2 * QEMU RTL8139 emulation
4 * Copyright (c) 2006 Igor Kovalenko
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 * 2006-Jan-28 Mark Malakanov : TSAD and CSCR implementation (for Windows driver)
32 /* debug RTL8139 card */
33 //#define DEBUG_RTL8139 1
35 /* debug RTL8139 card C+ mode only */
36 //#define DEBUG_RTL8139CP 1
38 /* RTL8139 provides frame CRC with received packet, this feature seems to be
39 ignored by most drivers, disabled by default */
40 //#define RTL8139_CALCULATE_RXCRC 1
43 #if defined(RTL8139_CALCULATE_RXCRC)
48 #define SET_MASKED(input, mask, curr) \
49 ( ( (input) & ~(mask) ) | ( (curr) & (mask) ) )
51 /* arg % size for size which is a power of 2 */
52 #define MOD2(input, size) \
53 ( ( input ) & ( size - 1 ) )
55 /* Symbolic offsets to registers. */
56 enum RTL8139_registers {
57 MAC0 = 0, /* Ethernet hardware address. */
58 MAR0 = 8, /* Multicast filter. */
59 TxStatus0 = 0x10, /* Transmit status (Four 32bit registers). */
60 TxAddr0 = 0x20, /* Tx descriptors (also four 32bit). */
69 Timer = 0x48, /* A general-purpose counter. */
70 RxMissed = 0x4C, /* 24 bits valid, write clears. */
77 Config4 = 0x5A, /* absent on RTL-8139A */
81 TxSummary = 0x60, /* TSAD register. Transmit Status of All Descriptors*/
83 BasicModeStatus = 0x64,
87 /* Undocumented registers, but required for proper operation. */
88 FIFOTMS = 0x70, /* FIFO Control and test. */
89 CSCR = 0x74, /* Chip Status and Configuration Register. */
91 PARA7c = 0x7c, /* Magic transceiver parameter register. */
92 Config5 = 0xD8, /* absent on RTL-8139A */
94 TxPoll = 0xD9, /* Tell chip to check Tx descriptors for work */
95 RxMaxSize = 0xDA, /* Max size of an Rx packet (8169 only) */
96 CpCmd = 0xE0, /* C+ Command register (C+ mode only) */
97 IntrMitigate = 0xE2, /* rx/tx interrupt mitigation control */
98 RxRingAddrLO = 0xE4, /* 64-bit start addr of Rx ring */
99 RxRingAddrHI = 0xE8, /* 64-bit start addr of Rx ring */
100 TxThresh = 0xEC, /* Early Tx threshold */
104 MultiIntrClear = 0xF000,
106 Config1Clear = (1<<7)|(1<<6)|(1<<3)|(1<<2)|(1<<1),
122 /* Interrupt register bits, using my own meaningful names. */
123 enum IntrStatusBits {
134 RxAckBits = RxFIFOOver | RxOverflow | RxOK,
141 TxOutOfWindow = 0x20000000,
142 TxAborted = 0x40000000,
143 TxCarrierLost = 0x80000000,
146 RxMulticast = 0x8000,
148 RxBroadcast = 0x2000,
149 RxBadSymbol = 0x0020,
157 /* Bits in RxConfig. */
161 AcceptBroadcast = 0x08,
162 AcceptMulticast = 0x04,
164 AcceptAllPhys = 0x01,
167 /* Bits in TxConfig. */
168 enum tx_config_bits {
170 /* Interframe Gap Time. Only TxIFG96 doesn't violate IEEE 802.3 */
172 TxIFG84 = (0 << TxIFGShift), /* 8.4us / 840ns (10 / 100Mbps) */
173 TxIFG88 = (1 << TxIFGShift), /* 8.8us / 880ns (10 / 100Mbps) */
174 TxIFG92 = (2 << TxIFGShift), /* 9.2us / 920ns (10 / 100Mbps) */
175 TxIFG96 = (3 << TxIFGShift), /* 9.6us / 960ns (10 / 100Mbps) */
177 TxLoopBack = (1 << 18) | (1 << 17), /* enable loopback test mode */
178 TxCRC = (1 << 16), /* DISABLE appending CRC to end of Tx packets */
179 TxClearAbt = (1 << 0), /* Clear abort (WO) */
180 TxDMAShift = 8, /* DMA burst value (0-7) is shifted this many bits */
181 TxRetryShift = 4, /* TXRR value (0-15) is shifted this many bits */
183 TxVersionMask = 0x7C800000, /* mask out version bits 30-26, 23 */
187 /* Transmit Status of All Descriptors (TSAD) Register */
189 TSAD_TOK3 = 1<<15, // TOK bit of Descriptor 3
190 TSAD_TOK2 = 1<<14, // TOK bit of Descriptor 2
191 TSAD_TOK1 = 1<<13, // TOK bit of Descriptor 1
192 TSAD_TOK0 = 1<<12, // TOK bit of Descriptor 0
193 TSAD_TUN3 = 1<<11, // TUN bit of Descriptor 3
194 TSAD_TUN2 = 1<<10, // TUN bit of Descriptor 2
195 TSAD_TUN1 = 1<<9, // TUN bit of Descriptor 1
196 TSAD_TUN0 = 1<<8, // TUN bit of Descriptor 0
197 TSAD_TABT3 = 1<<07, // TABT bit of Descriptor 3
198 TSAD_TABT2 = 1<<06, // TABT bit of Descriptor 2
199 TSAD_TABT1 = 1<<05, // TABT bit of Descriptor 1
200 TSAD_TABT0 = 1<<04, // TABT bit of Descriptor 0
201 TSAD_OWN3 = 1<<03, // OWN bit of Descriptor 3
202 TSAD_OWN2 = 1<<02, // OWN bit of Descriptor 2
203 TSAD_OWN1 = 1<<01, // OWN bit of Descriptor 1
204 TSAD_OWN0 = 1<<00, // OWN bit of Descriptor 0
208 /* Bits in Config1 */
210 Cfg1_PM_Enable = 0x01,
211 Cfg1_VPD_Enable = 0x02,
214 LWAKE = 0x10, /* not on 8139, 8139A */
215 Cfg1_Driver_Load = 0x20,
218 SLEEP = (1 << 1), /* only on 8139, 8139A */
219 PWRDN = (1 << 0), /* only on 8139, 8139A */
222 /* Bits in Config3 */
224 Cfg3_FBtBEn = (1 << 0), /* 1 = Fast Back to Back */
225 Cfg3_FuncRegEn = (1 << 1), /* 1 = enable CardBus Function registers */
226 Cfg3_CLKRUN_En = (1 << 2), /* 1 = enable CLKRUN */
227 Cfg3_CardB_En = (1 << 3), /* 1 = enable CardBus registers */
228 Cfg3_LinkUp = (1 << 4), /* 1 = wake up on link up */
229 Cfg3_Magic = (1 << 5), /* 1 = wake up on Magic Packet (tm) */
230 Cfg3_PARM_En = (1 << 6), /* 0 = software can set twister parameters */
231 Cfg3_GNTSel = (1 << 7), /* 1 = delay 1 clock from PCI GNT signal */
234 /* Bits in Config4 */
236 LWPTN = (1 << 2), /* not on 8139, 8139A */
239 /* Bits in Config5 */
241 Cfg5_PME_STS = (1 << 0), /* 1 = PCI reset resets PME_Status */
242 Cfg5_LANWake = (1 << 1), /* 1 = enable LANWake signal */
243 Cfg5_LDPS = (1 << 2), /* 0 = save power when link is down */
244 Cfg5_FIFOAddrPtr = (1 << 3), /* Realtek internal SRAM testing */
245 Cfg5_UWF = (1 << 4), /* 1 = accept unicast wakeup frame */
246 Cfg5_MWF = (1 << 5), /* 1 = accept multicast wakeup frame */
247 Cfg5_BWF = (1 << 6), /* 1 = accept broadcast wakeup frame */
251 /* rx fifo threshold */
253 RxCfgFIFONone = (7 << RxCfgFIFOShift),
257 RxCfgDMAUnlimited = (7 << RxCfgDMAShift),
259 /* rx ring buffer length */
261 RxCfgRcv16K = (1 << 11),
262 RxCfgRcv32K = (1 << 12),
263 RxCfgRcv64K = (1 << 11) | (1 << 12),
265 /* Disable packet wrap at end of Rx buffer. (not possible with 64k) */
269 /* Twister tuning parameters from RealTek.
270 Completely undocumented, but required to tune bad links on some boards. */
273 CSCR_LinkOKBit = 0x0400,
274 CSCR_LinkChangeBit = 0x0800,
275 CSCR_LinkStatusBits = 0x0f000,
276 CSCR_LinkDownOffCmd = 0x003c0,
277 CSCR_LinkDownCmd = 0x0f3c0,
280 CSCR_Testfun = 1<<15, /* 1 = Auto-neg speeds up internal timer, WO, def 0 */
281 CSCR_LD = 1<<9, /* Active low TPI link disable signal. When low, TPI still transmits link pulses and TPI stays in good link state. def 1*/
282 CSCR_HEART_BIT = 1<<8, /* 1 = HEART BEAT enable, 0 = HEART BEAT disable. HEART BEAT function is only valid in 10Mbps mode. def 1*/
283 CSCR_JBEN = 1<<7, /* 1 = enable jabber function. 0 = disable jabber function, def 1*/
284 CSCR_F_LINK_100 = 1<<6, /* Used to login force good link in 100Mbps for diagnostic purposes. 1 = DISABLE, 0 = ENABLE. def 1*/
285 CSCR_F_Connect = 1<<5, /* Assertion of this bit forces the disconnect function to be bypassed. def 0*/
286 CSCR_Con_status = 1<<3, /* This bit indicates the status of the connection. 1 = valid connected link detected; 0 = disconnected link detected. RO def 0*/
287 CSCR_Con_status_En = 1<<2, /* Assertion of this bit configures LED1 pin to indicate connection status. def 0*/
288 CSCR_PASS_SCR = 1<<0, /* Bypass Scramble, def 0*/
293 Cfg9346_Unlock = 0xC0,
310 HasHltClk = (1 << 0),
314 #define HW_REVID(b30, b29, b28, b27, b26, b23, b22) \
315 (b30<<30 | b29<<29 | b28<<28 | b27<<27 | b26<<26 | b23<<23 | b22<<22)
316 #define HW_REVID_MASK HW_REVID(1, 1, 1, 1, 1, 1, 1)
318 /* Size is 64 * 16bit words */
319 #define EEPROM_9346_ADDR_BITS 6
320 #define EEPROM_9346_SIZE (1 << EEPROM_9346_ADDR_BITS)
321 #define EEPROM_9346_ADDR_MASK (EEPROM_9346_SIZE - 1)
323 enum Chip9346Operation
325 Chip9346_op_mask = 0xc0, /* 10 zzzzzz */
326 Chip9346_op_read = 0x80, /* 10 AAAAAA */
327 Chip9346_op_write = 0x40, /* 01 AAAAAA D(15)..D(0) */
328 Chip9346_op_ext_mask = 0xf0, /* 11 zzzzzz */
329 Chip9346_op_write_enable = 0x30, /* 00 11zzzz */
330 Chip9346_op_write_all = 0x10, /* 00 01zzzz */
331 Chip9346_op_write_disable = 0x00, /* 00 00zzzz */
337 Chip9346_enter_command_mode,
338 Chip9346_read_command,
339 Chip9346_data_read, /* from output register */
340 Chip9346_data_write, /* to input register, then to contents at specified address */
341 Chip9346_data_write_all, /* to input register, then filling contents */
344 typedef struct EEprom9346
346 uint16_t contents[EEPROM_9346_SIZE];
359 typedef struct RTL8139State {
360 uint8_t phys[8]; /* mac address */
361 uint8_t mult[8]; /* multicast mask array */
363 uint32_t TxStatus[4]; /* TxStatus0 */
364 uint32_t TxAddr[4]; /* TxAddr0 */
365 uint32_t RxBuf; /* Receive buffer */
366 uint32_t RxBufferSize;/* internal variable, receive ring buffer size in C mode */
386 uint8_t clock_enabled;
387 uint8_t bChipCmdState;
391 uint16_t BasicModeCtrl;
392 uint16_t BasicModeStatus;
395 uint16_t NWayExpansion;
404 int rtl8139_mmio_io_addr;
410 uint32_t currCPlusRxDesc;
411 uint32_t currCPlusTxDesc;
413 uint32_t RxRingAddrLO;
414 uint32_t RxRingAddrHI;
420 void prom9346_decode_command(EEprom9346 *eeprom, uint8_t command)
422 #if defined(DEBUG_RTL8139)
423 printf("RTL8139: eeprom command 0x%02x\n", command);
426 switch (command & Chip9346_op_mask)
428 case Chip9346_op_read:
430 eeprom->address = command & EEPROM_9346_ADDR_MASK;
431 eeprom->output = eeprom->contents[eeprom->address];
434 eeprom->mode = Chip9346_data_read;
435 #if defined(DEBUG_RTL8139)
436 printf("RTL8139: eeprom read from address 0x%02x data=0x%04x\n",
437 eeprom->address, eeprom->output);
442 case Chip9346_op_write:
444 eeprom->address = command & EEPROM_9346_ADDR_MASK;
447 eeprom->mode = Chip9346_none; /* Chip9346_data_write */
448 #if defined(DEBUG_RTL8139)
449 printf("RTL8139: eeprom begin write to address 0x%02x\n",
455 eeprom->mode = Chip9346_none;
456 switch (command & Chip9346_op_ext_mask)
458 case Chip9346_op_write_enable:
459 #if defined(DEBUG_RTL8139)
460 printf("RTL8139: eeprom write enabled\n");
463 case Chip9346_op_write_all:
464 #if defined(DEBUG_RTL8139)
465 printf("RTL8139: eeprom begin write all\n");
468 case Chip9346_op_write_disable:
469 #if defined(DEBUG_RTL8139)
470 printf("RTL8139: eeprom write disabled\n");
478 void prom9346_shift_clock(EEprom9346 *eeprom)
480 int bit = eeprom->eedi?1:0;
484 #if defined(DEBUG_RTL8139)
485 printf("eeprom: tick %d eedi=%d eedo=%d\n", eeprom->tick, eeprom->eedi, eeprom->eedo);
488 switch (eeprom->mode)
490 case Chip9346_enter_command_mode:
493 eeprom->mode = Chip9346_read_command;
496 #if defined(DEBUG_RTL8139)
497 printf("eeprom: +++ synchronized, begin command read\n");
502 case Chip9346_read_command:
503 eeprom->input = (eeprom->input << 1) | (bit & 1);
504 if (eeprom->tick == 8)
506 prom9346_decode_command(eeprom, eeprom->input & 0xff);
510 case Chip9346_data_read:
511 eeprom->eedo = (eeprom->output & 0x8000)?1:0;
512 eeprom->output <<= 1;
513 if (eeprom->tick == 16)
516 eeprom->address &= EEPROM_9346_ADDR_MASK;
517 eeprom->output = eeprom->contents[eeprom->address];
520 #if defined(DEBUG_RTL8139)
521 printf("eeprom: +++ read next address 0x%02x data=0x%04x\n",
522 eeprom->address, eeprom->output);
527 case Chip9346_data_write:
528 eeprom->input = (eeprom->input << 1) | (bit & 1);
529 if (eeprom->tick == 16)
531 #if defined(DEBUG_RTL8139)
532 printf("RTL8139: eeprom write to address 0x%02x data=0x%04x\n",
533 eeprom->address, eeprom->input);
535 eeprom->contents[eeprom->address] = eeprom->input;
536 eeprom->mode = Chip9346_none; /* waiting for next command after CS cycle */
542 case Chip9346_data_write_all:
543 eeprom->input = (eeprom->input << 1) | (bit & 1);
544 if (eeprom->tick == 16)
547 for (i = 0; i < EEPROM_9346_SIZE; i++)
549 eeprom->contents[i] = eeprom->input;
551 #if defined(DEBUG_RTL8139)
552 printf("RTL8139: eeprom filled with data=0x%04x\n",
555 eeprom->mode = Chip9346_enter_command_mode;
566 int prom9346_get_wire(RTL8139State *s)
568 EEprom9346 *eeprom = &s->eeprom;
575 void prom9346_set_wire(RTL8139State *s, int eecs, int eesk, int eedi)
577 EEprom9346 *eeprom = &s->eeprom;
578 uint8_t old_eecs = eeprom->eecs;
579 uint8_t old_eesk = eeprom->eesk;
585 #if defined(DEBUG_RTL8139)
586 printf("eeprom: +++ wires CS=%d SK=%d DI=%d DO=%d\n", eeprom->eecs, eeprom->eesk, eeprom->eedi, eeprom->eedo);
589 if (!old_eecs && eecs)
591 /* Synchronize start */
595 eeprom->mode = Chip9346_enter_command_mode;
597 #if defined(DEBUG_RTL8139)
598 printf("=== eeprom: begin access, enter command mode\n");
605 #if defined(DEBUG_RTL8139)
606 printf("=== eeprom: end access\n");
611 if (!old_eesk && eesk)
614 prom9346_shift_clock(eeprom);
618 static void rtl8139_update_irq(RTL8139State *s)
621 isr = (s->IntrStatus & s->IntrMask) & 0xffff;
622 #if defined(DEBUG_RTL8139)
623 printf("RTL8139: Set IRQ line %d to %d (%04x %04x)\n",
624 s->irq, isr ? 1 : 0, s->IntrStatus, s->IntrMask);
628 pci_set_irq(s->pci_dev, 0, (isr != 0));
631 pic_set_irq(s->irq, (isr != 0));
635 #define POLYNOMIAL 0x04c11db6
639 static int compute_mcast_idx(const uint8_t *ep)
646 for (i = 0; i < 6; i++) {
648 for (j = 0; j < 8; j++) {
649 carry = ((crc & 0x80000000L) ? 1 : 0) ^ (b & 0x01);
653 crc = ((crc ^ POLYNOMIAL) | carry);
659 static int rtl8139_RxWrap(RTL8139State *s)
661 /* wrapping enabled; assume 1.5k more buffer space if size < 65536 */
662 return (s->RxConfig & (1 << 7));
665 static int rtl8139_receiver_enabled(RTL8139State *s)
667 return s->bChipCmdState & CmdRxEnb;
670 static int rtl8139_transmitter_enabled(RTL8139State *s)
672 return s->bChipCmdState & CmdTxEnb;
675 static int rtl8139_cp_receiver_enabled(RTL8139State *s)
677 return s->CpCmd & CPlusRxEnb;
680 static int rtl8139_cp_transmitter_enabled(RTL8139State *s)
682 return s->CpCmd & CPlusTxEnb;
685 static void rtl8139_write_buffer(RTL8139State *s, const void *buf, int size)
687 if (s->RxBufAddr + size > s->RxBufferSize)
689 int wrapped = MOD2(s->RxBufAddr + size, s->RxBufferSize);
691 /* write packet data */
692 if (wrapped && s->RxBufferSize < 65536 && !rtl8139_RxWrap(s))
694 #if defined(DEBUG_RTL8139)
695 printf(">>> RTL8139: rx packet wrapped in buffer at %d\n", size-wrapped);
700 cpu_physical_memory_write( s->RxBuf + s->RxBufAddr,
704 /* reset buffer pointer */
707 cpu_physical_memory_write( s->RxBuf + s->RxBufAddr,
708 buf + (size-wrapped), wrapped );
710 s->RxBufAddr = wrapped;
716 /* non-wrapping path or overwrapping enabled */
717 cpu_physical_memory_write( s->RxBuf + s->RxBufAddr, buf, size );
719 s->RxBufAddr += size;
722 #define MIN_BUF_SIZE 60
723 static inline target_phys_addr_t rtl8139_addr64(uint32_t low, uint32_t high)
725 #if TARGET_PHYS_ADDR_BITS > 32
726 return low | ((target_phys_addr_t)high << 32);
732 static int rtl8139_can_receive(void *opaque)
734 RTL8139State *s = opaque;
737 /* Recieve (drop) packets if card is disabled. */
738 if (!s->clock_enabled)
740 if (!rtl8139_receiver_enabled(s))
743 if (rtl8139_cp_receiver_enabled(s)) {
744 /* ??? Flow control not implemented in c+ mode.
745 This is a hack to work around slirp deficiencies anyway. */
748 avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr,
750 return (avail == 0 || avail >= 1514);
754 static void rtl8139_receive(void *opaque, const uint8_t *buf, int size)
756 RTL8139State *s = opaque;
758 uint32_t packet_header = 0;
761 static const uint8_t broadcast_macaddr[6] =
762 { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
764 #if defined(DEBUG_RTL8139)
765 printf(">>> RTL8139: received len=%d\n", size);
768 /* test if board clock is stopped */
769 if (!s->clock_enabled)
771 #if defined(DEBUG_RTL8139)
772 printf("RTL8139: stopped ==========================\n");
777 /* first check if receiver is enabled */
779 if (!rtl8139_receiver_enabled(s))
781 #if defined(DEBUG_RTL8139)
782 printf("RTL8139: receiver disabled ================\n");
787 /* XXX: check this */
788 if (s->RxConfig & AcceptAllPhys) {
789 /* promiscuous: receive all */
790 #if defined(DEBUG_RTL8139)
791 printf(">>> RTL8139: packet received in promiscuous mode\n");
795 if (!memcmp(buf, broadcast_macaddr, 6)) {
796 /* broadcast address */
797 if (!(s->RxConfig & AcceptBroadcast))
799 #if defined(DEBUG_RTL8139)
800 printf(">>> RTL8139: broadcast packet rejected\n");
805 packet_header |= RxBroadcast;
807 #if defined(DEBUG_RTL8139)
808 printf(">>> RTL8139: broadcast packet received\n");
810 } else if (buf[0] & 0x01) {
812 if (!(s->RxConfig & AcceptMulticast))
814 #if defined(DEBUG_RTL8139)
815 printf(">>> RTL8139: multicast packet rejected\n");
820 int mcast_idx = compute_mcast_idx(buf);
822 if (!(s->mult[mcast_idx >> 3] & (1 << (mcast_idx & 7))))
824 #if defined(DEBUG_RTL8139)
825 printf(">>> RTL8139: multicast address mismatch\n");
830 packet_header |= RxMulticast;
832 #if defined(DEBUG_RTL8139)
833 printf(">>> RTL8139: multicast packet received\n");
835 } else if (s->phys[0] == buf[0] &&
836 s->phys[1] == buf[1] &&
837 s->phys[2] == buf[2] &&
838 s->phys[3] == buf[3] &&
839 s->phys[4] == buf[4] &&
840 s->phys[5] == buf[5]) {
842 if (!(s->RxConfig & AcceptMyPhys))
844 #if defined(DEBUG_RTL8139)
845 printf(">>> RTL8139: rejecting physical address matching packet\n");
850 packet_header |= RxPhysical;
852 #if defined(DEBUG_RTL8139)
853 printf(">>> RTL8139: physical address matching packet received\n");
858 #if defined(DEBUG_RTL8139)
859 printf(">>> RTL8139: unknown packet\n");
865 /* if too small buffer, then expand it */
866 if (size < MIN_BUF_SIZE) {
867 memcpy(buf1, buf, size);
868 memset(buf1 + size, 0, MIN_BUF_SIZE - size);
873 if (rtl8139_cp_receiver_enabled(s))
875 #if defined(DEBUG_RTL8139)
876 printf("RTL8139: in C+ Rx mode ================\n");
879 /* begin C+ receiver mode */
881 /* w0 ownership flag */
882 #define CP_RX_OWN (1<<31)
883 /* w0 end of ring flag */
884 #define CP_RX_EOR (1<<30)
885 /* w0 bits 0...12 : buffer size */
886 #define CP_RX_BUFFER_SIZE_MASK ((1<<13) - 1)
887 /* w1 tag available flag */
888 #define CP_RX_TAVA (1<<16)
889 /* w1 bits 0...15 : VLAN tag */
890 #define CP_RX_VLAN_TAG_MASK ((1<<16) - 1)
891 /* w2 low 32bit of Rx buffer ptr */
892 /* w3 high 32bit of Rx buffer ptr */
894 int descriptor = s->currCPlusRxDesc;
895 target_phys_addr_t cplus_rx_ring_desc;
897 cplus_rx_ring_desc = rtl8139_addr64(s->RxRingAddrLO, s->RxRingAddrHI);
898 cplus_rx_ring_desc += 16 * descriptor;
901 printf("RTL8139: +++ C+ mode reading RX descriptor %d from host memory at %08x %08x = 0x%8lx\n",
902 descriptor, s->RxRingAddrHI, s->RxRingAddrLO, cplus_rx_ring_desc);
905 uint32_t val, rxdw0,rxdw1,rxbufLO,rxbufHI;
907 cpu_physical_memory_read(cplus_rx_ring_desc, (uint8_t *)&val, 4);
908 rxdw0 = le32_to_cpu(val);
909 cpu_physical_memory_read(cplus_rx_ring_desc+4, (uint8_t *)&val, 4);
910 rxdw1 = le32_to_cpu(val);
911 cpu_physical_memory_read(cplus_rx_ring_desc+8, (uint8_t *)&val, 4);
912 rxbufLO = le32_to_cpu(val);
913 cpu_physical_memory_read(cplus_rx_ring_desc+12, (uint8_t *)&val, 4);
914 rxbufHI = le32_to_cpu(val);
917 printf("RTL8139: +++ C+ mode RX descriptor %d %08x %08x %08x %08x\n",
919 rxdw0, rxdw1, rxbufLO, rxbufHI);
922 if (!(rxdw0 & CP_RX_OWN))
924 #if defined(DEBUG_RTL8139)
925 printf("RTL8139: C+ Rx mode : descriptor %d is owned by host\n", descriptor);
927 s->IntrStatus |= RxOverflow;
929 rtl8139_update_irq(s);
933 uint32_t rx_space = rxdw0 & CP_RX_BUFFER_SIZE_MASK;
935 if (size+4 > rx_space)
937 #if defined(DEBUG_RTL8139)
938 printf("RTL8139: C+ Rx mode : descriptor %d size %d received %d + 4\n",
939 descriptor, rx_space, size);
941 s->IntrStatus |= RxOverflow;
943 rtl8139_update_irq(s);
947 target_phys_addr_t rx_addr = rtl8139_addr64(rxbufLO, rxbufHI);
949 /* receive/copy to target memory */
950 cpu_physical_memory_write( rx_addr, buf, size );
953 #if defined (RTL8139_CALCULATE_RXCRC)
954 val = cpu_to_le32(crc32(~0, buf, size));
958 cpu_physical_memory_write( rx_addr+size, (uint8_t *)&val, 4);
960 /* first segment of received packet flag */
961 #define CP_RX_STATUS_FS (1<<29)
962 /* last segment of received packet flag */
963 #define CP_RX_STATUS_LS (1<<28)
964 /* multicast packet flag */
965 #define CP_RX_STATUS_MAR (1<<26)
966 /* physical-matching packet flag */
967 #define CP_RX_STATUS_PAM (1<<25)
968 /* broadcast packet flag */
969 #define CP_RX_STATUS_BAR (1<<24)
970 /* runt packet flag */
971 #define CP_RX_STATUS_RUNT (1<<19)
973 #define CP_RX_STATUS_CRC (1<<18)
974 /* IP checksum error flag */
975 #define CP_RX_STATUS_IPF (1<<15)
976 /* UDP checksum error flag */
977 #define CP_RX_STATUS_UDPF (1<<14)
978 /* TCP checksum error flag */
979 #define CP_RX_STATUS_TCPF (1<<13)
981 /* transfer ownership to target */
984 /* set first segment bit */
985 rxdw0 |= CP_RX_STATUS_FS;
987 /* set last segment bit */
988 rxdw0 |= CP_RX_STATUS_LS;
990 /* set received packet type flags */
991 if (packet_header & RxBroadcast)
992 rxdw0 |= CP_RX_STATUS_BAR;
993 if (packet_header & RxMulticast)
994 rxdw0 |= CP_RX_STATUS_MAR;
995 if (packet_header & RxPhysical)
996 rxdw0 |= CP_RX_STATUS_PAM;
998 /* set received size */
999 rxdw0 &= ~CP_RX_BUFFER_SIZE_MASK;
1002 /* reset VLAN tag flag */
1003 rxdw1 &= ~CP_RX_TAVA;
1005 /* update ring data */
1006 val = cpu_to_le32(rxdw0);
1007 cpu_physical_memory_write(cplus_rx_ring_desc, (uint8_t *)&val, 4);
1008 val = cpu_to_le32(rxdw1);
1009 cpu_physical_memory_write(cplus_rx_ring_desc+4, (uint8_t *)&val, 4);
1011 /* seek to next Rx descriptor */
1012 if (rxdw0 & CP_RX_EOR)
1014 s->currCPlusRxDesc = 0;
1018 ++s->currCPlusRxDesc;
1021 #if defined(DEBUG_RTL8139)
1022 printf("RTL8139: done C+ Rx mode ----------------\n");
1028 #if defined(DEBUG_RTL8139)
1029 printf("RTL8139: in ring Rx mode ================\n");
1031 /* begin ring receiver mode */
1032 int avail = MOD2(s->RxBufferSize + s->RxBufPtr - s->RxBufAddr, s->RxBufferSize);
1034 /* if receiver buffer is empty then avail == 0 */
1036 if (avail != 0 && size + 8 >= avail)
1038 #if defined(DEBUG_RTL8139)
1039 printf("rx overflow: rx buffer length %d head 0x%04x read 0x%04x === available 0x%04x need 0x%04x\n",
1040 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr, avail, size + 8);
1042 s->IntrStatus |= RxOverflow;
1044 rtl8139_update_irq(s);
1048 packet_header |= RxStatusOK;
1050 packet_header |= (((size+4) << 16) & 0xffff0000);
1053 uint32_t val = cpu_to_le32(packet_header);
1055 rtl8139_write_buffer(s, (uint8_t *)&val, 4);
1057 rtl8139_write_buffer(s, buf, size);
1059 /* write checksum */
1060 #if defined (RTL8139_CALCULATE_RXCRC)
1061 val = cpu_to_le32(crc32(~0, buf, size));
1066 rtl8139_write_buffer(s, (uint8_t *)&val, 4);
1068 /* correct buffer write pointer */
1069 s->RxBufAddr = MOD2((s->RxBufAddr + 3) & ~0x3, s->RxBufferSize);
1071 /* now we can signal we have received something */
1073 #if defined(DEBUG_RTL8139)
1074 printf(" received: rx buffer length %d head 0x%04x read 0x%04x\n",
1075 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr);
1080 s->IntrStatus |= RxOK;
1081 rtl8139_update_irq(s);
1084 static void rtl8139_reset_rxring(RTL8139State *s, uint32_t bufferSize)
1086 s->RxBufferSize = bufferSize;
1091 static void rtl8139_reset(RTL8139State *s)
1095 /* restore MAC address */
1096 memcpy(s->phys, s->macaddr, 6);
1098 /* reset interrupt mask */
1102 rtl8139_update_irq(s);
1104 /* prepare eeprom */
1105 s->eeprom.contents[0] = 0x8129;
1106 memcpy(&s->eeprom.contents[7], s->macaddr, 6);
1108 /* mark all status registers as owned by host */
1109 for (i = 0; i < 4; ++i)
1111 s->TxStatus[i] = TxHostOwns;
1115 s->currCPlusRxDesc = 0;
1116 s->currCPlusTxDesc = 0;
1118 s->RxRingAddrLO = 0;
1119 s->RxRingAddrHI = 0;
1123 rtl8139_reset_rxring(s, 8192);
1129 // s->TxConfig |= HW_REVID(1, 0, 0, 0, 0, 0, 0); // RTL-8139 HasHltClk
1130 s->clock_enabled = 0;
1132 s->TxConfig |= HW_REVID(1, 1, 1, 0, 1, 0, 0); // RTL-8139C HasLWake
1133 s->clock_enabled = 1;
1136 s->bChipCmdState = CmdReset; /* RxBufEmpty bit is calculated on read from ChipCmd */;
1138 /* set initial state data */
1139 s->Config0 = 0x0; /* No boot ROM */
1140 s->Config1 = 0xC; /* IO mapped and MEM mapped registers available */
1141 s->Config3 = 0x1; /* fast back-to-back compatible */
1144 s->CSCR = CSCR_F_LINK_100 | CSCR_HEART_BIT | CSCR_LD;
1146 s->CpCmd = 0x0; /* reset C+ mode */
1148 // s->BasicModeCtrl = 0x3100; // 100Mbps, full duplex, autonegotiation
1149 // s->BasicModeCtrl = 0x2100; // 100Mbps, full duplex
1150 s->BasicModeCtrl = 0x1000; // autonegotiation
1152 s->BasicModeStatus = 0x7809;
1153 //s->BasicModeStatus |= 0x0040; /* UTP medium */
1154 s->BasicModeStatus |= 0x0020; /* autonegotiation completed */
1155 s->BasicModeStatus |= 0x0004; /* link is up */
1157 s->NWayAdvert = 0x05e1; /* all modes, full duplex */
1158 s->NWayLPAR = 0x05e1; /* all modes, full duplex */
1159 s->NWayExpansion = 0x0001; /* autonegotiation supported */
1162 static void rtl8139_ChipCmd_write(RTL8139State *s, uint32_t val)
1166 #ifdef DEBUG_RTL8139
1167 printf("RTL8139: ChipCmd write val=0x%08x\n", val);
1172 #ifdef DEBUG_RTL8139
1173 printf("RTL8139: ChipCmd reset\n");
1179 #ifdef DEBUG_RTL8139
1180 printf("RTL8139: ChipCmd enable receiver\n");
1185 #ifdef DEBUG_RTL8139
1186 printf("RTL8139: ChipCmd enable transmitter\n");
1190 /* mask unwriteable bits */
1191 val = SET_MASKED(val, 0xe3, s->bChipCmdState);
1193 /* Deassert reset pin before next read */
1196 s->bChipCmdState = val;
1199 static int rtl8139_RxBufferEmpty(RTL8139State *s)
1201 int unread = MOD2(s->RxBufferSize + s->RxBufAddr - s->RxBufPtr, s->RxBufferSize);
1205 #ifdef DEBUG_RTL8139
1206 printf("RTL8139: receiver buffer data available 0x%04x\n", unread);
1211 #ifdef DEBUG_RTL8139
1212 printf("RTL8139: receiver buffer is empty\n");
1218 static uint32_t rtl8139_ChipCmd_read(RTL8139State *s)
1220 uint32_t ret = s->bChipCmdState;
1222 if (rtl8139_RxBufferEmpty(s))
1225 #ifdef DEBUG_RTL8139
1226 printf("RTL8139: ChipCmd read val=0x%04x\n", ret);
1232 static void rtl8139_CpCmd_write(RTL8139State *s, uint32_t val)
1236 #ifdef DEBUG_RTL8139
1237 printf("RTL8139C+ command register write(w) val=0x%04x\n", val);
1240 /* mask unwriteable bits */
1241 val = SET_MASKED(val, 0xff84, s->CpCmd);
1246 static uint32_t rtl8139_CpCmd_read(RTL8139State *s)
1248 uint32_t ret = s->CpCmd;
1250 #ifdef DEBUG_RTL8139
1251 printf("RTL8139C+ command register read(w) val=0x%04x\n", ret);
1257 int rtl8139_config_writeable(RTL8139State *s)
1259 if (s->Cfg9346 & Cfg9346_Unlock)
1264 #ifdef DEBUG_RTL8139
1265 printf("RTL8139: Configuration registers are write-protected\n");
1271 static void rtl8139_BasicModeCtrl_write(RTL8139State *s, uint32_t val)
1275 #ifdef DEBUG_RTL8139
1276 printf("RTL8139: BasicModeCtrl register write(w) val=0x%04x\n", val);
1279 /* mask unwriteable bits */
1280 uint32 mask = 0x4cff;
1282 if (1 || !rtl8139_config_writeable(s))
1284 /* Speed setting and autonegotiation enable bits are read-only */
1286 /* Duplex mode setting is read-only */
1290 val = SET_MASKED(val, mask, s->BasicModeCtrl);
1292 s->BasicModeCtrl = val;
1295 static uint32_t rtl8139_BasicModeCtrl_read(RTL8139State *s)
1297 uint32_t ret = s->BasicModeCtrl;
1299 #ifdef DEBUG_RTL8139
1300 printf("RTL8139: BasicModeCtrl register read(w) val=0x%04x\n", ret);
1306 static void rtl8139_BasicModeStatus_write(RTL8139State *s, uint32_t val)
1310 #ifdef DEBUG_RTL8139
1311 printf("RTL8139: BasicModeStatus register write(w) val=0x%04x\n", val);
1314 /* mask unwriteable bits */
1315 val = SET_MASKED(val, 0xff3f, s->BasicModeStatus);
1317 s->BasicModeStatus = val;
1320 static uint32_t rtl8139_BasicModeStatus_read(RTL8139State *s)
1322 uint32_t ret = s->BasicModeStatus;
1324 #ifdef DEBUG_RTL8139
1325 printf("RTL8139: BasicModeStatus register read(w) val=0x%04x\n", ret);
1331 static void rtl8139_Cfg9346_write(RTL8139State *s, uint32_t val)
1335 #ifdef DEBUG_RTL8139
1336 printf("RTL8139: Cfg9346 write val=0x%02x\n", val);
1339 /* mask unwriteable bits */
1340 val = SET_MASKED(val, 0x31, s->Cfg9346);
1342 uint32_t opmode = val & 0xc0;
1343 uint32_t eeprom_val = val & 0xf;
1345 if (opmode == 0x80) {
1347 int eecs = (eeprom_val & 0x08)?1:0;
1348 int eesk = (eeprom_val & 0x04)?1:0;
1349 int eedi = (eeprom_val & 0x02)?1:0;
1350 prom9346_set_wire(s, eecs, eesk, eedi);
1351 } else if (opmode == 0x40) {
1360 static uint32_t rtl8139_Cfg9346_read(RTL8139State *s)
1362 uint32_t ret = s->Cfg9346;
1364 uint32_t opmode = ret & 0xc0;
1369 int eedo = prom9346_get_wire(s);
1380 #ifdef DEBUG_RTL8139
1381 printf("RTL8139: Cfg9346 read val=0x%02x\n", ret);
1387 static void rtl8139_Config0_write(RTL8139State *s, uint32_t val)
1391 #ifdef DEBUG_RTL8139
1392 printf("RTL8139: Config0 write val=0x%02x\n", val);
1395 if (!rtl8139_config_writeable(s))
1398 /* mask unwriteable bits */
1399 val = SET_MASKED(val, 0xf8, s->Config0);
1404 static uint32_t rtl8139_Config0_read(RTL8139State *s)
1406 uint32_t ret = s->Config0;
1408 #ifdef DEBUG_RTL8139
1409 printf("RTL8139: Config0 read val=0x%02x\n", ret);
1415 static void rtl8139_Config1_write(RTL8139State *s, uint32_t val)
1419 #ifdef DEBUG_RTL8139
1420 printf("RTL8139: Config1 write val=0x%02x\n", val);
1423 if (!rtl8139_config_writeable(s))
1426 /* mask unwriteable bits */
1427 val = SET_MASKED(val, 0xC, s->Config1);
1432 static uint32_t rtl8139_Config1_read(RTL8139State *s)
1434 uint32_t ret = s->Config1;
1436 #ifdef DEBUG_RTL8139
1437 printf("RTL8139: Config1 read val=0x%02x\n", ret);
1443 static void rtl8139_Config3_write(RTL8139State *s, uint32_t val)
1447 #ifdef DEBUG_RTL8139
1448 printf("RTL8139: Config3 write val=0x%02x\n", val);
1451 if (!rtl8139_config_writeable(s))
1454 /* mask unwriteable bits */
1455 val = SET_MASKED(val, 0x8F, s->Config3);
1460 static uint32_t rtl8139_Config3_read(RTL8139State *s)
1462 uint32_t ret = s->Config3;
1464 #ifdef DEBUG_RTL8139
1465 printf("RTL8139: Config3 read val=0x%02x\n", ret);
1471 static void rtl8139_Config4_write(RTL8139State *s, uint32_t val)
1475 #ifdef DEBUG_RTL8139
1476 printf("RTL8139: Config4 write val=0x%02x\n", val);
1479 if (!rtl8139_config_writeable(s))
1482 /* mask unwriteable bits */
1483 val = SET_MASKED(val, 0x0a, s->Config4);
1488 static uint32_t rtl8139_Config4_read(RTL8139State *s)
1490 uint32_t ret = s->Config4;
1492 #ifdef DEBUG_RTL8139
1493 printf("RTL8139: Config4 read val=0x%02x\n", ret);
1499 static void rtl8139_Config5_write(RTL8139State *s, uint32_t val)
1503 #ifdef DEBUG_RTL8139
1504 printf("RTL8139: Config5 write val=0x%02x\n", val);
1507 /* mask unwriteable bits */
1508 val = SET_MASKED(val, 0x80, s->Config5);
1513 static uint32_t rtl8139_Config5_read(RTL8139State *s)
1515 uint32_t ret = s->Config5;
1517 #ifdef DEBUG_RTL8139
1518 printf("RTL8139: Config5 read val=0x%02x\n", ret);
1524 static void rtl8139_TxConfig_write(RTL8139State *s, uint32_t val)
1526 if (!rtl8139_transmitter_enabled(s))
1528 #ifdef DEBUG_RTL8139
1529 printf("RTL8139: transmitter disabled; no TxConfig write val=0x%08x\n", val);
1534 #ifdef DEBUG_RTL8139
1535 printf("RTL8139: TxConfig write val=0x%08x\n", val);
1538 val = SET_MASKED(val, TxVersionMask | 0x8070f80f, s->TxConfig);
1543 static void rtl8139_TxConfig_writeb(RTL8139State *s, uint32_t val)
1545 #ifdef DEBUG_RTL8139
1546 printf("RTL8139C TxConfig via write(b) val=0x%02x\n", val);
1548 uint32_t tc = s->TxConfig;
1550 tc |= (val & 0x000000FF);
1551 rtl8139_TxConfig_write(s, tc);
1554 static uint32_t rtl8139_TxConfig_read(RTL8139State *s)
1556 uint32_t ret = s->TxConfig;
1558 #ifdef DEBUG_RTL8139
1559 printf("RTL8139: TxConfig read val=0x%04x\n", ret);
1565 static void rtl8139_RxConfig_write(RTL8139State *s, uint32_t val)
1567 #ifdef DEBUG_RTL8139
1568 printf("RTL8139: RxConfig write val=0x%08x\n", val);
1571 /* mask unwriteable bits */
1572 val = SET_MASKED(val, 0xf0fc0040, s->RxConfig);
1576 /* reset buffer size and read/write pointers */
1577 rtl8139_reset_rxring(s, 8192 << ((s->RxConfig >> 11) & 0x3));
1579 #ifdef DEBUG_RTL8139
1580 printf("RTL8139: RxConfig write reset buffer size to %d\n", s->RxBufferSize);
1584 static uint32_t rtl8139_RxConfig_read(RTL8139State *s)
1586 uint32_t ret = s->RxConfig;
1588 #ifdef DEBUG_RTL8139
1589 printf("RTL8139: RxConfig read val=0x%08x\n", ret);
1595 static int rtl8139_transmit_one(RTL8139State *s, int descriptor)
1597 if (!rtl8139_transmitter_enabled(s))
1599 #ifdef DEBUG_RTL8139
1600 printf("RTL8139: +++ cannot transmit from descriptor %d: transmitter disabled\n", descriptor);
1605 if (s->TxStatus[descriptor] & TxHostOwns)
1607 #ifdef DEBUG_RTL8139
1608 printf("RTL8139: +++ cannot transmit from descriptor %d: owned by host (%08x)\n", descriptor, s->TxStatus[descriptor]);
1613 #ifdef DEBUG_RTL8139
1614 printf("RTL8139: +++ transmitting from descriptor %d\n", descriptor);
1617 int txsize = s->TxStatus[descriptor] & 0x1fff;
1618 uint8_t txbuffer[0x2000];
1620 #ifdef DEBUG_RTL8139
1621 printf("RTL8139: +++ transmit reading %d bytes from host memory at 0x%08x\n", txsize, s->TxAddr[descriptor]);
1623 cpu_physical_memory_read(s->TxAddr[descriptor], txbuffer, txsize);
1625 qemu_send_packet(s->vc, txbuffer, txsize);
1627 /* Mark descriptor as transferred */
1628 s->TxStatus[descriptor] |= TxHostOwns;
1629 s->TxStatus[descriptor] |= TxStatOK;
1631 #ifdef DEBUG_RTL8139
1632 printf("RTL8139: +++ transmitted %d bytes from descriptor %d\n", txsize, descriptor);
1635 /* update interrupt */
1636 s->IntrStatus |= TxOK;
1637 rtl8139_update_irq(s);
1642 static int rtl8139_cplus_transmit_one(RTL8139State *s)
1644 if (!rtl8139_transmitter_enabled(s))
1646 #ifdef DEBUG_RTL8139
1647 printf("RTL8139: +++ C+ mode: transmitter disabled\n");
1652 if (!rtl8139_cp_transmitter_enabled(s))
1654 #ifdef DEBUG_RTL8139
1655 printf("RTL8139: +++ C+ mode: C+ transmitter disabled\n");
1660 int descriptor = s->currCPlusTxDesc;
1662 target_phys_addr_t cplus_tx_ring_desc =
1663 rtl8139_addr64(s->TxAddr[0], s->TxAddr[1]);
1665 /* Normal priority ring */
1666 cplus_tx_ring_desc += 16 * descriptor;
1668 #ifdef DEBUG_RTL8139
1669 printf("RTL8139: +++ C+ mode reading TX descriptor %d from host memory at %08x0x%08x = 0x%8lx\n",
1670 descriptor, s->TxAddr[1], s->TxAddr[0], cplus_tx_ring_desc);
1673 uint32_t val, txdw0,txdw1,txbufLO,txbufHI;
1675 cpu_physical_memory_read(cplus_tx_ring_desc, (uint8_t *)&val, 4);
1676 txdw0 = le32_to_cpu(val);
1677 cpu_physical_memory_read(cplus_tx_ring_desc+4, (uint8_t *)&val, 4);
1678 txdw1 = le32_to_cpu(val);
1679 cpu_physical_memory_read(cplus_tx_ring_desc+8, (uint8_t *)&val, 4);
1680 txbufLO = le32_to_cpu(val);
1681 cpu_physical_memory_read(cplus_tx_ring_desc+12, (uint8_t *)&val, 4);
1682 txbufHI = le32_to_cpu(val);
1684 #ifdef DEBUG_RTL8139
1685 printf("RTL8139: +++ C+ mode TX descriptor %d %08x %08x %08x %08x\n",
1687 txdw0, txdw1, txbufLO, txbufHI);
1690 /* w0 ownership flag */
1691 #define CP_TX_OWN (1<<31)
1692 /* w0 end of ring flag */
1693 #define CP_TX_EOR (1<<30)
1694 /* first segment of received packet flag */
1695 #define CP_TX_FS (1<<29)
1696 /* last segment of received packet flag */
1697 #define CP_TX_LS (1<<28)
1698 /* large send packet flag */
1699 #define CP_TX_LGSEN (1<<27)
1700 /* IP checksum offload flag */
1701 #define CP_TX_IPCS (1<<18)
1702 /* UDP checksum offload flag */
1703 #define CP_TX_UDPCS (1<<17)
1704 /* TCP checksum offload flag */
1705 #define CP_TX_TCPCS (1<<16)
1707 /* w0 bits 0...15 : buffer size */
1708 #define CP_TX_BUFFER_SIZE (1<<16)
1709 #define CP_TX_BUFFER_SIZE_MASK (CP_TX_BUFFER_SIZE - 1)
1710 /* w1 tag available flag */
1711 #define CP_RX_TAGC (1<<17)
1712 /* w1 bits 0...15 : VLAN tag */
1713 #define CP_TX_VLAN_TAG_MASK ((1<<16) - 1)
1714 /* w2 low 32bit of Rx buffer ptr */
1715 /* w3 high 32bit of Rx buffer ptr */
1717 /* set after transmission */
1718 /* FIFO underrun flag */
1719 #define CP_TX_STATUS_UNF (1<<25)
1720 /* transmit error summary flag, valid if set any of three below */
1721 #define CP_TX_STATUS_TES (1<<23)
1722 /* out-of-window collision flag */
1723 #define CP_TX_STATUS_OWC (1<<22)
1724 /* link failure flag */
1725 #define CP_TX_STATUS_LNKF (1<<21)
1726 /* excessive collisions flag */
1727 #define CP_TX_STATUS_EXC (1<<20)
1729 if (!(txdw0 & CP_TX_OWN))
1731 #if defined(DEBUG_RTL8139)
1732 printf("RTL8139: C+ Tx mode : descriptor %d is owned by host\n", descriptor);
1737 #ifdef DEBUG_RTL8139
1738 printf("RTL8139: +++ C+ Tx mode : transmitting from descriptor %d\n", descriptor);
1741 int txsize = txdw0 & CP_TX_BUFFER_SIZE_MASK;
1742 target_phys_addr_t tx_addr = rtl8139_addr64(txbufLO, txbufHI);
1744 uint8_t txbuffer[CP_TX_BUFFER_SIZE];
1746 #ifdef DEBUG_RTL8139
1747 printf("RTL8139: +++ C+ mode transmit reading %d bytes from host memory at 0x%08x\n", txsize, tx_addr);
1749 cpu_physical_memory_read(tx_addr, txbuffer, txsize);
1751 /* transmit the packet */
1752 qemu_send_packet(s->vc, txbuffer, txsize);
1754 /* transfer ownership to target */
1755 txdw0 &= ~CP_RX_OWN;
1757 /* reset error indicator bits */
1758 txdw0 &= ~CP_TX_STATUS_UNF;
1759 txdw0 &= ~CP_TX_STATUS_TES;
1760 txdw0 &= ~CP_TX_STATUS_OWC;
1761 txdw0 &= ~CP_TX_STATUS_LNKF;
1762 txdw0 &= ~CP_TX_STATUS_EXC;
1764 /* update ring data */
1765 val = cpu_to_le32(txdw0);
1766 cpu_physical_memory_write(cplus_tx_ring_desc, (uint8_t *)&val, 4);
1767 // val = cpu_to_le32(txdw1);
1768 // cpu_physical_memory_write(cplus_tx_ring_desc+4, &val, 4);
1770 /* seek to next Rx descriptor */
1771 if (txdw0 & CP_TX_EOR)
1773 s->currCPlusTxDesc = 0;
1777 ++s->currCPlusTxDesc;
1780 #ifdef DEBUG_RTL8139
1781 printf("RTL8139: +++ C+ mode transmitted %d bytes from descriptor %d\n", txsize, descriptor);
1786 static void rtl8139_cplus_transmit(RTL8139State *s)
1790 while (rtl8139_cplus_transmit_one(s))
1795 /* Mark transfer completed */
1798 #ifdef DEBUG_RTL8139
1799 printf("RTL8139: C+ mode : transmitter queue stalled, current TxDesc = %d\n", s->currCPlusTxDesc);
1804 /* update interrupt status */
1805 s->IntrStatus |= TxOK;
1806 rtl8139_update_irq(s);
1810 static void rtl8139_transmit(RTL8139State *s)
1812 int descriptor = s->currTxDesc, txcount = 0;
1815 if (rtl8139_transmit_one(s, descriptor))
1822 /* Mark transfer completed */
1825 #ifdef DEBUG_RTL8139
1826 printf("RTL8139: transmitter queue stalled, current TxDesc = %d\n", s->currTxDesc);
1831 static void rtl8139_TxStatus_write(RTL8139State *s, uint32_t txRegOffset, uint32_t val)
1834 int descriptor = txRegOffset/4;
1835 #ifdef DEBUG_RTL8139
1836 printf("RTL8139: TxStatus write offset=0x%x val=0x%08x descriptor=%d\n", txRegOffset, val, descriptor);
1839 /* mask only reserved bits */
1840 val &= ~0xff00c000; /* these bits are reset on write */
1841 val = SET_MASKED(val, 0x00c00000, s->TxStatus[descriptor]);
1843 s->TxStatus[descriptor] = val;
1845 /* attempt to start transmission */
1846 rtl8139_transmit(s);
1849 static uint32_t rtl8139_TxStatus_read(RTL8139State *s, uint32_t txRegOffset)
1851 uint32_t ret = s->TxStatus[txRegOffset/4];
1853 #ifdef DEBUG_RTL8139
1854 printf("RTL8139: TxStatus read offset=0x%x val=0x%08x\n", txRegOffset, ret);
1860 static uint16_t rtl8139_TSAD_read(RTL8139State *s)
1864 /* Simulate TSAD, it is read only anyway */
1866 ret = ((s->TxStatus[3] & TxStatOK )?TSAD_TOK3:0)
1867 |((s->TxStatus[2] & TxStatOK )?TSAD_TOK2:0)
1868 |((s->TxStatus[1] & TxStatOK )?TSAD_TOK1:0)
1869 |((s->TxStatus[0] & TxStatOK )?TSAD_TOK0:0)
1871 |((s->TxStatus[3] & TxUnderrun)?TSAD_TUN3:0)
1872 |((s->TxStatus[2] & TxUnderrun)?TSAD_TUN2:0)
1873 |((s->TxStatus[1] & TxUnderrun)?TSAD_TUN1:0)
1874 |((s->TxStatus[0] & TxUnderrun)?TSAD_TUN0:0)
1876 |((s->TxStatus[3] & TxAborted )?TSAD_TABT3:0)
1877 |((s->TxStatus[2] & TxAborted )?TSAD_TABT2:0)
1878 |((s->TxStatus[1] & TxAborted )?TSAD_TABT1:0)
1879 |((s->TxStatus[0] & TxAborted )?TSAD_TABT0:0)
1881 |((s->TxStatus[3] & TxHostOwns )?TSAD_OWN3:0)
1882 |((s->TxStatus[2] & TxHostOwns )?TSAD_OWN2:0)
1883 |((s->TxStatus[1] & TxHostOwns )?TSAD_OWN1:0)
1884 |((s->TxStatus[0] & TxHostOwns )?TSAD_OWN0:0) ;
1887 #ifdef DEBUG_RTL8139
1888 printf("RTL8139: TSAD read val=0x%04x\n", ret);
1894 static uint16_t rtl8139_CSCR_read(RTL8139State *s)
1896 uint16_t ret = s->CSCR;
1898 #ifdef DEBUG_RTL8139
1899 printf("RTL8139: CSCR read val=0x%04x\n", ret);
1905 static void rtl8139_TxAddr_write(RTL8139State *s, uint32_t txAddrOffset, uint32_t val)
1907 #ifdef DEBUG_RTL8139
1908 printf("RTL8139: TxAddr write offset=0x%x val=0x%08x\n", txAddrOffset, val);
1911 s->TxAddr[txAddrOffset/4] = le32_to_cpu(val);
1914 static uint32_t rtl8139_TxAddr_read(RTL8139State *s, uint32_t txAddrOffset)
1916 uint32_t ret = cpu_to_le32(s->TxAddr[txAddrOffset/4]);
1918 #ifdef DEBUG_RTL8139
1919 printf("RTL8139: TxAddr read offset=0x%x val=0x%08x\n", txAddrOffset, ret);
1925 static void rtl8139_RxBufPtr_write(RTL8139State *s, uint32_t val)
1927 #ifdef DEBUG_RTL8139
1928 printf("RTL8139: RxBufPtr write val=0x%04x\n", val);
1931 /* this value is off by 16 */
1932 s->RxBufPtr = MOD2(val + 0x10, s->RxBufferSize);
1934 #if defined(DEBUG_RTL8139)
1935 printf(" CAPR write: rx buffer length %d head 0x%04x read 0x%04x\n",
1936 s->RxBufferSize, s->RxBufAddr, s->RxBufPtr);
1940 static uint32_t rtl8139_RxBufPtr_read(RTL8139State *s)
1942 /* this value is off by 16 */
1943 uint32_t ret = s->RxBufPtr - 0x10;
1945 #ifdef DEBUG_RTL8139
1946 printf("RTL8139: RxBufPtr read val=0x%04x\n", ret);
1952 static void rtl8139_RxBuf_write(RTL8139State *s, uint32_t val)
1954 #ifdef DEBUG_RTL8139
1955 printf("RTL8139: RxBuf write val=0x%08x\n", val);
1960 /* may need to reset rxring here */
1963 static uint32_t rtl8139_RxBuf_read(RTL8139State *s)
1965 uint32_t ret = s->RxBuf;
1967 #ifdef DEBUG_RTL8139
1968 printf("RTL8139: RxBuf read val=0x%08x\n", ret);
1974 static void rtl8139_IntrMask_write(RTL8139State *s, uint32_t val)
1976 #ifdef DEBUG_RTL8139
1977 printf("RTL8139: IntrMask write(w) val=0x%04x\n", val);
1980 /* mask unwriteable bits */
1981 val = SET_MASKED(val, 0x1e00, s->IntrMask);
1985 rtl8139_update_irq(s);
1988 static uint32_t rtl8139_IntrMask_read(RTL8139State *s)
1990 uint32_t ret = s->IntrMask;
1992 #ifdef DEBUG_RTL8139
1993 printf("RTL8139: IntrMask read(w) val=0x%04x\n", ret);
1999 static void rtl8139_IntrStatus_write(RTL8139State *s, uint32_t val)
2001 #ifdef DEBUG_RTL8139
2002 printf("RTL8139: IntrStatus write(w) val=0x%04x\n", val);
2007 /* writing to ISR has no effect */
2012 uint16_t newStatus = s->IntrStatus & ~val;
2014 /* mask unwriteable bits */
2015 newStatus = SET_MASKED(newStatus, 0x1e00, s->IntrStatus);
2017 /* writing 1 to interrupt status register bit clears it */
2019 rtl8139_update_irq(s);
2021 s->IntrStatus = newStatus;
2022 rtl8139_update_irq(s);
2026 static uint32_t rtl8139_IntrStatus_read(RTL8139State *s)
2028 uint32_t ret = s->IntrStatus;
2030 #ifdef DEBUG_RTL8139
2031 printf("RTL8139: IntrStatus read(w) val=0x%04x\n", ret);
2036 /* reading ISR clears all interrupts */
2039 rtl8139_update_irq(s);
2046 static void rtl8139_MultiIntr_write(RTL8139State *s, uint32_t val)
2048 #ifdef DEBUG_RTL8139
2049 printf("RTL8139: MultiIntr write(w) val=0x%04x\n", val);
2052 /* mask unwriteable bits */
2053 val = SET_MASKED(val, 0xf000, s->MultiIntr);
2058 static uint32_t rtl8139_MultiIntr_read(RTL8139State *s)
2060 uint32_t ret = s->MultiIntr;
2062 #ifdef DEBUG_RTL8139
2063 printf("RTL8139: MultiIntr read(w) val=0x%04x\n", ret);
2069 static void rtl8139_io_writeb(void *opaque, uint8_t addr, uint32_t val)
2071 RTL8139State *s = opaque;
2077 case MAC0 ... MAC0+5:
2078 s->phys[addr - MAC0] = val;
2080 case MAC0+6 ... MAC0+7:
2083 case MAR0 ... MAR0+7:
2084 s->mult[addr - MAR0] = val;
2087 rtl8139_ChipCmd_write(s, val);
2090 rtl8139_Cfg9346_write(s, val);
2092 case TxConfig: /* windows driver sometimes writes using byte-lenth call */
2093 rtl8139_TxConfig_writeb(s, val);
2096 rtl8139_Config0_write(s, val);
2099 rtl8139_Config1_write(s, val);
2102 rtl8139_Config3_write(s, val);
2105 rtl8139_Config4_write(s, val);
2108 rtl8139_Config5_write(s, val);
2112 #ifdef DEBUG_RTL8139
2113 printf("RTL8139: not implemented write(b) to MediaStatus val=0x%02x\n", val);
2118 #ifdef DEBUG_RTL8139
2119 printf("RTL8139: HltClk write val=0x%08x\n", val);
2123 s->clock_enabled = 1;
2125 else if (val == 'H')
2127 s->clock_enabled = 0;
2132 #ifdef DEBUG_RTL8139
2133 printf("RTL8139C+ TxThresh write(b) val=0x%02x\n", val);
2139 #ifdef DEBUG_RTL8139
2140 printf("RTL8139C+ TxPoll write(b) val=0x%02x\n", val);
2144 #ifdef DEBUG_RTL8139
2145 printf("RTL8139C+ TxPoll high priority transmission (not implemented)\n");
2147 //rtl8139_cplus_transmit(s);
2151 #ifdef DEBUG_RTL8139
2152 printf("RTL8139C+ TxPoll normal priority transmission\n");
2154 rtl8139_cplus_transmit(s);
2160 #ifdef DEBUG_RTL8139
2161 printf("RTL8139: not implemented write(b) addr=0x%x val=0x%02x\n", addr, val);
2167 static void rtl8139_io_writew(void *opaque, uint8_t addr, uint32_t val)
2169 RTL8139State *s = opaque;
2176 rtl8139_IntrMask_write(s, val);
2180 rtl8139_IntrStatus_write(s, val);
2184 rtl8139_MultiIntr_write(s, val);
2188 rtl8139_RxBufPtr_write(s, val);
2192 rtl8139_BasicModeCtrl_write(s, val);
2194 case BasicModeStatus:
2195 rtl8139_BasicModeStatus_write(s, val);
2198 #ifdef DEBUG_RTL8139
2199 printf("RTL8139: NWayAdvert write(w) val=0x%04x\n", val);
2201 s->NWayAdvert = val;
2204 #ifdef DEBUG_RTL8139
2205 printf("RTL8139: forbidden NWayLPAR write(w) val=0x%04x\n", val);
2209 #ifdef DEBUG_RTL8139
2210 printf("RTL8139: NWayExpansion write(w) val=0x%04x\n", val);
2212 s->NWayExpansion = val;
2216 rtl8139_CpCmd_write(s, val);
2220 #ifdef DEBUG_RTL8139
2221 printf("RTL8139: ioport write(w) addr=0x%x val=0x%04x via write(b)\n", addr, val);
2224 #ifdef TARGET_WORDS_BIGENDIAN
2225 rtl8139_io_writeb(opaque, addr, (val >> 8) & 0xff);
2226 rtl8139_io_writeb(opaque, addr + 1, val & 0xff);
2228 rtl8139_io_writeb(opaque, addr, val & 0xff);
2229 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff);
2235 static void rtl8139_io_writel(void *opaque, uint8_t addr, uint32_t val)
2237 RTL8139State *s = opaque;
2244 #ifdef DEBUG_RTL8139
2245 printf("RTL8139: RxMissed clearing on write\n");
2251 rtl8139_TxConfig_write(s, val);
2255 rtl8139_RxConfig_write(s, val);
2258 case TxStatus0 ... TxStatus0+4*4-1:
2259 rtl8139_TxStatus_write(s, addr-TxStatus0, val);
2262 case TxAddr0 ... TxAddr0+4*4-1:
2263 rtl8139_TxAddr_write(s, addr-TxAddr0, val);
2267 rtl8139_RxBuf_write(s, val);
2271 #ifdef DEBUG_RTL8139
2272 printf("RTL8139: C+ RxRing low bits write val=0x%08x\n", val);
2274 s->RxRingAddrLO = val;
2278 #ifdef DEBUG_RTL8139
2279 printf("RTL8139: C+ RxRing high bits write val=0x%08x\n", val);
2281 s->RxRingAddrHI = val;
2285 #ifdef DEBUG_RTL8139
2286 printf("RTL8139: ioport write(l) addr=0x%x val=0x%08x via write(b)\n", addr, val);
2288 #ifdef TARGET_WORDS_BIGENDIAN
2289 rtl8139_io_writeb(opaque, addr, (val >> 24) & 0xff);
2290 rtl8139_io_writeb(opaque, addr + 1, (val >> 16) & 0xff);
2291 rtl8139_io_writeb(opaque, addr + 2, (val >> 8) & 0xff);
2292 rtl8139_io_writeb(opaque, addr + 3, val & 0xff);
2294 rtl8139_io_writeb(opaque, addr, val & 0xff);
2295 rtl8139_io_writeb(opaque, addr + 1, (val >> 8) & 0xff);
2296 rtl8139_io_writeb(opaque, addr + 2, (val >> 16) & 0xff);
2297 rtl8139_io_writeb(opaque, addr + 3, (val >> 24) & 0xff);
2303 static uint32_t rtl8139_io_readb(void *opaque, uint8_t addr)
2305 RTL8139State *s = opaque;
2312 case MAC0 ... MAC0+5:
2313 ret = s->phys[addr - MAC0];
2315 case MAC0+6 ... MAC0+7:
2318 case MAR0 ... MAR0+7:
2319 ret = s->mult[addr - MAR0];
2322 ret = rtl8139_ChipCmd_read(s);
2325 ret = rtl8139_Cfg9346_read(s);
2328 ret = rtl8139_Config0_read(s);
2331 ret = rtl8139_Config1_read(s);
2334 ret = rtl8139_Config3_read(s);
2337 ret = rtl8139_Config4_read(s);
2340 ret = rtl8139_Config5_read(s);
2345 #ifdef DEBUG_RTL8139
2346 printf("RTL8139: MediaStatus read 0x%x\n", ret);
2351 ret = s->clock_enabled;
2352 #ifdef DEBUG_RTL8139
2353 printf("RTL8139: HltClk read 0x%x\n", ret);
2359 #ifdef DEBUG_RTL8139
2360 printf("RTL8139: PCI Revision ID read 0x%x\n", ret);
2366 #ifdef DEBUG_RTL8139
2367 printf("RTL8139C+ TxThresh read(b) val=0x%02x\n", ret);
2371 case 0x43: /* Part of TxConfig register. Windows driver tries to read it */
2372 ret = s->TxConfig >> 24;
2373 #ifdef DEBUG_RTL8139
2374 printf("RTL8139C TxConfig at 0x43 read(b) val=0x%02x\n", ret);
2379 #ifdef DEBUG_RTL8139
2380 printf("RTL8139: not implemented read(b) addr=0x%x\n", addr);
2389 static uint32_t rtl8139_io_readw(void *opaque, uint8_t addr)
2391 RTL8139State *s = opaque;
2394 addr &= 0xfe; /* mask lower bit */
2399 ret = rtl8139_IntrMask_read(s);
2403 ret = rtl8139_IntrStatus_read(s);
2407 ret = rtl8139_MultiIntr_read(s);
2411 ret = rtl8139_RxBufPtr_read(s);
2415 ret = rtl8139_BasicModeCtrl_read(s);
2417 case BasicModeStatus:
2418 ret = rtl8139_BasicModeStatus_read(s);
2421 ret = s->NWayAdvert;
2422 #ifdef DEBUG_RTL8139
2423 printf("RTL8139: NWayAdvert read(w) val=0x%04x\n", ret);
2428 #ifdef DEBUG_RTL8139
2429 printf("RTL8139: NWayLPAR read(w) val=0x%04x\n", ret);
2433 ret = s->NWayExpansion;
2434 #ifdef DEBUG_RTL8139
2435 printf("RTL8139: NWayExpansion read(w) val=0x%04x\n", ret);
2440 ret = rtl8139_CpCmd_read(s);
2444 ret = rtl8139_TSAD_read(s);
2448 ret = rtl8139_CSCR_read(s);
2452 #ifdef DEBUG_RTL8139
2453 printf("RTL8139: ioport read(w) addr=0x%x via read(b)\n", addr);
2456 #ifdef TARGET_WORDS_BIGENDIAN
2457 ret = rtl8139_io_readb(opaque, addr) << 8;
2458 ret |= rtl8139_io_readb(opaque, addr + 1);
2460 ret = rtl8139_io_readb(opaque, addr);
2461 ret |= rtl8139_io_readb(opaque, addr + 1) << 8;
2464 #ifdef DEBUG_RTL8139
2465 printf("RTL8139: ioport read(w) addr=0x%x val=0x%04x\n", addr, ret);
2473 static uint32_t rtl8139_io_readl(void *opaque, uint8_t addr)
2475 RTL8139State *s = opaque;
2478 addr &= 0xfc; /* also mask low 2 bits */
2485 #ifdef DEBUG_RTL8139
2486 printf("RTL8139: RxMissed read val=0x%08x\n", ret);
2491 ret = rtl8139_TxConfig_read(s);
2495 ret = rtl8139_RxConfig_read(s);
2498 case TxStatus0 ... TxStatus0+4*4-1:
2499 ret = rtl8139_TxStatus_read(s, addr-TxStatus0);
2502 case TxAddr0 ... TxAddr0+4*4-1:
2503 ret = rtl8139_TxAddr_read(s, addr-TxAddr0);
2507 ret = rtl8139_RxBuf_read(s);
2511 ret = s->RxRingAddrLO;
2512 #ifdef DEBUG_RTL8139
2513 printf("RTL8139: C+ RxRing low bits read val=0x%08x\n", ret);
2518 ret = s->RxRingAddrHI;
2519 #ifdef DEBUG_RTL8139
2520 printf("RTL8139: C+ RxRing high bits read val=0x%08x\n", ret);
2525 #ifdef DEBUG_RTL8139
2526 printf("RTL8139: ioport read(l) addr=0x%x via read(b)\n", addr);
2529 #ifdef TARGET_WORDS_BIGENDIAN
2530 ret = rtl8139_io_readb(opaque, addr) << 24;
2531 ret |= rtl8139_io_readb(opaque, addr + 1) << 16;
2532 ret |= rtl8139_io_readb(opaque, addr + 2) << 8;
2533 ret |= rtl8139_io_readb(opaque, addr + 3);
2535 ret = rtl8139_io_readb(opaque, addr);
2536 ret |= rtl8139_io_readb(opaque, addr + 1) << 8;
2537 ret |= rtl8139_io_readb(opaque, addr + 2) << 16;
2538 ret |= rtl8139_io_readb(opaque, addr + 3) << 24;
2541 #ifdef DEBUG_RTL8139
2542 printf("RTL8139: read(l) addr=0x%x val=%08x\n", addr, ret);
2552 static void rtl8139_ioport_writeb(void *opaque, uint32_t addr, uint32_t val)
2554 rtl8139_io_writeb(opaque, addr & 0xFF, val);
2557 static void rtl8139_ioport_writew(void *opaque, uint32_t addr, uint32_t val)
2559 rtl8139_io_writew(opaque, addr & 0xFF, val);
2562 static void rtl8139_ioport_writel(void *opaque, uint32_t addr, uint32_t val)
2564 rtl8139_io_writel(opaque, addr & 0xFF, val);
2567 static uint32_t rtl8139_ioport_readb(void *opaque, uint32_t addr)
2569 return rtl8139_io_readb(opaque, addr & 0xFF);
2572 static uint32_t rtl8139_ioport_readw(void *opaque, uint32_t addr)
2574 return rtl8139_io_readw(opaque, addr & 0xFF);
2577 static uint32_t rtl8139_ioport_readl(void *opaque, uint32_t addr)
2579 return rtl8139_io_readl(opaque, addr & 0xFF);
2584 static void rtl8139_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
2586 rtl8139_io_writeb(opaque, addr & 0xFF, val);
2589 static void rtl8139_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
2591 rtl8139_io_writew(opaque, addr & 0xFF, val);
2594 static void rtl8139_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
2596 rtl8139_io_writel(opaque, addr & 0xFF, val);
2599 static uint32_t rtl8139_mmio_readb(void *opaque, target_phys_addr_t addr)
2601 return rtl8139_io_readb(opaque, addr & 0xFF);
2604 static uint32_t rtl8139_mmio_readw(void *opaque, target_phys_addr_t addr)
2606 return rtl8139_io_readw(opaque, addr & 0xFF);
2609 static uint32_t rtl8139_mmio_readl(void *opaque, target_phys_addr_t addr)
2611 return rtl8139_io_readl(opaque, addr & 0xFF);
2616 static void rtl8139_save(QEMUFile* f,void* opaque)
2618 RTL8139State* s=(RTL8139State*)opaque;
2621 qemu_put_buffer(f, s->phys, 6);
2622 qemu_put_buffer(f, s->mult, 8);
2626 qemu_put_be32s(f, &s->TxStatus[i]); /* TxStatus0 */
2630 qemu_put_be32s(f, &s->TxAddr[i]); /* TxAddr0 */
2633 qemu_put_be32s(f, &s->RxBuf); /* Receive buffer */
2634 qemu_put_be32s(f, &s->RxBufferSize);/* internal variable, receive ring buffer size in C mode */
2635 qemu_put_be32s(f, &s->RxBufPtr);
2636 qemu_put_be32s(f, &s->RxBufAddr);
2638 qemu_put_be16s(f, &s->IntrStatus);
2639 qemu_put_be16s(f, &s->IntrMask);
2641 qemu_put_be32s(f, &s->TxConfig);
2642 qemu_put_be32s(f, &s->RxConfig);
2643 qemu_put_be32s(f, &s->RxMissed);
2644 qemu_put_be16s(f, &s->CSCR);
2646 qemu_put_8s(f, &s->Cfg9346);
2647 qemu_put_8s(f, &s->Config0);
2648 qemu_put_8s(f, &s->Config1);
2649 qemu_put_8s(f, &s->Config3);
2650 qemu_put_8s(f, &s->Config4);
2651 qemu_put_8s(f, &s->Config5);
2653 qemu_put_8s(f, &s->clock_enabled);
2654 qemu_put_8s(f, &s->bChipCmdState);
2656 qemu_put_be16s(f, &s->MultiIntr);
2658 qemu_put_be16s(f, &s->BasicModeCtrl);
2659 qemu_put_be16s(f, &s->BasicModeStatus);
2660 qemu_put_be16s(f, &s->NWayAdvert);
2661 qemu_put_be16s(f, &s->NWayLPAR);
2662 qemu_put_be16s(f, &s->NWayExpansion);
2664 qemu_put_be16s(f, &s->CpCmd);
2665 qemu_put_8s(f, &s->TxThresh);
2667 qemu_put_be32s(f, &s->irq);
2668 qemu_put_buffer(f, s->macaddr, 6);
2669 qemu_put_be32s(f, &s->rtl8139_mmio_io_addr);
2671 qemu_put_be32s(f, &s->currTxDesc);
2672 qemu_put_be32s(f, &s->currCPlusRxDesc);
2673 qemu_put_be32s(f, &s->currCPlusTxDesc);
2674 qemu_put_be32s(f, &s->RxRingAddrLO);
2675 qemu_put_be32s(f, &s->RxRingAddrHI);
2677 for (i=0; i<EEPROM_9346_SIZE; ++i)
2679 qemu_put_be16s(f, &s->eeprom.contents[i]);
2681 qemu_put_be32s(f, &s->eeprom.mode);
2682 qemu_put_be32s(f, &s->eeprom.tick);
2683 qemu_put_8s(f, &s->eeprom.address);
2684 qemu_put_be16s(f, &s->eeprom.input);
2685 qemu_put_be16s(f, &s->eeprom.output);
2687 qemu_put_8s(f, &s->eeprom.eecs);
2688 qemu_put_8s(f, &s->eeprom.eesk);
2689 qemu_put_8s(f, &s->eeprom.eedi);
2690 qemu_put_8s(f, &s->eeprom.eedo);
2693 static int rtl8139_load(QEMUFile* f,void* opaque,int version_id)
2695 RTL8139State* s=(RTL8139State*)opaque;
2698 if (version_id != 1)
2701 qemu_get_buffer(f, s->phys, 6);
2702 qemu_get_buffer(f, s->mult, 8);
2706 qemu_get_be32s(f, &s->TxStatus[i]); /* TxStatus0 */
2710 qemu_get_be32s(f, &s->TxAddr[i]); /* TxAddr0 */
2713 qemu_get_be32s(f, &s->RxBuf); /* Receive buffer */
2714 qemu_get_be32s(f, &s->RxBufferSize);/* internal variable, receive ring buffer size in C mode */
2715 qemu_get_be32s(f, &s->RxBufPtr);
2716 qemu_get_be32s(f, &s->RxBufAddr);
2718 qemu_get_be16s(f, &s->IntrStatus);
2719 qemu_get_be16s(f, &s->IntrMask);
2721 qemu_get_be32s(f, &s->TxConfig);
2722 qemu_get_be32s(f, &s->RxConfig);
2723 qemu_get_be32s(f, &s->RxMissed);
2724 qemu_get_be16s(f, &s->CSCR);
2726 qemu_get_8s(f, &s->Cfg9346);
2727 qemu_get_8s(f, &s->Config0);
2728 qemu_get_8s(f, &s->Config1);
2729 qemu_get_8s(f, &s->Config3);
2730 qemu_get_8s(f, &s->Config4);
2731 qemu_get_8s(f, &s->Config5);
2733 qemu_get_8s(f, &s->clock_enabled);
2734 qemu_get_8s(f, &s->bChipCmdState);
2736 qemu_get_be16s(f, &s->MultiIntr);
2738 qemu_get_be16s(f, &s->BasicModeCtrl);
2739 qemu_get_be16s(f, &s->BasicModeStatus);
2740 qemu_get_be16s(f, &s->NWayAdvert);
2741 qemu_get_be16s(f, &s->NWayLPAR);
2742 qemu_get_be16s(f, &s->NWayExpansion);
2744 qemu_get_be16s(f, &s->CpCmd);
2745 qemu_get_8s(f, &s->TxThresh);
2747 qemu_get_be32s(f, &s->irq);
2748 qemu_get_buffer(f, s->macaddr, 6);
2749 qemu_get_be32s(f, &s->rtl8139_mmio_io_addr);
2751 qemu_get_be32s(f, &s->currTxDesc);
2752 qemu_get_be32s(f, &s->currCPlusRxDesc);
2753 qemu_get_be32s(f, &s->currCPlusTxDesc);
2754 qemu_get_be32s(f, &s->RxRingAddrLO);
2755 qemu_get_be32s(f, &s->RxRingAddrHI);
2757 for (i=0; i<EEPROM_9346_SIZE; ++i)
2759 qemu_get_be16s(f, &s->eeprom.contents[i]);
2761 qemu_get_be32s(f, &s->eeprom.mode);
2762 qemu_get_be32s(f, &s->eeprom.tick);
2763 qemu_get_8s(f, &s->eeprom.address);
2764 qemu_get_be16s(f, &s->eeprom.input);
2765 qemu_get_be16s(f, &s->eeprom.output);
2767 qemu_get_8s(f, &s->eeprom.eecs);
2768 qemu_get_8s(f, &s->eeprom.eesk);
2769 qemu_get_8s(f, &s->eeprom.eedi);
2770 qemu_get_8s(f, &s->eeprom.eedo);
2775 /***********************************************************/
2776 /* PCI RTL8139 definitions */
2778 typedef struct PCIRTL8139State {
2780 RTL8139State rtl8139;
2783 static void rtl8139_mmio_map(PCIDevice *pci_dev, int region_num,
2784 uint32_t addr, uint32_t size, int type)
2786 PCIRTL8139State *d = (PCIRTL8139State *)pci_dev;
2787 RTL8139State *s = &d->rtl8139;
2789 cpu_register_physical_memory(addr + 0, 0x100, s->rtl8139_mmio_io_addr);
2792 static void rtl8139_ioport_map(PCIDevice *pci_dev, int region_num,
2793 uint32_t addr, uint32_t size, int type)
2795 PCIRTL8139State *d = (PCIRTL8139State *)pci_dev;
2796 RTL8139State *s = &d->rtl8139;
2798 register_ioport_write(addr, 0x100, 1, rtl8139_ioport_writeb, s);
2799 register_ioport_read( addr, 0x100, 1, rtl8139_ioport_readb, s);
2801 register_ioport_write(addr, 0x100, 2, rtl8139_ioport_writew, s);
2802 register_ioport_read( addr, 0x100, 2, rtl8139_ioport_readw, s);
2804 register_ioport_write(addr, 0x100, 4, rtl8139_ioport_writel, s);
2805 register_ioport_read( addr, 0x100, 4, rtl8139_ioport_readl, s);
2808 static CPUReadMemoryFunc *rtl8139_mmio_read[3] = {
2814 static CPUWriteMemoryFunc *rtl8139_mmio_write[3] = {
2815 rtl8139_mmio_writeb,
2816 rtl8139_mmio_writew,
2817 rtl8139_mmio_writel,
2820 void pci_rtl8139_init(PCIBus *bus, NICInfo *nd)
2826 d = (PCIRTL8139State *)pci_register_device(bus,
2827 "RTL8139", sizeof(PCIRTL8139State),
2830 pci_conf = d->dev.config;
2831 pci_conf[0x00] = 0xec; /* Realtek 8139 */
2832 pci_conf[0x01] = 0x10;
2833 pci_conf[0x02] = 0x39;
2834 pci_conf[0x03] = 0x81;
2835 pci_conf[0x04] = 0x05; /* command = I/O space, Bus Master */
2836 pci_conf[0x08] = 0x20; /* 0x10 */ /* PCI revision ID; >=0x20 is for 8139C+ */
2837 pci_conf[0x0a] = 0x00; /* ethernet network controller */
2838 pci_conf[0x0b] = 0x02;
2839 pci_conf[0x0e] = 0x00; /* header_type */
2840 pci_conf[0x3d] = 1; /* interrupt pin 0 */
2841 pci_conf[0x34] = 0xdc;
2845 /* I/O handler for memory-mapped I/O */
2846 s->rtl8139_mmio_io_addr =
2847 cpu_register_io_memory(0, rtl8139_mmio_read, rtl8139_mmio_write, s);
2849 pci_register_io_region(&d->dev, 0, 0x100,
2850 PCI_ADDRESS_SPACE_IO, rtl8139_ioport_map);
2852 pci_register_io_region(&d->dev, 1, 0x100,
2853 PCI_ADDRESS_SPACE_MEM, rtl8139_mmio_map);
2855 s->irq = 16; /* PCI interrupt */
2856 s->pci_dev = (PCIDevice *)d;
2857 memcpy(s->macaddr, nd->macaddr, 6);
2859 s->vc = qemu_new_vlan_client(nd->vlan, rtl8139_receive,
2860 rtl8139_can_receive, s);
2862 snprintf(s->vc->info_str, sizeof(s->vc->info_str),
2863 "rtl8139 pci macaddr=%02x:%02x:%02x:%02x:%02x:%02x",
2871 /* XXX: instance number ? */
2872 register_savevm("rtl8139", 0, 1, rtl8139_save, rtl8139_load, s);
2873 register_savevm("rtl8139_pci", 0, 1, generic_pci_save, generic_pci_load,
projects / qemu / blob