4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
40 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
41 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
42 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
43 DEBUG_RXFILTER, DEBUG_NOTYET,
45 #define DBGBIT(x) (1<<DEBUG_##x)
46 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
48 #define DBGOUT(what, fmt, ...) do { \
49 if (debugflags & DBGBIT(what)) \
50 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #define IOPORT_SIZE 0x40
57 #define PNPMMIO_SIZE 0x20000
58 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
62 * E1000_DEV_ID_82540EM works with Windows and Linux
63 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
64 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
65 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
68 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
71 * May need to specify additional MAC-to-PHY entries --
72 * Intel's Windows driver refuses to initialize unless they match
75 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
76 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
77 /* default to E1000_DEV_ID_82540EM */ 0xc20
80 typedef struct E1000State_st {
86 uint32_t mac_reg[0x8000];
87 uint16_t phy_reg[0x20];
88 uint16_t eeprom_data[64];
91 uint32_t rxbuf_min_shift;
94 unsigned char header[256];
95 unsigned char vlan_header[4];
96 /* Fields vlan and data must not be reordered or separated. */
97 unsigned char vlan[4];
98 unsigned char data[0x10000];
100 unsigned char sum_needed;
101 unsigned char vlan_needed;
115 char cptse; // current packet tse bit
119 uint32_t val_in; // shifted in from guest driver
127 #define defreg(x) x = (E1000_##x>>2)
129 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
130 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
131 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
132 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
133 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
134 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
135 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
136 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
137 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
138 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
142 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
143 static const char phy_regcap[0x20] = {
144 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
145 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
146 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
147 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
148 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
149 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
153 ioport_map(PCIDevice *pci_dev, int region_num, pcibus_t addr,
154 pcibus_t size, int type)
156 DBGOUT(IO, "e1000_ioport_map addr=0x%04"FMT_PCIBUS
157 " size=0x%08"FMT_PCIBUS"\n", addr, size);
161 set_interrupt_cause(E1000State *s, int index, uint32_t val)
164 val |= E1000_ICR_INT_ASSERTED;
165 s->mac_reg[ICR] = val;
166 s->mac_reg[ICS] = val;
167 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
171 set_ics(E1000State *s, int index, uint32_t val)
173 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
175 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
179 rxbufsize(uint32_t v)
181 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
182 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
183 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
185 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
187 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
189 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
191 case E1000_RCTL_SZ_1024:
193 case E1000_RCTL_SZ_512:
195 case E1000_RCTL_SZ_256:
202 set_ctrl(E1000State *s, int index, uint32_t val)
204 /* RST is self clearing */
205 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
209 set_rx_control(E1000State *s, int index, uint32_t val)
211 s->mac_reg[RCTL] = val;
212 s->rxbuf_size = rxbufsize(val);
213 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
214 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
219 set_mdic(E1000State *s, int index, uint32_t val)
221 uint32_t data = val & E1000_MDIC_DATA_MASK;
222 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
224 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
225 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
226 else if (val & E1000_MDIC_OP_READ) {
227 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
228 if (!(phy_regcap[addr] & PHY_R)) {
229 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
230 val |= E1000_MDIC_ERROR;
232 val = (val ^ data) | s->phy_reg[addr];
233 } else if (val & E1000_MDIC_OP_WRITE) {
234 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
235 if (!(phy_regcap[addr] & PHY_W)) {
236 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
237 val |= E1000_MDIC_ERROR;
239 s->phy_reg[addr] = data;
241 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
242 set_ics(s, 0, E1000_ICR_MDAC);
246 get_eecd(E1000State *s, int index)
248 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
250 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
251 s->eecd_state.bitnum_out, s->eecd_state.reading);
252 if (!s->eecd_state.reading ||
253 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
254 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
255 ret |= E1000_EECD_DO;
260 set_eecd(E1000State *s, int index, uint32_t val)
262 uint32_t oldval = s->eecd_state.old_eecd;
264 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
265 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
266 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
268 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
269 s->eecd_state.val_in = 0;
270 s->eecd_state.bitnum_in = 0;
271 s->eecd_state.bitnum_out = 0;
272 s->eecd_state.reading = 0;
274 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
276 if (!(E1000_EECD_SK & val)) { // falling edge
277 s->eecd_state.bitnum_out++;
280 s->eecd_state.val_in <<= 1;
281 if (val & E1000_EECD_DI)
282 s->eecd_state.val_in |= 1;
283 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
284 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
285 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
286 EEPROM_READ_OPCODE_MICROWIRE);
288 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
289 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
290 s->eecd_state.reading);
294 flash_eerd_read(E1000State *s, int x)
296 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
298 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
299 return (s->mac_reg[EERD]);
301 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
302 return (E1000_EEPROM_RW_REG_DONE | r);
304 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
305 E1000_EEPROM_RW_REG_DONE | r);
309 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
316 sum = net_checksum_add(n-css, data+css);
317 cpu_to_be16wu((uint16_t *)(data + sloc),
318 net_checksum_finish(sum));
323 vlan_enabled(E1000State *s)
325 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
329 vlan_rx_filter_enabled(E1000State *s)
331 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
335 is_vlan_packet(E1000State *s, const uint8_t *buf)
337 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
338 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
342 is_vlan_txd(uint32_t txd_lower)
344 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
347 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
348 * fill it in, just pad descriptor length by 4 bytes unless guest
349 * told us to strip it off the packet. */
351 fcs_len(E1000State *s)
353 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
357 xmit_seg(E1000State *s)
360 unsigned int frames = s->tx.tso_frames, css, sofar, n;
361 struct e1000_tx *tp = &s->tx;
363 if (tp->tse && tp->cptse) {
365 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
366 frames, tp->size, css);
367 if (tp->ip) { // IPv4
368 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
370 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
371 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
373 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
376 len = tp->size - css;
377 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
379 sofar = frames * tp->mss;
380 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
381 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
382 if (tp->paylen - sofar > tp->mss)
383 tp->data[css + 13] &= ~9; // PSH, FIN
385 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
386 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
387 // add pseudo-header length before checksum calculation
388 sp = (uint16_t *)(tp->data + tp->tucso);
389 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
394 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
395 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
396 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
397 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
398 if (tp->vlan_needed) {
399 memmove(tp->vlan, tp->data, 4);
400 memmove(tp->data, tp->data + 4, 8);
401 memcpy(tp->data + 8, tp->vlan_header, 4);
402 qemu_send_packet(&s->nic->nc, tp->vlan, tp->size + 4);
404 qemu_send_packet(&s->nic->nc, tp->data, tp->size);
407 n = s->mac_reg[TOTL];
408 if ((s->mac_reg[TOTL] += s->tx.size) < n)
413 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
415 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
416 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
417 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
418 unsigned int msh = 0xfffff, hdr = 0;
420 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
421 struct e1000_tx *tp = &s->tx;
423 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
424 op = le32_to_cpu(xp->cmd_and_length);
425 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
426 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
427 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
428 tp->tucss = xp->upper_setup.tcp_fields.tucss;
429 tp->tucso = xp->upper_setup.tcp_fields.tucso;
430 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
431 tp->paylen = op & 0xfffff;
432 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
433 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
434 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
435 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
436 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
438 if (tp->tucso == 0) { // this is probably wrong
439 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
440 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
443 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
445 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
446 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
451 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
452 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
454 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
455 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
456 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
457 le16_to_cpu(dp->upper.fields.special));
460 addr = le64_to_cpu(dp->buffer_addr);
461 if (tp->tse && tp->cptse) {
466 if (tp->size + bytes > msh)
467 bytes = msh - tp->size;
468 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
469 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
470 memmove(tp->header, tp->data, hdr);
475 memmove(tp->data, tp->header, hdr);
478 } while (split_size -= bytes);
479 } else if (!tp->tse && tp->cptse) {
480 // context descriptor TSE is not set, while data descriptor TSE is set
481 DBGOUT(TXERR, "TCP segmentaion Error\n");
483 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
484 tp->size += split_size;
487 if (!(txd_lower & E1000_TXD_CMD_EOP))
489 if (!(tp->tse && tp->cptse && tp->size < hdr))
499 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
501 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
503 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
505 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
506 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
507 dp->upper.data = cpu_to_le32(txd_upper);
508 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
509 (void *)&dp->upper, sizeof(dp->upper));
510 return E1000_ICR_TXDW;
514 start_xmit(E1000State *s)
516 target_phys_addr_t base;
517 struct e1000_tx_desc desc;
518 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
520 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
521 DBGOUT(TX, "tx disabled\n");
525 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
526 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
527 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
528 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
530 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
531 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
534 process_tx_desc(s, &desc);
535 cause |= txdesc_writeback(base, &desc);
537 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
540 * the following could happen only if guest sw assigns
541 * bogus values to TDT/TDLEN.
542 * there's nothing too intelligent we could do about this.
544 if (s->mac_reg[TDH] == tdh_start) {
545 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
546 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
550 set_ics(s, 0, cause);
554 receive_filter(E1000State *s, const uint8_t *buf, int size)
556 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
557 static const int mta_shift[] = {4, 3, 2, 0};
558 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
560 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
561 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
562 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
563 ((vid >> 5) & 0x7f));
564 if ((vfta & (1 << (vid & 0x1f))) == 0)
568 if (rctl & E1000_RCTL_UPE) // promiscuous
571 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
574 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
577 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
578 if (!(rp[1] & E1000_RAH_AV))
580 ra[0] = cpu_to_le32(rp[0]);
581 ra[1] = cpu_to_le32(rp[1]);
582 if (!memcmp(buf, (uint8_t *)ra, 6)) {
584 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
585 (int)(rp - s->mac_reg - RA)/2,
586 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
590 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
591 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
593 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
594 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
595 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
598 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
599 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
600 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
601 s->mac_reg[MTA + (f >> 5)]);
607 e1000_set_link_status(VLANClientState *nc)
609 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
610 uint32_t old_status = s->mac_reg[STATUS];
613 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
615 s->mac_reg[STATUS] |= E1000_STATUS_LU;
617 if (s->mac_reg[STATUS] != old_status)
618 set_ics(s, 0, E1000_ICR_LSC);
622 e1000_can_receive(VLANClientState *nc)
624 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
626 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
630 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
632 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
633 struct e1000_rx_desc desc;
634 target_phys_addr_t base;
637 uint16_t vlan_special = 0;
638 uint8_t vlan_status = 0, vlan_offset = 0;
639 uint8_t min_buf[MIN_BUF_SIZE];
641 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
644 /* Pad to minimum Ethernet frame length */
645 if (size < sizeof(min_buf)) {
646 memcpy(min_buf, buf, size);
647 memset(&min_buf[size], 0, sizeof(min_buf) - size);
649 size = sizeof(min_buf);
652 if (size > s->rxbuf_size) {
653 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
654 (unsigned long)size, s->rxbuf_size);
658 if (!receive_filter(s, buf, size))
661 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
662 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
663 memmove((uint8_t *)buf + 4, buf, 12);
664 vlan_status = E1000_RXD_STAT_VP;
669 rdh_start = s->mac_reg[RDH];
671 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
672 set_ics(s, 0, E1000_ICS_RXO);
675 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
676 sizeof(desc) * s->mac_reg[RDH];
677 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
678 desc.special = vlan_special;
679 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
680 if (desc.buffer_addr) {
681 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
682 (void *)(buf + vlan_offset), size);
683 desc.length = cpu_to_le16(size + fcs_len(s));
684 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
685 } else // as per intel docs; skip descriptors with null buf addr
686 DBGOUT(RX, "Null RX descriptor!!\n");
687 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
689 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
692 /* see comment in start_xmit; same here */
693 if (s->mac_reg[RDH] == rdh_start) {
694 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
695 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
696 set_ics(s, 0, E1000_ICS_RXO);
699 } while (desc.buffer_addr == 0);
703 /* TOR - Total Octets Received:
704 * This register includes bytes received in a packet from the <Destination
705 * Address> field through the <CRC> field, inclusively.
707 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
708 if (n < s->mac_reg[TORL])
710 s->mac_reg[TORL] = n;
713 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
714 rdt += s->mac_reg[RDLEN] / sizeof(desc);
715 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
717 n |= E1000_ICS_RXDMT0;
725 mac_readreg(E1000State *s, int index)
727 return s->mac_reg[index];
731 mac_icr_read(E1000State *s, int index)
733 uint32_t ret = s->mac_reg[ICR];
735 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
736 set_interrupt_cause(s, 0, 0);
741 mac_read_clr4(E1000State *s, int index)
743 uint32_t ret = s->mac_reg[index];
745 s->mac_reg[index] = 0;
750 mac_read_clr8(E1000State *s, int index)
752 uint32_t ret = s->mac_reg[index];
754 s->mac_reg[index] = 0;
755 s->mac_reg[index-1] = 0;
760 mac_writereg(E1000State *s, int index, uint32_t val)
762 s->mac_reg[index] = val;
766 set_rdt(E1000State *s, int index, uint32_t val)
769 s->mac_reg[index] = val & 0xffff;
773 set_16bit(E1000State *s, int index, uint32_t val)
775 s->mac_reg[index] = val & 0xffff;
779 set_dlen(E1000State *s, int index, uint32_t val)
781 s->mac_reg[index] = val & 0xfff80;
785 set_tctl(E1000State *s, int index, uint32_t val)
787 s->mac_reg[index] = val;
788 s->mac_reg[TDT] &= 0xffff;
793 set_icr(E1000State *s, int index, uint32_t val)
795 DBGOUT(INTERRUPT, "set_icr %x\n", val);
796 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
800 set_imc(E1000State *s, int index, uint32_t val)
802 s->mac_reg[IMS] &= ~val;
807 set_ims(E1000State *s, int index, uint32_t val)
809 s->mac_reg[IMS] |= val;
813 #define getreg(x) [x] = mac_readreg
814 static uint32_t (*macreg_readops[])(E1000State *, int) = {
815 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
816 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
817 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
818 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
819 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
820 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
821 getreg(TDLEN), getreg(RDLEN),
823 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
824 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
825 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
826 [CRCERRS ... MPC] = &mac_readreg,
827 [RA ... RA+31] = &mac_readreg,
828 [MTA ... MTA+127] = &mac_readreg,
829 [VFTA ... VFTA+127] = &mac_readreg,
831 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
833 #define putreg(x) [x] = mac_writereg
834 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
835 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
836 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
837 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
838 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
839 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
840 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
841 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
842 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
843 [RA ... RA+31] = &mac_writereg,
844 [MTA ... MTA+127] = &mac_writereg,
845 [VFTA ... VFTA+127] = &mac_writereg,
847 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
850 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
852 E1000State *s = opaque;
853 unsigned int index = (addr & 0x1ffff) >> 2;
855 #ifdef TARGET_WORDS_BIGENDIAN
858 if (index < NWRITEOPS && macreg_writeops[index])
859 macreg_writeops[index](s, index, val);
860 else if (index < NREADOPS && macreg_readops[index])
861 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
863 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
868 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
870 // emulate hw without byte enables: no RMW
871 e1000_mmio_writel(opaque, addr & ~3,
872 (val & 0xffff) << (8*(addr & 3)));
876 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
878 // emulate hw without byte enables: no RMW
879 e1000_mmio_writel(opaque, addr & ~3,
880 (val & 0xff) << (8*(addr & 3)));
884 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
886 E1000State *s = opaque;
887 unsigned int index = (addr & 0x1ffff) >> 2;
889 if (index < NREADOPS && macreg_readops[index])
891 uint32_t val = macreg_readops[index](s, index);
892 #ifdef TARGET_WORDS_BIGENDIAN
897 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
902 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
904 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
905 (8 * (addr & 3))) & 0xff;
909 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
911 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
912 (8 * (addr & 3))) & 0xffff;
915 static bool is_version_1(void *opaque, int version_id)
917 return version_id == 1;
920 static const VMStateDescription vmstate_e1000 = {
923 .minimum_version_id = 1,
924 .minimum_version_id_old = 1,
925 .fields = (VMStateField []) {
926 VMSTATE_PCI_DEVICE(dev, E1000State),
927 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
928 VMSTATE_UNUSED(4), /* Was mmio_base. */
929 VMSTATE_UINT32(rxbuf_size, E1000State),
930 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
931 VMSTATE_UINT32(eecd_state.val_in, E1000State),
932 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
933 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
934 VMSTATE_UINT16(eecd_state.reading, E1000State),
935 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
936 VMSTATE_UINT8(tx.ipcss, E1000State),
937 VMSTATE_UINT8(tx.ipcso, E1000State),
938 VMSTATE_UINT16(tx.ipcse, E1000State),
939 VMSTATE_UINT8(tx.tucss, E1000State),
940 VMSTATE_UINT8(tx.tucso, E1000State),
941 VMSTATE_UINT16(tx.tucse, E1000State),
942 VMSTATE_UINT32(tx.paylen, E1000State),
943 VMSTATE_UINT8(tx.hdr_len, E1000State),
944 VMSTATE_UINT16(tx.mss, E1000State),
945 VMSTATE_UINT16(tx.size, E1000State),
946 VMSTATE_UINT16(tx.tso_frames, E1000State),
947 VMSTATE_UINT8(tx.sum_needed, E1000State),
948 VMSTATE_INT8(tx.ip, E1000State),
949 VMSTATE_INT8(tx.tcp, E1000State),
950 VMSTATE_BUFFER(tx.header, E1000State),
951 VMSTATE_BUFFER(tx.data, E1000State),
952 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
953 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
954 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
955 VMSTATE_UINT32(mac_reg[EECD], E1000State),
956 VMSTATE_UINT32(mac_reg[EERD], E1000State),
957 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
958 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
959 VMSTATE_UINT32(mac_reg[ICR], E1000State),
960 VMSTATE_UINT32(mac_reg[ICS], E1000State),
961 VMSTATE_UINT32(mac_reg[IMC], E1000State),
962 VMSTATE_UINT32(mac_reg[IMS], E1000State),
963 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
964 VMSTATE_UINT32(mac_reg[MANC], E1000State),
965 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
966 VMSTATE_UINT32(mac_reg[MPC], E1000State),
967 VMSTATE_UINT32(mac_reg[PBA], E1000State),
968 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
969 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
970 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
971 VMSTATE_UINT32(mac_reg[RDH], E1000State),
972 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
973 VMSTATE_UINT32(mac_reg[RDT], E1000State),
974 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
975 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
976 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
977 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
978 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
979 VMSTATE_UINT32(mac_reg[TDH], E1000State),
980 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
981 VMSTATE_UINT32(mac_reg[TDT], E1000State),
982 VMSTATE_UINT32(mac_reg[TORH], E1000State),
983 VMSTATE_UINT32(mac_reg[TORL], E1000State),
984 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
985 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
986 VMSTATE_UINT32(mac_reg[TPR], E1000State),
987 VMSTATE_UINT32(mac_reg[TPT], E1000State),
988 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
989 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
990 VMSTATE_UINT32(mac_reg[VET], E1000State),
991 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
992 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
993 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
994 VMSTATE_END_OF_LIST()
998 static const uint16_t e1000_eeprom_template[64] = {
999 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
1000 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
1001 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1002 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1003 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1004 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1005 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1006 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1009 static const uint16_t phy_reg_init[] = {
1010 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
1011 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
1012 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
1013 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
1014 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
1015 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
1018 static const uint32_t mac_reg_init[] = {
1021 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
1022 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
1023 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
1024 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1025 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1027 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1028 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1034 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1035 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1038 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1039 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1043 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1044 pcibus_t addr, pcibus_t size, int type)
1046 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1048 const uint32_t excluded_regs[] = {
1049 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1050 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1054 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08"FMT_PCIBUS" 0x%08"FMT_PCIBUS"\n",
1057 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1058 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1060 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1061 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1062 excluded_regs[i + 1] -
1063 excluded_regs[i] - 4);
1067 e1000_cleanup(VLANClientState *nc)
1069 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1075 pci_e1000_uninit(PCIDevice *dev)
1077 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1079 cpu_unregister_io_memory(d->mmio_index);
1080 qemu_del_vlan_client(&d->nic->nc);
1084 static void e1000_reset(void *opaque)
1086 E1000State *d = opaque;
1088 memset(d->phy_reg, 0, sizeof d->phy_reg);
1089 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1090 memset(d->mac_reg, 0, sizeof d->mac_reg);
1091 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1092 d->rxbuf_min_shift = 1;
1093 memset(&d->tx, 0, sizeof d->tx);
1096 static NetClientInfo net_e1000_info = {
1097 .type = NET_CLIENT_TYPE_NIC,
1098 .size = sizeof(NICState),
1099 .can_receive = e1000_can_receive,
1100 .receive = e1000_receive,
1101 .cleanup = e1000_cleanup,
1102 .link_status_changed = e1000_set_link_status,
1105 static int pci_e1000_init(PCIDevice *pci_dev)
1107 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1109 uint16_t checksum = 0;
1113 pci_conf = d->dev.config;
1115 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1116 pci_config_set_device_id(pci_conf, E1000_DEVID);
1117 /* TODO: we have no capabilities, so why is this bit set? */
1118 pci_set_word(pci_conf + PCI_STATUS, PCI_STATUS_CAP_LIST);
1119 pci_conf[PCI_REVISION_ID] = 0x03;
1120 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1121 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1122 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1124 /* TODO: RST# value should be 0 if programmable, PCI spec 6.2.4 */
1125 pci_conf[PCI_INTERRUPT_PIN] = 1; // interrupt pin 0
1127 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1128 e1000_mmio_write, d);
1130 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1131 PCI_BASE_ADDRESS_SPACE_MEMORY, e1000_mmio_map);
1133 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1134 PCI_BASE_ADDRESS_SPACE_IO, ioport_map);
1136 memmove(d->eeprom_data, e1000_eeprom_template,
1137 sizeof e1000_eeprom_template);
1138 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1139 macaddr = d->conf.macaddr.a;
1140 for (i = 0; i < 3; i++)
1141 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1142 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1143 checksum += d->eeprom_data[i];
1144 checksum = (uint16_t) EEPROM_SUM - checksum;
1145 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1147 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1148 d->dev.qdev.info->name, d->dev.qdev.id, d);
1150 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1154 static void qdev_e1000_reset(DeviceState *dev)
1156 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1160 static PCIDeviceInfo e1000_info = {
1161 .qdev.name = "e1000",
1162 .qdev.desc = "Intel Gigabit Ethernet",
1163 .qdev.size = sizeof(E1000State),
1164 .qdev.reset = qdev_e1000_reset,
1165 .qdev.vmsd = &vmstate_e1000,
1166 .init = pci_e1000_init,
1167 .exit = pci_e1000_uninit,
1168 .romfile = "pxe-e1000.bin",
1169 .qdev.props = (Property[]) {
1170 DEFINE_NIC_PROPERTIES(E1000State, conf),
1171 DEFINE_PROP_END_OF_LIST(),
1175 static void e1000_register_devices(void)
1177 pci_qdev_register(&e1000_info);
1180 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob