4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
40 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
41 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
42 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
43 DEBUG_RXFILTER, DEBUG_NOTYET,
45 #define DBGBIT(x) (1<<DEBUG_##x)
46 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
48 #define DBGOUT(what, fmt, ...) do { \
49 if (debugflags & DBGBIT(what)) \
50 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #define IOPORT_SIZE 0x40
57 #define PNPMMIO_SIZE 0x20000
61 * E1000_DEV_ID_82540EM works with Windows and Linux
62 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
63 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
64 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
67 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
70 * May need to specify additional MAC-to-PHY entries --
71 * Intel's Windows driver refuses to initialize unless they match
74 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
75 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
76 /* default to E1000_DEV_ID_82540EM */ 0xc20
79 typedef struct E1000State_st {
85 uint32_t mac_reg[0x8000];
86 uint16_t phy_reg[0x20];
87 uint16_t eeprom_data[64];
90 uint32_t rxbuf_min_shift;
93 unsigned char header[256];
94 unsigned char vlan_header[4];
95 /* Fields vlan and data must not be reordered or separated. */
96 unsigned char vlan[4];
97 unsigned char data[0x10000];
99 unsigned char sum_needed;
100 unsigned char vlan_needed;
114 char cptse; // current packet tse bit
118 uint32_t val_in; // shifted in from guest driver
126 #define defreg(x) x = (E1000_##x>>2)
128 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
129 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
130 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
131 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
132 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
133 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
134 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
135 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
136 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
137 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
141 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
142 static const char phy_regcap[0x20] = {
143 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
144 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
145 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
146 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
147 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
148 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
152 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
153 pcibus_t size, int type)
155 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
156 " size=0x%08"FMT_PCIBUS"\n", addr, size);
160 set_interrupt_cause(E1000State *s, int index, uint32_t val)
163 val |= E1000_ICR_INT_ASSERTED;
164 s->mac_reg[ICR] = val;
165 s->mac_reg[ICS] = val;
166 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
170 set_ics(E1000State *s, int index, uint32_t val)
172 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
174 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
178 rxbufsize(uint32_t v)
180 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
181 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
182 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
184 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
186 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
188 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
190 case E1000_RCTL_SZ_1024:
192 case E1000_RCTL_SZ_512:
194 case E1000_RCTL_SZ_256:
201 set_ctrl(E1000State *s, int index, uint32_t val)
203 /* RST is self clearing */
204 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
208 set_rx_control(E1000State *s, int index, uint32_t val)
210 s->mac_reg[RCTL] = val;
211 s->rxbuf_size = rxbufsize(val);
212 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
213 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
218 set_mdic(E1000State *s, int index, uint32_t val)
220 uint32_t data = val & E1000_MDIC_DATA_MASK;
221 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
223 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
224 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
225 else if (val & E1000_MDIC_OP_READ) {
226 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
227 if (!(phy_regcap[addr] & PHY_R)) {
228 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
229 val |= E1000_MDIC_ERROR;
231 val = (val ^ data) | s->phy_reg[addr];
232 } else if (val & E1000_MDIC_OP_WRITE) {
233 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
234 if (!(phy_regcap[addr] & PHY_W)) {
235 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
236 val |= E1000_MDIC_ERROR;
238 s->phy_reg[addr] = data;
240 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
241 set_ics(s, 0, E1000_ICR_MDAC);
245 get_eecd(E1000State *s, int index)
247 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
249 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
250 s->eecd_state.bitnum_out, s->eecd_state.reading);
251 if (!s->eecd_state.reading ||
252 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
253 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
254 ret |= E1000_EECD_DO;
259 set_eecd(E1000State *s, int index, uint32_t val)
261 uint32_t oldval = s->eecd_state.old_eecd;
263 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
264 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
265 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
267 if (!(E1000_EECD_SK & val)) { // falling edge
268 s->eecd_state.bitnum_out++;
271 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
272 memset(&s->eecd_state, 0, sizeof s->eecd_state);
274 * restore old_eecd's E1000_EECD_SK (known to be on)
275 * to avoid false detection of a clock edge
277 s->eecd_state.old_eecd = E1000_EECD_SK;
280 s->eecd_state.val_in <<= 1;
281 if (val & E1000_EECD_DI)
282 s->eecd_state.val_in |= 1;
283 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
284 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
285 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
286 EEPROM_READ_OPCODE_MICROWIRE);
288 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
289 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
290 s->eecd_state.reading);
294 flash_eerd_read(E1000State *s, int x)
296 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
298 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
299 return (s->mac_reg[EERD]);
301 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
302 return (E1000_EEPROM_RW_REG_DONE | r);
304 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
305 E1000_EEPROM_RW_REG_DONE | r);
309 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
316 sum = net_checksum_add(n-css, data+css);
317 cpu_to_be16wu((uint16_t *)(data + sloc),
318 net_checksum_finish(sum));
323 vlan_enabled(E1000State *s)
325 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
329 vlan_rx_filter_enabled(E1000State *s)
331 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
335 is_vlan_packet(E1000State *s, const uint8_t *buf)
337 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
338 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
342 is_vlan_txd(uint32_t txd_lower)
344 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
348 xmit_seg(E1000State *s)
351 unsigned int frames = s->tx.tso_frames, css, sofar, n;
352 struct e1000_tx *tp = &s->tx;
354 if (tp->tse && tp->cptse) {
356 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
357 frames, tp->size, css);
358 if (tp->ip) { // IPv4
359 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
361 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
362 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
364 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
367 len = tp->size - css;
368 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
370 sofar = frames * tp->mss;
371 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
372 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
373 if (tp->paylen - sofar > tp->mss)
374 tp->data[css + 13] &= ~9; // PSH, FIN
376 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
377 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
378 // add pseudo-header length before checksum calculation
379 sp = (uint16_t *)(tp->data + tp->tucso);
380 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
385 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
386 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
387 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
388 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
389 if (tp->vlan_needed) {
390 memmove(tp->vlan, tp->data, 4);
391 memmove(tp->data, tp->data + 4, 8);
392 memcpy(tp->data + 8, tp->vlan_header, 4);
393 qemu_send_packet(&s->nic->nc, tp->vlan, tp->size + 4);
395 qemu_send_packet(&s->nic->nc, tp->data, tp->size);
398 n = s->mac_reg[TOTL];
399 if ((s->mac_reg[TOTL] += s->tx.size) < n)
404 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
406 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
407 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
408 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
409 unsigned int msh = 0xfffff, hdr = 0;
411 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
412 struct e1000_tx *tp = &s->tx;
414 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
415 op = le32_to_cpu(xp->cmd_and_length);
416 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
417 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
418 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
419 tp->tucss = xp->upper_setup.tcp_fields.tucss;
420 tp->tucso = xp->upper_setup.tcp_fields.tucso;
421 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
422 tp->paylen = op & 0xfffff;
423 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
424 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
425 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
426 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
427 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
429 if (tp->tucso == 0) { // this is probably wrong
430 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
431 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
434 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
436 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
437 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
442 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
443 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
445 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
446 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
447 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
448 le16_to_cpu(dp->upper.fields.special));
451 addr = le64_to_cpu(dp->buffer_addr);
452 if (tp->tse && tp->cptse) {
457 if (tp->size + bytes > msh)
458 bytes = msh - tp->size;
459 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
460 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
461 memmove(tp->header, tp->data, hdr);
466 memmove(tp->data, tp->header, hdr);
469 } while (split_size -= bytes);
470 } else if (!tp->tse && tp->cptse) {
471 // context descriptor TSE is not set, while data descriptor TSE is set
472 DBGOUT(TXERR, "TCP segmentaion Error\n");
474 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
475 tp->size += split_size;
478 if (!(txd_lower & E1000_TXD_CMD_EOP))
480 if (!(tp->tse && tp->cptse && tp->size < hdr))
490 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
492 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
494 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
496 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
497 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
498 dp->upper.data = cpu_to_le32(txd_upper);
499 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
500 (void *)&dp->upper, sizeof(dp->upper));
501 return E1000_ICR_TXDW;
505 start_xmit(E1000State *s)
507 target_phys_addr_t base;
508 struct e1000_tx_desc desc;
509 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
511 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
512 DBGOUT(TX, "tx disabled\n");
516 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
517 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
518 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
519 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
521 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
522 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
525 process_tx_desc(s, &desc);
526 cause |= txdesc_writeback(base, &desc);
528 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
531 * the following could happen only if guest sw assigns
532 * bogus values to TDT/TDLEN.
533 * there's nothing too intelligent we could do about this.
535 if (s->mac_reg[TDH] == tdh_start) {
536 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
537 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
541 set_ics(s, 0, cause);
545 receive_filter(E1000State *s, const uint8_t *buf, int size)
547 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
548 static int mta_shift[] = {4, 3, 2, 0};
549 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
551 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
552 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
553 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
554 ((vid >> 5) & 0x7f));
555 if ((vfta & (1 << (vid & 0x1f))) == 0)
559 if (rctl & E1000_RCTL_UPE) // promiscuous
562 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
565 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
568 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
569 if (!(rp[1] & E1000_RAH_AV))
571 ra[0] = cpu_to_le32(rp[0]);
572 ra[1] = cpu_to_le32(rp[1]);
573 if (!memcmp(buf, (uint8_t *)ra, 6)) {
575 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
576 (int)(rp - s->mac_reg - RA)/2,
577 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
581 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
582 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
584 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
585 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
586 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
589 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
590 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
591 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
592 s->mac_reg[MTA + (f >> 5)]);
598 e1000_set_link_status(VLANClientState *nc)
600 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
601 uint32_t old_status = s->mac_reg[STATUS];
604 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
606 s->mac_reg[STATUS] |= E1000_STATUS_LU;
608 if (s->mac_reg[STATUS] != old_status)
609 set_ics(s, 0, E1000_ICR_LSC);
613 e1000_can_receive(VLANClientState *nc)
615 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
617 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
621 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
623 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
624 struct e1000_rx_desc desc;
625 target_phys_addr_t base;
628 uint16_t vlan_special = 0;
629 uint8_t vlan_status = 0, vlan_offset = 0;
631 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
634 if (size > s->rxbuf_size) {
635 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
636 (unsigned long)size, s->rxbuf_size);
640 if (!receive_filter(s, buf, size))
643 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
644 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
645 memmove((uint8_t *)buf + 4, buf, 12);
646 vlan_status = E1000_RXD_STAT_VP;
651 rdh_start = s->mac_reg[RDH];
652 size += 4; // for the header
654 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
655 set_ics(s, 0, E1000_ICS_RXO);
658 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
659 sizeof(desc) * s->mac_reg[RDH];
660 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
661 desc.special = vlan_special;
662 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
663 if (desc.buffer_addr) {
664 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
665 (void *)(buf + vlan_offset), size);
666 desc.length = cpu_to_le16(size);
667 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
668 } else // as per intel docs; skip descriptors with null buf addr
669 DBGOUT(RX, "Null RX descriptor!!\n");
670 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
672 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
675 /* see comment in start_xmit; same here */
676 if (s->mac_reg[RDH] == rdh_start) {
677 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
678 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
679 set_ics(s, 0, E1000_ICS_RXO);
682 } while (desc.buffer_addr == 0);
686 n = s->mac_reg[TORL];
687 if ((s->mac_reg[TORL] += size) < n)
691 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
692 rdt += s->mac_reg[RDLEN] / sizeof(desc);
693 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
695 n |= E1000_ICS_RXDMT0;
703 mac_readreg(E1000State *s, int index)
705 return s->mac_reg[index];
709 mac_icr_read(E1000State *s, int index)
711 uint32_t ret = s->mac_reg[ICR];
713 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
714 set_interrupt_cause(s, 0, 0);
719 mac_read_clr4(E1000State *s, int index)
721 uint32_t ret = s->mac_reg[index];
723 s->mac_reg[index] = 0;
728 mac_read_clr8(E1000State *s, int index)
730 uint32_t ret = s->mac_reg[index];
732 s->mac_reg[index] = 0;
733 s->mac_reg[index-1] = 0;
738 mac_writereg(E1000State *s, int index, uint32_t val)
740 s->mac_reg[index] = val;
744 set_rdt(E1000State *s, int index, uint32_t val)
747 s->mac_reg[index] = val & 0xffff;
751 set_16bit(E1000State *s, int index, uint32_t val)
753 s->mac_reg[index] = val & 0xffff;
757 set_dlen(E1000State *s, int index, uint32_t val)
759 s->mac_reg[index] = val & 0xfff80;
763 set_tctl(E1000State *s, int index, uint32_t val)
765 s->mac_reg[index] = val;
766 s->mac_reg[TDT] &= 0xffff;
771 set_icr(E1000State *s, int index, uint32_t val)
773 DBGOUT(INTERRUPT, "set_icr %x\n", val);
774 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
778 set_imc(E1000State *s, int index, uint32_t val)
780 s->mac_reg[IMS] &= ~val;
785 set_ims(E1000State *s, int index, uint32_t val)
787 s->mac_reg[IMS] |= val;
791 #define getreg(x) [x] = mac_readreg
792 static uint32_t (*macreg_readops[])(E1000State *, int) = {
793 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
794 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
795 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
796 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
797 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
798 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
799 getreg(TDLEN), getreg(RDLEN),
801 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
802 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
803 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
804 [CRCERRS ... MPC] = &mac_readreg,
805 [RA ... RA+31] = &mac_readreg,
806 [MTA ... MTA+127] = &mac_readreg,
807 [VFTA ... VFTA+127] = &mac_readreg,
809 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
811 #define putreg(x) [x] = mac_writereg
812 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
813 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
814 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
815 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
816 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
817 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
818 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
819 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
820 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
821 [RA ... RA+31] = &mac_writereg,
822 [MTA ... MTA+127] = &mac_writereg,
823 [VFTA ... VFTA+127] = &mac_writereg,
825 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
828 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
830 E1000State *s = opaque;
831 unsigned int index = (addr & 0x1ffff) >> 2;
833 #ifdef TARGET_WORDS_BIGENDIAN
836 if (index < NWRITEOPS && macreg_writeops[index])
837 macreg_writeops[index](s, index, val);
838 else if (index < NREADOPS && macreg_readops[index])
839 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
841 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
846 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
848 // emulate hw without byte enables: no RMW
849 e1000_mmio_writel(opaque, addr & ~3,
850 (val & 0xffff) << (8*(addr & 3)));
854 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
856 // emulate hw without byte enables: no RMW
857 e1000_mmio_writel(opaque, addr & ~3,
858 (val & 0xff) << (8*(addr & 3)));
862 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
864 E1000State *s = opaque;
865 unsigned int index = (addr & 0x1ffff) >> 2;
867 if (index < NREADOPS && macreg_readops[index])
869 uint32_t val = macreg_readops[index](s, index);
870 #ifdef TARGET_WORDS_BIGENDIAN
875 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
880 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
882 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
883 (8 * (addr & 3))) & 0xff;
887 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
889 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
890 (8 * (addr & 3))) & 0xffff;
893 static bool is_version_1(void *opaque, int version_id)
895 return version_id == 1;
898 static const VMStateDescription vmstate_e1000 = {
901 .minimum_version_id = 1,
902 .minimum_version_id_old = 1,
903 .fields = (VMStateField []) {
904 VMSTATE_PCI_DEVICE(dev, E1000State),
905 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
906 VMSTATE_UNUSED(4), /* Was mmio_base. */
907 VMSTATE_UINT32(rxbuf_size, E1000State),
908 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
909 VMSTATE_UINT32(eecd_state.val_in, E1000State),
910 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
911 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
912 VMSTATE_UINT16(eecd_state.reading, E1000State),
913 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
914 VMSTATE_UINT8(tx.ipcss, E1000State),
915 VMSTATE_UINT8(tx.ipcso, E1000State),
916 VMSTATE_UINT16(tx.ipcse, E1000State),
917 VMSTATE_UINT8(tx.tucss, E1000State),
918 VMSTATE_UINT8(tx.tucso, E1000State),
919 VMSTATE_UINT16(tx.tucse, E1000State),
920 VMSTATE_UINT32(tx.paylen, E1000State),
921 VMSTATE_UINT8(tx.hdr_len, E1000State),
922 VMSTATE_UINT16(tx.mss, E1000State),
923 VMSTATE_UINT16(tx.size, E1000State),
924 VMSTATE_UINT16(tx.tso_frames, E1000State),
925 VMSTATE_UINT8(tx.sum_needed, E1000State),
926 VMSTATE_INT8(tx.ip, E1000State),
927 VMSTATE_INT8(tx.tcp, E1000State),
928 VMSTATE_BUFFER(tx.header, E1000State),
929 VMSTATE_BUFFER(tx.data, E1000State),
930 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
931 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
932 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
933 VMSTATE_UINT32(mac_reg[EECD], E1000State),
934 VMSTATE_UINT32(mac_reg[EERD], E1000State),
935 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
936 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
937 VMSTATE_UINT32(mac_reg[ICR], E1000State),
938 VMSTATE_UINT32(mac_reg[ICS], E1000State),
939 VMSTATE_UINT32(mac_reg[IMC], E1000State),
940 VMSTATE_UINT32(mac_reg[IMS], E1000State),
941 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
942 VMSTATE_UINT32(mac_reg[MANC], E1000State),
943 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
944 VMSTATE_UINT32(mac_reg[MPC], E1000State),
945 VMSTATE_UINT32(mac_reg[PBA], E1000State),
946 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
947 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
948 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
949 VMSTATE_UINT32(mac_reg[RDH], E1000State),
950 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
951 VMSTATE_UINT32(mac_reg[RDT], E1000State),
952 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
953 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
954 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
955 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
956 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
957 VMSTATE_UINT32(mac_reg[TDH], E1000State),
958 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
959 VMSTATE_UINT32(mac_reg[TDT], E1000State),
960 VMSTATE_UINT32(mac_reg[TORH], E1000State),
961 VMSTATE_UINT32(mac_reg[TORL], E1000State),
962 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
963 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
964 VMSTATE_UINT32(mac_reg[TPR], E1000State),
965 VMSTATE_UINT32(mac_reg[TPT], E1000State),
966 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
967 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
968 VMSTATE_UINT32(mac_reg[VET], E1000State),
969 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
970 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
971 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
972 VMSTATE_END_OF_LIST()
976 static const uint16_t e1000_eeprom_template[64] = {
977 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
978 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
979 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
980 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
981 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
982 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
983 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
984 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
987 static const uint16_t phy_reg_init[] = {
988 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
989 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
990 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
991 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
992 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
993 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
996 static const uint32_t mac_reg_init[] = {
999 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
1000 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
1001 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
1002 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1003 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1005 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1006 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1012 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1013 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1016 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1017 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1021 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1022 pcibus_t addr, pcibus_t size, int type)
1024 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1026 const uint32_t excluded_regs[] = {
1027 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1028 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1032 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1035 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1036 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1038 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1039 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1040 excluded_regs[i + 1] -
1041 excluded_regs[i] - 4);
1045 e1000_cleanup(VLANClientState *nc)
1047 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1053 pci_e1000_uninit(PCIDevice *dev)
1055 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1057 cpu_unregister_io_memory(d->mmio_index);
1058 qemu_del_vlan_client(&d->nic->nc);
1062 static void e1000_reset(void *opaque)
1064 E1000State *d = opaque;
1066 memset(d->phy_reg, 0, sizeof d->phy_reg);
1067 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1068 memset(d->mac_reg, 0, sizeof d->mac_reg);
1069 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1070 d->rxbuf_min_shift = 1;
1071 memset(&d->tx, 0, sizeof d->tx);
1074 static NetClientInfo net_e1000_info = {
1075 .type = NET_CLIENT_TYPE_NIC,
1076 .size = sizeof(NICState),
1077 .can_receive = e1000_can_receive,
1078 .receive = e1000_receive,
1079 .cleanup = e1000_cleanup,
1080 .link_status_changed = e1000_set_link_status,
1083 static int pci_e1000_init(PCIDevice *pci_dev)
1085 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1087 uint16_t checksum = 0;
1091 pci_conf = d->dev.config;
1093 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1094 pci_config_set_device_id(pci_conf, E1000_DEVID);
1095 /* TODO: we have no capabilities, so why is this bit set? */
1096 pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_CAP_LIST);
1097 pci_conf[PCI_REVISION_ID] = 0x03;
1098 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1099 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1100 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1102 /* TODO: RST# value should be 0 if programmable, PCI spec 6.2.4 */
1103 pci_conf[PCI_INTERRUPT_PIN] = 1; // interrupt pin 0
1105 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1106 e1000_mmio_write, d);
1108 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1109 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1111 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1112 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1114 memmove(d->eeprom_data, e1000_eeprom_template,
1115 sizeof e1000_eeprom_template);
1116 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1117 macaddr = d->conf.macaddr.a;
1118 for (i = 0; i < 3; i++)
1119 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1120 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1121 checksum += d->eeprom_data[i];
1122 checksum = (uint16_t) EEPROM_SUM - checksum;
1123 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1125 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1126 d->dev.qdev.info->name, d->dev.qdev.id, d);
1128 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1132 static void qdev_e1000_reset(DeviceState *dev)
1134 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1138 static PCIDeviceInfo e1000_info = {
1139 .qdev.name = "e1000",
1140 .qdev.desc = "Intel Gigabit Ethernet",
1141 .qdev.size = sizeof(E1000State),
1142 .qdev.reset = qdev_e1000_reset,
1143 .qdev.vmsd = &vmstate_e1000,
1144 .init = pci_e1000_init,
1145 .exit = pci_e1000_uninit,
1146 .romfile = "pxe-e1000.bin",
1147 .qdev.props = (Property[]) {
1148 DEFINE_NIC_PROPERTIES(E1000State, conf),
1149 DEFINE_PROP_END_OF_LIST(),
1153 static void e1000_register_devices(void)
1155 pci_qdev_register(&e1000_info);
1158 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob