4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
36 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
37 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
38 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
39 DEBUG_RXFILTER, DEBUG_NOTYET,
41 #define DBGBIT(x) (1<<DEBUG_##x)
42 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
44 #define DBGOUT(what, fmt, ...) do { \
45 if (debugflags & DBGBIT(what)) \
46 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
49 #define DBGOUT(what, fmt, ...) do {} while (0)
52 #define IOPORT_SIZE 0x40
53 #define PNPMMIO_SIZE 0x20000
57 * E1000_DEV_ID_82540EM works with Windows and Linux
58 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
59 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
60 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
63 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
66 * May need to specify additional MAC-to-PHY entries --
67 * Intel's Windows driver refuses to initialize unless they match
70 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
71 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
72 /* default to E1000_DEV_ID_82540EM */ 0xc20
75 typedef struct E1000State_st {
81 uint32_t mac_reg[0x8000];
82 uint16_t phy_reg[0x20];
83 uint16_t eeprom_data[64];
86 uint32_t rxbuf_min_shift;
89 unsigned char header[256];
90 unsigned char vlan_header[4];
91 unsigned char vlan[4];
92 unsigned char data[0x10000];
94 unsigned char sum_needed;
95 unsigned char vlan_needed;
109 char cptse; // current packet tse bit
113 uint32_t val_in; // shifted in from guest driver
121 #define defreg(x) x = (E1000_##x>>2)
123 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
124 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
125 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
126 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
127 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
128 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
129 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
130 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
131 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
132 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
136 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
137 static const char phy_regcap[0x20] = {
138 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
139 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
140 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
141 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
142 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
143 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
147 ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr,
148 uint32_t size, int type)
150 DBGOUT(IO, "e1000_ioport_map addr=0x%04x size=0x%08x\n", addr, size);
154 set_interrupt_cause(E1000State *s, int index, uint32_t val)
157 val |= E1000_ICR_INT_ASSERTED;
158 s->mac_reg[ICR] = val;
159 s->mac_reg[ICS] = val;
160 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
164 set_ics(E1000State *s, int index, uint32_t val)
166 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
168 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
172 rxbufsize(uint32_t v)
174 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
175 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
176 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
178 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
180 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
182 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
184 case E1000_RCTL_SZ_1024:
186 case E1000_RCTL_SZ_512:
188 case E1000_RCTL_SZ_256:
195 set_ctrl(E1000State *s, int index, uint32_t val)
197 /* RST is self clearing */
198 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
202 set_rx_control(E1000State *s, int index, uint32_t val)
204 s->mac_reg[RCTL] = val;
205 s->rxbuf_size = rxbufsize(val);
206 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
207 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
212 set_mdic(E1000State *s, int index, uint32_t val)
214 uint32_t data = val & E1000_MDIC_DATA_MASK;
215 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
217 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
218 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
219 else if (val & E1000_MDIC_OP_READ) {
220 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
221 if (!(phy_regcap[addr] & PHY_R)) {
222 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
223 val |= E1000_MDIC_ERROR;
225 val = (val ^ data) | s->phy_reg[addr];
226 } else if (val & E1000_MDIC_OP_WRITE) {
227 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
228 if (!(phy_regcap[addr] & PHY_W)) {
229 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
230 val |= E1000_MDIC_ERROR;
232 s->phy_reg[addr] = data;
234 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
235 set_ics(s, 0, E1000_ICR_MDAC);
239 get_eecd(E1000State *s, int index)
241 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
243 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
244 s->eecd_state.bitnum_out, s->eecd_state.reading);
245 if (!s->eecd_state.reading ||
246 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
247 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
248 ret |= E1000_EECD_DO;
253 set_eecd(E1000State *s, int index, uint32_t val)
255 uint32_t oldval = s->eecd_state.old_eecd;
257 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
258 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
259 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
261 if (!(E1000_EECD_SK & val)) { // falling edge
262 s->eecd_state.bitnum_out++;
265 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
266 memset(&s->eecd_state, 0, sizeof s->eecd_state);
268 * restore old_eecd's E1000_EECD_SK (known to be on)
269 * to avoid false detection of a clock edge
271 s->eecd_state.old_eecd = E1000_EECD_SK;
274 s->eecd_state.val_in <<= 1;
275 if (val & E1000_EECD_DI)
276 s->eecd_state.val_in |= 1;
277 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
278 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
279 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
280 EEPROM_READ_OPCODE_MICROWIRE);
282 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
283 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
284 s->eecd_state.reading);
288 flash_eerd_read(E1000State *s, int x)
290 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
292 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
293 return (s->mac_reg[EERD]);
295 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
296 return (E1000_EEPROM_RW_REG_DONE | r);
298 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
299 E1000_EEPROM_RW_REG_DONE | r);
303 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
310 sum = net_checksum_add(n-css, data+css);
311 cpu_to_be16wu((uint16_t *)(data + sloc),
312 net_checksum_finish(sum));
317 vlan_enabled(E1000State *s)
319 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
323 vlan_rx_filter_enabled(E1000State *s)
325 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
329 is_vlan_packet(E1000State *s, const uint8_t *buf)
331 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
332 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
336 is_vlan_txd(uint32_t txd_lower)
338 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
342 xmit_seg(E1000State *s)
345 unsigned int frames = s->tx.tso_frames, css, sofar, n;
346 struct e1000_tx *tp = &s->tx;
348 if (tp->tse && tp->cptse) {
350 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
351 frames, tp->size, css);
352 if (tp->ip) { // IPv4
353 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
355 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
356 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
358 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
361 len = tp->size - css;
362 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
364 sofar = frames * tp->mss;
365 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
366 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
367 if (tp->paylen - sofar > tp->mss)
368 tp->data[css + 13] &= ~9; // PSH, FIN
370 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
371 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
372 // add pseudo-header length before checksum calculation
373 sp = (uint16_t *)(tp->data + tp->tucso);
374 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
379 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
380 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
381 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
382 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
383 if (tp->vlan_needed) {
384 memmove(tp->vlan, tp->data, 12);
385 memcpy(tp->data + 8, tp->vlan_header, 4);
386 qemu_send_packet(s->vc, tp->vlan, tp->size + 4);
388 qemu_send_packet(s->vc, tp->data, tp->size);
391 n = s->mac_reg[TOTL];
392 if ((s->mac_reg[TOTL] += s->tx.size) < n)
397 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
399 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
400 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
401 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
402 unsigned int msh = 0xfffff, hdr = 0;
404 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
405 struct e1000_tx *tp = &s->tx;
407 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
408 op = le32_to_cpu(xp->cmd_and_length);
409 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
410 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
411 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
412 tp->tucss = xp->upper_setup.tcp_fields.tucss;
413 tp->tucso = xp->upper_setup.tcp_fields.tucso;
414 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
415 tp->paylen = op & 0xfffff;
416 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
417 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
418 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
419 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
420 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
422 if (tp->tucso == 0) { // this is probably wrong
423 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
424 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
427 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
429 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
430 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
435 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
436 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
438 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
439 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
440 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
441 le16_to_cpu(dp->upper.fields.special));
444 addr = le64_to_cpu(dp->buffer_addr);
445 if (tp->tse && tp->cptse) {
450 if (tp->size + bytes > msh)
451 bytes = msh - tp->size;
452 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
453 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
454 memmove(tp->header, tp->data, hdr);
459 memmove(tp->data, tp->header, hdr);
462 } while (split_size -= bytes);
463 } else if (!tp->tse && tp->cptse) {
464 // context descriptor TSE is not set, while data descriptor TSE is set
465 DBGOUT(TXERR, "TCP segmentaion Error\n");
467 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
468 tp->size += split_size;
471 if (!(txd_lower & E1000_TXD_CMD_EOP))
473 if (!(tp->tse && tp->cptse && tp->size < hdr))
483 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
485 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
487 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
489 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
490 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
491 dp->upper.data = cpu_to_le32(txd_upper);
492 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
493 (void *)&dp->upper, sizeof(dp->upper));
494 return E1000_ICR_TXDW;
498 start_xmit(E1000State *s)
500 target_phys_addr_t base;
501 struct e1000_tx_desc desc;
502 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
504 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
505 DBGOUT(TX, "tx disabled\n");
509 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
510 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
511 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
512 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
514 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
515 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
518 process_tx_desc(s, &desc);
519 cause |= txdesc_writeback(base, &desc);
521 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
524 * the following could happen only if guest sw assigns
525 * bogus values to TDT/TDLEN.
526 * there's nothing too intelligent we could do about this.
528 if (s->mac_reg[TDH] == tdh_start) {
529 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
530 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
534 set_ics(s, 0, cause);
538 receive_filter(E1000State *s, const uint8_t *buf, int size)
540 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
541 static int mta_shift[] = {4, 3, 2, 0};
542 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
544 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
545 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
546 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
547 ((vid >> 5) & 0x7f));
548 if ((vfta & (1 << (vid & 0x1f))) == 0)
552 if (rctl & E1000_RCTL_UPE) // promiscuous
555 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
558 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
561 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
562 if (!(rp[1] & E1000_RAH_AV))
564 ra[0] = cpu_to_le32(rp[0]);
565 ra[1] = cpu_to_le32(rp[1]);
566 if (!memcmp(buf, (uint8_t *)ra, 6)) {
568 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
569 (int)(rp - s->mac_reg - RA)/2,
570 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
574 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
575 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
577 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
578 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
579 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
582 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
583 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
584 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
585 s->mac_reg[MTA + (f >> 5)]);
591 e1000_set_link_status(VLANClientState *vc)
593 E1000State *s = vc->opaque;
594 uint32_t old_status = s->mac_reg[STATUS];
597 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
599 s->mac_reg[STATUS] |= E1000_STATUS_LU;
601 if (s->mac_reg[STATUS] != old_status)
602 set_ics(s, 0, E1000_ICR_LSC);
606 e1000_can_receive(VLANClientState *vc)
608 E1000State *s = vc->opaque;
610 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
614 e1000_receive(VLANClientState *vc, const uint8_t *buf, size_t size)
616 E1000State *s = vc->opaque;
617 struct e1000_rx_desc desc;
618 target_phys_addr_t base;
621 uint16_t vlan_special = 0;
622 uint8_t vlan_status = 0, vlan_offset = 0;
624 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
627 if (size > s->rxbuf_size) {
628 DBGOUT(RX, "packet too large for buffers (%lu > %d)\n",
629 (unsigned long)size, s->rxbuf_size);
633 if (!receive_filter(s, buf, size))
636 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
637 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
638 memmove((void *)(buf + 4), buf, 12);
639 vlan_status = E1000_RXD_STAT_VP;
644 rdh_start = s->mac_reg[RDH];
645 size += 4; // for the header
647 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
648 set_ics(s, 0, E1000_ICS_RXO);
651 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
652 sizeof(desc) * s->mac_reg[RDH];
653 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
654 desc.special = vlan_special;
655 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
656 if (desc.buffer_addr) {
657 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
658 (void *)(buf + vlan_offset), size);
659 desc.length = cpu_to_le16(size);
660 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
661 } else // as per intel docs; skip descriptors with null buf addr
662 DBGOUT(RX, "Null RX descriptor!!\n");
663 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
665 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
668 /* see comment in start_xmit; same here */
669 if (s->mac_reg[RDH] == rdh_start) {
670 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
671 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
672 set_ics(s, 0, E1000_ICS_RXO);
675 } while (desc.buffer_addr == 0);
679 n = s->mac_reg[TORL];
680 if ((s->mac_reg[TORL] += size) < n)
684 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
685 rdt += s->mac_reg[RDLEN] / sizeof(desc);
686 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
688 n |= E1000_ICS_RXDMT0;
696 mac_readreg(E1000State *s, int index)
698 return s->mac_reg[index];
702 mac_icr_read(E1000State *s, int index)
704 uint32_t ret = s->mac_reg[ICR];
706 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
707 set_interrupt_cause(s, 0, 0);
712 mac_read_clr4(E1000State *s, int index)
714 uint32_t ret = s->mac_reg[index];
716 s->mac_reg[index] = 0;
721 mac_read_clr8(E1000State *s, int index)
723 uint32_t ret = s->mac_reg[index];
725 s->mac_reg[index] = 0;
726 s->mac_reg[index-1] = 0;
731 mac_writereg(E1000State *s, int index, uint32_t val)
733 s->mac_reg[index] = val;
737 set_rdt(E1000State *s, int index, uint32_t val)
740 s->mac_reg[index] = val & 0xffff;
744 set_16bit(E1000State *s, int index, uint32_t val)
746 s->mac_reg[index] = val & 0xffff;
750 set_dlen(E1000State *s, int index, uint32_t val)
752 s->mac_reg[index] = val & 0xfff80;
756 set_tctl(E1000State *s, int index, uint32_t val)
758 s->mac_reg[index] = val;
759 s->mac_reg[TDT] &= 0xffff;
764 set_icr(E1000State *s, int index, uint32_t val)
766 DBGOUT(INTERRUPT, "set_icr %x\n", val);
767 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
771 set_imc(E1000State *s, int index, uint32_t val)
773 s->mac_reg[IMS] &= ~val;
778 set_ims(E1000State *s, int index, uint32_t val)
780 s->mac_reg[IMS] |= val;
784 #define getreg(x) [x] = mac_readreg
785 static uint32_t (*macreg_readops[])(E1000State *, int) = {
786 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
787 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
788 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
789 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
790 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
792 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
793 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
794 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
795 [CRCERRS ... MPC] = &mac_readreg,
796 [RA ... RA+31] = &mac_readreg,
797 [MTA ... MTA+127] = &mac_readreg,
798 [VFTA ... VFTA+127] = &mac_readreg,
800 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
802 #define putreg(x) [x] = mac_writereg
803 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
804 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
805 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
806 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
807 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
808 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
809 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
810 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
811 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
812 [RA ... RA+31] = &mac_writereg,
813 [MTA ... MTA+127] = &mac_writereg,
814 [VFTA ... VFTA+127] = &mac_writereg,
816 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
819 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
821 E1000State *s = opaque;
822 unsigned int index = (addr & 0x1ffff) >> 2;
824 #ifdef TARGET_WORDS_BIGENDIAN
827 if (index < NWRITEOPS && macreg_writeops[index])
828 macreg_writeops[index](s, index, val);
829 else if (index < NREADOPS && macreg_readops[index])
830 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
832 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
837 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
839 // emulate hw without byte enables: no RMW
840 e1000_mmio_writel(opaque, addr & ~3,
841 (val & 0xffff) << (8*(addr & 3)));
845 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
847 // emulate hw without byte enables: no RMW
848 e1000_mmio_writel(opaque, addr & ~3,
849 (val & 0xff) << (8*(addr & 3)));
853 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
855 E1000State *s = opaque;
856 unsigned int index = (addr & 0x1ffff) >> 2;
858 if (index < NREADOPS && macreg_readops[index])
860 uint32_t val = macreg_readops[index](s, index);
861 #ifdef TARGET_WORDS_BIGENDIAN
866 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
871 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
873 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
874 (8 * (addr & 3))) & 0xff;
878 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
880 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
881 (8 * (addr & 3))) & 0xffff;
884 static const int mac_regtosave[] = {
885 CTRL, EECD, EERD, GPRC, GPTC, ICR, ICS, IMC, IMS,
886 LEDCTL, MANC, MDIC, MPC, PBA, RCTL, RDBAH, RDBAL, RDH,
887 RDLEN, RDT, STATUS, SWSM, TCTL, TDBAH, TDBAL, TDH, TDLEN,
888 TDT, TORH, TORL, TOTH, TOTL, TPR, TPT, TXDCTL, WUFC,
891 enum { MAC_NSAVE = ARRAY_SIZE(mac_regtosave) };
893 static const struct {
896 } mac_regarraystosave[] = { {32, RA}, {128, MTA}, {128, VFTA} };
897 enum { MAC_NARRAYS = ARRAY_SIZE(mac_regarraystosave) };
900 nic_save(QEMUFile *f, void *opaque)
902 E1000State *s = opaque;
905 pci_device_save(&s->dev, f);
907 qemu_put_be32s(f, &s->rxbuf_size);
908 qemu_put_be32s(f, &s->rxbuf_min_shift);
909 qemu_put_be32s(f, &s->eecd_state.val_in);
910 qemu_put_be16s(f, &s->eecd_state.bitnum_in);
911 qemu_put_be16s(f, &s->eecd_state.bitnum_out);
912 qemu_put_be16s(f, &s->eecd_state.reading);
913 qemu_put_be32s(f, &s->eecd_state.old_eecd);
914 qemu_put_8s(f, &s->tx.ipcss);
915 qemu_put_8s(f, &s->tx.ipcso);
916 qemu_put_be16s(f, &s->tx.ipcse);
917 qemu_put_8s(f, &s->tx.tucss);
918 qemu_put_8s(f, &s->tx.tucso);
919 qemu_put_be16s(f, &s->tx.tucse);
920 qemu_put_be32s(f, &s->tx.paylen);
921 qemu_put_8s(f, &s->tx.hdr_len);
922 qemu_put_be16s(f, &s->tx.mss);
923 qemu_put_be16s(f, &s->tx.size);
924 qemu_put_be16s(f, &s->tx.tso_frames);
925 qemu_put_8s(f, &s->tx.sum_needed);
926 qemu_put_s8s(f, &s->tx.ip);
927 qemu_put_s8s(f, &s->tx.tcp);
928 qemu_put_buffer(f, s->tx.header, sizeof s->tx.header);
929 qemu_put_buffer(f, s->tx.data, sizeof s->tx.data);
930 for (i = 0; i < 64; i++)
931 qemu_put_be16s(f, s->eeprom_data + i);
932 for (i = 0; i < 0x20; i++)
933 qemu_put_be16s(f, s->phy_reg + i);
934 for (i = 0; i < MAC_NSAVE; i++)
935 qemu_put_be32s(f, s->mac_reg + mac_regtosave[i]);
936 for (i = 0; i < MAC_NARRAYS; i++)
937 for (j = 0; j < mac_regarraystosave[i].size; j++)
939 s->mac_reg + mac_regarraystosave[i].array0 + j);
943 nic_load(QEMUFile *f, void *opaque, int version_id)
945 E1000State *s = opaque;
948 if ((ret = pci_device_load(&s->dev, f)) < 0)
951 qemu_get_sbe32s(f, &i); /* once some unused instance id */
952 qemu_get_be32(f); /* Ignored. Was mmio_base. */
953 qemu_get_be32s(f, &s->rxbuf_size);
954 qemu_get_be32s(f, &s->rxbuf_min_shift);
955 qemu_get_be32s(f, &s->eecd_state.val_in);
956 qemu_get_be16s(f, &s->eecd_state.bitnum_in);
957 qemu_get_be16s(f, &s->eecd_state.bitnum_out);
958 qemu_get_be16s(f, &s->eecd_state.reading);
959 qemu_get_be32s(f, &s->eecd_state.old_eecd);
960 qemu_get_8s(f, &s->tx.ipcss);
961 qemu_get_8s(f, &s->tx.ipcso);
962 qemu_get_be16s(f, &s->tx.ipcse);
963 qemu_get_8s(f, &s->tx.tucss);
964 qemu_get_8s(f, &s->tx.tucso);
965 qemu_get_be16s(f, &s->tx.tucse);
966 qemu_get_be32s(f, &s->tx.paylen);
967 qemu_get_8s(f, &s->tx.hdr_len);
968 qemu_get_be16s(f, &s->tx.mss);
969 qemu_get_be16s(f, &s->tx.size);
970 qemu_get_be16s(f, &s->tx.tso_frames);
971 qemu_get_8s(f, &s->tx.sum_needed);
972 qemu_get_s8s(f, &s->tx.ip);
973 qemu_get_s8s(f, &s->tx.tcp);
974 qemu_get_buffer(f, s->tx.header, sizeof s->tx.header);
975 qemu_get_buffer(f, s->tx.data, sizeof s->tx.data);
976 for (i = 0; i < 64; i++)
977 qemu_get_be16s(f, s->eeprom_data + i);
978 for (i = 0; i < 0x20; i++)
979 qemu_get_be16s(f, s->phy_reg + i);
980 for (i = 0; i < MAC_NSAVE; i++)
981 qemu_get_be32s(f, s->mac_reg + mac_regtosave[i]);
982 for (i = 0; i < MAC_NARRAYS; i++)
983 for (j = 0; j < mac_regarraystosave[i].size; j++)
985 s->mac_reg + mac_regarraystosave[i].array0 + j);
989 static const uint16_t e1000_eeprom_template[64] = {
990 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
991 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
992 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
993 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
994 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
995 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
996 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
997 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1000 static const uint16_t phy_reg_init[] = {
1001 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
1002 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
1003 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
1004 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
1005 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
1006 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
1009 static const uint32_t mac_reg_init[] = {
1012 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
1013 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
1014 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
1015 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
1016 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
1018 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
1019 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
1025 static CPUWriteMemoryFunc * const e1000_mmio_write[] = {
1026 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
1029 static CPUReadMemoryFunc * const e1000_mmio_read[] = {
1030 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
1034 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
1035 uint32_t addr, uint32_t size, int type)
1037 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1039 const uint32_t excluded_regs[] = {
1040 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1041 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1045 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08x 0x%08x\n", addr, size);
1047 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
1048 qemu_register_coalesced_mmio(addr, excluded_regs[0]);
1050 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1051 qemu_register_coalesced_mmio(addr + excluded_regs[i] + 4,
1052 excluded_regs[i + 1] -
1053 excluded_regs[i] - 4);
1057 e1000_cleanup(VLANClientState *vc)
1059 E1000State *d = vc->opaque;
1065 pci_e1000_uninit(PCIDevice *dev)
1067 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1069 cpu_unregister_io_memory(d->mmio_index);
1070 qemu_del_vlan_client(d->vc);
1071 unregister_savevm("e1000", d);
1075 static void e1000_reset(void *opaque)
1077 E1000State *d = opaque;
1079 memset(d->phy_reg, 0, sizeof d->phy_reg);
1080 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1081 memset(d->mac_reg, 0, sizeof d->mac_reg);
1082 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1083 d->rxbuf_min_shift = 1;
1084 memset(&d->tx, 0, sizeof d->tx);
1087 static int pci_e1000_init(PCIDevice *pci_dev)
1089 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1091 uint16_t checksum = 0;
1092 static const char info_str[] = "e1000";
1096 pci_conf = d->dev.config;
1098 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
1099 pci_config_set_device_id(pci_conf, E1000_DEVID);
1100 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
1101 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
1102 pci_conf[0x08] = 0x03;
1103 pci_config_set_class(pci_conf, PCI_CLASS_NETWORK_ETHERNET);
1104 pci_conf[0x0c] = 0x10;
1106 pci_conf[0x3d] = 1; // interrupt pin 0
1108 d->mmio_index = cpu_register_io_memory(e1000_mmio_read,
1109 e1000_mmio_write, d);
1111 pci_register_bar((PCIDevice *)d, 0, PNPMMIO_SIZE,
1112 PCI_ADDRESS_SPACE_MEM, e1000_mmio_map);
1114 pci_register_bar((PCIDevice *)d, 1, IOPORT_SIZE,
1115 PCI_ADDRESS_SPACE_IO, ioport_map);
1117 memmove(d->eeprom_data, e1000_eeprom_template,
1118 sizeof e1000_eeprom_template);
1119 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1120 macaddr = d->conf.macaddr.a;
1121 for (i = 0; i < 3; i++)
1122 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1123 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1124 checksum += d->eeprom_data[i];
1125 checksum = (uint16_t) EEPROM_SUM - checksum;
1126 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1128 d->vc = qemu_new_vlan_client(NET_CLIENT_TYPE_NIC,
1129 d->conf.vlan, d->conf.peer,
1130 d->dev.qdev.info->name, d->dev.qdev.id,
1131 e1000_can_receive, e1000_receive, NULL,
1132 NULL, e1000_cleanup, d);
1133 d->vc->link_status_changed = e1000_set_link_status;
1135 qemu_format_nic_info_str(d->vc, macaddr);
1137 register_savevm(info_str, -1, 2, nic_save, nic_load, d);
1140 #if 0 /* rom bev support is broken -> can't load unconditionally */
1141 if (!pci_dev->qdev.hotplugged) {
1142 static int loaded = 0;
1144 rom_add_option("pxe-e1000.bin");
1152 static void qdev_e1000_reset(DeviceState *dev)
1154 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1158 static PCIDeviceInfo e1000_info = {
1159 .qdev.name = "e1000",
1160 .qdev.desc = "Intel Gigabit Ethernet",
1161 .qdev.size = sizeof(E1000State),
1162 .qdev.reset = qdev_e1000_reset,
1163 .init = pci_e1000_init,
1164 .exit = pci_e1000_uninit,
1165 .qdev.props = (Property[]) {
1166 DEFINE_NIC_PROPERTIES(E1000State, conf),
1167 DEFINE_PROP_END_OF_LIST(),
1171 static void e1000_register_devices(void)
1173 pci_qdev_register(&e1000_info);
1176 device_init(e1000_register_devices)
projects / sdk / emulator / qemu.git / blob