]> git.proxmox.com Git - mirror_qemu.git/blame - hw/net/e1000.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
e1000: Fixing the received/transmitted packets' counters
[mirror_qemu.git] / hw / net / e1000.c
CommitLineData
7c23b892
AZ		 1/*
2 * QEMU e1000 emulation
3 *
2758aa52
MT		 4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
6 *
7c23b892
AZ		 7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
12 *
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
17 *
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
22 *
23 * You should have received a copy of the GNU Lesser General Public
8167ee88 24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
7c23b892
AZ		 25 */
26
27
83c9f4ca
PB		 28#include "hw/hw.h"
29#include "hw/pci/pci.h"
1422e32d 30#include "net/net.h"
7200ac3c 31#include "net/checksum.h"
83c9f4ca 32#include "hw/loader.h"
9c17d615
PB		 33#include "sysemu/sysemu.h"
34#include "sysemu/dma.h"
97410dde 35#include "qemu/iov.h"
20302e71 36#include "qemu/range.h"
7c23b892 37
47b43a1f 38#include "e1000_regs.h"
7c23b892 39
27124888 40#define E1000_DEBUG
7c23b892 41
27124888 42#ifdef E1000_DEBUG
7c23b892 43enum {
20f3e863
LB		 44 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
45 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
46 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
f9c1cdf4 47 DEBUG_RXFILTER, DEBUG_PHY, DEBUG_NOTYET,
7c23b892 48};
20f3e863 49#define DBGBIT(x) (1<<DEBUG_##x)
7c23b892
AZ		 50static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
51
20f3e863 52#define DBGOUT(what, fmt, ...) do { \
7c23b892 53 if (debugflags & DBGBIT(what)) \
6c7f4b47 54 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
7c23b892
AZ		 55 } while (0)
56#else
20f3e863 57#define DBGOUT(what, fmt, ...) do {} while (0)
7c23b892
AZ		 58#endif
59
60#define IOPORT_SIZE 0x40
e94bbefe 61#define PNPMMIO_SIZE 0x20000
78aeb23e 62#define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
7c23b892 63
b0d9ffcd
MC		 64/* this is the size past which hardware will drop packets when setting LPE=0 */
65#define MAXIMUM_ETHERNET_VLAN_SIZE 1522
2c0331f4
MC		 66/* this is the size past which hardware will drop packets when setting LPE=1 */
67#define MAXIMUM_ETHERNET_LPE_SIZE 16384
b0d9ffcd 68
97410dde
VM		 69#define MAXIMUM_ETHERNET_HDR_LEN (14+4)
70
7c23b892
AZ		 71/*
72 * HW models:
8597f2e1 73 * E1000_DEV_ID_82540EM works with Windows, Linux, and OS X <= 10.8
7c23b892 74 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
8597f2e1 75 * E1000_DEV_ID_82545EM_COPPER works with Linux and OS X >= 10.6
7c23b892
AZ		 76 * Others never tested
77 */
7c23b892
AZ		 78
79typedef struct E1000State_st {
b08340d5
AF		 80 /*< private >*/
81 PCIDevice parent_obj;
82 /*< public >*/
83
a03e2aec 84 NICState *nic;
fbdaa002 85 NICConf conf;
ad00a9b9
AK		 86 MemoryRegion mmio;
87 MemoryRegion io;
7c23b892
AZ		 88
89 uint32_t mac_reg[0x8000];
90 uint16_t phy_reg[0x20];
91 uint16_t eeprom_data[64];
92
93 uint32_t rxbuf_size;
94 uint32_t rxbuf_min_shift;
7c23b892
AZ		 95 struct e1000_tx {
96 unsigned char header[256];
8f2e8d1f 97 unsigned char vlan_header[4];
b10fec9b 98 /* Fields vlan and data must not be reordered or separated. */
8f2e8d1f 99 unsigned char vlan[4];
7c23b892
AZ		 100 unsigned char data[0x10000];
101 uint16_t size;
102 unsigned char sum_needed;
8f2e8d1f 103 unsigned char vlan_needed;
7c23b892
AZ		 104 uint8_t ipcss;
105 uint8_t ipcso;
106 uint16_t ipcse;
107 uint8_t tucss;
108 uint8_t tucso;
109 uint16_t tucse;
110 uint8_t hdr_len;
111 uint16_t mss;
112 uint32_t paylen;
113 uint16_t tso_frames;
114 char tse;
b6c4f71f
BS		 115 int8_t ip;
116 int8_t tcp;
1b0009db 117 char cptse; // current packet tse bit
7c23b892
AZ		 118 } tx;
119
120 struct {
20f3e863 121 uint32_t val_in; /* shifted in from guest driver */
7c23b892
AZ		 122 uint16_t bitnum_in;
123 uint16_t bitnum_out;
124 uint16_t reading;
125 uint32_t old_eecd;
126 } eecd_state;
b9d03e35
JW		 127
128 QEMUTimer *autoneg_timer;
2af234e6 129
e9845f09
VM		 130 QEMUTimer *mit_timer; /* Mitigation timer. */
131 bool mit_timer_on; /* Mitigation timer is running. */
132 bool mit_irq_level; /* Tracks interrupt pin level. */
133 uint32_t mit_ide; /* Tracks E1000_TXD_CMD_IDE bit. */
134
2af234e6
MT		 135/* Compatibility flags for migration to/from qemu 1.3.0 and older */
136#define E1000_FLAG_AUTONEG_BIT 0
e9845f09 137#define E1000_FLAG_MIT_BIT 1
9e117734 138#define E1000_FLAG_MAC_BIT 2
2af234e6 139#define E1000_FLAG_AUTONEG (1 << E1000_FLAG_AUTONEG_BIT)
e9845f09 140#define E1000_FLAG_MIT (1 << E1000_FLAG_MIT_BIT)
9e117734 141#define E1000_FLAG_MAC (1 << E1000_FLAG_MAC_BIT)
2af234e6 142 uint32_t compat_flags;
7c23b892
AZ		 143} E1000State;
144
bc0f0674
LB		 145#define chkflag(x) (s->compat_flags & E1000_FLAG_##x)
146
8597f2e1
GS		 147typedef struct E1000BaseClass {
148 PCIDeviceClass parent_class;
149 uint16_t phy_id2;
8597f2e1
GS		 150} E1000BaseClass;
151
152#define TYPE_E1000_BASE "e1000-base"
567a3c9e
PC		 153
154#define E1000(obj) \
8597f2e1
GS		 155 OBJECT_CHECK(E1000State, (obj), TYPE_E1000_BASE)
156
157#define E1000_DEVICE_CLASS(klass) \
158 OBJECT_CLASS_CHECK(E1000BaseClass, (klass), TYPE_E1000_BASE)
159#define E1000_DEVICE_GET_CLASS(obj) \
160 OBJECT_GET_CLASS(E1000BaseClass, (obj), TYPE_E1000_BASE)
567a3c9e 161
20f3e863 162#define defreg(x) x = (E1000_##x>>2)
7c23b892 163enum {
20f3e863
LB		 164 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
165 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
166 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
167 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
168 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
169 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
170 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
171 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
172 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
173 defreg(RA), defreg(MTA), defreg(CRCERRS), defreg(VFTA),
174 defreg(VET), defreg(RDTR), defreg(RADV), defreg(TADV),
72ea771c
LB		 175 defreg(ITR), defreg(FCRUC), defreg(TDFH), defreg(TDFT),
176 defreg(TDFHS), defreg(TDFTS), defreg(TDFPC), defreg(RDFH),
177 defreg(RDFT), defreg(RDFHS), defreg(RDFTS), defreg(RDFPC),
178 defreg(IPAV), defreg(WUC), defreg(WUS), defreg(AIT),
179 defreg(IP6AT), defreg(IP4AT), defreg(FFLT), defreg(FFMT),
180 defreg(FFVT), defreg(WUPM), defreg(PBM), defreg(SCC),
181 defreg(ECOL), defreg(MCC), defreg(LATECOL), defreg(COLC),
182 defreg(DC), defreg(TNCRS), defreg(SEC), defreg(CEXTERR),
183 defreg(RLEC), defreg(XONRXC), defreg(XONTXC), defreg(XOFFRXC),
184 defreg(XOFFTXC), defreg(RFC), defreg(RJC), defreg(RNBC),
185 defreg(TSCTFC), defreg(MGTPRC), defreg(MGTPDC), defreg(MGTPTC)
7c23b892
AZ		 186};
187
71aadd3c
JW		 188static void
189e1000_link_down(E1000State *s)
190{
191 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
192 s->phy_reg[PHY_STATUS] &= ~MII_SR_LINK_STATUS;
6a2acedb 193 s->phy_reg[PHY_STATUS] &= ~MII_SR_AUTONEG_COMPLETE;
6883b591 194 s->phy_reg[PHY_LP_ABILITY] &= ~MII_LPAR_LPACK;
71aadd3c
JW		 195}
196
197static void
198e1000_link_up(E1000State *s)
199{
200 s->mac_reg[STATUS] |= E1000_STATUS_LU;
201 s->phy_reg[PHY_STATUS] |= MII_SR_LINK_STATUS;
5df6a185
SH		 202
203 /* E1000_STATUS_LU is tested by e1000_can_receive() */
204 qemu_flush_queued_packets(qemu_get_queue(s->nic));
71aadd3c
JW		 205}
206
1195fed9
GS		 207static bool
208have_autoneg(E1000State *s)
209{
bc0f0674 210 return chkflag(AUTONEG) && (s->phy_reg[PHY_CTRL] & MII_CR_AUTO_NEG_EN);
1195fed9
GS		 211}
212
b9d03e35
JW		 213static void
214set_phy_ctrl(E1000State *s, int index, uint16_t val)
215{
1195fed9
GS		 216 /* bits 0-5 reserved; MII_CR_[RESTART_AUTO_NEG,RESET] are self clearing */
217 s->phy_reg[PHY_CTRL] = val & ~(0x3f |
218 MII_CR_RESET |
219 MII_CR_RESTART_AUTO_NEG);
220
2af234e6
MT		 221 /*
222 * QEMU 1.3 does not support link auto-negotiation emulation, so if we
223 * migrate during auto negotiation, after migration the link will be
224 * down.
225 */
1195fed9 226 if (have_autoneg(s) && (val & MII_CR_RESTART_AUTO_NEG)) {
b9d03e35 227 e1000_link_down(s);
b9d03e35 228 DBGOUT(PHY, "Start link auto negotiation\n");
1195fed9
GS		 229 timer_mod(s->autoneg_timer,
230 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 500);
b9d03e35
JW		 231 }
232}
233
b9d03e35
JW		 234static void (*phyreg_writeops[])(E1000State *, int, uint16_t) = {
235 [PHY_CTRL] = set_phy_ctrl,
236};
237
238enum { NPHYWRITEOPS = ARRAY_SIZE(phyreg_writeops) };
239
7c23b892 240enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
88b4e9db 241static const char phy_regcap[0x20] = {
20f3e863
LB		 242 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
243 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
244 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
245 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
246 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
247 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R,
6883b591 248 [PHY_AUTONEG_EXP] = PHY_R,
7c23b892
AZ		 249};
250
8597f2e1 251/* PHY_ID2 documented in 8254x_GBe_SDM.pdf, pp. 250 */
814cd3ac 252static const uint16_t phy_reg_init[] = {
20f3e863 253 [PHY_CTRL] = MII_CR_SPEED_SELECT_MSB |
9616c290
GS		 254 MII_CR_FULL_DUPLEX |
255 MII_CR_AUTO_NEG_EN,
256
257 [PHY_STATUS] = MII_SR_EXTENDED_CAPS |
258 MII_SR_LINK_STATUS | /* link initially up */
259 MII_SR_AUTONEG_CAPS |
260 /* MII_SR_AUTONEG_COMPLETE: initially NOT completed */
261 MII_SR_PREAMBLE_SUPPRESS |
262 MII_SR_EXTENDED_STATUS |
263 MII_SR_10T_HD_CAPS |
264 MII_SR_10T_FD_CAPS |
265 MII_SR_100X_HD_CAPS |
266 MII_SR_100X_FD_CAPS,
267
268 [PHY_ID1] = 0x141,
269 /* [PHY_ID2] configured per DevId, from e1000_reset() */
270 [PHY_AUTONEG_ADV] = 0xde1,
271 [PHY_LP_ABILITY] = 0x1e0,
272 [PHY_1000T_CTRL] = 0x0e00,
273 [PHY_1000T_STATUS] = 0x3c00,
274 [M88E1000_PHY_SPEC_CTRL] = 0x360,
814cd3ac 275 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
9616c290 276 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60,
814cd3ac
MT		 277};
278
279static const uint32_t mac_reg_init[] = {
20f3e863
LB		 280 [PBA] = 0x00100030,
281 [LEDCTL] = 0x602,
282 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
814cd3ac 283 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
20f3e863 284 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
814cd3ac
MT		 285 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
286 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
287 E1000_STATUS_LU,
20f3e863 288 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
814cd3ac
MT		 289 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
290 E1000_MANC_RMCP_EN,
291};
292
e9845f09
VM		 293/* Helper function, *curr == 0 means the value is not set */
294static inline void
295mit_update_delay(uint32_t *curr, uint32_t value)
296{
297 if (value && (*curr == 0 || value < *curr)) {
298 *curr = value;
299 }
300}
301
7c23b892
AZ		 302static void
303set_interrupt_cause(E1000State *s, int index, uint32_t val)
304{
b08340d5 305 PCIDevice *d = PCI_DEVICE(s);
e9845f09
VM		 306 uint32_t pending_ints;
307 uint32_t mit_delay;
b08340d5 308
7c23b892 309 s->mac_reg[ICR] = val;
a52a8841
MT		 310
311 /*
312 * Make sure ICR and ICS registers have the same value.
313 * The spec says that the ICS register is write-only. However in practice,
314 * on real hardware ICS is readable, and for reads it has the same value as
315 * ICR (except that ICS does not have the clear on read behaviour of ICR).
316 *
317 * The VxWorks PRO/1000 driver uses this behaviour.
318 */
b1332393 319 s->mac_reg[ICS] = val;
a52a8841 320
e9845f09
VM		 321 pending_ints = (s->mac_reg[IMS] & s->mac_reg[ICR]);
322 if (!s->mit_irq_level && pending_ints) {
323 /*
324 * Here we detect a potential raising edge. We postpone raising the
325 * interrupt line if we are inside the mitigation delay window
326 * (s->mit_timer_on == 1).
327 * We provide a partial implementation of interrupt mitigation,
328 * emulating only RADV, TADV and ITR (lower 16 bits, 1024ns units for
329 * RADV and TADV, 256ns units for ITR). RDTR is only used to enable
330 * RADV; relative timers based on TIDV and RDTR are not implemented.
331 */
332 if (s->mit_timer_on) {
333 return;
334 }
bc0f0674 335 if (chkflag(MIT)) {
e9845f09
VM		 336 /* Compute the next mitigation delay according to pending
337 * interrupts and the current values of RADV (provided
338 * RDTR!=0), TADV and ITR.
339 * Then rearm the timer.
340 */
341 mit_delay = 0;
342 if (s->mit_ide &&
343 (pending_ints & (E1000_ICR_TXQE | E1000_ICR_TXDW))) {
344 mit_update_delay(&mit_delay, s->mac_reg[TADV] * 4);
345 }
346 if (s->mac_reg[RDTR] && (pending_ints & E1000_ICS_RXT0)) {
347 mit_update_delay(&mit_delay, s->mac_reg[RADV] * 4);
348 }
349 mit_update_delay(&mit_delay, s->mac_reg[ITR]);
350
351 if (mit_delay) {
352 s->mit_timer_on = 1;
353 timer_mod(s->mit_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
354 mit_delay * 256);
355 }
356 s->mit_ide = 0;
357 }
358 }
359
360 s->mit_irq_level = (pending_ints != 0);
9e64f8a3 361 pci_set_irq(d, s->mit_irq_level);
e9845f09
VM		 362}
363
364static void
365e1000_mit_timer(void *opaque)
366{
367 E1000State *s = opaque;
368
369 s->mit_timer_on = 0;
370 /* Call set_interrupt_cause to update the irq level (if necessary). */
371 set_interrupt_cause(s, 0, s->mac_reg[ICR]);
7c23b892
AZ		 372}
373
374static void
375set_ics(E1000State *s, int index, uint32_t val)
376{
377 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
378 s->mac_reg[IMS]);
379 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
380}
381
d52aec95
GS		 382static void
383e1000_autoneg_timer(void *opaque)
384{
385 E1000State *s = opaque;
386 if (!qemu_get_queue(s->nic)->link_down) {
387 e1000_link_up(s);
388 s->phy_reg[PHY_LP_ABILITY] |= MII_LPAR_LPACK;
389 s->phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE;
390 DBGOUT(PHY, "Auto negotiation is completed\n");
391 set_ics(s, 0, E1000_ICS_LSC); /* signal link status change to guest */
392 }
393}
394
7c23b892
AZ		 395static int
396rxbufsize(uint32_t v)
397{
398 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
399 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
400 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
401 switch (v) {
402 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
403 return 16384;
404 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
405 return 8192;
406 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
407 return 4096;
408 case E1000_RCTL_SZ_1024:
409 return 1024;
410 case E1000_RCTL_SZ_512:
411 return 512;
412 case E1000_RCTL_SZ_256:
413 return 256;
414 }
415 return 2048;
416}
417
814cd3ac
MT		 418static void e1000_reset(void *opaque)
419{
420 E1000State *d = opaque;
8597f2e1 421 E1000BaseClass *edc = E1000_DEVICE_GET_CLASS(d);
372254c6
GS		 422 uint8_t *macaddr = d->conf.macaddr.a;
423 int i;
814cd3ac 424
bc72ad67 425 timer_del(d->autoneg_timer);
e9845f09
VM		 426 timer_del(d->mit_timer);
427 d->mit_timer_on = 0;
428 d->mit_irq_level = 0;
429 d->mit_ide = 0;
814cd3ac
MT		 430 memset(d->phy_reg, 0, sizeof d->phy_reg);
431 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
8597f2e1 432 d->phy_reg[PHY_ID2] = edc->phy_id2;
814cd3ac
MT		 433 memset(d->mac_reg, 0, sizeof d->mac_reg);
434 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
435 d->rxbuf_min_shift = 1;
436 memset(&d->tx, 0, sizeof d->tx);
437
b356f76d 438 if (qemu_get_queue(d->nic)->link_down) {
71aadd3c 439 e1000_link_down(d);
814cd3ac 440 }
372254c6
GS		 441
442 /* Some guests expect pre-initialized RAH/RAL (AddrValid flag + MACaddr) */
443 d->mac_reg[RA] = 0;
444 d->mac_reg[RA + 1] = E1000_RAH_AV;
445 for (i = 0; i < 4; i++) {
446 d->mac_reg[RA] |= macaddr[i] << (8 * i);
447 d->mac_reg[RA + 1] |= (i < 2) ? macaddr[i + 4] << (8 * i) : 0;
448 }
655d3b63 449 qemu_format_nic_info_str(qemu_get_queue(d->nic), macaddr);
814cd3ac
MT		 450}
451
cab3c825
KW		 452static void
453set_ctrl(E1000State *s, int index, uint32_t val)
454{
455 /* RST is self clearing */
456 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
457}
458
7c23b892
AZ		 459static void
460set_rx_control(E1000State *s, int index, uint32_t val)
461{
462 s->mac_reg[RCTL] = val;
463 s->rxbuf_size = rxbufsize(val);
464 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
465 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
466 s->mac_reg[RCTL]);
b356f76d 467 qemu_flush_queued_packets(qemu_get_queue(s->nic));
7c23b892
AZ		 468}
469
470static void
471set_mdic(E1000State *s, int index, uint32_t val)
472{
473 uint32_t data = val & E1000_MDIC_DATA_MASK;
474 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
475
476 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
477 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
478 else if (val & E1000_MDIC_OP_READ) {
479 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
480 if (!(phy_regcap[addr] & PHY_R)) {
481 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
482 val |= E1000_MDIC_ERROR;
483 } else
484 val = (val ^ data) | s->phy_reg[addr];
485 } else if (val & E1000_MDIC_OP_WRITE) {
486 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
487 if (!(phy_regcap[addr] & PHY_W)) {
488 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
489 val |= E1000_MDIC_ERROR;
b9d03e35
JW		 490 } else {
491 if (addr < NPHYWRITEOPS && phyreg_writeops[addr]) {
492 phyreg_writeops[addr](s, index, data);
1195fed9
GS		 493 } else {
494 s->phy_reg[addr] = data;
b9d03e35 495 }
b9d03e35 496 }
7c23b892
AZ		 497 }
498 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
17fbbb0b
JW		 499
500 if (val & E1000_MDIC_INT_EN) {
501 set_ics(s, 0, E1000_ICR_MDAC);
502 }
7c23b892
AZ		 503}
504
505static uint32_t
506get_eecd(E1000State *s, int index)
507{
508 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
509
510 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
511 s->eecd_state.bitnum_out, s->eecd_state.reading);
512 if (!s->eecd_state.reading ||
513 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
514 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
515 ret |= E1000_EECD_DO;
516 return ret;
517}
518
519static void
520set_eecd(E1000State *s, int index, uint32_t val)
521{
522 uint32_t oldval = s->eecd_state.old_eecd;
523
524 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
525 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
20f3e863
LB		 526 if (!(E1000_EECD_CS & val)) { /* CS inactive; nothing to do */
527 return;
528 }
529 if (E1000_EECD_CS & (val ^ oldval)) { /* CS rise edge; reset state */
530 s->eecd_state.val_in = 0;
531 s->eecd_state.bitnum_in = 0;
532 s->eecd_state.bitnum_out = 0;
533 s->eecd_state.reading = 0;
9651ac55 534 }
20f3e863 535 if (!(E1000_EECD_SK & (val ^ oldval))) { /* no clock edge */
7c23b892 536 return;
20f3e863
LB		 537 }
538 if (!(E1000_EECD_SK & val)) { /* falling edge */
7c23b892
AZ		 539 s->eecd_state.bitnum_out++;
540 return;
541 }
7c23b892
AZ		 542 s->eecd_state.val_in <<= 1;
543 if (val & E1000_EECD_DI)
544 s->eecd_state.val_in |= 1;
545 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
546 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
547 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
548 EEPROM_READ_OPCODE_MICROWIRE);
549 }
550 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
551 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
552 s->eecd_state.reading);
553}
554
555static uint32_t
556flash_eerd_read(E1000State *s, int x)
557{
558 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
559
b1332393
BP		 560 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
561 return (s->mac_reg[EERD]);
562
7c23b892 563 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
b1332393
BP		 564 return (E1000_EEPROM_RW_REG_DONE | r);
565
566 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
567 E1000_EEPROM_RW_REG_DONE | r);
7c23b892
AZ		 568}
569
7c23b892
AZ		 570static void
571putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
572{
c6a6a5e3
AL		 573 uint32_t sum;
574
7c23b892
AZ		 575 if (cse && cse < n)
576 n = cse + 1;
c6a6a5e3
AL		 577 if (sloc < n-1) {
578 sum = net_checksum_add(n-css, data+css);
d8ee2591 579 stw_be_p(data + sloc, net_checksum_finish(sum));
c6a6a5e3 580 }
7c23b892
AZ		 581}
582
1f67f92c
LB		 583static inline void
584inc_reg_if_not_full(E1000State *s, int index)
585{
586 if (s->mac_reg[index] != 0xffffffff) {
587 s->mac_reg[index]++;
588 }
589}
590
8f2e8d1f
AL		 591static inline int
592vlan_enabled(E1000State *s)
593{
594 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
595}
596
597static inline int
598vlan_rx_filter_enabled(E1000State *s)
599{
600 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
601}
602
603static inline int
604is_vlan_packet(E1000State *s, const uint8_t *buf)
605{
606 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
4e60a250 607 le16_to_cpu(s->mac_reg[VET]));
8f2e8d1f
AL		 608}
609
610static inline int
611is_vlan_txd(uint32_t txd_lower)
612{
613 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
614}
615
55e8d1ce
MT		 616/* FCS aka Ethernet CRC-32. We don't get it from backends and can't
617 * fill it in, just pad descriptor length by 4 bytes unless guest
a05e8a6e 618 * told us to strip it off the packet. */
55e8d1ce
MT		 619static inline int
620fcs_len(E1000State *s)
621{
622 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
623}
624
93e37d76
JW		 625static void
626e1000_send_packet(E1000State *s, const uint8_t *buf, int size)
627{
b356f76d 628 NetClientState *nc = qemu_get_queue(s->nic);
93e37d76 629 if (s->phy_reg[PHY_CTRL] & MII_CR_LOOPBACK) {
b356f76d 630 nc->info->receive(nc, buf, size);
93e37d76 631 } else {
b356f76d 632 qemu_send_packet(nc, buf, size);
93e37d76
JW		 633 }
634}
635
7c23b892
AZ		 636static void
637xmit_seg(E1000State *s)
638{
639 uint16_t len, *sp;
640 unsigned int frames = s->tx.tso_frames, css, sofar, n;
641 struct e1000_tx *tp = &s->tx;
642
1b0009db 643 if (tp->tse && tp->cptse) {
7c23b892
AZ		 644 css = tp->ipcss;
645 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
646 frames, tp->size, css);
20f3e863 647 if (tp->ip) { /* IPv4 */
d8ee2591
PM		 648 stw_be_p(tp->data+css+2, tp->size - css);
649 stw_be_p(tp->data+css+4,
20f3e863
LB		 650 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
651 } else { /* IPv6 */
d8ee2591 652 stw_be_p(tp->data+css+4, tp->size - css);
20f3e863 653 }
7c23b892
AZ		 654 css = tp->tucss;
655 len = tp->size - css;
656 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
657 if (tp->tcp) {
658 sofar = frames * tp->mss;
6bd194ab 659 stl_be_p(tp->data+css+4, ldl_be_p(tp->data+css+4)+sofar); /* seq */
7c23b892 660 if (tp->paylen - sofar > tp->mss)
20f3e863
LB		 661 tp->data[css + 13] &= ~9; /* PSH, FIN */
662 } else /* UDP */
d8ee2591 663 stw_be_p(tp->data+css+4, len);
7c23b892 664 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
e685b4eb 665 unsigned int phsum;
7c23b892
AZ		 666 // add pseudo-header length before checksum calculation
667 sp = (uint16_t *)(tp->data + tp->tucso);
e685b4eb
AW		 668 phsum = be16_to_cpup(sp) + len;
669 phsum = (phsum >> 16) + (phsum & 0xffff);
d8ee2591 670 stw_be_p(sp, phsum);
7c23b892
AZ		 671 }
672 tp->tso_frames++;
673 }
674
675 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
676 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
677 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
678 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
8f2e8d1f 679 if (tp->vlan_needed) {
b10fec9b
SW		 680 memmove(tp->vlan, tp->data, 4);
681 memmove(tp->data, tp->data + 4, 8);
8f2e8d1f 682 memcpy(tp->data + 8, tp->vlan_header, 4);
93e37d76 683 e1000_send_packet(s, tp->vlan, tp->size + 4);
20f3e863 684 } else {
93e37d76 685 e1000_send_packet(s, tp->data, tp->size);
20f3e863
LB		 686 }
687
1f67f92c
LB		 688 inc_reg_if_not_full(s, TPT);
689 s->mac_reg[GPTC] = s->mac_reg[TPT];
7c23b892
AZ		 690 n = s->mac_reg[TOTL];
691 if ((s->mac_reg[TOTL] += s->tx.size) < n)
692 s->mac_reg[TOTH]++;
693}
694
695static void
696process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
697{
b08340d5 698 PCIDevice *d = PCI_DEVICE(s);
7c23b892
AZ		 699 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
700 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
701 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
a0ae17a6 702 unsigned int msh = 0xfffff;
7c23b892
AZ		 703 uint64_t addr;
704 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
705 struct e1000_tx *tp = &s->tx;
706
e9845f09 707 s->mit_ide |= (txd_lower & E1000_TXD_CMD_IDE);
20f3e863 708 if (dtype == E1000_TXD_CMD_DEXT) { /* context descriptor */
7c23b892
AZ		 709 op = le32_to_cpu(xp->cmd_and_length);
710 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
711 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
712 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
713 tp->tucss = xp->upper_setup.tcp_fields.tucss;
714 tp->tucso = xp->upper_setup.tcp_fields.tucso;
715 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
716 tp->paylen = op & 0xfffff;
717 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
718 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
719 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
720 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
721 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
722 tp->tso_frames = 0;
20f3e863 723 if (tp->tucso == 0) { /* this is probably wrong */
7c23b892
AZ		 724 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
725 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
726 }
727 return;
1b0009db
AZ		 728 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
729 // data descriptor
735e77ec
SH		 730 if (tp->size == 0) {
731 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
732 }
1b0009db 733 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
43ad7e3e 734 } else {
1b0009db
AZ		 735 // legacy descriptor
736 tp->cptse = 0;
43ad7e3e 737 }
7c23b892 738
8f2e8d1f
AL		 739 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
740 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
741 tp->vlan_needed = 1;
d8ee2591 742 stw_be_p(tp->vlan_header,
4e60a250 743 le16_to_cpu(s->mac_reg[VET]));
d8ee2591 744 stw_be_p(tp->vlan_header + 2,
8f2e8d1f
AL		 745 le16_to_cpu(dp->upper.fields.special));
746 }
20f3e863 747
7c23b892 748 addr = le64_to_cpu(dp->buffer_addr);
1b0009db 749 if (tp->tse && tp->cptse) {
a0ae17a6 750 msh = tp->hdr_len + tp->mss;
1b0009db
AZ		 751 do {
752 bytes = split_size;
753 if (tp->size + bytes > msh)
754 bytes = msh - tp->size;
65f82df0
AL		 755
756 bytes = MIN(sizeof(tp->data) - tp->size, bytes);
b08340d5 757 pci_dma_read(d, addr, tp->data + tp->size, bytes);
a0ae17a6
AJ		 758 sz = tp->size + bytes;
759 if (sz >= tp->hdr_len && tp->size < tp->hdr_len) {
760 memmove(tp->header, tp->data, tp->hdr_len);
761 }
1b0009db
AZ		 762 tp->size = sz;
763 addr += bytes;
764 if (sz == msh) {
765 xmit_seg(s);
a0ae17a6
AJ		 766 memmove(tp->data, tp->header, tp->hdr_len);
767 tp->size = tp->hdr_len;
1b0009db 768 }
b947ac2b
PP		 769 split_size -= bytes;
770 } while (bytes && split_size);
1b0009db
AZ		 771 } else if (!tp->tse && tp->cptse) {
772 // context descriptor TSE is not set, while data descriptor TSE is set
362f5fb5 773 DBGOUT(TXERR, "TCP segmentation error\n");
1b0009db 774 } else {
65f82df0 775 split_size = MIN(sizeof(tp->data) - tp->size, split_size);
b08340d5 776 pci_dma_read(d, addr, tp->data + tp->size, split_size);
1b0009db 777 tp->size += split_size;
7c23b892 778 }
7c23b892
AZ		 779
780 if (!(txd_lower & E1000_TXD_CMD_EOP))
781 return;
a0ae17a6 782 if (!(tp->tse && tp->cptse && tp->size < tp->hdr_len)) {
7c23b892 783 xmit_seg(s);
a0ae17a6 784 }
7c23b892
AZ		 785 tp->tso_frames = 0;
786 tp->sum_needed = 0;
8f2e8d1f 787 tp->vlan_needed = 0;
7c23b892 788 tp->size = 0;
1b0009db 789 tp->cptse = 0;
7c23b892
AZ		 790}
791
792static uint32_t
62ecbd35 793txdesc_writeback(E1000State *s, dma_addr_t base, struct e1000_tx_desc *dp)
7c23b892 794{
b08340d5 795 PCIDevice *d = PCI_DEVICE(s);
7c23b892
AZ		 796 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
797
798 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
799 return 0;
800 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
801 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
802 dp->upper.data = cpu_to_le32(txd_upper);
b08340d5 803 pci_dma_write(d, base + ((char *)&dp->upper - (char *)dp),
00c3a05b 804 &dp->upper, sizeof(dp->upper));
7c23b892
AZ		 805 return E1000_ICR_TXDW;
806}
807
d17161f6
KW		 808static uint64_t tx_desc_base(E1000State *s)
809{
810 uint64_t bah = s->mac_reg[TDBAH];
811 uint64_t bal = s->mac_reg[TDBAL] & ~0xf;
812
813 return (bah << 32) + bal;
814}
815
7c23b892
AZ		 816static void
817start_xmit(E1000State *s)
818{
b08340d5 819 PCIDevice *d = PCI_DEVICE(s);
62ecbd35 820 dma_addr_t base;
7c23b892
AZ		 821 struct e1000_tx_desc desc;
822 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
823
824 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
825 DBGOUT(TX, "tx disabled\n");
826 return;
827 }
828
829 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
d17161f6 830 base = tx_desc_base(s) +
7c23b892 831 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
b08340d5 832 pci_dma_read(d, base, &desc, sizeof(desc));
7c23b892
AZ		 833
834 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
6106075b 835 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
7c23b892
AZ		 836 desc.upper.data);
837
838 process_tx_desc(s, &desc);
62ecbd35 839 cause |= txdesc_writeback(s, base, &desc);
7c23b892
AZ		 840
841 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
842 s->mac_reg[TDH] = 0;
843 /*
844 * the following could happen only if guest sw assigns
845 * bogus values to TDT/TDLEN.
846 * there's nothing too intelligent we could do about this.
847 */
848 if (s->mac_reg[TDH] == tdh_start) {
849 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
850 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
851 break;
852 }
853 }
854 set_ics(s, 0, cause);
855}
856
857static int
858receive_filter(E1000State *s, const uint8_t *buf, int size)
859{
af2960f9
BS		 860 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
861 static const int mta_shift[] = {4, 3, 2, 0};
7c23b892
AZ		 862 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
863
8f2e8d1f
AL		 864 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
865 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
866 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
867 ((vid >> 5) & 0x7f));
868 if ((vfta & (1 << (vid & 0x1f))) == 0)
869 return 0;
870 }
871
7c23b892
AZ		 872 if (rctl & E1000_RCTL_UPE) // promiscuous
873 return 1;
874
875 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
876 return 1;
877
878 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
879 return 1;
880
881 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
882 if (!(rp[1] & E1000_RAH_AV))
883 continue;
884 ra[0] = cpu_to_le32(rp[0]);
885 ra[1] = cpu_to_le32(rp[1]);
886 if (!memcmp(buf, (uint8_t *)ra, 6)) {
887 DBGOUT(RXFILTER,
888 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
889 (int)(rp - s->mac_reg - RA)/2,
890 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
891 return 1;
892 }
893 }
894 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
895 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
896
897 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
898 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
899 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
900 return 1;
901 DBGOUT(RXFILTER,
902 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
903 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
904 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
905 s->mac_reg[MTA + (f >> 5)]);
906
907 return 0;
908}
909
99ed7e30 910static void
4e68f7a0 911e1000_set_link_status(NetClientState *nc)
99ed7e30 912{
cc1f0f45 913 E1000State *s = qemu_get_nic_opaque(nc);
99ed7e30
AL		 914 uint32_t old_status = s->mac_reg[STATUS];
915
d4044c2a 916 if (nc->link_down) {
71aadd3c 917 e1000_link_down(s);
d4044c2a 918 } else {
d7a41552 919 if (have_autoneg(s) &&
6a2acedb
GS		 920 !(s->phy_reg[PHY_STATUS] & MII_SR_AUTONEG_COMPLETE)) {
921 /* emulate auto-negotiation if supported */
922 timer_mod(s->autoneg_timer,
923 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 500);
924 } else {
925 e1000_link_up(s);
926 }
d4044c2a 927 }
99ed7e30
AL		 928
929 if (s->mac_reg[STATUS] != old_status)
930 set_ics(s, 0, E1000_ICR_LSC);
931}
932
322fd48a
MT		 933static bool e1000_has_rxbufs(E1000State *s, size_t total_size)
934{
935 int bufs;
936 /* Fast-path short packets */
937 if (total_size <= s->rxbuf_size) {
e5b8b0d4 938 return s->mac_reg[RDH] != s->mac_reg[RDT];
322fd48a
MT		 939 }
940 if (s->mac_reg[RDH] < s->mac_reg[RDT]) {
941 bufs = s->mac_reg[RDT] - s->mac_reg[RDH];
e5b8b0d4 942 } else if (s->mac_reg[RDH] > s->mac_reg[RDT]) {
322fd48a
MT		 943 bufs = s->mac_reg[RDLEN] / sizeof(struct e1000_rx_desc) +
944 s->mac_reg[RDT] - s->mac_reg[RDH];
945 } else {
946 return false;
947 }
948 return total_size <= bufs * s->rxbuf_size;
949}
950
6cdfab28 951static int
4e68f7a0 952e1000_can_receive(NetClientState *nc)
6cdfab28 953{
cc1f0f45 954 E1000State *s = qemu_get_nic_opaque(nc);
6cdfab28 955
ddcb73b7 956 return (s->mac_reg[STATUS] & E1000_STATUS_LU) &&
20302e71
MT		 957 (s->mac_reg[RCTL] & E1000_RCTL_EN) &&
958 (s->parent_obj.config[PCI_COMMAND] & PCI_COMMAND_MASTER) &&
959 e1000_has_rxbufs(s, 1);
6cdfab28
MT		 960}
961
d17161f6
KW		 962static uint64_t rx_desc_base(E1000State *s)
963{
964 uint64_t bah = s->mac_reg[RDBAH];
965 uint64_t bal = s->mac_reg[RDBAL] & ~0xf;
966
967 return (bah << 32) + bal;
968}
969
4f1c942b 970static ssize_t
97410dde 971e1000_receive_iov(NetClientState *nc, const struct iovec *iov, int iovcnt)
7c23b892 972{
cc1f0f45 973 E1000State *s = qemu_get_nic_opaque(nc);
b08340d5 974 PCIDevice *d = PCI_DEVICE(s);
7c23b892 975 struct e1000_rx_desc desc;
62ecbd35 976 dma_addr_t base;
7c23b892
AZ		 977 unsigned int n, rdt;
978 uint32_t rdh_start;
8f2e8d1f 979 uint16_t vlan_special = 0;
97410dde 980 uint8_t vlan_status = 0;
78aeb23e 981 uint8_t min_buf[MIN_BUF_SIZE];
97410dde
VM		 982 struct iovec min_iov;
983 uint8_t *filter_buf = iov->iov_base;
984 size_t size = iov_size(iov, iovcnt);
985 size_t iov_ofs = 0;
b19487e2
MT		 986 size_t desc_offset;
987 size_t desc_size;
988 size_t total_size;
7c23b892 989
ddcb73b7
MT		 990 if (!(s->mac_reg[STATUS] & E1000_STATUS_LU)) {
991 return -1;
992 }
993
994 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN)) {
4f1c942b 995 return -1;
ddcb73b7 996 }
7c23b892 997
78aeb23e
SH		 998 /* Pad to minimum Ethernet frame length */
999 if (size < sizeof(min_buf)) {
97410dde 1000 iov_to_buf(iov, iovcnt, 0, min_buf, size);
78aeb23e 1001 memset(&min_buf[size], 0, sizeof(min_buf) - size);
97410dde
VM		 1002 min_iov.iov_base = filter_buf = min_buf;
1003 min_iov.iov_len = size = sizeof(min_buf);
1004 iovcnt = 1;
1005 iov = &min_iov;
1006 } else if (iov->iov_len < MAXIMUM_ETHERNET_HDR_LEN) {
1007 /* This is very unlikely, but may happen. */
1008 iov_to_buf(iov, iovcnt, 0, min_buf, MAXIMUM_ETHERNET_HDR_LEN);
1009 filter_buf = min_buf;
78aeb23e
SH		 1010 }
1011
b0d9ffcd 1012 /* Discard oversized packets if !LPE and !SBP. */
2c0331f4
MC		 1013 if ((size > MAXIMUM_ETHERNET_LPE_SIZE ||
1014 (size > MAXIMUM_ETHERNET_VLAN_SIZE
1015 && !(s->mac_reg[RCTL] & E1000_RCTL_LPE)))
b0d9ffcd
MC		 1016 && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) {
1017 return size;
1018 }
1019
97410dde 1020 if (!receive_filter(s, filter_buf, size)) {
4f1c942b 1021 return size;
97410dde 1022 }
7c23b892 1023
97410dde
VM		 1024 if (vlan_enabled(s) && is_vlan_packet(s, filter_buf)) {
1025 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(filter_buf
1026 + 14)));
1027 iov_ofs = 4;
1028 if (filter_buf == iov->iov_base) {
1029 memmove(filter_buf + 4, filter_buf, 12);
1030 } else {
1031 iov_from_buf(iov, iovcnt, 4, filter_buf, 12);
1032 while (iov->iov_len <= iov_ofs) {
1033 iov_ofs -= iov->iov_len;
1034 iov++;
1035 }
1036 }
8f2e8d1f 1037 vlan_status = E1000_RXD_STAT_VP;
8f2e8d1f
AL		 1038 size -= 4;
1039 }
1040
7c23b892 1041 rdh_start = s->mac_reg[RDH];
b19487e2
MT		 1042 desc_offset = 0;
1043 total_size = size + fcs_len(s);
322fd48a
MT		 1044 if (!e1000_has_rxbufs(s, total_size)) {
1045 set_ics(s, 0, E1000_ICS_RXO);
1046 return -1;
1047 }
7c23b892 1048 do {
b19487e2
MT		 1049 desc_size = total_size - desc_offset;
1050 if (desc_size > s->rxbuf_size) {
1051 desc_size = s->rxbuf_size;
1052 }
d17161f6 1053 base = rx_desc_base(s) + sizeof(desc) * s->mac_reg[RDH];
b08340d5 1054 pci_dma_read(d, base, &desc, sizeof(desc));
8f2e8d1f
AL		 1055 desc.special = vlan_special;
1056 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
7c23b892 1057 if (desc.buffer_addr) {
b19487e2 1058 if (desc_offset < size) {
97410dde
VM		 1059 size_t iov_copy;
1060 hwaddr ba = le64_to_cpu(desc.buffer_addr);
b19487e2
MT		 1061 size_t copy_size = size - desc_offset;
1062 if (copy_size > s->rxbuf_size) {
1063 copy_size = s->rxbuf_size;
1064 }
97410dde
VM		 1065 do {
1066 iov_copy = MIN(copy_size, iov->iov_len - iov_ofs);
1067 pci_dma_write(d, ba, iov->iov_base + iov_ofs, iov_copy);
1068 copy_size -= iov_copy;
1069 ba += iov_copy;
1070 iov_ofs += iov_copy;
1071 if (iov_ofs == iov->iov_len) {
1072 iov++;
1073 iov_ofs = 0;
1074 }
1075 } while (copy_size);
b19487e2
MT		 1076 }
1077 desc_offset += desc_size;
ee912ccf 1078 desc.length = cpu_to_le16(desc_size);
b19487e2 1079 if (desc_offset >= total_size) {
b19487e2
MT		 1080 desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM;
1081 } else {
ee912ccf
MT		 1082 /* Guest zeroing out status is not a hardware requirement.
1083 Clear EOP in case guest didn't do it. */
1084 desc.status &= ~E1000_RXD_STAT_EOP;
b19487e2 1085 }
43ad7e3e 1086 } else { // as per intel docs; skip descriptors with null buf addr
7c23b892 1087 DBGOUT(RX, "Null RX descriptor!!\n");
43ad7e3e 1088 }
b08340d5 1089 pci_dma_write(d, base, &desc, sizeof(desc));
7c23b892
AZ		 1090
1091 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
1092 s->mac_reg[RDH] = 0;
7c23b892
AZ		 1093 /* see comment in start_xmit; same here */
1094 if (s->mac_reg[RDH] == rdh_start) {
1095 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
1096 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
1097 set_ics(s, 0, E1000_ICS_RXO);
4f1c942b 1098 return -1;
7c23b892 1099 }
b19487e2 1100 } while (desc_offset < total_size);
7c23b892 1101
1f67f92c
LB		 1102 inc_reg_if_not_full(s, TPR);
1103 s->mac_reg[GPRC] = s->mac_reg[TPR];
a05e8a6e
MT		 1104 /* TOR - Total Octets Received:
1105 * This register includes bytes received in a packet from the <Destination
1106 * Address> field through the <CRC> field, inclusively.
1107 */
1108 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
1109 if (n < s->mac_reg[TORL])
7c23b892 1110 s->mac_reg[TORH]++;
a05e8a6e 1111 s->mac_reg[TORL] = n;
7c23b892
AZ		 1112
1113 n = E1000_ICS_RXT0;
1114 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
1115 rdt += s->mac_reg[RDLEN] / sizeof(desc);
bf16cc8f
AL		 1116 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
1117 s->rxbuf_min_shift)
7c23b892
AZ		 1118 n |= E1000_ICS_RXDMT0;
1119
1120 set_ics(s, 0, n);
4f1c942b
MM		 1121
1122 return size;
7c23b892
AZ		 1123}
1124
97410dde
VM		 1125static ssize_t
1126e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size)
1127{
1128 const struct iovec iov = {
1129 .iov_base = (uint8_t *)buf,
1130 .iov_len = size
1131 };
1132
1133 return e1000_receive_iov(nc, &iov, 1);
1134}
1135
7c23b892
AZ		 1136static uint32_t
1137mac_readreg(E1000State *s, int index)
1138{
1139 return s->mac_reg[index];
1140}
1141
72ea771c
LB		 1142static uint32_t
1143mac_low4_read(E1000State *s, int index)
1144{
1145 return s->mac_reg[index] & 0xf;
1146}
1147
1148static uint32_t
1149mac_low11_read(E1000State *s, int index)
1150{
1151 return s->mac_reg[index] & 0x7ff;
1152}
1153
1154static uint32_t
1155mac_low13_read(E1000State *s, int index)
1156{
1157 return s->mac_reg[index] & 0x1fff;
1158}
1159
1160static uint32_t
1161mac_low16_read(E1000State *s, int index)
1162{
1163 return s->mac_reg[index] & 0xffff;
1164}
1165
7c23b892
AZ		 1166static uint32_t
1167mac_icr_read(E1000State *s, int index)
1168{
1169 uint32_t ret = s->mac_reg[ICR];
1170
1171 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
1172 set_interrupt_cause(s, 0, 0);
1173 return ret;
1174}
1175
1176static uint32_t
1177mac_read_clr4(E1000State *s, int index)
1178{
1179 uint32_t ret = s->mac_reg[index];
1180
1181 s->mac_reg[index] = 0;
1182 return ret;
1183}
1184
1185static uint32_t
1186mac_read_clr8(E1000State *s, int index)
1187{
1188 uint32_t ret = s->mac_reg[index];
1189
1190 s->mac_reg[index] = 0;
1191 s->mac_reg[index-1] = 0;
1192 return ret;
1193}
1194
1195static void
1196mac_writereg(E1000State *s, int index, uint32_t val)
1197{
7c36507c
AK		 1198 uint32_t macaddr[2];
1199
7c23b892 1200 s->mac_reg[index] = val;
7c36507c 1201
90d131fb 1202 if (index == RA + 1) {
7c36507c
AK		 1203 macaddr[0] = cpu_to_le32(s->mac_reg[RA]);
1204 macaddr[1] = cpu_to_le32(s->mac_reg[RA + 1]);
1205 qemu_format_nic_info_str(qemu_get_queue(s->nic), (uint8_t *)macaddr);
1206 }
7c23b892
AZ		 1207}
1208
1209static void
1210set_rdt(E1000State *s, int index, uint32_t val)
1211{
7c23b892 1212 s->mac_reg[index] = val & 0xffff;
e8b4c680 1213 if (e1000_has_rxbufs(s, 1)) {
b356f76d 1214 qemu_flush_queued_packets(qemu_get_queue(s->nic));
e8b4c680 1215 }
7c23b892
AZ		 1216}
1217
1218static void
1219set_16bit(E1000State *s, int index, uint32_t val)
1220{
1221 s->mac_reg[index] = val & 0xffff;
1222}
1223
1224static void
1225set_dlen(E1000State *s, int index, uint32_t val)
1226{
1227 s->mac_reg[index] = val & 0xfff80;
1228}
1229
1230static void
1231set_tctl(E1000State *s, int index, uint32_t val)
1232{
1233 s->mac_reg[index] = val;
1234 s->mac_reg[TDT] &= 0xffff;
1235 start_xmit(s);
1236}
1237
1238static void
1239set_icr(E1000State *s, int index, uint32_t val)
1240{
1241 DBGOUT(INTERRUPT, "set_icr %x\n", val);
1242 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
1243}
1244
1245static void
1246set_imc(E1000State *s, int index, uint32_t val)
1247{
1248 s->mac_reg[IMS] &= ~val;
1249 set_ics(s, 0, 0);
1250}
1251
1252static void
1253set_ims(E1000State *s, int index, uint32_t val)
1254{
1255 s->mac_reg[IMS] |= val;
1256 set_ics(s, 0, 0);
1257}
1258
20f3e863 1259#define getreg(x) [x] = mac_readreg
7c23b892 1260static uint32_t (*macreg_readops[])(E1000State *, int) = {
20f3e863
LB		 1261 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
1262 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
1263 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
1264 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
1265 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
1266 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
1267 getreg(TDLEN), getreg(RDLEN), getreg(RDTR), getreg(RADV),
72ea771c
LB		 1268 getreg(TADV), getreg(ITR), getreg(FCRUC), getreg(IPAV),
1269 getreg(WUC), getreg(WUS), getreg(SCC), getreg(ECOL),
1270 getreg(MCC), getreg(LATECOL), getreg(COLC), getreg(DC),
1271 getreg(TNCRS), getreg(SEC), getreg(CEXTERR), getreg(RLEC),
1272 getreg(XONRXC), getreg(XONTXC), getreg(XOFFRXC), getreg(XOFFTXC),
1273 getreg(RFC), getreg(RJC), getreg(RNBC), getreg(TSCTFC),
1274 getreg(MGTPRC), getreg(MGTPDC), getreg(MGTPTC),
20f3e863
LB		 1275
1276 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8,
1277 [GPRC] = mac_read_clr4, [GPTC] = mac_read_clr4,
1278 [TPT] = mac_read_clr4, [TPR] = mac_read_clr4,
1279 [ICR] = mac_icr_read, [EECD] = get_eecd,
1280 [EERD] = flash_eerd_read,
72ea771c
LB		 1281 [RDFH] = mac_low13_read, [RDFT] = mac_low13_read,
1282 [RDFHS] = mac_low13_read, [RDFTS] = mac_low13_read,
1283 [RDFPC] = mac_low13_read,
1284 [TDFH] = mac_low11_read, [TDFT] = mac_low11_read,
1285 [TDFHS] = mac_low13_read, [TDFTS] = mac_low13_read,
1286 [TDFPC] = mac_low13_read,
1287 [AIT] = mac_low16_read,
20f3e863
LB		 1288
1289 [CRCERRS ... MPC] = &mac_readreg,
72ea771c
LB		 1290 [IP6AT ... IP6AT+3] = &mac_readreg, [IP4AT ... IP4AT+6] = &mac_readreg,
1291 [FFLT ... FFLT+6] = &mac_low11_read,
20f3e863 1292 [RA ... RA+31] = &mac_readreg,
72ea771c 1293 [WUPM ... WUPM+31] = &mac_readreg,
20f3e863 1294 [MTA ... MTA+127] = &mac_readreg,
8f2e8d1f 1295 [VFTA ... VFTA+127] = &mac_readreg,
72ea771c
LB		 1296 [FFMT ... FFMT+254] = &mac_low4_read,
1297 [FFVT ... FFVT+254] = &mac_readreg,
1298 [PBM ... PBM+16383] = &mac_readreg,
7c23b892 1299};
b1503cda 1300enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
7c23b892 1301
20f3e863 1302#define putreg(x) [x] = mac_writereg
7c23b892 1303static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
20f3e863
LB		 1304 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
1305 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
72ea771c
LB		 1306 putreg(RDBAL), putreg(LEDCTL), putreg(VET), putreg(FCRUC),
1307 putreg(TDFH), putreg(TDFT), putreg(TDFHS), putreg(TDFTS),
1308 putreg(TDFPC), putreg(RDFH), putreg(RDFT), putreg(RDFHS),
1309 putreg(RDFTS), putreg(RDFPC), putreg(IPAV), putreg(WUC),
1310 putreg(WUS), putreg(AIT),
20f3e863
LB		 1311
1312 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
1313 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
1314 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
1315 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
1316 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
1317 [RDTR] = set_16bit, [RADV] = set_16bit, [TADV] = set_16bit,
1318 [ITR] = set_16bit,
1319
72ea771c
LB		 1320 [IP6AT ... IP6AT+3] = &mac_writereg, [IP4AT ... IP4AT+6] = &mac_writereg,
1321 [FFLT ... FFLT+6] = &mac_writereg,
20f3e863 1322 [RA ... RA+31] = &mac_writereg,
72ea771c 1323 [WUPM ... WUPM+31] = &mac_writereg,
20f3e863 1324 [MTA ... MTA+127] = &mac_writereg,
8f2e8d1f 1325 [VFTA ... VFTA+127] = &mac_writereg,
72ea771c
LB		 1326 [FFMT ... FFMT+254] = &mac_writereg, [FFVT ... FFVT+254] = &mac_writereg,
1327 [PBM ... PBM+16383] = &mac_writereg,
7c23b892 1328};
b9d03e35 1329
b1503cda 1330enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
7c23b892 1331
bc0f0674
LB		 1332enum { MAC_ACCESS_PARTIAL = 1, MAC_ACCESS_FLAG_NEEDED = 2 };
1333
1334#define markflag(x) ((E1000_FLAG_##x << 2) | MAC_ACCESS_FLAG_NEEDED)
1335/* In the array below the meaning of the bits is: [f|f|f|f|f|f|n|p]
1336 * f - flag bits (up to 6 possible flags)
1337 * n - flag needed
1338 * p - partially implenented */
1339static const uint8_t mac_reg_access[0x8000] = {
1340 [RDTR] = markflag(MIT), [TADV] = markflag(MIT),
1341 [RADV] = markflag(MIT), [ITR] = markflag(MIT),
72ea771c
LB		 1342
1343 [IPAV] = markflag(MAC), [WUC] = markflag(MAC),
1344 [IP6AT] = markflag(MAC), [IP4AT] = markflag(MAC),
1345 [FFVT] = markflag(MAC), [WUPM] = markflag(MAC),
1346 [ECOL] = markflag(MAC), [MCC] = markflag(MAC),
1347 [DC] = markflag(MAC), [TNCRS] = markflag(MAC),
1348 [RLEC] = markflag(MAC), [XONRXC] = markflag(MAC),
1349 [XOFFTXC] = markflag(MAC), [RFC] = markflag(MAC),
1350 [TSCTFC] = markflag(MAC), [MGTPRC] = markflag(MAC),
1351 [WUS] = markflag(MAC), [AIT] = markflag(MAC),
1352 [FFLT] = markflag(MAC), [FFMT] = markflag(MAC),
1353 [SCC] = markflag(MAC), [FCRUC] = markflag(MAC),
1354 [LATECOL] = markflag(MAC), [COLC] = markflag(MAC),
1355 [SEC] = markflag(MAC), [CEXTERR] = markflag(MAC),
1356 [XONTXC] = markflag(MAC), [XOFFRXC] = markflag(MAC),
1357 [RJC] = markflag(MAC), [RNBC] = markflag(MAC),
1358 [MGTPDC] = markflag(MAC), [MGTPTC] = markflag(MAC),
1359
1360 [TDFH] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1361 [TDFT] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1362 [TDFHS] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1363 [TDFTS] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1364 [TDFPC] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1365 [RDFH] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1366 [RDFT] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1367 [RDFHS] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1368 [RDFTS] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1369 [RDFPC] = markflag(MAC) | MAC_ACCESS_PARTIAL,
1370 [PBM] = markflag(MAC) | MAC_ACCESS_PARTIAL,
bc0f0674
LB		 1371};
1372
7c23b892 1373static void
a8170e5e 1374e1000_mmio_write(void *opaque, hwaddr addr, uint64_t val,
ad00a9b9 1375 unsigned size)
7c23b892
AZ		 1376{
1377 E1000State *s = opaque;
8da3ff18 1378 unsigned int index = (addr & 0x1ffff) >> 2;
7c23b892 1379
43ad7e3e 1380 if (index < NWRITEOPS && macreg_writeops[index]) {
bc0f0674
LB		 1381 if (!(mac_reg_access[index] & MAC_ACCESS_FLAG_NEEDED)
1382 || (s->compat_flags & (mac_reg_access[index] >> 2))) {
1383 if (mac_reg_access[index] & MAC_ACCESS_PARTIAL) {
1384 DBGOUT(GENERAL, "Writing to register at offset: 0x%08x. "
1385 "It is not fully implemented.\n", index<<2);
1386 }
1387 macreg_writeops[index](s, index, val);
1388 } else { /* "flag needed" bit is set, but the flag is not active */
1389 DBGOUT(MMIO, "MMIO write attempt to disabled reg. addr=0x%08x\n",
1390 index<<2);
1391 }
43ad7e3e 1392 } else if (index < NREADOPS && macreg_readops[index]) {
bc0f0674
LB		 1393 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04"PRIx64"\n",
1394 index<<2, val);
43ad7e3e 1395 } else {
ad00a9b9 1396 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08"PRIx64"\n",
7c23b892 1397 index<<2, val);
43ad7e3e 1398 }
7c23b892
AZ		 1399}
1400
ad00a9b9 1401static uint64_t
a8170e5e 1402e1000_mmio_read(void *opaque, hwaddr addr, unsigned size)
7c23b892
AZ		 1403{
1404 E1000State *s = opaque;
8da3ff18 1405 unsigned int index = (addr & 0x1ffff) >> 2;
7c23b892 1406
bc0f0674
LB		 1407 if (index < NREADOPS && macreg_readops[index]) {
1408 if (!(mac_reg_access[index] & MAC_ACCESS_FLAG_NEEDED)
1409 || (s->compat_flags & (mac_reg_access[index] >> 2))) {
1410 if (mac_reg_access[index] & MAC_ACCESS_PARTIAL) {
1411 DBGOUT(GENERAL, "Reading register at offset: 0x%08x. "
1412 "It is not fully implemented.\n", index<<2);
1413 }
1414 return macreg_readops[index](s, index);
1415 } else { /* "flag needed" bit is set, but the flag is not active */
1416 DBGOUT(MMIO, "MMIO read attempt of disabled reg. addr=0x%08x\n",
1417 index<<2);
1418 }
1419 } else {
1420 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
6b59fc74 1421 }
7c23b892
AZ		 1422 return 0;
1423}
1424
ad00a9b9
AK		 1425static const MemoryRegionOps e1000_mmio_ops = {
1426 .read = e1000_mmio_read,
1427 .write = e1000_mmio_write,
1428 .endianness = DEVICE_LITTLE_ENDIAN,
1429 .impl = {
1430 .min_access_size = 4,
1431 .max_access_size = 4,
1432 },
1433};
1434
a8170e5e 1435static uint64_t e1000_io_read(void *opaque, hwaddr addr,
ad00a9b9 1436 unsigned size)
7c23b892 1437{
ad00a9b9
AK		 1438 E1000State *s = opaque;
1439
1440 (void)s;
1441 return 0;
7c23b892
AZ		 1442}
1443
a8170e5e 1444static void e1000_io_write(void *opaque, hwaddr addr,
ad00a9b9 1445 uint64_t val, unsigned size)
7c23b892 1446{
ad00a9b9
AK		 1447 E1000State *s = opaque;
1448
1449 (void)s;
7c23b892
AZ		 1450}
1451
ad00a9b9
AK		 1452static const MemoryRegionOps e1000_io_ops = {
1453 .read = e1000_io_read,
1454 .write = e1000_io_write,
1455 .endianness = DEVICE_LITTLE_ENDIAN,
1456};
1457
e482dc3e 1458static bool is_version_1(void *opaque, int version_id)
7c23b892 1459{
e482dc3e 1460 return version_id == 1;
7c23b892
AZ		 1461}
1462
ddcb73b7
MT		 1463static void e1000_pre_save(void *opaque)
1464{
1465 E1000State *s = opaque;
1466 NetClientState *nc = qemu_get_queue(s->nic);
2af234e6 1467
e9845f09
VM		 1468 /* If the mitigation timer is active, emulate a timeout now. */
1469 if (s->mit_timer_on) {
1470 e1000_mit_timer(s);
1471 }
1472
ddcb73b7 1473 /*
6a2acedb
GS		 1474 * If link is down and auto-negotiation is supported and ongoing,
1475 * complete auto-negotiation immediately. This allows us to look
1476 * at MII_SR_AUTONEG_COMPLETE to infer link status on load.
ddcb73b7 1477 */
d7a41552
GS		 1478 if (nc->link_down && have_autoneg(s)) {
1479 s->phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE;
ddcb73b7
MT		 1480 }
1481}
1482
e4b82364
AK		 1483static int e1000_post_load(void *opaque, int version_id)
1484{
1485 E1000State *s = opaque;
b356f76d 1486 NetClientState *nc = qemu_get_queue(s->nic);
e4b82364 1487
bc0f0674 1488 if (!chkflag(MIT)) {
e9845f09
VM		 1489 s->mac_reg[ITR] = s->mac_reg[RDTR] = s->mac_reg[RADV] =
1490 s->mac_reg[TADV] = 0;
1491 s->mit_irq_level = false;
1492 }
1493 s->mit_ide = 0;
1494 s->mit_timer_on = false;
1495
e4b82364 1496 /* nc.link_down can't be migrated, so infer link_down according
ddcb73b7
MT		 1497 * to link status bit in mac_reg[STATUS].
1498 * Alternatively, restart link negotiation if it was in progress. */
b356f76d 1499 nc->link_down = (s->mac_reg[STATUS] & E1000_STATUS_LU) == 0;
2af234e6 1500
d7a41552 1501 if (have_autoneg(s) &&
ddcb73b7
MT		 1502 !(s->phy_reg[PHY_STATUS] & MII_SR_AUTONEG_COMPLETE)) {
1503 nc->link_down = false;
d7a41552
GS		 1504 timer_mod(s->autoneg_timer,
1505 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 500);
ddcb73b7 1506 }
e4b82364
AK		 1507
1508 return 0;
1509}
1510
e9845f09
VM		 1511static bool e1000_mit_state_needed(void *opaque)
1512{
1513 E1000State *s = opaque;
1514
bc0f0674 1515 return chkflag(MIT);
e9845f09
VM		 1516}
1517
9e117734
LB		 1518static bool e1000_full_mac_needed(void *opaque)
1519{
1520 E1000State *s = opaque;
1521
bc0f0674 1522 return chkflag(MAC);
9e117734
LB		 1523}
1524
e9845f09
VM		 1525static const VMStateDescription vmstate_e1000_mit_state = {
1526 .name = "e1000/mit_state",
1527 .version_id = 1,
1528 .minimum_version_id = 1,
5cd8cada 1529 .needed = e1000_mit_state_needed,
d49805ae 1530 .fields = (VMStateField[]) {
e9845f09
VM		 1531 VMSTATE_UINT32(mac_reg[RDTR], E1000State),
1532 VMSTATE_UINT32(mac_reg[RADV], E1000State),
1533 VMSTATE_UINT32(mac_reg[TADV], E1000State),
1534 VMSTATE_UINT32(mac_reg[ITR], E1000State),
1535 VMSTATE_BOOL(mit_irq_level, E1000State),
1536 VMSTATE_END_OF_LIST()
1537 }
1538};
1539
9e117734
LB		 1540static const VMStateDescription vmstate_e1000_full_mac_state = {
1541 .name = "e1000/full_mac_state",
1542 .version_id = 1,
1543 .minimum_version_id = 1,
1544 .needed = e1000_full_mac_needed,
1545 .fields = (VMStateField[]) {
1546 VMSTATE_UINT32_ARRAY(mac_reg, E1000State, 0x8000),
1547 VMSTATE_END_OF_LIST()
1548 }
1549};
1550
e482dc3e
JQ		 1551static const VMStateDescription vmstate_e1000 = {
1552 .name = "e1000",
1553 .version_id = 2,
1554 .minimum_version_id = 1,
ddcb73b7 1555 .pre_save = e1000_pre_save,
e4b82364 1556 .post_load = e1000_post_load,
d49805ae 1557 .fields = (VMStateField[]) {
b08340d5 1558 VMSTATE_PCI_DEVICE(parent_obj, E1000State),
e482dc3e
JQ		 1559 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
1560 VMSTATE_UNUSED(4), /* Was mmio_base. */
1561 VMSTATE_UINT32(rxbuf_size, E1000State),
1562 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
1563 VMSTATE_UINT32(eecd_state.val_in, E1000State),
1564 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
1565 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
1566 VMSTATE_UINT16(eecd_state.reading, E1000State),
1567 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
1568 VMSTATE_UINT8(tx.ipcss, E1000State),
1569 VMSTATE_UINT8(tx.ipcso, E1000State),
1570 VMSTATE_UINT16(tx.ipcse, E1000State),
1571 VMSTATE_UINT8(tx.tucss, E1000State),
1572 VMSTATE_UINT8(tx.tucso, E1000State),
1573 VMSTATE_UINT16(tx.tucse, E1000State),
1574 VMSTATE_UINT32(tx.paylen, E1000State),
1575 VMSTATE_UINT8(tx.hdr_len, E1000State),
1576 VMSTATE_UINT16(tx.mss, E1000State),
1577 VMSTATE_UINT16(tx.size, E1000State),
1578 VMSTATE_UINT16(tx.tso_frames, E1000State),
1579 VMSTATE_UINT8(tx.sum_needed, E1000State),
1580 VMSTATE_INT8(tx.ip, E1000State),
1581 VMSTATE_INT8(tx.tcp, E1000State),
1582 VMSTATE_BUFFER(tx.header, E1000State),
1583 VMSTATE_BUFFER(tx.data, E1000State),
1584 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
1585 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
1586 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
1587 VMSTATE_UINT32(mac_reg[EECD], E1000State),
1588 VMSTATE_UINT32(mac_reg[EERD], E1000State),
1589 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
1590 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
1591 VMSTATE_UINT32(mac_reg[ICR], E1000State),
1592 VMSTATE_UINT32(mac_reg[ICS], E1000State),
1593 VMSTATE_UINT32(mac_reg[IMC], E1000State),
1594 VMSTATE_UINT32(mac_reg[IMS], E1000State),
1595 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
1596 VMSTATE_UINT32(mac_reg[MANC], E1000State),
1597 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
1598 VMSTATE_UINT32(mac_reg[MPC], E1000State),
1599 VMSTATE_UINT32(mac_reg[PBA], E1000State),
1600 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
1601 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
1602 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
1603 VMSTATE_UINT32(mac_reg[RDH], E1000State),
1604 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
1605 VMSTATE_UINT32(mac_reg[RDT], E1000State),
1606 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
1607 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
1608 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
1609 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
1610 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
1611 VMSTATE_UINT32(mac_reg[TDH], E1000State),
1612 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
1613 VMSTATE_UINT32(mac_reg[TDT], E1000State),
1614 VMSTATE_UINT32(mac_reg[TORH], E1000State),
1615 VMSTATE_UINT32(mac_reg[TORL], E1000State),
1616 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
1617 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
1618 VMSTATE_UINT32(mac_reg[TPR], E1000State),
1619 VMSTATE_UINT32(mac_reg[TPT], E1000State),
1620 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
1621 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
1622 VMSTATE_UINT32(mac_reg[VET], E1000State),
1623 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
1624 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
1625 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
1626 VMSTATE_END_OF_LIST()
e9845f09 1627 },
5cd8cada
JQ		 1628 .subsections = (const VMStateDescription*[]) {
1629 &vmstate_e1000_mit_state,
9e117734 1630 &vmstate_e1000_full_mac_state,
5cd8cada 1631 NULL
e482dc3e
JQ		 1632 }
1633};
7c23b892 1634
8597f2e1
GS		 1635/*
1636 * EEPROM contents documented in Tables 5-2 and 5-3, pp. 98-102.
1637 * Note: A valid DevId will be inserted during pci_e1000_init().
1638 */
88b4e9db 1639static const uint16_t e1000_eeprom_template[64] = {
7c23b892 1640 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
8597f2e1 1641 0x3000, 0x1000, 0x6403, 0 /*DevId*/, 0x8086, 0 /*DevId*/, 0x8086, 0x3040,
7c23b892
AZ		 1642 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1643 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1644 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1645 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1646 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1647 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1648};
1649
7c23b892
AZ		 1650/* PCI interface */
1651
7c23b892 1652static void
ad00a9b9 1653e1000_mmio_setup(E1000State *d)
7c23b892 1654{
f65ed4c1
AL		 1655 int i;
1656 const uint32_t excluded_regs[] = {
1657 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1658 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1659 };
1660
eedfac6f
PB		 1661 memory_region_init_io(&d->mmio, OBJECT(d), &e1000_mmio_ops, d,
1662 "e1000-mmio", PNPMMIO_SIZE);
ad00a9b9 1663 memory_region_add_coalescing(&d->mmio, 0, excluded_regs[0]);
f65ed4c1 1664 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
ad00a9b9
AK		 1665 memory_region_add_coalescing(&d->mmio, excluded_regs[i] + 4,
1666 excluded_regs[i+1] - excluded_regs[i] - 4);
eedfac6f 1667 memory_region_init_io(&d->io, OBJECT(d), &e1000_io_ops, d, "e1000-io", IOPORT_SIZE);
7c23b892
AZ		 1668}
1669
f90c2bcd 1670static void
4b09be85
AL		 1671pci_e1000_uninit(PCIDevice *dev)
1672{
567a3c9e 1673 E1000State *d = E1000(dev);
4b09be85 1674
bc72ad67
AB		 1675 timer_del(d->autoneg_timer);
1676 timer_free(d->autoneg_timer);
e9845f09
VM		 1677 timer_del(d->mit_timer);
1678 timer_free(d->mit_timer);
948ecf21 1679 qemu_del_nic(d->nic);
4b09be85
AL		 1680}
1681
a03e2aec 1682static NetClientInfo net_e1000_info = {
2be64a68 1683 .type = NET_CLIENT_OPTIONS_KIND_NIC,
a03e2aec
MM		 1684 .size = sizeof(NICState),
1685 .can_receive = e1000_can_receive,
1686 .receive = e1000_receive,
97410dde 1687 .receive_iov = e1000_receive_iov,
a03e2aec
MM		 1688 .link_status_changed = e1000_set_link_status,
1689};
1690
20302e71
MT		 1691static void e1000_write_config(PCIDevice *pci_dev, uint32_t address,
1692 uint32_t val, int len)
1693{
1694 E1000State *s = E1000(pci_dev);
1695
1696 pci_default_write_config(pci_dev, address, val, len);
1697
1698 if (range_covers_byte(address, len, PCI_COMMAND) &&
1699 (pci_dev->config[PCI_COMMAND] & PCI_COMMAND_MASTER)) {
1700 qemu_flush_queued_packets(qemu_get_queue(s->nic));
1701 }
1702}
1703
1704
9af21dbe 1705static void pci_e1000_realize(PCIDevice *pci_dev, Error **errp)
7c23b892 1706{
567a3c9e
PC		 1707 DeviceState *dev = DEVICE(pci_dev);
1708 E1000State *d = E1000(pci_dev);
8597f2e1 1709 PCIDeviceClass *pdc = PCI_DEVICE_GET_CLASS(pci_dev);
7c23b892 1710 uint8_t *pci_conf;
7c23b892 1711 uint16_t checksum = 0;
7c23b892 1712 int i;
fbdaa002 1713 uint8_t *macaddr;
aff427a1 1714
20302e71
MT		 1715 pci_dev->config_write = e1000_write_config;
1716
b08340d5 1717 pci_conf = pci_dev->config;
7c23b892 1718
a9cbacb0
MT		 1719 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1720 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
7c23b892 1721
817e0b6f 1722 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */
7c23b892 1723
ad00a9b9 1724 e1000_mmio_setup(d);
7c23b892 1725
b08340d5 1726 pci_register_bar(pci_dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->mmio);
7c23b892 1727
b08340d5 1728 pci_register_bar(pci_dev, 1, PCI_BASE_ADDRESS_SPACE_IO, &d->io);
7c23b892 1729
7c23b892
AZ		 1730 memmove(d->eeprom_data, e1000_eeprom_template,
1731 sizeof e1000_eeprom_template);
fbdaa002
GH		 1732 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1733 macaddr = d->conf.macaddr.a;
7c23b892 1734 for (i = 0; i < 3; i++)
9d07d757 1735 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
8597f2e1 1736 d->eeprom_data[11] = d->eeprom_data[13] = pdc->device_id;
7c23b892
AZ		 1737 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1738 checksum += d->eeprom_data[i];
1739 checksum = (uint16_t) EEPROM_SUM - checksum;
1740 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1741
a03e2aec 1742 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
567a3c9e 1743 object_get_typename(OBJECT(d)), dev->id, d);
7c23b892 1744
b356f76d 1745 qemu_format_nic_info_str(qemu_get_queue(d->nic), macaddr);
1ca4d09a 1746
bc72ad67 1747 d->autoneg_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, e1000_autoneg_timer, d);
e9845f09 1748 d->mit_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, e1000_mit_timer, d);
9d07d757 1749}
72da4208 1750
fbdaa002
GH		 1751static void qdev_e1000_reset(DeviceState *dev)
1752{
567a3c9e 1753 E1000State *d = E1000(dev);
fbdaa002
GH		 1754 e1000_reset(d);
1755}
1756
40021f08
AL		 1757static Property e1000_properties[] = {
1758 DEFINE_NIC_PROPERTIES(E1000State, conf),
2af234e6
MT		 1759 DEFINE_PROP_BIT("autonegotiation", E1000State,
1760 compat_flags, E1000_FLAG_AUTONEG_BIT, true),
e9845f09
VM		 1761 DEFINE_PROP_BIT("mitigation", E1000State,
1762 compat_flags, E1000_FLAG_MIT_BIT, true),
40021f08
AL		 1763 DEFINE_PROP_END_OF_LIST(),
1764};
1765
8597f2e1
GS		 1766typedef struct E1000Info {
1767 const char *name;
1768 uint16_t device_id;
1769 uint8_t revision;
1770 uint16_t phy_id2;
8597f2e1
GS		 1771} E1000Info;
1772
40021f08
AL		 1773static void e1000_class_init(ObjectClass *klass, void *data)
1774{
39bffca2 1775 DeviceClass *dc = DEVICE_CLASS(klass);
40021f08 1776 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
8597f2e1
GS		 1777 E1000BaseClass *e = E1000_DEVICE_CLASS(klass);
1778 const E1000Info *info = data;
40021f08 1779
9af21dbe 1780 k->realize = pci_e1000_realize;
40021f08 1781 k->exit = pci_e1000_uninit;
c45e5b5b 1782 k->romfile = "efi-e1000.rom";
40021f08 1783 k->vendor_id = PCI_VENDOR_ID_INTEL;
8597f2e1
GS		 1784 k->device_id = info->device_id;
1785 k->revision = info->revision;
1786 e->phy_id2 = info->phy_id2;
40021f08 1787 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
125ee0ed 1788 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
39bffca2
AL		 1789 dc->desc = "Intel Gigabit Ethernet";
1790 dc->reset = qdev_e1000_reset;
1791 dc->vmsd = &vmstate_e1000;
1792 dc->props = e1000_properties;
40021f08
AL		 1793}
1794
5df3bf62
GA		 1795static void e1000_instance_init(Object *obj)
1796{
1797 E1000State *n = E1000(obj);
1798 device_add_bootindex_property(obj, &n->conf.bootindex,
1799 "bootindex", "/ethernet-phy@0",
1800 DEVICE(n), NULL);
1801}
1802
8597f2e1
GS		 1803static const TypeInfo e1000_base_info = {
1804 .name = TYPE_E1000_BASE,
39bffca2
AL		 1805 .parent = TYPE_PCI_DEVICE,
1806 .instance_size = sizeof(E1000State),
5df3bf62 1807 .instance_init = e1000_instance_init,
8597f2e1
GS		 1808 .class_size = sizeof(E1000BaseClass),
1809 .abstract = true,
1810};
1811
1812static const E1000Info e1000_devices[] = {
1813 {
83044020 1814 .name = "e1000",
8597f2e1
GS		 1815 .device_id = E1000_DEV_ID_82540EM,
1816 .revision = 0x03,
1817 .phy_id2 = E1000_PHY_ID2_8254xx_DEFAULT,
1818 },
1819 {
1820 .name = "e1000-82544gc",
1821 .device_id = E1000_DEV_ID_82544GC_COPPER,
1822 .revision = 0x03,
1823 .phy_id2 = E1000_PHY_ID2_82544x,
1824 },
1825 {
1826 .name = "e1000-82545em",
1827 .device_id = E1000_DEV_ID_82545EM_COPPER,
1828 .revision = 0x03,
1829 .phy_id2 = E1000_PHY_ID2_8254xx_DEFAULT,
1830 },
8597f2e1
GS		 1831};
1832
83f7d43a 1833static void e1000_register_types(void)
9d07d757 1834{
8597f2e1
GS		 1835 int i;
1836
1837 type_register_static(&e1000_base_info);
1838 for (i = 0; i < ARRAY_SIZE(e1000_devices); i++) {
1839 const E1000Info *info = &e1000_devices[i];
1840 TypeInfo type_info = {};
1841
1842 type_info.name = info->name;
1843 type_info.parent = TYPE_E1000_BASE;
1844 type_info.class_data = (void *)info;
1845 type_info.class_init = e1000_class_init;
5df3bf62 1846 type_info.instance_init = e1000_instance_init;
8597f2e1
GS		 1847
1848 type_register(&type_info);
1849 }
7c23b892 1850}
9d07d757 1851
83f7d43a 1852type_init(e1000_register_types)
QEMU mirror