4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
33 #include "sysemu/sysemu.h"
34 #include "sysemu/dma.h"
42 DEBUG_GENERAL
, DEBUG_IO
, DEBUG_MMIO
, DEBUG_INTERRUPT
,
43 DEBUG_RX
, DEBUG_TX
, DEBUG_MDIC
, DEBUG_EEPROM
,
44 DEBUG_UNKNOWN
, DEBUG_TXSUM
, DEBUG_TXERR
, DEBUG_RXERR
,
45 DEBUG_RXFILTER
, DEBUG_PHY
, DEBUG_NOTYET
,
47 #define DBGBIT(x) (1<<DEBUG_##x)
48 static int debugflags
= DBGBIT(TXERR
) | DBGBIT(GENERAL
);
50 #define DBGOUT(what, fmt, ...) do { \
51 if (debugflags & DBGBIT(what)) \
52 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
55 #define DBGOUT(what, fmt, ...) do {} while (0)
58 #define IOPORT_SIZE 0x40
59 #define PNPMMIO_SIZE 0x20000
60 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
62 /* this is the size past which hardware will drop packets when setting LPE=0 */
63 #define MAXIMUM_ETHERNET_VLAN_SIZE 1522
64 /* this is the size past which hardware will drop packets when setting LPE=1 */
65 #define MAXIMUM_ETHERNET_LPE_SIZE 16384
69 * E1000_DEV_ID_82540EM works with Windows and Linux
70 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
71 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
72 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
75 enum { E1000_DEVID
= E1000_DEV_ID_82540EM
};
78 * May need to specify additional MAC-to-PHY entries --
79 * Intel's Windows driver refuses to initialize unless they match
82 PHY_ID2_INIT
= E1000_DEVID
== E1000_DEV_ID_82573L
? 0xcc2 :
83 E1000_DEVID
== E1000_DEV_ID_82544GC_COPPER
? 0xc30 :
84 /* default to E1000_DEV_ID_82540EM */ 0xc20
87 typedef struct E1000State_st
{
94 uint32_t mac_reg
[0x8000];
95 uint16_t phy_reg
[0x20];
96 uint16_t eeprom_data
[64];
99 uint32_t rxbuf_min_shift
;
101 unsigned char header
[256];
102 unsigned char vlan_header
[4];
103 /* Fields vlan and data must not be reordered or separated. */
104 unsigned char vlan
[4];
105 unsigned char data
[0x10000];
107 unsigned char sum_needed
;
108 unsigned char vlan_needed
;
122 char cptse
; // current packet tse bit
126 uint32_t val_in
; // shifted in from guest driver
133 QEMUTimer
*autoneg_timer
;
136 #define defreg(x) x = (E1000_##x>>2)
138 defreg(CTRL
), defreg(EECD
), defreg(EERD
), defreg(GPRC
),
139 defreg(GPTC
), defreg(ICR
), defreg(ICS
), defreg(IMC
),
140 defreg(IMS
), defreg(LEDCTL
), defreg(MANC
), defreg(MDIC
),
141 defreg(MPC
), defreg(PBA
), defreg(RCTL
), defreg(RDBAH
),
142 defreg(RDBAL
), defreg(RDH
), defreg(RDLEN
), defreg(RDT
),
143 defreg(STATUS
), defreg(SWSM
), defreg(TCTL
), defreg(TDBAH
),
144 defreg(TDBAL
), defreg(TDH
), defreg(TDLEN
), defreg(TDT
),
145 defreg(TORH
), defreg(TORL
), defreg(TOTH
), defreg(TOTL
),
146 defreg(TPR
), defreg(TPT
), defreg(TXDCTL
), defreg(WUFC
),
147 defreg(RA
), defreg(MTA
), defreg(CRCERRS
),defreg(VFTA
),
152 e1000_link_down(E1000State
*s
)
154 s
->mac_reg
[STATUS
] &= ~E1000_STATUS_LU
;
155 s
->phy_reg
[PHY_STATUS
] &= ~MII_SR_LINK_STATUS
;
159 e1000_link_up(E1000State
*s
)
161 s
->mac_reg
[STATUS
] |= E1000_STATUS_LU
;
162 s
->phy_reg
[PHY_STATUS
] |= MII_SR_LINK_STATUS
;
166 set_phy_ctrl(E1000State
*s
, int index
, uint16_t val
)
168 if ((val
& MII_CR_AUTO_NEG_EN
) && (val
& MII_CR_RESTART_AUTO_NEG
)) {
169 qemu_get_queue(s
->nic
)->link_down
= true;
171 s
->phy_reg
[PHY_STATUS
] &= ~MII_SR_AUTONEG_COMPLETE
;
172 DBGOUT(PHY
, "Start link auto negotiation\n");
173 qemu_mod_timer(s
->autoneg_timer
, qemu_get_clock_ms(vm_clock
) + 500);
178 e1000_autoneg_timer(void *opaque
)
180 E1000State
*s
= opaque
;
181 qemu_get_queue(s
->nic
)->link_down
= false;
183 s
->phy_reg
[PHY_STATUS
] |= MII_SR_AUTONEG_COMPLETE
;
184 DBGOUT(PHY
, "Auto negotiation is completed\n");
187 static void (*phyreg_writeops
[])(E1000State
*, int, uint16_t) = {
188 [PHY_CTRL
] = set_phy_ctrl
,
191 enum { NPHYWRITEOPS
= ARRAY_SIZE(phyreg_writeops
) };
193 enum { PHY_R
= 1, PHY_W
= 2, PHY_RW
= PHY_R
| PHY_W
};
194 static const char phy_regcap
[0x20] = {
195 [PHY_STATUS
] = PHY_R
, [M88E1000_EXT_PHY_SPEC_CTRL
] = PHY_RW
,
196 [PHY_ID1
] = PHY_R
, [M88E1000_PHY_SPEC_CTRL
] = PHY_RW
,
197 [PHY_CTRL
] = PHY_RW
, [PHY_1000T_CTRL
] = PHY_RW
,
198 [PHY_LP_ABILITY
] = PHY_R
, [PHY_1000T_STATUS
] = PHY_R
,
199 [PHY_AUTONEG_ADV
] = PHY_RW
, [M88E1000_RX_ERR_CNTR
] = PHY_R
,
200 [PHY_ID2
] = PHY_R
, [M88E1000_PHY_SPEC_STATUS
] = PHY_R
203 static const uint16_t phy_reg_init
[] = {
205 [PHY_STATUS
] = 0x794d, /* link initially up with not completed autoneg */
206 [PHY_ID1
] = 0x141, [PHY_ID2
] = PHY_ID2_INIT
,
207 [PHY_1000T_CTRL
] = 0x0e00, [M88E1000_PHY_SPEC_CTRL
] = 0x360,
208 [M88E1000_EXT_PHY_SPEC_CTRL
] = 0x0d60, [PHY_AUTONEG_ADV
] = 0xde1,
209 [PHY_LP_ABILITY
] = 0x1e0, [PHY_1000T_STATUS
] = 0x3c00,
210 [M88E1000_PHY_SPEC_STATUS
] = 0xac00,
213 static const uint32_t mac_reg_init
[] = {
216 [CTRL
] = E1000_CTRL_SWDPIN2
| E1000_CTRL_SWDPIN0
|
217 E1000_CTRL_SPD_1000
| E1000_CTRL_SLU
,
218 [STATUS
] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE
|
219 E1000_STATUS_ASDV
| E1000_STATUS_MTXCKOK
|
220 E1000_STATUS_SPEED_1000
| E1000_STATUS_FD
|
222 [MANC
] = E1000_MANC_EN_MNG2HOST
| E1000_MANC_RCV_TCO_EN
|
223 E1000_MANC_ARP_EN
| E1000_MANC_0298_EN
|
228 set_interrupt_cause(E1000State
*s
, int index
, uint32_t val
)
230 if (val
&& (E1000_DEVID
>= E1000_DEV_ID_82547EI_MOBILE
)) {
232 val
|= E1000_ICR_INT_ASSERTED
;
234 s
->mac_reg
[ICR
] = val
;
237 * Make sure ICR and ICS registers have the same value.
238 * The spec says that the ICS register is write-only. However in practice,
239 * on real hardware ICS is readable, and for reads it has the same value as
240 * ICR (except that ICS does not have the clear on read behaviour of ICR).
242 * The VxWorks PRO/1000 driver uses this behaviour.
244 s
->mac_reg
[ICS
] = val
;
246 qemu_set_irq(s
->dev
.irq
[0], (s
->mac_reg
[IMS
] & s
->mac_reg
[ICR
]) != 0);
250 set_ics(E1000State
*s
, int index
, uint32_t val
)
252 DBGOUT(INTERRUPT
, "set_ics %x, ICR %x, IMR %x\n", val
, s
->mac_reg
[ICR
],
254 set_interrupt_cause(s
, 0, val
| s
->mac_reg
[ICR
]);
258 rxbufsize(uint32_t v
)
260 v
&= E1000_RCTL_BSEX
| E1000_RCTL_SZ_16384
| E1000_RCTL_SZ_8192
|
261 E1000_RCTL_SZ_4096
| E1000_RCTL_SZ_2048
| E1000_RCTL_SZ_1024
|
262 E1000_RCTL_SZ_512
| E1000_RCTL_SZ_256
;
264 case E1000_RCTL_BSEX
| E1000_RCTL_SZ_16384
:
266 case E1000_RCTL_BSEX
| E1000_RCTL_SZ_8192
:
268 case E1000_RCTL_BSEX
| E1000_RCTL_SZ_4096
:
270 case E1000_RCTL_SZ_1024
:
272 case E1000_RCTL_SZ_512
:
274 case E1000_RCTL_SZ_256
:
280 static void e1000_reset(void *opaque
)
282 E1000State
*d
= opaque
;
283 uint8_t *macaddr
= d
->conf
.macaddr
.a
;
286 qemu_del_timer(d
->autoneg_timer
);
287 memset(d
->phy_reg
, 0, sizeof d
->phy_reg
);
288 memmove(d
->phy_reg
, phy_reg_init
, sizeof phy_reg_init
);
289 memset(d
->mac_reg
, 0, sizeof d
->mac_reg
);
290 memmove(d
->mac_reg
, mac_reg_init
, sizeof mac_reg_init
);
291 d
->rxbuf_min_shift
= 1;
292 memset(&d
->tx
, 0, sizeof d
->tx
);
294 if (qemu_get_queue(d
->nic
)->link_down
) {
298 /* Some guests expect pre-initialized RAH/RAL (AddrValid flag + MACaddr) */
300 d
->mac_reg
[RA
+ 1] = E1000_RAH_AV
;
301 for (i
= 0; i
< 4; i
++) {
302 d
->mac_reg
[RA
] |= macaddr
[i
] << (8 * i
);
303 d
->mac_reg
[RA
+ 1] |= (i
< 2) ? macaddr
[i
+ 4] << (8 * i
) : 0;
308 set_ctrl(E1000State
*s
, int index
, uint32_t val
)
310 /* RST is self clearing */
311 s
->mac_reg
[CTRL
] = val
& ~E1000_CTRL_RST
;
315 set_rx_control(E1000State
*s
, int index
, uint32_t val
)
317 s
->mac_reg
[RCTL
] = val
;
318 s
->rxbuf_size
= rxbufsize(val
);
319 s
->rxbuf_min_shift
= ((val
/ E1000_RCTL_RDMTS_QUAT
) & 3) + 1;
320 DBGOUT(RX
, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s
->mac_reg
[RDT
],
322 qemu_flush_queued_packets(qemu_get_queue(s
->nic
));
326 set_mdic(E1000State
*s
, int index
, uint32_t val
)
328 uint32_t data
= val
& E1000_MDIC_DATA_MASK
;
329 uint32_t addr
= ((val
& E1000_MDIC_REG_MASK
) >> E1000_MDIC_REG_SHIFT
);
331 if ((val
& E1000_MDIC_PHY_MASK
) >> E1000_MDIC_PHY_SHIFT
!= 1) // phy #
332 val
= s
->mac_reg
[MDIC
] | E1000_MDIC_ERROR
;
333 else if (val
& E1000_MDIC_OP_READ
) {
334 DBGOUT(MDIC
, "MDIC read reg 0x%x\n", addr
);
335 if (!(phy_regcap
[addr
] & PHY_R
)) {
336 DBGOUT(MDIC
, "MDIC read reg %x unhandled\n", addr
);
337 val
|= E1000_MDIC_ERROR
;
339 val
= (val
^ data
) | s
->phy_reg
[addr
];
340 } else if (val
& E1000_MDIC_OP_WRITE
) {
341 DBGOUT(MDIC
, "MDIC write reg 0x%x, value 0x%x\n", addr
, data
);
342 if (!(phy_regcap
[addr
] & PHY_W
)) {
343 DBGOUT(MDIC
, "MDIC write reg %x unhandled\n", addr
);
344 val
|= E1000_MDIC_ERROR
;
346 if (addr
< NPHYWRITEOPS
&& phyreg_writeops
[addr
]) {
347 phyreg_writeops
[addr
](s
, index
, data
);
349 s
->phy_reg
[addr
] = data
;
352 s
->mac_reg
[MDIC
] = val
| E1000_MDIC_READY
;
354 if (val
& E1000_MDIC_INT_EN
) {
355 set_ics(s
, 0, E1000_ICR_MDAC
);
360 get_eecd(E1000State
*s
, int index
)
362 uint32_t ret
= E1000_EECD_PRES
|E1000_EECD_GNT
| s
->eecd_state
.old_eecd
;
364 DBGOUT(EEPROM
, "reading eeprom bit %d (reading %d)\n",
365 s
->eecd_state
.bitnum_out
, s
->eecd_state
.reading
);
366 if (!s
->eecd_state
.reading
||
367 ((s
->eeprom_data
[(s
->eecd_state
.bitnum_out
>> 4) & 0x3f] >>
368 ((s
->eecd_state
.bitnum_out
& 0xf) ^ 0xf))) & 1)
369 ret
|= E1000_EECD_DO
;
374 set_eecd(E1000State
*s
, int index
, uint32_t val
)
376 uint32_t oldval
= s
->eecd_state
.old_eecd
;
378 s
->eecd_state
.old_eecd
= val
& (E1000_EECD_SK
| E1000_EECD_CS
|
379 E1000_EECD_DI
|E1000_EECD_FWE_MASK
|E1000_EECD_REQ
);
380 if (!(E1000_EECD_CS
& val
)) // CS inactive; nothing to do
382 if (E1000_EECD_CS
& (val
^ oldval
)) { // CS rise edge; reset state
383 s
->eecd_state
.val_in
= 0;
384 s
->eecd_state
.bitnum_in
= 0;
385 s
->eecd_state
.bitnum_out
= 0;
386 s
->eecd_state
.reading
= 0;
388 if (!(E1000_EECD_SK
& (val
^ oldval
))) // no clock edge
390 if (!(E1000_EECD_SK
& val
)) { // falling edge
391 s
->eecd_state
.bitnum_out
++;
394 s
->eecd_state
.val_in
<<= 1;
395 if (val
& E1000_EECD_DI
)
396 s
->eecd_state
.val_in
|= 1;
397 if (++s
->eecd_state
.bitnum_in
== 9 && !s
->eecd_state
.reading
) {
398 s
->eecd_state
.bitnum_out
= ((s
->eecd_state
.val_in
& 0x3f)<<4)-1;
399 s
->eecd_state
.reading
= (((s
->eecd_state
.val_in
>> 6) & 7) ==
400 EEPROM_READ_OPCODE_MICROWIRE
);
402 DBGOUT(EEPROM
, "eeprom bitnum in %d out %d, reading %d\n",
403 s
->eecd_state
.bitnum_in
, s
->eecd_state
.bitnum_out
,
404 s
->eecd_state
.reading
);
408 flash_eerd_read(E1000State
*s
, int x
)
410 unsigned int index
, r
= s
->mac_reg
[EERD
] & ~E1000_EEPROM_RW_REG_START
;
412 if ((s
->mac_reg
[EERD
] & E1000_EEPROM_RW_REG_START
) == 0)
413 return (s
->mac_reg
[EERD
]);
415 if ((index
= r
>> E1000_EEPROM_RW_ADDR_SHIFT
) > EEPROM_CHECKSUM_REG
)
416 return (E1000_EEPROM_RW_REG_DONE
| r
);
418 return ((s
->eeprom_data
[index
] << E1000_EEPROM_RW_REG_DATA
) |
419 E1000_EEPROM_RW_REG_DONE
| r
);
423 putsum(uint8_t *data
, uint32_t n
, uint32_t sloc
, uint32_t css
, uint32_t cse
)
430 sum
= net_checksum_add(n
-css
, data
+css
);
431 cpu_to_be16wu((uint16_t *)(data
+ sloc
),
432 net_checksum_finish(sum
));
437 vlan_enabled(E1000State
*s
)
439 return ((s
->mac_reg
[CTRL
] & E1000_CTRL_VME
) != 0);
443 vlan_rx_filter_enabled(E1000State
*s
)
445 return ((s
->mac_reg
[RCTL
] & E1000_RCTL_VFE
) != 0);
449 is_vlan_packet(E1000State
*s
, const uint8_t *buf
)
451 return (be16_to_cpup((uint16_t *)(buf
+ 12)) ==
452 le16_to_cpup((uint16_t *)(s
->mac_reg
+ VET
)));
456 is_vlan_txd(uint32_t txd_lower
)
458 return ((txd_lower
& E1000_TXD_CMD_VLE
) != 0);
461 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
462 * fill it in, just pad descriptor length by 4 bytes unless guest
463 * told us to strip it off the packet. */
465 fcs_len(E1000State
*s
)
467 return (s
->mac_reg
[RCTL
] & E1000_RCTL_SECRC
) ? 0 : 4;
471 e1000_send_packet(E1000State
*s
, const uint8_t *buf
, int size
)
473 NetClientState
*nc
= qemu_get_queue(s
->nic
);
474 if (s
->phy_reg
[PHY_CTRL
] & MII_CR_LOOPBACK
) {
475 nc
->info
->receive(nc
, buf
, size
);
477 qemu_send_packet(nc
, buf
, size
);
482 xmit_seg(E1000State
*s
)
485 unsigned int frames
= s
->tx
.tso_frames
, css
, sofar
, n
;
486 struct e1000_tx
*tp
= &s
->tx
;
488 if (tp
->tse
&& tp
->cptse
) {
490 DBGOUT(TXSUM
, "frames %d size %d ipcss %d\n",
491 frames
, tp
->size
, css
);
492 if (tp
->ip
) { // IPv4
493 cpu_to_be16wu((uint16_t *)(tp
->data
+css
+2),
495 cpu_to_be16wu((uint16_t *)(tp
->data
+css
+4),
496 be16_to_cpup((uint16_t *)(tp
->data
+css
+4))+frames
);
498 cpu_to_be16wu((uint16_t *)(tp
->data
+css
+4),
501 len
= tp
->size
- css
;
502 DBGOUT(TXSUM
, "tcp %d tucss %d len %d\n", tp
->tcp
, css
, len
);
504 sofar
= frames
* tp
->mss
;
505 cpu_to_be32wu((uint32_t *)(tp
->data
+css
+4), // seq
506 be32_to_cpupu((uint32_t *)(tp
->data
+css
+4))+sofar
);
507 if (tp
->paylen
- sofar
> tp
->mss
)
508 tp
->data
[css
+ 13] &= ~9; // PSH, FIN
510 cpu_to_be16wu((uint16_t *)(tp
->data
+css
+4), len
);
511 if (tp
->sum_needed
& E1000_TXD_POPTS_TXSM
) {
513 // add pseudo-header length before checksum calculation
514 sp
= (uint16_t *)(tp
->data
+ tp
->tucso
);
515 phsum
= be16_to_cpup(sp
) + len
;
516 phsum
= (phsum
>> 16) + (phsum
& 0xffff);
517 cpu_to_be16wu(sp
, phsum
);
522 if (tp
->sum_needed
& E1000_TXD_POPTS_TXSM
)
523 putsum(tp
->data
, tp
->size
, tp
->tucso
, tp
->tucss
, tp
->tucse
);
524 if (tp
->sum_needed
& E1000_TXD_POPTS_IXSM
)
525 putsum(tp
->data
, tp
->size
, tp
->ipcso
, tp
->ipcss
, tp
->ipcse
);
526 if (tp
->vlan_needed
) {
527 memmove(tp
->vlan
, tp
->data
, 4);
528 memmove(tp
->data
, tp
->data
+ 4, 8);
529 memcpy(tp
->data
+ 8, tp
->vlan_header
, 4);
530 e1000_send_packet(s
, tp
->vlan
, tp
->size
+ 4);
532 e1000_send_packet(s
, tp
->data
, tp
->size
);
535 n
= s
->mac_reg
[TOTL
];
536 if ((s
->mac_reg
[TOTL
] += s
->tx
.size
) < n
)
541 process_tx_desc(E1000State
*s
, struct e1000_tx_desc
*dp
)
543 uint32_t txd_lower
= le32_to_cpu(dp
->lower
.data
);
544 uint32_t dtype
= txd_lower
& (E1000_TXD_CMD_DEXT
| E1000_TXD_DTYP_D
);
545 unsigned int split_size
= txd_lower
& 0xffff, bytes
, sz
, op
;
546 unsigned int msh
= 0xfffff, hdr
= 0;
548 struct e1000_context_desc
*xp
= (struct e1000_context_desc
*)dp
;
549 struct e1000_tx
*tp
= &s
->tx
;
551 if (dtype
== E1000_TXD_CMD_DEXT
) { // context descriptor
552 op
= le32_to_cpu(xp
->cmd_and_length
);
553 tp
->ipcss
= xp
->lower_setup
.ip_fields
.ipcss
;
554 tp
->ipcso
= xp
->lower_setup
.ip_fields
.ipcso
;
555 tp
->ipcse
= le16_to_cpu(xp
->lower_setup
.ip_fields
.ipcse
);
556 tp
->tucss
= xp
->upper_setup
.tcp_fields
.tucss
;
557 tp
->tucso
= xp
->upper_setup
.tcp_fields
.tucso
;
558 tp
->tucse
= le16_to_cpu(xp
->upper_setup
.tcp_fields
.tucse
);
559 tp
->paylen
= op
& 0xfffff;
560 tp
->hdr_len
= xp
->tcp_seg_setup
.fields
.hdr_len
;
561 tp
->mss
= le16_to_cpu(xp
->tcp_seg_setup
.fields
.mss
);
562 tp
->ip
= (op
& E1000_TXD_CMD_IP
) ? 1 : 0;
563 tp
->tcp
= (op
& E1000_TXD_CMD_TCP
) ? 1 : 0;
564 tp
->tse
= (op
& E1000_TXD_CMD_TSE
) ? 1 : 0;
566 if (tp
->tucso
== 0) { // this is probably wrong
567 DBGOUT(TXSUM
, "TCP/UDP: cso 0!\n");
568 tp
->tucso
= tp
->tucss
+ (tp
->tcp
? 16 : 6);
571 } else if (dtype
== (E1000_TXD_CMD_DEXT
| E1000_TXD_DTYP_D
)) {
574 tp
->sum_needed
= le32_to_cpu(dp
->upper
.data
) >> 8;
576 tp
->cptse
= ( txd_lower
& E1000_TXD_CMD_TSE
) ? 1 : 0;
582 if (vlan_enabled(s
) && is_vlan_txd(txd_lower
) &&
583 (tp
->cptse
|| txd_lower
& E1000_TXD_CMD_EOP
)) {
585 cpu_to_be16wu((uint16_t *)(tp
->vlan_header
),
586 le16_to_cpup((uint16_t *)(s
->mac_reg
+ VET
)));
587 cpu_to_be16wu((uint16_t *)(tp
->vlan_header
+ 2),
588 le16_to_cpu(dp
->upper
.fields
.special
));
591 addr
= le64_to_cpu(dp
->buffer_addr
);
592 if (tp
->tse
&& tp
->cptse
) {
597 if (tp
->size
+ bytes
> msh
)
598 bytes
= msh
- tp
->size
;
600 bytes
= MIN(sizeof(tp
->data
) - tp
->size
, bytes
);
601 pci_dma_read(&s
->dev
, addr
, tp
->data
+ tp
->size
, bytes
);
602 if ((sz
= tp
->size
+ bytes
) >= hdr
&& tp
->size
< hdr
)
603 memmove(tp
->header
, tp
->data
, hdr
);
608 memmove(tp
->data
, tp
->header
, hdr
);
611 } while (split_size
-= bytes
);
612 } else if (!tp
->tse
&& tp
->cptse
) {
613 // context descriptor TSE is not set, while data descriptor TSE is set
614 DBGOUT(TXERR
, "TCP segmentation error\n");
616 split_size
= MIN(sizeof(tp
->data
) - tp
->size
, split_size
);
617 pci_dma_read(&s
->dev
, addr
, tp
->data
+ tp
->size
, split_size
);
618 tp
->size
+= split_size
;
621 if (!(txd_lower
& E1000_TXD_CMD_EOP
))
623 if (!(tp
->tse
&& tp
->cptse
&& tp
->size
< hdr
))
633 txdesc_writeback(E1000State
*s
, dma_addr_t base
, struct e1000_tx_desc
*dp
)
635 uint32_t txd_upper
, txd_lower
= le32_to_cpu(dp
->lower
.data
);
637 if (!(txd_lower
& (E1000_TXD_CMD_RS
|E1000_TXD_CMD_RPS
)))
639 txd_upper
= (le32_to_cpu(dp
->upper
.data
) | E1000_TXD_STAT_DD
) &
640 ~(E1000_TXD_STAT_EC
| E1000_TXD_STAT_LC
| E1000_TXD_STAT_TU
);
641 dp
->upper
.data
= cpu_to_le32(txd_upper
);
642 pci_dma_write(&s
->dev
, base
+ ((char *)&dp
->upper
- (char *)dp
),
643 &dp
->upper
, sizeof(dp
->upper
));
644 return E1000_ICR_TXDW
;
647 static uint64_t tx_desc_base(E1000State
*s
)
649 uint64_t bah
= s
->mac_reg
[TDBAH
];
650 uint64_t bal
= s
->mac_reg
[TDBAL
] & ~0xf;
652 return (bah
<< 32) + bal
;
656 start_xmit(E1000State
*s
)
659 struct e1000_tx_desc desc
;
660 uint32_t tdh_start
= s
->mac_reg
[TDH
], cause
= E1000_ICS_TXQE
;
662 if (!(s
->mac_reg
[TCTL
] & E1000_TCTL_EN
)) {
663 DBGOUT(TX
, "tx disabled\n");
667 while (s
->mac_reg
[TDH
] != s
->mac_reg
[TDT
]) {
668 base
= tx_desc_base(s
) +
669 sizeof(struct e1000_tx_desc
) * s
->mac_reg
[TDH
];
670 pci_dma_read(&s
->dev
, base
, &desc
, sizeof(desc
));
672 DBGOUT(TX
, "index %d: %p : %x %x\n", s
->mac_reg
[TDH
],
673 (void *)(intptr_t)desc
.buffer_addr
, desc
.lower
.data
,
676 process_tx_desc(s
, &desc
);
677 cause
|= txdesc_writeback(s
, base
, &desc
);
679 if (++s
->mac_reg
[TDH
] * sizeof(desc
) >= s
->mac_reg
[TDLEN
])
682 * the following could happen only if guest sw assigns
683 * bogus values to TDT/TDLEN.
684 * there's nothing too intelligent we could do about this.
686 if (s
->mac_reg
[TDH
] == tdh_start
) {
687 DBGOUT(TXERR
, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
688 tdh_start
, s
->mac_reg
[TDT
], s
->mac_reg
[TDLEN
]);
692 set_ics(s
, 0, cause
);
696 receive_filter(E1000State
*s
, const uint8_t *buf
, int size
)
698 static const uint8_t bcast
[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
699 static const int mta_shift
[] = {4, 3, 2, 0};
700 uint32_t f
, rctl
= s
->mac_reg
[RCTL
], ra
[2], *rp
;
702 if (is_vlan_packet(s
, buf
) && vlan_rx_filter_enabled(s
)) {
703 uint16_t vid
= be16_to_cpup((uint16_t *)(buf
+ 14));
704 uint32_t vfta
= le32_to_cpup((uint32_t *)(s
->mac_reg
+ VFTA
) +
705 ((vid
>> 5) & 0x7f));
706 if ((vfta
& (1 << (vid
& 0x1f))) == 0)
710 if (rctl
& E1000_RCTL_UPE
) // promiscuous
713 if ((buf
[0] & 1) && (rctl
& E1000_RCTL_MPE
)) // promiscuous mcast
716 if ((rctl
& E1000_RCTL_BAM
) && !memcmp(buf
, bcast
, sizeof bcast
))
719 for (rp
= s
->mac_reg
+ RA
; rp
< s
->mac_reg
+ RA
+ 32; rp
+= 2) {
720 if (!(rp
[1] & E1000_RAH_AV
))
722 ra
[0] = cpu_to_le32(rp
[0]);
723 ra
[1] = cpu_to_le32(rp
[1]);
724 if (!memcmp(buf
, (uint8_t *)ra
, 6)) {
726 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
727 (int)(rp
- s
->mac_reg
- RA
)/2,
728 buf
[0], buf
[1], buf
[2], buf
[3], buf
[4], buf
[5]);
732 DBGOUT(RXFILTER
, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
733 buf
[0], buf
[1], buf
[2], buf
[3], buf
[4], buf
[5]);
735 f
= mta_shift
[(rctl
>> E1000_RCTL_MO_SHIFT
) & 3];
736 f
= (((buf
[5] << 8) | buf
[4]) >> f
) & 0xfff;
737 if (s
->mac_reg
[MTA
+ (f
>> 5)] & (1 << (f
& 0x1f)))
740 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
741 buf
[0], buf
[1], buf
[2], buf
[3], buf
[4], buf
[5],
742 (rctl
>> E1000_RCTL_MO_SHIFT
) & 3, f
>> 5,
743 s
->mac_reg
[MTA
+ (f
>> 5)]);
749 e1000_set_link_status(NetClientState
*nc
)
751 E1000State
*s
= qemu_get_nic_opaque(nc
);
752 uint32_t old_status
= s
->mac_reg
[STATUS
];
760 if (s
->mac_reg
[STATUS
] != old_status
)
761 set_ics(s
, 0, E1000_ICR_LSC
);
764 static bool e1000_has_rxbufs(E1000State
*s
, size_t total_size
)
767 /* Fast-path short packets */
768 if (total_size
<= s
->rxbuf_size
) {
769 return s
->mac_reg
[RDH
] != s
->mac_reg
[RDT
];
771 if (s
->mac_reg
[RDH
] < s
->mac_reg
[RDT
]) {
772 bufs
= s
->mac_reg
[RDT
] - s
->mac_reg
[RDH
];
773 } else if (s
->mac_reg
[RDH
] > s
->mac_reg
[RDT
]) {
774 bufs
= s
->mac_reg
[RDLEN
] / sizeof(struct e1000_rx_desc
) +
775 s
->mac_reg
[RDT
] - s
->mac_reg
[RDH
];
779 return total_size
<= bufs
* s
->rxbuf_size
;
783 e1000_can_receive(NetClientState
*nc
)
785 E1000State
*s
= qemu_get_nic_opaque(nc
);
787 return (s
->mac_reg
[RCTL
] & E1000_RCTL_EN
) && e1000_has_rxbufs(s
, 1);
790 static uint64_t rx_desc_base(E1000State
*s
)
792 uint64_t bah
= s
->mac_reg
[RDBAH
];
793 uint64_t bal
= s
->mac_reg
[RDBAL
] & ~0xf;
795 return (bah
<< 32) + bal
;
799 e1000_receive(NetClientState
*nc
, const uint8_t *buf
, size_t size
)
801 E1000State
*s
= qemu_get_nic_opaque(nc
);
802 struct e1000_rx_desc desc
;
806 uint16_t vlan_special
= 0;
807 uint8_t vlan_status
= 0, vlan_offset
= 0;
808 uint8_t min_buf
[MIN_BUF_SIZE
];
813 if (!(s
->mac_reg
[RCTL
] & E1000_RCTL_EN
))
816 /* Pad to minimum Ethernet frame length */
817 if (size
< sizeof(min_buf
)) {
818 memcpy(min_buf
, buf
, size
);
819 memset(&min_buf
[size
], 0, sizeof(min_buf
) - size
);
821 size
= sizeof(min_buf
);
824 /* Discard oversized packets if !LPE and !SBP. */
825 if ((size
> MAXIMUM_ETHERNET_LPE_SIZE
||
826 (size
> MAXIMUM_ETHERNET_VLAN_SIZE
827 && !(s
->mac_reg
[RCTL
] & E1000_RCTL_LPE
)))
828 && !(s
->mac_reg
[RCTL
] & E1000_RCTL_SBP
)) {
832 if (!receive_filter(s
, buf
, size
))
835 if (vlan_enabled(s
) && is_vlan_packet(s
, buf
)) {
836 vlan_special
= cpu_to_le16(be16_to_cpup((uint16_t *)(buf
+ 14)));
837 memmove((uint8_t *)buf
+ 4, buf
, 12);
838 vlan_status
= E1000_RXD_STAT_VP
;
843 rdh_start
= s
->mac_reg
[RDH
];
845 total_size
= size
+ fcs_len(s
);
846 if (!e1000_has_rxbufs(s
, total_size
)) {
847 set_ics(s
, 0, E1000_ICS_RXO
);
851 desc_size
= total_size
- desc_offset
;
852 if (desc_size
> s
->rxbuf_size
) {
853 desc_size
= s
->rxbuf_size
;
855 base
= rx_desc_base(s
) + sizeof(desc
) * s
->mac_reg
[RDH
];
856 pci_dma_read(&s
->dev
, base
, &desc
, sizeof(desc
));
857 desc
.special
= vlan_special
;
858 desc
.status
|= (vlan_status
| E1000_RXD_STAT_DD
);
859 if (desc
.buffer_addr
) {
860 if (desc_offset
< size
) {
861 size_t copy_size
= size
- desc_offset
;
862 if (copy_size
> s
->rxbuf_size
) {
863 copy_size
= s
->rxbuf_size
;
865 pci_dma_write(&s
->dev
, le64_to_cpu(desc
.buffer_addr
),
866 buf
+ desc_offset
+ vlan_offset
, copy_size
);
868 desc_offset
+= desc_size
;
869 desc
.length
= cpu_to_le16(desc_size
);
870 if (desc_offset
>= total_size
) {
871 desc
.status
|= E1000_RXD_STAT_EOP
| E1000_RXD_STAT_IXSM
;
873 /* Guest zeroing out status is not a hardware requirement.
874 Clear EOP in case guest didn't do it. */
875 desc
.status
&= ~E1000_RXD_STAT_EOP
;
877 } else { // as per intel docs; skip descriptors with null buf addr
878 DBGOUT(RX
, "Null RX descriptor!!\n");
880 pci_dma_write(&s
->dev
, base
, &desc
, sizeof(desc
));
882 if (++s
->mac_reg
[RDH
] * sizeof(desc
) >= s
->mac_reg
[RDLEN
])
884 /* see comment in start_xmit; same here */
885 if (s
->mac_reg
[RDH
] == rdh_start
) {
886 DBGOUT(RXERR
, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
887 rdh_start
, s
->mac_reg
[RDT
], s
->mac_reg
[RDLEN
]);
888 set_ics(s
, 0, E1000_ICS_RXO
);
891 } while (desc_offset
< total_size
);
895 /* TOR - Total Octets Received:
896 * This register includes bytes received in a packet from the <Destination
897 * Address> field through the <CRC> field, inclusively.
899 n
= s
->mac_reg
[TORL
] + size
+ /* Always include FCS length. */ 4;
900 if (n
< s
->mac_reg
[TORL
])
902 s
->mac_reg
[TORL
] = n
;
905 if ((rdt
= s
->mac_reg
[RDT
]) < s
->mac_reg
[RDH
])
906 rdt
+= s
->mac_reg
[RDLEN
] / sizeof(desc
);
907 if (((rdt
- s
->mac_reg
[RDH
]) * sizeof(desc
)) <= s
->mac_reg
[RDLEN
] >>
909 n
|= E1000_ICS_RXDMT0
;
917 mac_readreg(E1000State
*s
, int index
)
919 return s
->mac_reg
[index
];
923 mac_icr_read(E1000State
*s
, int index
)
925 uint32_t ret
= s
->mac_reg
[ICR
];
927 DBGOUT(INTERRUPT
, "ICR read: %x\n", ret
);
928 set_interrupt_cause(s
, 0, 0);
933 mac_read_clr4(E1000State
*s
, int index
)
935 uint32_t ret
= s
->mac_reg
[index
];
937 s
->mac_reg
[index
] = 0;
942 mac_read_clr8(E1000State
*s
, int index
)
944 uint32_t ret
= s
->mac_reg
[index
];
946 s
->mac_reg
[index
] = 0;
947 s
->mac_reg
[index
-1] = 0;
952 mac_writereg(E1000State
*s
, int index
, uint32_t val
)
954 s
->mac_reg
[index
] = val
;
958 set_rdt(E1000State
*s
, int index
, uint32_t val
)
960 s
->mac_reg
[index
] = val
& 0xffff;
961 if (e1000_has_rxbufs(s
, 1)) {
962 qemu_flush_queued_packets(qemu_get_queue(s
->nic
));
967 set_16bit(E1000State
*s
, int index
, uint32_t val
)
969 s
->mac_reg
[index
] = val
& 0xffff;
973 set_dlen(E1000State
*s
, int index
, uint32_t val
)
975 s
->mac_reg
[index
] = val
& 0xfff80;
979 set_tctl(E1000State
*s
, int index
, uint32_t val
)
981 s
->mac_reg
[index
] = val
;
982 s
->mac_reg
[TDT
] &= 0xffff;
987 set_icr(E1000State
*s
, int index
, uint32_t val
)
989 DBGOUT(INTERRUPT
, "set_icr %x\n", val
);
990 set_interrupt_cause(s
, 0, s
->mac_reg
[ICR
] & ~val
);
994 set_imc(E1000State
*s
, int index
, uint32_t val
)
996 s
->mac_reg
[IMS
] &= ~val
;
1001 set_ims(E1000State
*s
, int index
, uint32_t val
)
1003 s
->mac_reg
[IMS
] |= val
;
1007 #define getreg(x) [x] = mac_readreg
1008 static uint32_t (*macreg_readops
[])(E1000State
*, int) = {
1009 getreg(PBA
), getreg(RCTL
), getreg(TDH
), getreg(TXDCTL
),
1010 getreg(WUFC
), getreg(TDT
), getreg(CTRL
), getreg(LEDCTL
),
1011 getreg(MANC
), getreg(MDIC
), getreg(SWSM
), getreg(STATUS
),
1012 getreg(TORL
), getreg(TOTL
), getreg(IMS
), getreg(TCTL
),
1013 getreg(RDH
), getreg(RDT
), getreg(VET
), getreg(ICS
),
1014 getreg(TDBAL
), getreg(TDBAH
), getreg(RDBAH
), getreg(RDBAL
),
1015 getreg(TDLEN
), getreg(RDLEN
),
1017 [TOTH
] = mac_read_clr8
, [TORH
] = mac_read_clr8
, [GPRC
] = mac_read_clr4
,
1018 [GPTC
] = mac_read_clr4
, [TPR
] = mac_read_clr4
, [TPT
] = mac_read_clr4
,
1019 [ICR
] = mac_icr_read
, [EECD
] = get_eecd
, [EERD
] = flash_eerd_read
,
1020 [CRCERRS
... MPC
] = &mac_readreg
,
1021 [RA
... RA
+31] = &mac_readreg
,
1022 [MTA
... MTA
+127] = &mac_readreg
,
1023 [VFTA
... VFTA
+127] = &mac_readreg
,
1025 enum { NREADOPS
= ARRAY_SIZE(macreg_readops
) };
1027 #define putreg(x) [x] = mac_writereg
1028 static void (*macreg_writeops
[])(E1000State
*, int, uint32_t) = {
1029 putreg(PBA
), putreg(EERD
), putreg(SWSM
), putreg(WUFC
),
1030 putreg(TDBAL
), putreg(TDBAH
), putreg(TXDCTL
), putreg(RDBAH
),
1031 putreg(RDBAL
), putreg(LEDCTL
), putreg(VET
),
1032 [TDLEN
] = set_dlen
, [RDLEN
] = set_dlen
, [TCTL
] = set_tctl
,
1033 [TDT
] = set_tctl
, [MDIC
] = set_mdic
, [ICS
] = set_ics
,
1034 [TDH
] = set_16bit
, [RDH
] = set_16bit
, [RDT
] = set_rdt
,
1035 [IMC
] = set_imc
, [IMS
] = set_ims
, [ICR
] = set_icr
,
1036 [EECD
] = set_eecd
, [RCTL
] = set_rx_control
, [CTRL
] = set_ctrl
,
1037 [RA
... RA
+31] = &mac_writereg
,
1038 [MTA
... MTA
+127] = &mac_writereg
,
1039 [VFTA
... VFTA
+127] = &mac_writereg
,
1042 enum { NWRITEOPS
= ARRAY_SIZE(macreg_writeops
) };
1045 e1000_mmio_write(void *opaque
, hwaddr addr
, uint64_t val
,
1048 E1000State
*s
= opaque
;
1049 unsigned int index
= (addr
& 0x1ffff) >> 2;
1051 if (index
< NWRITEOPS
&& macreg_writeops
[index
]) {
1052 macreg_writeops
[index
](s
, index
, val
);
1053 } else if (index
< NREADOPS
&& macreg_readops
[index
]) {
1054 DBGOUT(MMIO
, "e1000_mmio_writel RO %x: 0x%04"PRIx64
"\n", index
<<2, val
);
1056 DBGOUT(UNKNOWN
, "MMIO unknown write addr=0x%08x,val=0x%08"PRIx64
"\n",
1062 e1000_mmio_read(void *opaque
, hwaddr addr
, unsigned size
)
1064 E1000State
*s
= opaque
;
1065 unsigned int index
= (addr
& 0x1ffff) >> 2;
1067 if (index
< NREADOPS
&& macreg_readops
[index
])
1069 return macreg_readops
[index
](s
, index
);
1071 DBGOUT(UNKNOWN
, "MMIO unknown read addr=0x%08x\n", index
<<2);
1075 static const MemoryRegionOps e1000_mmio_ops
= {
1076 .read
= e1000_mmio_read
,
1077 .write
= e1000_mmio_write
,
1078 .endianness
= DEVICE_LITTLE_ENDIAN
,
1080 .min_access_size
= 4,
1081 .max_access_size
= 4,
1085 static uint64_t e1000_io_read(void *opaque
, hwaddr addr
,
1088 E1000State
*s
= opaque
;
1094 static void e1000_io_write(void *opaque
, hwaddr addr
,
1095 uint64_t val
, unsigned size
)
1097 E1000State
*s
= opaque
;
1102 static const MemoryRegionOps e1000_io_ops
= {
1103 .read
= e1000_io_read
,
1104 .write
= e1000_io_write
,
1105 .endianness
= DEVICE_LITTLE_ENDIAN
,
1108 static bool is_version_1(void *opaque
, int version_id
)
1110 return version_id
== 1;
1113 static int e1000_post_load(void *opaque
, int version_id
)
1115 E1000State
*s
= opaque
;
1116 NetClientState
*nc
= qemu_get_queue(s
->nic
);
1118 /* nc.link_down can't be migrated, so infer link_down according
1119 * to link status bit in mac_reg[STATUS] */
1120 nc
->link_down
= (s
->mac_reg
[STATUS
] & E1000_STATUS_LU
) == 0;
1125 static const VMStateDescription vmstate_e1000
= {
1128 .minimum_version_id
= 1,
1129 .minimum_version_id_old
= 1,
1130 .post_load
= e1000_post_load
,
1131 .fields
= (VMStateField
[]) {
1132 VMSTATE_PCI_DEVICE(dev
, E1000State
),
1133 VMSTATE_UNUSED_TEST(is_version_1
, 4), /* was instance id */
1134 VMSTATE_UNUSED(4), /* Was mmio_base. */
1135 VMSTATE_UINT32(rxbuf_size
, E1000State
),
1136 VMSTATE_UINT32(rxbuf_min_shift
, E1000State
),
1137 VMSTATE_UINT32(eecd_state
.val_in
, E1000State
),
1138 VMSTATE_UINT16(eecd_state
.bitnum_in
, E1000State
),
1139 VMSTATE_UINT16(eecd_state
.bitnum_out
, E1000State
),
1140 VMSTATE_UINT16(eecd_state
.reading
, E1000State
),
1141 VMSTATE_UINT32(eecd_state
.old_eecd
, E1000State
),
1142 VMSTATE_UINT8(tx
.ipcss
, E1000State
),
1143 VMSTATE_UINT8(tx
.ipcso
, E1000State
),
1144 VMSTATE_UINT16(tx
.ipcse
, E1000State
),
1145 VMSTATE_UINT8(tx
.tucss
, E1000State
),
1146 VMSTATE_UINT8(tx
.tucso
, E1000State
),
1147 VMSTATE_UINT16(tx
.tucse
, E1000State
),
1148 VMSTATE_UINT32(tx
.paylen
, E1000State
),
1149 VMSTATE_UINT8(tx
.hdr_len
, E1000State
),
1150 VMSTATE_UINT16(tx
.mss
, E1000State
),
1151 VMSTATE_UINT16(tx
.size
, E1000State
),
1152 VMSTATE_UINT16(tx
.tso_frames
, E1000State
),
1153 VMSTATE_UINT8(tx
.sum_needed
, E1000State
),
1154 VMSTATE_INT8(tx
.ip
, E1000State
),
1155 VMSTATE_INT8(tx
.tcp
, E1000State
),
1156 VMSTATE_BUFFER(tx
.header
, E1000State
),
1157 VMSTATE_BUFFER(tx
.data
, E1000State
),
1158 VMSTATE_UINT16_ARRAY(eeprom_data
, E1000State
, 64),
1159 VMSTATE_UINT16_ARRAY(phy_reg
, E1000State
, 0x20),
1160 VMSTATE_UINT32(mac_reg
[CTRL
], E1000State
),
1161 VMSTATE_UINT32(mac_reg
[EECD
], E1000State
),
1162 VMSTATE_UINT32(mac_reg
[EERD
], E1000State
),
1163 VMSTATE_UINT32(mac_reg
[GPRC
], E1000State
),
1164 VMSTATE_UINT32(mac_reg
[GPTC
], E1000State
),
1165 VMSTATE_UINT32(mac_reg
[ICR
], E1000State
),
1166 VMSTATE_UINT32(mac_reg
[ICS
], E1000State
),
1167 VMSTATE_UINT32(mac_reg
[IMC
], E1000State
),
1168 VMSTATE_UINT32(mac_reg
[IMS
], E1000State
),
1169 VMSTATE_UINT32(mac_reg
[LEDCTL
], E1000State
),
1170 VMSTATE_UINT32(mac_reg
[MANC
], E1000State
),
1171 VMSTATE_UINT32(mac_reg
[MDIC
], E1000State
),
1172 VMSTATE_UINT32(mac_reg
[MPC
], E1000State
),
1173 VMSTATE_UINT32(mac_reg
[PBA
], E1000State
),
1174 VMSTATE_UINT32(mac_reg
[RCTL
], E1000State
),
1175 VMSTATE_UINT32(mac_reg
[RDBAH
], E1000State
),
1176 VMSTATE_UINT32(mac_reg
[RDBAL
], E1000State
),
1177 VMSTATE_UINT32(mac_reg
[RDH
], E1000State
),
1178 VMSTATE_UINT32(mac_reg
[RDLEN
], E1000State
),
1179 VMSTATE_UINT32(mac_reg
[RDT
], E1000State
),
1180 VMSTATE_UINT32(mac_reg
[STATUS
], E1000State
),
1181 VMSTATE_UINT32(mac_reg
[SWSM
], E1000State
),
1182 VMSTATE_UINT32(mac_reg
[TCTL
], E1000State
),
1183 VMSTATE_UINT32(mac_reg
[TDBAH
], E1000State
),
1184 VMSTATE_UINT32(mac_reg
[TDBAL
], E1000State
),
1185 VMSTATE_UINT32(mac_reg
[TDH
], E1000State
),
1186 VMSTATE_UINT32(mac_reg
[TDLEN
], E1000State
),
1187 VMSTATE_UINT32(mac_reg
[TDT
], E1000State
),
1188 VMSTATE_UINT32(mac_reg
[TORH
], E1000State
),
1189 VMSTATE_UINT32(mac_reg
[TORL
], E1000State
),
1190 VMSTATE_UINT32(mac_reg
[TOTH
], E1000State
),
1191 VMSTATE_UINT32(mac_reg
[TOTL
], E1000State
),
1192 VMSTATE_UINT32(mac_reg
[TPR
], E1000State
),
1193 VMSTATE_UINT32(mac_reg
[TPT
], E1000State
),
1194 VMSTATE_UINT32(mac_reg
[TXDCTL
], E1000State
),
1195 VMSTATE_UINT32(mac_reg
[WUFC
], E1000State
),
1196 VMSTATE_UINT32(mac_reg
[VET
], E1000State
),
1197 VMSTATE_UINT32_SUB_ARRAY(mac_reg
, E1000State
, RA
, 32),
1198 VMSTATE_UINT32_SUB_ARRAY(mac_reg
, E1000State
, MTA
, 128),
1199 VMSTATE_UINT32_SUB_ARRAY(mac_reg
, E1000State
, VFTA
, 128),
1200 VMSTATE_END_OF_LIST()
1204 static const uint16_t e1000_eeprom_template
[64] = {
1205 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
1206 0x3000, 0x1000, 0x6403, E1000_DEVID
, 0x8086, E1000_DEVID
, 0x8086, 0x3040,
1207 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1208 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1209 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1210 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1211 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1212 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1218 e1000_mmio_setup(E1000State
*d
)
1221 const uint32_t excluded_regs
[] = {
1222 E1000_MDIC
, E1000_ICR
, E1000_ICS
, E1000_IMS
,
1223 E1000_IMC
, E1000_TCTL
, E1000_TDT
, PNPMMIO_SIZE
1226 memory_region_init_io(&d
->mmio
, &e1000_mmio_ops
, d
, "e1000-mmio",
1228 memory_region_add_coalescing(&d
->mmio
, 0, excluded_regs
[0]);
1229 for (i
= 0; excluded_regs
[i
] != PNPMMIO_SIZE
; i
++)
1230 memory_region_add_coalescing(&d
->mmio
, excluded_regs
[i
] + 4,
1231 excluded_regs
[i
+1] - excluded_regs
[i
] - 4);
1232 memory_region_init_io(&d
->io
, &e1000_io_ops
, d
, "e1000-io", IOPORT_SIZE
);
1236 e1000_cleanup(NetClientState
*nc
)
1238 E1000State
*s
= qemu_get_nic_opaque(nc
);
1244 pci_e1000_uninit(PCIDevice
*dev
)
1246 E1000State
*d
= DO_UPCAST(E1000State
, dev
, dev
);
1248 qemu_del_timer(d
->autoneg_timer
);
1249 qemu_free_timer(d
->autoneg_timer
);
1250 memory_region_destroy(&d
->mmio
);
1251 memory_region_destroy(&d
->io
);
1252 qemu_del_nic(d
->nic
);
1255 static NetClientInfo net_e1000_info
= {
1256 .type
= NET_CLIENT_OPTIONS_KIND_NIC
,
1257 .size
= sizeof(NICState
),
1258 .can_receive
= e1000_can_receive
,
1259 .receive
= e1000_receive
,
1260 .cleanup
= e1000_cleanup
,
1261 .link_status_changed
= e1000_set_link_status
,
1264 static int pci_e1000_init(PCIDevice
*pci_dev
)
1266 E1000State
*d
= DO_UPCAST(E1000State
, dev
, pci_dev
);
1268 uint16_t checksum
= 0;
1272 pci_conf
= d
->dev
.config
;
1274 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1275 pci_conf
[PCI_CACHE_LINE_SIZE
] = 0x10;
1277 pci_conf
[PCI_INTERRUPT_PIN
] = 1; /* interrupt pin A */
1279 e1000_mmio_setup(d
);
1281 pci_register_bar(&d
->dev
, 0, PCI_BASE_ADDRESS_SPACE_MEMORY
, &d
->mmio
);
1283 pci_register_bar(&d
->dev
, 1, PCI_BASE_ADDRESS_SPACE_IO
, &d
->io
);
1285 memmove(d
->eeprom_data
, e1000_eeprom_template
,
1286 sizeof e1000_eeprom_template
);
1287 qemu_macaddr_default_if_unset(&d
->conf
.macaddr
);
1288 macaddr
= d
->conf
.macaddr
.a
;
1289 for (i
= 0; i
< 3; i
++)
1290 d
->eeprom_data
[i
] = (macaddr
[2*i
+1]<<8) | macaddr
[2*i
];
1291 for (i
= 0; i
< EEPROM_CHECKSUM_REG
; i
++)
1292 checksum
+= d
->eeprom_data
[i
];
1293 checksum
= (uint16_t) EEPROM_SUM
- checksum
;
1294 d
->eeprom_data
[EEPROM_CHECKSUM_REG
] = checksum
;
1296 d
->nic
= qemu_new_nic(&net_e1000_info
, &d
->conf
,
1297 object_get_typename(OBJECT(d
)), d
->dev
.qdev
.id
, d
);
1299 qemu_format_nic_info_str(qemu_get_queue(d
->nic
), macaddr
);
1301 add_boot_device_path(d
->conf
.bootindex
, &pci_dev
->qdev
, "/ethernet-phy@0");
1303 d
->autoneg_timer
= qemu_new_timer_ms(vm_clock
, e1000_autoneg_timer
, d
);
1308 static void qdev_e1000_reset(DeviceState
*dev
)
1310 E1000State
*d
= DO_UPCAST(E1000State
, dev
.qdev
, dev
);
1314 static Property e1000_properties
[] = {
1315 DEFINE_NIC_PROPERTIES(E1000State
, conf
),
1316 DEFINE_PROP_END_OF_LIST(),
1319 static void e1000_class_init(ObjectClass
*klass
, void *data
)
1321 DeviceClass
*dc
= DEVICE_CLASS(klass
);
1322 PCIDeviceClass
*k
= PCI_DEVICE_CLASS(klass
);
1324 k
->init
= pci_e1000_init
;
1325 k
->exit
= pci_e1000_uninit
;
1326 k
->romfile
= "pxe-e1000.rom";
1327 k
->vendor_id
= PCI_VENDOR_ID_INTEL
;
1328 k
->device_id
= E1000_DEVID
;
1330 k
->class_id
= PCI_CLASS_NETWORK_ETHERNET
;
1331 dc
->desc
= "Intel Gigabit Ethernet";
1332 dc
->reset
= qdev_e1000_reset
;
1333 dc
->vmsd
= &vmstate_e1000
;
1334 dc
->props
= e1000_properties
;
1337 static const TypeInfo e1000_info
= {
1339 .parent
= TYPE_PCI_DEVICE
,
1340 .instance_size
= sizeof(E1000State
),
1341 .class_init
= e1000_class_init
,
1344 static void e1000_register_types(void)
1346 type_register_static(&e1000_info
);
1349 type_init(e1000_register_types
)
projects / qemu.git / blob