From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:45627)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1S4OIY-0007hw-SN
	for qemu-devel@nongnu.org; Sun, 04 Mar 2012 22:09:19 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1S4OIV-0004BL-V0
	for qemu-devel@nongnu.org; Sun, 04 Mar 2012 22:09:18 -0500
Received: from mx1.redhat.com ([209.132.183.28]:24671)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1S4OIV-0004As-Mo
	for qemu-devel@nongnu.org; Sun, 04 Mar 2012 22:09:15 -0500
From: Jason Wang <jasowang@redhat.com>
Date: Mon, 05 Mar 2012 11:08:59 +0800
Message-ID: <20120305030859.8515.349.stgit@jason-ThinkPad-T400>
In-Reply-To: <20120305030824.8515.53602.stgit@jason-ThinkPad-T400>
References: <20120305030824.8515.53602.stgit@jason-ThinkPad-T400>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [PATCH 5/6] rtl8139: correctly check the opmode
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: aliguori@us.ibm.com, stefanha@linux.vnet.ibm.com, mst@redhat.com, qemu-devel@nongnu.org, benjamin.poirier@gmail.com, aurelien@aurel32.net

According to the spec, only when opmode is "Config. Register Write
Enable" could driver write to CONFIG0,1,3,4 and bits 13,12,8 of BMCR.

Currently, we allow modifying to those registers also when 8139 is in
"Auto-load" mode and "93C46 (93C56) Programming" mode. This patch
fixes this.

Signed-off-by: Jason Wang <jasowang@redhat.com>
---
 hw/rtl8139.c |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/hw/rtl8139.c b/hw/rtl8139.c
index 509a53e..2e3da0b 100644
--- a/hw/rtl8139.c
+++ b/hw/rtl8139.c
@@ -332,8 +332,10 @@ enum CSCRBits {
 };
 
 enum Cfg9346Bits {
-    Cfg9346_Lock = 0x00,
-    Cfg9346_Unlock = 0xC0,
+    Cfg9346_Normal = 0x00,
+    Cfg9346_Autoload = 0x40,
+    Cfg9346_Programming = 0x80,
+    Cfg9346_ConfigWrite = 0xC0,
 };
 
 typedef enum {
@@ -1451,7 +1453,7 @@ static uint32_t rtl8139_IntrMitigate_read(RTL8139State *s)
 
 static int rtl8139_config_writable(RTL8139State *s)
 {
-    if (s->Cfg9346 & Cfg9346_Unlock)
+    if ((s->Cfg9346 & Chip9346_op_mask) == Cfg9346_ConfigWrite)
     {
         return 1;
     }