search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Ia64: stop passing in global variable as argument to cmos_init()
[qemu-kvm/amd-iommu.git] / hw / e1000.c
blobb3c31ab987f93628f95c3183d03b2fc9ec92abf5
1 /*
2 * QEMU e1000 emulation
3 *
4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25
26 #include "hw.h"
27 #include "pci.h"
28 #include "net.h"
29 #include "qemu-kvm.h"
30
31 #include "e1000_hw.h"
32
33 #define DEBUG
34
35 #ifdef DEBUG
36 enum {
37 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
38 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
39 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
40 DEBUG_RXFILTER, DEBUG_NOTYET,
41 };
42 #define DBGBIT(x) (1<<DEBUG_##x)
43 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
44
45 #define DBGOUT(what, fmt, params...) do { \
46 if (debugflags & DBGBIT(what)) \
47 fprintf(stderr, "e1000: " fmt, ##params); \
48 } while (0)
49 #else
50 #define DBGOUT(what, fmt, params...) do {} while (0)
51 #endif
52
53 #define IOPORT_SIZE 0x40
54 #define PNPMMIO_SIZE 0x20000
55
56 /*
57 * HW models:
58 * E1000_DEV_ID_82540EM works with Windows and Linux
59 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
60 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
61 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
62 * Others never tested
63 */
64 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
65
66 /*
67 * May need to specify additional MAC-to-PHY entries --
68 * Intel's Windows driver refuses to initialize unless they match
69 */
70 enum {
71 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
72 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
73 /* default to E1000_DEV_ID_82540EM */ 0xc20
74 };
75
76 typedef struct E1000State_st {
77 PCIDevice dev;
78 VLANClientState *vc;
79 NICInfo *nd;
80 uint32_t mmio_base;
81 int mmio_index;
82
83 uint32_t mac_reg[0x8000];
84 uint16_t phy_reg[0x20];
85 uint16_t eeprom_data[64];
86
87 uint32_t rxbuf_size;
88 uint32_t rxbuf_min_shift;
89 int check_rxov;
90 struct e1000_tx {
91 unsigned char header[256];
92 unsigned char data[0x10000];
93 uint16_t size;
94 unsigned char sum_needed;
95 uint8_t ipcss;
96 uint8_t ipcso;
97 uint16_t ipcse;
98 uint8_t tucss;
99 uint8_t tucso;
100 uint16_t tucse;
101 uint8_t hdr_len;
102 uint16_t mss;
103 uint32_t paylen;
104 uint16_t tso_frames;
105 char tse;
106 int8_t ip;
107 int8_t tcp;
108 char cptse; // current packet tse bit
109 } tx;
110
111 struct {
112 uint32_t val_in; // shifted in from guest driver
113 uint16_t bitnum_in;
114 uint16_t bitnum_out;
115 uint16_t reading;
116 uint32_t old_eecd;
117 } eecd_state;
118 } E1000State;
119
120 #define defreg(x) x = (E1000_##x>>2)
121 enum {
122 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
123 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
124 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
125 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
126 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
127 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
128 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
129 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
130 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
131 defreg(RA), defreg(MTA), defreg(CRCERRS),
132 };
133
134 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
135 static char phy_regcap[0x20] = {
136 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
137 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
138 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
139 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
140 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
141 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
142 };
143
144 static void
145 ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr,
146 uint32_t size, int type)
147 {
148 DBGOUT(IO, "e1000_ioport_map addr=0x%04x size=0x%08x\n", addr, size);
149 }
150
151 static void
152 set_interrupt_cause(E1000State *s, int index, uint32_t val)
153 {
154 if (val)
155 val |= E1000_ICR_INT_ASSERTED;
156 s->mac_reg[ICR] = val;
157 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
158 }
159
160 static void
161 set_ics(E1000State *s, int index, uint32_t val)
162 {
163 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
164 s->mac_reg[IMS]);
165 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
166 }
167
168 static int
169 rxbufsize(uint32_t v)
170 {
171 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
172 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
173 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
174 switch (v) {
175 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
176 return 16384;
177 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
178 return 8192;
179 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
180 return 4096;
181 case E1000_RCTL_SZ_1024:
182 return 1024;
183 case E1000_RCTL_SZ_512:
184 return 512;
185 case E1000_RCTL_SZ_256:
186 return 256;
187 }
188 return 2048;
189 }
190
191 static void
192 set_rx_control(E1000State *s, int index, uint32_t val)
193 {
194 s->mac_reg[RCTL] = val;
195 s->rxbuf_size = rxbufsize(val);
196 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
197 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
198 s->mac_reg[RCTL]);
199 }
200
201 static void
202 set_mdic(E1000State *s, int index, uint32_t val)
203 {
204 uint32_t data = val & E1000_MDIC_DATA_MASK;
205 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
206
207 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
208 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
209 else if (val & E1000_MDIC_OP_READ) {
210 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
211 if (!(phy_regcap[addr] & PHY_R)) {
212 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
213 val |= E1000_MDIC_ERROR;
214 } else
215 val = (val ^ data) | s->phy_reg[addr];
216 } else if (val & E1000_MDIC_OP_WRITE) {
217 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
218 if (!(phy_regcap[addr] & PHY_W)) {
219 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
220 val |= E1000_MDIC_ERROR;
221 } else
222 s->phy_reg[addr] = data;
223 }
224 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
225 set_ics(s, 0, E1000_ICR_MDAC);
226 }
227
228 static uint32_t
229 get_eecd(E1000State *s, int index)
230 {
231 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
232
233 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
234 s->eecd_state.bitnum_out, s->eecd_state.reading);
235 if (!s->eecd_state.reading ||
236 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
237 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
238 ret |= E1000_EECD_DO;
239 return ret;
240 }
241
242 static void
243 set_eecd(E1000State *s, int index, uint32_t val)
244 {
245 uint32_t oldval = s->eecd_state.old_eecd;
246
247 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
248 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
249 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
250 return;
251 if (!(E1000_EECD_SK & val)) { // falling edge
252 s->eecd_state.bitnum_out++;
253 return;
254 }
255 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
256 memset(&s->eecd_state, 0, sizeof s->eecd_state);
257 return;
258 }
259 s->eecd_state.val_in <<= 1;
260 if (val & E1000_EECD_DI)
261 s->eecd_state.val_in |= 1;
262 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
263 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
264 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
265 EEPROM_READ_OPCODE_MICROWIRE);
266 }
267 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
268 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
269 s->eecd_state.reading);
270 }
271
272 static uint32_t
273 flash_eerd_read(E1000State *s, int x)
274 {
275 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
276
277 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
278 return 0;
279 return (s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
280 E1000_EEPROM_RW_REG_DONE | r;
281 }
282
283 static void
284 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
285 {
286 uint32_t sum;
287
288 if (cse && cse < n)
289 n = cse + 1;
290 if (sloc < n-1) {
291 sum = net_checksum_add(n-css, data+css);
292 cpu_to_be16wu((uint16_t *)(data + sloc),
293 net_checksum_finish(sum));
294 }
295 }
296
297 static void
298 xmit_seg(E1000State *s)
299 {
300 uint16_t len, *sp;
301 unsigned int frames = s->tx.tso_frames, css, sofar, n;
302 struct e1000_tx *tp = &s->tx;
303
304 if (tp->tse && tp->cptse) {
305 css = tp->ipcss;
306 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
307 frames, tp->size, css);
308 if (tp->ip) { // IPv4
309 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
310 tp->size - css);
311 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
312 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
313 } else // IPv6
314 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
315 tp->size - css);
316 css = tp->tucss;
317 len = tp->size - css;
318 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
319 if (tp->tcp) {
320 sofar = frames * tp->mss;
321 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
322 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
323 if (tp->paylen - sofar > tp->mss)
324 tp->data[css + 13] &= ~9; // PSH, FIN
325 } else // UDP
326 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
327 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
328 // add pseudo-header length before checksum calculation
329 sp = (uint16_t *)(tp->data + tp->tucso);
330 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
331 }
332 tp->tso_frames++;
333 }
334
335 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
336 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
337 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
338 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
339 qemu_send_packet(s->vc, tp->data, tp->size);
340 s->mac_reg[TPT]++;
341 s->mac_reg[GPTC]++;
342 n = s->mac_reg[TOTL];
343 if ((s->mac_reg[TOTL] += s->tx.size) < n)
344 s->mac_reg[TOTH]++;
345 }
346
347 static void
348 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
349 {
350 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
351 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
352 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
353 unsigned int msh = 0xfffff, hdr = 0;
354 uint64_t addr;
355 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
356 struct e1000_tx *tp = &s->tx;
357
358 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
359 op = le32_to_cpu(xp->cmd_and_length);
360 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
361 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
362 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
363 tp->tucss = xp->upper_setup.tcp_fields.tucss;
364 tp->tucso = xp->upper_setup.tcp_fields.tucso;
365 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
366 tp->paylen = op & 0xfffff;
367 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
368 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
369 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
370 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
371 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
372 tp->tso_frames = 0;
373 if (tp->tucso == 0) { // this is probably wrong
374 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
375 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
376 }
377 return;
378 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
379 // data descriptor
380 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
381 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
382 } else
383 // legacy descriptor
384 tp->cptse = 0;
385
386 addr = le64_to_cpu(dp->buffer_addr);
387 if (tp->tse && tp->cptse) {
388 hdr = tp->hdr_len;
389 msh = hdr + tp->mss;
390 do {
391 bytes = split_size;
392 if (tp->size + bytes > msh)
393 bytes = msh - tp->size;
394 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
395 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
396 memmove(tp->header, tp->data, hdr);
397 tp->size = sz;
398 addr += bytes;
399 if (sz == msh) {
400 xmit_seg(s);
401 memmove(tp->data, tp->header, hdr);
402 tp->size = hdr;
403 }
404 } while (split_size -= bytes);
405 } else if (!tp->tse && tp->cptse) {
406 // context descriptor TSE is not set, while data descriptor TSE is set
407 DBGOUT(TXERR, "TCP segmentaion Error\n");
408 } else {
409 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
410 tp->size += split_size;
411 }
412
413 if (!(txd_lower & E1000_TXD_CMD_EOP))
414 return;
415 if (!(tp->tse && tp->cptse && tp->size < hdr))
416 xmit_seg(s);
417 tp->tso_frames = 0;
418 tp->sum_needed = 0;
419 tp->size = 0;
420 tp->cptse = 0;
421 }
422
423 static uint32_t
424 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
425 {
426 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
427
428 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
429 return 0;
430 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
431 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
432 dp->upper.data = cpu_to_le32(txd_upper);
433 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
434 (void *)&dp->upper, sizeof(dp->upper));
435 return E1000_ICR_TXDW;
436 }
437
438 static void
439 start_xmit(E1000State *s)
440 {
441 target_phys_addr_t base;
442 struct e1000_tx_desc desc;
443 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
444
445 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
446 DBGOUT(TX, "tx disabled\n");
447 return;
448 }
449
450 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
451 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
452 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
453 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
454
455 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
456 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
457 desc.upper.data);
458
459 process_tx_desc(s, &desc);
460 cause |= txdesc_writeback(base, &desc);
461
462 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
463 s->mac_reg[TDH] = 0;
464 /*
465 * the following could happen only if guest sw assigns
466 * bogus values to TDT/TDLEN.
467 * there's nothing too intelligent we could do about this.
468 */
469 if (s->mac_reg[TDH] == tdh_start) {
470 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
471 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
472 break;
473 }
474 }
475 set_ics(s, 0, cause);
476 }
477
478 static int
479 receive_filter(E1000State *s, const uint8_t *buf, int size)
480 {
481 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
482 static int mta_shift[] = {4, 3, 2, 0};
483 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
484
485 if (rctl & E1000_RCTL_UPE) // promiscuous
486 return 1;
487
488 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
489 return 1;
490
491 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
492 return 1;
493
494 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
495 if (!(rp[1] & E1000_RAH_AV))
496 continue;
497 ra[0] = cpu_to_le32(rp[0]);
498 ra[1] = cpu_to_le32(rp[1]);
499 if (!memcmp(buf, (uint8_t *)ra, 6)) {
500 DBGOUT(RXFILTER,
501 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
502 (int)(rp - s->mac_reg - RA)/2,
503 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
504 return 1;
505 }
506 }
507 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
508 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
509
510 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
511 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
512 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
513 return 1;
514 DBGOUT(RXFILTER,
515 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
516 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
517 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
518 s->mac_reg[MTA + (f >> 5)]);
519
520 return 0;
521 }
522
523 static int
524 e1000_can_receive(void *opaque)
525 {
526 E1000State *s = opaque;
527
528 return (s->mac_reg[RCTL] & E1000_RCTL_EN);
529 }
530
531 static void
532 e1000_receive(void *opaque, const uint8_t *buf, int size)
533 {
534 E1000State *s = opaque;
535 struct e1000_rx_desc desc;
536 target_phys_addr_t base;
537 unsigned int n, rdt;
538 uint32_t rdh_start;
539
540 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
541 return;
542
543 if (size > s->rxbuf_size) {
544 DBGOUT(RX, "packet too large for buffers (%d > %d)\n", size,
545 s->rxbuf_size);
546 return;
547 }
548
549 if (!receive_filter(s, buf, size))
550 return;
551
552 rdh_start = s->mac_reg[RDH];
553 size += 4; // for the header
554 do {
555 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
556 set_ics(s, 0, E1000_ICS_RXO);
557 return;
558 }
559 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
560 sizeof(desc) * s->mac_reg[RDH];
561 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
562 desc.status |= E1000_RXD_STAT_DD;
563 if (desc.buffer_addr) {
564 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
565 (void *)buf, size);
566 desc.length = cpu_to_le16(size);
567 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
568 } else // as per intel docs; skip descriptors with null buf addr
569 DBGOUT(RX, "Null RX descriptor!!\n");
570 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
571
572 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
573 s->mac_reg[RDH] = 0;
574 s->check_rxov = 1;
575 /* see comment in start_xmit; same here */
576 if (s->mac_reg[RDH] == rdh_start) {
577 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
578 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
579 set_ics(s, 0, E1000_ICS_RXO);
580 return;
581 }
582 } while (desc.buffer_addr == 0);
583
584 s->mac_reg[GPRC]++;
585 s->mac_reg[TPR]++;
586 n = s->mac_reg[TORL];
587 if ((s->mac_reg[TORL] += size) < n)
588 s->mac_reg[TORH]++;
589
590 n = E1000_ICS_RXT0;
591 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
592 rdt += s->mac_reg[RDLEN] / sizeof(desc);
593 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) << s->rxbuf_min_shift >=
594 s->mac_reg[RDLEN])
595 n |= E1000_ICS_RXDMT0;
596
597 set_ics(s, 0, n);
598 }
599
600 static uint32_t
601 mac_readreg(E1000State *s, int index)
602 {
603 return s->mac_reg[index];
604 }
605
606 static uint32_t
607 mac_icr_read(E1000State *s, int index)
608 {
609 uint32_t ret = s->mac_reg[ICR];
610
611 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
612 set_interrupt_cause(s, 0, 0);
613 return ret;
614 }
615
616 static uint32_t
617 mac_read_clr4(E1000State *s, int index)
618 {
619 uint32_t ret = s->mac_reg[index];
620
621 s->mac_reg[index] = 0;
622 return ret;
623 }
624
625 static uint32_t
626 mac_read_clr8(E1000State *s, int index)
627 {
628 uint32_t ret = s->mac_reg[index];
629
630 s->mac_reg[index] = 0;
631 s->mac_reg[index-1] = 0;
632 return ret;
633 }
634
635 static void
636 mac_writereg(E1000State *s, int index, uint32_t val)
637 {
638 s->mac_reg[index] = val;
639 }
640
641 static void
642 set_rdt(E1000State *s, int index, uint32_t val)
643 {
644 s->check_rxov = 0;
645 s->mac_reg[index] = val & 0xffff;
646 }
647
648 static void
649 set_16bit(E1000State *s, int index, uint32_t val)
650 {
651 s->mac_reg[index] = val & 0xffff;
652 }
653
654 static void
655 set_dlen(E1000State *s, int index, uint32_t val)
656 {
657 s->mac_reg[index] = val & 0xfff80;
658 }
659
660 static void
661 set_tctl(E1000State *s, int index, uint32_t val)
662 {
663 s->mac_reg[index] = val;
664 s->mac_reg[TDT] &= 0xffff;
665 start_xmit(s);
666 }
667
668 static void
669 set_icr(E1000State *s, int index, uint32_t val)
670 {
671 DBGOUT(INTERRUPT, "set_icr %x\n", val);
672 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
673 }
674
675 static void
676 set_imc(E1000State *s, int index, uint32_t val)
677 {
678 s->mac_reg[IMS] &= ~val;
679 set_ics(s, 0, 0);
680 }
681
682 static void
683 set_ims(E1000State *s, int index, uint32_t val)
684 {
685 s->mac_reg[IMS] |= val;
686 set_ics(s, 0, 0);
687 }
688
689 #define getreg(x) [x] = mac_readreg
690 static uint32_t (*macreg_readops[])(E1000State *, int) = {
691 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
692 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
693 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
694 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
695 getreg(RDH), getreg(RDT),
696
697 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
698 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
699 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
700 [CRCERRS ... MPC] = &mac_readreg,
701 [RA ... RA+31] = &mac_readreg,
702 [MTA ... MTA+127] = &mac_readreg,
703 };
704 enum { NREADOPS = sizeof(macreg_readops) / sizeof(*macreg_readops) };
705
706 #define putreg(x) [x] = mac_writereg
707 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
708 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
709 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
710 putreg(RDBAL), putreg(LEDCTL),
711 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
712 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
713 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
714 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
715 [EECD] = set_eecd, [RCTL] = set_rx_control,
716 [RA ... RA+31] = &mac_writereg,
717 [MTA ... MTA+127] = &mac_writereg,
718 };
719 enum { NWRITEOPS = sizeof(macreg_writeops) / sizeof(*macreg_writeops) };
720
721 static void
722 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
723 {
724 E1000State *s = opaque;
725 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
726
727 #ifdef TARGET_WORDS_BIGENDIAN
728 val = bswap32(val);
729 #endif
730 if (index < NWRITEOPS && macreg_writeops[index])
731 macreg_writeops[index](s, index, val);
732 else if (index < NREADOPS && macreg_readops[index])
733 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
734 else
735 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
736 index<<2, val);
737 }
738
739 static void
740 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
741 {
742 // emulate hw without byte enables: no RMW
743 e1000_mmio_writel(opaque, addr & ~3,
744 (val & 0xffff) << (8*(addr & 3)));
745 }
746
747 static void
748 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
749 {
750 // emulate hw without byte enables: no RMW
751 e1000_mmio_writel(opaque, addr & ~3,
752 (val & 0xff) << (8*(addr & 3)));
753 }
754
755 static uint32_t
756 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
757 {
758 E1000State *s = opaque;
759 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
760
761 if (index < NREADOPS && macreg_readops[index])
762 {
763 uint32_t val = macreg_readops[index](s, index);
764 #ifdef TARGET_WORDS_BIGENDIAN
765 val = bswap32(val);
766 #endif
767 return val;
768 }
769 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
770 return 0;
771 }
772
773 static uint32_t
774 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
775 {
776 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
777 (8 * (addr & 3))) & 0xff;
778 }
779
780 static uint32_t
781 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
782 {
783 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
784 (8 * (addr & 3))) & 0xffff;
785 }
786
787 int mac_regtosave[] = {
788 CTRL, EECD, EERD, GPRC, GPTC, ICR, ICS, IMC, IMS,
789 LEDCTL, MANC, MDIC, MPC, PBA, RCTL, RDBAH, RDBAL, RDH,
790 RDLEN, RDT, STATUS, SWSM, TCTL, TDBAH, TDBAL, TDH, TDLEN,
791 TDT, TORH, TORL, TOTH, TOTL, TPR, TPT, TXDCTL, WUFC,
792 };
793 enum { MAC_NSAVE = sizeof mac_regtosave/sizeof *mac_regtosave };
794
795 struct {
796 int size;
797 int array0;
798 } mac_regarraystosave[] = { {32, RA}, {128, MTA} };
799 enum { MAC_NARRAYS = sizeof mac_regarraystosave/sizeof *mac_regarraystosave };
800
801 static void
802 nic_save(QEMUFile *f, void *opaque)
803 {
804 E1000State *s = (E1000State *)opaque;
805 int i, j;
806
807 pci_device_save(&s->dev, f);
808 qemu_put_be32s(f, &s->mmio_base);
809 qemu_put_be32s(f, &s->rxbuf_size);
810 qemu_put_be32s(f, &s->rxbuf_min_shift);
811 qemu_put_be32s(f, &s->eecd_state.val_in);
812 qemu_put_be16s(f, &s->eecd_state.bitnum_in);
813 qemu_put_be16s(f, &s->eecd_state.bitnum_out);
814 qemu_put_be16s(f, &s->eecd_state.reading);
815 qemu_put_be32s(f, &s->eecd_state.old_eecd);
816 qemu_put_8s(f, &s->tx.ipcss);
817 qemu_put_8s(f, &s->tx.ipcso);
818 qemu_put_be16s(f, &s->tx.ipcse);
819 qemu_put_8s(f, &s->tx.tucss);
820 qemu_put_8s(f, &s->tx.tucso);
821 qemu_put_be16s(f, &s->tx.tucse);
822 qemu_put_be32s(f, &s->tx.paylen);
823 qemu_put_8s(f, &s->tx.hdr_len);
824 qemu_put_be16s(f, &s->tx.mss);
825 qemu_put_be16s(f, &s->tx.size);
826 qemu_put_be16s(f, &s->tx.tso_frames);
827 qemu_put_8s(f, &s->tx.sum_needed);
828 qemu_put_s8s(f, &s->tx.ip);
829 qemu_put_s8s(f, &s->tx.tcp);
830 qemu_put_buffer(f, s->tx.header, sizeof s->tx.header);
831 qemu_put_buffer(f, s->tx.data, sizeof s->tx.data);
832 for (i = 0; i < 64; i++)
833 qemu_put_be16s(f, s->eeprom_data + i);
834 for (i = 0; i < 0x20; i++)
835 qemu_put_be16s(f, s->phy_reg + i);
836 for (i = 0; i < MAC_NSAVE; i++)
837 qemu_put_be32s(f, s->mac_reg + mac_regtosave[i]);
838 for (i = 0; i < MAC_NARRAYS; i++)
839 for (j = 0; j < mac_regarraystosave[i].size; j++)
840 qemu_put_be32s(f,
841 s->mac_reg + mac_regarraystosave[i].array0 + j);
842 }
843
844 static int
845 nic_load(QEMUFile *f, void *opaque, int version_id)
846 {
847 E1000State *s = (E1000State *)opaque;
848 int i, j, ret;
849
850 if ((ret = pci_device_load(&s->dev, f)) < 0)
851 return ret;
852 if (version_id == 1)
853 qemu_get_sbe32s(f, &i); /* once some unused instance id */
854 qemu_get_be32s(f, &s->mmio_base);
855 qemu_get_be32s(f, &s->rxbuf_size);
856 qemu_get_be32s(f, &s->rxbuf_min_shift);
857 qemu_get_be32s(f, &s->eecd_state.val_in);
858 qemu_get_be16s(f, &s->eecd_state.bitnum_in);
859 qemu_get_be16s(f, &s->eecd_state.bitnum_out);
860 qemu_get_be16s(f, &s->eecd_state.reading);
861 qemu_get_be32s(f, &s->eecd_state.old_eecd);
862 qemu_get_8s(f, &s->tx.ipcss);
863 qemu_get_8s(f, &s->tx.ipcso);
864 qemu_get_be16s(f, &s->tx.ipcse);
865 qemu_get_8s(f, &s->tx.tucss);
866 qemu_get_8s(f, &s->tx.tucso);
867 qemu_get_be16s(f, &s->tx.tucse);
868 qemu_get_be32s(f, &s->tx.paylen);
869 qemu_get_8s(f, &s->tx.hdr_len);
870 qemu_get_be16s(f, &s->tx.mss);
871 qemu_get_be16s(f, &s->tx.size);
872 qemu_get_be16s(f, &s->tx.tso_frames);
873 qemu_get_8s(f, &s->tx.sum_needed);
874 qemu_get_s8s(f, &s->tx.ip);
875 qemu_get_s8s(f, &s->tx.tcp);
876 qemu_get_buffer(f, s->tx.header, sizeof s->tx.header);
877 qemu_get_buffer(f, s->tx.data, sizeof s->tx.data);
878 for (i = 0; i < 64; i++)
879 qemu_get_be16s(f, s->eeprom_data + i);
880 for (i = 0; i < 0x20; i++)
881 qemu_get_be16s(f, s->phy_reg + i);
882 for (i = 0; i < MAC_NSAVE; i++)
883 qemu_get_be32s(f, s->mac_reg + mac_regtosave[i]);
884 for (i = 0; i < MAC_NARRAYS; i++)
885 for (j = 0; j < mac_regarraystosave[i].size; j++)
886 qemu_get_be32s(f,
887 s->mac_reg + mac_regarraystosave[i].array0 + j);
888 return 0;
889 }
890
891 static uint16_t e1000_eeprom_template[64] = {
892 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
893 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
894 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
895 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
896 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
897 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
898 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
899 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
900 };
901
902 static uint16_t phy_reg_init[] = {
903 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
904 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
905 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
906 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
907 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
908 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
909 };
910
911 static uint32_t mac_reg_init[] = {
912 [PBA] = 0x00100030,
913 [LEDCTL] = 0x602,
914 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
915 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
916 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
917 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
918 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
919 E1000_STATUS_LU,
920 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
921 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
922 E1000_MANC_RMCP_EN,
923 };
924
925 /* PCI interface */
926
927 static CPUWriteMemoryFunc *e1000_mmio_write[] = {
928 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
929 };
930
931 static CPUReadMemoryFunc *e1000_mmio_read[] = {
932 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
933 };
934
935 static void
936 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
937 uint32_t addr, uint32_t size, int type)
938 {
939 E1000State *d = (E1000State *)pci_dev;
940
941 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08x 0x%08x\n", addr, size);
942
943 d->mmio_base = addr;
944 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
945
946 if (kvm_enabled()) {
947 int i;
948 uint32_t excluded_regs[] = {
949 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
950 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
951 };
952 qemu_kvm_register_coalesced_mmio(addr, excluded_regs[0]);
953 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
954 qemu_kvm_register_coalesced_mmio(addr + excluded_regs[i] + 4,
955 excluded_regs[i + 1] - excluded_regs[i] - 4);
956 }
957 }
958
959 static int
960 pci_e1000_uninit(PCIDevice *dev)
961 {
962 E1000State *d = (E1000State *) dev;
963
964 cpu_unregister_io_memory(d->mmio_index);
965
966 return 0;
967 }
968
969 PCIDevice *
970 pci_e1000_init(PCIBus *bus, NICInfo *nd, int devfn)
971 {
972 E1000State *d;
973 uint8_t *pci_conf;
974 uint16_t checksum = 0;
975 static const char info_str[] = "e1000";
976 int i;
977
978 d = (E1000State *)pci_register_device(bus, "e1000",
979 sizeof(E1000State), devfn, NULL, NULL);
980
981 if (!d)
982 return NULL;
983
984 pci_conf = d->dev.config;
985 memset(pci_conf, 0, 256);
986
987 *(uint16_t *)(pci_conf+0x00) = cpu_to_le16(0x8086);
988 *(uint16_t *)(pci_conf+0x02) = cpu_to_le16(E1000_DEVID);
989 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
990 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
991 pci_conf[0x08] = 0x03;
992 pci_conf[0x0a] = 0x00; // ethernet network controller
993 pci_conf[0x0b] = 0x02;
994 pci_conf[0x0c] = 0x10;
995
996 pci_conf[0x3d] = 1; // interrupt pin 0
997
998 d->mmio_index = cpu_register_io_memory(0, e1000_mmio_read,
999 e1000_mmio_write, d);
1000
1001 pci_register_io_region((PCIDevice *)d, 0, PNPMMIO_SIZE,
1002 PCI_ADDRESS_SPACE_MEM, e1000_mmio_map);
1003
1004 pci_register_io_region((PCIDevice *)d, 1, IOPORT_SIZE,
1005 PCI_ADDRESS_SPACE_IO, ioport_map);
1006
1007 d->nd = nd;
1008 memmove(d->eeprom_data, e1000_eeprom_template,
1009 sizeof e1000_eeprom_template);
1010 for (i = 0; i < 3; i++)
1011 d->eeprom_data[i] = (nd->macaddr[2*i+1]<<8) | nd->macaddr[2*i];
1012 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1013 checksum += d->eeprom_data[i];
1014 checksum = (uint16_t) EEPROM_SUM - checksum;
1015 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1016
1017 memset(d->phy_reg, 0, sizeof d->phy_reg);
1018 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1019 memset(d->mac_reg, 0, sizeof d->mac_reg);
1020 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1021 d->rxbuf_min_shift = 1;
1022 memset(&d->tx, 0, sizeof d->tx);
1023
1024 d->vc = qemu_new_vlan_client(nd->vlan, e1000_receive,
1025 e1000_can_receive, d);
1026
1027 snprintf(d->vc->info_str, sizeof(d->vc->info_str),
1028 "%s macaddr=%02x:%02x:%02x:%02x:%02x:%02x", info_str,
1029 d->nd->macaddr[0], d->nd->macaddr[1], d->nd->macaddr[2],
1030 d->nd->macaddr[3], d->nd->macaddr[4], d->nd->macaddr[5]);
1031
1032 register_savevm(info_str, -1, 2, nic_save, nic_load, d);
1033 d->dev.unregister = pci_e1000_uninit;
1034
1035 return (PCIDevice *)d;
1036 }
AMD IOMMU emulation for KVM