4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 #include "net/checksum.h"
37 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
38 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
39 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
40 DEBUG_RXFILTER, DEBUG_NOTYET,
42 #define DBGBIT(x) (1<<DEBUG_##x)
43 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
45 #define DBGOUT(what, fmt, ...) do { \
46 if (debugflags & DBGBIT(what)) \
47 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
50 #define DBGOUT(what, fmt, ...) do {} while (0)
53 #define IOPORT_SIZE 0x40
54 #define PNPMMIO_SIZE 0x20000
58 * E1000_DEV_ID_82540EM works with Windows and Linux
59 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
60 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
61 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
64 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
67 * May need to specify additional MAC-to-PHY entries --
68 * Intel's Windows driver refuses to initialize unless they match
71 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
72 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
73 /* default to E1000_DEV_ID_82540EM */ 0xc20
76 typedef struct E1000State_st {
82 uint32_t mac_reg[0x8000];
83 uint16_t phy_reg[0x20];
84 uint16_t eeprom_data[64];
87 uint32_t rxbuf_min_shift;
90 unsigned char header[256];
91 unsigned char vlan_header[4];
92 unsigned char vlan[4];
93 unsigned char data[0x10000];
95 unsigned char sum_needed;
96 unsigned char vlan_needed;
110 char cptse; // current packet tse bit
114 uint32_t val_in; // shifted in from guest driver
122 #define defreg(x) x = (E1000_##x>>2)
124 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
125 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
126 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
127 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
128 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
129 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
130 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
131 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
132 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
133 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
137 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
138 static const char phy_regcap[0x20] = {
139 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
140 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
141 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
142 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
143 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
144 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
148 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
149 pcibus_t size, int type)
151 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
152 " size=0x%08"FMT_PCIBUS"\n", addr, size);
156 set_interrupt_cause(E1000State *s, int index, uint32_t val)
159 val |= E1000_ICR_INT_ASSERTED;
160 s->mac_reg[ICR] = val;
161 s->mac_reg[ICS] = val;
162 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
166 set_ics(E1000State *s, int index, uint32_t val)
168 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
170 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
174 rxbufsize(uint32_t v)
176 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
177 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
178 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
180 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
182 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
184 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
186 case E1000_RCTL_SZ_1024:
188 case E1000_RCTL_SZ_512:
190 case E1000_RCTL_SZ_256:
197 set_ctrl(E1000State *s, int index, uint32_t val)
199 /* RST is self clearing */
200 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
204 set_rx_control(E1000State *s, int index, uint32_t val)
206 s->mac_reg[RCTL] = val;
207 s->rxbuf_size = rxbufsize(val);
208 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
209 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
214 set_mdic(E1000State *s, int index, uint32_t val)
216 uint32_t data = val & E1000_MDIC_DATA_MASK;
217 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
219 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
220 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
221 else if (val & E1000_MDIC_OP_READ) {
222 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
223 if (!(phy_regcap[addr] & PHY_R)) {
224 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
225 val |= E1000_MDIC_ERROR;
227 val = (val ^ data) | s->phy_reg[addr];
228 } else if (val & E1000_MDIC_OP_WRITE) {
229 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
230 if (!(phy_regcap[addr] & PHY_W)) {
231 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
232 val |= E1000_MDIC_ERROR;
234 s->phy_reg[addr] = data;
236 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
237 set_ics(s, 0, E1000_ICR_MDAC);
241 get_eecd(E1000State *s, int index)
243 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
245 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
246 s->eecd_state.bitnum_out, s->eecd_state.reading);
247 if (!s->eecd_state.reading ||
248 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
249 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
250 ret |= E1000_EECD_DO;
255 set_eecd(E1000State *s, int index, uint32_t val)
257 uint32_t oldval = s->eecd_state.old_eecd;
259 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
260 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
261 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
263 if (!(E1000_EECD_SK & val)) { // falling edge
264 s->eecd_state.bitnum_out++;
267 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
268 memset(&s->eecd_state, 0, sizeof s->eecd_state);
270 * restore old_eecd's E1000_EECD_SK (known to be on)
271 * to avoid false detection of a clock edge
273 s->eecd_state.old_eecd = E1000_EECD_SK;
276 s->eecd_state.val_in <<= 1;
277 if (val & E1000_EECD_DI)
278 s->eecd_state.val_in |= 1;
279 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
280 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
281 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
282 EEPROM_READ_OPCODE_MICROWIRE);
284 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
285 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
286 s->eecd_state.reading);
290 flash_eerd_read(E1000State *s, int x)
292 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
294 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
295 return (s->mac_reg[EERD]);
297 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
298 return (E1000_EEPROM_RW_REG_DONE | r);
300 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
301 E1000_EEPROM_RW_REG_DONE | r);
305 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
312 sum = net_checksum_add(n-css, data+css);
313 cpu_to_be16wu((uint16_t *)(data + sloc),
314 net_checksum_finish(sum));
319 vlan_enabled(E1000State *s)
321 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
325 vlan_rx_filter_enabled(E1000State *s)
327 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
331 is_vlan_packet(E1000State *s, const uint8_t *buf)
333 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
334 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
338 is_vlan_txd(uint32_t txd_lower)
340 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
344 xmit_seg(E1000State *s)
347 unsigned int frames = s->tx.tso_frames, css, sofar, n;
348 struct e1000_tx *tp = &s->tx;
350 if (tp->tse && tp->cptse) {
352 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
353 frames, tp->size, css);
354 if (tp->ip) { // IPv4
355 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
357 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
358 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
360 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
363 len = tp->size - css;
364 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
366 sofar = frames * tp->mss;
367 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
368 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
369 if (tp->paylen - sofar > tp->mss)
370 tp->data[css + 13] &= ~9; // PSH, FIN
372 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
373 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
374 // add pseudo-header length before checksum calculation
375 sp = (uint16_t *)(tp->data + tp->tucso);
376 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
381 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
382 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
383 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
384 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
385 if (tp->vlan_needed) {
386 memmove(tp->vlan, tp->data, 12);
387 memcpy(tp->data + 8, tp->vlan_header, 4);
388 qemu_send_packet(s->vc, tp->vlan, tp->size + 4);
390 qemu_send_packet(s->vc, tp->data, tp->size);
393 n = s->mac_reg[TOTL];
394 if ((s->mac_reg[TOTL] += s->tx.size) < n)
399 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
401 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
402 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
403 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
404 unsigned int msh = 0xfffff, hdr = 0;
406 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
407 struct e1000_tx *tp = &s->tx;
409 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
410 op = le32_to_cpu(xp->cmd_and_length);
411 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
412 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
413 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
414 tp->tucss = xp->upper_setup.tcp_fields.tucss;
415 tp->tucso = xp->upper_setup.tcp_fields.tucso;
416 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
417 tp->paylen = op & 0xfffff;
418 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
419 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
420 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
421 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
422 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
424 if (tp->tucso == 0) { // this is probably wrong
425 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
426 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
429 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
431 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
432 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
437 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
438 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
440 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
441 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
442 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
443 le16_to_cpu(dp->upper.fields.special));
446 addr = le64_to_cpu(dp->buffer_addr);
447 if (tp->tse && tp->cptse) {
452 if (tp->size + bytes > msh)
453 bytes = msh - tp->size;
454 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
455 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
456 memmove(tp->header, tp->data, hdr);
461 memmove(tp->data, tp->header, hdr);
464 } while (split_size -= bytes);
465 } else if (!tp->tse && tp->cptse) {
466 // context descriptor TSE is not set, while data descriptor TSE is set
467 DBGOUT(TXERR, "TCP segmentaion Error\n");
469 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
470 tp->size += split_size;
473 if (!(txd_lower & E1000_TXD_CMD_EOP))
475 if (!(tp->tse && tp->cptse && tp->size < hdr))
485 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
487 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
489 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
491 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
492 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
493 dp->upper.data = cpu_to_le32(txd_upper);
494 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
495 (void *)&dp->upper, sizeof(dp->upper));
496 return E1000_ICR_TXDW;
500 start_xmit(E1000State *s)
502 target_phys_addr_t base;
503 struct e1000_tx_desc desc;
504 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
506 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
507 DBGOUT(TX, "tx disabled\n");
511 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
512 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
513 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
514 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
516 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
517 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
520 process_tx_desc(s, &desc);
521 cause |= txdesc_writeback(base, &desc);
523 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
526 * the following could happen only if guest sw assigns
527 * bogus values to TDT/TDLEN.
528 * there's nothing too intelligent we could do about this.
530 if (s->mac_reg[TDH] == tdh_start) {
531 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
532 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
536 set_ics(s, 0, cause);
540 receive_filter(E1000State *s, const uint8_t *buf, int size)
542 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
543 static int mta_shift[] = {4, 3, 2, 0};
544 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
546 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
547 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
548 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
549 ((vid >> 5) & 0x7f));
550 if ((vfta & (1 << (vid & 0x1f))) == 0)
554 if (rctl & E1000_RCTL_UPE) // promiscuous
557 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
560 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
563 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
564 if (!(rp[1] & E1000_RAH_AV))
566 ra[0] = cpu_to_le32(rp[0]);
567 ra[1] = cpu_to_le32(rp[1]);
568 if (!memcmp(buf, (uint8_t *)ra, 6)) {
570 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
571 (int)(rp - s->mac_reg - RA)/2,
572 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
576 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
577 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
579 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
580 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
581 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
584 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
585 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
586 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
587 s->mac_reg[MTA + (f >> 5)]);
593 e1000_set_link_status(VLANClientState *vc)
595 E1000State *s = vc->opaque;
596 uint32_t old_status = s->mac_reg[STATUS];
599 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
601 s->mac_reg[STATUS] |= E1000_STATUS_LU;
603 if (s->mac_reg[STATUS] != old_status)
604 set_ics(s, 0, E1000_ICR_LSC);
608 e1000_can_receive(VLANClientState *vc)
610 E1000State *s = vc->opaque;
612 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
616 e1000_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
618 E1000State *s = vc->opaque;
619 struct e1000_rx_desc desc;
620 target_phys_addr_t base;
623 uint16_t vlan_special = 0;
624 uint8_t vlan_status = 0, vlan_offset = 0;
626 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
629 if (size > s->rxbuf_size) {
630 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
631 (unsigned long)size, s->rxbuf_size);
635 if (!receive_filter(s, buf, size))
638 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
639 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
640 memmove((void *)(buf + 4), buf, 12);
641 vlan_status = E1000_RXD_STAT_VP;
646 rdh_start = s->mac_reg[RDH];
647 size += 4; // for the header
649 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
650 set_ics(s, 0, E1000_ICS_RXO);
653 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
654 sizeof(desc) * s->mac_reg[RDH];
655 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
656 desc.special = vlan_special;
657 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
658 if (desc.buffer_addr) {
659 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
660 (void *)(buf + vlan_offset), size);
661 desc.length = cpu_to_le16(size);
662 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
663 } else // as per intel docs; skip descriptors with null buf addr
664 DBGOUT(RX, "Null RX descriptor!!\n");
665 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
667 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
670 /* see comment in start_xmit; same here */
671 if (s->mac_reg[RDH] == rdh_start) {
672 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
673 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
674 set_ics(s, 0, E1000_ICS_RXO);
677 } while (desc.buffer_addr == 0);
681 n = s->mac_reg[TORL];
682 if ((s->mac_reg[TORL] += size) < n)
686 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
687 rdt += s->mac_reg[RDLEN] / sizeof(desc);
688 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
690 n |= E1000_ICS_RXDMT0;
698 mac_readreg(E1000State *s, int index)
700 return s->mac_reg[index];
704 mac_icr_read(E1000State *s, int index)
706 uint32_t ret = s->mac_reg[ICR];
708 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
709 set_interrupt_cause(s, 0, 0);
714 mac_read_clr4(E1000State *s, int index)
716 uint32_t ret = s->mac_reg[index];
718 s->mac_reg[index] = 0;
723 mac_read_clr8(E1000State *s, int index)
725 uint32_t ret = s->mac_reg[index];
727 s->mac_reg[index] = 0;
728 s->mac_reg[index-1] = 0;
733 mac_writereg(E1000State *s, int index, uint32_t val)
735 s->mac_reg[index] = val;
739 set_rdt(E1000State *s, int index, uint32_t val)
742 s->mac_reg[index] = val & 0xffff;
746 set_16bit(E1000State *s, int index, uint32_t val)
748 s->mac_reg[index] = val & 0xffff;
752 set_dlen(E1000State *s, int index, uint32_t val)
754 s->mac_reg[index] = val & 0xfff80;
758 set_tctl(E1000State *s, int index, uint32_t val)
760 s->mac_reg[index] = val;
761 s->mac_reg[TDT] &= 0xffff;
766 set_icr(E1000State *s, int index, uint32_t val)
768 DBGOUT(INTERRUPT, "set_icr %x\n", val);
769 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
773 set_imc(E1000State *s, int index, uint32_t val)
775 s->mac_reg[IMS] &= ~val;
780 set_ims(E1000State *s, int index, uint32_t val)
782 s->mac_reg[IMS] |= val;
786 #define getreg(x) [x] = mac_readreg
787 static uint32_t (*macreg_readops[])(E1000State *, int) = {
788 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
789 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
790 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
791 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
792 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
794 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
795 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
796 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
797 [CRCERRS ... MPC] = &mac_readreg,
798 [RA ... RA+31] = &mac_readreg,
799 [MTA ... MTA+127] = &mac_readreg,
800 [VFTA ... VFTA+127] = &mac_readreg,
802 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
804 #define putreg(x) [x] = mac_writereg
805 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
806 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
807 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
808 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
809 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
810 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
811 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
812 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
813 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
814 [RA ... RA+31] = &mac_writereg,
815 [MTA ... MTA+127] = &mac_writereg,
816 [VFTA ... VFTA+127] = &mac_writereg,
818 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
821 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
823 E1000State *s = opaque;
824 unsigned int index = (addr & 0x1ffff) >> 2;
826 #ifdef TARGET_WORDS_BIGENDIAN
829 if (index < NWRITEOPS && macreg_writeops[index])
830 macreg_writeops[index](s, index, val);
831 else if (index < NREADOPS && macreg_readops[index])
832 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
834 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
839 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
841 // emulate hw without byte enables: no RMW
842 e1000_mmio_writel(opaque, addr & ~3,
843 (val & 0xffff) << (8*(addr & 3)));
847 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
849 // emulate hw without byte enables: no RMW
850 e1000_mmio_writel(opaque, addr & ~3,
851 (val & 0xff) << (8*(addr & 3)));
855 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
857 E1000State *s = opaque;
858 unsigned int index = (addr & 0x1ffff) >> 2;
860 if (index < NREADOPS && macreg_readops[index])
862 uint32_t val = macreg_readops[index](s, index);
863 #ifdef TARGET_WORDS_BIGENDIAN
868 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
873 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
875 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
876 (8 * (addr & 3))) & 0xff;
880 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
882 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
883 (8 * (addr & 3))) & 0xffff;
886 static bool is_version_1(void *opaque, int version_id)
888 return version_id == 1;
891 static const VMStateDescription vmstate_e1000 = {
894 .minimum_version_id = 1,
895 .minimum_version_id_old = 1,
896 .fields = (VMStateField []) {
897 VMSTATE_PCI_DEVICE(dev, E1000State),
898 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
899 VMSTATE_UNUSED(4), /* Was mmio_base. */
900 VMSTATE_UINT32(rxbuf_size, E1000State),
901 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
902 VMSTATE_UINT32(eecd_state.val_in, E1000State),
903 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
904 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
905 VMSTATE_UINT16(eecd_state.reading, E1000State),
906 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
907 VMSTATE_UINT8(tx.ipcss, E1000State),
908 VMSTATE_UINT8(tx.ipcso, E1000State),
909 VMSTATE_UINT16(tx.ipcse, E1000State),
910 VMSTATE_UINT8(tx.tucss, E1000State),
911 VMSTATE_UINT8(tx.tucso, E1000State),
912 VMSTATE_UINT16(tx.tucse, E1000State),
913 VMSTATE_UINT32(tx.paylen, E1000State),
914 VMSTATE_UINT8(tx.hdr_len, E1000State),
915 VMSTATE_UINT16(tx.mss, E1000State),
916 VMSTATE_UINT16(tx.size, E1000State),
917 VMSTATE_UINT16(tx.tso_frames, E1000State),
918 VMSTATE_UINT8(tx.sum_needed, E1000State),
919 VMSTATE_INT8(tx.ip, E1000State),
920 VMSTATE_INT8(tx.tcp, E1000State),
921 VMSTATE_BUFFER(tx.header, E1000State),
922 VMSTATE_BUFFER(tx.data, E1000State),
923 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
924 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
925 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
926 VMSTATE_UINT32(mac_reg[EECD], E1000State),
927 VMSTATE_UINT32(mac_reg[EERD], E1000State),
928 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
929 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
930 VMSTATE_UINT32(mac_reg[ICR], E1000State),
931 VMSTATE_UINT32(mac_reg[ICS], E1000State),
932 VMSTATE_UINT32(mac_reg[IMC], E1000State),
933 VMSTATE_UINT32(mac_reg[IMS], E1000State),
934 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
935 VMSTATE_UINT32(mac_reg[MANC], E1000State),
936 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
937 VMSTATE_UINT32(mac_reg[MPC], E1000State),
938 VMSTATE_UINT32(mac_reg[PBA], E1000State),
939 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
940 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
941 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
942 VMSTATE_UINT32(mac_reg[RDH], E1000State),
943 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
944 VMSTATE_UINT32(mac_reg[RDT], E1000State),
945 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
946 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
947 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
948 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
949 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
950 VMSTATE_UINT32(mac_reg[TDH], E1000State),
951 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
952 VMSTATE_UINT32(mac_reg[TDT], E1000State),
953 VMSTATE_UINT32(mac_reg[TORH], E1000State),
954 VMSTATE_UINT32(mac_reg[TORL], E1000State),
955 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
956 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
957 VMSTATE_UINT32(mac_reg[TPR], E1000State),
958 VMSTATE_UINT32(mac_reg[TPT], E1000State),
959 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
960 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
961 VMSTATE_UINT32(mac_reg[VET], E1000State),
962 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
963 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
964 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
965 VMSTATE_END_OF_LIST()
969 static const uint16_t e1000_eeprom_template[64] = {
970 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
971 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
972 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
973 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
974 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
975 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
976 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
977 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
980 static const uint16_t phy_reg_init[] = {
981 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
982 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
983 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
984 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
985 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
986 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
989 static const uint32_t mac_reg_init[] = {
992 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
993 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
994 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
995 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
996 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
998 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
999 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1005 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1006 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1009 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1010 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1014 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1015 pcibus_t addr, pcibus_t size, int type)
1017 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1019 const uint32_t excluded_regs[] = {
1020 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1021 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1025 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1028 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1029 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1031 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1032 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1033 excluded_regs[i + 1] -
1034 excluded_regs[i] - 4);
1038 e1000_cleanup(VLANClientState *vc)
1040 E1000State *d = vc->opaque;
1046 pci_e1000_uninit(PCIDevice *dev)
1048 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1050 cpu_unregister_io_memory(d->mmio_index);
1051 qemu_del_vlan_client(d->vc);
1052 vmstate_unregister(&vmstate_e1000, d);
1056 static void e1000_reset(void *opaque)
1058 E1000State *d = opaque;
1060 memset(d->phy_reg, 0, sizeof d->phy_reg);
1061 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1062 memset(d->mac_reg, 0, sizeof d->mac_reg);
1063 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1064 d->rxbuf_min_shift = 1;
1065 memset(&d->tx, 0, sizeof d->tx);
1068 static int pci_e1000_init(PCIDevice *pci_dev)
1070 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1072 uint16_t checksum = 0;
1076 pci_conf = d->dev.config;
1078 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1079 pci_config_set_device_id(pci_conf, E1000_DEVID);
1080 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
1081 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
1082 pci_conf[0x08] = 0x03;
1083 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1084 pci_conf[0x0c] = 0x10;
1086 pci_conf[0x3d] = 1; // interrupt pin 0
1088 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1089 e1000_mmio_write, d);
1091 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1092 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1094 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1095 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1097 memmove(d->eeprom_data, e1000_eeprom_template,
1098 sizeof e1000_eeprom_template);
1099 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1100 macaddr = d->conf.macaddr.a;
1101 for (i = 0; i < 3; i++)
1102 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1103 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1104 checksum += d->eeprom_data[i];
1105 checksum = (uint16_t) EEPROM_SUM - checksum;
1106 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1108 d->vc = qemu_new_vlan_client(NET_CLIENT_TYPE_NIC,
1109 d->conf.vlan, d->conf.peer,
1110 d->dev.qdev.info->name, d->dev.qdev.id,
1111 e1000_can_receive, e1000_receive, NULL,
1112 NULL, e1000_cleanup, d);
1113 d->vc->link_status_changed = e1000_set_link_status;
1115 qemu_format_nic_info_str(d->vc, macaddr);
1117 vmstate_register(-1, &vmstate_e1000, d);
1119 if (!pci_dev->qdev.hotplugged) {
1120 static int loaded = 0;
1122 rom_add_option("pxe-e1000.bin");
1129 static void qdev_e1000_reset(DeviceState *dev)
1131 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1135 static PCIDeviceInfo e1000_info = {
1136 .qdev.name = "e1000",
1137 .qdev.desc = "Intel Gigabit Ethernet",
1138 .qdev.size = sizeof(E1000State),
1139 .qdev.reset = qdev_e1000_reset,
1140 .init = pci_e1000_init,
1141 .exit = pci_e1000_uninit,
1142 .qdev.props = (Property[]) {
1143 DEFINE_NIC_PROPERTIES(E1000State, conf),
1144 DEFINE_PROP_END_OF_LIST(),
1148 static void e1000_register_devices(void)
1150 pci_qdev_register(&e1000_info);
1153 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob