]> git.proxmox.com Git - mirror_qemu.git/blob - hw/e1000.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
E1000 NIC emulation (Nir Peleg, patch from Dor Laor).
[mirror_qemu.git] / hw / e1000.c
1 /*
2 * QEMU e1000 emulation
3 *
4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25
26 #include "hw.h"
27 #include "pci.h"
28 #include "net.h"
29
30 #define __iomem
31 typedef int boolean_t;
32 #include "e1000_hw.h"
33
34 #define DEBUG
35
36 #ifdef DEBUG
37 enum {
38 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
39 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
40 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
41 DEBUG_RXFILTER, DEBUG_NOTYET,
42 };
43 #define DBGBIT(x) (1<<DEBUG_##x)
44 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
45
46 #define DBGOUT(what, fmt, params...) do { \
47 if (debugflags & DBGBIT(what)) \
48 fprintf(stderr, "e1000: " fmt, ##params); \
49 } while (0)
50 #else
51 #define DBGOUT(what, fmt, params...) do {} while (0)
52 #endif
53
54 #define IOPORT_SIZE 0x40
55 #define PNPMMIO_SIZE 0x60000
56
57 /*
58 * HW models:
59 * E1000_DEV_ID_82540EM works with Windows and Linux
60 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
61 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
62 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
63 * Others never tested
64 */
65 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
66
67 /*
68 * May need to specify additional MAC-to-PHY entries --
69 * Intel's Windows driver refuses to initialize unless they match
70 */
71 enum {
72 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
73 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
74 /* default to E1000_DEV_ID_82540EM */ 0xc20
75 };
76
77 typedef struct E1000State_st {
78 PCIDevice dev;
79 VLANClientState *vc;
80 NICInfo *nd;
81 uint32_t instance;
82 uint32_t mmio_base;
83 int mmio_index;
84
85 uint32_t mac_reg[0x8000];
86 uint16_t phy_reg[0x20];
87 uint16_t eeprom_data[64];
88
89 uint32_t rxbuf_size;
90 uint32_t rxbuf_min_shift;
91 int check_rxov;
92 struct e1000_tx {
93 unsigned char header[256];
94 unsigned char data[0x10000];
95 uint16_t size;
96 unsigned char sum_needed;
97 uint8_t ipcss;
98 uint8_t ipcso;
99 uint16_t ipcse;
100 uint8_t tucss;
101 uint8_t tucso;
102 uint16_t tucse;
103 uint8_t hdr_len;
104 uint16_t mss;
105 uint32_t paylen;
106 uint16_t tso_frames;
107 char tse;
108 char ip;
109 char tcp;
110 } tx;
111
112 struct {
113 uint32_t val_in; // shifted in from guest driver
114 uint16_t bitnum_in;
115 uint16_t bitnum_out;
116 uint16_t reading;
117 uint32_t old_eecd;
118 } eecd_state;
119 } E1000State;
120
121 #define defreg(x) x = (E1000_##x>>2)
122 enum {
123 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
124 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
125 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
126 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
127 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
128 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
129 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
130 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
131 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
132 defreg(RA), defreg(MTA), defreg(CRCERRS),
133 };
134
135 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
136 static char phy_regcap[0x20] = {
137 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
138 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
139 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
140 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
141 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
142 [PHY_ID2] = PHY_R,
143 };
144
145 static void
146 ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr,
147 uint32_t size, int type)
148 {
149 DBGOUT(IO, "e1000_ioport_map addr=0x%04x size=0x%08x\n", addr, size);
150 }
151
152 static void
153 set_interrupt_cause(E1000State *s, int index, uint32_t val)
154 {
155 if (val)
156 val |= E1000_ICR_INT_ASSERTED;
157 s->mac_reg[ICR] = val;
158 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
159 }
160
161 static void
162 set_ics(E1000State *s, int index, uint32_t val)
163 {
164 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
165 s->mac_reg[IMS]);
166 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
167 }
168
169 static int
170 rxbufsize(uint32_t v)
171 {
172 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
173 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
174 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
175 switch (v) {
176 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
177 return 16384;
178 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
179 return 8192;
180 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
181 return 4096;
182 case E1000_RCTL_SZ_1024:
183 return 1024;
184 case E1000_RCTL_SZ_512:
185 return 512;
186 case E1000_RCTL_SZ_256:
187 return 256;
188 }
189 return 2048;
190 }
191
192 static void
193 set_rx_control(E1000State *s, int index, uint32_t val)
194 {
195 s->mac_reg[RCTL] = val;
196 s->rxbuf_size = rxbufsize(val);
197 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
198 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
199 s->mac_reg[RCTL]);
200 }
201
202 static void
203 set_mdic(E1000State *s, int index, uint32_t val)
204 {
205 uint32_t data = val & E1000_MDIC_DATA_MASK;
206 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
207
208 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
209 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
210 else if (val & E1000_MDIC_OP_READ) {
211 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
212 if (!(phy_regcap[addr] & PHY_R)) {
213 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
214 val |= E1000_MDIC_ERROR;
215 } else
216 val = (val ^ data) | s->phy_reg[addr];
217 } else if (val & E1000_MDIC_OP_WRITE) {
218 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
219 if (!(phy_regcap[addr] & PHY_W)) {
220 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
221 val |= E1000_MDIC_ERROR;
222 } else
223 s->phy_reg[addr] = data;
224 }
225 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
226 set_ics(s, 0, E1000_ICR_MDAC);
227 }
228
229 static uint32_t
230 get_eecd(E1000State *s, int index)
231 {
232 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
233
234 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
235 s->eecd_state.bitnum_out, s->eecd_state.reading);
236 if (!s->eecd_state.reading ||
237 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
238 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
239 ret |= E1000_EECD_DO;
240 return ret;
241 }
242
243 static void
244 set_eecd(E1000State *s, int index, uint32_t val)
245 {
246 uint32_t oldval = s->eecd_state.old_eecd;
247
248 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
249 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
250 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
251 return;
252 if (!(E1000_EECD_SK & val)) { // falling edge
253 s->eecd_state.bitnum_out++;
254 return;
255 }
256 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
257 memset(&s->eecd_state, 0, sizeof s->eecd_state);
258 return;
259 }
260 s->eecd_state.val_in <<= 1;
261 if (val & E1000_EECD_DI)
262 s->eecd_state.val_in |= 1;
263 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
264 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
265 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
266 EEPROM_READ_OPCODE_MICROWIRE);
267 }
268 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
269 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
270 s->eecd_state.reading);
271 }
272
273 static uint32_t
274 flash_eerd_read(E1000State *s, int x)
275 {
276 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
277
278 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
279 return 0;
280 return (s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
281 E1000_EEPROM_RW_REG_DONE | r;
282 }
283
284 static unsigned int
285 do_cksum(uint8_t *dp, uint8_t *de)
286 {
287 unsigned int bsum[2] = {0, 0}, i, sum;
288
289 for (i = 1; dp < de; bsum[i^=1] += *dp++)
290 ;
291 sum = (bsum[0] << 8) + bsum[1];
292 sum = (sum >> 16) + (sum & 0xffff);
293 return ~(sum + (sum >> 16));
294 }
295
296 static void
297 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
298 {
299 if (cse && cse < n)
300 n = cse + 1;
301 if (sloc < n-1)
302 cpu_to_be16wu((uint16_t *)(data + sloc),
303 do_cksum(data + css, data + n));
304 }
305
306 static void
307 xmit_seg(E1000State *s)
308 {
309 uint16_t len, *sp;
310 unsigned int frames = s->tx.tso_frames, css, sofar, n;
311 struct e1000_tx *tp = &s->tx;
312
313 if (tp->tse) {
314 css = tp->ipcss;
315 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
316 frames, tp->size, css);
317 if (tp->ip) { // IPv4
318 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
319 tp->size - css);
320 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
321 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
322 } else // IPv6
323 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
324 tp->size - css);
325 css = tp->tucss;
326 len = tp->size - css;
327 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
328 if (tp->tcp) {
329 sofar = frames * tp->mss;
330 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
331 be32_to_cpup((uint32_t *)(tp->data+css+4))+sofar);
332 if (tp->paylen - sofar > tp->mss)
333 tp->data[css + 13] &= ~9; // PSH, FIN
334 } else // UDP
335 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
336 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
337 // add pseudo-header length before checksum calculation
338 sp = (uint16_t *)(tp->data + tp->tucso);
339 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
340 }
341 tp->tso_frames++;
342 }
343
344 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
345 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
346 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
347 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
348 qemu_send_packet(s->vc, tp->data, tp->size);
349 s->mac_reg[TPT]++;
350 s->mac_reg[GPTC]++;
351 n = s->mac_reg[TOTL];
352 if ((s->mac_reg[TOTL] += s->tx.size) < n)
353 s->mac_reg[TOTH]++;
354 }
355
356 static void
357 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
358 {
359 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
360 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
361 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
362 unsigned int msh = 0xfffff, hdr = 0;
363 uint64_t addr;
364 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
365 struct e1000_tx *tp = &s->tx;
366
367 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
368 op = le32_to_cpu(xp->cmd_and_length);
369 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
370 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
371 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
372 tp->tucss = xp->upper_setup.tcp_fields.tucss;
373 tp->tucso = xp->upper_setup.tcp_fields.tucso;
374 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
375 tp->paylen = op & 0xfffff;
376 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
377 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
378 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
379 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
380 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
381 tp->tso_frames = 0;
382 if (tp->tucso == 0) { // this is probably wrong
383 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
384 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
385 }
386 return;
387 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D))
388 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
389
390 addr = le64_to_cpu(dp->buffer_addr);
391 if (tp->tse) {
392 hdr = tp->hdr_len;
393 msh = hdr + tp->mss;
394 }
395 do {
396 bytes = split_size;
397 if (tp->size + bytes > msh)
398 bytes = msh - tp->size;
399 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
400 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
401 memmove(tp->header, tp->data, hdr);
402 tp->size = sz;
403 addr += bytes;
404 if (sz == msh) {
405 xmit_seg(s);
406 memmove(tp->data, tp->header, hdr);
407 tp->size = hdr;
408 }
409 } while (split_size -= bytes);
410
411 if (!(txd_lower & E1000_TXD_CMD_EOP))
412 return;
413 if (tp->size > hdr)
414 xmit_seg(s);
415 tp->tso_frames = 0;
416 tp->sum_needed = 0;
417 tp->size = 0;
418 }
419
420 static uint32_t
421 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
422 {
423 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
424
425 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
426 return 0;
427 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
428 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
429 dp->upper.data = cpu_to_le32(txd_upper);
430 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
431 (void *)&dp->upper, sizeof(dp->upper));
432 return E1000_ICR_TXDW;
433 }
434
435 static void
436 start_xmit(E1000State *s)
437 {
438 target_phys_addr_t base;
439 struct e1000_tx_desc desc;
440 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
441
442 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
443 DBGOUT(TX, "tx disabled\n");
444 return;
445 }
446
447 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
448 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
449 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
450 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
451
452 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
453 (void *)desc.buffer_addr, desc.lower.data,
454 desc.upper.data);
455
456 process_tx_desc(s, &desc);
457 cause |= txdesc_writeback(base, &desc);
458
459 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
460 s->mac_reg[TDH] = 0;
461 /*
462 * the following could happen only if guest sw assigns
463 * bogus values to TDT/TDLEN.
464 * there's nothing too intelligent we could do about this.
465 */
466 if (s->mac_reg[TDH] == tdh_start) {
467 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
468 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
469 break;
470 }
471 }
472 set_ics(s, 0, cause);
473 }
474
475 static int
476 receive_filter(E1000State *s, const uint8_t *buf, int size)
477 {
478 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
479 static int mta_shift[] = {4, 3, 2, 0};
480 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
481
482 if (rctl & E1000_RCTL_UPE) // promiscuous
483 return 1;
484
485 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
486 return 1;
487
488 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
489 return 1;
490
491 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
492 if (!(rp[1] & E1000_RAH_AV))
493 continue;
494 ra[0] = cpu_to_le32(rp[0]);
495 ra[1] = cpu_to_le32(rp[1]);
496 if (!memcmp(buf, (uint8_t *)ra, 6)) {
497 DBGOUT(RXFILTER,
498 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
499 (int)(rp - s->mac_reg - RA)/2,
500 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
501 return 1;
502 }
503 }
504 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
505 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
506
507 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
508 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
509 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
510 return 1;
511 DBGOUT(RXFILTER,
512 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
513 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
514 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
515 s->mac_reg[MTA + (f >> 5)]);
516
517 return 0;
518 }
519
520 static int
521 e1000_can_receive(void *opaque)
522 {
523 E1000State *s = opaque;
524
525 return (!(s->mac_reg[RCTL] & E1000_RCTL_EN) ||
526 s->mac_reg[RDH] != s->mac_reg[RDT]);
527 }
528
529 static void
530 e1000_receive(void *opaque, const uint8_t *buf, int size)
531 {
532 E1000State *s = opaque;
533 struct e1000_rx_desc desc;
534 target_phys_addr_t base;
535 unsigned int n, rdt;
536 uint32_t rdh_start;
537
538 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
539 return;
540
541 if (size > s->rxbuf_size) {
542 DBGOUT(RX, "packet too large for buffers (%d > %d)\n", size,
543 s->rxbuf_size);
544 return;
545 }
546
547 if (!receive_filter(s, buf, size))
548 return;
549
550 rdh_start = s->mac_reg[RDH];
551 size += 4; // for the header
552 do {
553 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
554 set_ics(s, 0, E1000_ICS_RXO);
555 return;
556 }
557 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
558 sizeof(desc) * s->mac_reg[RDH];
559 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
560 desc.status |= E1000_RXD_STAT_DD;
561 if (desc.buffer_addr) {
562 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
563 (void *)buf, size);
564 desc.length = cpu_to_le16(size);
565 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
566 } else // as per intel docs; skip descriptors with null buf addr
567 DBGOUT(RX, "Null RX descriptor!!\n");
568 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
569
570 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
571 s->mac_reg[RDH] = 0;
572 s->check_rxov = 1;
573 /* see comment in start_xmit; same here */
574 if (s->mac_reg[RDH] == rdh_start) {
575 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
576 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
577 set_ics(s, 0, E1000_ICS_RXO);
578 return;
579 }
580 } while (desc.buffer_addr == 0);
581
582 s->mac_reg[GPRC]++;
583 s->mac_reg[TPR]++;
584 n = s->mac_reg[TORL];
585 if ((s->mac_reg[TORL] += size) < n)
586 s->mac_reg[TORH]++;
587
588 n = E1000_ICS_RXT0;
589 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
590 rdt += s->mac_reg[RDLEN] / sizeof(desc);
591 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) << s->rxbuf_min_shift >=
592 s->mac_reg[RDLEN])
593 n |= E1000_ICS_RXDMT0;
594
595 set_ics(s, 0, n);
596 }
597
598 static uint32_t
599 mac_readreg(E1000State *s, int index)
600 {
601 return s->mac_reg[index];
602 }
603
604 static uint32_t
605 mac_icr_read(E1000State *s, int index)
606 {
607 uint32_t ret = s->mac_reg[ICR];
608
609 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
610 set_interrupt_cause(s, 0, 0);
611 return ret;
612 }
613
614 static uint32_t
615 mac_read_clr4(E1000State *s, int index)
616 {
617 uint32_t ret = s->mac_reg[index];
618
619 s->mac_reg[index] = 0;
620 return ret;
621 }
622
623 static uint32_t
624 mac_read_clr8(E1000State *s, int index)
625 {
626 uint32_t ret = s->mac_reg[index];
627
628 s->mac_reg[index] = 0;
629 s->mac_reg[index-1] = 0;
630 return ret;
631 }
632
633 static void
634 mac_writereg(E1000State *s, int index, uint32_t val)
635 {
636 s->mac_reg[index] = val;
637 }
638
639 static void
640 set_rdt(E1000State *s, int index, uint32_t val)
641 {
642 s->check_rxov = 0;
643 s->mac_reg[index] = val & 0xffff;
644 }
645
646 static void
647 set_16bit(E1000State *s, int index, uint32_t val)
648 {
649 s->mac_reg[index] = val & 0xffff;
650 }
651
652 static void
653 set_dlen(E1000State *s, int index, uint32_t val)
654 {
655 s->mac_reg[index] = val & 0xfff80;
656 }
657
658 static void
659 set_tctl(E1000State *s, int index, uint32_t val)
660 {
661 s->mac_reg[index] = val;
662 s->mac_reg[TDT] &= 0xffff;
663 start_xmit(s);
664 }
665
666 static void
667 set_icr(E1000State *s, int index, uint32_t val)
668 {
669 DBGOUT(INTERRUPT, "set_icr %x\n", val);
670 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
671 }
672
673 static void
674 set_imc(E1000State *s, int index, uint32_t val)
675 {
676 s->mac_reg[IMS] &= ~val;
677 set_ics(s, 0, 0);
678 }
679
680 static void
681 set_ims(E1000State *s, int index, uint32_t val)
682 {
683 s->mac_reg[IMS] |= val;
684 set_ics(s, 0, 0);
685 }
686
687 #define getreg(x) [x] = mac_readreg
688 static uint32_t (*macreg_readops[])(E1000State *, int) = {
689 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
690 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
691 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
692 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
693 getreg(RDH), getreg(RDT),
694
695 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
696 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
697 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
698 [CRCERRS ... MPC] = &mac_readreg,
699 [RA ... RA+31] = &mac_readreg,
700 [MTA ... MTA+127] = &mac_readreg,
701 };
702 enum { NREADOPS = sizeof(macreg_readops) / sizeof(*macreg_readops) };
703
704 #define putreg(x) [x] = mac_writereg
705 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
706 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
707 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
708 putreg(RDBAL), putreg(LEDCTL),
709 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
710 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
711 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
712 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
713 [EECD] = set_eecd, [RCTL] = set_rx_control,
714 [RA ... RA+31] = &mac_writereg,
715 [MTA ... MTA+127] = &mac_writereg,
716 };
717 enum { NWRITEOPS = sizeof(macreg_writeops) / sizeof(*macreg_writeops) };
718
719 static void
720 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
721 {
722 E1000State *s = opaque;
723 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
724
725 if (index < NWRITEOPS && macreg_writeops[index])
726 macreg_writeops[index](s, index, le32_to_cpu(val));
727 else if (index < NREADOPS && macreg_readops[index])
728 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
729 else
730 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
731 index<<2, val);
732 }
733
734 static void
735 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
736 {
737 // emulate hw without byte enables: no RMW
738 e1000_mmio_writel(opaque, addr & ~3,
739 cpu_to_le32(le16_to_cpu(val & 0xffff) << (8*(addr & 3))));
740 }
741
742 static void
743 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
744 {
745 // emulate hw without byte enables: no RMW
746 e1000_mmio_writel(opaque, addr & ~3,
747 cpu_to_le32((val & 0xff) << (8*(addr & 3))));
748 }
749
750 static uint32_t
751 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
752 {
753 E1000State *s = opaque;
754 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
755
756 if (index < NREADOPS && macreg_readops[index])
757 return cpu_to_le32(macreg_readops[index](s, index));
758 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
759 return 0;
760 }
761
762 static uint32_t
763 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
764 {
765 return (le32_to_cpu(e1000_mmio_readl(opaque, addr & ~3)) >>
766 (8 * (addr & 3))) & 0xff;
767 }
768
769 static uint32_t
770 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
771 {
772 return cpu_to_le16((le32_to_cpu(e1000_mmio_readl(opaque, addr & ~3)) >>
773 (8 * (addr & 3))) & 0xffff);
774 }
775
776 int mac_regtosave[] = {
777 CTRL, EECD, EERD, GPRC, GPTC, ICR, ICS, IMC, IMS,
778 LEDCTL, MANC, MDIC, MPC, PBA, RCTL, RDBAH, RDBAL, RDH,
779 RDLEN, RDT, STATUS, SWSM, TCTL, TDBAH, TDBAL, TDH, TDLEN,
780 TDT, TORH, TORL, TOTH, TOTL, TPR, TPT, TXDCTL, WUFC,
781 };
782 enum { MAC_NSAVE = sizeof mac_regtosave/sizeof *mac_regtosave };
783
784 struct {
785 int size;
786 int array0;
787 } mac_regarraystosave[] = { {32, RA}, {128, MTA} };
788 enum { MAC_NARRAYS = sizeof mac_regarraystosave/sizeof *mac_regarraystosave };
789
790 static void
791 nic_save(QEMUFile *f, void *opaque)
792 {
793 E1000State *s = (E1000State *)opaque;
794 int i, j;
795
796 pci_device_save(&s->dev, f);
797 qemu_put_be32s(f, &s->instance);
798 qemu_put_be32s(f, &s->mmio_base);
799 qemu_put_be32s(f, &s->rxbuf_size);
800 qemu_put_be32s(f, &s->rxbuf_min_shift);
801 qemu_put_be32s(f, &s->eecd_state.val_in);
802 qemu_put_be16s(f, &s->eecd_state.bitnum_in);
803 qemu_put_be16s(f, &s->eecd_state.bitnum_out);
804 qemu_put_be16s(f, &s->eecd_state.reading);
805 qemu_put_be32s(f, &s->eecd_state.old_eecd);
806 qemu_put_8s(f, &s->tx.ipcss);
807 qemu_put_8s(f, &s->tx.ipcso);
808 qemu_put_be16s(f, &s->tx.ipcse);
809 qemu_put_8s(f, &s->tx.tucss);
810 qemu_put_8s(f, &s->tx.tucso);
811 qemu_put_be16s(f, &s->tx.tucse);
812 qemu_put_be32s(f, &s->tx.paylen);
813 qemu_put_8s(f, &s->tx.hdr_len);
814 qemu_put_be16s(f, &s->tx.mss);
815 qemu_put_be16s(f, &s->tx.size);
816 qemu_put_be16s(f, &s->tx.tso_frames);
817 qemu_put_8s(f, &s->tx.sum_needed);
818 qemu_put_8s(f, &s->tx.ip);
819 qemu_put_8s(f, &s->tx.tcp);
820 qemu_put_buffer(f, s->tx.header, sizeof s->tx.header);
821 qemu_put_buffer(f, s->tx.data, sizeof s->tx.data);
822 for (i = 0; i < 64; i++)
823 qemu_put_be16s(f, s->eeprom_data + i);
824 for (i = 0; i < 0x20; i++)
825 qemu_put_be16s(f, s->phy_reg + i);
826 for (i = 0; i < MAC_NSAVE; i++)
827 qemu_put_be32s(f, s->mac_reg + mac_regtosave[i]);
828 for (i = 0; i < MAC_NARRAYS; i++)
829 for (j = 0; j < mac_regarraystosave[i].size; j++)
830 qemu_put_be32s(f,
831 s->mac_reg + mac_regarraystosave[i].array0 + j);
832 }
833
834 static int
835 nic_load(QEMUFile *f, void *opaque, int version_id)
836 {
837 E1000State *s = (E1000State *)opaque;
838 int i, j, ret;
839
840 if ((ret = pci_device_load(&s->dev, f)) < 0)
841 return ret;
842 qemu_get_be32s(f, &s->instance);
843 qemu_get_be32s(f, &s->mmio_base);
844 qemu_get_be32s(f, &s->rxbuf_size);
845 qemu_get_be32s(f, &s->rxbuf_min_shift);
846 qemu_get_be32s(f, &s->eecd_state.val_in);
847 qemu_get_be16s(f, &s->eecd_state.bitnum_in);
848 qemu_get_be16s(f, &s->eecd_state.bitnum_out);
849 qemu_get_be16s(f, &s->eecd_state.reading);
850 qemu_get_be32s(f, &s->eecd_state.old_eecd);
851 qemu_get_8s(f, &s->tx.ipcss);
852 qemu_get_8s(f, &s->tx.ipcso);
853 qemu_get_be16s(f, &s->tx.ipcse);
854 qemu_get_8s(f, &s->tx.tucss);
855 qemu_get_8s(f, &s->tx.tucso);
856 qemu_get_be16s(f, &s->tx.tucse);
857 qemu_get_be32s(f, &s->tx.paylen);
858 qemu_get_8s(f, &s->tx.hdr_len);
859 qemu_get_be16s(f, &s->tx.mss);
860 qemu_get_be16s(f, &s->tx.size);
861 qemu_get_be16s(f, &s->tx.tso_frames);
862 qemu_get_8s(f, &s->tx.sum_needed);
863 qemu_get_8s(f, &s->tx.ip);
864 qemu_get_8s(f, &s->tx.tcp);
865 qemu_get_buffer(f, s->tx.header, sizeof s->tx.header);
866 qemu_get_buffer(f, s->tx.data, sizeof s->tx.data);
867 for (i = 0; i < 64; i++)
868 qemu_get_be16s(f, s->eeprom_data + i);
869 for (i = 0; i < 0x20; i++)
870 qemu_get_be16s(f, s->phy_reg + i);
871 for (i = 0; i < MAC_NSAVE; i++)
872 qemu_get_be32s(f, s->mac_reg + mac_regtosave[i]);
873 for (i = 0; i < MAC_NARRAYS; i++)
874 for (j = 0; j < mac_regarraystosave[i].size; j++)
875 qemu_get_be32s(f,
876 s->mac_reg + mac_regarraystosave[i].array0 + j);
877 return 0;
878 }
879
880 static uint16_t e1000_eeprom_template[64] = {
881 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
882 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
883 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
884 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
885 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
886 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
887 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
888 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
889 };
890
891 static uint16_t phy_reg_init[] = {
892 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
893 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
894 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
895 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
896 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
897 };
898
899 static uint32_t mac_reg_init[] = {
900 [PBA] = 0x00100030,
901 [LEDCTL] = 0x602,
902 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
903 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
904 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
905 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
906 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
907 E1000_STATUS_LU,
908 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
909 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
910 E1000_MANC_RMCP_EN,
911 };
912
913 /* PCI interface */
914
915 static CPUWriteMemoryFunc *e1000_mmio_write[] = {
916 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
917 };
918
919 static CPUReadMemoryFunc *e1000_mmio_read[] = {
920 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
921 };
922
923 static void
924 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
925 uint32_t addr, uint32_t size, int type)
926 {
927 E1000State *d = (E1000State *)pci_dev;
928
929 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08x 0x%08x\n", addr, size);
930
931 d->mmio_base = addr;
932 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
933 }
934
935 void
936 pci_e1000_init(PCIBus *bus, NICInfo *nd, int devfn)
937 {
938 E1000State *d;
939 uint8_t *pci_conf;
940 static int instance;
941 uint16_t checksum = 0;
942 char *info_str = "e1000";
943 int i;
944
945 d = (E1000State *)pci_register_device(bus, "e1000",
946 sizeof(E1000State), devfn, NULL, NULL);
947
948 pci_conf = d->dev.config;
949 memset(pci_conf, 0, 256);
950
951 *(uint16_t *)(pci_conf+0x00) = cpu_to_le16(0x8086);
952 *(uint16_t *)(pci_conf+0x02) = cpu_to_le16(E1000_DEVID);
953 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
954 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
955 pci_conf[0x08] = 0x03;
956 pci_conf[0x0a] = 0x00; // ethernet network controller
957 pci_conf[0x0b] = 0x02;
958 pci_conf[0x0c] = 0x10;
959
960 pci_conf[0x3d] = 1; // interrupt pin 0
961
962 d->mmio_index = cpu_register_io_memory(0, e1000_mmio_read,
963 e1000_mmio_write, d);
964
965 pci_register_io_region((PCIDevice *)d, 0, PNPMMIO_SIZE,
966 PCI_ADDRESS_SPACE_MEM, e1000_mmio_map);
967
968 pci_register_io_region((PCIDevice *)d, 1, IOPORT_SIZE,
969 PCI_ADDRESS_SPACE_IO, ioport_map);
970
971 d->instance = instance++;
972
973 d->nd = nd;
974 memmove(d->eeprom_data, e1000_eeprom_template,
975 sizeof e1000_eeprom_template);
976 for (i = 0; i < 3; i++)
977 d->eeprom_data[i] = (nd->macaddr[2*i+1]<<8) | nd->macaddr[2*i];
978 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
979 checksum += d->eeprom_data[i];
980 checksum = (uint16_t) EEPROM_SUM - checksum;
981 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
982
983 memset(d->phy_reg, 0, sizeof d->phy_reg);
984 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
985 memset(d->mac_reg, 0, sizeof d->mac_reg);
986 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
987 d->rxbuf_min_shift = 1;
988 memset(&d->tx, 0, sizeof d->tx);
989
990 d->vc = qemu_new_vlan_client(nd->vlan, e1000_receive,
991 e1000_can_receive, d);
992
993 snprintf(d->vc->info_str, sizeof(d->vc->info_str),
994 "%s macaddr=%02x:%02x:%02x:%02x:%02x:%02x", info_str,
995 d->nd->macaddr[0], d->nd->macaddr[1], d->nd->macaddr[2],
996 d->nd->macaddr[3], d->nd->macaddr[4], d->nd->macaddr[5]);
997
998 register_savevm(info_str, d->instance, 1, nic_save, nic_load, d);
999 }
QEMU mirror