4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
40 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
41 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
42 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
43 DEBUG_RXFILTER, DEBUG_NOTYET,
45 #define DBGBIT(x) (1<<DEBUG_##x)
46 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
48 #define DBGOUT(what, fmt, ...) do { \
49 if (debugflags & DBGBIT(what)) \
50 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #define IOPORT_SIZE 0x40
57 #define PNPMMIO_SIZE 0x20000
61 * E1000_DEV_ID_82540EM works with Windows and Linux
62 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
63 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
64 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
67 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
70 * May need to specify additional MAC-to-PHY entries --
71 * Intel's Windows driver refuses to initialize unless they match
74 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
75 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
76 /* default to E1000_DEV_ID_82540EM */ 0xc20
79 typedef struct E1000State_st {
85 uint32_t mac_reg[0x8000];
86 uint16_t phy_reg[0x20];
87 uint16_t eeprom_data[64];
90 uint32_t rxbuf_min_shift;
93 unsigned char header[256];
94 unsigned char vlan_header[4];
95 /* Fields vlan and data must not be reordered or separated. */
96 unsigned char vlan[4];
97 unsigned char data[0x10000];
99 unsigned char sum_needed;
100 unsigned char vlan_needed;
114 char cptse; // current packet tse bit
118 uint32_t val_in; // shifted in from guest driver
126 #define defreg(x) x = (E1000_##x>>2)
128 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
129 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
130 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
131 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
132 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
133 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
134 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
135 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
136 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
137 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
141 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
142 static const char phy_regcap[0x20] = {
143 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
144 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
145 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
146 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
147 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
148 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
152 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
153 pcibus_t size, int type)
155 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
156 " size=0x%08"FMT_PCIBUS"\n", addr, size);
160 set_interrupt_cause(E1000State *s, int index, uint32_t val)
163 val |= E1000_ICR_INT_ASSERTED;
164 s->mac_reg[ICR] = val;
165 s->mac_reg[ICS] = val;
166 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
170 set_ics(E1000State *s, int index, uint32_t val)
172 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
174 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
178 rxbufsize(uint32_t v)
180 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
181 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
182 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
184 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
186 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
188 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
190 case E1000_RCTL_SZ_1024:
192 case E1000_RCTL_SZ_512:
194 case E1000_RCTL_SZ_256:
201 set_ctrl(E1000State *s, int index, uint32_t val)
203 /* RST is self clearing */
204 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
208 set_rx_control(E1000State *s, int index, uint32_t val)
210 s->mac_reg[RCTL] = val;
211 s->rxbuf_size = rxbufsize(val);
212 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
213 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
218 set_mdic(E1000State *s, int index, uint32_t val)
220 uint32_t data = val & E1000_MDIC_DATA_MASK;
221 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
223 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
224 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
225 else if (val & E1000_MDIC_OP_READ) {
226 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
227 if (!(phy_regcap[addr] & PHY_R)) {
228 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
229 val |= E1000_MDIC_ERROR;
231 val = (val ^ data) | s->phy_reg[addr];
232 } else if (val & E1000_MDIC_OP_WRITE) {
233 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
234 if (!(phy_regcap[addr] & PHY_W)) {
235 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
236 val |= E1000_MDIC_ERROR;
238 s->phy_reg[addr] = data;
240 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
241 set_ics(s, 0, E1000_ICR_MDAC);
245 get_eecd(E1000State *s, int index)
247 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
249 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
250 s->eecd_state.bitnum_out, s->eecd_state.reading);
251 if (!s->eecd_state.reading ||
252 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
253 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
254 ret |= E1000_EECD_DO;
259 set_eecd(E1000State *s, int index, uint32_t val)
261 uint32_t oldval = s->eecd_state.old_eecd;
263 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
264 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
265 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
267 if (!(E1000_EECD_SK & val)) { // falling edge
268 s->eecd_state.bitnum_out++;
271 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
272 memset(&s->eecd_state, 0, sizeof s->eecd_state);
274 * restore old_eecd's E1000_EECD_SK (known to be on)
275 * to avoid false detection of a clock edge
277 s->eecd_state.old_eecd = E1000_EECD_SK;
280 s->eecd_state.val_in <<= 1;
281 if (val & E1000_EECD_DI)
282 s->eecd_state.val_in |= 1;
283 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
284 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
285 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
286 EEPROM_READ_OPCODE_MICROWIRE);
288 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
289 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
290 s->eecd_state.reading);
294 flash_eerd_read(E1000State *s, int x)
296 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
298 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
299 return (s->mac_reg[EERD]);
301 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
302 return (E1000_EEPROM_RW_REG_DONE | r);
304 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
305 E1000_EEPROM_RW_REG_DONE | r);
309 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
316 sum = net_checksum_add(n-css, data+css);
317 cpu_to_be16wu((uint16_t *)(data + sloc),
318 net_checksum_finish(sum));
323 vlan_enabled(E1000State *s)
325 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
329 vlan_rx_filter_enabled(E1000State *s)
331 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
335 is_vlan_packet(E1000State *s, const uint8_t *buf)
337 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
338 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
342 is_vlan_txd(uint32_t txd_lower)
344 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
348 xmit_seg(E1000State *s)
351 unsigned int frames = s->tx.tso_frames, css, sofar, n;
352 struct e1000_tx *tp = &s->tx;
354 if (tp->tse && tp->cptse) {
356 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
357 frames, tp->size, css);
358 if (tp->ip) { // IPv4
359 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
361 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
362 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
364 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
367 len = tp->size - css;
368 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
370 sofar = frames * tp->mss;
371 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
372 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
373 if (tp->paylen - sofar > tp->mss)
374 tp->data[css + 13] &= ~9; // PSH, FIN
376 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
377 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
378 // add pseudo-header length before checksum calculation
379 sp = (uint16_t *)(tp->data + tp->tucso);
380 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
385 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
386 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
387 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
388 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
389 if (tp->vlan_needed) {
390 memmove(tp->vlan, tp->data, 4);
391 memmove(tp->data, tp->data + 4, 8);
392 memcpy(tp->data + 8, tp->vlan_header, 4);
393 qemu_send_packet(&s->nic->nc, tp->vlan, tp->size + 4);
395 qemu_send_packet(&s->nic->nc, tp->data, tp->size);
398 n = s->mac_reg[TOTL];
399 if ((s->mac_reg[TOTL] += s->tx.size) < n)
404 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
406 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
407 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
408 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
409 unsigned int msh = 0xfffff, hdr = 0;
411 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
412 struct e1000_tx *tp = &s->tx;
414 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
415 op = le32_to_cpu(xp->cmd_and_length);
416 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
417 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
418 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
419 tp->tucss = xp->upper_setup.tcp_fields.tucss;
420 tp->tucso = xp->upper_setup.tcp_fields.tucso;
421 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
422 tp->paylen = op & 0xfffff;
423 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
424 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
425 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
426 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
427 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
429 if (tp->tucso == 0) { // this is probably wrong
430 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
431 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
434 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
436 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
437 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
442 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
443 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
445 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
446 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
447 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
448 le16_to_cpu(dp->upper.fields.special));
451 addr = le64_to_cpu(dp->buffer_addr);
452 if (tp->tse && tp->cptse) {
457 if (tp->size + bytes > msh)
458 bytes = msh - tp->size;
459 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
460 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
461 memmove(tp->header, tp->data, hdr);
466 memmove(tp->data, tp->header, hdr);
469 } while (split_size -= bytes);
470 } else if (!tp->tse && tp->cptse) {
471 // context descriptor TSE is not set, while data descriptor TSE is set
472 DBGOUT(TXERR, "TCP segmentaion Error\n");
474 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
475 tp->size += split_size;
478 if (!(txd_lower & E1000_TXD_CMD_EOP))
480 if (!(tp->tse && tp->cptse && tp->size < hdr))
490 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
492 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
494 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
496 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
497 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
498 dp->upper.data = cpu_to_le32(txd_upper);
499 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
500 (void *)&dp->upper, sizeof(dp->upper));
501 return E1000_ICR_TXDW;
505 start_xmit(E1000State *s)
507 target_phys_addr_t base;
508 struct e1000_tx_desc desc;
509 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
511 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
512 DBGOUT(TX, "tx disabled\n");
516 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
517 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
518 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
519 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
521 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
522 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
525 process_tx_desc(s, &desc);
526 cause |= txdesc_writeback(base, &desc);
528 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
531 * the following could happen only if guest sw assigns
532 * bogus values to TDT/TDLEN.
533 * there's nothing too intelligent we could do about this.
535 if (s->mac_reg[TDH] == tdh_start) {
536 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
537 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
541 set_ics(s, 0, cause);
545 receive_filter(E1000State *s, const uint8_t *buf, int size)
547 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
548 static const int mta_shift[] = {4, 3, 2, 0};
549 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
551 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
552 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
553 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
554 ((vid >> 5) & 0x7f));
555 if ((vfta & (1 << (vid & 0x1f))) == 0)
559 if (rctl & E1000_RCTL_UPE) // promiscuous
562 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
565 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
568 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
569 if (!(rp[1] & E1000_RAH_AV))
571 ra[0] = cpu_to_le32(rp[0]);
572 ra[1] = cpu_to_le32(rp[1]);
573 if (!memcmp(buf, (uint8_t *)ra, 6)) {
575 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
576 (int)(rp - s->mac_reg - RA)/2,
577 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
581 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
582 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
584 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
585 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
586 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
589 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
590 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
591 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
592 s->mac_reg[MTA + (f >> 5)]);
598 e1000_set_link_status(VLANClientState *nc)
600 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
601 uint32_t old_status = s->mac_reg[STATUS];
604 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
606 s->mac_reg[STATUS] |= E1000_STATUS_LU;
608 if (s->mac_reg[STATUS] != old_status)
609 set_ics(s, 0, E1000_ICR_LSC);
613 e1000_can_receive(VLANClientState *nc)
615 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
617 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
621 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
623 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
624 struct e1000_rx_desc desc;
625 target_phys_addr_t base;
628 uint16_t vlan_special = 0;
629 uint8_t vlan_status = 0, vlan_offset = 0;
631 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
634 if (size > s->rxbuf_size) {
635 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
636 (unsigned long)size, s->rxbuf_size);
640 if (!receive_filter(s, buf, size))
643 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
644 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
645 memmove((uint8_t *)buf + 4, buf, 12);
646 vlan_status = E1000_RXD_STAT_VP;
651 rdh_start = s->mac_reg[RDH];
653 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
654 set_ics(s, 0, E1000_ICS_RXO);
657 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
658 sizeof(desc) * s->mac_reg[RDH];
659 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
660 desc.special = vlan_special;
661 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
662 if (desc.buffer_addr) {
663 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
664 (void *)(buf + vlan_offset), size);
665 desc.length = cpu_to_le16(size + 4 /* for FCS */);
666 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
667 } else // as per intel docs; skip descriptors with null buf addr
668 DBGOUT(RX, "Null RX descriptor!!\n");
669 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
671 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
674 /* see comment in start_xmit; same here */
675 if (s->mac_reg[RDH] == rdh_start) {
676 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
677 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
678 set_ics(s, 0, E1000_ICS_RXO);
681 } while (desc.buffer_addr == 0);
685 n = s->mac_reg[TORL];
686 if ((s->mac_reg[TORL] += size) < n)
690 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
691 rdt += s->mac_reg[RDLEN] / sizeof(desc);
692 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
694 n |= E1000_ICS_RXDMT0;
702 mac_readreg(E1000State *s, int index)
704 return s->mac_reg[index];
708 mac_icr_read(E1000State *s, int index)
710 uint32_t ret = s->mac_reg[ICR];
712 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
713 set_interrupt_cause(s, 0, 0);
718 mac_read_clr4(E1000State *s, int index)
720 uint32_t ret = s->mac_reg[index];
722 s->mac_reg[index] = 0;
727 mac_read_clr8(E1000State *s, int index)
729 uint32_t ret = s->mac_reg[index];
731 s->mac_reg[index] = 0;
732 s->mac_reg[index-1] = 0;
737 mac_writereg(E1000State *s, int index, uint32_t val)
739 s->mac_reg[index] = val;
743 set_rdt(E1000State *s, int index, uint32_t val)
746 s->mac_reg[index] = val & 0xffff;
750 set_16bit(E1000State *s, int index, uint32_t val)
752 s->mac_reg[index] = val & 0xffff;
756 set_dlen(E1000State *s, int index, uint32_t val)
758 s->mac_reg[index] = val & 0xfff80;
762 set_tctl(E1000State *s, int index, uint32_t val)
764 s->mac_reg[index] = val;
765 s->mac_reg[TDT] &= 0xffff;
770 set_icr(E1000State *s, int index, uint32_t val)
772 DBGOUT(INTERRUPT, "set_icr %x\n", val);
773 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
777 set_imc(E1000State *s, int index, uint32_t val)
779 s->mac_reg[IMS] &= ~val;
784 set_ims(E1000State *s, int index, uint32_t val)
786 s->mac_reg[IMS] |= val;
790 #define getreg(x) [x] = mac_readreg
791 static uint32_t (*macreg_readops[])(E1000State *, int) = {
792 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
793 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
794 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
795 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
796 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
797 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
798 getreg(TDLEN), getreg(RDLEN),
800 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
801 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
802 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
803 [CRCERRS ... MPC] = &mac_readreg,
804 [RA ... RA+31] = &mac_readreg,
805 [MTA ... MTA+127] = &mac_readreg,
806 [VFTA ... VFTA+127] = &mac_readreg,
808 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
810 #define putreg(x) [x] = mac_writereg
811 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
812 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
813 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
814 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
815 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
816 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
817 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
818 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
819 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
820 [RA ... RA+31] = &mac_writereg,
821 [MTA ... MTA+127] = &mac_writereg,
822 [VFTA ... VFTA+127] = &mac_writereg,
824 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
827 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
829 E1000State *s = opaque;
830 unsigned int index = (addr & 0x1ffff) >> 2;
832 #ifdef TARGET_WORDS_BIGENDIAN
835 if (index < NWRITEOPS && macreg_writeops[index])
836 macreg_writeops[index](s, index, val);
837 else if (index < NREADOPS && macreg_readops[index])
838 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
840 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
845 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
847 // emulate hw without byte enables: no RMW
848 e1000_mmio_writel(opaque, addr & ~3,
849 (val & 0xffff) << (8*(addr & 3)));
853 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
855 // emulate hw without byte enables: no RMW
856 e1000_mmio_writel(opaque, addr & ~3,
857 (val & 0xff) << (8*(addr & 3)));
861 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
863 E1000State *s = opaque;
864 unsigned int index = (addr & 0x1ffff) >> 2;
866 if (index < NREADOPS && macreg_readops[index])
868 uint32_t val = macreg_readops[index](s, index);
869 #ifdef TARGET_WORDS_BIGENDIAN
874 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
879 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
881 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
882 (8 * (addr & 3))) & 0xff;
886 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
888 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
889 (8 * (addr & 3))) & 0xffff;
892 static bool is_version_1(void *opaque, int version_id)
894 return version_id == 1;
897 static const VMStateDescription vmstate_e1000 = {
900 .minimum_version_id = 1,
901 .minimum_version_id_old = 1,
902 .fields = (VMStateField []) {
903 VMSTATE_PCI_DEVICE(dev, E1000State),
904 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
905 VMSTATE_UNUSED(4), /* Was mmio_base. */
906 VMSTATE_UINT32(rxbuf_size, E1000State),
907 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
908 VMSTATE_UINT32(eecd_state.val_in, E1000State),
909 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
910 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
911 VMSTATE_UINT16(eecd_state.reading, E1000State),
912 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
913 VMSTATE_UINT8(tx.ipcss, E1000State),
914 VMSTATE_UINT8(tx.ipcso, E1000State),
915 VMSTATE_UINT16(tx.ipcse, E1000State),
916 VMSTATE_UINT8(tx.tucss, E1000State),
917 VMSTATE_UINT8(tx.tucso, E1000State),
918 VMSTATE_UINT16(tx.tucse, E1000State),
919 VMSTATE_UINT32(tx.paylen, E1000State),
920 VMSTATE_UINT8(tx.hdr_len, E1000State),
921 VMSTATE_UINT16(tx.mss, E1000State),
922 VMSTATE_UINT16(tx.size, E1000State),
923 VMSTATE_UINT16(tx.tso_frames, E1000State),
924 VMSTATE_UINT8(tx.sum_needed, E1000State),
925 VMSTATE_INT8(tx.ip, E1000State),
926 VMSTATE_INT8(tx.tcp, E1000State),
927 VMSTATE_BUFFER(tx.header, E1000State),
928 VMSTATE_BUFFER(tx.data, E1000State),
929 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
930 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
931 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
932 VMSTATE_UINT32(mac_reg[EECD], E1000State),
933 VMSTATE_UINT32(mac_reg[EERD], E1000State),
934 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
935 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
936 VMSTATE_UINT32(mac_reg[ICR], E1000State),
937 VMSTATE_UINT32(mac_reg[ICS], E1000State),
938 VMSTATE_UINT32(mac_reg[IMC], E1000State),
939 VMSTATE_UINT32(mac_reg[IMS], E1000State),
940 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
941 VMSTATE_UINT32(mac_reg[MANC], E1000State),
942 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
943 VMSTATE_UINT32(mac_reg[MPC], E1000State),
944 VMSTATE_UINT32(mac_reg[PBA], E1000State),
945 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
946 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
947 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
948 VMSTATE_UINT32(mac_reg[RDH], E1000State),
949 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
950 VMSTATE_UINT32(mac_reg[RDT], E1000State),
951 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
952 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
953 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
954 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
955 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
956 VMSTATE_UINT32(mac_reg[TDH], E1000State),
957 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
958 VMSTATE_UINT32(mac_reg[TDT], E1000State),
959 VMSTATE_UINT32(mac_reg[TORH], E1000State),
960 VMSTATE_UINT32(mac_reg[TORL], E1000State),
961 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
962 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
963 VMSTATE_UINT32(mac_reg[TPR], E1000State),
964 VMSTATE_UINT32(mac_reg[TPT], E1000State),
965 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
966 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
967 VMSTATE_UINT32(mac_reg[VET], E1000State),
968 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
969 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
970 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
971 VMSTATE_END_OF_LIST()
975 static const uint16_t e1000_eeprom_template[64] = {
976 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
977 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
978 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
979 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
980 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
981 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
982 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
983 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
986 static const uint16_t phy_reg_init[] = {
987 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
988 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
989 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
990 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
991 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
992 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
995 static const uint32_t mac_reg_init[] = {
998 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
999 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
1000 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
1001 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1002 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1004 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1005 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1011 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1012 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1015 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1016 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1020 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1021 pcibus_t addr, pcibus_t size, int type)
1023 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1025 const uint32_t excluded_regs[] = {
1026 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1027 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1031 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1034 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1035 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1037 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1038 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1039 excluded_regs[i + 1] -
1040 excluded_regs[i] - 4);
1044 e1000_cleanup(VLANClientState *nc)
1046 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1052 pci_e1000_uninit(PCIDevice *dev)
1054 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1056 cpu_unregister_io_memory(d->mmio_index);
1057 qemu_del_vlan_client(&d->nic->nc);
1061 static void e1000_reset(void *opaque)
1063 E1000State *d = opaque;
1065 memset(d->phy_reg, 0, sizeof d->phy_reg);
1066 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1067 memset(d->mac_reg, 0, sizeof d->mac_reg);
1068 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1069 d->rxbuf_min_shift = 1;
1070 memset(&d->tx, 0, sizeof d->tx);
1073 static NetClientInfo net_e1000_info = {
1074 .type = NET_CLIENT_TYPE_NIC,
1075 .size = sizeof(NICState),
1076 .can_receive = e1000_can_receive,
1077 .receive = e1000_receive,
1078 .cleanup = e1000_cleanup,
1079 .link_status_changed = e1000_set_link_status,
1082 static int pci_e1000_init(PCIDevice *pci_dev)
1084 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1086 uint16_t checksum = 0;
1090 pci_conf = d->dev.config;
1092 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1093 pci_config_set_device_id(pci_conf, E1000_DEVID);
1094 /* TODO: we have no capabilities, so why is this bit set? */
1095 pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_CAP_LIST);
1096 pci_conf[PCI_REVISION_ID] = 0x03;
1097 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1098 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1099 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1101 /* TODO: RST# value should be 0 if programmable, PCI spec 6.2.4 */
1102 pci_conf[PCI_INTERRUPT_PIN] = 1; // interrupt pin 0
1104 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1105 e1000_mmio_write, d);
1107 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1108 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1110 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1111 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1113 memmove(d->eeprom_data, e1000_eeprom_template,
1114 sizeof e1000_eeprom_template);
1115 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1116 macaddr = d->conf.macaddr.a;
1117 for (i = 0; i < 3; i++)
1118 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1119 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1120 checksum += d->eeprom_data[i];
1121 checksum = (uint16_t) EEPROM_SUM - checksum;
1122 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1124 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1125 d->dev.qdev.info->name, d->dev.qdev.id, d);
1127 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1131 static void qdev_e1000_reset(DeviceState *dev)
1133 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1137 static PCIDeviceInfo e1000_info = {
1138 .qdev.name = "e1000",
1139 .qdev.desc = "Intel Gigabit Ethernet",
1140 .qdev.size = sizeof(E1000State),
1141 .qdev.reset = qdev_e1000_reset,
1142 .qdev.vmsd = &vmstate_e1000,
1143 .init = pci_e1000_init,
1144 .exit = pci_e1000_uninit,
1145 .romfile = "pxe-e1000.bin",
1146 .qdev.props = (Property[]) {
1147 DEFINE_NIC_PROPERTIES(E1000State, conf),
1148 DEFINE_PROP_END_OF_LIST(),
1152 static void e1000_register_devices(void)
1154 pci_qdev_register(&e1000_info);
1157 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob