4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
40 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
41 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
42 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
43 DEBUG_RXFILTER, DEBUG_NOTYET,
45 #define DBGBIT(x) (1<<DEBUG_##x)
46 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
48 #define DBGOUT(what, fmt, ...) do { \
49 if (debugflags & DBGBIT(what)) \
50 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #define IOPORT_SIZE 0x40
57 #define PNPMMIO_SIZE 0x20000
58 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
62 * E1000_DEV_ID_82540EM works with Windows and Linux
63 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
64 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
65 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
68 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
71 * May need to specify additional MAC-to-PHY entries --
72 * Intel's Windows driver refuses to initialize unless they match
75 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
76 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
77 /* default to E1000_DEV_ID_82540EM */ 0xc20
80 typedef struct E1000State_st {
86 uint32_t mac_reg[0x8000];
87 uint16_t phy_reg[0x20];
88 uint16_t eeprom_data[64];
91 uint32_t rxbuf_min_shift;
94 unsigned char header[256];
95 unsigned char vlan_header[4];
96 /* Fields vlan and data must not be reordered or separated. */
97 unsigned char vlan[4];
98 unsigned char data[0x10000];
100 unsigned char sum_needed;
101 unsigned char vlan_needed;
115 char cptse; // current packet tse bit
119 uint32_t val_in; // shifted in from guest driver
127 #define defreg(x) x = (E1000_##x>>2)
129 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
130 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
131 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
132 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
133 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
134 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
135 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
136 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
137 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
138 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
142 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
143 static const char phy_regcap[0x20] = {
144 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
145 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
146 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
147 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
148 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
149 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
153 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
154 pcibus_t size, int type)
156 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
157 " size=0x%08"FMT_PCIBUS"\n", addr, size);
161 set_interrupt_cause(E1000State *s, int index, uint32_t val)
164 val |= E1000_ICR_INT_ASSERTED;
165 s->mac_reg[ICR] = val;
166 s->mac_reg[ICS] = val;
167 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
171 set_ics(E1000State *s, int index, uint32_t val)
173 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
175 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
179 rxbufsize(uint32_t v)
181 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
182 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
183 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
185 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
187 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
189 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
191 case E1000_RCTL_SZ_1024:
193 case E1000_RCTL_SZ_512:
195 case E1000_RCTL_SZ_256:
202 set_ctrl(E1000State *s, int index, uint32_t val)
204 /* RST is self clearing */
205 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
209 set_rx_control(E1000State *s, int index, uint32_t val)
211 s->mac_reg[RCTL] = val;
212 s->rxbuf_size = rxbufsize(val);
213 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
214 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
219 set_mdic(E1000State *s, int index, uint32_t val)
221 uint32_t data = val & E1000_MDIC_DATA_MASK;
222 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
224 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
225 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
226 else if (val & E1000_MDIC_OP_READ) {
227 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
228 if (!(phy_regcap[addr] & PHY_R)) {
229 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
230 val |= E1000_MDIC_ERROR;
232 val = (val ^ data) | s->phy_reg[addr];
233 } else if (val & E1000_MDIC_OP_WRITE) {
234 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
235 if (!(phy_regcap[addr] & PHY_W)) {
236 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
237 val |= E1000_MDIC_ERROR;
239 s->phy_reg[addr] = data;
241 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
242 set_ics(s, 0, E1000_ICR_MDAC);
246 get_eecd(E1000State *s, int index)
248 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
250 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
251 s->eecd_state.bitnum_out, s->eecd_state.reading);
252 if (!s->eecd_state.reading ||
253 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
254 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
255 ret |= E1000_EECD_DO;
260 set_eecd(E1000State *s, int index, uint32_t val)
262 uint32_t oldval = s->eecd_state.old_eecd;
264 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
265 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
266 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
268 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
269 s->eecd_state.val_in = 0;
270 s->eecd_state.bitnum_in = 0;
271 s->eecd_state.bitnum_out = 0;
272 s->eecd_state.reading = 0;
274 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
276 if (!(E1000_EECD_SK & val)) { // falling edge
277 s->eecd_state.bitnum_out++;
280 s->eecd_state.val_in <<= 1;
281 if (val & E1000_EECD_DI)
282 s->eecd_state.val_in |= 1;
283 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
284 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
285 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
286 EEPROM_READ_OPCODE_MICROWIRE);
288 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
289 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
290 s->eecd_state.reading);
294 flash_eerd_read(E1000State *s, int x)
296 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
298 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
299 return (s->mac_reg[EERD]);
301 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
302 return (E1000_EEPROM_RW_REG_DONE | r);
304 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
305 E1000_EEPROM_RW_REG_DONE | r);
309 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
316 sum = net_checksum_add(n-css, data+css);
317 cpu_to_be16wu((uint16_t *)(data + sloc),
318 net_checksum_finish(sum));
323 vlan_enabled(E1000State *s)
325 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
329 vlan_rx_filter_enabled(E1000State *s)
331 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
335 is_vlan_packet(E1000State *s, const uint8_t *buf)
337 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
338 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
342 is_vlan_txd(uint32_t txd_lower)
344 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
347 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
348 * fill it in, just pad descriptor length by 4 bytes unless guest
349 * told us to strip it off the packet. */
351 fcs_len(E1000State *s)
353 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
357 xmit_seg(E1000State *s)
360 unsigned int frames = s->tx.tso_frames, css, sofar, n;
361 struct e1000_tx *tp = &s->tx;
363 if (tp->tse && tp->cptse) {
365 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
366 frames, tp->size, css);
367 if (tp->ip) { // IPv4
368 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
370 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
371 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
373 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
376 len = tp->size - css;
377 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
379 sofar = frames * tp->mss;
380 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
381 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
382 if (tp->paylen - sofar > tp->mss)
383 tp->data[css + 13] &= ~9; // PSH, FIN
385 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
386 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
388 // add pseudo-header length before checksum calculation
389 sp = (uint16_t *)(tp->data + tp->tucso);
390 phsum = be16_to_cpup(sp) + len;
391 phsum = (phsum >> 16) + (phsum & 0xffff);
392 cpu_to_be16wu(sp, phsum);
397 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
398 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
399 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
400 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
401 if (tp->vlan_needed) {
402 memmove(tp->vlan, tp->data, 4);
403 memmove(tp->data, tp->data + 4, 8);
404 memcpy(tp->data + 8, tp->vlan_header, 4);
405 qemu_send_packet(&s->nic->nc, tp->vlan, tp->size + 4);
407 qemu_send_packet(&s->nic->nc, tp->data, tp->size);
410 n = s->mac_reg[TOTL];
411 if ((s->mac_reg[TOTL] += s->tx.size) < n)
416 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
418 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
419 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
420 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
421 unsigned int msh = 0xfffff, hdr = 0;
423 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
424 struct e1000_tx *tp = &s->tx;
426 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
427 op = le32_to_cpu(xp->cmd_and_length);
428 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
429 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
430 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
431 tp->tucss = xp->upper_setup.tcp_fields.tucss;
432 tp->tucso = xp->upper_setup.tcp_fields.tucso;
433 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
434 tp->paylen = op & 0xfffff;
435 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
436 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
437 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
438 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
439 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
441 if (tp->tucso == 0) { // this is probably wrong
442 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
443 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
446 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
448 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
449 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
454 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
455 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
457 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
458 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
459 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
460 le16_to_cpu(dp->upper.fields.special));
463 addr = le64_to_cpu(dp->buffer_addr);
464 if (tp->tse && tp->cptse) {
469 if (tp->size + bytes > msh)
470 bytes = msh - tp->size;
471 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
472 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
473 memmove(tp->header, tp->data, hdr);
478 memmove(tp->data, tp->header, hdr);
481 } while (split_size -= bytes);
482 } else if (!tp->tse && tp->cptse) {
483 // context descriptor TSE is not set, while data descriptor TSE is set
484 DBGOUT(TXERR, "TCP segmentaion Error\n");
486 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
487 tp->size += split_size;
490 if (!(txd_lower & E1000_TXD_CMD_EOP))
492 if (!(tp->tse && tp->cptse && tp->size < hdr))
502 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
504 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
506 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
508 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
509 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
510 dp->upper.data = cpu_to_le32(txd_upper);
511 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
512 (void *)&dp->upper, sizeof(dp->upper));
513 return E1000_ICR_TXDW;
517 start_xmit(E1000State *s)
519 target_phys_addr_t base;
520 struct e1000_tx_desc desc;
521 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
523 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
524 DBGOUT(TX, "tx disabled\n");
528 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
529 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
530 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
531 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
533 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
534 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
537 process_tx_desc(s, &desc);
538 cause |= txdesc_writeback(base, &desc);
540 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
543 * the following could happen only if guest sw assigns
544 * bogus values to TDT/TDLEN.
545 * there's nothing too intelligent we could do about this.
547 if (s->mac_reg[TDH] == tdh_start) {
548 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
549 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
553 set_ics(s, 0, cause);
557 receive_filter(E1000State *s, const uint8_t *buf, int size)
559 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
560 static const int mta_shift[] = {4, 3, 2, 0};
561 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
563 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
564 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
565 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
566 ((vid >> 5) & 0x7f));
567 if ((vfta & (1 << (vid & 0x1f))) == 0)
571 if (rctl & E1000_RCTL_UPE) // promiscuous
574 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
577 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
580 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
581 if (!(rp[1] & E1000_RAH_AV))
583 ra[0] = cpu_to_le32(rp[0]);
584 ra[1] = cpu_to_le32(rp[1]);
585 if (!memcmp(buf, (uint8_t *)ra, 6)) {
587 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
588 (int)(rp - s->mac_reg - RA)/2,
589 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
593 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
594 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
596 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
597 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
598 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
601 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
602 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
603 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
604 s->mac_reg[MTA + (f >> 5)]);
610 e1000_set_link_status(VLANClientState *nc)
612 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
613 uint32_t old_status = s->mac_reg[STATUS];
616 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
618 s->mac_reg[STATUS] |= E1000_STATUS_LU;
620 if (s->mac_reg[STATUS] != old_status)
621 set_ics(s, 0, E1000_ICR_LSC);
625 e1000_can_receive(VLANClientState *nc)
627 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
629 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
633 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
635 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
636 struct e1000_rx_desc desc;
637 target_phys_addr_t base;
640 uint16_t vlan_special = 0;
641 uint8_t vlan_status = 0, vlan_offset = 0;
642 uint8_t min_buf[MIN_BUF_SIZE];
644 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
647 /* Pad to minimum Ethernet frame length */
648 if (size < sizeof(min_buf)) {
649 memcpy(min_buf, buf, size);
650 memset(&min_buf[size], 0, sizeof(min_buf) - size);
652 size = sizeof(min_buf);
655 if (size > s->rxbuf_size) {
656 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
657 (unsigned long)size, s->rxbuf_size);
661 if (!receive_filter(s, buf, size))
664 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
665 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
666 memmove((uint8_t *)buf + 4, buf, 12);
667 vlan_status = E1000_RXD_STAT_VP;
672 rdh_start = s->mac_reg[RDH];
674 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
675 set_ics(s, 0, E1000_ICS_RXO);
678 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
679 sizeof(desc) * s->mac_reg[RDH];
680 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
681 desc.special = vlan_special;
682 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
683 if (desc.buffer_addr) {
684 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
685 (void *)(buf + vlan_offset), size);
686 desc.length = cpu_to_le16(size + fcs_len(s));
687 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
688 } else // as per intel docs; skip descriptors with null buf addr
689 DBGOUT(RX, "Null RX descriptor!!\n");
690 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
692 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
695 /* see comment in start_xmit; same here */
696 if (s->mac_reg[RDH] == rdh_start) {
697 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
698 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
699 set_ics(s, 0, E1000_ICS_RXO);
702 } while (desc.buffer_addr == 0);
706 /* TOR - Total Octets Received:
707 * This register includes bytes received in a packet from the <Destination
708 * Address> field through the <CRC> field, inclusively.
710 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
711 if (n < s->mac_reg[TORL])
713 s->mac_reg[TORL] = n;
716 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
717 rdt += s->mac_reg[RDLEN] / sizeof(desc);
718 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
720 n |= E1000_ICS_RXDMT0;
728 mac_readreg(E1000State *s, int index)
730 return s->mac_reg[index];
734 mac_icr_read(E1000State *s, int index)
736 uint32_t ret = s->mac_reg[ICR];
738 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
739 set_interrupt_cause(s, 0, 0);
744 mac_read_clr4(E1000State *s, int index)
746 uint32_t ret = s->mac_reg[index];
748 s->mac_reg[index] = 0;
753 mac_read_clr8(E1000State *s, int index)
755 uint32_t ret = s->mac_reg[index];
757 s->mac_reg[index] = 0;
758 s->mac_reg[index-1] = 0;
763 mac_writereg(E1000State *s, int index, uint32_t val)
765 s->mac_reg[index] = val;
769 set_rdt(E1000State *s, int index, uint32_t val)
772 s->mac_reg[index] = val & 0xffff;
776 set_16bit(E1000State *s, int index, uint32_t val)
778 s->mac_reg[index] = val & 0xffff;
782 set_dlen(E1000State *s, int index, uint32_t val)
784 s->mac_reg[index] = val & 0xfff80;
788 set_tctl(E1000State *s, int index, uint32_t val)
790 s->mac_reg[index] = val;
791 s->mac_reg[TDT] &= 0xffff;
796 set_icr(E1000State *s, int index, uint32_t val)
798 DBGOUT(INTERRUPT, "set_icr %x\n", val);
799 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
803 set_imc(E1000State *s, int index, uint32_t val)
805 s->mac_reg[IMS] &= ~val;
810 set_ims(E1000State *s, int index, uint32_t val)
812 s->mac_reg[IMS] |= val;
816 #define getreg(x) [x] = mac_readreg
817 static uint32_t (*macreg_readops[])(E1000State *, int) = {
818 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
819 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
820 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
821 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
822 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
823 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
824 getreg(TDLEN), getreg(RDLEN),
826 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
827 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
828 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
829 [CRCERRS ... MPC] = &mac_readreg,
830 [RA ... RA+31] = &mac_readreg,
831 [MTA ... MTA+127] = &mac_readreg,
832 [VFTA ... VFTA+127] = &mac_readreg,
834 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
836 #define putreg(x) [x] = mac_writereg
837 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
838 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
839 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
840 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
841 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
842 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
843 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
844 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
845 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
846 [RA ... RA+31] = &mac_writereg,
847 [MTA ... MTA+127] = &mac_writereg,
848 [VFTA ... VFTA+127] = &mac_writereg,
850 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
853 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
855 E1000State *s = opaque;
856 unsigned int index = (addr & 0x1ffff) >> 2;
858 #ifdef TARGET_WORDS_BIGENDIAN
861 if (index < NWRITEOPS && macreg_writeops[index])
862 macreg_writeops[index](s, index, val);
863 else if (index < NREADOPS && macreg_readops[index])
864 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
866 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
871 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
873 // emulate hw without byte enables: no RMW
874 e1000_mmio_writel(opaque, addr & ~3,
875 (val & 0xffff) << (8*(addr & 3)));
879 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
881 // emulate hw without byte enables: no RMW
882 e1000_mmio_writel(opaque, addr & ~3,
883 (val & 0xff) << (8*(addr & 3)));
887 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
889 E1000State *s = opaque;
890 unsigned int index = (addr & 0x1ffff) >> 2;
892 if (index < NREADOPS && macreg_readops[index])
894 uint32_t val = macreg_readops[index](s, index);
895 #ifdef TARGET_WORDS_BIGENDIAN
900 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
905 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
907 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
908 (8 * (addr & 3))) & 0xff;
912 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
914 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
915 (8 * (addr & 3))) & 0xffff;
918 static bool is_version_1(void *opaque, int version_id)
920 return version_id == 1;
923 static const VMStateDescription vmstate_e1000 = {
926 .minimum_version_id = 1,
927 .minimum_version_id_old = 1,
928 .fields = (VMStateField []) {
929 VMSTATE_PCI_DEVICE(dev, E1000State),
930 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
931 VMSTATE_UNUSED(4), /* Was mmio_base. */
932 VMSTATE_UINT32(rxbuf_size, E1000State),
933 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
934 VMSTATE_UINT32(eecd_state.val_in, E1000State),
935 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
936 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
937 VMSTATE_UINT16(eecd_state.reading, E1000State),
938 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
939 VMSTATE_UINT8(tx.ipcss, E1000State),
940 VMSTATE_UINT8(tx.ipcso, E1000State),
941 VMSTATE_UINT16(tx.ipcse, E1000State),
942 VMSTATE_UINT8(tx.tucss, E1000State),
943 VMSTATE_UINT8(tx.tucso, E1000State),
944 VMSTATE_UINT16(tx.tucse, E1000State),
945 VMSTATE_UINT32(tx.paylen, E1000State),
946 VMSTATE_UINT8(tx.hdr_len, E1000State),
947 VMSTATE_UINT16(tx.mss, E1000State),
948 VMSTATE_UINT16(tx.size, E1000State),
949 VMSTATE_UINT16(tx.tso_frames, E1000State),
950 VMSTATE_UINT8(tx.sum_needed, E1000State),
951 VMSTATE_INT8(tx.ip, E1000State),
952 VMSTATE_INT8(tx.tcp, E1000State),
953 VMSTATE_BUFFER(tx.header, E1000State),
954 VMSTATE_BUFFER(tx.data, E1000State),
955 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
956 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
957 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
958 VMSTATE_UINT32(mac_reg[EECD], E1000State),
959 VMSTATE_UINT32(mac_reg[EERD], E1000State),
960 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
961 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
962 VMSTATE_UINT32(mac_reg[ICR], E1000State),
963 VMSTATE_UINT32(mac_reg[ICS], E1000State),
964 VMSTATE_UINT32(mac_reg[IMC], E1000State),
965 VMSTATE_UINT32(mac_reg[IMS], E1000State),
966 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
967 VMSTATE_UINT32(mac_reg[MANC], E1000State),
968 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
969 VMSTATE_UINT32(mac_reg[MPC], E1000State),
970 VMSTATE_UINT32(mac_reg[PBA], E1000State),
971 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
972 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
973 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
974 VMSTATE_UINT32(mac_reg[RDH], E1000State),
975 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
976 VMSTATE_UINT32(mac_reg[RDT], E1000State),
977 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
978 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
979 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
980 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
981 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
982 VMSTATE_UINT32(mac_reg[TDH], E1000State),
983 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
984 VMSTATE_UINT32(mac_reg[TDT], E1000State),
985 VMSTATE_UINT32(mac_reg[TORH], E1000State),
986 VMSTATE_UINT32(mac_reg[TORL], E1000State),
987 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
988 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
989 VMSTATE_UINT32(mac_reg[TPR], E1000State),
990 VMSTATE_UINT32(mac_reg[TPT], E1000State),
991 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
992 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
993 VMSTATE_UINT32(mac_reg[VET], E1000State),
994 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
995 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
996 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
997 VMSTATE_END_OF_LIST()
1001 static const uint16_t e1000_eeprom_template[64] = {
1002 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
1003 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
1004 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1005 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1006 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1007 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1008 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1009 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1012 static const uint16_t phy_reg_init[] = {
1013 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
1014 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
1015 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
1016 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
1017 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
1018 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
1021 static const uint32_t mac_reg_init[] = {
1024 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
1025 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
1026 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
1027 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1028 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1030 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1031 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1037 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1038 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1041 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1042 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1046 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1047 pcibus_t addr, pcibus_t size, int type)
1049 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1051 const uint32_t excluded_regs[] = {
1052 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1053 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1057 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1060 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1061 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1063 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1064 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1065 excluded_regs[i + 1] -
1066 excluded_regs[i] - 4);
1070 e1000_cleanup(VLANClientState *nc)
1072 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1078 pci_e1000_uninit(PCIDevice *dev)
1080 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1082 cpu_unregister_io_memory(d->mmio_index);
1083 qemu_del_vlan_client(&d->nic->nc);
1087 static void e1000_reset(void *opaque)
1089 E1000State *d = opaque;
1091 memset(d->phy_reg, 0, sizeof d->phy_reg);
1092 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1093 memset(d->mac_reg, 0, sizeof d->mac_reg);
1094 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1095 d->rxbuf_min_shift = 1;
1096 memset(&d->tx, 0, sizeof d->tx);
1099 static NetClientInfo net_e1000_info = {
1100 .type = NET_CLIENT_TYPE_NIC,
1101 .size = sizeof(NICState),
1102 .can_receive = e1000_can_receive,
1103 .receive = e1000_receive,
1104 .cleanup = e1000_cleanup,
1105 .link_status_changed = e1000_set_link_status,
1108 static int pci_e1000_init(PCIDevice *pci_dev)
1110 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1112 uint16_t checksum = 0;
1116 pci_conf = d->dev.config;
1118 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1119 pci_config_set_device_id(pci_conf, E1000_DEVID);
1120 /* TODO: we have no capabilities, so why is this bit set? */
1121 pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_CAP_LIST);
1122 pci_conf[PCI_REVISION_ID] = 0x03;
1123 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1124 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1125 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1127 /* TODO: RST# value should be 0 if programmable, PCI spec 6.2.4 */
1128 pci_conf[PCI_INTERRUPT_PIN] = 1; // interrupt pin 0
1130 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1131 e1000_mmio_write, d);
1133 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1134 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1136 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1137 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1139 memmove(d->eeprom_data, e1000_eeprom_template,
1140 sizeof e1000_eeprom_template);
1141 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1142 macaddr = d->conf.macaddr.a;
1143 for (i = 0; i < 3; i++)
1144 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1145 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1146 checksum += d->eeprom_data[i];
1147 checksum = (uint16_t) EEPROM_SUM - checksum;
1148 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1150 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1151 d->dev.qdev.info->name, d->dev.qdev.id, d);
1153 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1157 static void qdev_e1000_reset(DeviceState *dev)
1159 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1163 static PCIDeviceInfo e1000_info = {
1164 .qdev.name = "e1000",
1165 .qdev.desc = "Intel Gigabit Ethernet",
1166 .qdev.size = sizeof(E1000State),
1167 .qdev.reset = qdev_e1000_reset,
1168 .qdev.vmsd = &vmstate_e1000,
1169 .init = pci_e1000_init,
1170 .exit = pci_e1000_uninit,
1171 .romfile = "pxe-e1000.bin",
1172 .qdev.props = (Property[]) {
1173 DEFINE_NIC_PROPERTIES(E1000State, conf),
1174 DEFINE_PROP_END_OF_LIST(),
1178 static void e1000_register_devices(void)
1180 pci_qdev_register(&e1000_info);
1183 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob