4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
40 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
41 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
42 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
43 DEBUG_RXFILTER, DEBUG_NOTYET,
45 #define DBGBIT(x) (1<<DEBUG_##x)
46 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
48 #define DBGOUT(what, fmt, ...) do { \
49 if (debugflags & DBGBIT(what)) \
50 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #define IOPORT_SIZE 0x40
57 #define PNPMMIO_SIZE 0x20000
61 * E1000_DEV_ID_82540EM works with Windows and Linux
62 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
63 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
64 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
67 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
70 * May need to specify additional MAC-to-PHY entries --
71 * Intel's Windows driver refuses to initialize unless they match
74 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
75 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
76 /* default to E1000_DEV_ID_82540EM */ 0xc20
79 typedef struct E1000State_st {
85 uint32_t mac_reg[0x8000];
86 uint16_t phy_reg[0x20];
87 uint16_t eeprom_data[64];
90 uint32_t rxbuf_min_shift;
93 unsigned char header[256];
94 unsigned char vlan_header[4];
95 /* Fields vlan and data must not be reordered or separated. */
96 unsigned char vlan[4];
97 unsigned char data[0x10000];
99 unsigned char sum_needed;
100 unsigned char vlan_needed;
114 char cptse; // current packet tse bit
118 uint32_t val_in; // shifted in from guest driver
126 #define defreg(x) x = (E1000_##x>>2)
128 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
129 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
130 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
131 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
132 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
133 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
134 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
135 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
136 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
137 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
141 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
142 static const char phy_regcap[0x20] = {
143 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
144 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
145 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
146 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
147 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
148 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
152 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
153 pcibus_t size, int type)
155 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
156 " size=0x%08"FMT_PCIBUS"\n", addr, size);
160 set_interrupt_cause(E1000State *s, int index, uint32_t val)
163 val |= E1000_ICR_INT_ASSERTED;
164 s->mac_reg[ICR] = val;
165 s->mac_reg[ICS] = val;
166 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
170 set_ics(E1000State *s, int index, uint32_t val)
172 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
174 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
178 rxbufsize(uint32_t v)
180 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
181 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
182 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
184 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
186 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
188 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
190 case E1000_RCTL_SZ_1024:
192 case E1000_RCTL_SZ_512:
194 case E1000_RCTL_SZ_256:
201 set_ctrl(E1000State *s, int index, uint32_t val)
203 /* RST is self clearing */
204 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
208 set_rx_control(E1000State *s, int index, uint32_t val)
210 s->mac_reg[RCTL] = val;
211 s->rxbuf_size = rxbufsize(val);
212 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
213 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
218 set_mdic(E1000State *s, int index, uint32_t val)
220 uint32_t data = val & E1000_MDIC_DATA_MASK;
221 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
223 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
224 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
225 else if (val & E1000_MDIC_OP_READ) {
226 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
227 if (!(phy_regcap[addr] & PHY_R)) {
228 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
229 val |= E1000_MDIC_ERROR;
231 val = (val ^ data) | s->phy_reg[addr];
232 } else if (val & E1000_MDIC_OP_WRITE) {
233 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
234 if (!(phy_regcap[addr] & PHY_W)) {
235 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
236 val |= E1000_MDIC_ERROR;
238 s->phy_reg[addr] = data;
240 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
241 set_ics(s, 0, E1000_ICR_MDAC);
245 get_eecd(E1000State *s, int index)
247 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
249 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
250 s->eecd_state.bitnum_out, s->eecd_state.reading);
251 if (!s->eecd_state.reading ||
252 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
253 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
254 ret |= E1000_EECD_DO;
259 set_eecd(E1000State *s, int index, uint32_t val)
261 uint32_t oldval = s->eecd_state.old_eecd;
263 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
264 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
265 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
267 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
268 s->eecd_state.val_in = 0;
269 s->eecd_state.bitnum_in = 0;
270 s->eecd_state.bitnum_out = 0;
271 s->eecd_state.reading = 0;
273 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
275 if (!(E1000_EECD_SK & val)) { // falling edge
276 s->eecd_state.bitnum_out++;
279 s->eecd_state.val_in <<= 1;
280 if (val & E1000_EECD_DI)
281 s->eecd_state.val_in |= 1;
282 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
283 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
284 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
285 EEPROM_READ_OPCODE_MICROWIRE);
287 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
288 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
289 s->eecd_state.reading);
293 flash_eerd_read(E1000State *s, int x)
295 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
297 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
298 return (s->mac_reg[EERD]);
300 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
301 return (E1000_EEPROM_RW_REG_DONE | r);
303 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
304 E1000_EEPROM_RW_REG_DONE | r);
308 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
315 sum = net_checksum_add(n-css, data+css);
316 cpu_to_be16wu((uint16_t *)(data + sloc),
317 net_checksum_finish(sum));
322 vlan_enabled(E1000State *s)
324 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
328 vlan_rx_filter_enabled(E1000State *s)
330 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
334 is_vlan_packet(E1000State *s, const uint8_t *buf)
336 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
337 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
341 is_vlan_txd(uint32_t txd_lower)
343 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
347 xmit_seg(E1000State *s)
350 unsigned int frames = s->tx.tso_frames, css, sofar, n;
351 struct e1000_tx *tp = &s->tx;
353 if (tp->tse && tp->cptse) {
355 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
356 frames, tp->size, css);
357 if (tp->ip) { // IPv4
358 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
360 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
361 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
363 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
366 len = tp->size - css;
367 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
369 sofar = frames * tp->mss;
370 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
371 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
372 if (tp->paylen - sofar > tp->mss)
373 tp->data[css + 13] &= ~9; // PSH, FIN
375 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
376 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
377 // add pseudo-header length before checksum calculation
378 sp = (uint16_t *)(tp->data + tp->tucso);
379 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
384 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
385 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
386 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
387 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
388 if (tp->vlan_needed) {
389 memmove(tp->vlan, tp->data, 4);
390 memmove(tp->data, tp->data + 4, 8);
391 memcpy(tp->data + 8, tp->vlan_header, 4);
392 qemu_send_packet(&s->nic->nc, tp->vlan, tp->size + 4);
394 qemu_send_packet(&s->nic->nc, tp->data, tp->size);
397 n = s->mac_reg[TOTL];
398 if ((s->mac_reg[TOTL] += s->tx.size) < n)
403 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
405 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
406 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
407 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
408 unsigned int msh = 0xfffff, hdr = 0;
410 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
411 struct e1000_tx *tp = &s->tx;
413 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
414 op = le32_to_cpu(xp->cmd_and_length);
415 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
416 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
417 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
418 tp->tucss = xp->upper_setup.tcp_fields.tucss;
419 tp->tucso = xp->upper_setup.tcp_fields.tucso;
420 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
421 tp->paylen = op & 0xfffff;
422 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
423 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
424 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
425 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
426 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
428 if (tp->tucso == 0) { // this is probably wrong
429 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
430 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
433 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
435 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
436 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
441 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
442 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
444 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
445 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
446 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
447 le16_to_cpu(dp->upper.fields.special));
450 addr = le64_to_cpu(dp->buffer_addr);
451 if (tp->tse && tp->cptse) {
456 if (tp->size + bytes > msh)
457 bytes = msh - tp->size;
458 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
459 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
460 memmove(tp->header, tp->data, hdr);
465 memmove(tp->data, tp->header, hdr);
468 } while (split_size -= bytes);
469 } else if (!tp->tse && tp->cptse) {
470 // context descriptor TSE is not set, while data descriptor TSE is set
471 DBGOUT(TXERR, "TCP segmentaion Error\n");
473 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
474 tp->size += split_size;
477 if (!(txd_lower & E1000_TXD_CMD_EOP))
479 if (!(tp->tse && tp->cptse && tp->size < hdr))
489 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
491 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
493 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
495 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
496 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
497 dp->upper.data = cpu_to_le32(txd_upper);
498 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
499 (void *)&dp->upper, sizeof(dp->upper));
500 return E1000_ICR_TXDW;
504 start_xmit(E1000State *s)
506 target_phys_addr_t base;
507 struct e1000_tx_desc desc;
508 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
510 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
511 DBGOUT(TX, "tx disabled\n");
515 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
516 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
517 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
518 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
520 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
521 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
524 process_tx_desc(s, &desc);
525 cause |= txdesc_writeback(base, &desc);
527 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
530 * the following could happen only if guest sw assigns
531 * bogus values to TDT/TDLEN.
532 * there's nothing too intelligent we could do about this.
534 if (s->mac_reg[TDH] == tdh_start) {
535 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
536 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
540 set_ics(s, 0, cause);
544 receive_filter(E1000State *s, const uint8_t *buf, int size)
546 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
547 static const int mta_shift[] = {4, 3, 2, 0};
548 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
550 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
551 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
552 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
553 ((vid >> 5) & 0x7f));
554 if ((vfta & (1 << (vid & 0x1f))) == 0)
558 if (rctl & E1000_RCTL_UPE) // promiscuous
561 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
564 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
567 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
568 if (!(rp[1] & E1000_RAH_AV))
570 ra[0] = cpu_to_le32(rp[0]);
571 ra[1] = cpu_to_le32(rp[1]);
572 if (!memcmp(buf, (uint8_t *)ra, 6)) {
574 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
575 (int)(rp - s->mac_reg - RA)/2,
576 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
580 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
581 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
583 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
584 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
585 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
588 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
589 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
590 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
591 s->mac_reg[MTA + (f >> 5)]);
597 e1000_set_link_status(VLANClientState *nc)
599 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
600 uint32_t old_status = s->mac_reg[STATUS];
603 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
605 s->mac_reg[STATUS] |= E1000_STATUS_LU;
607 if (s->mac_reg[STATUS] != old_status)
608 set_ics(s, 0, E1000_ICR_LSC);
612 e1000_can_receive(VLANClientState *nc)
614 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
616 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
620 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
622 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
623 struct e1000_rx_desc desc;
624 target_phys_addr_t base;
627 uint16_t vlan_special = 0;
628 uint8_t vlan_status = 0, vlan_offset = 0;
630 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
633 if (size > s->rxbuf_size) {
634 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
635 (unsigned long)size, s->rxbuf_size);
639 if (!receive_filter(s, buf, size))
642 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
643 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
644 memmove((uint8_t *)buf + 4, buf, 12);
645 vlan_status = E1000_RXD_STAT_VP;
650 rdh_start = s->mac_reg[RDH];
651 size += 4; // for the header
653 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
654 set_ics(s, 0, E1000_ICS_RXO);
657 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
658 sizeof(desc) * s->mac_reg[RDH];
659 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
660 desc.special = vlan_special;
661 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
662 if (desc.buffer_addr) {
663 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
664 (void *)(buf + vlan_offset), size);
665 desc.length = cpu_to_le16(size);
666 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
667 } else // as per intel docs; skip descriptors with null buf addr
668 DBGOUT(RX, "Null RX descriptor!!\n");
669 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
671 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
674 /* see comment in start_xmit; same here */
675 if (s->mac_reg[RDH] == rdh_start) {
676 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
677 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
678 set_ics(s, 0, E1000_ICS_RXO);
681 } while (desc.buffer_addr == 0);
685 n = s->mac_reg[TORL];
686 if ((s->mac_reg[TORL] += size) < n)
690 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
691 rdt += s->mac_reg[RDLEN] / sizeof(desc);
692 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
694 n |= E1000_ICS_RXDMT0;
702 mac_readreg(E1000State *s, int index)
704 return s->mac_reg[index];
708 mac_icr_read(E1000State *s, int index)
710 uint32_t ret = s->mac_reg[ICR];
712 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
713 set_interrupt_cause(s, 0, 0);
718 mac_read_clr4(E1000State *s, int index)
720 uint32_t ret = s->mac_reg[index];
722 s->mac_reg[index] = 0;
727 mac_read_clr8(E1000State *s, int index)
729 uint32_t ret = s->mac_reg[index];
731 s->mac_reg[index] = 0;
732 s->mac_reg[index-1] = 0;
737 mac_writereg(E1000State *s, int index, uint32_t val)
739 s->mac_reg[index] = val;
743 set_rdt(E1000State *s, int index, uint32_t val)
746 s->mac_reg[index] = val & 0xffff;
750 set_16bit(E1000State *s, int index, uint32_t val)
752 s->mac_reg[index] = val & 0xffff;
756 set_dlen(E1000State *s, int index, uint32_t val)
758 s->mac_reg[index] = val & 0xfff80;
762 set_tctl(E1000State *s, int index, uint32_t val)
764 s->mac_reg[index] = val;
765 s->mac_reg[TDT] &= 0xffff;
770 set_icr(E1000State *s, int index, uint32_t val)
772 DBGOUT(INTERRUPT, "set_icr %x\n", val);
773 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
777 set_imc(E1000State *s, int index, uint32_t val)
779 s->mac_reg[IMS] &= ~val;
784 set_ims(E1000State *s, int index, uint32_t val)
786 s->mac_reg[IMS] |= val;
790 #define getreg(x) [x] = mac_readreg
791 static uint32_t (*macreg_readops[])(E1000State *, int) = {
792 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
793 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
794 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
795 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
796 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
797 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
798 getreg(TDLEN), getreg(RDLEN),
800 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
801 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
802 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
803 [CRCERRS ... MPC] = &mac_readreg,
804 [RA ... RA+31] = &mac_readreg,
805 [MTA ... MTA+127] = &mac_readreg,
806 [VFTA ... VFTA+127] = &mac_readreg,
808 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
810 #define putreg(x) [x] = mac_writereg
811 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
812 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
813 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
814 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
815 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
816 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
817 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
818 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
819 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
820 [RA ... RA+31] = &mac_writereg,
821 [MTA ... MTA+127] = &mac_writereg,
822 [VFTA ... VFTA+127] = &mac_writereg,
824 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
827 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
829 E1000State *s = opaque;
830 unsigned int index = (addr & 0x1ffff) >> 2;
832 #ifdef TARGET_WORDS_BIGENDIAN
835 if (index < NWRITEOPS && macreg_writeops[index])
836 macreg_writeops[index](s, index, val);
837 else if (index < NREADOPS && macreg_readops[index])
838 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
840 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
845 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
847 // emulate hw without byte enables: no RMW
848 e1000_mmio_writel(opaque, addr & ~3,
849 (val & 0xffff) << (8*(addr & 3)));
853 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
855 // emulate hw without byte enables: no RMW
856 e1000_mmio_writel(opaque, addr & ~3,
857 (val & 0xff) << (8*(addr & 3)));
861 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
863 E1000State *s = opaque;
864 unsigned int index = (addr & 0x1ffff) >> 2;
866 if (index < NREADOPS && macreg_readops[index])
868 uint32_t val = macreg_readops[index](s, index);
869 #ifdef TARGET_WORDS_BIGENDIAN
874 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
879 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
881 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
882 (8 * (addr & 3))) & 0xff;
886 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
888 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
889 (8 * (addr & 3))) & 0xffff;
892 static bool is_version_1(void *opaque, int version_id)
894 return version_id == 1;
897 static const VMStateDescription vmstate_e1000 = {
900 .minimum_version_id = 1,
901 .minimum_version_id_old = 1,
902 .fields = (VMStateField []) {
903 VMSTATE_PCI_DEVICE(dev, E1000State),
904 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
905 VMSTATE_UNUSED(4), /* Was mmio_base. */
906 VMSTATE_UINT32(rxbuf_size, E1000State),
907 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
908 VMSTATE_UINT32(eecd_state.val_in, E1000State),
909 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
910 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
911 VMSTATE_UINT16(eecd_state.reading, E1000State),
912 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
913 VMSTATE_UINT8(tx.ipcss, E1000State),
914 VMSTATE_UINT8(tx.ipcso, E1000State),
915 VMSTATE_UINT16(tx.ipcse, E1000State),
916 VMSTATE_UINT8(tx.tucss, E1000State),
917 VMSTATE_UINT8(tx.tucso, E1000State),
918 VMSTATE_UINT16(tx.tucse, E1000State),
919 VMSTATE_UINT32(tx.paylen, E1000State),
920 VMSTATE_UINT8(tx.hdr_len, E1000State),
921 VMSTATE_UINT16(tx.mss, E1000State),
922 VMSTATE_UINT16(tx.size, E1000State),
923 VMSTATE_UINT16(tx.tso_frames, E1000State),
924 VMSTATE_UINT8(tx.sum_needed, E1000State),
925 VMSTATE_INT8(tx.ip, E1000State),
926 VMSTATE_INT8(tx.tcp, E1000State),
927 VMSTATE_BUFFER(tx.header, E1000State),
928 VMSTATE_BUFFER(tx.data, E1000State),
929 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
930 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
931 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
932 VMSTATE_UINT32(mac_reg[EECD], E1000State),
933 VMSTATE_UINT32(mac_reg[EERD], E1000State),
934 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
935 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
936 VMSTATE_UINT32(mac_reg[ICR], E1000State),
937 VMSTATE_UINT32(mac_reg[ICS], E1000State),
938 VMSTATE_UINT32(mac_reg[IMC], E1000State),
939 VMSTATE_UINT32(mac_reg[IMS], E1000State),
940 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
941 VMSTATE_UINT32(mac_reg[MANC], E1000State),
942 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
943 VMSTATE_UINT32(mac_reg[MPC], E1000State),
944 VMSTATE_UINT32(mac_reg[PBA], E1000State),
945 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
946 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
947 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
948 VMSTATE_UINT32(mac_reg[RDH], E1000State),
949 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
950 VMSTATE_UINT32(mac_reg[RDT], E1000State),
951 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
952 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
953 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
954 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
955 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
956 VMSTATE_UINT32(mac_reg[TDH], E1000State),
957 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
958 VMSTATE_UINT32(mac_reg[TDT], E1000State),
959 VMSTATE_UINT32(mac_reg[TORH], E1000State),
960 VMSTATE_UINT32(mac_reg[TORL], E1000State),
961 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
962 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
963 VMSTATE_UINT32(mac_reg[TPR], E1000State),
964 VMSTATE_UINT32(mac_reg[TPT], E1000State),
965 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
966 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
967 VMSTATE_UINT32(mac_reg[VET], E1000State),
968 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
969 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
970 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
971 VMSTATE_END_OF_LIST()
975 static const uint16_t e1000_eeprom_template[64] = {
976 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
977 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
978 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
979 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
980 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
981 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
982 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
983 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
986 static const uint16_t phy_reg_init[] = {
987 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
988 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
989 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
990 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
991 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
992 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
995 static const uint32_t mac_reg_init[] = {
998 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
999 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
1000 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
1001 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1002 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1004 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1005 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1011 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1012 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1015 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1016 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1020 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1021 pcibus_t addr, pcibus_t size, int type)
1023 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1025 const uint32_t excluded_regs[] = {
1026 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1027 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1031 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1034 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1035 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1037 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1038 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1039 excluded_regs[i + 1] -
1040 excluded_regs[i] - 4);
1044 e1000_cleanup(VLANClientState *nc)
1046 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1052 pci_e1000_uninit(PCIDevice *dev)
1054 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1056 cpu_unregister_io_memory(d->mmio_index);
1057 qemu_del_vlan_client(&d->nic->nc);
1061 static void e1000_reset(void *opaque)
1063 E1000State *d = opaque;
1065 memset(d->phy_reg, 0, sizeof d->phy_reg);
1066 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1067 memset(d->mac_reg, 0, sizeof d->mac_reg);
1068 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1069 d->rxbuf_min_shift = 1;
1070 memset(&d->tx, 0, sizeof d->tx);
1073 static NetClientInfo net_e1000_info = {
1074 .type = NET_CLIENT_TYPE_NIC,
1075 .size = sizeof(NICState),
1076 .can_receive = e1000_can_receive,
1077 .receive = e1000_receive,
1078 .cleanup = e1000_cleanup,
1079 .link_status_changed = e1000_set_link_status,
1082 static int pci_e1000_init(PCIDevice *pci_dev)
1084 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1086 uint16_t checksum = 0;
1090 pci_conf = d->dev.config;
1092 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1093 pci_config_set_device_id(pci_conf, E1000_DEVID);
1094 /* TODO: we have no capabilities, so why is this bit set? */
1095 pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_CAP_LIST);
1096 pci_conf[PCI_REVISION_ID] = 0x03;
1097 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1098 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1099 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1101 /* TODO: RST# value should be 0 if programmable, PCI spec 6.2.4 */
1102 pci_conf[PCI_INTERRUPT_PIN] = 1; // interrupt pin 0
1104 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1105 e1000_mmio_write, d);
1107 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1108 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1110 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1111 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1113 memmove(d->eeprom_data, e1000_eeprom_template,
1114 sizeof e1000_eeprom_template);
1115 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1116 macaddr = d->conf.macaddr.a;
1117 for (i = 0; i < 3; i++)
1118 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1119 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1120 checksum += d->eeprom_data[i];
1121 checksum = (uint16_t) EEPROM_SUM - checksum;
1122 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1124 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1125 d->dev.qdev.info->name, d->dev.qdev.id, d);
1127 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1131 static void qdev_e1000_reset(DeviceState *dev)
1133 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1137 static PCIDeviceInfo e1000_info = {
1138 .qdev.name = "e1000",
1139 .qdev.desc = "Intel Gigabit Ethernet",
1140 .qdev.size = sizeof(E1000State),
1141 .qdev.reset = qdev_e1000_reset,
1142 .qdev.vmsd = &vmstate_e1000,
1143 .init = pci_e1000_init,
1144 .exit = pci_e1000_uninit,
1145 .romfile = "pxe-e1000.bin",
1146 .qdev.props = (Property[]) {
1147 DEFINE_NIC_PROPERTIES(E1000State, conf),
1148 DEFINE_PROP_END_OF_LIST(),
1152 static void e1000_register_devices(void)
1154 pci_qdev_register(&e1000_info);
1157 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob