gwj / at91sam9263 · Commits

Commit 663e8e5164e0f9ad38e12d91de89d553d89060d2

Authored by ths
1 parent f0c757e4

Eepro100 emulation, by Stefan Weil. 


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@2584 c046a42c-6fe2-441c-8c8c-71466251a162
Inline Side-by-side
Showing 6 changed files with 2088 additions and 1 deletions
Makefile.target
  View file @663e8e5
... ... @@ -395,8 +395,14 @@ VL_OBJS+= scsi-disk.o cdrom.o lsi53c895a.o
395 395 # USB layer
396 396 VL_OBJS+= usb.o usb-hub.o usb-linux.o usb-hid.o usb-ohci.o usb-msd.o
397 397  
  398 +# EEPROM emulation
  399 +VL_OBJS += eeprom93xx.o
  400 +
398 401 # PCI network cards
399   -VL_OBJS+= ne2000.o rtl8139.o pcnet.o
  402 +VL_OBJS += eepro100.o
  403 +VL_OBJS += ne2000.o
  404 +VL_OBJS += pcnet.o
  405 +VL_OBJS += rtl8139.o
400 406  
401 407 ifeq ($(TARGET_BASE_ARCH), i386)
402 408 # Hardware support
... ...
hw/eepro100.c 0 → 100644
  View file @663e8e5
  1 +/*
  2 + * QEMU i8255x (PRO100) emulation
  3 + *
  4 + * Copyright (c) 2006-2007 Stefan Weil
  5 + *
  6 + * Portions of the code are copies from grub / etherboot eepro100.c
  7 + * and linux e100.c.
  8 + *
  9 + * This program is free software; you can redistribute it and/or modify
  10 + * it under the terms of the GNU General Public License as published by
  11 + * the Free Software Foundation; either version 2 of the License, or
  12 + * (at your option) any later version.
  13 + *
  14 + * This program is distributed in the hope that it will be useful,
  15 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17 + * GNU General Public License for more details.
  18 + *
  19 + * You should have received a copy of the GNU General Public License
  20 + * along with this program; if not, write to the Free Software
  21 + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  22 + *
  23 + * Tested features (i82559):
  24 + * PXE boot (i386) no valid link
  25 + * Linux networking (i386) ok
  26 + *
  27 + * Untested:
  28 + * non-i386 platforms
  29 + * Windows networking
  30 + *
  31 + * References:
  32 + *
  33 + * Intel 8255x 10/100 Mbps Ethernet Controller Family
  34 + * Open Source Software Developer Manual
  35 + */
  36 +
  37 +#if defined(TARGET_I386)
  38 +# warning "PXE boot still not working!"
  39 +#endif
  40 +
  41 +#include <assert.h>
  42 +#include <stddef.h> /* offsetof */
  43 +#include "vl.h"
  44 +#include "eeprom93xx.h"
  45 +
  46 +/* Common declarations for all PCI devices. */
  47 +
  48 +#define PCI_VENDOR_ID 0x00 /* 16 bits */
  49 +#define PCI_DEVICE_ID 0x02 /* 16 bits */
  50 +#define PCI_COMMAND 0x04 /* 16 bits */
  51 +#define PCI_STATUS 0x06 /* 16 bits */
  52 +
  53 +#define PCI_REVISION_ID 0x08 /* 8 bits */
  54 +#define PCI_CLASS_CODE 0x0b /* 8 bits */
  55 +#define PCI_SUBCLASS_CODE 0x0a /* 8 bits */
  56 +#define PCI_HEADER_TYPE 0x0e /* 8 bits */
  57 +
  58 +#define PCI_BASE_ADDRESS_0 0x10 /* 32 bits */
  59 +#define PCI_BASE_ADDRESS_1 0x14 /* 32 bits */
  60 +#define PCI_BASE_ADDRESS_2 0x18 /* 32 bits */
  61 +#define PCI_BASE_ADDRESS_3 0x1c /* 32 bits */
  62 +#define PCI_BASE_ADDRESS_4 0x20 /* 32 bits */
  63 +#define PCI_BASE_ADDRESS_5 0x24 /* 32 bits */
  64 +
  65 +#define PCI_CONFIG_8(offset, value) \
  66 + (pci_conf[offset] = (value))
  67 +#define PCI_CONFIG_16(offset, value) \
  68 + (*(uint16_t *)&pci_conf[offset] = cpu_to_le16(value))
  69 +#define PCI_CONFIG_32(offset, value) \
  70 + (*(uint32_t *)&pci_conf[offset] = cpu_to_le32(value))
  71 +
  72 +#define KiB 1024
  73 +
  74 +/* debug EEPRO100 card */
  75 +//~ #define DEBUG_EEPRO100
  76 +
  77 +#ifdef DEBUG_EEPRO100
  78 +#define logout(fmt, args...) fprintf(stderr, "EE100\t%-24s" fmt, __func__, ##args)
  79 +#else
  80 +#define logout(fmt, args...) ((void)0)
  81 +#endif
  82 +
  83 +/* Set flags to 0 to disable debug output. */
  84 +#define MDI 0
  85 +
  86 +#define TRACE(flag, command) ((flag) ? (command) : (void)0)
  87 +
  88 +#define missing(text) assert(!"feature is missing in this emulation: " text)
  89 +
  90 +#define MAX_ETH_FRAME_SIZE 1514
  91 +
  92 +/* This driver supports several different devices which are declared here. */
  93 +#define i82551 0x82551
  94 +#define i82557B 0x82557b
  95 +#define i82557C 0x82557c
  96 +#define i82558B 0x82558b
  97 +#define i82559C 0x82559c
  98 +#define i82559ER 0x82559e
  99 +#define i82562 0x82562
  100 +
  101 +#define EEPROM_SIZE 64
  102 +
  103 +#define PCI_MEM_SIZE (4 * KiB)
  104 +#define PCI_IO_SIZE 64
  105 +#define PCI_FLASH_SIZE (128 * KiB)
  106 +
  107 +#define BIT(n) (1 << (n))
  108 +#define BITS(n, m) (((0xffffffffU << (31 - n)) >> (31 - n + m)) << m)
  109 +
  110 +/* The SCB accepts the following controls for the Tx and Rx units: */
  111 +#define CU_NOP 0x0000 /* No operation. */
  112 +#define CU_START 0x0010 /* CU start. */
  113 +#define CU_RESUME 0x0020 /* CU resume. */
  114 +#define CU_STATSADDR 0x0040 /* Load dump counters address. */
  115 +#define CU_SHOWSTATS 0x0050 /* Dump statistical counters. */
  116 +#define CU_CMD_BASE 0x0060 /* Load CU base address. */
  117 +#define CU_DUMPSTATS 0x0070 /* Dump and reset statistical counters. */
  118 +#define CU_SRESUME 0x00a0 /* CU static resume. */
  119 +
  120 +#define RU_NOP 0x0000
  121 +#define RX_START 0x0001
  122 +#define RX_RESUME 0x0002
  123 +#define RX_ABORT 0x0004
  124 +#define RX_ADDR_LOAD 0x0006
  125 +#define RX_RESUMENR 0x0007
  126 +#define INT_MASK 0x0100
  127 +#define DRVR_INT 0x0200 /* Driver generated interrupt. */
  128 +
  129 +typedef unsigned char bool;
  130 +
  131 +/* Offsets to the various registers.
  132 + All accesses need not be longword aligned. */
  133 +enum speedo_offsets {
  134 + SCBStatus = 0,
  135 + SCBAck = 1,
  136 + SCBCmd = 2, /* Rx/Command Unit command and status. */
  137 + SCBIntmask = 3,
  138 + SCBPointer = 4, /* General purpose pointer. */
  139 + SCBPort = 8, /* Misc. commands and operands. */
  140 + SCBflash = 12, SCBeeprom = 14, /* EEPROM and flash memory control. */
  141 + SCBCtrlMDI = 16, /* MDI interface control. */
  142 + SCBEarlyRx = 20, /* Early receive byte count. */
  143 +};
  144 +
  145 +/* A speedo3 transmit buffer descriptor with two buffers... */
  146 +typedef struct {
  147 + uint16_t status;
  148 + uint16_t command;
  149 + uint32_t link; /* void * */
  150 + uint32_t tx_desc_addr; /* transmit buffer decsriptor array address. */
  151 + uint16_t tcb_bytes; /* transmit command block byte count (in lower 14 bits */
  152 + uint8_t tx_threshold; /* transmit threshold */
  153 + uint8_t tbd_count; /* TBD number */
  154 + //~ /* This constitutes two "TBD" entries: hdr and data */
  155 + //~ uint32_t tx_buf_addr0; /* void *, header of frame to be transmitted. */
  156 + //~ int32_t tx_buf_size0; /* Length of Tx hdr. */
  157 + //~ uint32_t tx_buf_addr1; /* void *, data to be transmitted. */
  158 + //~ int32_t tx_buf_size1; /* Length of Tx data. */
  159 +} eepro100_tx_t;
  160 +
  161 +/* Receive frame descriptor. */
  162 +typedef struct {
  163 + int16_t status;
  164 + uint16_t command;
  165 + uint32_t link; /* struct RxFD * */
  166 + uint32_t rx_buf_addr; /* void * */
  167 + uint16_t count;
  168 + uint16_t size;
  169 + char packet[MAX_ETH_FRAME_SIZE + 4];
  170 +} eepro100_rx_t;
  171 +
  172 +typedef struct {
  173 + uint32_t tx_good_frames, tx_max_collisions, tx_late_collisions,
  174 + tx_underruns, tx_lost_crs, tx_deferred, tx_single_collisions,
  175 + tx_multiple_collisions, tx_total_collisions;
  176 + uint32_t rx_good_frames, rx_crc_errors, rx_alignment_errors,
  177 + rx_resource_errors, rx_overrun_errors, rx_cdt_errors,
  178 + rx_short_frame_errors;
  179 + uint32_t fc_xmt_pause, fc_rcv_pause, fc_rcv_unsupported;
  180 + uint16_t xmt_tco_frames, rcv_tco_frames;
  181 + uint32_t complete;
  182 +} eepro100_stats_t;
  183 +
  184 +typedef enum {
  185 + cu_idle = 0,
  186 + cu_suspended = 1,
  187 + cu_active = 2,
  188 + cu_lpq_active = 2,
  189 + cu_hqp_active = 3
  190 +} cu_state_t;
  191 +
  192 +typedef enum {
  193 + ru_idle = 0,
  194 + ru_suspended = 1,
  195 + ru_no_resources = 2,
  196 + ru_ready = 4
  197 +} ru_state_t;
  198 +
  199 +#if defined(__BIG_ENDIAN_BITFIELD)
  200 +#define X(a,b) b,a
  201 +#else
  202 +#define X(a,b) a,b
  203 +#endif
  204 +
  205 +typedef struct {
  206 +#if 1
  207 + uint8_t cmd;
  208 + uint32_t start;
  209 + uint32_t stop;
  210 + uint8_t boundary;
  211 + uint8_t tsr;
  212 + uint8_t tpsr;
  213 + uint16_t tcnt;
  214 + uint16_t rcnt;
  215 + uint32_t rsar;
  216 + uint8_t rsr;
  217 + uint8_t rxcr;
  218 + uint8_t isr;
  219 + uint8_t dcfg;
  220 + uint8_t imr;
  221 + uint8_t phys[6]; /* mac address */
  222 + uint8_t curpag;
  223 + uint8_t mult[8]; /* multicast mask array */
  224 + int mmio_index;
  225 + PCIDevice *pci_dev;
  226 + VLANClientState *vc;
  227 +#endif
  228 + uint8_t scb_stat; /* SCB stat/ack byte */
  229 + uint8_t int_stat; /* PCI interrupt status */
  230 + uint32_t region[3]; /* PCI region addresses */
  231 + uint8_t macaddr[6];
  232 + uint32_t statcounter[19];
  233 + uint16_t mdimem[32];
  234 + eeprom_t *eeprom;
  235 + uint32_t device; /* device variant */
  236 + uint32_t pointer;
  237 + /* (cu_base + cu_offset) address the next command block in the command block list. */
  238 + uint32_t cu_base; /* CU base address */
  239 + uint32_t cu_offset; /* CU address offset */
  240 + /* (ru_base + ru_offset) address the RFD in the Receive Frame Area. */
  241 + uint32_t ru_base; /* RU base address */
  242 + uint32_t ru_offset; /* RU address offset */
  243 + uint32_t statsaddr; /* pointer to eepro100_stats_t */
  244 + eepro100_stats_t statistics; /* statistical counters */
  245 +#if 0
  246 + uint16_t status;
  247 +#endif
  248 +
  249 + /* Configuration bytes. */
  250 + uint8_t configuration[22];
  251 +
  252 + /* Data in mem is always in the byte order of the controller (le). */
  253 + uint8_t mem[PCI_MEM_SIZE];
  254 +} EEPRO100State;
  255 +
  256 +/* Default values for MDI (PHY) registers */
  257 +static const uint16_t eepro100_mdi_default[] = {
  258 + /* MDI Registers 0 - 6, 7 */
  259 + 0x3000, 0x780d, 0x02a8, 0x0154, 0x05e1, 0x0000, 0x0000, 0x0000,
  260 + /* MDI Registers 8 - 15 */
  261 + 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
  262 + /* MDI Registers 16 - 31 */
  263 + 0x0003, 0x0000, 0x0001, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
  264 + 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
  265 +};
  266 +
  267 +/* Readonly mask for MDI (PHY) registers */
  268 +static const uint16_t eepro100_mdi_mask[] = {
  269 + 0x0000, 0xffff, 0xffff, 0xffff, 0xc01f, 0xffff, 0xffff, 0x0000,
  270 + 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
  271 + 0x0fff, 0x0000, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
  272 + 0xffff, 0xffff, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
  273 +};
  274 +
  275 +#define POLYNOMIAL 0x04c11db6
  276 +
  277 +/* From FreeBSD */
  278 +/* XXX: optimize */
  279 +static int compute_mcast_idx(const uint8_t * ep)
  280 +{
  281 + uint32_t crc;
  282 + int carry, i, j;
  283 + uint8_t b;
  284 +
  285 + crc = 0xffffffff;
  286 + for (i = 0; i < 6; i++) {
  287 + b = *ep++;
  288 + for (j = 0; j < 8; j++) {
  289 + carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
  290 + crc <<= 1;
  291 + b >>= 1;
  292 + if (carry)
  293 + crc = ((crc ^ POLYNOMIAL) | carry);
  294 + }
  295 + }
  296 + return (crc >> 26);
  297 +}
  298 +
  299 +#if defined(DEBUG_EEPRO100)
  300 +static const char *nic_dump(const uint8_t * buf, unsigned size)
  301 +{
  302 + static char dump[3 * 16 + 1];
  303 + char *p = &dump[0];
  304 + if (size > 16)
  305 + size = 16;
  306 + while (size-- > 0) {
  307 + p += sprintf(p, " %02x", *buf++);
  308 + }
  309 + return dump;
  310 +}
  311 +#endif /* DEBUG_EEPRO100 */
  312 +
  313 +enum scb_stat_ack {
  314 + stat_ack_not_ours = 0x00,
  315 + stat_ack_sw_gen = 0x04,
  316 + stat_ack_rnr = 0x10,
  317 + stat_ack_cu_idle = 0x20,
  318 + stat_ack_frame_rx = 0x40,
  319 + stat_ack_cu_cmd_done = 0x80,
  320 + stat_ack_not_present = 0xFF,
  321 + stat_ack_rx = (stat_ack_sw_gen | stat_ack_rnr | stat_ack_frame_rx),
  322 + stat_ack_tx = (stat_ack_cu_idle | stat_ack_cu_cmd_done),
  323 +};
  324 +
  325 +static void disable_interrupt(EEPRO100State * s)
  326 +{
  327 + if (s->int_stat) {
  328 + logout("interrupt disabled\n");
  329 + pci_set_irq(s->pci_dev, 0, 0);
  330 + s->int_stat = 0;
  331 + }
  332 +}
  333 +
  334 +static void enable_interrupt(EEPRO100State * s)
  335 +{
  336 + if (!s->int_stat) {
  337 + logout("interrupt enabled\n");
  338 + pci_set_irq(s->pci_dev, 0, 1);
  339 + s->int_stat = 1;
  340 + }
  341 +}
  342 +
  343 +static void eepro100_acknowledge(EEPRO100State * s)
  344 +{
  345 + s->scb_stat &= ~s->mem[SCBAck];
  346 + s->mem[SCBAck] = s->scb_stat;
  347 + if (s->scb_stat == 0) {
  348 + disable_interrupt(s);
  349 + }
  350 +}
  351 +
  352 +static void eepro100_interrupt(EEPRO100State * s, uint8_t stat)
  353 +{
  354 + uint8_t mask = ~s->mem[SCBIntmask];
  355 + s->mem[SCBAck] |= stat;
  356 + stat = s->scb_stat = s->mem[SCBAck];
  357 + stat &= (mask | 0x0f);
  358 + //~ stat &= (~s->mem[SCBIntmask] | 0x0xf);
  359 + if (stat && (mask & 0x01)) {
  360 + /* SCB mask and SCB Bit M do not disable interrupt. */
  361 + enable_interrupt(s);
  362 + } else if (s->int_stat) {
  363 + disable_interrupt(s);
  364 + }
  365 +}
  366 +
  367 +static void eepro100_cx_interrupt(EEPRO100State * s)
  368 +{
  369 + /* CU completed action command. */
  370 + /* Transmit not ok (82557 only, not in emulation). */
  371 + eepro100_interrupt(s, 0x80);
  372 +}
  373 +
  374 +static void eepro100_cna_interrupt(EEPRO100State * s)
  375 +{
  376 + /* CU left the active state. */
  377 + eepro100_interrupt(s, 0x20);
  378 +}
  379 +
  380 +static void eepro100_fr_interrupt(EEPRO100State * s)
  381 +{
  382 + /* RU received a complete frame. */
  383 + eepro100_interrupt(s, 0x40);
  384 +}
  385 +
  386 +#if 0
  387 +static void eepro100_rnr_interrupt(EEPRO100State * s)
  388 +{
  389 + /* RU is not ready. */
  390 + eepro100_interrupt(s, 0x10);
  391 +}
  392 +#endif
  393 +
  394 +static void eepro100_mdi_interrupt(EEPRO100State * s)
  395 +{
  396 + /* MDI completed read or write cycle. */
  397 + eepro100_interrupt(s, 0x08);
  398 +}
  399 +
  400 +static void eepro100_swi_interrupt(EEPRO100State * s)
  401 +{
  402 + /* Software has requested an interrupt. */
  403 + eepro100_interrupt(s, 0x04);
  404 +}
  405 +
  406 +#if 0
  407 +static void eepro100_fcp_interrupt(EEPRO100State * s)
  408 +{
  409 + /* Flow control pause interrupt (82558 and later). */
  410 + eepro100_interrupt(s, 0x01);
  411 +}
  412 +#endif
  413 +
  414 +static void pci_reset(EEPRO100State * s)
  415 +{
  416 + uint32_t device = s->device;
  417 + uint8_t *pci_conf = s->pci_dev->config;
  418 +
  419 + logout("%p\n", s);
  420 +
  421 + /* PCI Vendor ID */
  422 + PCI_CONFIG_16(PCI_VENDOR_ID, 0x8086);
  423 + /* PCI Device ID */
  424 + PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
  425 + /* PCI Command */
  426 + PCI_CONFIG_16(PCI_COMMAND, 0x0000);
  427 + /* PCI Status */
  428 + PCI_CONFIG_16(PCI_STATUS, 0x2800);
  429 + /* PCI Revision ID */
  430 + PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
  431 + /* PCI Class Code */
  432 + PCI_CONFIG_8(0x09, 0x00);
  433 + PCI_CONFIG_8(PCI_SUBCLASS_CODE, 0x00); // ethernet network controller
  434 + PCI_CONFIG_8(PCI_CLASS_CODE, 0x02); // network controller
  435 + /* PCI Cache Line Size */
  436 + /* check cache line size!!! */
  437 + //~ PCI_CONFIG_8(0x0c, 0x00);
  438 + /* PCI Latency Timer */
  439 + PCI_CONFIG_8(0x0d, 0x20); // latency timer = 32 clocks
  440 + /* PCI Header Type */
  441 + /* BIST (built-in self test) */
  442 +#if defined(TARGET_I386)
  443 +// !!! workaround for buggy bios
  444 +//~ #define PCI_ADDRESS_SPACE_MEM_PREFETCH 0
  445 +#endif
  446 +#if 0
  447 + /* PCI Base Address Registers */
  448 + /* CSR Memory Mapped Base Address */
  449 + PCI_CONFIG_32(PCI_BASE_ADDRESS_0,
  450 + PCI_ADDRESS_SPACE_MEM | PCI_ADDRESS_SPACE_MEM_PREFETCH);
  451 + /* CSR I/O Mapped Base Address */
  452 + PCI_CONFIG_32(PCI_BASE_ADDRESS_1, PCI_ADDRESS_SPACE_IO);
  453 +#if 0
  454 + /* Flash Memory Mapped Base Address */
  455 + PCI_CONFIG_32(PCI_BASE_ADDRESS_2, 0xfffe0000 | PCI_ADDRESS_SPACE_MEM);
  456 +#endif
  457 +#endif
  458 + /* Expansion ROM Base Address (depends on boot disable!!!) */
  459 + PCI_CONFIG_32(0x30, 0x00000000);
  460 + /* Capability Pointer */
  461 + PCI_CONFIG_8(0x34, 0xdc);
  462 + /* Interrupt Pin */
  463 + PCI_CONFIG_8(0x3d, 1); // interrupt pin 0
  464 + /* Minimum Grant */
  465 + PCI_CONFIG_8(0x3e, 0x08);
  466 + /* Maximum Latency */
  467 + PCI_CONFIG_8(0x3f, 0x18);
  468 + /* Power Management Capabilities / Next Item Pointer / Capability ID */
  469 + PCI_CONFIG_32(0xdc, 0x7e210001);
  470 +
  471 + switch (device) {
  472 + case i82551:
  473 + //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
  474 + PCI_CONFIG_8(PCI_REVISION_ID, 0x0f);
  475 + break;
  476 + case i82557B:
  477 + PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
  478 + PCI_CONFIG_8(PCI_REVISION_ID, 0x02);
  479 + break;
  480 + case i82557C:
  481 + PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
  482 + PCI_CONFIG_8(PCI_REVISION_ID, 0x03);
  483 + break;
  484 + case i82558B:
  485 + PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
  486 + PCI_CONFIG_16(PCI_STATUS, 0x2810);
  487 + PCI_CONFIG_8(PCI_REVISION_ID, 0x05);
  488 + break;
  489 + case i82559C:
  490 + PCI_CONFIG_16(PCI_DEVICE_ID, 0x1229);
  491 + PCI_CONFIG_16(PCI_STATUS, 0x2810);
  492 + //~ PCI_CONFIG_8(PCI_REVISION_ID, 0x08);
  493 + break;
  494 + case i82559ER:
  495 + //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1209);
  496 + PCI_CONFIG_16(PCI_STATUS, 0x2810);
  497 + PCI_CONFIG_8(PCI_REVISION_ID, 0x09);
  498 + break;
  499 + //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1029);
  500 + //~ PCI_CONFIG_16(PCI_DEVICE_ID, 0x1030); /* 82559 InBusiness 10/100 */
  501 + default:
  502 + logout("Device %X is undefined!\n", device);
  503 + }
  504 +
  505 + if (device == i82557C || device == i82558B || device == i82559C) {
  506 + logout("Get device id and revision from EEPROM!!!\n");
  507 + }
  508 +}
  509 +
  510 +static void nic_selective_reset(EEPRO100State * s)
  511 +{
  512 + size_t i;
  513 + uint16_t *eeprom_contents = eeprom93xx_data(s->eeprom);
  514 + //~ eeprom93xx_reset(s->eeprom);
  515 + memcpy(eeprom_contents, s->macaddr, 6);
  516 + eeprom_contents[0xa] = 0x4000;
  517 + uint16_t sum = 0;
  518 + for (i = 0; i < EEPROM_SIZE - 1; i++) {
  519 + sum += eeprom_contents[i];
  520 + }
  521 + eeprom_contents[EEPROM_SIZE - 1] = 0xbaba - sum;
  522 +
  523 + memset(s->mem, 0, sizeof(s->mem));
  524 + uint32_t val = BIT(21);
  525 + memcpy(&s->mem[SCBCtrlMDI], &val, sizeof(val));
  526 +
  527 + assert(sizeof(s->mdimem) == sizeof(eepro100_mdi_default));
  528 + memcpy(&s->mdimem[0], &eepro100_mdi_default[0], sizeof(s->mdimem));
  529 +}
  530 +
  531 +static void nic_reset(void *opaque)
  532 +{
  533 + EEPRO100State *s = (EEPRO100State *) opaque;
  534 + logout("%p\n", s);
  535 + static int first;
  536 + if (!first) {
  537 + first = 1;
  538 + }
  539 + nic_selective_reset(s);
  540 +}
  541 +
  542 +#if defined(DEBUG_EEPRO100)
  543 +static const char *reg[PCI_IO_SIZE / 4] = {
  544 + "Command/Status",
  545 + "General Pointer",
  546 + "Port",
  547 + "EEPROM/Flash Control",
  548 + "MDI Control",
  549 + "Receive DMA Byte Count",
  550 + "Flow control register",
  551 + "General Status/Control"
  552 +};
  553 +
  554 +static char *regname(uint32_t addr)
  555 +{
  556 + static char buf[16];
  557 + if (addr < PCI_IO_SIZE) {
  558 + const char *r = reg[addr / 4];
  559 + if (r != 0) {
  560 + sprintf(buf, "%s+%u", r, addr % 4);
  561 + } else {
  562 + sprintf(buf, "0x%02x", addr);
  563 + }
  564 + } else {
  565 + sprintf(buf, "??? 0x%08x", addr);
  566 + }
  567 + return buf;
  568 +}
  569 +#endif /* DEBUG_EEPRO100 */
  570 +
  571 +#if 0
  572 +static uint16_t eepro100_read_status(EEPRO100State * s)
  573 +{
  574 + uint16_t val = s->status;
  575 + logout("val=0x%04x\n", val);
  576 + return val;
  577 +}
  578 +
  579 +static void eepro100_write_status(EEPRO100State * s, uint16_t val)
  580 +{
  581 + logout("val=0x%04x\n", val);
  582 + s->status = val;
  583 +}
  584 +#endif
  585 +
  586 +/*****************************************************************************
  587 + *
  588 + * Command emulation.
  589 + *
  590 + ****************************************************************************/
  591 +
  592 +#if 0
  593 +static uint16_t eepro100_read_command(EEPRO100State * s)
  594 +{
  595 + uint16_t val = 0xffff;
  596 + //~ logout("val=0x%04x\n", val);
  597 + return val;
  598 +}
  599 +#endif
  600 +
  601 +/* Commands that can be put in a command list entry. */
  602 +enum commands {
  603 + CmdNOp = 0,
  604 + CmdIASetup = 1,
  605 + CmdConfigure = 2,
  606 + CmdMulticastList = 3,
  607 + CmdTx = 4,
  608 + CmdTDR = 5, /* load microcode */
  609 + CmdDump = 6,
  610 + CmdDiagnose = 7,
  611 +
  612 + /* And some extra flags: */
  613 + CmdSuspend = 0x4000, /* Suspend after completion. */
  614 + CmdIntr = 0x2000, /* Interrupt after completion. */
  615 + CmdTxFlex = 0x0008, /* Use "Flexible mode" for CmdTx command. */
  616 +};
  617 +
  618 +static cu_state_t get_cu_state(EEPRO100State * s)
  619 +{
  620 + return ((s->mem[SCBStatus] >> 6) & 0x03);
  621 +}
  622 +
  623 +static void set_cu_state(EEPRO100State * s, cu_state_t state)
  624 +{
  625 + s->mem[SCBStatus] = (s->mem[SCBStatus] & 0x3f) + (state << 6);
  626 +}
  627 +
  628 +static ru_state_t get_ru_state(EEPRO100State * s)
  629 +{
  630 + return ((s->mem[SCBStatus] >> 2) & 0x0f);
  631 +}
  632 +
  633 +static void set_ru_state(EEPRO100State * s, ru_state_t state)
  634 +{
  635 + s->mem[SCBStatus] = (s->mem[SCBStatus] & 0xc3) + (state << 2);
  636 +}
  637 +
  638 +static void dump_statistics(EEPRO100State * s)
  639 +{
  640 + /* Dump statistical data. Most data is never changed by the emulation
  641 + * and always 0, so we first just copy the whole block and then those
  642 + * values which really matter.
  643 + * Number of data should check configuration!!!
  644 + */
  645 + cpu_physical_memory_write(s->statsaddr, (uint8_t *) & s->statistics, 64);
  646 + stl_phys(s->statsaddr + 0, s->statistics.tx_good_frames);
  647 + stl_phys(s->statsaddr + 36, s->statistics.rx_good_frames);
  648 + stl_phys(s->statsaddr + 48, s->statistics.rx_resource_errors);
  649 + stl_phys(s->statsaddr + 60, s->statistics.rx_short_frame_errors);
  650 + //~ stw_phys(s->statsaddr + 76, s->statistics.xmt_tco_frames);
  651 + //~ stw_phys(s->statsaddr + 78, s->statistics.rcv_tco_frames);
  652 + //~ missing("CU dump statistical counters");
  653 +}
  654 +
  655 +static void eepro100_cu_command(EEPRO100State * s, uint8_t val)
  656 +{
  657 + eepro100_tx_t tx;
  658 + uint32_t cb_address;
  659 + switch (val) {
  660 + case CU_NOP:
  661 + /* No operation. */
  662 + break;
  663 + case CU_START:
  664 + if (get_cu_state(s) != cu_idle) {
  665 + /* Intel documentation says that CU must be idle for the CU
  666 + * start command. Intel driver for Linux also starts the CU
  667 + * from suspended state. */
  668 + logout("CU state is %u, should be %u\n", get_cu_state(s), cu_idle);
  669 + //~ assert(!"wrong CU state");
  670 + }
  671 + set_cu_state(s, cu_active);
  672 + s->cu_offset = s->pointer;
  673 + next_command:
  674 + cb_address = s->cu_base + s->cu_offset;
  675 + cpu_physical_memory_read(cb_address, (uint8_t *) & tx, sizeof(tx));
  676 + uint16_t status = le16_to_cpu(tx.status);
  677 + uint16_t command = le16_to_cpu(tx.command);
  678 + logout
  679 + ("val=0x%02x (cu start), status=0x%04x, command=0x%04x, link=0x%08x\n",
  680 + val, status, command, tx.link);
  681 + bool bit_el = ((command & 0x8000) != 0);
  682 + bool bit_s = ((command & 0x4000) != 0);
  683 + bool bit_i = ((command & 0x2000) != 0);
  684 + bool bit_nc = ((command & 0x0010) != 0);
  685 + //~ bool bit_sf = ((command & 0x0008) != 0);
  686 + uint16_t cmd = command & 0x0007;
  687 + s->cu_offset = le32_to_cpu(tx.link);
  688 + switch (cmd) {
  689 + case CmdNOp:
  690 + /* Do nothing. */
  691 + break;
  692 + case CmdIASetup:
  693 + cpu_physical_memory_read(cb_address + 8, &s->macaddr[0], 6);
  694 + logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
  695 + break;
  696 + case CmdConfigure:
  697 + cpu_physical_memory_read(cb_address + 8, &s->configuration[0],
  698 + sizeof(s->configuration));
  699 + logout("configuration: %s\n", nic_dump(&s->configuration[0], 16));
  700 + break;
  701 + case CmdMulticastList:
  702 + //~ missing("multicast list");
  703 + break;
  704 + case CmdTx:
  705 + (void)0;
  706 + uint32_t tbd_array = le32_to_cpu(tx.tx_desc_addr);
  707 + uint16_t tcb_bytes = (le16_to_cpu(tx.tcb_bytes) & 0x3fff);
  708 + logout
  709 + ("transmit, TBD array address 0x%08x, TCB byte count 0x%04x, TBD count %u\n",
  710 + tbd_array, tcb_bytes, tx.tbd_count);
  711 + assert(!bit_nc);
  712 + //~ assert(!bit_sf);
  713 + assert(tcb_bytes <= 2600);
  714 + /* Next assertion fails for local configuration. */
  715 + //~ assert((tcb_bytes > 0) || (tbd_array != 0xffffffff));
  716 + if (!((tcb_bytes > 0) || (tbd_array != 0xffffffff))) {
  717 + logout
  718 + ("illegal values of TBD array address and TCB byte count!\n");
  719 + }
  720 + uint8_t buf[MAX_ETH_FRAME_SIZE + 4];
  721 + uint16_t size = 0;
  722 + uint32_t tbd_address = cb_address + 0x10;
  723 + assert(tcb_bytes <= sizeof(buf));
  724 + while (size < tcb_bytes) {
  725 + uint32_t tx_buffer_address = ldl_phys(tbd_address);
  726 + uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
  727 + //~ uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
  728 + tbd_address += 8;
  729 + logout
  730 + ("TBD (simplified mode): buffer address 0x%08x, size 0x%04x\n",
  731 + tx_buffer_address, tx_buffer_size);
  732 + cpu_physical_memory_read(tx_buffer_address, &buf[size],
  733 + tx_buffer_size);
  734 + size += tx_buffer_size;
  735 + }
  736 + if (tbd_array == 0xffffffff) {
  737 + /* Simplified mode. Was already handled by code above. */
  738 + } else {
  739 + /* Flexible mode. */
  740 + uint8_t tbd_count = 0;
  741 + if (!(s->configuration[6] & BIT(4))) {
  742 + /* Extended TCB. */
  743 + assert(tcb_bytes == 0);
  744 + for (; tbd_count < 2; tbd_count++) {
  745 + uint32_t tx_buffer_address = ldl_phys(tbd_address);
  746 + uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
  747 + uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
  748 + tbd_address += 8;
  749 + logout
  750 + ("TBD (extended mode): buffer address 0x%08x, size 0x%04x\n",
  751 + tx_buffer_address, tx_buffer_size);
  752 + cpu_physical_memory_read(tx_buffer_address, &buf[size],
  753 + tx_buffer_size);
  754 + size += tx_buffer_size;
  755 + if (tx_buffer_el & 1) {
  756 + break;
  757 + }
  758 + }
  759 + }
  760 + tbd_address = tbd_array;
  761 + for (; tbd_count < tx.tbd_count; tbd_count++) {
  762 + uint32_t tx_buffer_address = ldl_phys(tbd_address);
  763 + uint16_t tx_buffer_size = lduw_phys(tbd_address + 4);
  764 + uint16_t tx_buffer_el = lduw_phys(tbd_address + 6);
  765 + tbd_address += 8;
  766 + logout
  767 + ("TBD (flexible mode): buffer address 0x%08x, size 0x%04x\n",
  768 + tx_buffer_address, tx_buffer_size);
  769 + cpu_physical_memory_read(tx_buffer_address, &buf[size],
  770 + tx_buffer_size);
  771 + size += tx_buffer_size;
  772 + if (tx_buffer_el & 1) {
  773 + break;
  774 + }
  775 + }
  776 + }
  777 + qemu_send_packet(s->vc, buf, size);
  778 + s->statistics.tx_good_frames++;
  779 + /* Transmit with bad status would raise an CX/TNO interrupt.
  780 + * (82557 only). Emulation never has bad status. */
  781 + //~ eepro100_cx_interrupt(s);
  782 + break;
  783 + case CmdTDR:
  784 + logout("load microcode\n");
  785 + /* Starting with offset 8, the command contains
  786 + * 64 dwords microcode which we just ignore here. */
  787 + break;
  788 + default:
  789 + missing("undefined command");
  790 + }
  791 + /* Write new status (success). */
  792 + stw_phys(cb_address, status | 0x8000 | 0x2000);
  793 + if (bit_i) {
  794 + /* CU completed action. */
  795 + eepro100_cx_interrupt(s);
  796 + }
  797 + if (bit_el) {
  798 + /* CU becomes idle. */
  799 + set_cu_state(s, cu_idle);
  800 + eepro100_cna_interrupt(s);
  801 + } else if (bit_s) {
  802 + /* CU becomes suspended. */
  803 + set_cu_state(s, cu_suspended);
  804 + eepro100_cna_interrupt(s);
  805 + } else {
  806 + /* More entries in list. */
  807 + logout("CU list with at least one more entry\n");
  808 + goto next_command;
  809 + }
  810 + logout("CU list empty\n");
  811 + /* List is empty. Now CU is idle or suspended. */
  812 + break;
  813 + case CU_RESUME:
  814 + if (get_cu_state(s) != cu_suspended) {
  815 + logout("bad CU resume from CU state %u\n", get_cu_state(s));
  816 + /* Workaround for bad Linux eepro100 driver which resumes
  817 + * from idle state. */
  818 + //~ missing("cu resume");
  819 + set_cu_state(s, cu_suspended);
  820 + }
  821 + if (get_cu_state(s) == cu_suspended) {
  822 + logout("CU resuming\n");
  823 + set_cu_state(s, cu_active);
  824 + goto next_command;
  825 + }
  826 + break;
  827 + case CU_STATSADDR:
  828 + /* Load dump counters address. */
  829 + s->statsaddr = s->pointer;
  830 + logout("val=0x%02x (status address)\n", val);
  831 + break;
  832 + case CU_SHOWSTATS:
  833 + /* Dump statistical counters. */
  834 + dump_statistics(s);
  835 + break;
  836 + case CU_CMD_BASE:
  837 + /* Load CU base. */
  838 + logout("val=0x%02x (CU base address)\n", val);
  839 + s->cu_base = s->pointer;
  840 + break;
  841 + case CU_DUMPSTATS:
  842 + /* Dump and reset statistical counters. */
  843 + dump_statistics(s);
  844 + memset(&s->statistics, 0, sizeof(s->statistics));
  845 + break;
  846 + case CU_SRESUME:
  847 + /* CU static resume. */
  848 + missing("CU static resume");
  849 + break;
  850 + default:
  851 + missing("Undefined CU command");
  852 + }
  853 +}
  854 +
  855 +static void eepro100_ru_command(EEPRO100State * s, uint8_t val)
  856 +{
  857 + switch (val) {
  858 + case RU_NOP:
  859 + /* No operation. */
  860 + break;
  861 + case RX_START:
  862 + /* RU start. */
  863 + if (get_ru_state(s) != ru_idle) {
  864 + logout("RU state is %u, should be %u\n", get_ru_state(s), ru_idle);
  865 + //~ assert(!"wrong RU state");
  866 + }
  867 + set_ru_state(s, ru_ready);
  868 + s->ru_offset = s->pointer;
  869 + logout("val=0x%02x (rx start)\n", val);
  870 + break;
  871 + case RX_RESUME:
  872 + /* Restart RU. */
  873 + if (get_ru_state(s) != ru_suspended) {
  874 + logout("RU state is %u, should be %u\n", get_ru_state(s),
  875 + ru_suspended);
  876 + //~ assert(!"wrong RU state");
  877 + }
  878 + set_ru_state(s, ru_ready);
  879 + break;
  880 + case RX_ADDR_LOAD:
  881 + /* Load RU base. */
  882 + logout("val=0x%02x (RU base address)\n", val);
  883 + s->ru_base = s->pointer;
  884 + break;
  885 + default:
  886 + logout("val=0x%02x (undefined RU command)\n", val);
  887 + missing("Undefined SU command");
  888 + }
  889 +}
  890 +
  891 +static void eepro100_write_command(EEPRO100State * s, uint8_t val)
  892 +{
  893 + eepro100_ru_command(s, val & 0x0f);
  894 + eepro100_cu_command(s, val & 0xf0);
  895 + if ((val) == 0) {
  896 + logout("val=0x%02x\n", val);
  897 + }
  898 + /* Clear command byte after command was accepted. */
  899 + s->mem[SCBCmd] = 0;
  900 +}
  901 +
  902 +/*****************************************************************************
  903 + *
  904 + * EEPROM emulation.
  905 + *
  906 + ****************************************************************************/
  907 +
  908 +#define EEPROM_CS 0x02
  909 +#define EEPROM_SK 0x01
  910 +#define EEPROM_DI 0x04
  911 +#define EEPROM_DO 0x08
  912 +
  913 +static uint16_t eepro100_read_eeprom(EEPRO100State * s)
  914 +{
  915 + uint16_t val;
  916 + memcpy(&val, &s->mem[SCBeeprom], sizeof(val));
  917 + if (eeprom93xx_read(s->eeprom)) {
  918 + val |= EEPROM_DO;
  919 + } else {
  920 + val &= ~EEPROM_DO;
  921 + }
  922 + return val;
  923 +}
  924 +
  925 +static void eepro100_write_eeprom(eeprom_t * eeprom, uint8_t val)
  926 +{
  927 + logout("write val=0x%02x\n", val);
  928 +
  929 + /* mask unwriteable bits */
  930 + //~ val = SET_MASKED(val, 0x31, eeprom->value);
  931 +
  932 + int eecs = ((val & EEPROM_CS) != 0);
  933 + int eesk = ((val & EEPROM_SK) != 0);
  934 + int eedi = ((val & EEPROM_DI) != 0);
  935 + eeprom93xx_write(eeprom, eecs, eesk, eedi);
  936 +}
  937 +
  938 +static void eepro100_write_pointer(EEPRO100State * s, uint32_t val)
  939 +{
  940 + s->pointer = le32_to_cpu(val);
  941 + logout("val=0x%08x\n", val);
  942 +}
  943 +
  944 +/*****************************************************************************
  945 + *
  946 + * MDI emulation.
  947 + *
  948 + ****************************************************************************/
  949 +
  950 +#if defined(DEBUG_EEPRO100)
  951 +static const char *mdi_op_name[] = {
  952 + "opcode 0",
  953 + "write",
  954 + "read",
  955 + "opcode 3"
  956 +};
  957 +
  958 +static const char *mdi_reg_name[] = {
  959 + "Control",
  960 + "Status",
  961 + "PHY Identification (Word 1)",
  962 + "PHY Identification (Word 2)",
  963 + "Auto-Negotiation Advertisement",
  964 + "Auto-Negotiation Link Partner Ability",
  965 + "Auto-Negotiation Expansion"
  966 +};
  967 +#endif /* DEBUG_EEPRO100 */
  968 +
  969 +static uint32_t eepro100_read_mdi(EEPRO100State * s)
  970 +{
  971 + uint32_t val;
  972 + memcpy(&val, &s->mem[0x10], sizeof(val));
  973 +
  974 +#ifdef DEBUG_EEPRO100
  975 + uint8_t raiseint = (val & BIT(29)) >> 29;
  976 + uint8_t opcode = (val & BITS(27, 26)) >> 26;
  977 + uint8_t phy = (val & BITS(25, 21)) >> 21;
  978 + uint8_t reg = (val & BITS(20, 16)) >> 16;
  979 + uint16_t data = (val & BITS(15, 0));
  980 +#endif
  981 + /* Emulation takes no time to finish MDI transaction. */
  982 + val |= BIT(28);
  983 + TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
  984 + val, raiseint, mdi_op_name[opcode], phy,
  985 + mdi_reg_name[reg], data));
  986 + return val;
  987 +}
  988 +
  989 +//~ #define BITS(val, upper, lower) (val & ???)
  990 +static void eepro100_write_mdi(EEPRO100State * s, uint32_t val)
  991 +{
  992 + uint8_t raiseint = (val & BIT(29)) >> 29;
  993 + uint8_t opcode = (val & BITS(27, 26)) >> 26;
  994 + uint8_t phy = (val & BITS(25, 21)) >> 21;
  995 + uint8_t reg = (val & BITS(20, 16)) >> 16;
  996 + uint16_t data = (val & BITS(15, 0));
  997 + if (phy != 1) {
  998 + /* Unsupported PHY address. */
  999 + //~ logout("phy must be 1 but is %u\n", phy);
  1000 + data = 0;
  1001 + } else if (opcode != 1 && opcode != 2) {
  1002 + /* Unsupported opcode. */
  1003 + logout("opcode must be 1 or 2 but is %u\n", opcode);
  1004 + data = 0;
  1005 + } else if (reg > 6) {
  1006 + /* Unsupported register. */
  1007 + logout("register must be 0...6 but is %u\n", reg);
  1008 + data = 0;
  1009 + } else {
  1010 + TRACE(MDI, logout("val=0x%08x (int=%u, %s, phy=%u, %s, data=0x%04x\n",
  1011 + val, raiseint, mdi_op_name[opcode], phy,
  1012 + mdi_reg_name[reg], data));
  1013 + if (opcode == 1) {
  1014 + /* MDI write */
  1015 + switch (reg) {
  1016 + case 0: /* Control Register */
  1017 + if (data & 0x8000) {
  1018 + /* Reset status and control registers to default. */
  1019 + s->mdimem[0] = eepro100_mdi_default[0];
  1020 + s->mdimem[1] = eepro100_mdi_default[1];
  1021 + data = s->mdimem[reg];
  1022 + } else {
  1023 + /* Restart Auto Configuration = Normal Operation */
  1024 + data &= ~0x0200;
  1025 + }
  1026 + break;
  1027 + case 1: /* Status Register */
  1028 + missing("not writable");
  1029 + data = s->mdimem[reg];
  1030 + break;
  1031 + case 2: /* PHY Identification Register (Word 1) */
  1032 + case 3: /* PHY Identification Register (Word 2) */
  1033 + missing("not implemented");
  1034 + break;
  1035 + case 4: /* Auto-Negotiation Advertisement Register */
  1036 + case 5: /* Auto-Negotiation Link Partner Ability Register */
  1037 + break;
  1038 + case 6: /* Auto-Negotiation Expansion Register */
  1039 + default:
  1040 + missing("not implemented");
  1041 + }
  1042 + s->mdimem[reg] = data;
  1043 + } else if (opcode == 2) {
  1044 + /* MDI read */
  1045 + switch (reg) {
  1046 + case 0: /* Control Register */
  1047 + if (data & 0x8000) {
  1048 + /* Reset status and control registers to default. */
  1049 + s->mdimem[0] = eepro100_mdi_default[0];
  1050 + s->mdimem[1] = eepro100_mdi_default[1];
  1051 + }
  1052 + break;
  1053 + case 1: /* Status Register */
  1054 + s->mdimem[reg] |= 0x0020;
  1055 + break;
  1056 + case 2: /* PHY Identification Register (Word 1) */
  1057 + case 3: /* PHY Identification Register (Word 2) */
  1058 + case 4: /* Auto-Negotiation Advertisement Register */
  1059 + break;
  1060 + case 5: /* Auto-Negotiation Link Partner Ability Register */
  1061 + s->mdimem[reg] = 0x41fe;
  1062 + break;
  1063 + case 6: /* Auto-Negotiation Expansion Register */
  1064 + s->mdimem[reg] = 0x0001;
  1065 + break;
  1066 + }
  1067 + data = s->mdimem[reg];
  1068 + }
  1069 + /* Emulation takes no time to finish MDI transaction.
  1070 + * Set MDI bit in SCB status register. */
  1071 + s->mem[SCBAck] |= 0x08;
  1072 + val |= BIT(28);
  1073 + if (raiseint) {
  1074 + eepro100_mdi_interrupt(s);
  1075 + }
  1076 + }
  1077 + val = (val & 0xffff0000) + data;
  1078 + memcpy(&s->mem[0x10], &val, sizeof(val));
  1079 +}
  1080 +
  1081 +/*****************************************************************************
  1082 + *
  1083 + * Port emulation.
  1084 + *
  1085 + ****************************************************************************/
  1086 +
  1087 +#define PORT_SOFTWARE_RESET 0
  1088 +#define PORT_SELFTEST 1
  1089 +#define PORT_SELECTIVE_RESET 2
  1090 +#define PORT_DUMP 3
  1091 +#define PORT_SELECTION_MASK 3
  1092 +
  1093 +typedef struct {
  1094 + uint32_t st_sign; /* Self Test Signature */
  1095 + uint32_t st_result; /* Self Test Results */
  1096 +} eepro100_selftest_t;
  1097 +
  1098 +static uint32_t eepro100_read_port(EEPRO100State * s)
  1099 +{
  1100 + return 0;
  1101 +}
  1102 +
  1103 +static void eepro100_write_port(EEPRO100State * s, uint32_t val)
  1104 +{
  1105 + val = le32_to_cpu(val);
  1106 + uint32_t address = (val & ~PORT_SELECTION_MASK);
  1107 + uint8_t selection = (val & PORT_SELECTION_MASK);
  1108 + switch (selection) {
  1109 + case PORT_SOFTWARE_RESET:
  1110 + nic_reset(s);
  1111 + break;
  1112 + case PORT_SELFTEST:
  1113 + logout("selftest address=0x%08x\n", address);
  1114 + eepro100_selftest_t data;
  1115 + cpu_physical_memory_read(address, (uint8_t *) & data, sizeof(data));
  1116 + data.st_sign = 0xffffffff;
  1117 + data.st_result = 0;
  1118 + cpu_physical_memory_write(address, (uint8_t *) & data, sizeof(data));
  1119 + break;
  1120 + case PORT_SELECTIVE_RESET:
  1121 + logout("selective reset, selftest address=0x%08x\n", address);
  1122 + nic_selective_reset(s);
  1123 + break;
  1124 + default:
  1125 + logout("val=0x%08x\n", val);
  1126 + missing("unknown port selection");
  1127 + }
  1128 +}
  1129 +
  1130 +/*****************************************************************************
  1131 + *
  1132 + * General hardware emulation.
  1133 + *
  1134 + ****************************************************************************/
  1135 +
  1136 +static uint8_t eepro100_read1(EEPRO100State * s, uint32_t addr)
  1137 +{
  1138 + uint8_t val;
  1139 + if (addr <= sizeof(s->mem) - sizeof(val)) {
  1140 + memcpy(&val, &s->mem[addr], sizeof(val));
  1141 + }
  1142 +
  1143 + switch (addr) {
  1144 + case SCBStatus:
  1145 + //~ val = eepro100_read_status(s);
  1146 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1147 + break;
  1148 + case SCBAck:
  1149 + //~ val = eepro100_read_status(s);
  1150 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1151 + break;
  1152 + case SCBCmd:
  1153 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1154 + //~ val = eepro100_read_command(s);
  1155 + break;
  1156 + case SCBIntmask:
  1157 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1158 + break;
  1159 + case SCBPort + 3:
  1160 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1161 + break;
  1162 + case SCBeeprom:
  1163 + val = eepro100_read_eeprom(s);
  1164 + break;
  1165 + case 0x1b: /* PMDR (power management driver register) */
  1166 + val = 0;
  1167 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1168 + break;
  1169 + case 0x1d: /* general status register */
  1170 + /* 100 Mbps full duplex, valid link */
  1171 + val = 0x07;
  1172 + logout("addr=General Status val=%02x\n", val);
  1173 + break;
  1174 + default:
  1175 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1176 + missing("unknown byte read");
  1177 + }
  1178 + return val;
  1179 +}
  1180 +
  1181 +static uint16_t eepro100_read2(EEPRO100State * s, uint32_t addr)
  1182 +{
  1183 + uint16_t val;
  1184 + if (addr <= sizeof(s->mem) - sizeof(val)) {
  1185 + memcpy(&val, &s->mem[addr], sizeof(val));
  1186 + }
  1187 +
  1188 + logout("addr=%s val=0x%04x\n", regname(addr), val);
  1189 +
  1190 + switch (addr) {
  1191 + case SCBStatus:
  1192 + //~ val = eepro100_read_status(s);
  1193 + break;
  1194 + case SCBeeprom:
  1195 + val = eepro100_read_eeprom(s);
  1196 + break;
  1197 + default:
  1198 + logout("addr=%s val=0x%04x\n", regname(addr), val);
  1199 + missing("unknown word read");
  1200 + }
  1201 + return val;
  1202 +}
  1203 +
  1204 +static uint32_t eepro100_read4(EEPRO100State * s, uint32_t addr)
  1205 +{
  1206 + uint32_t val;
  1207 + if (addr <= sizeof(s->mem) - sizeof(val)) {
  1208 + memcpy(&val, &s->mem[addr], sizeof(val));
  1209 + }
  1210 +
  1211 + switch (addr) {
  1212 + case SCBStatus:
  1213 + //~ val = eepro100_read_status(s);
  1214 + logout("addr=%s val=0x%08x\n", regname(addr), val);
  1215 + break;
  1216 + case SCBPointer:
  1217 + //~ val = eepro100_read_pointer(s);
  1218 + logout("addr=%s val=0x%08x\n", regname(addr), val);
  1219 + break;
  1220 + case SCBPort:
  1221 + val = eepro100_read_port(s);
  1222 + logout("addr=%s val=0x%08x\n", regname(addr), val);
  1223 + break;
  1224 + case SCBCtrlMDI:
  1225 + val = eepro100_read_mdi(s);
  1226 + break;
  1227 + default:
  1228 + logout("addr=%s val=0x%08x\n", regname(addr), val);
  1229 + missing("unknown longword read");
  1230 + }
  1231 + return val;
  1232 +}
  1233 +
  1234 +static void eepro100_write1(EEPRO100State * s, uint32_t addr, uint8_t val)
  1235 +{
  1236 + if (addr <= sizeof(s->mem) - sizeof(val)) {
  1237 + memcpy(&s->mem[addr], &val, sizeof(val));
  1238 + }
  1239 +
  1240 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1241 +
  1242 + switch (addr) {
  1243 + case SCBStatus:
  1244 + //~ eepro100_write_status(s, val);
  1245 + break;
  1246 + case SCBAck:
  1247 + eepro100_acknowledge(s);
  1248 + break;
  1249 + case SCBCmd:
  1250 + eepro100_write_command(s, val);
  1251 + break;
  1252 + case SCBIntmask:
  1253 + if (val & BIT(1)) {
  1254 + eepro100_swi_interrupt(s);
  1255 + }
  1256 + eepro100_interrupt(s, 0);
  1257 + break;
  1258 + case SCBPort + 3:
  1259 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1260 + break;
  1261 + case SCBeeprom:
  1262 + eepro100_write_eeprom(s->eeprom, val);
  1263 + break;
  1264 + default:
  1265 + logout("addr=%s val=0x%02x\n", regname(addr), val);
  1266 + missing("unknown byte write");
  1267 + }
  1268 +}
  1269 +
  1270 +static void eepro100_write2(EEPRO100State * s, uint32_t addr, uint16_t val)
  1271 +{
  1272 + if (addr <= sizeof(s->mem) - sizeof(val)) {
  1273 + memcpy(&s->mem[addr], &val, sizeof(val));
  1274 + }
  1275 +
  1276 + logout("addr=%s val=0x%04x\n", regname(addr), val);
  1277 +
  1278 + switch (addr) {
  1279 + case SCBStatus:
  1280 + //~ eepro100_write_status(s, val);
  1281 + eepro100_acknowledge(s);
  1282 + break;
  1283 + case SCBCmd:
  1284 + eepro100_write_command(s, val);
  1285 + eepro100_write1(s, SCBIntmask, val >> 8);
  1286 + break;
  1287 + case SCBeeprom:
  1288 + eepro100_write_eeprom(s->eeprom, val);
  1289 + break;
  1290 + default:
  1291 + logout("addr=%s val=0x%04x\n", regname(addr), val);
  1292 + missing("unknown word write");
  1293 + }
  1294 +}
  1295 +
  1296 +static void eepro100_write4(EEPRO100State * s, uint32_t addr, uint32_t val)
  1297 +{
  1298 + if (addr <= sizeof(s->mem) - sizeof(val)) {
  1299 + memcpy(&s->mem[addr], &val, sizeof(val));
  1300 + }
  1301 +
  1302 + switch (addr) {
  1303 + case SCBPointer:
  1304 + eepro100_write_pointer(s, val);
  1305 + break;
  1306 + case SCBPort:
  1307 + logout("addr=%s val=0x%08x\n", regname(addr), val);
  1308 + eepro100_write_port(s, val);
  1309 + break;
  1310 + case SCBCtrlMDI:
  1311 + eepro100_write_mdi(s, val);
  1312 + break;
  1313 + default:
  1314 + logout("addr=%s val=0x%08x\n", regname(addr), val);
  1315 + missing("unknown longword write");
  1316 + }
  1317 +}
  1318 +
  1319 +static uint32_t ioport_read1(void *opaque, uint32_t addr)
  1320 +{
  1321 + EEPRO100State *s = opaque;
  1322 + //~ logout("addr=%s\n", regname(addr));
  1323 + return eepro100_read1(s, addr - s->region[1]);
  1324 +}
  1325 +
  1326 +static uint32_t ioport_read2(void *opaque, uint32_t addr)
  1327 +{
  1328 + EEPRO100State *s = opaque;
  1329 + return eepro100_read2(s, addr - s->region[1]);
  1330 +}
  1331 +
  1332 +static uint32_t ioport_read4(void *opaque, uint32_t addr)
  1333 +{
  1334 + EEPRO100State *s = opaque;
  1335 + return eepro100_read4(s, addr - s->region[1]);
  1336 +}
  1337 +
  1338 +static void ioport_write1(void *opaque, uint32_t addr, uint32_t val)
  1339 +{
  1340 + EEPRO100State *s = opaque;
  1341 + //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
  1342 + eepro100_write1(s, addr - s->region[1], val);
  1343 +}
  1344 +
  1345 +static void ioport_write2(void *opaque, uint32_t addr, uint32_t val)
  1346 +{
  1347 + EEPRO100State *s = opaque;
  1348 + eepro100_write2(s, addr - s->region[1], val);
  1349 +}
  1350 +
  1351 +static void ioport_write4(void *opaque, uint32_t addr, uint32_t val)
  1352 +{
  1353 + EEPRO100State *s = opaque;
  1354 + eepro100_write4(s, addr - s->region[1], val);
  1355 +}
  1356 +
  1357 +/***********************************************************/
  1358 +/* PCI EEPRO100 definitions */
  1359 +
  1360 +typedef struct PCIEEPRO100State {
  1361 + PCIDevice dev;
  1362 + EEPRO100State eepro100;
  1363 +} PCIEEPRO100State;
  1364 +
  1365 +static void pci_map(PCIDevice * pci_dev, int region_num,
  1366 + uint32_t addr, uint32_t size, int type)
  1367 +{
  1368 + PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
  1369 + EEPRO100State *s = &d->eepro100;
  1370 +
  1371 + logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
  1372 + region_num, addr, size, type);
  1373 +
  1374 + assert(region_num == 1);
  1375 + register_ioport_write(addr, size, 1, ioport_write1, s);
  1376 + register_ioport_read(addr, size, 1, ioport_read1, s);
  1377 + register_ioport_write(addr, size, 2, ioport_write2, s);
  1378 + register_ioport_read(addr, size, 2, ioport_read2, s);
  1379 + register_ioport_write(addr, size, 4, ioport_write4, s);
  1380 + register_ioport_read(addr, size, 4, ioport_read4, s);
  1381 +
  1382 + s->region[region_num] = addr;
  1383 +}
  1384 +
  1385 +static void pci_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
  1386 +{
  1387 + EEPRO100State *s = opaque;
  1388 + addr -= s->region[0];
  1389 + //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
  1390 + eepro100_write1(s, addr, val);
  1391 +}
  1392 +
  1393 +static void pci_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
  1394 +{
  1395 + EEPRO100State *s = opaque;
  1396 + addr -= s->region[0];
  1397 + //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
  1398 + eepro100_write2(s, addr, val);
  1399 +}
  1400 +
  1401 +static void pci_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
  1402 +{
  1403 + EEPRO100State *s = opaque;
  1404 + addr -= s->region[0];
  1405 + //~ logout("addr=%s val=0x%02x\n", regname(addr), val);
  1406 + eepro100_write4(s, addr, val);
  1407 +}
  1408 +
  1409 +static uint32_t pci_mmio_readb(void *opaque, target_phys_addr_t addr)
  1410 +{
  1411 + EEPRO100State *s = opaque;
  1412 + addr -= s->region[0];
  1413 + //~ logout("addr=%s\n", regname(addr));
  1414 + return eepro100_read1(s, addr);
  1415 +}
  1416 +
  1417 +static uint32_t pci_mmio_readw(void *opaque, target_phys_addr_t addr)
  1418 +{
  1419 + EEPRO100State *s = opaque;
  1420 + addr -= s->region[0];
  1421 + //~ logout("addr=%s\n", regname(addr));
  1422 + return eepro100_read2(s, addr);
  1423 +}
  1424 +
  1425 +static uint32_t pci_mmio_readl(void *opaque, target_phys_addr_t addr)
  1426 +{
  1427 + EEPRO100State *s = opaque;
  1428 + addr -= s->region[0];
  1429 + //~ logout("addr=%s\n", regname(addr));
  1430 + return eepro100_read4(s, addr);
  1431 +}
  1432 +
  1433 +static CPUWriteMemoryFunc *pci_mmio_write[] = {
  1434 + pci_mmio_writeb,
  1435 + pci_mmio_writew,
  1436 + pci_mmio_writel
  1437 +};
  1438 +
  1439 +static CPUReadMemoryFunc *pci_mmio_read[] = {
  1440 + pci_mmio_readb,
  1441 + pci_mmio_readw,
  1442 + pci_mmio_readl
  1443 +};
  1444 +
  1445 +static void pci_mmio_map(PCIDevice * pci_dev, int region_num,
  1446 + uint32_t addr, uint32_t size, int type)
  1447 +{
  1448 + PCIEEPRO100State *d = (PCIEEPRO100State *) pci_dev;
  1449 +
  1450 + logout("region %d, addr=0x%08x, size=0x%08x, type=%d\n",
  1451 + region_num, addr, size, type);
  1452 +
  1453 + if (region_num == 0) {
  1454 + /* Map control / status registers. */
  1455 + cpu_register_physical_memory(addr, size, d->eepro100.mmio_index);
  1456 + d->eepro100.region[region_num] = addr;
  1457 + }
  1458 +}
  1459 +
  1460 +static int nic_can_receive(void *opaque)
  1461 +{
  1462 + EEPRO100State *s = opaque;
  1463 + logout("%p\n", s);
  1464 + return get_ru_state(s) == ru_ready;
  1465 + //~ return !eepro100_buffer_full(s);
  1466 +}
  1467 +
  1468 +#define MIN_BUF_SIZE 60
  1469 +
  1470 +static void nic_receive(void *opaque, const uint8_t * buf, int size)
  1471 +{
  1472 + /* TODO:
  1473 + * - Magic packets should set bit 30 in power management driver register.
  1474 + * - Interesting packets should set bit 29 in power management driver register.
  1475 + */
  1476 + EEPRO100State *s = opaque;
  1477 + uint16_t rfd_status = 0xa000;
  1478 + static const uint8_t broadcast_macaddr[6] =
  1479 + { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
  1480 +
  1481 + /* TODO: check multiple IA bit. */
  1482 + assert(!(s->configuration[20] & BIT(6)));
  1483 +
  1484 + if (s->configuration[8] & 0x80) {
  1485 + /* CSMA is disabled. */
  1486 + logout("%p received while CSMA is disabled\n", s);
  1487 + return;
  1488 + } else if (size < 64 && (s->configuration[7] & 1)) {
  1489 + /* Short frame and configuration byte 7/0 (discard short receive) set:
  1490 + * Short frame is discarded */
  1491 + logout("%p received short frame (%d byte)\n", s, size);
  1492 + s->statistics.rx_short_frame_errors++;
  1493 + //~ return;
  1494 + } else if ((size > MAX_ETH_FRAME_SIZE + 4) && !(s->configuration[18] & 8)) {
  1495 + /* Long frame and configuration byte 18/3 (long receive ok) not set:
  1496 + * Long frames are discarded. */
  1497 + logout("%p received long frame (%d byte), ignored\n", s, size);
  1498 + return;
  1499 + } else if (memcmp(buf, s->macaddr, 6) == 0) { // !!!
  1500 + /* Frame matches individual address. */
  1501 + /* TODO: check configuration byte 15/4 (ignore U/L). */
  1502 + logout("%p received frame for me, len=%d\n", s, size);
  1503 + } else if (memcmp(buf, broadcast_macaddr, 6) == 0) {
  1504 + /* Broadcast frame. */
  1505 + logout("%p received broadcast, len=%d\n", s, size);
  1506 + rfd_status |= 0x0002;
  1507 + } else if (buf[0] & 0x01) { // !!!
  1508 + /* Multicast frame. */
  1509 + logout("%p received multicast, len=%d\n", s, size);
  1510 + /* TODO: check multicast all bit. */
  1511 + assert(!(s->configuration[21] & BIT(3)));
  1512 + int mcast_idx = compute_mcast_idx(buf);
  1513 + if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7)))) {
  1514 + return;
  1515 + }
  1516 + rfd_status |= 0x0002;
  1517 + } else if (s->configuration[15] & 1) {
  1518 + /* Promiscuous: receive all. */
  1519 + logout("%p received frame in promiscuous mode, len=%d\n", s, size);
  1520 + rfd_status |= 0x0004;
  1521 + } else {
  1522 + logout("%p received frame, ignored, len=%d,%s\n", s, size,
  1523 + nic_dump(buf, size));
  1524 + return;
  1525 + }
  1526 +
  1527 + if (get_ru_state(s) != ru_ready) {
  1528 + /* No ressources available. */
  1529 + logout("no ressources, state=%u\n", get_ru_state(s));
  1530 + s->statistics.rx_resource_errors++;
  1531 + //~ assert(!"no ressources");
  1532 + return;
  1533 + }
  1534 + //~ !!!
  1535 +//~ $3 = {status = 0x0, command = 0xc000, link = 0x2d220, rx_buf_addr = 0x207dc, count = 0x0, size = 0x5f8, packet = {0x0 <repeats 1518 times>}}
  1536 + eepro100_rx_t rx;
  1537 + cpu_physical_memory_read(s->ru_base + s->ru_offset, (uint8_t *) & rx,
  1538 + offsetof(eepro100_rx_t, packet));
  1539 + uint16_t rfd_command = le16_to_cpu(rx.command);
  1540 + uint16_t rfd_size = le16_to_cpu(rx.size);
  1541 + assert(size <= rfd_size);
  1542 + if (size < 64) {
  1543 + rfd_status |= 0x0080;
  1544 + }
  1545 + logout("command 0x%04x, link 0x%08x, addr 0x%08x, size %u\n", rfd_command,
  1546 + rx.link, rx.rx_buf_addr, rfd_size);
  1547 + stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, status),
  1548 + rfd_status);
  1549 + stw_phys(s->ru_base + s->ru_offset + offsetof(eepro100_rx_t, count), size);
  1550 + /* Early receive interrupt not supported. */
  1551 + //~ eepro100_er_interrupt(s);
  1552 + /* Receive CRC Transfer not supported. */
  1553 + assert(!(s->configuration[18] & 4));
  1554 + /* TODO: check stripping enable bit. */
  1555 + //~ assert(!(s->configuration[17] & 1));
  1556 + cpu_physical_memory_write(s->ru_base + s->ru_offset +
  1557 + offsetof(eepro100_rx_t, packet), buf, size);
  1558 + s->statistics.rx_good_frames++;
  1559 + eepro100_fr_interrupt(s);
  1560 + s->ru_offset = le32_to_cpu(rx.link);
  1561 + if (rfd_command & 0x8000) {
  1562 + /* EL bit is set, so this was the last frame. */
  1563 + assert(0);
  1564 + }
  1565 + if (rfd_command & 0x4000) {
  1566 + /* S bit is set. */
  1567 + set_ru_state(s, ru_suspended);
  1568 + }
  1569 +}
  1570 +
  1571 +static int nic_load(QEMUFile * f, void *opaque, int version_id)
  1572 +{
  1573 + EEPRO100State *s = (EEPRO100State *) opaque;
  1574 + int ret;
  1575 +
  1576 + missing("NIC load");
  1577 +
  1578 + if (version_id > 3)
  1579 + return -EINVAL;
  1580 +
  1581 + if (s->pci_dev && version_id >= 3) {
  1582 + ret = pci_device_load(s->pci_dev, f);
  1583 + if (ret < 0)
  1584 + return ret;
  1585 + }
  1586 +
  1587 + if (version_id >= 2) {
  1588 + qemu_get_8s(f, &s->rxcr);
  1589 + } else {
  1590 + s->rxcr = 0x0c;
  1591 + }
  1592 +
  1593 + qemu_get_8s(f, &s->cmd);
  1594 + qemu_get_be32s(f, &s->start);
  1595 + qemu_get_be32s(f, &s->stop);
  1596 + qemu_get_8s(f, &s->boundary);
  1597 + qemu_get_8s(f, &s->tsr);
  1598 + qemu_get_8s(f, &s->tpsr);
  1599 + qemu_get_be16s(f, &s->tcnt);
  1600 + qemu_get_be16s(f, &s->rcnt);
  1601 + qemu_get_be32s(f, &s->rsar);
  1602 + qemu_get_8s(f, &s->rsr);
  1603 + qemu_get_8s(f, &s->isr);
  1604 + qemu_get_8s(f, &s->dcfg);
  1605 + qemu_get_8s(f, &s->imr);
  1606 + qemu_get_buffer(f, s->phys, 6);
  1607 + qemu_get_8s(f, &s->curpag);
  1608 + qemu_get_buffer(f, s->mult, 8);
  1609 + qemu_get_buffer(f, s->mem, sizeof(s->mem));
  1610 +
  1611 + return 0;
  1612 +}
  1613 +
  1614 +static void nic_save(QEMUFile * f, void *opaque)
  1615 +{
  1616 + EEPRO100State *s = (EEPRO100State *) opaque;
  1617 +
  1618 + missing("NIC save");
  1619 +
  1620 + if (s->pci_dev)
  1621 + pci_device_save(s->pci_dev, f);
  1622 +
  1623 + qemu_put_8s(f, &s->rxcr);
  1624 +
  1625 + qemu_put_8s(f, &s->cmd);
  1626 + qemu_put_be32s(f, &s->start);
  1627 + qemu_put_be32s(f, &s->stop);
  1628 + qemu_put_8s(f, &s->boundary);
  1629 + qemu_put_8s(f, &s->tsr);
  1630 + qemu_put_8s(f, &s->tpsr);
  1631 + qemu_put_be16s(f, &s->tcnt);
  1632 + qemu_put_be16s(f, &s->rcnt);
  1633 + qemu_put_be32s(f, &s->rsar);
  1634 + qemu_put_8s(f, &s->rsr);
  1635 + qemu_put_8s(f, &s->isr);
  1636 + qemu_put_8s(f, &s->dcfg);
  1637 + qemu_put_8s(f, &s->imr);
  1638 + qemu_put_buffer(f, s->phys, 6);
  1639 + qemu_put_8s(f, &s->curpag);
  1640 + qemu_put_buffer(f, s->mult, 8);
  1641 + qemu_put_buffer(f, s->mem, sizeof(s->mem));
  1642 +}
  1643 +
  1644 +static void nic_init(PCIBus * bus, NICInfo * nd,
  1645 + const char *name, uint32_t device)
  1646 +{
  1647 + PCIEEPRO100State *d;
  1648 + EEPRO100State *s;
  1649 +
  1650 + logout("\n");
  1651 +
  1652 + d = (PCIEEPRO100State *) pci_register_device(bus, name,
  1653 + sizeof(PCIEEPRO100State), -1,
  1654 + NULL, NULL);
  1655 +
  1656 + s = &d->eepro100;
  1657 + s->device = device;
  1658 + s->pci_dev = &d->dev;
  1659 +
  1660 + pci_reset(s);
  1661 +
  1662 + /* Add 64 * 2 EEPROM. i82557 and i82558 support a 64 word EEPROM,
  1663 + * i82559 and later support 64 or 256 word EEPROM. */
  1664 + s->eeprom = eeprom93xx_new(EEPROM_SIZE);
  1665 +
  1666 + /* Handler for memory-mapped I/O */
  1667 + d->eepro100.mmio_index =
  1668 + cpu_register_io_memory(0, pci_mmio_read, pci_mmio_write, s);
  1669 +
  1670 + pci_register_io_region(&d->dev, 0, PCI_MEM_SIZE,
  1671 + PCI_ADDRESS_SPACE_MEM |
  1672 + PCI_ADDRESS_SPACE_MEM_PREFETCH, pci_mmio_map);
  1673 + pci_register_io_region(&d->dev, 1, PCI_IO_SIZE, PCI_ADDRESS_SPACE_IO,
  1674 + pci_map);
  1675 + pci_register_io_region(&d->dev, 2, PCI_FLASH_SIZE, PCI_ADDRESS_SPACE_MEM,
  1676 + pci_mmio_map);
  1677 +
  1678 + memcpy(s->macaddr, nd->macaddr, 6);
  1679 + logout("macaddr: %s\n", nic_dump(&s->macaddr[0], 6));
  1680 + assert(s->region[1] == 0);
  1681 +
  1682 + nic_reset(s);
  1683 +
  1684 + s->vc = qemu_new_vlan_client(nd->vlan, nic_receive, nic_can_receive, s);
  1685 +
  1686 + snprintf(s->vc->info_str, sizeof(s->vc->info_str),
  1687 + "eepro100 pci macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
  1688 + s->macaddr[0],
  1689 + s->macaddr[1],
  1690 + s->macaddr[2], s->macaddr[3], s->macaddr[4], s->macaddr[5]);
  1691 +
  1692 + qemu_register_reset(nic_reset, s);
  1693 +
  1694 + /* XXX: instance number ? */
  1695 + register_savevm(name, 0, 3, nic_save, nic_load, s);
  1696 +}
  1697 +
  1698 +void pci_i82551_init(PCIBus * bus, NICInfo * nd, int devfn)
  1699 +{
  1700 + nic_init(bus, nd, "i82551", i82551);
  1701 + //~ uint8_t *pci_conf = d->dev.config;
  1702 +}
  1703 +
  1704 +void pci_i82557b_init(PCIBus * bus, NICInfo * nd, int devfn)
  1705 +{
  1706 + nic_init(bus, nd, "i82557b", i82557B);
  1707 +}
  1708 +
  1709 +void pci_i82559er_init(PCIBus * bus, NICInfo * nd, int devfn)
  1710 +{
  1711 + nic_init(bus, nd, "i82559er", i82559ER);
  1712 +}
  1713 +
  1714 +/* eof */
... ...
hw/eeprom93xx.c 0 → 100644
  View file @663e8e5
  1 +/*
  2 + * QEMU EEPROM 93xx emulation
  3 + *
  4 + * Copyright (c) 2006-2007 Stefan Weil
  5 + *
  6 + * This program is free software; you can redistribute it and/or modify
  7 + * it under the terms of the GNU General Public License as published by
  8 + * the Free Software Foundation; either version 2 of the License, or
  9 + * (at your option) any later version.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU General Public License
  17 + * along with this program; if not, write to the Free Software
  18 + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  19 + */
  20 +
  21 +/* Emulation for serial EEPROMs:
  22 + * NMC93C06 256-Bit (16 x 16)
  23 + * NMC93C46 1024-Bit (64 x 16)
  24 + * NMC93C56 2028 Bit (128 x 16)
  25 + * NMC93C66 4096 Bit (256 x 16)
  26 + * Compatible devices include FM93C46 and others.
  27 + *
  28 + * Other drivers use these interface functions:
  29 + * eeprom93xx_new - add a new EEPROM (with 16, 64 or 256 words)
  30 + * eeprom93xx_free - destroy EEPROM
  31 + * eeprom93xx_read - read data from the EEPROM
  32 + * eeprom93xx_write - write data to the EEPROM
  33 + * eeprom93xx_data - get EEPROM data array for external manipulation
  34 + *
  35 + * Todo list:
  36 + * - No emulation of EEPROM timings.
  37 + */
  38 +
  39 +#include <assert.h>
  40 +#include "eeprom93xx.h"
  41 +
  42 +/* Debug EEPROM emulation. */
  43 +//~ #define DEBUG_EEPROM
  44 +
  45 +#ifdef DEBUG_EEPROM
  46 +#define logout(fmt, args...) fprintf(stderr, "EEPROM\t%-24s" fmt, __func__, ##args)
  47 +#else
  48 +#define logout(fmt, args...) ((void)0)
  49 +#endif
  50 +
  51 +static int eeprom_instance = 0;
  52 +static const int eeprom_version = 20061112;
  53 +
  54 +#if 0
  55 +typedef enum {
  56 + eeprom_read = 0x80, /* read register xx */
  57 + eeprom_write = 0x40, /* write register xx */
  58 + eeprom_erase = 0xc0, /* erase register xx */
  59 + eeprom_ewen = 0x30, /* erase / write enable */
  60 + eeprom_ewds = 0x00, /* erase / write disable */
  61 + eeprom_eral = 0x20, /* erase all registers */
  62 + eeprom_wral = 0x10, /* write all registers */
  63 + eeprom_amask = 0x0f,
  64 + eeprom_imask = 0xf0
  65 +} eeprom_instruction_t;
  66 +#endif
  67 +
  68 +#ifdef DEBUG_EEPROM
  69 +static const char *opstring[] = {
  70 + "extended", "write", "read", "erase"
  71 +};
  72 +#endif
  73 +
  74 +struct _eeprom_t {
  75 + uint8_t tick;
  76 + uint8_t address;
  77 + uint8_t command;
  78 + uint8_t writeable;
  79 +
  80 + uint8_t eecs;
  81 + uint8_t eesk;
  82 + uint8_t eedo;
  83 +
  84 + uint8_t addrbits;
  85 + uint8_t size;
  86 + uint16_t data;
  87 + uint16_t contents[0];
  88 +};
  89 +
  90 +/* Code for saving and restoring of EEPROM state. */
  91 +
  92 +static void eeprom_save(QEMUFile *f, void *opaque)
  93 +{
  94 + /* Save EEPROM data. */
  95 + unsigned address;
  96 + eeprom_t *eeprom = (eeprom_t *)opaque;
  97 + qemu_put_buffer(f, (uint8_t *)eeprom, sizeof(*eeprom) - 2);
  98 + qemu_put_be16(f, eeprom->data);
  99 + for (address = 0; address < eeprom->size; address++) {
  100 + qemu_put_be16(f, eeprom->contents[address]);
  101 + }
  102 +}
  103 +
  104 +static int eeprom_load(QEMUFile *f, void *opaque, int version_id)
  105 +{
  106 + /* Load EEPROM data from saved data if version and EEPROM size
  107 + of data and current EEPROM are identical. */
  108 + eeprom_t *eeprom = (eeprom_t *)opaque;
  109 + int result = -EINVAL;
  110 + if (version_id == eeprom_version) {
  111 + unsigned address;
  112 + uint8_t size = eeprom->size;
  113 + qemu_get_buffer(f, (uint8_t *)eeprom, sizeof(*eeprom) - 2);
  114 + if (eeprom->size == size) {
  115 + eeprom->data = qemu_get_be16(f);
  116 + for (address = 0; address < eeprom->size; address++) {
  117 + eeprom->contents[address] = qemu_get_be16(f);
  118 + }
  119 + result = 0;
  120 + }
  121 + }
  122 + return result;
  123 +}
  124 +
  125 +void eeprom93xx_write(eeprom_t *eeprom, int eecs, int eesk, int eedi)
  126 +{
  127 + uint8_t tick = eeprom->tick;
  128 + uint8_t eedo = eeprom->eedo;
  129 + uint16_t address = eeprom->address;
  130 + uint8_t command = eeprom->command;
  131 +
  132 + logout("CS=%u SK=%u DI=%u DO=%u, tick = %u\n",
  133 + eecs, eesk, eedi, eedo, tick);
  134 +
  135 + if (! eeprom->eecs && eecs) {
  136 + /* Start chip select cycle. */
  137 + logout("Cycle start, waiting for 1st start bit (0)\n");
  138 + tick = 0;
  139 + command = 0x0;
  140 + address = 0x0;
  141 + } else if (eeprom->eecs && ! eecs) {
  142 + /* End chip select cycle. This triggers write / erase. */
  143 + if (eeprom->writeable) {
  144 + uint8_t subcommand = address >> (eeprom->addrbits - 2);
  145 + if (command == 0 && subcommand == 2) {
  146 + /* Erase all. */
  147 + for (address = 0; address < eeprom->size; address++) {
  148 + eeprom->contents[address] = 0xffff;
  149 + }
  150 + } else if (command == 3) {
  151 + /* Erase word. */
  152 + eeprom->contents[address] = 0xffff;
  153 + } else if (tick >= 2 + 2 + eeprom->addrbits + 16) {
  154 + if (command == 1) {
  155 + /* Write word. */
  156 + eeprom->contents[address] &= eeprom->data;
  157 + } else if (command == 0 && subcommand == 1) {
  158 + /* Write all. */
  159 + for (address = 0; address < eeprom->size; address++) {
  160 + eeprom->contents[address] &= eeprom->data;
  161 + }
  162 + }
  163 + }
  164 + }
  165 + /* Output DO is tristate, read results in 1. */
  166 + eedo = 1;
  167 + } else if (eecs && ! eeprom->eesk && eesk) {
  168 + /* Raising edge of clock shifts data in. */
  169 + if (tick == 0) {
  170 + /* Wait for 1st start bit. */
  171 + if (eedi == 0) {
  172 + logout("Got correct 1st start bit, waiting for 2nd start bit (1)\n");
  173 + tick++;
  174 + } else {
  175 + logout("wrong 1st start bit (is 1, should be 0)\n");
  176 + tick = 2;
  177 + //~ assert(!"wrong start bit");
  178 + }
  179 + } else if (tick == 1) {
  180 + /* Wait for 2nd start bit. */
  181 + if (eedi != 0) {
  182 + logout("Got correct 2nd start bit, getting command + address\n");
  183 + tick++;
  184 + } else {
  185 + logout("1st start bit is longer than needed\n");
  186 + }
  187 + } else if (tick < 2 + 2) {
  188 + /* Got 2 start bits, transfer 2 opcode bits. */
  189 + tick++;
  190 + command <<= 1;
  191 + if (eedi) {
  192 + command += 1;
  193 + }
  194 + } else if (tick < 2 + 2 + eeprom->addrbits) {
  195 + /* Got 2 start bits and 2 opcode bits, transfer all address bits. */
  196 + tick++;
  197 + address = ((address << 1) | eedi);
  198 + if (tick == 2 + 2 + eeprom->addrbits) {
  199 + logout("%s command, address = 0x%02x (value 0x%04x)\n",
  200 + opstring[command], address, eeprom->contents[address]);
  201 + if (command == 2) {
  202 + eedo = 0;
  203 + }
  204 + address = address % eeprom->size;
  205 + if (command == 0) {
  206 + /* Command code in upper 2 bits of address. */
  207 + switch (address >> (eeprom->addrbits - 2)) {
  208 + case 0:
  209 + logout("write disable command\n");
  210 + eeprom->writeable = 0;
  211 + break;
  212 + case 1:
  213 + logout("write all command\n");
  214 + break;
  215 + case 2:
  216 + logout("erase all command\n");
  217 + break;
  218 + case 3:
  219 + logout("write enable command\n");
  220 + eeprom->writeable = 1;
  221 + break;
  222 + }
  223 + } else {
  224 + /* Read, write or erase word. */
  225 + eeprom->data = eeprom->contents[address];
  226 + }
  227 + }
  228 + } else if (tick < 2 + 2 + eeprom->addrbits + 16) {
  229 + /* Transfer 16 data bits. */
  230 + tick++;
  231 + if (command == 2) {
  232 + /* Read word. */
  233 + eedo = ((eeprom->data & 0x8000) != 0);
  234 + }
  235 + eeprom->data <<= 1;
  236 + eeprom->data += eedi;
  237 + } else {
  238 + logout("additional unneeded tick, not processed\n");
  239 + }
  240 + }
  241 + /* Save status of EEPROM. */
  242 + eeprom->tick = tick;
  243 + eeprom->eecs = eecs;
  244 + eeprom->eesk = eesk;
  245 + eeprom->eedo = eedo;
  246 + eeprom->address = address;
  247 + eeprom->command = command;
  248 +}
  249 +
  250 +uint16_t eeprom93xx_read(eeprom_t *eeprom)
  251 +{
  252 + /* Return status of pin DO (0 or 1). */
  253 + logout("CS=%u DO=%u\n", eeprom->eecs, eeprom->eedo);
  254 + return (eeprom->eedo);
  255 +}
  256 +
  257 +#if 0
  258 +void eeprom93xx_reset(eeprom_t *eeprom)
  259 +{
  260 + /* prepare eeprom */
  261 + logout("eeprom = 0x%p\n", eeprom);
  262 + eeprom->tick = 0;
  263 + eeprom->command = 0;
  264 +}
  265 +#endif
  266 +
  267 +eeprom_t *eeprom93xx_new(uint16_t nwords)
  268 +{
  269 + /* Add a new EEPROM (with 16, 64 or 256 words). */
  270 + eeprom_t *eeprom;
  271 + uint8_t addrbits;
  272 +
  273 + switch (nwords) {
  274 + case 16:
  275 + case 64:
  276 + addrbits = 6;
  277 + break;
  278 + case 128:
  279 + case 256:
  280 + addrbits = 8;
  281 + break;
  282 + default:
  283 + assert(!"Unsupported EEPROM size, fallback to 64 words!");
  284 + nwords = 64;
  285 + addrbits = 6;
  286 + }
  287 +
  288 + eeprom = (eeprom_t *)qemu_mallocz(sizeof(*eeprom) + nwords * 2);
  289 + eeprom->size = nwords;
  290 + eeprom->addrbits = addrbits;
  291 + /* Output DO is tristate, read results in 1. */
  292 + eeprom->eedo = 1;
  293 + logout("eeprom = 0x%p, nwords = %u\n", eeprom, nwords);
  294 + register_savevm("eeprom", eeprom_instance, eeprom_version,
  295 + eeprom_save, eeprom_load, eeprom);
  296 + return eeprom;
  297 +}
  298 +
  299 +void eeprom93xx_free(eeprom_t *eeprom)
  300 +{
  301 + /* Destroy EEPROM. */
  302 + logout("eeprom = 0x%p\n", eeprom);
  303 + qemu_free(eeprom);
  304 +}
  305 +
  306 +uint16_t *eeprom93xx_data(eeprom_t *eeprom)
  307 +{
  308 + /* Get EEPROM data array. */
  309 + return &eeprom->contents[0];
  310 +}
  311 +
  312 +/* eof */
... ...
hw/eeprom93xx.h 0 → 100644
  View file @663e8e5
  1 +/*
  2 + * QEMU EEPROM 93xx emulation
  3 + *
  4 + * Copyright (c) 2006-2007 Stefan Weil
  5 + *
  6 + * This program is free software; you can redistribute it and/or modify
  7 + * it under the terms of the GNU General Public License as published by
  8 + * the Free Software Foundation; either version 2 of the License, or
  9 + * (at your option) any later version.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU General Public License
  17 + * along with this program; if not, write to the Free Software
  18 + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  19 + */
  20 +
  21 +#ifndef EEPROM93XX_H
  22 +#define EEPROM93XX_H
  23 +
  24 +#include "vl.h"
  25 +
  26 +typedef struct _eeprom_t eeprom_t;
  27 +
  28 +/* Create a new EEPROM with (nwords * 2) bytes. */
  29 +eeprom_t *eeprom93xx_new(uint16_t nwords);
  30 +
  31 +/* Destroy an existing EEPROM. */
  32 +void eeprom93xx_free(eeprom_t *eeprom);
  33 +
  34 +/* Read from the EEPROM. */
  35 +uint16_t eeprom93xx_read(eeprom_t *eeprom);
  36 +
  37 +/* Write to the EEPROM. */
  38 +void eeprom93xx_write(eeprom_t *eeprom, int eecs, int eesk, int eedi);
  39 +
  40 +/* Get EEPROM data array. */
  41 +uint16_t *eeprom93xx_data(eeprom_t *eeprom);
  42 +
  43 +#endif /* EEPROM93XX_H */
... ...
hw/pci.c
  View file @663e8e5
... ... @@ -548,6 +548,12 @@ void pci_nic_init(PCIBus *bus, NICInfo *nd, int devfn)
548 548 {
549 549 if (strcmp(nd->model, "ne2k_pci") == 0) {
550 550 pci_ne2000_init(bus, nd, devfn);
  551 + } else if (strcmp(nd->model, "i82551") == 0) {
  552 + pci_i82551_init(bus, nd, devfn);
  553 + } else if (strcmp(nd->model, "i82557b") == 0) {
  554 + pci_i82557b_init(bus, nd, devfn);
  555 + } else if (strcmp(nd->model, "i82559er") == 0) {
  556 + pci_i82559er_init(bus, nd, devfn);
551 557 } else if (strcmp(nd->model, "rtl8139") == 0) {
552 558 pci_rtl8139_init(bus, nd, devfn);
553 559 } else if (strcmp(nd->model, "pcnet") == 0) {
... ...
... ... @@ -1009,6 +1009,12 @@ fdctrl_t *fdctrl_init (int irq_lvl, int dma_chann, int mem_mapped,
1009 1009 BlockDriverState **fds);
1010 1010 int fdctrl_get_drive_type(fdctrl_t *fdctrl, int drive_num);
1011 1011  
  1012 +/* eepro100.c */
  1013 +
  1014 +void pci_i82551_init(PCIBus *bus, NICInfo *nd, int devfn);
  1015 +void pci_i82557b_init(PCIBus *bus, NICInfo *nd, int devfn);
  1016 +void pci_i82559er_init(PCIBus *bus, NICInfo *nd, int devfn);
  1017 +
1012 1018 /* ne2000.c */
1013 1019  
1014 1020 void isa_ne2000_init(int base, int irq, NICInfo *nd);
... ...