]> git.proxmox.com Git - mirror_qemu.git/blob - hw/e1000.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
e1000: use common checksumming code
[mirror_qemu.git] / hw / e1000.c
1 /*
2 * QEMU e1000 emulation
3 *
4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25
26 #include "hw.h"
27 #include "pci.h"
28 #include "net.h"
29
30 #include "e1000_hw.h"
31
32 #define DEBUG
33
34 #ifdef DEBUG
35 enum {
36 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
37 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
38 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
39 DEBUG_RXFILTER, DEBUG_NOTYET,
40 };
41 #define DBGBIT(x) (1<<DEBUG_##x)
42 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
43
44 #define DBGOUT(what, fmt, params...) do { \
45 if (debugflags & DBGBIT(what)) \
46 fprintf(stderr, "e1000: " fmt, ##params); \
47 } while (0)
48 #else
49 #define DBGOUT(what, fmt, params...) do {} while (0)
50 #endif
51
52 #define IOPORT_SIZE 0x40
53 #define PNPMMIO_SIZE 0x20000
54
55 /*
56 * HW models:
57 * E1000_DEV_ID_82540EM works with Windows and Linux
58 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
59 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
60 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
61 * Others never tested
62 */
63 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
64
65 /*
66 * May need to specify additional MAC-to-PHY entries --
67 * Intel's Windows driver refuses to initialize unless they match
68 */
69 enum {
70 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
71 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
72 /* default to E1000_DEV_ID_82540EM */ 0xc20
73 };
74
75 typedef struct E1000State_st {
76 PCIDevice dev;
77 VLANClientState *vc;
78 NICInfo *nd;
79 uint32_t mmio_base;
80 int mmio_index;
81
82 uint32_t mac_reg[0x8000];
83 uint16_t phy_reg[0x20];
84 uint16_t eeprom_data[64];
85
86 uint32_t rxbuf_size;
87 uint32_t rxbuf_min_shift;
88 int check_rxov;
89 struct e1000_tx {
90 unsigned char header[256];
91 unsigned char data[0x10000];
92 uint16_t size;
93 unsigned char sum_needed;
94 uint8_t ipcss;
95 uint8_t ipcso;
96 uint16_t ipcse;
97 uint8_t tucss;
98 uint8_t tucso;
99 uint16_t tucse;
100 uint8_t hdr_len;
101 uint16_t mss;
102 uint32_t paylen;
103 uint16_t tso_frames;
104 char tse;
105 char ip;
106 char tcp;
107 char cptse; // current packet tse bit
108 } tx;
109
110 struct {
111 uint32_t val_in; // shifted in from guest driver
112 uint16_t bitnum_in;
113 uint16_t bitnum_out;
114 uint16_t reading;
115 uint32_t old_eecd;
116 } eecd_state;
117 } E1000State;
118
119 #define defreg(x) x = (E1000_##x>>2)
120 enum {
121 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
122 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
123 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
124 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
125 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
126 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
127 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
128 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
129 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
130 defreg(RA), defreg(MTA), defreg(CRCERRS),
131 };
132
133 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
134 static char phy_regcap[0x20] = {
135 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
136 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
137 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
138 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
139 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
140 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
141 };
142
143 static void
144 ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr,
145 uint32_t size, int type)
146 {
147 DBGOUT(IO, "e1000_ioport_map addr=0x%04x size=0x%08x\n", addr, size);
148 }
149
150 static void
151 set_interrupt_cause(E1000State *s, int index, uint32_t val)
152 {
153 if (val)
154 val |= E1000_ICR_INT_ASSERTED;
155 s->mac_reg[ICR] = val;
156 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
157 }
158
159 static void
160 set_ics(E1000State *s, int index, uint32_t val)
161 {
162 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
163 s->mac_reg[IMS]);
164 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
165 }
166
167 static int
168 rxbufsize(uint32_t v)
169 {
170 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
171 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
172 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
173 switch (v) {
174 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
175 return 16384;
176 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
177 return 8192;
178 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
179 return 4096;
180 case E1000_RCTL_SZ_1024:
181 return 1024;
182 case E1000_RCTL_SZ_512:
183 return 512;
184 case E1000_RCTL_SZ_256:
185 return 256;
186 }
187 return 2048;
188 }
189
190 static void
191 set_rx_control(E1000State *s, int index, uint32_t val)
192 {
193 s->mac_reg[RCTL] = val;
194 s->rxbuf_size = rxbufsize(val);
195 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
196 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
197 s->mac_reg[RCTL]);
198 }
199
200 static void
201 set_mdic(E1000State *s, int index, uint32_t val)
202 {
203 uint32_t data = val & E1000_MDIC_DATA_MASK;
204 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
205
206 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
207 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
208 else if (val & E1000_MDIC_OP_READ) {
209 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
210 if (!(phy_regcap[addr] & PHY_R)) {
211 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
212 val |= E1000_MDIC_ERROR;
213 } else
214 val = (val ^ data) | s->phy_reg[addr];
215 } else if (val & E1000_MDIC_OP_WRITE) {
216 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
217 if (!(phy_regcap[addr] & PHY_W)) {
218 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
219 val |= E1000_MDIC_ERROR;
220 } else
221 s->phy_reg[addr] = data;
222 }
223 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
224 set_ics(s, 0, E1000_ICR_MDAC);
225 }
226
227 static uint32_t
228 get_eecd(E1000State *s, int index)
229 {
230 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
231
232 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
233 s->eecd_state.bitnum_out, s->eecd_state.reading);
234 if (!s->eecd_state.reading ||
235 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
236 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
237 ret |= E1000_EECD_DO;
238 return ret;
239 }
240
241 static void
242 set_eecd(E1000State *s, int index, uint32_t val)
243 {
244 uint32_t oldval = s->eecd_state.old_eecd;
245
246 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
247 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
248 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
249 return;
250 if (!(E1000_EECD_SK & val)) { // falling edge
251 s->eecd_state.bitnum_out++;
252 return;
253 }
254 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
255 memset(&s->eecd_state, 0, sizeof s->eecd_state);
256 return;
257 }
258 s->eecd_state.val_in <<= 1;
259 if (val & E1000_EECD_DI)
260 s->eecd_state.val_in |= 1;
261 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
262 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
263 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
264 EEPROM_READ_OPCODE_MICROWIRE);
265 }
266 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
267 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
268 s->eecd_state.reading);
269 }
270
271 static uint32_t
272 flash_eerd_read(E1000State *s, int x)
273 {
274 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
275
276 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
277 return 0;
278 return (s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
279 E1000_EEPROM_RW_REG_DONE | r;
280 }
281
282 static void
283 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
284 {
285 uint32_t sum;
286
287 if (cse && cse < n)
288 n = cse + 1;
289 if (sloc < n-1) {
290 sum = net_checksum_add(n-css, data+css);
291 cpu_to_be16wu((uint16_t *)(data + sloc),
292 net_checksum_finish(sum));
293 }
294 }
295
296 static void
297 xmit_seg(E1000State *s)
298 {
299 uint16_t len, *sp;
300 unsigned int frames = s->tx.tso_frames, css, sofar, n;
301 struct e1000_tx *tp = &s->tx;
302
303 if (tp->tse && tp->cptse) {
304 css = tp->ipcss;
305 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
306 frames, tp->size, css);
307 if (tp->ip) { // IPv4
308 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
309 tp->size - css);
310 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
311 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
312 } else // IPv6
313 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
314 tp->size - css);
315 css = tp->tucss;
316 len = tp->size - css;
317 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
318 if (tp->tcp) {
319 sofar = frames * tp->mss;
320 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
321 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
322 if (tp->paylen - sofar > tp->mss)
323 tp->data[css + 13] &= ~9; // PSH, FIN
324 } else // UDP
325 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
326 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
327 // add pseudo-header length before checksum calculation
328 sp = (uint16_t *)(tp->data + tp->tucso);
329 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
330 }
331 tp->tso_frames++;
332 }
333
334 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
335 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
336 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
337 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
338 qemu_send_packet(s->vc, tp->data, tp->size);
339 s->mac_reg[TPT]++;
340 s->mac_reg[GPTC]++;
341 n = s->mac_reg[TOTL];
342 if ((s->mac_reg[TOTL] += s->tx.size) < n)
343 s->mac_reg[TOTH]++;
344 }
345
346 static void
347 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
348 {
349 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
350 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
351 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
352 unsigned int msh = 0xfffff, hdr = 0;
353 uint64_t addr;
354 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
355 struct e1000_tx *tp = &s->tx;
356
357 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
358 op = le32_to_cpu(xp->cmd_and_length);
359 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
360 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
361 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
362 tp->tucss = xp->upper_setup.tcp_fields.tucss;
363 tp->tucso = xp->upper_setup.tcp_fields.tucso;
364 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
365 tp->paylen = op & 0xfffff;
366 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
367 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
368 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
369 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
370 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
371 tp->tso_frames = 0;
372 if (tp->tucso == 0) { // this is probably wrong
373 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
374 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
375 }
376 return;
377 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
378 // data descriptor
379 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
380 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
381 } else
382 // legacy descriptor
383 tp->cptse = 0;
384
385 addr = le64_to_cpu(dp->buffer_addr);
386 if (tp->tse && tp->cptse) {
387 hdr = tp->hdr_len;
388 msh = hdr + tp->mss;
389 do {
390 bytes = split_size;
391 if (tp->size + bytes > msh)
392 bytes = msh - tp->size;
393 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
394 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
395 memmove(tp->header, tp->data, hdr);
396 tp->size = sz;
397 addr += bytes;
398 if (sz == msh) {
399 xmit_seg(s);
400 memmove(tp->data, tp->header, hdr);
401 tp->size = hdr;
402 }
403 } while (split_size -= bytes);
404 } else if (!tp->tse && tp->cptse) {
405 // context descriptor TSE is not set, while data descriptor TSE is set
406 DBGOUT(TXERR, "TCP segmentaion Error\n");
407 } else {
408 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
409 tp->size += split_size;
410 }
411
412 if (!(txd_lower & E1000_TXD_CMD_EOP))
413 return;
414 if (!(tp->tse && tp->cptse && tp->size < hdr))
415 xmit_seg(s);
416 tp->tso_frames = 0;
417 tp->sum_needed = 0;
418 tp->size = 0;
419 tp->cptse = 0;
420 }
421
422 static uint32_t
423 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
424 {
425 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
426
427 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
428 return 0;
429 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
430 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
431 dp->upper.data = cpu_to_le32(txd_upper);
432 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
433 (void *)&dp->upper, sizeof(dp->upper));
434 return E1000_ICR_TXDW;
435 }
436
437 static void
438 start_xmit(E1000State *s)
439 {
440 target_phys_addr_t base;
441 struct e1000_tx_desc desc;
442 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
443
444 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
445 DBGOUT(TX, "tx disabled\n");
446 return;
447 }
448
449 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
450 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
451 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
452 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
453
454 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
455 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
456 desc.upper.data);
457
458 process_tx_desc(s, &desc);
459 cause |= txdesc_writeback(base, &desc);
460
461 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
462 s->mac_reg[TDH] = 0;
463 /*
464 * the following could happen only if guest sw assigns
465 * bogus values to TDT/TDLEN.
466 * there's nothing too intelligent we could do about this.
467 */
468 if (s->mac_reg[TDH] == tdh_start) {
469 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
470 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
471 break;
472 }
473 }
474 set_ics(s, 0, cause);
475 }
476
477 static int
478 receive_filter(E1000State *s, const uint8_t *buf, int size)
479 {
480 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
481 static int mta_shift[] = {4, 3, 2, 0};
482 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
483
484 if (rctl & E1000_RCTL_UPE) // promiscuous
485 return 1;
486
487 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
488 return 1;
489
490 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
491 return 1;
492
493 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
494 if (!(rp[1] & E1000_RAH_AV))
495 continue;
496 ra[0] = cpu_to_le32(rp[0]);
497 ra[1] = cpu_to_le32(rp[1]);
498 if (!memcmp(buf, (uint8_t *)ra, 6)) {
499 DBGOUT(RXFILTER,
500 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
501 (int)(rp - s->mac_reg - RA)/2,
502 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
503 return 1;
504 }
505 }
506 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
507 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
508
509 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
510 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
511 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
512 return 1;
513 DBGOUT(RXFILTER,
514 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
515 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
516 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
517 s->mac_reg[MTA + (f >> 5)]);
518
519 return 0;
520 }
521
522 static int
523 e1000_can_receive(void *opaque)
524 {
525 E1000State *s = opaque;
526
527 return (!(s->mac_reg[RCTL] & E1000_RCTL_EN) ||
528 s->mac_reg[RDH] != s->mac_reg[RDT]);
529 }
530
531 static void
532 e1000_receive(void *opaque, const uint8_t *buf, int size)
533 {
534 E1000State *s = opaque;
535 struct e1000_rx_desc desc;
536 target_phys_addr_t base;
537 unsigned int n, rdt;
538 uint32_t rdh_start;
539
540 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
541 return;
542
543 if (size > s->rxbuf_size) {
544 DBGOUT(RX, "packet too large for buffers (%d > %d)\n", size,
545 s->rxbuf_size);
546 return;
547 }
548
549 if (!receive_filter(s, buf, size))
550 return;
551
552 rdh_start = s->mac_reg[RDH];
553 size += 4; // for the header
554 do {
555 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
556 set_ics(s, 0, E1000_ICS_RXO);
557 return;
558 }
559 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
560 sizeof(desc) * s->mac_reg[RDH];
561 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
562 desc.status |= E1000_RXD_STAT_DD;
563 if (desc.buffer_addr) {
564 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
565 (void *)buf, size);
566 desc.length = cpu_to_le16(size);
567 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
568 } else // as per intel docs; skip descriptors with null buf addr
569 DBGOUT(RX, "Null RX descriptor!!\n");
570 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
571
572 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
573 s->mac_reg[RDH] = 0;
574 s->check_rxov = 1;
575 /* see comment in start_xmit; same here */
576 if (s->mac_reg[RDH] == rdh_start) {
577 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
578 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
579 set_ics(s, 0, E1000_ICS_RXO);
580 return;
581 }
582 } while (desc.buffer_addr == 0);
583
584 s->mac_reg[GPRC]++;
585 s->mac_reg[TPR]++;
586 n = s->mac_reg[TORL];
587 if ((s->mac_reg[TORL] += size) < n)
588 s->mac_reg[TORH]++;
589
590 n = E1000_ICS_RXT0;
591 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
592 rdt += s->mac_reg[RDLEN] / sizeof(desc);
593 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) << s->rxbuf_min_shift >=
594 s->mac_reg[RDLEN])
595 n |= E1000_ICS_RXDMT0;
596
597 set_ics(s, 0, n);
598 }
599
600 static uint32_t
601 mac_readreg(E1000State *s, int index)
602 {
603 return s->mac_reg[index];
604 }
605
606 static uint32_t
607 mac_icr_read(E1000State *s, int index)
608 {
609 uint32_t ret = s->mac_reg[ICR];
610
611 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
612 set_interrupt_cause(s, 0, 0);
613 return ret;
614 }
615
616 static uint32_t
617 mac_read_clr4(E1000State *s, int index)
618 {
619 uint32_t ret = s->mac_reg[index];
620
621 s->mac_reg[index] = 0;
622 return ret;
623 }
624
625 static uint32_t
626 mac_read_clr8(E1000State *s, int index)
627 {
628 uint32_t ret = s->mac_reg[index];
629
630 s->mac_reg[index] = 0;
631 s->mac_reg[index-1] = 0;
632 return ret;
633 }
634
635 static void
636 mac_writereg(E1000State *s, int index, uint32_t val)
637 {
638 s->mac_reg[index] = val;
639 }
640
641 static void
642 set_rdt(E1000State *s, int index, uint32_t val)
643 {
644 s->check_rxov = 0;
645 s->mac_reg[index] = val & 0xffff;
646 }
647
648 static void
649 set_16bit(E1000State *s, int index, uint32_t val)
650 {
651 s->mac_reg[index] = val & 0xffff;
652 }
653
654 static void
655 set_dlen(E1000State *s, int index, uint32_t val)
656 {
657 s->mac_reg[index] = val & 0xfff80;
658 }
659
660 static void
661 set_tctl(E1000State *s, int index, uint32_t val)
662 {
663 s->mac_reg[index] = val;
664 s->mac_reg[TDT] &= 0xffff;
665 start_xmit(s);
666 }
667
668 static void
669 set_icr(E1000State *s, int index, uint32_t val)
670 {
671 DBGOUT(INTERRUPT, "set_icr %x\n", val);
672 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
673 }
674
675 static void
676 set_imc(E1000State *s, int index, uint32_t val)
677 {
678 s->mac_reg[IMS] &= ~val;
679 set_ics(s, 0, 0);
680 }
681
682 static void
683 set_ims(E1000State *s, int index, uint32_t val)
684 {
685 s->mac_reg[IMS] |= val;
686 set_ics(s, 0, 0);
687 }
688
689 #define getreg(x) [x] = mac_readreg
690 static uint32_t (*macreg_readops[])(E1000State *, int) = {
691 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
692 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
693 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
694 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
695 getreg(RDH), getreg(RDT),
696
697 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
698 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
699 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
700 [CRCERRS ... MPC] = &mac_readreg,
701 [RA ... RA+31] = &mac_readreg,
702 [MTA ... MTA+127] = &mac_readreg,
703 };
704 enum { NREADOPS = sizeof(macreg_readops) / sizeof(*macreg_readops) };
705
706 #define putreg(x) [x] = mac_writereg
707 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
708 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
709 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
710 putreg(RDBAL), putreg(LEDCTL),
711 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
712 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
713 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
714 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
715 [EECD] = set_eecd, [RCTL] = set_rx_control,
716 [RA ... RA+31] = &mac_writereg,
717 [MTA ... MTA+127] = &mac_writereg,
718 };
719 enum { NWRITEOPS = sizeof(macreg_writeops) / sizeof(*macreg_writeops) };
720
721 static void
722 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
723 {
724 E1000State *s = opaque;
725 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
726
727 #ifdef TARGET_WORDS_BIGENDIAN
728 val = bswap32(val);
729 #endif
730 if (index < NWRITEOPS && macreg_writeops[index])
731 macreg_writeops[index](s, index, val);
732 else if (index < NREADOPS && macreg_readops[index])
733 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
734 else
735 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
736 index<<2, val);
737 }
738
739 static void
740 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
741 {
742 // emulate hw without byte enables: no RMW
743 e1000_mmio_writel(opaque, addr & ~3,
744 (val & 0xffff) << (8*(addr & 3)));
745 }
746
747 static void
748 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
749 {
750 // emulate hw without byte enables: no RMW
751 e1000_mmio_writel(opaque, addr & ~3,
752 (val & 0xff) << (8*(addr & 3)));
753 }
754
755 static uint32_t
756 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
757 {
758 E1000State *s = opaque;
759 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
760
761 if (index < NREADOPS && macreg_readops[index])
762 {
763 uint32_t val = macreg_readops[index](s, index);
764 #ifdef TARGET_WORDS_BIGENDIAN
765 val = bswap32(val);
766 #endif
767 return val;
768 }
769 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
770 return 0;
771 }
772
773 static uint32_t
774 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
775 {
776 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
777 (8 * (addr & 3))) & 0xff;
778 }
779
780 static uint32_t
781 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
782 {
783 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
784 (8 * (addr & 3))) & 0xffff;
785 }
786
787 int mac_regtosave[] = {
788 CTRL, EECD, EERD, GPRC, GPTC, ICR, ICS, IMC, IMS,
789 LEDCTL, MANC, MDIC, MPC, PBA, RCTL, RDBAH, RDBAL, RDH,
790 RDLEN, RDT, STATUS, SWSM, TCTL, TDBAH, TDBAL, TDH, TDLEN,
791 TDT, TORH, TORL, TOTH, TOTL, TPR, TPT, TXDCTL, WUFC,
792 };
793 enum { MAC_NSAVE = sizeof mac_regtosave/sizeof *mac_regtosave };
794
795 struct {
796 int size;
797 int array0;
798 } mac_regarraystosave[] = { {32, RA}, {128, MTA} };
799 enum { MAC_NARRAYS = sizeof mac_regarraystosave/sizeof *mac_regarraystosave };
800
801 static void
802 nic_save(QEMUFile *f, void *opaque)
803 {
804 E1000State *s = (E1000State *)opaque;
805 int i, j;
806
807 pci_device_save(&s->dev, f);
808 qemu_put_be32s(f, &s->mmio_base);
809 qemu_put_be32s(f, &s->rxbuf_size);
810 qemu_put_be32s(f, &s->rxbuf_min_shift);
811 qemu_put_be32s(f, &s->eecd_state.val_in);
812 qemu_put_be16s(f, &s->eecd_state.bitnum_in);
813 qemu_put_be16s(f, &s->eecd_state.bitnum_out);
814 qemu_put_be16s(f, &s->eecd_state.reading);
815 qemu_put_be32s(f, &s->eecd_state.old_eecd);
816 qemu_put_8s(f, &s->tx.ipcss);
817 qemu_put_8s(f, &s->tx.ipcso);
818 qemu_put_be16s(f, &s->tx.ipcse);
819 qemu_put_8s(f, &s->tx.tucss);
820 qemu_put_8s(f, &s->tx.tucso);
821 qemu_put_be16s(f, &s->tx.tucse);
822 qemu_put_be32s(f, &s->tx.paylen);
823 qemu_put_8s(f, &s->tx.hdr_len);
824 qemu_put_be16s(f, &s->tx.mss);
825 qemu_put_be16s(f, &s->tx.size);
826 qemu_put_be16s(f, &s->tx.tso_frames);
827 qemu_put_8s(f, &s->tx.sum_needed);
828 qemu_put_8s(f, &s->tx.ip);
829 qemu_put_8s(f, &s->tx.tcp);
830 qemu_put_buffer(f, s->tx.header, sizeof s->tx.header);
831 qemu_put_buffer(f, s->tx.data, sizeof s->tx.data);
832 for (i = 0; i < 64; i++)
833 qemu_put_be16s(f, s->eeprom_data + i);
834 for (i = 0; i < 0x20; i++)
835 qemu_put_be16s(f, s->phy_reg + i);
836 for (i = 0; i < MAC_NSAVE; i++)
837 qemu_put_be32s(f, s->mac_reg + mac_regtosave[i]);
838 for (i = 0; i < MAC_NARRAYS; i++)
839 for (j = 0; j < mac_regarraystosave[i].size; j++)
840 qemu_put_be32s(f,
841 s->mac_reg + mac_regarraystosave[i].array0 + j);
842 }
843
844 static int
845 nic_load(QEMUFile *f, void *opaque, int version_id)
846 {
847 E1000State *s = (E1000State *)opaque;
848 int i, j, ret;
849
850 if ((ret = pci_device_load(&s->dev, f)) < 0)
851 return ret;
852 if (version_id == 1)
853 qemu_get_be32s(f, &i); /* once some unused instance id */
854 qemu_get_be32s(f, &s->mmio_base);
855 qemu_get_be32s(f, &s->rxbuf_size);
856 qemu_get_be32s(f, &s->rxbuf_min_shift);
857 qemu_get_be32s(f, &s->eecd_state.val_in);
858 qemu_get_be16s(f, &s->eecd_state.bitnum_in);
859 qemu_get_be16s(f, &s->eecd_state.bitnum_out);
860 qemu_get_be16s(f, &s->eecd_state.reading);
861 qemu_get_be32s(f, &s->eecd_state.old_eecd);
862 qemu_get_8s(f, &s->tx.ipcss);
863 qemu_get_8s(f, &s->tx.ipcso);
864 qemu_get_be16s(f, &s->tx.ipcse);
865 qemu_get_8s(f, &s->tx.tucss);
866 qemu_get_8s(f, &s->tx.tucso);
867 qemu_get_be16s(f, &s->tx.tucse);
868 qemu_get_be32s(f, &s->tx.paylen);
869 qemu_get_8s(f, &s->tx.hdr_len);
870 qemu_get_be16s(f, &s->tx.mss);
871 qemu_get_be16s(f, &s->tx.size);
872 qemu_get_be16s(f, &s->tx.tso_frames);
873 qemu_get_8s(f, &s->tx.sum_needed);
874 qemu_get_8s(f, &s->tx.ip);
875 qemu_get_8s(f, &s->tx.tcp);
876 qemu_get_buffer(f, s->tx.header, sizeof s->tx.header);
877 qemu_get_buffer(f, s->tx.data, sizeof s->tx.data);
878 for (i = 0; i < 64; i++)
879 qemu_get_be16s(f, s->eeprom_data + i);
880 for (i = 0; i < 0x20; i++)
881 qemu_get_be16s(f, s->phy_reg + i);
882 for (i = 0; i < MAC_NSAVE; i++)
883 qemu_get_be32s(f, s->mac_reg + mac_regtosave[i]);
884 for (i = 0; i < MAC_NARRAYS; i++)
885 for (j = 0; j < mac_regarraystosave[i].size; j++)
886 qemu_get_be32s(f,
887 s->mac_reg + mac_regarraystosave[i].array0 + j);
888 return 0;
889 }
890
891 static uint16_t e1000_eeprom_template[64] = {
892 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
893 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
894 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
895 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
896 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
897 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
898 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
899 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
900 };
901
902 static uint16_t phy_reg_init[] = {
903 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
904 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
905 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
906 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
907 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
908 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
909 };
910
911 static uint32_t mac_reg_init[] = {
912 [PBA] = 0x00100030,
913 [LEDCTL] = 0x602,
914 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
915 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
916 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
917 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
918 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
919 E1000_STATUS_LU,
920 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
921 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
922 E1000_MANC_RMCP_EN,
923 };
924
925 /* PCI interface */
926
927 static CPUWriteMemoryFunc *e1000_mmio_write[] = {
928 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
929 };
930
931 static CPUReadMemoryFunc *e1000_mmio_read[] = {
932 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
933 };
934
935 static void
936 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
937 uint32_t addr, uint32_t size, int type)
938 {
939 E1000State *d = (E1000State *)pci_dev;
940
941 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08x 0x%08x\n", addr, size);
942
943 d->mmio_base = addr;
944 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
945 }
946
947 void
948 pci_e1000_init(PCIBus *bus, NICInfo *nd, int devfn)
949 {
950 E1000State *d;
951 uint8_t *pci_conf;
952 uint16_t checksum = 0;
953 char *info_str = "e1000";
954 int i;
955
956 d = (E1000State *)pci_register_device(bus, "e1000",
957 sizeof(E1000State), devfn, NULL, NULL);
958
959 pci_conf = d->dev.config;
960 memset(pci_conf, 0, 256);
961
962 *(uint16_t *)(pci_conf+0x00) = cpu_to_le16(0x8086);
963 *(uint16_t *)(pci_conf+0x02) = cpu_to_le16(E1000_DEVID);
964 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
965 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
966 pci_conf[0x08] = 0x03;
967 pci_conf[0x0a] = 0x00; // ethernet network controller
968 pci_conf[0x0b] = 0x02;
969 pci_conf[0x0c] = 0x10;
970
971 pci_conf[0x3d] = 1; // interrupt pin 0
972
973 d->mmio_index = cpu_register_io_memory(0, e1000_mmio_read,
974 e1000_mmio_write, d);
975
976 pci_register_io_region((PCIDevice *)d, 0, PNPMMIO_SIZE,
977 PCI_ADDRESS_SPACE_MEM, e1000_mmio_map);
978
979 pci_register_io_region((PCIDevice *)d, 1, IOPORT_SIZE,
980 PCI_ADDRESS_SPACE_IO, ioport_map);
981
982 d->nd = nd;
983 memmove(d->eeprom_data, e1000_eeprom_template,
984 sizeof e1000_eeprom_template);
985 for (i = 0; i < 3; i++)
986 d->eeprom_data[i] = (nd->macaddr[2*i+1]<<8) | nd->macaddr[2*i];
987 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
988 checksum += d->eeprom_data[i];
989 checksum = (uint16_t) EEPROM_SUM - checksum;
990 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
991
992 memset(d->phy_reg, 0, sizeof d->phy_reg);
993 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
994 memset(d->mac_reg, 0, sizeof d->mac_reg);
995 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
996 d->rxbuf_min_shift = 1;
997 memset(&d->tx, 0, sizeof d->tx);
998
999 d->vc = qemu_new_vlan_client(nd->vlan, e1000_receive,
1000 e1000_can_receive, d);
1001
1002 snprintf(d->vc->info_str, sizeof(d->vc->info_str),
1003 "%s macaddr=%02x:%02x:%02x:%02x:%02x:%02x", info_str,
1004 d->nd->macaddr[0], d->nd->macaddr[1], d->nd->macaddr[2],
1005 d->nd->macaddr[3], d->nd->macaddr[4], d->nd->macaddr[5]);
1006
1007 register_savevm(info_str, -1, 2, nic_save, nic_load, d);
1008 }
QEMU mirror