof(s->mult_list));
832 // Set MDI register to default value
833 memcpy(&s->mdimem[0], &e100_mdi_default[0], sizeof(s->mdimem));
834 s->is_multcast_enable = 1;
835 /* Clean FIFO buffer */
836 memset(s->pkt_buf, 0x0, sizeof(s->pkt_buf));
837 s->pkt_buf_len = 0;
839 memset(&s->statistics, 0x0, sizeof(s->statistics));
840 e100_selective_reset(s);
841 return;
842 }
844 static void e100_reset(void *opaque)
845 {
846 E100State *s = (E100State *) opaque;
847 logout("%p\n", s);
848 e100_software_reset(s);
849 }
852 static void e100_save(QEMUFile * f, void *opaque)
853 {
854 E100State *s = (E100State *)opaque;
855 int i;
857 pci_device_save(s->pci_dev, f);
859 qemu_put_be32s(f, &s->mmio_index);
860 qemu_put_8s(f, &s->scb_stat);
861 for(i = 0; i < REGION_NUM; i++) {
862 qemu_put_be32s(f, &s->region_base_addr[i]);
863 }
864 qemu_put_buffer(f, s->macaddr, 6);
865 for(i = 0; i < 32; i++) {
866 qemu_put_be16s(f, &s->mdimem[i]);
867 }
869 /* Save eeprom. */
870 qemu_put_8s(f, &s->eeprom.start_bit);
871 qemu_put_8s(f, &s->eeprom.opcode);
872 qemu_put_8s(f, &s->eeprom.address);
873 qemu_put_be16s(f, &s->eeprom.data);
874 qemu_put_be32s(f, &s->eeprom.val);
875 qemu_put_be32s(f, &s->eeprom.val);
876 qemu_put_be32s(f, &s->eeprom.val_len);
877 qemu_put_be32s(f, &s->eeprom.val_type);
878 qemu_put_8s(f, &s->eeprom.cs);
879 qemu_put_8s(f, &s->eeprom.sk);
880 qemu_put_be16s(f, &s->eeprom.addr_len);
881 for(i = 0; i < 256; i++) {
882 qemu_put_be16s(f, &s->eeprom.contents[i]);
883 }
885 qemu_put_be32s(f, &s->device);
887 qemu_put_buffer(f, s->mult_list, 8);
888 qemu_put_be32s(f, &s->is_multcast_enable);
890 qemu_put_be32s(f, &s->cu_base);
891 qemu_put_be32s(f, &s->cu_offset);
892 qemu_put_be32s(f, &s->cu_next);
894 qemu_put_be32s(f, &s->ru_base);
895 qemu_put_be32s(f, &s->ru_offset);
897 qemu_put_be32s(f, &s->statsaddr);
899 /* Save statistics. */
900 qemu_put_be32s(f, &s->statistics.tx_good_frames);
901 qemu_put_be32s(f, &s->statistics.tx_max_collisions);
902 qemu_put_be32s(f, &s->statistics.tx_late_collisions);
903 qemu_put_be32s(f, &s->statistics.tx_underruns);
904 qemu_put_be32s(f, &s->statistics.tx_lost_crs);
905 qemu_put_be32s(f, &s->statistics.tx_deferred);
906 qemu_put_be32s(f, &s->statistics.tx_single_collisions);
907 qemu_put_be32s(f, &s->statistics.tx_multiple_collisions);
908 qemu_put_be32s(f, &s->statistics.tx_total_collisions);
909 qemu_put_be32s(f, &s->statistics.rx_good_frames);
910 qemu_put_be32s(f, &s->statistics.rx_crc_errors);
911 qemu_put_be32s(f, &s->statistics.rx_alignment_errors);
912 qemu_put_be32s(f, &s->statistics.rx_resource_errors);
913 qemu_put_be32s(f, &s->statistics.rx_overrun_errors);
914 qemu_put_be32s(f, &s->statistics.rx_short_frame_errors);
915 qemu_put_be32s(f, &s->statistics.complete_word);
917 qemu_put_buffer(f, (uint8_t*)(&s->config), sizeof(s->config));
919 qemu_put_buffer(f, s->pkt_buf, MAX_ETH_FRAME_SIZE+4);
920 qemu_put_be32s(f, &s->pkt_buf_len);
922 qemu_put_buffer(f, (uint8_t*)(&s->pci_mem), sizeof(s->pci_mem));
923 }
925 static int e100_load(QEMUFile * f, void *opaque, int version_id)
926 {
927 E100State *s = (E100State *)opaque;
928 int i, ret;
930 if (version_id > 3)
931 return -EINVAL;
933 ret = pci_device_load(s->pci_dev, f);
934 if (ret < 0)
935 return ret;
937 qemu_get_be32s(f, &s->mmio_index);
938 qemu_get_8s(f, &s->scb_stat);
939 for(i = 0; i < REGION_NUM; i++) {
940 qemu_get_be32s(f, &s->region_base_addr[i]);
941 }
942 qemu_get_buffer(f, s->macaddr, 6);
943 for(i = 0; i < 32; i++) {
944 qemu_get_be16s(f, &s->mdimem[i]);
945 }
947 /* Load eeprom. */
948 qemu_get_8s(f, &s->eeprom.start_bit);
949 qemu_get_8s(f, &s->eeprom.opcode);
950 qemu_get_8s(f, &s->eeprom.address);
951 qemu_get_be16s(f, &s->eeprom.data);
952 qemu_get_be32s(f, &s->eeprom.val);
953 qemu_get_be32s(f, &s->eeprom.val);
954 qemu_get_be32s(f, &s->eeprom.val_len);
955 qemu_get_be32s(f, &s->eeprom.val_type);
956 qemu_get_8s(f, &s->eeprom.cs);
957 qemu_get_8s(f, &s->eeprom.sk);
958 qemu_get_be16s(f, &s->eeprom.addr_len);
959 for(i = 0; i < 256; i++) {
960 qemu_get_be16s(f, &s->eeprom.contents[i]);
961 }
963 qemu_get_be32s(f, &s->device);
965 qemu_get_buffer(f, s->mult_list, 8);
966 qemu_get_be32s(f, &s->is_multcast_enable);
968 qemu_get_be32s(f, &s->cu_base);
969 qemu_get_be32s(f, &s->cu_offset);
970 qemu_get_be32s(f, &s->cu_next);
972 qemu_get_be32s(f, &s->ru_base);
973 qemu_get_be32s(f, &s->ru_offset);
975 qemu_get_be32s(f, &s->statsaddr);
977 /* Load statistics. */
978 qemu_get_be32s(f, &s->statistics.tx_good_frames);
979 qemu_get_be32s(f, &s->statistics.tx_max_collisions);
980 qemu_get_be32s(f, &s->statistics.tx_late_collisions);
981 qemu_get_be32s(f, &s->statistics.tx_underruns);
982 qemu_get_be32s(f, &s->statistics.tx_lost_crs);
983 qemu_get_be32s(f, &s->statistics.tx_deferred);
984 qemu_get_be32s(f, &s->statistics.tx_single_collisions);
985 qemu_get_be32s(f, &s->statistics.tx_multiple_collisions);
986 qemu_get_be32s(f, &s->statistics.tx_total_collisions);
987 qemu_get_be32s(f, &s->statistics.rx_good_frames);
988 qemu_get_be32s(f, &s->statistics.rx_crc_errors);
989 qemu_get_be32s(f, &s->statistics.rx_alignment_errors);
990 qemu_get_be32s(f, &s->statistics.rx_resource_errors);
991 qemu_get_be32s(f, &s->statistics.rx_overrun_errors);
992 qemu_get_be32s(f, &s->statistics.rx_short_frame_errors);
993 qemu_get_be32s(f, &s->statistics.complete_word);
995 qemu_put_buffer(f, (uint8_t*)(&s->config), sizeof(s->config));
997 qemu_get_buffer(f, s->pkt_buf, MAX_ETH_FRAME_SIZE+4);
998 qemu_get_be32s(f, &s->pkt_buf_len);
1000 qemu_get_buffer(f, (uint8_t*)(&s->pci_mem), sizeof(s->pci_mem));
1002 return 0;
1005 /* Interrupt functions */
1006 static void e100_interrupt(E100State *s, uint16_t int_type)
1009 //TODO: Add another i8255x card supported mask bit
1010 if ( !CSR(CSR_CMD,m) )
1012 //Set bit in stat/ack, so driver can no what interrupt happen
1013 CSR_VAL(CSR_STATUS) |= int_type;
1014 s->scb_stat = CSR(CSR_STATUS, stat_ack);
1016 /* SCB maske and SCB Bit M do not disable interrupt. */
1017 logout("Trigger an interrupt(type = %s(%#x), SCB Status = %#x)\n",
1018 INT_NAME(int_type), int_type, CSR_VAL(CSR_STATUS));
1019 pci_set_irq(s->pci_dev, 0, 1);
1023 static void e100_interrupt_ack(E100State * s, uint8_t ack)
1026 /* Ignore acknowledege if driver write 0 to ack or
1027 * according interrupt bit is not set
1028 */
1029 if ( !ack || !(s->scb_stat & ack) )
1031 logout("Illegal interrupt ack(ack=%#x, SCB Stat/Ack=%#x), ignore it\n",
1032 ack, s->scb_stat);
1033 // Due to we do write operation before e100_execute(), so
1034 // we must restore value of ack field here
1035 CSR(CSR_STATUS, stat_ack) = s->scb_stat;
1036 return;
1039 s->scb_stat &= ~ack;
1040 CSR(CSR_STATUS, stat_ack) = s->scb_stat;
1042 logout("Interrupt ack(name=%s,val=%#x)\n", INT_NAME(({uint16_t bit = ack<<8;bit;})),ack);
1043 if ( !s->scb_stat )
1045 logout("All interrupts are acknowledeged, de-assert interrupt line\n");
1046 pci_set_irq(s->pci_dev, 0, 0);
1050 static void e100_self_test(uint32_t res_addr)
1052 struct
1054 uint32_t st_sign; /* Self Test Signature */
1055 uint32_t st_result; /* Self Test Results */
1056 } test_res;
1058 test_res.st_sign = (uint32_t)-1;
1059 test_res.st_result = 0; // Our self test always success
1060 cpu_physical_memory_write(res_addr, (uint8_t *)&test_res, sizeof(test_res));
1062 logout("Write self test result to %#x\n", res_addr);
1065 static void scb_port_func(E100State *s, uint32_t val, int dir)
1067 #define PORT_SELECTION_MASK 0xfU
1069 uint32_t sel = val & PORT_SELECTION_MASK;
1071 switch ( sel )
1073 case PORT_SOFTWARE_RESET:
1074 logout("do PORT_SOFTWARE_RESET!\n");
1075 e100_software_reset(s);
1076 break;
1077 case PORT_SELF_TEST:
1078 e100_self_test(val & ~PORT_SELECTION_MASK);
1079 logout("do PORT_SELF_TEST!\n");
1080 break;
1081 case PORT_SELECTIVE_RESET:
1082 logout("do PORT_SELECTIVE_RESET!\n");
1083 e100_selective_reset(s);
1084 break;
1085 case PORT_DUMP:
1086 logout("do PORT_SOFTWARE_RESET!\n");
1087 break;
1088 case PORT_DUMP_WAKE_UP:
1089 logout("do PORT_SOFTWARE_RESET!\n");
1090 break;
1091 default:
1092 logout("Unkonw SCB port command(selection function = %#x)\n", sel);
1096 static void e100_write_mdi(E100State *s, uint32_t val)
1098 uint32_t ie = (val & 0x20000000) >> 29;
1099 uint32_t opcode = (val & 0x0c000000) >> 26;
1100 uint32_t phyaddr = (val & 0x03e00000) >> 21;
1101 uint32_t regaddr = (val & 0x001f0000) >> 16;
1102 uint32_t data = val & 0x0000ffff;
1104 logout("Write MDI:\n"
1105 "\topcode:%#x\n"
1106 "\tphy address:%#x\n"
1107 "\treg address:%#x\n"
1108 "\tie:%#x\n"
1109 "\tdata:%#x\n",
1110 opcode, phyaddr, regaddr, ie, data);
1112 /* We use default value --- PHY1
1113 * If driver operate on other PHYs, do nothing and
1114 * deceive it that the operation is finished
1115 */
1116 if ( phyaddr != 1 )
1118 logout("Unsupport PHY address(phy = %#x)\n", phyaddr);
1119 goto done;
1122 // 1: MDI write
1123 // 2: MDI read
1124 if ( opcode != MDI_WRITE && opcode != MDI_READ )
1126 logout("Invalid Opcode(opcode = %#x)\n", opcode);
1127 return;
1130 // Current only support MDI generic registers.
1131 if ( regaddr > 6 )
1133 logout("Invalid phy register index( phy register addr = %#x)\n", regaddr);
1136 if ( opcode == MDI_WRITE )
1138 // MDI write
1139 switch ( regaddr )
1141 case 0: // Control Register
1142 if ( data & 0x8000 ) // Reset
1144 /* Reset status and control registers to default. */
1145 s->mdimem[0] = e100_mdi_default[0];
1146 s->mdimem[1] = e100_mdi_default[1];
1147 data = s->mdimem[regaddr];
1149 else
1151 /* Restart Auto Configuration = Normal Operation */
1152 data &= ~0x0200;
1154 break;
1155 case 1: // Status Register
1156 logout("Invalid write on readonly register(opcode = %#x)\n", opcode);
1157 data = s->mdimem[regaddr];
1158 break;
1159 case 2:
1160 case 3:
1161 case 4:
1162 case 5:
1163 case 6:
1164 break;
1166 s->mdimem[regaddr] = data;
1167 logout("MDI WRITE: reg = %#x, data = %#x\n", regaddr, data);
1169 else if ( opcode == MDI_READ )
1171 // MDI read
1172 switch ( regaddr )
1174 case 0: // Control Register
1175 if ( data & 0x8000 ) // Reset
1177 /* Reset status and control registers to default. */
1178 s->mdimem[0] = e100_mdi_default[0];
1179 s->mdimem[1] = e100_mdi_default[1];
1181 break;
1182 case 1: // Status Register
1183 // Auto Negotiation complete, set sticky bit to 1
1184 s->mdimem[regaddr] |= 0x0026;
1185 break;
1186 case 2: // PHY Identification Register (Word 1)
1187 case 3: // PHY Identification Register (Word 2)
1188 break;
1189 case 5: // Auto-Negotiation Link Partner Ability Register
1190 s->mdimem[regaddr] = 0x41fe;
1191 break;
1192 case 6: // Auto-Negotiation Expansion Register
1193 s->mdimem[regaddr] = 0x0001;
1194 break;
1196 data = s->mdimem[regaddr];
1197 logout("MDI READ: reg = %#x, data = %#x\n", regaddr, data);
1200 /* Emulation takes no time to finish MDI transaction.
1201 * Set MDI bit in SCB status register. */
1202 done:
1203 val |= BIT(28);
1204 val = (val & 0xffff0000) + data;
1205 CSR_WRITE(SCB_MDI, val, uint32_t);
1207 if ( ie )
1208 e100_interrupt(s, (uint16_t)INT_MDI);
1211 static void scb_mdi_func(E100State *s, uint32_t val, int dir)
1213 if ( dir == OP_READ )
1214 // Do nothing, just tell driver we are ready
1215 CSR_VAL(CSR_MDI) |= BIT(28);
1216 else if ( dir == OP_WRITE )
1217 e100_write_mdi(s, val);
1218 else
1219 logout("Invalid operation direction(dir=%x)\n", dir);
1223 static void eeprom_reset(E100State *s, int type)
1225 eeprom_t *e = &s->eeprom;
1227 if ( type == EEPROM_RESET_ALL )
1229 memset(e, 0x0, sizeof(eeprom_t));
1230 e->val_type = NOP;
1231 logout("EEPROM reset all\n");
1232 return;
1235 CSR(CSR_EEPROM, eedo) = 1;
1236 e->start_bit = 0;
1237 e->opcode = 0;
1238 e->address = 0;
1239 e->data = 0;
1241 e->val = 0;
1242 e->val_len = 0;
1243 e->val_type = NOP;
1245 e->cs = 0;
1246 e->sk = 0;
1247 logout("EEPROM select reset\n");
1250 static void do_eeprom_op(E100State *s, eeprom_t *e, int cs, int sk, int di, int dir)
1252 int assert_cs = (cs == 1 && e->cs == 0);
1253 int de_assert_cs = (cs == 0 && e->cs == 1);
1254 int de_assert_sk = (sk == 0 && e->sk == 1);
1256 // Chip select is not be enabled
1257 if ( cs == 0 && e->cs == 0 )
1259 logout("Invalid EECS signal\n");
1260 return;
1263 // update state
1264 e->cs = cs;
1265 e->sk = sk;
1267 // Do nothing
1268 if ( assert_cs )
1270 logout("EECS assert\n");
1271 return;
1274 // Complete one command
1275 if ( de_assert_cs )
1277 if ( e->val_type == DATA && e->opcode == EEPROM_WRITE )
1279 e->data = e->val;
1280 memcpy((void *)((unsigned long)e->contents + e->address),
1281 &e->data, sizeof(e->data));
1282 logout("EEPROM write complete(data=%#x)\n", e->data);
1284 eeprom_trace(0,0,0,NOP,1);
1285 eeprom_reset(s, EEPROM_SELECT_RESET);
1286 logout("EECS de-asserted\n");
1287 return;
1290 // Chip is selected and serial clock is change, so the operation is vaild
1291 if ( cs == 1 && de_assert_sk == 1)
1293 // Set start bit
1294 if ( e->start_bit == 0 && di == 1 )
1296 e->start_bit = di;
1297 e->val_len = 0;
1298 e->val = 0;
1299 e->val_type = OPCODE;
1301 eeprom_trace(0,0,0,OPCODE,1);
1302 logout("EEPROM start bit set\n");
1303 return;
1305 // Data in DI is vaild
1306 else if ( e->start_bit == 1 )
1308 // If current operation is eeprom read, ignore DI
1309 if ( !(e->val_type == DATA && e->opcode == EEPROM_READ) )
1311 e->val = (e->val << 1) | di;
1312 e->val_len ++;
1315 switch ( e->val_type )
1317 // Get the opcode.
1318 case OPCODE:
1319 eeprom_trace(CSR(CSR_EEPROM, eedo), di, e->opcode, 0, 0);
1320 if ( e->val_len == 2 )
1322 e->opcode = e->val;
1323 e->val = 0;
1324 e->val_len = 0;
1325 e->val_type = ADDR;
1327 eeprom_trace(0,0,0,ADDR,1);
1328 logout("EEPROM get opcode(opcode name=%s,opcode=%#x )\n",
1329 EEPROM_OPCODE_NAME(e->opcode), e->opcode);
1331 break;
1332 // Get address
1333 case ADDR:
1334 eeprom_trace(CSR(CSR_EEPROM, eedo), di, e->opcode, 0, 0);
1335 if ( e->val_len == e->addr_len )
1337 e->address = e->val;
1338 e->val = 0;
1339 e->val_len = 0;
1340 e->val_type = DATA;
1342 // We prepare data eary for later read operation
1343 if ( e->opcode == EEPROM_READ )
1345 memcpy(&e->data, (void *)(e->contents + e->address),
1346 sizeof(e->data));
1347 logout("EEPROM prepare data to read(addr=%#x,data=%#x)\n",
1348 e->address, e->data);
1351 // Write dummy 0 to response to driver the address is written complete
1352 CSR(CSR_EEPROM, eedo) = 0;
1353 eeprom_trace(0,0,0,DATA,1);
1354 logout("EEPROM get address(addr=%#x)\n", e->address);
1356 break;
1357 // Only do data out operation
1358 case DATA:
1359 if ( e->opcode == EEPROM_READ )
1361 // Start from the most significant bit
1362 //uint16_t t = ((e->data & (1<<(sizeof(e->data)*8 - e->val_len - 1))) != 0);
1363 uint16_t t = !!(e->data & (0x8000U >> e->val_len));
1365 CSR(CSR_EEPROM, eedo) = t;
1367 logout("EEPROM read(reg address=%#x, reg val=%#x, do=%#x, len=%#x)\n",
1368 e->address, e->data, t, e->val_len);
1370 if ( e->val_len > sizeof(e->data)*8 )
1372 /* Driver may do more write op to de-assert EESK,
1373 * So we let EEPROM go to idle after a register be
1374 * read complete
1375 */
1376 e->val_type = NOP;
1377 logout("Read complete\n");
1379 break;
1382 e->val_len ++;
1384 eeprom_trace(CSR(CSR_EEPROM, eedo), di, e->opcode, 0, 0);
1385 // Do eerpom write when CS de-assert
1386 break;
1387 default:
1388 break;
1393 return;
1397 static void scb_eeprom_func(E100State *s, uint32_t val, int dir)
1399 int eecs = ((val & EEPROM_CS) != 0);
1400 int eesk = ((val & EEPROM_SK) != 0);
1401 int eedi = ((val & EEPROM_DI) != 0);
1403 logout("EEPROM: Old(cs=%#x, sk=%#x), New(cs=%#x, sk=%#x, di=%#x)\n",
1404 s->eeprom.cs, s->eeprom.sk, eecs, eesk, eedi);
1406 do_eeprom_op(s, &s->eeprom, eecs, eesk, eedi, dir);
1408 return;
1411 static void e100_ru_command(E100State *s, uint8_t val)
1413 switch ( val )
1415 case RU_NOP:
1416 /* Will not be here */
1417 break;
1418 case RU_START:
1419 /* RU start */
1421 SET_RU_STATE(RU_READY);
1422 logout("RU is set to ready\n");
1423 s->ru_offset = CSR_VAL(CSR_POINTER);
1424 logout("RFD offset is at %#x\n", s->ru_offset);
1425 break;
1426 case RU_RESUME:
1427 /* RU Resume */
1428 if ( GET_RU_STATE == RU_SUSPENDED )
1429 SET_RU_STATE(RU_READY);
1430 logout("RU resume to ready\n");
1431 break;
1432 case RU_ADDR_LOAD:
1433 /* Load RU base */
1434 s->ru_base = CSR_VAL(CSR_POINTER);
1435 logout("Load RU base address at %#x\n", s->ru_base);
1436 break;
1437 case RU_DMA_REDIRECT:
1438 logout("RU DMA redirect not implemented\n");
1439 break;
1440 case RU_ABORT:
1441 e100_interrupt(s, INT_RNR);
1442 SET_RU_STATE(RU_IDLE);
1443 logout("RU abort, go to idle\n");
1444 break;
1445 case RU_LOAD_HDS:
1446 logout("RU load header data size(HDS) not implemented\n");
1447 default:
1448 break;
1452 // This function will change CU's state, so CU start and
1453 // CU resume must set CU's state before it
1454 static void e100_execute_cb_list(E100State *s, int is_resume)
1457 struct control_block cb = {0};
1458 uint32_t cb_addr;
1460 if ( !is_resume )
1461 s->cu_offset = CSR_VAL(CSR_POINTER);
1463 /* If call from CU resume, cu_offset has been set */
1465 while (1)
1467 cb_addr = s->cu_base + s->cu_offset;
1468 cpu_physical_memory_read(cb_addr, (uint8_t *)&cb, sizeof(cb));
1471 switch ( cb.cmd )
1473 case CBL_NOP:
1474 /* Do nothing */
1475 break;
1476 case CBL_IASETUP:
1477 cpu_physical_memory_read(cb_addr + 8, &s->macaddr[0], sizeof(s->macaddr));
1478 e100_dump("Setup Individual Address:", &s->macaddr[0], 6);
1479 break;
1480 case CBL_CONFIGURE:
1482 i82557_cfg_t *cfg = &s->config;
1484 assert(sizeof(s->config) == 22);
1485 cpu_physical_memory_read(cb_addr + 8, (uint8_t *)cfg, sizeof(s->config));
1486 logout("Setup card configuration:"
1487 "\tbyte count:%d\n"
1488 "\tRx FIFO limit:%d\n"
1489 "\tTx FIFO limit:%d\n"
1490 "\tAdaptive interframe spacing:%d\n"
1491 "\tRx DMA max:%d\n"
1492 "\tTX DMA max:%d\n"
1493 "\tDMBC enable:%d\n"
1494 "\tLate SCB:%d\n"
1495 "\tTNO:%d\n"
1496 "\tCI:%d\n"
1497 "\tDiscard overrun RX:%d\n"
1498 "\tSave bad frame:%d\n"
1499 "\tDiscard short RX:%d\n"
1500 "\tunderrun retry:%d\n"
1501 "\tMII:%d\n"
1502 "\tNSAI:%d\n"
1503 "\tPreamble len:%d\n"
1504 "\tloopback:%d\n"
1505 "\tliner pro:%d\n"
1506 "\tPRI mode:%d\n"
1507 "\tinterframe spacing:%d\n"
1508 "\tpromiscuous:%d\n"
1509 "\tbroadcast dis:%d\n"
1510 "\tCRS CDT:%d\n"
1511 "\tstripping:%d\n"
1512 "\tpadding:%d\n"
1513 "\tRX crc:%d\n"
1514 "\tforce fdx:%d\n"
1515 "\tfdx enable:%d\n"
1516 "\tmultiple IA:%d\n"
1517 "\tmulticast all:%d\n",
1518 cfg->byte_count, cfg->rx_fifo_limit, cfg->tx_fifo_limit,
1519 cfg->adpt_inf_spacing, cfg->rx_dma_max_bytes, cfg->tx_dma_max_bytes,
1520 cfg->dmbc_en, cfg->late_scb, cfg->tno_intr, cfg->ci_intr,
1521 cfg->dis_overrun_rx, cfg->save_bad_frame, cfg->dis_short_rx,
1522 cfg->underrun_retry, cfg->mii, cfg->nsai, cfg->preamble_len,
1523 cfg->loopback, cfg->linear_prio, cfg->pri_mode, cfg->interframe_spacing,
1524 cfg->promiscuous, cfg->broadcast_dis, cfg->crs_cdt, cfg->strip,
1525 cfg->padding, cfg->rx_crc, cfg->force_fdx, cfg->fdx_en,
1526 cfg->mul_ia, cfg->mul_all);
1528 break;
1529 case CBL_MULTCAST_ADDR_SETUP:
1531 uint16_t mult_list_count = 0;
1532 uint16_t size = 0;
1534 cpu_physical_memory_read(cb_addr + 8, (uint8_t *)&mult_list_count, 2);
1535 mult_list_count = (mult_list_count << 2) >> 2;
1537 if ( !mult_list_count )
1539 logout("Multcast disabled(multicast count=0)\n");
1540 s->is_multcast_enable = 0;
1541 memset(s->mult_list, 0x0, sizeof(s->mult_list));
1542 break;
1544 size = mult_list_count > sizeof(s->mult_list) ?
1545 sizeof(s->mult_list) : mult_list_count;
1546 cpu_physical_memory_read(cb_addr + 12, &s->mult_list[0], size);
1548 e100_dump("Setup Multicast list: ", &s->mult_list[0], size);
1549 break;
1551 case CBL_TRANSMIT:
1553 struct
1555 struct control_block cb;
1556 tbd_t tbd;
1557 } __attribute__ ((packed)) tx;
1559 struct
1561 uint32_t addr;
1562 uint16_t size;
1563 uint16_t is_el_set;
1564 } tx_buf = {0};
1566 uint32_t tbd_array;
1567 uint16_t tcb_bytes;
1568 uint8_t sf;
1569 int len = s->pkt_buf_len;
1571 assert( len < sizeof(s->pkt_buf));
1573 cpu_physical_memory_read(cb_addr, (uint8_t *)&tx, sizeof(tx));
1574 tbd_array = le32_to_cpu(tx.tbd.tx_desc_addr);
1575 tcb_bytes = le16_to_cpu(tx.tbd.tcb_bytes);
1576 // Indicate use what mode to transmit(simple or flexible)
1577 sf = tx.cb.rs3 & 0x1;
1579 logout("Get a TBD:\n"
1580 "\tTBD array address:%#x\n"
1581 "\tTCB byte count:%#x\n"
1582 "\tEOF:%#x\n"
1583 "\tTransmit Threshold:%#x\n"
1584 "\tTBD number:%#x\n"
1585 "\tUse %s mode to send frame\n",
1586 tbd_array, tcb_bytes, tx.tbd.eof,
1587 tx.tbd.tx_threshold, tx.tbd.tbd_num,
1588 sf ? "Flexible" : "Simple");
1590 if ( !sf || tbd_array == (uint32_t)-1 )
1592 /* Simple mode */
1594 /* For simple mode, TCB bytes should not be zero.
1595 * But we still check here for safety
1596 */
1597 if ( !tcb_bytes || tcb_bytes > sizeof(s->pkt_buf) )
1598 break;
1600 cpu_physical_memory_read(cb_addr+16, &s->pkt_buf[0], tcb_bytes);
1601 len = tcb_bytes;
1602 logout("simple mode(size=%d)\n", len);
1605 else
1607 /* Flexible mode */
1609 /* For flexible mode, TBD num should not be zero.
1610 * But we still check here for safety
1611 */
1612 if ( !tx.tbd.tbd_num )
1613 break;
1615 // I82557 don't support extend TCB
1616 if ( s->device == i82557C || s->device == i82557B )
1618 /* Standard TCB mode */
1620 int i;
1622 for ( i=0; i<tx.tbd.tbd_num; i++ )
1625 cpu_physical_memory_read(tbd_array, (uint8_t *)&tx_buf,
1626 sizeof(tx_buf));
1627 tx_buf.is_el_set &= 0x1;
1628 tx_buf.size &= 0x7fff;
1629 tbd_array += 8;
1631 if ( tx_buf.size > sizeof(s->pkt_buf) - len )
1633 logout("Warning: Get a too big TBD, ignore it"
1634 "(buf addr %#x, size %d, el:%#x)\n",
1635 tx_buf.addr, tx_buf.size, tx_buf.is_el_set);
1636 continue;
1639 cpu_physical_memory_read(tx_buf.addr, &s->pkt_buf[len],
1640 tx_buf.size);
1642 logout("TBD (standard mode): buf addr %#x, size %d, el:%#x\n",
1643 tx_buf.addr, tx_buf.size, tx_buf.is_el_set);
1644 len += tx_buf.size;
1646 if ( tx_buf.is_el_set )
1647 break;
1651 //FIXME: Extend mode is not be tested
1652 else
1654 /* Extend TCB mode */
1656 /* A strandard TCB followed by two TBDs */
1657 uint32_t tbd_addr = cb_addr+16;
1658 int i = 0;
1661 for ( ; i<2 && i<tx.tbd.tbd_num; i++ )
1664 cpu_physical_memory_read(tbd_array, (uint8_t *)&tx_buf,
1665 sizeof(tx_buf));
1666 tx_buf.is_el_set &= 0x1;
1667 tbd_addr += 8;
1669 /* From Intel's spec, size of TBD equal to zero
1670 * has same effect with EL bit set
1671 */
1672 if ( tx_buf.size == 0 )
1674 tx_buf.is_el_set = 1;
1675 break;
1678 if ( tx_buf.size + len > sizeof(s->pkt_buf) )
1680 logout("TX frame is too large, discarding it"
1681 "(buf addr=%#x, size=%#x)\n", tx_buf.addr,
1682 tx_buf.size);
1683 //continue;
1684 break;
1687 logout("TBD (extended mode): buf addr %#08x, size %#04x, el:%#x\n",
1688 tx_buf.addr, tx_buf.size, tx_buf.is_el_set);
1689 cpu_physical_memory_read(tx_buf.addr, &s->pkt_buf[len],
1690 tx_buf.size);
1692 len += tx_buf.size;
1694 if ( tx_buf.is_el_set )
1695 break;
1698 /* In extend TCB mode, TDB array point to the thrid TBD
1699 * if it is not NULL(0xffffffff) and EL bit of before
1700 * two TBDs is not set
1701 */
1702 if ( tbd_array != (uint32_t)-1 && !tx_buf.is_el_set )
1704 tbd_addr = tbd_array;
1706 /* TBD number includes first two TBDs, so don't
1707 * initialize i here
1708 */
1709 for ( ; i<tx.tbd.tbd_num; i++ )
1711 cpu_physical_memory_read(tbd_addr, (uint8_t *)&tx_buf,
1712 sizeof(tx_buf));
1713 tx_buf.is_el_set &= 0x1;
1714 tbd_addr += 8;
1716 cpu_physical_memory_read(tx_buf.addr, &s->pkt_buf[len],
1717 tx_buf.size);
1718 logout("TBD (extended mode): buf addr 0x%#08x, size 0x%#04x\n",
1719 tx_buf.addr, tx_buf.size);
1721 len += tx_buf.size;
1723 if ( tx_buf.is_el_set )
1724 break;
1731 s->pkt_buf_len = len;
1733 /* Below codes are used for Threshold. But with these logic, network of guest
1734 * getting bad performance. So I comment it and leave codes here to hope anyone
1735 * fix it
1736 */
1737 #if 0
1738 /* If threshold is set, only send packet when threshold
1739 * bytes are read
1740 */
1741 if ( tx.tbd.tx_threshold && s->pkt_buf_len < tx.tbd.tx_threshold * 8 )
1743 logout("Current data length in FIFO buffer:%d\n", s->pkt_buf_len);
1744 break;
1746 #endif
1748 if ( s->pkt_buf_len )
1750 qemu_send_packet(s->vc, s->pkt_buf, s->pkt_buf_len);
1751 s->statistics.tx_good_frames ++;
1752 logout("Send out frame successful(size=%d,"
1753 "already sent %d frames)\n", s->pkt_buf_len,
1754 s->statistics.tx_good_frames);
1755 s->pkt_buf_len = 0;
1758 e100_dump("Dest addr:", (uint8_t *)s->pkt_buf, 6);
1759 e100_dump("Src addr:", (uint8_t *)(s->pkt_buf+6), 6);
1760 e100_dump("type:", (uint8_t *)(s->pkt_buf+8), 2);
1762 break;
1764 case CBL_LOAD_MICROCODE:
1765 #ifdef DEBUG_E100
1767 /* Don't support load marco code, just dump it */
1768 #define MICRO_CODE_LEN 256
1769 uint8_t micro_code[MICRO_CODE_LEN] = {0};
1770 cpu_physical_memory_read(cb_addr+8, micro_code, MICRO_CODE_LEN);
1771 e100_dump("Load micro code:", micro_code, MICRO_CODE_LEN);
1773 #endif
1774 break;
1775 case CBL_DUMP:
1776 logout("Control block dump\n");
1777 break;
1778 case CBL_DIAGNOSE:
1779 logout("Control block diagnose\n");
1780 break;
1781 default:
1782 logout("Unknown Control block command(val=%#x)\n", cb.cmd);
1783 break;
1786 /* Now, we finished executing a command, update status of CB.
1787 * We always success
1788 */
1789 cb.c = 1;
1790 cb.ok = 1;
1791 // Only update C bit and OK bit field in TCB
1792 cpu_physical_memory_write(cb_addr, (uint8_t *)&cb, 2);
1794 logout("Finished a command from CB list:\n"
1795 "\tok:%d\n"
1796 "\tc:%d\n"
1797 "\tcommand name:%s(cmd=%#x)\n"
1798 "\ti:%d\n"
1799 "\ts:%d\n"
1800 "\tel:%d\n"
1801 "\tlink address:%#x\n",
1802 cb.ok, cb.c, CB_CMD_NAME(cb.cmd), cb.cmd,
1803 cb.i, cb.s, cb.el, cb.link_addr);
1805 if ( cb.i )
1806 e100_interrupt(s, (uint16_t)INT_CX_TNO);
1808 // Suspend CU
1809 if ( cb.s )
1811 logout("CU go to suspend\n");
1812 SET_CU_STATE(CU_SUSPENDED);
1813 s->cu_next = cb.link_addr; // Save it for go on executing when resume
1815 // Trigger CNA interrupt only when CNA mode is configured
1816 if ( !(s->config.ci_intr) && cb.i )
1817 e100_interrupt(s, (uint16_t)INT_CNA);
1819 return;
1822 // This is last command in CB list, CU go back to IDLE
1823 if ( cb.el )
1825 logout("Command block list is empty, CU go to idle\n");
1826 SET_CU_STATE(CU_IDLE);
1827 /* Either in CNA mode or CI mode, interrupt need be triggered
1828 * when CU go to idle.
1829 */
1830 if ( cb.i )
1831 e100_interrupt(s, (uint16_t)INT_CNA);
1833 return;
1836 s->cu_offset = le32_to_cpu(cb.link_addr); // get next CB offset
1840 static void dump_statistics(E100State * s, uint32_t complete_word)
1842 /* Dump statistical data. Most data is never changed by the emulation
1843 * and always 0.
1844 */
1845 s->statistics.complete_word = complete_word;
1846 cpu_physical_memory_write(s->statsaddr, (uint8_t *)&s->statistics, sizeof(s->statistics));
1850 static void e100_cu_command(E100State *s, uint8_t val)
1853 switch ( val )
1855 case CU_NOP:
1856 /* Will not be here */
1857 break;
1858 case CU_START:
1859 /* This strictly follow Intel's spec */
1860 if ( GET_CU_STATE != CU_IDLE && GET_CU_STATE != CU_SUSPENDED )
1862 logout("Illegal CU start command. Device is not idle or suspend\n");
1863 return;
1866 SET_CU_STATE(CU_LPQ_ACTIVE);
1867 logout("CU start\n");
1869 e100_execute_cb_list(s, 0);
1870 break;
1871 case CU_RESUME:
1873 uint32_t previous_cb = s->cu_base + s->cu_offset;
1874 struct control_block cb;
1876 /* Resume from suspend */
1878 /* FIXME:From Intel's spec, CU resume from idle is
1879 * forbidden, but e100 drive in linux
1880 * indeed do this.
1881 */
1882 if ( GET_CU_STATE == CU_IDLE )
1884 logout("Illegal resume form IDLE\n");
1887 cpu_physical_memory_read(previous_cb, (uint8_t *)&cb,
1888 sizeof(cb));
1890 //FIXME: Need any speical handle when CU is active ?
1892 /* Driver must clean S bit in previous CB when
1893 * it issue CU resume command
1894 */
1895 if ( cb.s )
1897 logout("CU still in suspend\n");
1898 break;
1901 SET_CU_STATE(CU_LPQ_ACTIVE);
1902 if ( cb.el )
1904 logout("CB list is empty, CU just go to active\n");
1905 break;
1908 // Continue next command
1909 s->cu_offset = s->cu_next;
1911 e100_execute_cb_list(s, 1);
1913 logout("CU resume\n");
1915 break;
1916 case CU_STATSADDR:
1917 /* Load dump counters address */
1918 s->statsaddr = CSR_VAL(CSR_POINTER);
1919 logout("Load Stats address at %#x\n", s->statsaddr);
1920 break;
1921 case CU_SHOWSTATS:
1922 /* Dump statistical counters */
1923 dump_statistics(s, 0xa005);
1924 logout("Execute dump statistics\n");
1925 break;
1926 case CU_CMD_BASE:
1927 /* Load CU base */
1928 s->cu_base = CSR_VAL(CSR_POINTER);
1929 logout("Load CU base at %x\n", s->cu_base);
1930 break;
1931 case CU_DUMPSTATS:
1932 /* Dump statistical counters and reset counters. */
1933 dump_statistics(s, 0xa007);
1934 memset(&s->statistics, 0x0, sizeof(s->statistics));
1935 logout("Execute dump and reset statistics\n");
1936 break;
1937 case CU_S_RESUME:
1938 /* CU static resume */
1939 logout("CU static resume is not implemented\n");
1940 break;
1941 default:
1942 logout("Unknown CU command(val=%#x)\n", val);
1943 break;
1948 static void scb_cmd_func(E100State *s, uint16_t val, int dir)
1950 /* ignore NOP operation */
1951 if ( val & 0x0f )
1953 e100_ru_command(s, val & 0x0f);
1954 CSR(CSR_CMD, ru_cmd) = 0;
1956 else if ( val & 0xf0 )
1958 e100_cu_command(s, val & 0xf0);
1959 CSR(CSR_CMD, cu_cmd) = 0;
1964 enum
1966 WRITEB,
1967 WRITEW,
1968 WRITEL,
1969 OP_IS_READ,
1970 } WRITE_BYTES;
1972 /* Driver may issue a command by writting one 32bit-entry,
1973 * two 16bit-entries or four 8bit-entries. In late two case, we
1974 * must wait until driver finish writting to the highest byte. The parameter
1975 * 'bytes' means write action of driver(writeb, wirtew, wirtel)
1976 */
1977 static void e100_execute(E100State *s, uint32_t addr_offset,
1978 uint32_t val, int dir, int bytes)
1981 switch ( addr_offset )
1983 case SCB_STATUS:
1984 if ( bytes == WRITEB )
1985 break;
1986 case SCB_ACK:
1987 if ( dir == OP_WRITE )
1989 uint8_t _val = 0;
1990 if ( bytes == WRITEB )
1991 _val = (uint8_t)val;
1992 else if ( bytes == WRITEW )
1993 _val = ((uint16_t)val) >> 8;
1994 else if ( bytes == WRITEL)
1996 // This should not be happen
1997 _val = ((uint16_t)val) >> 8;
1998 logout("WARNNING: Drvier write 4 bytes to CSR register at offset %d,"
1999 "emulator may do things wrong!!!\n", addr_offset);
2002 e100_interrupt_ack(s, _val);
2004 break;
2005 case SCB_CMD:
2006 if ( dir == OP_WRITE )
2007 scb_cmd_func(s, val, dir);
2009 /* I don't know whether there is any driver writes command words and
2010 * interrupt mask at same time by two bytes. This is not a regular operation.
2011 * but if we meet the case, below codes could copy with it. As far
2012 * as I know. windows's and linux's driver don't do this thing.
2013 */
2014 #if 0
2015 if ( bytes == WRITEW && (val&0xff00) != 0 )
2017 else
2018 break;
2019 #endif
2020 break;
2021 case SCB_INTERRUPT_MASK:
2022 if ( dir == OP_WRITE )
2024 uint8_t _val = 0;
2025 if ( bytes == WRITEB )
2026 _val = (uint8_t)val;
2027 else if ( bytes == WRITEW )
2028 _val = (val & 0xff00) >> 8;
2029 else
2030 logout("WARNNING: Drvier write 4 bytes to CSR register at offset %d,"
2031 "emulator may do things wrong!!!\n", addr_offset);
2033 // Driver generates a software interrupt
2034 if ( _val & BIT(1) )
2035 e100_interrupt(s, INT_SWI);
2037 break;
2038 case SCB_PORT ... SCB_PORT + 3:
2039 if ( dir == OP_WRITE )
2041 // Waitting for driver write to the highest byte
2042 if ( (bytes == WRITEB && addr_offset != SCB_PORT + 3) ||
2043 (bytes == WRITEW && addr_offset != SCB_PORT + 2) )
2044 break;
2046 scb_port_func(s, CSR_VAL(CSR_PORT), dir);
2048 break;
2049 case SCB_MDI ... SCB_MDI + 3:
2050 if ( dir == OP_WRITE )
2052 // Waitting for driver write to the highest byte
2053 if ( (bytes == WRITEB && addr_offset != SCB_MDI + 3) ||
2054 (bytes == WRITEW && addr_offset != SCB_MDI + 2) )
2055 break;
2058 scb_mdi_func(s, CSR_VAL(CSR_MDI), dir);
2059 break;
2060 case SCB_EEPROM:
2061 if ( dir == OP_WRITE )
2062 scb_eeprom_func(s, val, dir);
2063 // Nothing need do when driver read EEPROM registers of CSR
2064 break;
2065 case SCB_POINTER:
2066 break;
2067 default:
2068 logout("Driver operate on CSR reg(offset=%#x,dir=%s,val=%#x)\n",
2069 addr_offset, dir==OP_WRITE?"write":"read", val);
2074 /* MMIO access functions */
2075 static uint8_t e100_read1(E100State * s, uint32_t addr_offset)
2077 uint8_t val = -1;
2079 if ( addr_offset + sizeof(val) >= sizeof(s->pci_mem.mem) )
2081 logout("Invaild read, beyond memory boundary(addr:%#x)\n", addr_offset
2082 + s->region_base_addr[CSR_MEMORY_BASE]);
2083 return val;
2087 e100_execute(s, addr_offset, val, OP_READ, OP_IS_READ);
2088 val = CSR_READ(addr_offset, uint8_t);
2089 logout("READ1: Register name = %s, addr_offset = %#x, val=%#x\n", SCBNAME(addr_offset), addr_offset, val);
2091 return val;
2094 static uint16_t e100_read2(E100State * s, uint32_t addr_offset)
2096 uint16_t val = -1;
2098 if ( addr_offset + sizeof(val) >= sizeof(s->pci_mem.mem) )
2100 logout("Invaild read, beyond memory boundary(addr:%#x)\n", addr_offset
2101 + s->region_base_addr[CSR_MEMORY_BASE]);
2102 return val;
2105 e100_execute(s, addr_offset, val, OP_READ, OP_IS_READ);
2106 val = CSR_READ(addr_offset, uint16_t);
2107 logout("READ2: Register name = %s, addr_offset = %#x, val=%#x\n", SCBNAME(addr_offset), addr_offset, val);
2109 return val;
2113 static uint32_t e100_read4(E100State * s, uint32_t addr_offset)
2115 uint32_t val = -1;
2117 if ( addr_offset + sizeof(val) >= sizeof(s->pci_mem.mem) )
2119 logout("Invaild read, beyond memory boundary(addr:%#x)\n", addr_offset
2120 + s->region_base_addr[CSR_MEMORY_BASE]);
2121 return val;
2124 e100_execute(s, addr_offset, val, OP_READ, OP_IS_READ);
2125 val = CSR_READ(addr_offset, uint32_t);
2126 logout("READ4: Register name = %s, addr_offset = %#x, val=%#x\n", SCBNAME(addr_offset), addr_offset, val);
2128 return val;
2132 static uint32_t pci_mmio_readb(void *opaque, target_phys_addr_t addr)
2134 E100State *s = opaque;
2135 addr -= s->region_base_addr[CSR_MEMORY_BASE];
2136 return e100_read1(s, addr);
2139 static uint32_t pci_mmio_readw(void *opaque, target_phys_addr_t addr)
2141 E100State *s = opaque;
2142 addr -= s->region_base_addr[CSR_MEMORY_BASE];
2143 return e100_read2(s, addr);
2146 static uint32_t pci_mmio_readl(void *opaque, target_phys_addr_t addr)
2148 E100State *s = opaque;
2149 addr -= s->region_base_addr[CSR_MEMORY_BASE];
2150 return e100_read4(s, addr);
2153 static CPUReadMemoryFunc *pci_mmio_read[] = {
2154 pci_mmio_readb,
2155 pci_mmio_readw,
2156 pci_mmio_readl
2157 };
2159 static void e100_write1(E100State * s, uint32_t addr_offset, uint8_t val)
2161 if ( addr_offset + sizeof(val) >= sizeof(s->pci_mem.mem) )
2163 logout("Invaild write, beyond memory boundary(addr = %#x, val = %#x\n", addr_offset
2164 + s->region_base_addr[CSR_MEMORY_BASE], val);
2165 return;
2168 // SCB stauts is read-only word, can not be directly write
2169 if ( addr_offset == SCB_STATUS )
2171 return;
2173 // EEDO bit of eeprom register is read-only, can not be written;
2174 else if ( addr_offset == SCB_EEPROM )
2176 int eedo = BIT(3) & CSR_VAL(CSR_EEPROM);
2177 CSR_WRITE(addr_offset, val, uint8_t);
2178 CSR(CSR_EEPROM, eedo) = !!(eedo & EEPROM_DO);
2180 logout("WRITE1: Register name = %s, addr_offset = %#x, val = %#x\n", SCBNAME(addr_offset),addr_offset, (uint8_t)CSR_VAL(CSR_EEPROM));
2181 return;
2183 else
2185 CSR_WRITE(addr_offset, val, uint8_t);
2188 logout("WRITE1: Register name = %s, addr_offset = %#x, val = %#x\n", SCBNAME(addr_offset),addr_offset, val);
2189 return;
2192 static void e100_write2(E100State * s, uint32_t addr_offset, uint16_t val)
2194 if ( addr_offset + sizeof(val) >= sizeof(s->pci_mem.mem) )
2196 logout("Invaild write, beyond memory boundary(addr = %#x, val = %#x\n", addr_offset
2197 + s->region_base_addr[CSR_MEMORY_BASE], val);
2198 return;
2201 // SCB stauts is readonly word, can not be directly write
2202 if ( addr_offset == SCB_STATUS )
2204 uint8_t __val = val >> 8;
2205 CSR_WRITE(addr_offset+1, __val, uint8_t);
2207 // EEDO bit of eeprom register is read-only, can not be written;
2208 else if ( addr_offset == SCB_EEPROM )
2210 int eedo = BIT(3) & CSR_VAL(CSR_EEPROM);
2211 CSR_WRITE(addr_offset, val, uint16_t);
2212 CSR(CSR_EEPROM, eedo) = !!(eedo & EEPROM_DO);
2214 logout("WRITE1: Register name = %s, addr_offset = %#x, val = %#x\n", SCBNAME(addr_offset),addr_offset, CSR_VAL(CSR_EEPROM));
2215 return;
2217 else
2219 CSR_WRITE(addr_offset, val, uint16_t);
2222 logout("WRITE2: Register name = %s, addr_offset = %#x, val = %#x\n", SCBNAME(addr_offset),addr_offset, val);
2223 return;
2226 static void e100_write4(E100State * s, uint32_t addr_offset, uint32_t val)
2228 if ( addr_offset + sizeof(val) >= sizeof(s->pci_mem.mem) )
2230 logout("Invaild write, beyond memory boundary(addr = %#x, val = %#x\n", addr_offset
2231 + s->region_base_addr[CSR_MEMORY_BASE], val);
2232 return;
2235 // SCB stauts is readonly word, can not be directly write
2236 if ( addr_offset == SCB_STATUS )
2238 uint8_t __val[4] = {0};
2240 //FIXME: any un-aligned reference ?
2241 *(uint32_t *)&__val = val;
2243 CSR_WRITE(addr_offset+1, __val[1], uint8_t);
2244 CSR_WRITE(addr_offset+2, __val[2], uint8_t);
2245 CSR_WRITE(addr_offset+3, __val[3], uint8_t);
2247 /* No write4 opertaion on EEPROM register */
2248 else
2250 CSR_WRITE(addr_offset, val, uint32_t);
2253 logout("WRITE4: Register name = %s, addr_offset = %#x, val = %#x\n", SCBNAME(addr_offset),addr_offset, val);
2254 return;
2257 static void pci_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
2259 E100State *s = opaque;
2260 addr -= s->region_base_addr[CSR_MEMORY_BASE];
2261 e100_write1(s, addr, val);
2262 e100_execute(s, addr, val, OP_WRITE, WRITEB);
2265 static void pci_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
2267 E100State *s = opaque;
2268 addr -= s->region_base_addr[CSR_MEMORY_BASE];
2269 e100_write2(s, addr, val);
2270 e100_execute(s, addr, val, OP_WRITE, WRITEW);
2273 static void pci_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
2275 E100State *s = opaque;
2276 addr -= s->region_base_addr[CSR_MEMORY_BASE];
2277 e100_write4(s, addr, val);
2278 (void)e100_execute(s, addr, val, OP_WRITE, WRITEL);
2281 static CPUWriteMemoryFunc *pci_mmio_write[] = {
2282 pci_mmio_writeb,
2283 pci_mmio_writew,
2284 pci_mmio_writel
2285 };
2287 static void pci_mmio_map(PCIDevice * pci_dev, int region_num,
2288 uint32_t addr, uint32_t size, int type)
2290 PCIE100State *d = (PCIE100State *) pci_dev;
2292 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
2293 region_num, addr, size, type);
2295 if ( region_num == CSR_MEMORY_BASE ) {
2296 /* Map control / status registers. */
2297 cpu_register_physical_memory(addr, size, d->e100.mmio_index);
2298 d->e100.region_base_addr[region_num] = addr;
2302 /* IO access functions */
2303 static void ioport_write1(void *opaque, uint32_t addr, uint32_t val)
2305 E100State *s = opaque;
2306 addr -= s->region_base_addr[CSR_IO_BASE];
2307 e100_write1(s, addr, val);
2308 (void)e100_execute(s, addr, (uint32_t)val, OP_WRITE, WRITEB);
2311 static void ioport_write2(void *opaque, uint32_t addr, uint32_t val)
2313 E100State *s = opaque;
2314 addr -= s->region_base_addr[CSR_IO_BASE];
2315 e100_write2(s, addr, val);
2316 (void)e100_execute(s, addr, (uint32_t)val, OP_WRITE, WRITEW);
2319 static void ioport_write4(void *opaque, uint32_t addr, uint32_t val)
2321 E100State *s = opaque;
2322 addr -= s->region_base_addr[CSR_IO_BASE];
2323 e100_write4(s, addr, val);
2324 (void)e100_execute(s, addr, (uint32_t)val, OP_WRITE, WRITEL);
2327 static uint32_t ioport_read1(void *opaque, uint32_t addr)
2329 E100State *s = opaque;
2330 addr -= s->region_base_addr[CSR_IO_BASE];
2331 return e100_read1(s, addr);
2334 static uint32_t ioport_read2(void *opaque, uint32_t addr)
2336 E100State *s = opaque;
2337 addr -= s->region_base_addr[CSR_IO_BASE];
2338 return e100_read2(s, addr);
2341 static uint32_t ioport_read4(void *opaque, uint32_t addr)
2343 E100State *s = opaque;
2344 addr -= s->region_base_addr[CSR_IO_BASE];
2345 return e100_read4(s, addr);
2348 static void pci_ioport_map(PCIDevice * pci_dev, int region_num,
2349 uint32_t addr, uint32_t size, int type)
2351 PCIE100State *d = (PCIE100State *) pci_dev;
2352 E100State *s = &d->e100;
2354 logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
2355 region_num, addr, size, type);
2357 if ( region_num != 1 )
2359 logout("Invaid region number!\n");
2360 return;
2363 register_ioport_write(addr, size, 1, ioport_write1, s);
2364 register_ioport_read(addr, size, 1, ioport_read1, s);
2365 register_ioport_write(addr, size, 2, ioport_write2, s);
2366 register_ioport_read(addr, size, 2, ioport_read2, s);
2367 register_ioport_write(addr, size, 4, ioport_write4, s);
2368 register_ioport_read(addr, size, 4, ioport_read4, s);
2370 s->region_base_addr[region_num] = addr;
2373 /* From FreeBSD */
2374 #define POLYNOMIAL 0x04c11db6
2375 static int compute_mcast_idx(const uint8_t *ep)
2377 uint32_t crc;
2378 int carry, i, j;
2379 uint8_t b;
2381 crc = 0xffffffff;
2382 for (i = 0; i < 6; i++) {
2383 b = *ep++;
2384 for (j = 0; j < 8; j++) {
2385 carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
2386 crc <<= 1;
2387 b >>= 1;
2388 if (carry)
2389 crc = ((crc ^ POLYNOMIAL) | carry);
2392 return (crc >> 26);
2395 /* Eerpro100 receive functions */
2396 static int e100_can_receive(void *opaque)
2398 E100State *s = opaque;
2400 int is_ready = (GET_RU_STATE == RU_READY);
2401 logout("%s\n", is_ready ? "EEPro100 receiver is ready"
2402 : "EEPro100 receiver is not ready");
2403 return is_ready;
2406 static void e100_receive(void *opaque, const uint8_t * buf, int size)
2408 E100State *s = opaque;
2409 uint32_t rfd_addr = 0;
2410 rfd_t rfd = {0};
2413 if ( GET_RU_STATE != RU_READY )
2415 //logout("RU is not ready. Begin discarding frame(state=%x)\n", GET_RU_STATE);
2416 return;
2419 rfd_addr = s->ru_base + s->ru_offset;
2420 cpu_physical_memory_read(rfd_addr, (uint8_t *)&rfd, sizeof(rfd_t));
2422 if ( (size > MAX_ETH_FRAME_SIZE+4) )
2424 /* Long frame and configuration byte 18/3 (long receive ok) not set:
2425 * Long frames are discarded. */
2426 logout("Discard long frame(size=%d)\n", size);
2428 return;
2430 else if ( !memcmp(buf, s->macaddr, sizeof(s->macaddr)) )
2432 /* The frame is for me */
2433 logout("Receive a frame for me(size=%d)\n", size);
2434 e100_dump("FRAME:", (uint8_t *)buf, size);
2436 else if ( !memcmp(buf, broadcast_macaddr, sizeof(broadcast_macaddr)) )
2438 if ( s->config.broadcast_dis && !s->config.promiscuous )
2440 logout("Discard a broadcast frame\n");
2441 return;
2444 /* Broadcast frame */
2445 rfd.status |= RX_IA_MATCH;
2446 logout("Receive a broadcast frame(size=%d)\n", size);
2448 else if ( s->is_multcast_enable && buf[0] & 0x1 )
2450 int mcast_idx = compute_mcast_idx(buf);
2451 if ( !(s->mult_list[mcast_idx >> 3] & (1 << (mcast_idx & 7))) )
2453 logout("Multicast address mismatch, discard\n");
2454 return;
2456 logout("Receive a multicast frame(size=%d)\n", size);
2458 else if ( size < 64 && (s->config.dis_short_rx) )
2460 /* From Intel's spec, short frame should be discarded
2461 * when configuration byte 7/0 (discard short receive) set.
2462 * But this will cause frame lossing such as ICMP frame, ARP frame.
2463 * So we check is the frame for me before discarding short frame
2464 */
2466 /* Save Bad Frame bit */
2467 if ( s->config.save_bad_frame )
2469 rfd.status |= RX_SHORT;
2470 s->statistics.rx_short_frame_errors ++;
2472 logout("Receive a short frame(size=%d), discard it\n", size);
2473 return;
2475 else if ( s->config.promiscuous )
2477 /* Promiscuous: receive all. No address match */
2478 logout("Received frame in promiscuous mode(size=%d)\n", size);
2479 rfd.status |= RX_NO_MATCH;
2481 else
2483 e100_dump("Unknown frame, MAC = ", (uint8_t *)buf, 6);
2484 return;
2486 e100_dump("Get frame, MAC = ", (uint8_t *)buf, 6);
2488 rfd.c = 1;
2489 rfd.ok = 1;
2490 rfd.f = 1;
2491 rfd.eof = 1;
2492 rfd.status &= ~RX_COLLISION;
2493 rfd.count = size;
2495 logout("Get a RFD configure:\n"
2496 "\tstatus:%#x\n"
2497 "\tok:%#x\n" "\tc:%#x\n" "\tsf:%#x\n"
2498 "\th:%#x\n" "\ts:%#x\n" "\tel:%#x\n"
2499 "\tlink add:%#x\n" "\tactual count:%#x\n"
2500 "\tf:%#x\n" "\teof:%#x\n" "\tsize:%#x\n",
2501 rfd.status, rfd.ok, rfd.c, rfd.sf, rfd.h,
2502 rfd.s, rfd.el, rfd.link_addr, rfd.count,
2503 rfd.f, rfd.eof, rfd.size);
2505 cpu_physical_memory_write(rfd_addr, (uint8_t *)&rfd, sizeof(rfd));
2506 cpu_physical_memory_write(rfd_addr + sizeof(rfd_t), buf, size);
2507 s->statistics.rx_good_frames ++;
2508 s->ru_offset = le32_to_cpu(rfd.link_addr);
2510 e100_interrupt(s, INT_FR);
2512 if ( rfd.el || rfd.s )
2514 /* Go to suspend */
2515 SET_RU_STATE(RU_SUSPENDED);
2516 e100_interrupt(s, INT_RNR);
2517 logout("RFD met S or EL bit set, RU go to suspend\n");
2518 return;
2521 logout("Complete a frame receive(size = %d)\n", size);
2522 return;
2525 static void eeprom_init(E100State *s)
2527 int i;
2528 int chksum = 0;
2529 /* Add 64 * 2 EEPROM. i82557 and i82558 support a 64 word EEPROM,
2530 * i82559 and later support 64 or 256 word EEPROM. */
2531 eeprom_reset(s, EEPROM_RESET_ALL);
2532 s->eeprom.addr_len = EEPROM_I82557_ADDRBIT;
2533 memcpy(s->eeprom.contents, eeprom_i82557, sizeof(eeprom_i82557));
2534 /* Dirver is going to get MAC from eeprom*/
2535 memcpy((uint8_t *)s->eeprom.contents, s->macaddr, sizeof(s->macaddr));
2537 /* The last word in eeprom saving checksum value.
2538 * After we update MAC in eeprom, the checksum need be re-calculate
2539 * and saved at the end of eeprom
2540 */
2541 for ( i=0; i<(1<<s->eeprom.addr_len)-1; i++ )
2542 chksum += s->eeprom.contents[i];
2543 s->eeprom.contents[i] = 0xBABA - chksum;
2547 static void e100_init(PCIBus * bus, NICInfo * nd,
2548 const char *name, uint32_t device)
2550 PCIE100State *d;
2551 E100State *s;
2553 logout("\n");
2555 d = (PCIE100State *) pci_register_device(bus, name,
2556 sizeof(PCIE100State), -1,
2557 NULL, NULL);
2559 s = &d->e100;
2560 s->device = device;
2561 s->pci_dev = &d->dev;
2563 pci_reset(s);
2566 /* Handler for memory-mapped I/O */
2567 d->e100.mmio_index =
2568 cpu_register_io_memory(0, pci_mmio_read, pci_mmio_write, s);
2570 //CSR Memory mapped base
2571 pci_register_io_region(&d->dev, 0, PCI_MEM_SIZE,
2572 PCI_ADDRESS_SPACE_MEM | PCI_ADDRESS_SPACE_MEM_PREFETCH,
2573 pci_mmio_map);
2574 //CSR I/O mapped base
2575 pci_register_io_region(&d->dev, 1, PCI_IO_SIZE, PCI_ADDRESS_SPACE_IO,
2576 pci_ioport_map);
2577 //Flash memory mapped base
2578 pci_register_io_region(&d->dev, 2, PCI_FLASH_SIZE, PCI_ADDRESS_SPACE_MEM,
2579 pci_mmio_map);
2581 memcpy(s->macaddr, nd->macaddr, 6);
2582 e100_dump("MAC ADDR", (uint8_t *)&s->macaddr[0], 6);
2584 eeprom_init(s);
2586 e100_reset(s);
2588 s->vc = qemu_new_vlan_client(nd->vlan, e100_receive, e100_can_receive, s);
2590 snprintf(s->vc->info_str, sizeof(s->vc->info_str),
2591 "e100 pci macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
2592 s->macaddr[0],
2593 s->macaddr[1],
2594 s->macaddr[2], s->macaddr[3], s->macaddr[4], s->macaddr[5]);
2596 qemu_register_reset(e100_reset, s);
2598 register_savevm(name, 0, 3, e100_save, e100_load, s);
2601 void pci_e100_init(PCIBus * bus, NICInfo * nd)
2603 e100_init(bus, nd, "e100", i82557C);