4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
40 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
41 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
42 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
43 DEBUG_RXFILTER, DEBUG_NOTYET,
45 #define DBGBIT(x) (1<<DEBUG_##x)
46 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
48 #define DBGOUT(what, fmt, ...) do { \
49 if (debugflags & DBGBIT(what)) \
50 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #define IOPORT_SIZE 0x40
57 #define PNPMMIO_SIZE 0x20000
61 * E1000_DEV_ID_82540EM works with Windows and Linux
62 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
63 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
64 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
67 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
70 * May need to specify additional MAC-to-PHY entries --
71 * Intel's Windows driver refuses to initialize unless they match
74 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
75 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
76 /* default to E1000_DEV_ID_82540EM */ 0xc20
79 typedef struct E1000State_st {
85 uint32_t mac_reg[0x8000];
86 uint16_t phy_reg[0x20];
87 uint16_t eeprom_data[64];
90 uint32_t rxbuf_min_shift;
93 unsigned char header[256];
94 unsigned char vlan_header[4];
95 /* Fields vlan and data must not be reordered or separated. */
96 unsigned char vlan[4];
97 unsigned char data[0x10000];
99 unsigned char sum_needed;
100 unsigned char vlan_needed;
114 char cptse; // current packet tse bit
118 uint32_t val_in; // shifted in from guest driver
126 #define defreg(x) x = (E1000_##x>>2)
128 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
129 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
130 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
131 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
132 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
133 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
134 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
135 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
136 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
137 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
141 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
142 static const char phy_regcap[0x20] = {
143 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
144 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
145 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
146 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
147 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
148 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
152 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
153 pcibus_t size, int type)
155 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
156 " size=0x%08"FMT_PCIBUS"\n", addr, size);
160 set_interrupt_cause(E1000State *s, int index, uint32_t val)
163 val |= E1000_ICR_INT_ASSERTED;
164 s->mac_reg[ICR] = val;
165 s->mac_reg[ICS] = val;
166 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
170 set_ics(E1000State *s, int index, uint32_t val)
172 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
174 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
178 rxbufsize(uint32_t v)
180 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
181 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
182 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
184 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
186 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
188 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
190 case E1000_RCTL_SZ_1024:
192 case E1000_RCTL_SZ_512:
194 case E1000_RCTL_SZ_256:
201 set_ctrl(E1000State *s, int index, uint32_t val)
203 /* RST is self clearing */
204 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
208 set_rx_control(E1000State *s, int index, uint32_t val)
210 s->mac_reg[RCTL] = val;
211 s->rxbuf_size = rxbufsize(val);
212 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
213 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
218 set_mdic(E1000State *s, int index, uint32_t val)
220 uint32_t data = val & E1000_MDIC_DATA_MASK;
221 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
223 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
224 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
225 else if (val & E1000_MDIC_OP_READ) {
226 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
227 if (!(phy_regcap[addr] & PHY_R)) {
228 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
229 val |= E1000_MDIC_ERROR;
231 val = (val ^ data) | s->phy_reg[addr];
232 } else if (val & E1000_MDIC_OP_WRITE) {
233 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
234 if (!(phy_regcap[addr] & PHY_W)) {
235 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
236 val |= E1000_MDIC_ERROR;
238 s->phy_reg[addr] = data;
240 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
241 set_ics(s, 0, E1000_ICR_MDAC);
245 get_eecd(E1000State *s, int index)
247 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
249 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
250 s->eecd_state.bitnum_out, s->eecd_state.reading);
251 if (!s->eecd_state.reading ||
252 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
253 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
254 ret |= E1000_EECD_DO;
259 set_eecd(E1000State *s, int index, uint32_t val)
261 uint32_t oldval = s->eecd_state.old_eecd;
263 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
264 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
265 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
267 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
268 s->eecd_state.val_in = 0;
269 s->eecd_state.bitnum_in = 0;
270 s->eecd_state.bitnum_out = 0;
271 s->eecd_state.reading = 0;
273 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
275 if (!(E1000_EECD_SK & val)) { // falling edge
276 s->eecd_state.bitnum_out++;
279 s->eecd_state.val_in <<= 1;
280 if (val & E1000_EECD_DI)
281 s->eecd_state.val_in |= 1;
282 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
283 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
284 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
285 EEPROM_READ_OPCODE_MICROWIRE);
287 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
288 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
289 s->eecd_state.reading);
293 flash_eerd_read(E1000State *s, int x)
295 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
297 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
298 return (s->mac_reg[EERD]);
300 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
301 return (E1000_EEPROM_RW_REG_DONE | r);
303 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
304 E1000_EEPROM_RW_REG_DONE | r);
308 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
315 sum = net_checksum_add(n-css, data+css);
316 cpu_to_be16wu((uint16_t *)(data + sloc),
317 net_checksum_finish(sum));
322 vlan_enabled(E1000State *s)
324 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
328 vlan_rx_filter_enabled(E1000State *s)
330 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
334 is_vlan_packet(E1000State *s, const uint8_t *buf)
336 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
337 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
341 is_vlan_txd(uint32_t txd_lower)
343 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
346 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
347 * fill it in, just pad descriptor length by 4 bytes unless guest
348 * told us to strip it off the packet. */
350 fcs_len(E1000State *s)
352 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
356 xmit_seg(E1000State *s)
359 unsigned int frames = s->tx.tso_frames, css, sofar, n;
360 struct e1000_tx *tp = &s->tx;
362 if (tp->tse && tp->cptse) {
364 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
365 frames, tp->size, css);
366 if (tp->ip) { // IPv4
367 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
369 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
370 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
372 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
375 len = tp->size - css;
376 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
378 sofar = frames * tp->mss;
379 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
380 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
381 if (tp->paylen - sofar > tp->mss)
382 tp->data[css + 13] &= ~9; // PSH, FIN
384 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
385 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
386 // add pseudo-header length before checksum calculation
387 sp = (uint16_t *)(tp->data + tp->tucso);
388 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
393 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
394 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
395 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
396 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
397 if (tp->vlan_needed) {
398 memmove(tp->vlan, tp->data, 4);
399 memmove(tp->data, tp->data + 4, 8);
400 memcpy(tp->data + 8, tp->vlan_header, 4);
401 qemu_send_packet(&s->nic->nc, tp->vlan, tp->size + 4);
403 qemu_send_packet(&s->nic->nc, tp->data, tp->size);
406 n = s->mac_reg[TOTL];
407 if ((s->mac_reg[TOTL] += s->tx.size) < n)
412 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
414 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
415 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
416 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
417 unsigned int msh = 0xfffff, hdr = 0;
419 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
420 struct e1000_tx *tp = &s->tx;
422 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
423 op = le32_to_cpu(xp->cmd_and_length);
424 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
425 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
426 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
427 tp->tucss = xp->upper_setup.tcp_fields.tucss;
428 tp->tucso = xp->upper_setup.tcp_fields.tucso;
429 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
430 tp->paylen = op & 0xfffff;
431 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
432 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
433 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
434 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
435 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
437 if (tp->tucso == 0) { // this is probably wrong
438 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
439 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
442 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
444 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
445 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
450 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
451 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
453 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
454 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
455 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
456 le16_to_cpu(dp->upper.fields.special));
459 addr = le64_to_cpu(dp->buffer_addr);
460 if (tp->tse && tp->cptse) {
465 if (tp->size + bytes > msh)
466 bytes = msh - tp->size;
467 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
468 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
469 memmove(tp->header, tp->data, hdr);
474 memmove(tp->data, tp->header, hdr);
477 } while (split_size -= bytes);
478 } else if (!tp->tse && tp->cptse) {
479 // context descriptor TSE is not set, while data descriptor TSE is set
480 DBGOUT(TXERR, "TCP segmentaion Error\n");
482 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
483 tp->size += split_size;
486 if (!(txd_lower & E1000_TXD_CMD_EOP))
488 if (!(tp->tse && tp->cptse && tp->size < hdr))
498 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
500 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
502 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
504 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
505 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
506 dp->upper.data = cpu_to_le32(txd_upper);
507 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
508 (void *)&dp->upper, sizeof(dp->upper));
509 return E1000_ICR_TXDW;
513 start_xmit(E1000State *s)
515 target_phys_addr_t base;
516 struct e1000_tx_desc desc;
517 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
519 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
520 DBGOUT(TX, "tx disabled\n");
524 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
525 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
526 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
527 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
529 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
530 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
533 process_tx_desc(s, &desc);
534 cause |= txdesc_writeback(base, &desc);
536 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
539 * the following could happen only if guest sw assigns
540 * bogus values to TDT/TDLEN.
541 * there's nothing too intelligent we could do about this.
543 if (s->mac_reg[TDH] == tdh_start) {
544 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
545 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
549 set_ics(s, 0, cause);
553 receive_filter(E1000State *s, const uint8_t *buf, int size)
555 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
556 static const int mta_shift[] = {4, 3, 2, 0};
557 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
559 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
560 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
561 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
562 ((vid >> 5) & 0x7f));
563 if ((vfta & (1 << (vid & 0x1f))) == 0)
567 if (rctl & E1000_RCTL_UPE) // promiscuous
570 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
573 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
576 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
577 if (!(rp[1] & E1000_RAH_AV))
579 ra[0] = cpu_to_le32(rp[0]);
580 ra[1] = cpu_to_le32(rp[1]);
581 if (!memcmp(buf, (uint8_t *)ra, 6)) {
583 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
584 (int)(rp - s->mac_reg - RA)/2,
585 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
589 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
590 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
592 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
593 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
594 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
597 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
598 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
599 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
600 s->mac_reg[MTA + (f >> 5)]);
606 e1000_set_link_status(VLANClientState *nc)
608 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
609 uint32_t old_status = s->mac_reg[STATUS];
612 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
614 s->mac_reg[STATUS] |= E1000_STATUS_LU;
616 if (s->mac_reg[STATUS] != old_status)
617 set_ics(s, 0, E1000_ICR_LSC);
621 e1000_can_receive(VLANClientState *nc)
623 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
625 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
629 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
631 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
632 struct e1000_rx_desc desc;
633 target_phys_addr_t base;
636 uint16_t vlan_special = 0;
637 uint8_t vlan_status = 0, vlan_offset = 0;
639 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
642 if (size > s->rxbuf_size) {
643 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
644 (unsigned long)size, s->rxbuf_size);
648 if (!receive_filter(s, buf, size))
651 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
652 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
653 memmove((uint8_t *)buf + 4, buf, 12);
654 vlan_status = E1000_RXD_STAT_VP;
659 rdh_start = s->mac_reg[RDH];
661 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
662 set_ics(s, 0, E1000_ICS_RXO);
665 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
666 sizeof(desc) * s->mac_reg[RDH];
667 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
668 desc.special = vlan_special;
669 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
670 if (desc.buffer_addr) {
671 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
672 (void *)(buf + vlan_offset), size);
673 desc.length = cpu_to_le16(size + fcs_len(s));
674 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
675 } else // as per intel docs; skip descriptors with null buf addr
676 DBGOUT(RX, "Null RX descriptor!!\n");
677 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
679 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
682 /* see comment in start_xmit; same here */
683 if (s->mac_reg[RDH] == rdh_start) {
684 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
685 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
686 set_ics(s, 0, E1000_ICS_RXO);
689 } while (desc.buffer_addr == 0);
693 /* TOR - Total Octets Received:
694 * This register includes bytes received in a packet from the <Destination
695 * Address> field through the <CRC> field, inclusively.
697 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
698 if (n < s->mac_reg[TORL])
700 s->mac_reg[TORL] = n;
703 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
704 rdt += s->mac_reg[RDLEN] / sizeof(desc);
705 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
707 n |= E1000_ICS_RXDMT0;
715 mac_readreg(E1000State *s, int index)
717 return s->mac_reg[index];
721 mac_icr_read(E1000State *s, int index)
723 uint32_t ret = s->mac_reg[ICR];
725 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
726 set_interrupt_cause(s, 0, 0);
731 mac_read_clr4(E1000State *s, int index)
733 uint32_t ret = s->mac_reg[index];
735 s->mac_reg[index] = 0;
740 mac_read_clr8(E1000State *s, int index)
742 uint32_t ret = s->mac_reg[index];
744 s->mac_reg[index] = 0;
745 s->mac_reg[index-1] = 0;
750 mac_writereg(E1000State *s, int index, uint32_t val)
752 s->mac_reg[index] = val;
756 set_rdt(E1000State *s, int index, uint32_t val)
759 s->mac_reg[index] = val & 0xffff;
763 set_16bit(E1000State *s, int index, uint32_t val)
765 s->mac_reg[index] = val & 0xffff;
769 set_dlen(E1000State *s, int index, uint32_t val)
771 s->mac_reg[index] = val & 0xfff80;
775 set_tctl(E1000State *s, int index, uint32_t val)
777 s->mac_reg[index] = val;
778 s->mac_reg[TDT] &= 0xffff;
783 set_icr(E1000State *s, int index, uint32_t val)
785 DBGOUT(INTERRUPT, "set_icr %x\n", val);
786 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
790 set_imc(E1000State *s, int index, uint32_t val)
792 s->mac_reg[IMS] &= ~val;
797 set_ims(E1000State *s, int index, uint32_t val)
799 s->mac_reg[IMS] |= val;
803 #define getreg(x) [x] = mac_readreg
804 static uint32_t (*macreg_readops[])(E1000State *, int) = {
805 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
806 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
807 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
808 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
809 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
810 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
811 getreg(TDLEN), getreg(RDLEN),
813 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
814 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
815 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
816 [CRCERRS ... MPC] = &mac_readreg,
817 [RA ... RA+31] = &mac_readreg,
818 [MTA ... MTA+127] = &mac_readreg,
819 [VFTA ... VFTA+127] = &mac_readreg,
821 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
823 #define putreg(x) [x] = mac_writereg
824 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
825 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
826 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
827 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
828 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
829 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
830 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
831 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
832 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
833 [RA ... RA+31] = &mac_writereg,
834 [MTA ... MTA+127] = &mac_writereg,
835 [VFTA ... VFTA+127] = &mac_writereg,
837 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
840 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
842 E1000State *s = opaque;
843 unsigned int index = (addr & 0x1ffff) >> 2;
845 #ifdef TARGET_WORDS_BIGENDIAN
848 if (index < NWRITEOPS && macreg_writeops[index])
849 macreg_writeops[index](s, index, val);
850 else if (index < NREADOPS && macreg_readops[index])
851 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
853 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
858 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
860 // emulate hw without byte enables: no RMW
861 e1000_mmio_writel(opaque, addr & ~3,
862 (val & 0xffff) << (8*(addr & 3)));
866 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
868 // emulate hw without byte enables: no RMW
869 e1000_mmio_writel(opaque, addr & ~3,
870 (val & 0xff) << (8*(addr & 3)));
874 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
876 E1000State *s = opaque;
877 unsigned int index = (addr & 0x1ffff) >> 2;
879 if (index < NREADOPS && macreg_readops[index])
881 uint32_t val = macreg_readops[index](s, index);
882 #ifdef TARGET_WORDS_BIGENDIAN
887 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
892 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
894 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
895 (8 * (addr & 3))) & 0xff;
899 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
901 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
902 (8 * (addr & 3))) & 0xffff;
905 static bool is_version_1(void *opaque, int version_id)
907 return version_id == 1;
910 static const VMStateDescription vmstate_e1000 = {
913 .minimum_version_id = 1,
914 .minimum_version_id_old = 1,
915 .fields = (VMStateField []) {
916 VMSTATE_PCI_DEVICE(dev, E1000State),
917 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
918 VMSTATE_UNUSED(4), /* Was mmio_base. */
919 VMSTATE_UINT32(rxbuf_size, E1000State),
920 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
921 VMSTATE_UINT32(eecd_state.val_in, E1000State),
922 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
923 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
924 VMSTATE_UINT16(eecd_state.reading, E1000State),
925 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
926 VMSTATE_UINT8(tx.ipcss, E1000State),
927 VMSTATE_UINT8(tx.ipcso, E1000State),
928 VMSTATE_UINT16(tx.ipcse, E1000State),
929 VMSTATE_UINT8(tx.tucss, E1000State),
930 VMSTATE_UINT8(tx.tucso, E1000State),
931 VMSTATE_UINT16(tx.tucse, E1000State),
932 VMSTATE_UINT32(tx.paylen, E1000State),
933 VMSTATE_UINT8(tx.hdr_len, E1000State),
934 VMSTATE_UINT16(tx.mss, E1000State),
935 VMSTATE_UINT16(tx.size, E1000State),
936 VMSTATE_UINT16(tx.tso_frames, E1000State),
937 VMSTATE_UINT8(tx.sum_needed, E1000State),
938 VMSTATE_INT8(tx.ip, E1000State),
939 VMSTATE_INT8(tx.tcp, E1000State),
940 VMSTATE_BUFFER(tx.header, E1000State),
941 VMSTATE_BUFFER(tx.data, E1000State),
942 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
943 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
944 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
945 VMSTATE_UINT32(mac_reg[EECD], E1000State),
946 VMSTATE_UINT32(mac_reg[EERD], E1000State),
947 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
948 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
949 VMSTATE_UINT32(mac_reg[ICR], E1000State),
950 VMSTATE_UINT32(mac_reg[ICS], E1000State),
951 VMSTATE_UINT32(mac_reg[IMC], E1000State),
952 VMSTATE_UINT32(mac_reg[IMS], E1000State),
953 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
954 VMSTATE_UINT32(mac_reg[MANC], E1000State),
955 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
956 VMSTATE_UINT32(mac_reg[MPC], E1000State),
957 VMSTATE_UINT32(mac_reg[PBA], E1000State),
958 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
959 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
960 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
961 VMSTATE_UINT32(mac_reg[RDH], E1000State),
962 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
963 VMSTATE_UINT32(mac_reg[RDT], E1000State),
964 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
965 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
966 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
967 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
968 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
969 VMSTATE_UINT32(mac_reg[TDH], E1000State),
970 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
971 VMSTATE_UINT32(mac_reg[TDT], E1000State),
972 VMSTATE_UINT32(mac_reg[TORH], E1000State),
973 VMSTATE_UINT32(mac_reg[TORL], E1000State),
974 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
975 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
976 VMSTATE_UINT32(mac_reg[TPR], E1000State),
977 VMSTATE_UINT32(mac_reg[TPT], E1000State),
978 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
979 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
980 VMSTATE_UINT32(mac_reg[VET], E1000State),
981 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
982 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
983 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
984 VMSTATE_END_OF_LIST()
988 static const uint16_t e1000_eeprom_template[64] = {
989 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
990 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
991 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
992 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
993 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
994 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
995 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
996 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
999 static const uint16_t phy_reg_init[] = {
1000 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
1001 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
1002 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
1003 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
1004 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
1005 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
1008 static const uint32_t mac_reg_init[] = {
1011 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
1012 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
1013 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
1014 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1015 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1017 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1018 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1024 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1025 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1028 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1029 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1033 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1034 pcibus_t addr, pcibus_t size, int type)
1036 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1038 const uint32_t excluded_regs[] = {
1039 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1040 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1044 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1047 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1048 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1050 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1051 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1052 excluded_regs[i + 1] -
1053 excluded_regs[i] - 4);
1057 e1000_cleanup(VLANClientState *nc)
1059 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1065 pci_e1000_uninit(PCIDevice *dev)
1067 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1069 cpu_unregister_io_memory(d->mmio_index);
1070 qemu_del_vlan_client(&d->nic->nc);
1074 static void e1000_reset(void *opaque)
1076 E1000State *d = opaque;
1078 memset(d->phy_reg, 0, sizeof d->phy_reg);
1079 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1080 memset(d->mac_reg, 0, sizeof d->mac_reg);
1081 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1082 d->rxbuf_min_shift = 1;
1083 memset(&d->tx, 0, sizeof d->tx);
1086 static NetClientInfo net_e1000_info = {
1087 .type = NET_CLIENT_TYPE_NIC,
1088 .size = sizeof(NICState),
1089 .can_receive = e1000_can_receive,
1090 .receive = e1000_receive,
1091 .cleanup = e1000_cleanup,
1092 .link_status_changed = e1000_set_link_status,
1095 static int pci_e1000_init(PCIDevice *pci_dev)
1097 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1099 uint16_t checksum = 0;
1103 pci_conf = d->dev.config;
1105 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1106 pci_config_set_device_id(pci_conf, E1000_DEVID);
1107 /* TODO: we have no capabilities, so why is this bit set? */
1108 pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_CAP_LIST);
1109 pci_conf[PCI_REVISION_ID] = 0x03;
1110 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1111 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1112 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1114 /* TODO: RST# value should be 0 if programmable, PCI spec 6.2.4 */
1115 pci_conf[PCI_INTERRUPT_PIN] = 1; // interrupt pin 0
1117 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1118 e1000_mmio_write, d);
1120 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1121 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1123 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1124 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1126 memmove(d->eeprom_data, e1000_eeprom_template,
1127 sizeof e1000_eeprom_template);
1128 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1129 macaddr = d->conf.macaddr.a;
1130 for (i = 0; i < 3; i++)
1131 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1132 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1133 checksum += d->eeprom_data[i];
1134 checksum = (uint16_t) EEPROM_SUM - checksum;
1135 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1137 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1138 d->dev.qdev.info->name, d->dev.qdev.id, d);
1140 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1144 static void qdev_e1000_reset(DeviceState *dev)
1146 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1150 static PCIDeviceInfo e1000_info = {
1151 .qdev.name = "e1000",
1152 .qdev.desc = "Intel Gigabit Ethernet",
1153 .qdev.size = sizeof(E1000State),
1154 .qdev.reset = qdev_e1000_reset,
1155 .qdev.vmsd = &vmstate_e1000,
1156 .init = pci_e1000_init,
1157 .exit = pci_e1000_uninit,
1158 .romfile = "pxe-e1000.bin",
1159 .qdev.props = (Property[]) {
1160 DEFINE_NIC_PROPERTIES(E1000State, conf),
1161 DEFINE_PROP_END_OF_LIST(),
1165 static void e1000_register_devices(void)
1167 pci_qdev_register(&e1000_info);
1170 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob