]> git.proxmox.com Git - qemu.git/blob - hw/e1000.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix compiler warning.
[qemu.git] / hw / e1000.c
1 /*
2 * QEMU e1000 emulation
3 *
4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25
26 #include "hw.h"
27 #include "pci.h"
28 #include "net.h"
29
30 #include "e1000_hw.h"
31
32 #define DEBUG
33
34 #ifdef DEBUG
35 enum {
36 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
37 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
38 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
39 DEBUG_RXFILTER, DEBUG_NOTYET,
40 };
41 #define DBGBIT(x) (1<<DEBUG_##x)
42 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
43
44 #define DBGOUT(what, fmt, params...) do { \
45 if (debugflags & DBGBIT(what)) \
46 fprintf(stderr, "e1000: " fmt, ##params); \
47 } while (0)
48 #else
49 #define DBGOUT(what, fmt, params...) do {} while (0)
50 #endif
51
52 #define IOPORT_SIZE 0x40
53 #define PNPMMIO_SIZE 0x20000
54
55 /*
56 * HW models:
57 * E1000_DEV_ID_82540EM works with Windows and Linux
58 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
59 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
60 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
61 * Others never tested
62 */
63 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
64
65 /*
66 * May need to specify additional MAC-to-PHY entries --
67 * Intel's Windows driver refuses to initialize unless they match
68 */
69 enum {
70 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
71 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
72 /* default to E1000_DEV_ID_82540EM */ 0xc20
73 };
74
75 typedef struct E1000State_st {
76 PCIDevice dev;
77 VLANClientState *vc;
78 NICInfo *nd;
79 uint32_t instance;
80 uint32_t mmio_base;
81 int mmio_index;
82
83 uint32_t mac_reg[0x8000];
84 uint16_t phy_reg[0x20];
85 uint16_t eeprom_data[64];
86
87 uint32_t rxbuf_size;
88 uint32_t rxbuf_min_shift;
89 int check_rxov;
90 struct e1000_tx {
91 unsigned char header[256];
92 unsigned char data[0x10000];
93 uint16_t size;
94 unsigned char sum_needed;
95 uint8_t ipcss;
96 uint8_t ipcso;
97 uint16_t ipcse;
98 uint8_t tucss;
99 uint8_t tucso;
100 uint16_t tucse;
101 uint8_t hdr_len;
102 uint16_t mss;
103 uint32_t paylen;
104 uint16_t tso_frames;
105 char tse;
106 char ip;
107 char tcp;
108 } tx;
109
110 struct {
111 uint32_t val_in; // shifted in from guest driver
112 uint16_t bitnum_in;
113 uint16_t bitnum_out;
114 uint16_t reading;
115 uint32_t old_eecd;
116 } eecd_state;
117 } E1000State;
118
119 #define defreg(x) x = (E1000_##x>>2)
120 enum {
121 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
122 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
123 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
124 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
125 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
126 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
127 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
128 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
129 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
130 defreg(RA), defreg(MTA), defreg(CRCERRS),
131 };
132
133 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
134 static char phy_regcap[0x20] = {
135 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
136 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
137 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
138 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
139 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
140 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
141 };
142
143 static void
144 ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr,
145 uint32_t size, int type)
146 {
147 DBGOUT(IO, "e1000_ioport_map addr=0x%04x size=0x%08x\n", addr, size);
148 }
149
150 static void
151 set_interrupt_cause(E1000State *s, int index, uint32_t val)
152 {
153 if (val)
154 val |= E1000_ICR_INT_ASSERTED;
155 s->mac_reg[ICR] = val;
156 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
157 }
158
159 static void
160 set_ics(E1000State *s, int index, uint32_t val)
161 {
162 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
163 s->mac_reg[IMS]);
164 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
165 }
166
167 static int
168 rxbufsize(uint32_t v)
169 {
170 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
171 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
172 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
173 switch (v) {
174 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
175 return 16384;
176 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
177 return 8192;
178 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
179 return 4096;
180 case E1000_RCTL_SZ_1024:
181 return 1024;
182 case E1000_RCTL_SZ_512:
183 return 512;
184 case E1000_RCTL_SZ_256:
185 return 256;
186 }
187 return 2048;
188 }
189
190 static void
191 set_rx_control(E1000State *s, int index, uint32_t val)
192 {
193 s->mac_reg[RCTL] = val;
194 s->rxbuf_size = rxbufsize(val);
195 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
196 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
197 s->mac_reg[RCTL]);
198 }
199
200 static void
201 set_mdic(E1000State *s, int index, uint32_t val)
202 {
203 uint32_t data = val & E1000_MDIC_DATA_MASK;
204 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
205
206 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
207 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
208 else if (val & E1000_MDIC_OP_READ) {
209 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
210 if (!(phy_regcap[addr] & PHY_R)) {
211 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
212 val |= E1000_MDIC_ERROR;
213 } else
214 val = (val ^ data) | s->phy_reg[addr];
215 } else if (val & E1000_MDIC_OP_WRITE) {
216 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
217 if (!(phy_regcap[addr] & PHY_W)) {
218 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
219 val |= E1000_MDIC_ERROR;
220 } else
221 s->phy_reg[addr] = data;
222 }
223 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
224 set_ics(s, 0, E1000_ICR_MDAC);
225 }
226
227 static uint32_t
228 get_eecd(E1000State *s, int index)
229 {
230 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
231
232 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
233 s->eecd_state.bitnum_out, s->eecd_state.reading);
234 if (!s->eecd_state.reading ||
235 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
236 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
237 ret |= E1000_EECD_DO;
238 return ret;
239 }
240
241 static void
242 set_eecd(E1000State *s, int index, uint32_t val)
243 {
244 uint32_t oldval = s->eecd_state.old_eecd;
245
246 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
247 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
248 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
249 return;
250 if (!(E1000_EECD_SK & val)) { // falling edge
251 s->eecd_state.bitnum_out++;
252 return;
253 }
254 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
255 memset(&s->eecd_state, 0, sizeof s->eecd_state);
256 return;
257 }
258 s->eecd_state.val_in <<= 1;
259 if (val & E1000_EECD_DI)
260 s->eecd_state.val_in |= 1;
261 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
262 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
263 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
264 EEPROM_READ_OPCODE_MICROWIRE);
265 }
266 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
267 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
268 s->eecd_state.reading);
269 }
270
271 static uint32_t
272 flash_eerd_read(E1000State *s, int x)
273 {
274 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
275
276 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
277 return 0;
278 return (s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
279 E1000_EEPROM_RW_REG_DONE | r;
280 }
281
282 static unsigned int
283 do_cksum(uint8_t *dp, uint8_t *de)
284 {
285 unsigned int bsum[2] = {0, 0}, i, sum;
286
287 for (i = 1; dp < de; bsum[i^=1] += *dp++)
288 ;
289 sum = (bsum[0] << 8) + bsum[1];
290 sum = (sum >> 16) + (sum & 0xffff);
291 return ~(sum + (sum >> 16));
292 }
293
294 static void
295 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
296 {
297 if (cse && cse < n)
298 n = cse + 1;
299 if (sloc < n-1)
300 cpu_to_be16wu((uint16_t *)(data + sloc),
301 do_cksum(data + css, data + n));
302 }
303
304 static void
305 xmit_seg(E1000State *s)
306 {
307 uint16_t len, *sp;
308 unsigned int frames = s->tx.tso_frames, css, sofar, n;
309 struct e1000_tx *tp = &s->tx;
310
311 if (tp->tse) {
312 css = tp->ipcss;
313 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
314 frames, tp->size, css);
315 if (tp->ip) { // IPv4
316 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
317 tp->size - css);
318 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
319 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
320 } else // IPv6
321 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
322 tp->size - css);
323 css = tp->tucss;
324 len = tp->size - css;
325 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
326 if (tp->tcp) {
327 sofar = frames * tp->mss;
328 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
329 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
330 if (tp->paylen - sofar > tp->mss)
331 tp->data[css + 13] &= ~9; // PSH, FIN
332 } else // UDP
333 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
334 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
335 // add pseudo-header length before checksum calculation
336 sp = (uint16_t *)(tp->data + tp->tucso);
337 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
338 }
339 tp->tso_frames++;
340 }
341
342 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
343 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
344 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
345 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
346 qemu_send_packet(s->vc, tp->data, tp->size);
347 s->mac_reg[TPT]++;
348 s->mac_reg[GPTC]++;
349 n = s->mac_reg[TOTL];
350 if ((s->mac_reg[TOTL] += s->tx.size) < n)
351 s->mac_reg[TOTH]++;
352 }
353
354 static void
355 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
356 {
357 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
358 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
359 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
360 unsigned int msh = 0xfffff, hdr = 0;
361 uint64_t addr;
362 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
363 struct e1000_tx *tp = &s->tx;
364
365 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
366 op = le32_to_cpu(xp->cmd_and_length);
367 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
368 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
369 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
370 tp->tucss = xp->upper_setup.tcp_fields.tucss;
371 tp->tucso = xp->upper_setup.tcp_fields.tucso;
372 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
373 tp->paylen = op & 0xfffff;
374 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
375 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
376 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
377 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
378 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
379 tp->tso_frames = 0;
380 if (tp->tucso == 0) { // this is probably wrong
381 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
382 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
383 }
384 return;
385 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D))
386 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
387
388 addr = le64_to_cpu(dp->buffer_addr);
389 if (tp->tse) {
390 hdr = tp->hdr_len;
391 msh = hdr + tp->mss;
392 }
393 do {
394 bytes = split_size;
395 if (tp->size + bytes > msh)
396 bytes = msh - tp->size;
397 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
398 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
399 memmove(tp->header, tp->data, hdr);
400 tp->size = sz;
401 addr += bytes;
402 if (sz == msh) {
403 xmit_seg(s);
404 memmove(tp->data, tp->header, hdr);
405 tp->size = hdr;
406 }
407 } while (split_size -= bytes);
408
409 if (!(txd_lower & E1000_TXD_CMD_EOP))
410 return;
411 if (tp->size > hdr)
412 xmit_seg(s);
413 tp->tso_frames = 0;
414 tp->sum_needed = 0;
415 tp->size = 0;
416 }
417
418 static uint32_t
419 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
420 {
421 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
422
423 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
424 return 0;
425 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
426 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
427 dp->upper.data = cpu_to_le32(txd_upper);
428 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
429 (void *)&dp->upper, sizeof(dp->upper));
430 return E1000_ICR_TXDW;
431 }
432
433 static void
434 start_xmit(E1000State *s)
435 {
436 target_phys_addr_t base;
437 struct e1000_tx_desc desc;
438 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
439
440 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
441 DBGOUT(TX, "tx disabled\n");
442 return;
443 }
444
445 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
446 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
447 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
448 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
449
450 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
451 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
452 desc.upper.data);
453
454 process_tx_desc(s, &desc);
455 cause |= txdesc_writeback(base, &desc);
456
457 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
458 s->mac_reg[TDH] = 0;
459 /*
460 * the following could happen only if guest sw assigns
461 * bogus values to TDT/TDLEN.
462 * there's nothing too intelligent we could do about this.
463 */
464 if (s->mac_reg[TDH] == tdh_start) {
465 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
466 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
467 break;
468 }
469 }
470 set_ics(s, 0, cause);
471 }
472
473 static int
474 receive_filter(E1000State *s, const uint8_t *buf, int size)
475 {
476 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
477 static int mta_shift[] = {4, 3, 2, 0};
478 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
479
480 if (rctl & E1000_RCTL_UPE) // promiscuous
481 return 1;
482
483 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
484 return 1;
485
486 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
487 return 1;
488
489 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
490 if (!(rp[1] & E1000_RAH_AV))
491 continue;
492 ra[0] = cpu_to_le32(rp[0]);
493 ra[1] = cpu_to_le32(rp[1]);
494 if (!memcmp(buf, (uint8_t *)ra, 6)) {
495 DBGOUT(RXFILTER,
496 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
497 (int)(rp - s->mac_reg - RA)/2,
498 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
499 return 1;
500 }
501 }
502 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
503 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
504
505 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
506 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
507 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
508 return 1;
509 DBGOUT(RXFILTER,
510 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
511 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
512 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
513 s->mac_reg[MTA + (f >> 5)]);
514
515 return 0;
516 }
517
518 static int
519 e1000_can_receive(void *opaque)
520 {
521 E1000State *s = opaque;
522
523 return (!(s->mac_reg[RCTL] & E1000_RCTL_EN) ||
524 s->mac_reg[RDH] != s->mac_reg[RDT]);
525 }
526
527 static void
528 e1000_receive(void *opaque, const uint8_t *buf, int size)
529 {
530 E1000State *s = opaque;
531 struct e1000_rx_desc desc;
532 target_phys_addr_t base;
533 unsigned int n, rdt;
534 uint32_t rdh_start;
535
536 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
537 return;
538
539 if (size > s->rxbuf_size) {
540 DBGOUT(RX, "packet too large for buffers (%d > %d)\n", size,
541 s->rxbuf_size);
542 return;
543 }
544
545 if (!receive_filter(s, buf, size))
546 return;
547
548 rdh_start = s->mac_reg[RDH];
549 size += 4; // for the header
550 do {
551 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
552 set_ics(s, 0, E1000_ICS_RXO);
553 return;
554 }
555 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
556 sizeof(desc) * s->mac_reg[RDH];
557 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
558 desc.status |= E1000_RXD_STAT_DD;
559 if (desc.buffer_addr) {
560 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
561 (void *)buf, size);
562 desc.length = cpu_to_le16(size);
563 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
564 } else // as per intel docs; skip descriptors with null buf addr
565 DBGOUT(RX, "Null RX descriptor!!\n");
566 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
567
568 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
569 s->mac_reg[RDH] = 0;
570 s->check_rxov = 1;
571 /* see comment in start_xmit; same here */
572 if (s->mac_reg[RDH] == rdh_start) {
573 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
574 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
575 set_ics(s, 0, E1000_ICS_RXO);
576 return;
577 }
578 } while (desc.buffer_addr == 0);
579
580 s->mac_reg[GPRC]++;
581 s->mac_reg[TPR]++;
582 n = s->mac_reg[TORL];
583 if ((s->mac_reg[TORL] += size) < n)
584 s->mac_reg[TORH]++;
585
586 n = E1000_ICS_RXT0;
587 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
588 rdt += s->mac_reg[RDLEN] / sizeof(desc);
589 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) << s->rxbuf_min_shift >=
590 s->mac_reg[RDLEN])
591 n |= E1000_ICS_RXDMT0;
592
593 set_ics(s, 0, n);
594 }
595
596 static uint32_t
597 mac_readreg(E1000State *s, int index)
598 {
599 return s->mac_reg[index];
600 }
601
602 static uint32_t
603 mac_icr_read(E1000State *s, int index)
604 {
605 uint32_t ret = s->mac_reg[ICR];
606
607 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
608 set_interrupt_cause(s, 0, 0);
609 return ret;
610 }
611
612 static uint32_t
613 mac_read_clr4(E1000State *s, int index)
614 {
615 uint32_t ret = s->mac_reg[index];
616
617 s->mac_reg[index] = 0;
618 return ret;
619 }
620
621 static uint32_t
622 mac_read_clr8(E1000State *s, int index)
623 {
624 uint32_t ret = s->mac_reg[index];
625
626 s->mac_reg[index] = 0;
627 s->mac_reg[index-1] = 0;
628 return ret;
629 }
630
631 static void
632 mac_writereg(E1000State *s, int index, uint32_t val)
633 {
634 s->mac_reg[index] = val;
635 }
636
637 static void
638 set_rdt(E1000State *s, int index, uint32_t val)
639 {
640 s->check_rxov = 0;
641 s->mac_reg[index] = val & 0xffff;
642 }
643
644 static void
645 set_16bit(E1000State *s, int index, uint32_t val)
646 {
647 s->mac_reg[index] = val & 0xffff;
648 }
649
650 static void
651 set_dlen(E1000State *s, int index, uint32_t val)
652 {
653 s->mac_reg[index] = val & 0xfff80;
654 }
655
656 static void
657 set_tctl(E1000State *s, int index, uint32_t val)
658 {
659 s->mac_reg[index] = val;
660 s->mac_reg[TDT] &= 0xffff;
661 start_xmit(s);
662 }
663
664 static void
665 set_icr(E1000State *s, int index, uint32_t val)
666 {
667 DBGOUT(INTERRUPT, "set_icr %x\n", val);
668 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
669 }
670
671 static void
672 set_imc(E1000State *s, int index, uint32_t val)
673 {
674 s->mac_reg[IMS] &= ~val;
675 set_ics(s, 0, 0);
676 }
677
678 static void
679 set_ims(E1000State *s, int index, uint32_t val)
680 {
681 s->mac_reg[IMS] |= val;
682 set_ics(s, 0, 0);
683 }
684
685 #define getreg(x) [x] = mac_readreg
686 static uint32_t (*macreg_readops[])(E1000State *, int) = {
687 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
688 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
689 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
690 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
691 getreg(RDH), getreg(RDT),
692
693 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
694 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
695 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
696 [CRCERRS ... MPC] = &mac_readreg,
697 [RA ... RA+31] = &mac_readreg,
698 [MTA ... MTA+127] = &mac_readreg,
699 };
700 enum { NREADOPS = sizeof(macreg_readops) / sizeof(*macreg_readops) };
701
702 #define putreg(x) [x] = mac_writereg
703 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
704 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
705 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
706 putreg(RDBAL), putreg(LEDCTL),
707 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
708 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
709 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
710 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
711 [EECD] = set_eecd, [RCTL] = set_rx_control,
712 [RA ... RA+31] = &mac_writereg,
713 [MTA ... MTA+127] = &mac_writereg,
714 };
715 enum { NWRITEOPS = sizeof(macreg_writeops) / sizeof(*macreg_writeops) };
716
717 static void
718 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
719 {
720 E1000State *s = opaque;
721 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
722
723 #ifdef TARGET_WORDS_BIGENDIAN
724 val = bswap32(val);
725 #endif
726 if (index < NWRITEOPS && macreg_writeops[index])
727 macreg_writeops[index](s, index, val);
728 else if (index < NREADOPS && macreg_readops[index])
729 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
730 else
731 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
732 index<<2, val);
733 }
734
735 static void
736 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
737 {
738 // emulate hw without byte enables: no RMW
739 e1000_mmio_writel(opaque, addr & ~3,
740 (val & 0xffff) << (8*(addr & 3)));
741 }
742
743 static void
744 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
745 {
746 // emulate hw without byte enables: no RMW
747 e1000_mmio_writel(opaque, addr & ~3,
748 (val & 0xff) << (8*(addr & 3)));
749 }
750
751 static uint32_t
752 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
753 {
754 E1000State *s = opaque;
755 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
756
757 if (index < NREADOPS && macreg_readops[index])
758 {
759 uint32_t val = macreg_readops[index](s, index);
760 #ifdef TARGET_WORDS_BIGENDIAN
761 val = bswap32(val);
762 #endif
763 return val;
764 }
765 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
766 return 0;
767 }
768
769 static uint32_t
770 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
771 {
772 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
773 (8 * (addr & 3))) & 0xff;
774 }
775
776 static uint32_t
777 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
778 {
779 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
780 (8 * (addr & 3))) & 0xffff;
781 }
782
783 int mac_regtosave[] = {
784 CTRL, EECD, EERD, GPRC, GPTC, ICR, ICS, IMC, IMS,
785 LEDCTL, MANC, MDIC, MPC, PBA, RCTL, RDBAH, RDBAL, RDH,
786 RDLEN, RDT, STATUS, SWSM, TCTL, TDBAH, TDBAL, TDH, TDLEN,
787 TDT, TORH, TORL, TOTH, TOTL, TPR, TPT, TXDCTL, WUFC,
788 };
789 enum { MAC_NSAVE = sizeof mac_regtosave/sizeof *mac_regtosave };
790
791 struct {
792 int size;
793 int array0;
794 } mac_regarraystosave[] = { {32, RA}, {128, MTA} };
795 enum { MAC_NARRAYS = sizeof mac_regarraystosave/sizeof *mac_regarraystosave };
796
797 static void
798 nic_save(QEMUFile *f, void *opaque)
799 {
800 E1000State *s = (E1000State *)opaque;
801 int i, j;
802
803 pci_device_save(&s->dev, f);
804 qemu_put_be32s(f, &s->instance);
805 qemu_put_be32s(f, &s->mmio_base);
806 qemu_put_be32s(f, &s->rxbuf_size);
807 qemu_put_be32s(f, &s->rxbuf_min_shift);
808 qemu_put_be32s(f, &s->eecd_state.val_in);
809 qemu_put_be16s(f, &s->eecd_state.bitnum_in);
810 qemu_put_be16s(f, &s->eecd_state.bitnum_out);
811 qemu_put_be16s(f, &s->eecd_state.reading);
812 qemu_put_be32s(f, &s->eecd_state.old_eecd);
813 qemu_put_8s(f, &s->tx.ipcss);
814 qemu_put_8s(f, &s->tx.ipcso);
815 qemu_put_be16s(f, &s->tx.ipcse);
816 qemu_put_8s(f, &s->tx.tucss);
817 qemu_put_8s(f, &s->tx.tucso);
818 qemu_put_be16s(f, &s->tx.tucse);
819 qemu_put_be32s(f, &s->tx.paylen);
820 qemu_put_8s(f, &s->tx.hdr_len);
821 qemu_put_be16s(f, &s->tx.mss);
822 qemu_put_be16s(f, &s->tx.size);
823 qemu_put_be16s(f, &s->tx.tso_frames);
824 qemu_put_8s(f, &s->tx.sum_needed);
825 qemu_put_8s(f, &s->tx.ip);
826 qemu_put_8s(f, &s->tx.tcp);
827 qemu_put_buffer(f, s->tx.header, sizeof s->tx.header);
828 qemu_put_buffer(f, s->tx.data, sizeof s->tx.data);
829 for (i = 0; i < 64; i++)
830 qemu_put_be16s(f, s->eeprom_data + i);
831 for (i = 0; i < 0x20; i++)
832 qemu_put_be16s(f, s->phy_reg + i);
833 for (i = 0; i < MAC_NSAVE; i++)
834 qemu_put_be32s(f, s->mac_reg + mac_regtosave[i]);
835 for (i = 0; i < MAC_NARRAYS; i++)
836 for (j = 0; j < mac_regarraystosave[i].size; j++)
837 qemu_put_be32s(f,
838 s->mac_reg + mac_regarraystosave[i].array0 + j);
839 }
840
841 static int
842 nic_load(QEMUFile *f, void *opaque, int version_id)
843 {
844 E1000State *s = (E1000State *)opaque;
845 int i, j, ret;
846
847 if ((ret = pci_device_load(&s->dev, f)) < 0)
848 return ret;
849 qemu_get_be32s(f, &s->instance);
850 qemu_get_be32s(f, &s->mmio_base);
851 qemu_get_be32s(f, &s->rxbuf_size);
852 qemu_get_be32s(f, &s->rxbuf_min_shift);
853 qemu_get_be32s(f, &s->eecd_state.val_in);
854 qemu_get_be16s(f, &s->eecd_state.bitnum_in);
855 qemu_get_be16s(f, &s->eecd_state.bitnum_out);
856 qemu_get_be16s(f, &s->eecd_state.reading);
857 qemu_get_be32s(f, &s->eecd_state.old_eecd);
858 qemu_get_8s(f, &s->tx.ipcss);
859 qemu_get_8s(f, &s->tx.ipcso);
860 qemu_get_be16s(f, &s->tx.ipcse);
861 qemu_get_8s(f, &s->tx.tucss);
862 qemu_get_8s(f, &s->tx.tucso);
863 qemu_get_be16s(f, &s->tx.tucse);
864 qemu_get_be32s(f, &s->tx.paylen);
865 qemu_get_8s(f, &s->tx.hdr_len);
866 qemu_get_be16s(f, &s->tx.mss);
867 qemu_get_be16s(f, &s->tx.size);
868 qemu_get_be16s(f, &s->tx.tso_frames);
869 qemu_get_8s(f, &s->tx.sum_needed);
870 qemu_get_8s(f, &s->tx.ip);
871 qemu_get_8s(f, &s->tx.tcp);
872 qemu_get_buffer(f, s->tx.header, sizeof s->tx.header);
873 qemu_get_buffer(f, s->tx.data, sizeof s->tx.data);
874 for (i = 0; i < 64; i++)
875 qemu_get_be16s(f, s->eeprom_data + i);
876 for (i = 0; i < 0x20; i++)
877 qemu_get_be16s(f, s->phy_reg + i);
878 for (i = 0; i < MAC_NSAVE; i++)
879 qemu_get_be32s(f, s->mac_reg + mac_regtosave[i]);
880 for (i = 0; i < MAC_NARRAYS; i++)
881 for (j = 0; j < mac_regarraystosave[i].size; j++)
882 qemu_get_be32s(f,
883 s->mac_reg + mac_regarraystosave[i].array0 + j);
884 return 0;
885 }
886
887 static uint16_t e1000_eeprom_template[64] = {
888 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
889 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
890 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
891 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
892 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
893 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
894 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
895 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
896 };
897
898 static uint16_t phy_reg_init[] = {
899 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
900 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
901 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
902 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
903 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
904 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
905 };
906
907 static uint32_t mac_reg_init[] = {
908 [PBA] = 0x00100030,
909 [LEDCTL] = 0x602,
910 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
911 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
912 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
913 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
914 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
915 E1000_STATUS_LU,
916 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
917 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
918 E1000_MANC_RMCP_EN,
919 };
920
921 /* PCI interface */
922
923 static CPUWriteMemoryFunc *e1000_mmio_write[] = {
924 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
925 };
926
927 static CPUReadMemoryFunc *e1000_mmio_read[] = {
928 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
929 };
930
931 static void
932 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
933 uint32_t addr, uint32_t size, int type)
934 {
935 E1000State *d = (E1000State *)pci_dev;
936
937 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08x 0x%08x\n", addr, size);
938
939 d->mmio_base = addr;
940 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
941 }
942
943 void
944 pci_e1000_init(PCIBus *bus, NICInfo *nd, int devfn)
945 {
946 E1000State *d;
947 uint8_t *pci_conf;
948 static int instance;
949 uint16_t checksum = 0;
950 char *info_str = "e1000";
951 int i;
952
953 d = (E1000State *)pci_register_device(bus, "e1000",
954 sizeof(E1000State), devfn, NULL, NULL);
955
956 pci_conf = d->dev.config;
957 memset(pci_conf, 0, 256);
958
959 *(uint16_t *)(pci_conf+0x00) = cpu_to_le16(0x8086);
960 *(uint16_t *)(pci_conf+0x02) = cpu_to_le16(E1000_DEVID);
961 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
962 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
963 pci_conf[0x08] = 0x03;
964 pci_conf[0x0a] = 0x00; // ethernet network controller
965 pci_conf[0x0b] = 0x02;
966 pci_conf[0x0c] = 0x10;
967
968 pci_conf[0x3d] = 1; // interrupt pin 0
969
970 d->mmio_index = cpu_register_io_memory(0, e1000_mmio_read,
971 e1000_mmio_write, d);
972
973 pci_register_io_region((PCIDevice *)d, 0, PNPMMIO_SIZE,
974 PCI_ADDRESS_SPACE_MEM, e1000_mmio_map);
975
976 pci_register_io_region((PCIDevice *)d, 1, IOPORT_SIZE,
977 PCI_ADDRESS_SPACE_IO, ioport_map);
978
979 d->instance = instance++;
980
981 d->nd = nd;
982 memmove(d->eeprom_data, e1000_eeprom_template,
983 sizeof e1000_eeprom_template);
984 for (i = 0; i < 3; i++)
985 d->eeprom_data[i] = (nd->macaddr[2*i+1]<<8) | nd->macaddr[2*i];
986 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
987 checksum += d->eeprom_data[i];
988 checksum = (uint16_t) EEPROM_SUM - checksum;
989 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
990
991 memset(d->phy_reg, 0, sizeof d->phy_reg);
992 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
993 memset(d->mac_reg, 0, sizeof d->mac_reg);
994 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
995 d->rxbuf_min_shift = 1;
996 memset(&d->tx, 0, sizeof d->tx);
997
998 d->vc = qemu_new_vlan_client(nd->vlan, e1000_receive,
999 e1000_can_receive, d);
1000
1001 snprintf(d->vc->info_str, sizeof(d->vc->info_str),
1002 "%s macaddr=%02x:%02x:%02x:%02x:%02x:%02x", info_str,
1003 d->nd->macaddr[0], d->nd->macaddr[1], d->nd->macaddr[2],
1004 d->nd->macaddr[3], d->nd->macaddr[4], d->nd->macaddr[5]);
1005
1006 register_savevm(info_str, d->instance, 1, nic_save, nic_load, d);
1007 }
Qemu copy for testing