4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 #include "net/checksum.h"
37 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
38 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
39 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
40 DEBUG_RXFILTER, DEBUG_NOTYET,
42 #define DBGBIT(x) (1<<DEBUG_##x)
43 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
45 #define DBGOUT(what, fmt, ...) do { \
46 if (debugflags & DBGBIT(what)) \
47 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
50 #define DBGOUT(what, fmt, ...) do {} while (0)
53 #define IOPORT_SIZE 0x40
54 #define PNPMMIO_SIZE 0x20000
58 * E1000_DEV_ID_82540EM works with Windows and Linux
59 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
60 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
61 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
64 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
67 * May need to specify additional MAC-to-PHY entries --
68 * Intel's Windows driver refuses to initialize unless they match
71 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
72 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
73 /* default to E1000_DEV_ID_82540EM */ 0xc20
76 typedef struct E1000State_st {
82 uint32_t mac_reg[0x8000];
83 uint16_t phy_reg[0x20];
84 uint16_t eeprom_data[64];
87 uint32_t rxbuf_min_shift;
90 unsigned char header[256];
91 unsigned char vlan_header[4];
92 /* Fields vlan and data must not be reordered or separated. */
93 unsigned char vlan[4];
94 unsigned char data[0x10000];
96 unsigned char sum_needed;
97 unsigned char vlan_needed;
111 char cptse; // current packet tse bit
115 uint32_t val_in; // shifted in from guest driver
123 #define defreg(x) x = (E1000_##x>>2)
125 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
126 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
127 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
128 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
129 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
130 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
131 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
132 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
133 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
134 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
138 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
139 static const char phy_regcap[0x20] = {
140 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
141 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
142 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
143 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
144 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
145 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
149 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
150 pcibus_t size, int type)
152 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
153 " size=0x%08"FMT_PCIBUS"\n", addr, size);
157 set_interrupt_cause(E1000State *s, int index, uint32_t val)
160 val |= E1000_ICR_INT_ASSERTED;
161 s->mac_reg[ICR] = val;
162 s->mac_reg[ICS] = val;
163 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
167 set_ics(E1000State *s, int index, uint32_t val)
169 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
171 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
175 rxbufsize(uint32_t v)
177 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
178 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
179 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
181 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
183 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
185 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
187 case E1000_RCTL_SZ_1024:
189 case E1000_RCTL_SZ_512:
191 case E1000_RCTL_SZ_256:
198 set_ctrl(E1000State *s, int index, uint32_t val)
200 /* RST is self clearing */
201 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
205 set_rx_control(E1000State *s, int index, uint32_t val)
207 s->mac_reg[RCTL] = val;
208 s->rxbuf_size = rxbufsize(val);
209 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
210 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
215 set_mdic(E1000State *s, int index, uint32_t val)
217 uint32_t data = val & E1000_MDIC_DATA_MASK;
218 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
220 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
221 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
222 else if (val & E1000_MDIC_OP_READ) {
223 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
224 if (!(phy_regcap[addr] & PHY_R)) {
225 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
226 val |= E1000_MDIC_ERROR;
228 val = (val ^ data) | s->phy_reg[addr];
229 } else if (val & E1000_MDIC_OP_WRITE) {
230 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
231 if (!(phy_regcap[addr] & PHY_W)) {
232 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
233 val |= E1000_MDIC_ERROR;
235 s->phy_reg[addr] = data;
237 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
238 set_ics(s, 0, E1000_ICR_MDAC);
242 get_eecd(E1000State *s, int index)
244 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
246 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
247 s->eecd_state.bitnum_out, s->eecd_state.reading);
248 if (!s->eecd_state.reading ||
249 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
250 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
251 ret |= E1000_EECD_DO;
256 set_eecd(E1000State *s, int index, uint32_t val)
258 uint32_t oldval = s->eecd_state.old_eecd;
260 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
261 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
262 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
264 if (!(E1000_EECD_SK & val)) { // falling edge
265 s->eecd_state.bitnum_out++;
268 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
269 memset(&s->eecd_state, 0, sizeof s->eecd_state);
271 * restore old_eecd's E1000_EECD_SK (known to be on)
272 * to avoid false detection of a clock edge
274 s->eecd_state.old_eecd = E1000_EECD_SK;
277 s->eecd_state.val_in <<= 1;
278 if (val & E1000_EECD_DI)
279 s->eecd_state.val_in |= 1;
280 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
281 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
282 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
283 EEPROM_READ_OPCODE_MICROWIRE);
285 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
286 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
287 s->eecd_state.reading);
291 flash_eerd_read(E1000State *s, int x)
293 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
295 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
296 return (s->mac_reg[EERD]);
298 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
299 return (E1000_EEPROM_RW_REG_DONE | r);
301 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
302 E1000_EEPROM_RW_REG_DONE | r);
306 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
313 sum = net_checksum_add(n-css, data+css);
314 cpu_to_be16wu((uint16_t *)(data + sloc),
315 net_checksum_finish(sum));
320 vlan_enabled(E1000State *s)
322 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
326 vlan_rx_filter_enabled(E1000State *s)
328 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
332 is_vlan_packet(E1000State *s, const uint8_t *buf)
334 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
335 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
339 is_vlan_txd(uint32_t txd_lower)
341 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
345 xmit_seg(E1000State *s)
348 unsigned int frames = s->tx.tso_frames, css, sofar, n;
349 struct e1000_tx *tp = &s->tx;
351 if (tp->tse && tp->cptse) {
353 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
354 frames, tp->size, css);
355 if (tp->ip) { // IPv4
356 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
358 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
359 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
361 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
364 len = tp->size - css;
365 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
367 sofar = frames * tp->mss;
368 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
369 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
370 if (tp->paylen - sofar > tp->mss)
371 tp->data[css + 13] &= ~9; // PSH, FIN
373 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
374 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
375 // add pseudo-header length before checksum calculation
376 sp = (uint16_t *)(tp->data + tp->tucso);
377 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
382 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
383 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
384 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
385 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
386 if (tp->vlan_needed) {
387 memmove(tp->vlan, tp->data, 4);
388 memmove(tp->data, tp->data + 4, 8);
389 memcpy(tp->data + 8, tp->vlan_header, 4);
390 qemu_send_packet(&s->nic->nc, tp->vlan, tp->size + 4);
392 qemu_send_packet(&s->nic->nc, tp->data, tp->size);
395 n = s->mac_reg[TOTL];
396 if ((s->mac_reg[TOTL] += s->tx.size) < n)
401 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
403 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
404 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
405 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
406 unsigned int msh = 0xfffff, hdr = 0;
408 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
409 struct e1000_tx *tp = &s->tx;
411 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
412 op = le32_to_cpu(xp->cmd_and_length);
413 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
414 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
415 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
416 tp->tucss = xp->upper_setup.tcp_fields.tucss;
417 tp->tucso = xp->upper_setup.tcp_fields.tucso;
418 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
419 tp->paylen = op & 0xfffff;
420 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
421 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
422 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
423 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
424 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
426 if (tp->tucso == 0) { // this is probably wrong
427 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
428 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
431 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
433 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
434 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
439 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
440 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
442 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
443 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
444 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
445 le16_to_cpu(dp->upper.fields.special));
448 addr = le64_to_cpu(dp->buffer_addr);
449 if (tp->tse && tp->cptse) {
454 if (tp->size + bytes > msh)
455 bytes = msh - tp->size;
456 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
457 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
458 memmove(tp->header, tp->data, hdr);
463 memmove(tp->data, tp->header, hdr);
466 } while (split_size -= bytes);
467 } else if (!tp->tse && tp->cptse) {
468 // context descriptor TSE is not set, while data descriptor TSE is set
469 DBGOUT(TXERR, "TCP segmentaion Error\n");
471 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
472 tp->size += split_size;
475 if (!(txd_lower & E1000_TXD_CMD_EOP))
477 if (!(tp->tse && tp->cptse && tp->size < hdr))
487 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
489 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
491 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
493 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
494 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
495 dp->upper.data = cpu_to_le32(txd_upper);
496 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
497 (void *)&dp->upper, sizeof(dp->upper));
498 return E1000_ICR_TXDW;
502 start_xmit(E1000State *s)
504 target_phys_addr_t base;
505 struct e1000_tx_desc desc;
506 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
508 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
509 DBGOUT(TX, "tx disabled\n");
513 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
514 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
515 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
516 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
518 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
519 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
522 process_tx_desc(s, &desc);
523 cause |= txdesc_writeback(base, &desc);
525 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
528 * the following could happen only if guest sw assigns
529 * bogus values to TDT/TDLEN.
530 * there's nothing too intelligent we could do about this.
532 if (s->mac_reg[TDH] == tdh_start) {
533 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
534 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
538 set_ics(s, 0, cause);
542 receive_filter(E1000State *s, const uint8_t *buf, int size)
544 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
545 static int mta_shift[] = {4, 3, 2, 0};
546 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
548 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
549 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
550 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
551 ((vid >> 5) & 0x7f));
552 if ((vfta & (1 << (vid & 0x1f))) == 0)
556 if (rctl & E1000_RCTL_UPE) // promiscuous
559 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
562 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
565 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
566 if (!(rp[1] & E1000_RAH_AV))
568 ra[0] = cpu_to_le32(rp[0]);
569 ra[1] = cpu_to_le32(rp[1]);
570 if (!memcmp(buf, (uint8_t *)ra, 6)) {
572 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
573 (int)(rp - s->mac_reg - RA)/2,
574 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
578 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
579 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
581 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
582 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
583 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
586 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
587 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
588 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
589 s->mac_reg[MTA + (f >> 5)]);
595 e1000_set_link_status(VLANClientState *nc)
597 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
598 uint32_t old_status = s->mac_reg[STATUS];
601 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
603 s->mac_reg[STATUS] |= E1000_STATUS_LU;
605 if (s->mac_reg[STATUS] != old_status)
606 set_ics(s, 0, E1000_ICR_LSC);
610 e1000_can_receive(VLANClientState *nc)
612 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
614 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
618 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
620 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
621 struct e1000_rx_desc desc;
622 target_phys_addr_t base;
625 uint16_t vlan_special = 0;
626 uint8_t vlan_status = 0, vlan_offset = 0;
628 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
631 if (size > s->rxbuf_size) {
632 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
633 (unsigned long)size, s->rxbuf_size);
637 if (!receive_filter(s, buf, size))
640 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
641 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
642 memmove((void *)(buf + 4), buf, 12);
643 vlan_status = E1000_RXD_STAT_VP;
648 rdh_start = s->mac_reg[RDH];
649 size += 4; // for the header
651 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
652 set_ics(s, 0, E1000_ICS_RXO);
655 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
656 sizeof(desc) * s->mac_reg[RDH];
657 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
658 desc.special = vlan_special;
659 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
660 if (desc.buffer_addr) {
661 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
662 (void *)(buf + vlan_offset), size);
663 desc.length = cpu_to_le16(size);
664 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
665 } else // as per intel docs; skip descriptors with null buf addr
666 DBGOUT(RX, "Null RX descriptor!!\n");
667 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
669 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
672 /* see comment in start_xmit; same here */
673 if (s->mac_reg[RDH] == rdh_start) {
674 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
675 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
676 set_ics(s, 0, E1000_ICS_RXO);
679 } while (desc.buffer_addr == 0);
683 n = s->mac_reg[TORL];
684 if ((s->mac_reg[TORL] += size) < n)
688 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
689 rdt += s->mac_reg[RDLEN] / sizeof(desc);
690 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
692 n |= E1000_ICS_RXDMT0;
700 mac_readreg(E1000State *s, int index)
702 return s->mac_reg[index];
706 mac_icr_read(E1000State *s, int index)
708 uint32_t ret = s->mac_reg[ICR];
710 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
711 set_interrupt_cause(s, 0, 0);
716 mac_read_clr4(E1000State *s, int index)
718 uint32_t ret = s->mac_reg[index];
720 s->mac_reg[index] = 0;
725 mac_read_clr8(E1000State *s, int index)
727 uint32_t ret = s->mac_reg[index];
729 s->mac_reg[index] = 0;
730 s->mac_reg[index-1] = 0;
735 mac_writereg(E1000State *s, int index, uint32_t val)
737 s->mac_reg[index] = val;
741 set_rdt(E1000State *s, int index, uint32_t val)
744 s->mac_reg[index] = val & 0xffff;
748 set_16bit(E1000State *s, int index, uint32_t val)
750 s->mac_reg[index] = val & 0xffff;
754 set_dlen(E1000State *s, int index, uint32_t val)
756 s->mac_reg[index] = val & 0xfff80;
760 set_tctl(E1000State *s, int index, uint32_t val)
762 s->mac_reg[index] = val;
763 s->mac_reg[TDT] &= 0xffff;
768 set_icr(E1000State *s, int index, uint32_t val)
770 DBGOUT(INTERRUPT, "set_icr %x\n", val);
771 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
775 set_imc(E1000State *s, int index, uint32_t val)
777 s->mac_reg[IMS] &= ~val;
782 set_ims(E1000State *s, int index, uint32_t val)
784 s->mac_reg[IMS] |= val;
788 #define getreg(x) [x] = mac_readreg
789 static uint32_t (*macreg_readops[])(E1000State *, int) = {
790 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
791 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
792 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
793 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
794 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
795 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
796 getreg(TDLEN), getreg(RDLEN),
798 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
799 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
800 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
801 [CRCERRS ... MPC] = &mac_readreg,
802 [RA ... RA+31] = &mac_readreg,
803 [MTA ... MTA+127] = &mac_readreg,
804 [VFTA ... VFTA+127] = &mac_readreg,
806 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
808 #define putreg(x) [x] = mac_writereg
809 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
810 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
811 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
812 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
813 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
814 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
815 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
816 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
817 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
818 [RA ... RA+31] = &mac_writereg,
819 [MTA ... MTA+127] = &mac_writereg,
820 [VFTA ... VFTA+127] = &mac_writereg,
822 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
825 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
827 E1000State *s = opaque;
828 unsigned int index = (addr & 0x1ffff) >> 2;
830 #ifdef TARGET_WORDS_BIGENDIAN
833 if (index < NWRITEOPS && macreg_writeops[index])
834 macreg_writeops[index](s, index, val);
835 else if (index < NREADOPS && macreg_readops[index])
836 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
838 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
843 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
845 // emulate hw without byte enables: no RMW
846 e1000_mmio_writel(opaque, addr & ~3,
847 (val & 0xffff) << (8*(addr & 3)));
851 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
853 // emulate hw without byte enables: no RMW
854 e1000_mmio_writel(opaque, addr & ~3,
855 (val & 0xff) << (8*(addr & 3)));
859 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
861 E1000State *s = opaque;
862 unsigned int index = (addr & 0x1ffff) >> 2;
864 if (index < NREADOPS && macreg_readops[index])
866 uint32_t val = macreg_readops[index](s, index);
867 #ifdef TARGET_WORDS_BIGENDIAN
872 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
877 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
879 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
880 (8 * (addr & 3))) & 0xff;
884 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
886 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
887 (8 * (addr & 3))) & 0xffff;
890 static bool is_version_1(void *opaque, int version_id)
892 return version_id == 1;
895 static const VMStateDescription vmstate_e1000 = {
898 .minimum_version_id = 1,
899 .minimum_version_id_old = 1,
900 .fields = (VMStateField []) {
901 VMSTATE_PCI_DEVICE(dev, E1000State),
902 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
903 VMSTATE_UNUSED(4), /* Was mmio_base. */
904 VMSTATE_UINT32(rxbuf_size, E1000State),
905 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
906 VMSTATE_UINT32(eecd_state.val_in, E1000State),
907 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
908 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
909 VMSTATE_UINT16(eecd_state.reading, E1000State),
910 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
911 VMSTATE_UINT8(tx.ipcss, E1000State),
912 VMSTATE_UINT8(tx.ipcso, E1000State),
913 VMSTATE_UINT16(tx.ipcse, E1000State),
914 VMSTATE_UINT8(tx.tucss, E1000State),
915 VMSTATE_UINT8(tx.tucso, E1000State),
916 VMSTATE_UINT16(tx.tucse, E1000State),
917 VMSTATE_UINT32(tx.paylen, E1000State),
918 VMSTATE_UINT8(tx.hdr_len, E1000State),
919 VMSTATE_UINT16(tx.mss, E1000State),
920 VMSTATE_UINT16(tx.size, E1000State),
921 VMSTATE_UINT16(tx.tso_frames, E1000State),
922 VMSTATE_UINT8(tx.sum_needed, E1000State),
923 VMSTATE_INT8(tx.ip, E1000State),
924 VMSTATE_INT8(tx.tcp, E1000State),
925 VMSTATE_BUFFER(tx.header, E1000State),
926 VMSTATE_BUFFER(tx.data, E1000State),
927 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
928 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
929 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
930 VMSTATE_UINT32(mac_reg[EECD], E1000State),
931 VMSTATE_UINT32(mac_reg[EERD], E1000State),
932 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
933 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
934 VMSTATE_UINT32(mac_reg[ICR], E1000State),
935 VMSTATE_UINT32(mac_reg[ICS], E1000State),
936 VMSTATE_UINT32(mac_reg[IMC], E1000State),
937 VMSTATE_UINT32(mac_reg[IMS], E1000State),
938 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
939 VMSTATE_UINT32(mac_reg[MANC], E1000State),
940 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
941 VMSTATE_UINT32(mac_reg[MPC], E1000State),
942 VMSTATE_UINT32(mac_reg[PBA], E1000State),
943 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
944 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
945 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
946 VMSTATE_UINT32(mac_reg[RDH], E1000State),
947 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
948 VMSTATE_UINT32(mac_reg[RDT], E1000State),
949 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
950 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
951 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
952 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
953 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
954 VMSTATE_UINT32(mac_reg[TDH], E1000State),
955 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
956 VMSTATE_UINT32(mac_reg[TDT], E1000State),
957 VMSTATE_UINT32(mac_reg[TORH], E1000State),
958 VMSTATE_UINT32(mac_reg[TORL], E1000State),
959 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
960 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
961 VMSTATE_UINT32(mac_reg[TPR], E1000State),
962 VMSTATE_UINT32(mac_reg[TPT], E1000State),
963 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
964 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
965 VMSTATE_UINT32(mac_reg[VET], E1000State),
966 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
967 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
968 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
969 VMSTATE_END_OF_LIST()
973 static const uint16_t e1000_eeprom_template[64] = {
974 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
975 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
976 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
977 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
978 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
979 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
980 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
981 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
984 static const uint16_t phy_reg_init[] = {
985 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
986 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
987 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
988 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
989 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
990 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
993 static const uint32_t mac_reg_init[] = {
996 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
997 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
998 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
999 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1000 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1002 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1003 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1009 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1010 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1013 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1014 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1018 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1019 pcibus_t addr, pcibus_t size, int type)
1021 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1023 const uint32_t excluded_regs[] = {
1024 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1025 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1029 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1032 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1033 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1035 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1036 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1037 excluded_regs[i + 1] -
1038 excluded_regs[i] - 4);
1042 e1000_cleanup(VLANClientState *nc)
1044 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1050 pci_e1000_uninit(PCIDevice *dev)
1052 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1054 cpu_unregister_io_memory(d->mmio_index);
1055 qemu_del_vlan_client(&d->nic->nc);
1059 static void e1000_reset(void *opaque)
1061 E1000State *d = opaque;
1063 memset(d->phy_reg, 0, sizeof d->phy_reg);
1064 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1065 memset(d->mac_reg, 0, sizeof d->mac_reg);
1066 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1067 d->rxbuf_min_shift = 1;
1068 memset(&d->tx, 0, sizeof d->tx);
1071 static NetClientInfo net_e1000_info = {
1072 .type = NET_CLIENT_TYPE_NIC,
1073 .size = sizeof(NICState),
1074 .can_receive = e1000_can_receive,
1075 .receive = e1000_receive,
1076 .cleanup = e1000_cleanup,
1077 .link_status_changed = e1000_set_link_status,
1080 static int pci_e1000_init(PCIDevice *pci_dev)
1082 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1084 uint16_t checksum = 0;
1088 pci_conf = d->dev.config;
1090 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1091 pci_config_set_device_id(pci_conf, E1000_DEVID);
1092 /* TODO: we have no capabilities, so why is this bit set? */
1093 pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_CAP_LIST);
1094 pci_conf[PCI_REVISION_ID] = 0x03;
1095 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1096 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1097 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1099 /* TODO: RST# value should be 0 if programmable, PCI spec 6.2.4 */
1100 pci_conf[PCI_INTERRUPT_PIN] = 1; // interrupt pin 0
1102 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1103 e1000_mmio_write, d);
1105 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1106 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1108 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1109 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1111 memmove(d->eeprom_data, e1000_eeprom_template,
1112 sizeof e1000_eeprom_template);
1113 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1114 macaddr = d->conf.macaddr.a;
1115 for (i = 0; i < 3; i++)
1116 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1117 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1118 checksum += d->eeprom_data[i];
1119 checksum = (uint16_t) EEPROM_SUM - checksum;
1120 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1122 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1123 d->dev.qdev.info->name, d->dev.qdev.id, d);
1125 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1129 static void qdev_e1000_reset(DeviceState *dev)
1131 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1135 static PCIDeviceInfo e1000_info = {
1136 .qdev.name = "e1000",
1137 .qdev.desc = "Intel Gigabit Ethernet",
1138 .qdev.size = sizeof(E1000State),
1139 .qdev.reset = qdev_e1000_reset,
1140 .qdev.vmsd = &vmstate_e1000,
1141 .init = pci_e1000_init,
1142 .exit = pci_e1000_uninit,
1143 .romfile = "pxe-e1000.bin",
1144 .qdev.props = (Property[]) {
1145 DEFINE_NIC_PROPERTIES(E1000State, conf),
1146 DEFINE_PROP_END_OF_LIST(),
1150 static void e1000_register_devices(void)
1152 pci_qdev_register(&e1000_info);
1155 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob