search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'qemu-cvs'
[qemu-kvm/fedora.git] / hw / e1000.c
blob1be69ecde9fa88075d37e51caa3405f2a417197b
1 /*
2 * QEMU e1000 emulation
3 *
4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25
26 #include "hw.h"
27 #include "pci.h"
28 #include "net.h"
29 #include "qemu-kvm.h"
30
31 #include "e1000_hw.h"
32
33 #define DEBUG
34
35 #ifdef DEBUG
36 enum {
37 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
38 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
39 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
40 DEBUG_RXFILTER, DEBUG_NOTYET,
41 };
42 #define DBGBIT(x) (1<<DEBUG_##x)
43 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
44
45 #define DBGOUT(what, fmt, params...) do { \
46 if (debugflags & DBGBIT(what)) \
47 fprintf(stderr, "e1000: " fmt, ##params); \
48 } while (0)
49 #else
50 #define DBGOUT(what, fmt, params...) do {} while (0)
51 #endif
52
53 #define IOPORT_SIZE 0x40
54 #define PNPMMIO_SIZE 0x20000
55
56 /*
57 * HW models:
58 * E1000_DEV_ID_82540EM works with Windows and Linux
59 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
60 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
61 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
62 * Others never tested
63 */
64 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
65
66 /*
67 * May need to specify additional MAC-to-PHY entries --
68 * Intel's Windows driver refuses to initialize unless they match
69 */
70 enum {
71 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
72 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
73 /* default to E1000_DEV_ID_82540EM */ 0xc20
74 };
75
76 typedef struct E1000State_st {
77 PCIDevice dev;
78 VLANClientState *vc;
79 NICInfo *nd;
80 uint32_t instance;
81 uint32_t mmio_base;
82 int mmio_index;
83
84 uint32_t mac_reg[0x8000];
85 uint16_t phy_reg[0x20];
86 uint16_t eeprom_data[64];
87
88 uint32_t rxbuf_size;
89 uint32_t rxbuf_min_shift;
90 int check_rxov;
91 struct e1000_tx {
92 unsigned char header[256];
93 unsigned char data[0x10000];
94 uint16_t size;
95 unsigned char sum_needed;
96 uint8_t ipcss;
97 uint8_t ipcso;
98 uint16_t ipcse;
99 uint8_t tucss;
100 uint8_t tucso;
101 uint16_t tucse;
102 uint8_t hdr_len;
103 uint16_t mss;
104 uint32_t paylen;
105 uint16_t tso_frames;
106 char tse;
107 char ip;
108 char tcp;
109 } tx;
110
111 struct {
112 uint32_t val_in; // shifted in from guest driver
113 uint16_t bitnum_in;
114 uint16_t bitnum_out;
115 uint16_t reading;
116 uint32_t old_eecd;
117 } eecd_state;
118 } E1000State;
119
120 #define defreg(x) x = (E1000_##x>>2)
121 enum {
122 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
123 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
124 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
125 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
126 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
127 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
128 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
129 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
130 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
131 defreg(RA), defreg(MTA), defreg(CRCERRS),
132 };
133
134 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
135 static char phy_regcap[0x20] = {
136 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
137 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
138 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
139 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
140 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
141 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
142 };
143
144 static void
145 ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr,
146 uint32_t size, int type)
147 {
148 DBGOUT(IO, "e1000_ioport_map addr=0x%04x size=0x%08x\n", addr, size);
149 }
150
151 static void
152 set_interrupt_cause(E1000State *s, int index, uint32_t val)
153 {
154 if (val)
155 val |= E1000_ICR_INT_ASSERTED;
156 s->mac_reg[ICR] = val;
157 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
158 }
159
160 static void
161 set_ics(E1000State *s, int index, uint32_t val)
162 {
163 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
164 s->mac_reg[IMS]);
165 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
166 }
167
168 static int
169 rxbufsize(uint32_t v)
170 {
171 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
172 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
173 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
174 switch (v) {
175 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
176 return 16384;
177 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
178 return 8192;
179 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
180 return 4096;
181 case E1000_RCTL_SZ_1024:
182 return 1024;
183 case E1000_RCTL_SZ_512:
184 return 512;
185 case E1000_RCTL_SZ_256:
186 return 256;
187 }
188 return 2048;
189 }
190
191 static void
192 set_rx_control(E1000State *s, int index, uint32_t val)
193 {
194 s->mac_reg[RCTL] = val;
195 s->rxbuf_size = rxbufsize(val);
196 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
197 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
198 s->mac_reg[RCTL]);
199 }
200
201 static void
202 set_mdic(E1000State *s, int index, uint32_t val)
203 {
204 uint32_t data = val & E1000_MDIC_DATA_MASK;
205 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
206
207 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
208 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
209 else if (val & E1000_MDIC_OP_READ) {
210 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
211 if (!(phy_regcap[addr] & PHY_R)) {
212 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
213 val |= E1000_MDIC_ERROR;
214 } else
215 val = (val ^ data) | s->phy_reg[addr];
216 } else if (val & E1000_MDIC_OP_WRITE) {
217 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
218 if (!(phy_regcap[addr] & PHY_W)) {
219 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
220 val |= E1000_MDIC_ERROR;
221 } else
222 s->phy_reg[addr] = data;
223 }
224 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
225 set_ics(s, 0, E1000_ICR_MDAC);
226 }
227
228 static uint32_t
229 get_eecd(E1000State *s, int index)
230 {
231 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
232
233 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
234 s->eecd_state.bitnum_out, s->eecd_state.reading);
235 if (!s->eecd_state.reading ||
236 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
237 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
238 ret |= E1000_EECD_DO;
239 return ret;
240 }
241
242 static void
243 set_eecd(E1000State *s, int index, uint32_t val)
244 {
245 uint32_t oldval = s->eecd_state.old_eecd;
246
247 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
248 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
249 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
250 return;
251 if (!(E1000_EECD_SK & val)) { // falling edge
252 s->eecd_state.bitnum_out++;
253 return;
254 }
255 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
256 memset(&s->eecd_state, 0, sizeof s->eecd_state);
257 return;
258 }
259 s->eecd_state.val_in <<= 1;
260 if (val & E1000_EECD_DI)
261 s->eecd_state.val_in |= 1;
262 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
263 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
264 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
265 EEPROM_READ_OPCODE_MICROWIRE);
266 }
267 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
268 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
269 s->eecd_state.reading);
270 }
271
272 static uint32_t
273 flash_eerd_read(E1000State *s, int x)
274 {
275 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
276
277 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
278 return 0;
279 return (s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
280 E1000_EEPROM_RW_REG_DONE | r;
281 }
282
283 static unsigned int
284 do_cksum(uint8_t *dp, uint8_t *de)
285 {
286 unsigned int bsum[2] = {0, 0}, i, sum;
287
288 for (i = 1; dp < de; bsum[i^=1] += *dp++)
289 ;
290 sum = (bsum[0] << 8) + bsum[1];
291 sum = (sum >> 16) + (sum & 0xffff);
292 return ~(sum + (sum >> 16));
293 }
294
295 static void
296 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
297 {
298 if (cse && cse < n)
299 n = cse + 1;
300 if (sloc < n-1)
301 cpu_to_be16wu((uint16_t *)(data + sloc),
302 do_cksum(data + css, data + n));
303 }
304
305 static void
306 xmit_seg(E1000State *s)
307 {
308 uint16_t len, *sp;
309 unsigned int frames = s->tx.tso_frames, css, sofar, n;
310 struct e1000_tx *tp = &s->tx;
311
312 if (tp->tse) {
313 css = tp->ipcss;
314 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
315 frames, tp->size, css);
316 if (tp->ip) { // IPv4
317 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
318 tp->size - css);
319 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
320 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
321 } else // IPv6
322 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
323 tp->size - css);
324 css = tp->tucss;
325 len = tp->size - css;
326 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
327 if (tp->tcp) {
328 sofar = frames * tp->mss;
329 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
330 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
331 if (tp->paylen - sofar > tp->mss)
332 tp->data[css + 13] &= ~9; // PSH, FIN
333 } else // UDP
334 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
335 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
336 // add pseudo-header length before checksum calculation
337 sp = (uint16_t *)(tp->data + tp->tucso);
338 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
339 }
340 tp->tso_frames++;
341 }
342
343 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
344 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
345 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
346 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
347 qemu_send_packet(s->vc, tp->data, tp->size);
348 s->mac_reg[TPT]++;
349 s->mac_reg[GPTC]++;
350 n = s->mac_reg[TOTL];
351 if ((s->mac_reg[TOTL] += s->tx.size) < n)
352 s->mac_reg[TOTH]++;
353 }
354
355 static void
356 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
357 {
358 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
359 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
360 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
361 unsigned int msh = 0xfffff, hdr = 0;
362 uint64_t addr;
363 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
364 struct e1000_tx *tp = &s->tx;
365
366 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
367 op = le32_to_cpu(xp->cmd_and_length);
368 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
369 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
370 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
371 tp->tucss = xp->upper_setup.tcp_fields.tucss;
372 tp->tucso = xp->upper_setup.tcp_fields.tucso;
373 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
374 tp->paylen = op & 0xfffff;
375 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
376 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
377 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
378 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
379 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
380 tp->tso_frames = 0;
381 if (tp->tucso == 0) { // this is probably wrong
382 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
383 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
384 }
385 return;
386 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D))
387 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
388
389 addr = le64_to_cpu(dp->buffer_addr);
390 if (tp->tse) {
391 hdr = tp->hdr_len;
392 msh = hdr + tp->mss;
393 }
394 do {
395 bytes = split_size;
396 if (tp->size + bytes > msh)
397 bytes = msh - tp->size;
398 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
399 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
400 memmove(tp->header, tp->data, hdr);
401 tp->size = sz;
402 addr += bytes;
403 if (sz == msh) {
404 xmit_seg(s);
405 memmove(tp->data, tp->header, hdr);
406 tp->size = hdr;
407 }
408 } while (split_size -= bytes);
409
410 if (!(txd_lower & E1000_TXD_CMD_EOP))
411 return;
412 if (tp->size > hdr)
413 xmit_seg(s);
414 tp->tso_frames = 0;
415 tp->sum_needed = 0;
416 tp->size = 0;
417 }
418
419 static uint32_t
420 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
421 {
422 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
423
424 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
425 return 0;
426 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
427 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
428 dp->upper.data = cpu_to_le32(txd_upper);
429 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
430 (void *)&dp->upper, sizeof(dp->upper));
431 return E1000_ICR_TXDW;
432 }
433
434 static void
435 start_xmit(E1000State *s)
436 {
437 target_phys_addr_t base;
438 struct e1000_tx_desc desc;
439 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
440
441 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
442 DBGOUT(TX, "tx disabled\n");
443 return;
444 }
445
446 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
447 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
448 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
449 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
450
451 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
452 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
453 desc.upper.data);
454
455 process_tx_desc(s, &desc);
456 cause |= txdesc_writeback(base, &desc);
457
458 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
459 s->mac_reg[TDH] = 0;
460 /*
461 * the following could happen only if guest sw assigns
462 * bogus values to TDT/TDLEN.
463 * there's nothing too intelligent we could do about this.
464 */
465 if (s->mac_reg[TDH] == tdh_start) {
466 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
467 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
468 break;
469 }
470 }
471 set_ics(s, 0, cause);
472 }
473
474 static int
475 receive_filter(E1000State *s, const uint8_t *buf, int size)
476 {
477 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
478 static int mta_shift[] = {4, 3, 2, 0};
479 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
480
481 if (rctl & E1000_RCTL_UPE) // promiscuous
482 return 1;
483
484 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
485 return 1;
486
487 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
488 return 1;
489
490 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
491 if (!(rp[1] & E1000_RAH_AV))
492 continue;
493 ra[0] = cpu_to_le32(rp[0]);
494 ra[1] = cpu_to_le32(rp[1]);
495 if (!memcmp(buf, (uint8_t *)ra, 6)) {
496 DBGOUT(RXFILTER,
497 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
498 (int)(rp - s->mac_reg - RA)/2,
499 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
500 return 1;
501 }
502 }
503 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
504 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
505
506 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
507 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
508 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
509 return 1;
510 DBGOUT(RXFILTER,
511 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
512 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
513 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
514 s->mac_reg[MTA + (f >> 5)]);
515
516 return 0;
517 }
518
519 static int
520 e1000_can_receive(void *opaque)
521 {
522 E1000State *s = opaque;
523
524 return ((s->mac_reg[RCTL] & E1000_RCTL_EN) &&
525 s->mac_reg[RDH] != s->mac_reg[RDT]);
526 }
527
528 static void
529 e1000_receive(void *opaque, const uint8_t *buf, int size)
530 {
531 E1000State *s = opaque;
532 struct e1000_rx_desc desc;
533 target_phys_addr_t base;
534 unsigned int n, rdt;
535 uint32_t rdh_start;
536
537 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
538 return;
539
540 if (size > s->rxbuf_size) {
541 DBGOUT(RX, "packet too large for buffers (%d > %d)\n", size,
542 s->rxbuf_size);
543 return;
544 }
545
546 if (!receive_filter(s, buf, size))
547 return;
548
549 rdh_start = s->mac_reg[RDH];
550 size += 4; // for the header
551 do {
552 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
553 set_ics(s, 0, E1000_ICS_RXO);
554 return;
555 }
556 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
557 sizeof(desc) * s->mac_reg[RDH];
558 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
559 desc.status |= E1000_RXD_STAT_DD;
560 if (desc.buffer_addr) {
561 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
562 (void *)buf, size);
563 desc.length = cpu_to_le16(size);
564 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
565 } else // as per intel docs; skip descriptors with null buf addr
566 DBGOUT(RX, "Null RX descriptor!!\n");
567 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
568
569 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
570 s->mac_reg[RDH] = 0;
571 s->check_rxov = 1;
572 /* see comment in start_xmit; same here */
573 if (s->mac_reg[RDH] == rdh_start) {
574 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
575 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
576 set_ics(s, 0, E1000_ICS_RXO);
577 return;
578 }
579 } while (desc.buffer_addr == 0);
580
581 s->mac_reg[GPRC]++;
582 s->mac_reg[TPR]++;
583 n = s->mac_reg[TORL];
584 if ((s->mac_reg[TORL] += size) < n)
585 s->mac_reg[TORH]++;
586
587 n = E1000_ICS_RXT0;
588 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
589 rdt += s->mac_reg[RDLEN] / sizeof(desc);
590 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) << s->rxbuf_min_shift >=
591 s->mac_reg[RDLEN])
592 n |= E1000_ICS_RXDMT0;
593
594 set_ics(s, 0, n);
595 }
596
597 static uint32_t
598 mac_readreg(E1000State *s, int index)
599 {
600 return s->mac_reg[index];
601 }
602
603 static uint32_t
604 mac_icr_read(E1000State *s, int index)
605 {
606 uint32_t ret = s->mac_reg[ICR];
607
608 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
609 set_interrupt_cause(s, 0, 0);
610 return ret;
611 }
612
613 static uint32_t
614 mac_read_clr4(E1000State *s, int index)
615 {
616 uint32_t ret = s->mac_reg[index];
617
618 s->mac_reg[index] = 0;
619 return ret;
620 }
621
622 static uint32_t
623 mac_read_clr8(E1000State *s, int index)
624 {
625 uint32_t ret = s->mac_reg[index];
626
627 s->mac_reg[index] = 0;
628 s->mac_reg[index-1] = 0;
629 return ret;
630 }
631
632 static void
633 mac_writereg(E1000State *s, int index, uint32_t val)
634 {
635 s->mac_reg[index] = val;
636 }
637
638 static void
639 set_rdt(E1000State *s, int index, uint32_t val)
640 {
641 s->check_rxov = 0;
642 s->mac_reg[index] = val & 0xffff;
643 }
644
645 static void
646 set_16bit(E1000State *s, int index, uint32_t val)
647 {
648 s->mac_reg[index] = val & 0xffff;
649 }
650
651 static void
652 set_dlen(E1000State *s, int index, uint32_t val)
653 {
654 s->mac_reg[index] = val & 0xfff80;
655 }
656
657 static void
658 set_tctl(E1000State *s, int index, uint32_t val)
659 {
660 s->mac_reg[index] = val;
661 s->mac_reg[TDT] &= 0xffff;
662 start_xmit(s);
663 }
664
665 static void
666 set_icr(E1000State *s, int index, uint32_t val)
667 {
668 DBGOUT(INTERRUPT, "set_icr %x\n", val);
669 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
670 }
671
672 static void
673 set_imc(E1000State *s, int index, uint32_t val)
674 {
675 s->mac_reg[IMS] &= ~val;
676 set_ics(s, 0, 0);
677 }
678
679 static void
680 set_ims(E1000State *s, int index, uint32_t val)
681 {
682 s->mac_reg[IMS] |= val;
683 set_ics(s, 0, 0);
684 }
685
686 #define getreg(x) [x] = mac_readreg
687 static uint32_t (*macreg_readops[])(E1000State *, int) = {
688 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
689 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
690 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
691 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
692 getreg(RDH), getreg(RDT),
693
694 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
695 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
696 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
697 [CRCERRS ... MPC] = &mac_readreg,
698 [RA ... RA+31] = &mac_readreg,
699 [MTA ... MTA+127] = &mac_readreg,
700 };
701 enum { NREADOPS = sizeof(macreg_readops) / sizeof(*macreg_readops) };
702
703 #define putreg(x) [x] = mac_writereg
704 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
705 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
706 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
707 putreg(RDBAL), putreg(LEDCTL),
708 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
709 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
710 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
711 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
712 [EECD] = set_eecd, [RCTL] = set_rx_control,
713 [RA ... RA+31] = &mac_writereg,
714 [MTA ... MTA+127] = &mac_writereg,
715 };
716 enum { NWRITEOPS = sizeof(macreg_writeops) / sizeof(*macreg_writeops) };
717
718 static void
719 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
720 {
721 E1000State *s = opaque;
722 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
723
724 #ifdef TARGET_WORDS_BIGENDIAN
725 val = bswap32(val);
726 #endif
727 if (index < NWRITEOPS && macreg_writeops[index])
728 macreg_writeops[index](s, index, val);
729 else if (index < NREADOPS && macreg_readops[index])
730 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
731 else
732 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
733 index<<2, val);
734 }
735
736 static void
737 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
738 {
739 // emulate hw without byte enables: no RMW
740 e1000_mmio_writel(opaque, addr & ~3,
741 (val & 0xffff) << (8*(addr & 3)));
742 }
743
744 static void
745 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
746 {
747 // emulate hw without byte enables: no RMW
748 e1000_mmio_writel(opaque, addr & ~3,
749 (val & 0xff) << (8*(addr & 3)));
750 }
751
752 static uint32_t
753 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
754 {
755 E1000State *s = opaque;
756 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
757
758 if (index < NREADOPS && macreg_readops[index])
759 {
760 uint32_t val = macreg_readops[index](s, index);
761 #ifdef TARGET_WORDS_BIGENDIAN
762 val = bswap32(val);
763 #endif
764 return val;
765 }
766 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
767 return 0;
768 }
769
770 static uint32_t
771 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
772 {
773 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
774 (8 * (addr & 3))) & 0xff;
775 }
776
777 static uint32_t
778 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
779 {
780 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
781 (8 * (addr & 3))) & 0xffff;
782 }
783
784 int mac_regtosave[] = {
785 CTRL, EECD, EERD, GPRC, GPTC, ICR, ICS, IMC, IMS,
786 LEDCTL, MANC, MDIC, MPC, PBA, RCTL, RDBAH, RDBAL, RDH,
787 RDLEN, RDT, STATUS, SWSM, TCTL, TDBAH, TDBAL, TDH, TDLEN,
788 TDT, TORH, TORL, TOTH, TOTL, TPR, TPT, TXDCTL, WUFC,
789 };
790 enum { MAC_NSAVE = sizeof mac_regtosave/sizeof *mac_regtosave };
791
792 struct {
793 int size;
794 int array0;
795 } mac_regarraystosave[] = { {32, RA}, {128, MTA} };
796 enum { MAC_NARRAYS = sizeof mac_regarraystosave/sizeof *mac_regarraystosave };
797
798 static void
799 nic_save(QEMUFile *f, void *opaque)
800 {
801 E1000State *s = (E1000State *)opaque;
802 int i, j;
803
804 pci_device_save(&s->dev, f);
805 qemu_put_be32s(f, &s->instance);
806 qemu_put_be32s(f, &s->mmio_base);
807 qemu_put_be32s(f, &s->rxbuf_size);
808 qemu_put_be32s(f, &s->rxbuf_min_shift);
809 qemu_put_be32s(f, &s->eecd_state.val_in);
810 qemu_put_be16s(f, &s->eecd_state.bitnum_in);
811 qemu_put_be16s(f, &s->eecd_state.bitnum_out);
812 qemu_put_be16s(f, &s->eecd_state.reading);
813 qemu_put_be32s(f, &s->eecd_state.old_eecd);
814 qemu_put_8s(f, &s->tx.ipcss);
815 qemu_put_8s(f, &s->tx.ipcso);
816 qemu_put_be16s(f, &s->tx.ipcse);
817 qemu_put_8s(f, &s->tx.tucss);
818 qemu_put_8s(f, &s->tx.tucso);
819 qemu_put_be16s(f, &s->tx.tucse);
820 qemu_put_be32s(f, &s->tx.paylen);
821 qemu_put_8s(f, &s->tx.hdr_len);
822 qemu_put_be16s(f, &s->tx.mss);
823 qemu_put_be16s(f, &s->tx.size);
824 qemu_put_be16s(f, &s->tx.tso_frames);
825 qemu_put_8s(f, &s->tx.sum_needed);
826 qemu_put_8s(f, &s->tx.ip);
827 qemu_put_8s(f, &s->tx.tcp);
828 qemu_put_buffer(f, s->tx.header, sizeof s->tx.header);
829 qemu_put_buffer(f, s->tx.data, sizeof s->tx.data);
830 for (i = 0; i < 64; i++)
831 qemu_put_be16s(f, s->eeprom_data + i);
832 for (i = 0; i < 0x20; i++)
833 qemu_put_be16s(f, s->phy_reg + i);
834 for (i = 0; i < MAC_NSAVE; i++)
835 qemu_put_be32s(f, s->mac_reg + mac_regtosave[i]);
836 for (i = 0; i < MAC_NARRAYS; i++)
837 for (j = 0; j < mac_regarraystosave[i].size; j++)
838 qemu_put_be32s(f,
839 s->mac_reg + mac_regarraystosave[i].array0 + j);
840 }
841
842 static int
843 nic_load(QEMUFile *f, void *opaque, int version_id)
844 {
845 E1000State *s = (E1000State *)opaque;
846 int i, j, ret;
847
848 if ((ret = pci_device_load(&s->dev, f)) < 0)
849 return ret;
850 qemu_get_be32s(f, &s->instance);
851 qemu_get_be32s(f, &s->mmio_base);
852 qemu_get_be32s(f, &s->rxbuf_size);
853 qemu_get_be32s(f, &s->rxbuf_min_shift);
854 qemu_get_be32s(f, &s->eecd_state.val_in);
855 qemu_get_be16s(f, &s->eecd_state.bitnum_in);
856 qemu_get_be16s(f, &s->eecd_state.bitnum_out);
857 qemu_get_be16s(f, &s->eecd_state.reading);
858 qemu_get_be32s(f, &s->eecd_state.old_eecd);
859 qemu_get_8s(f, &s->tx.ipcss);
860 qemu_get_8s(f, &s->tx.ipcso);
861 qemu_get_be16s(f, &s->tx.ipcse);
862 qemu_get_8s(f, &s->tx.tucss);
863 qemu_get_8s(f, &s->tx.tucso);
864 qemu_get_be16s(f, &s->tx.tucse);
865 qemu_get_be32s(f, &s->tx.paylen);
866 qemu_get_8s(f, &s->tx.hdr_len);
867 qemu_get_be16s(f, &s->tx.mss);
868 qemu_get_be16s(f, &s->tx.size);
869 qemu_get_be16s(f, &s->tx.tso_frames);
870 qemu_get_8s(f, &s->tx.sum_needed);
871 qemu_get_8s(f, &s->tx.ip);
872 qemu_get_8s(f, &s->tx.tcp);
873 qemu_get_buffer(f, s->tx.header, sizeof s->tx.header);
874 qemu_get_buffer(f, s->tx.data, sizeof s->tx.data);
875 for (i = 0; i < 64; i++)
876 qemu_get_be16s(f, s->eeprom_data + i);
877 for (i = 0; i < 0x20; i++)
878 qemu_get_be16s(f, s->phy_reg + i);
879 for (i = 0; i < MAC_NSAVE; i++)
880 qemu_get_be32s(f, s->mac_reg + mac_regtosave[i]);
881 for (i = 0; i < MAC_NARRAYS; i++)
882 for (j = 0; j < mac_regarraystosave[i].size; j++)
883 qemu_get_be32s(f,
884 s->mac_reg + mac_regarraystosave[i].array0 + j);
885 return 0;
886 }
887
888 static uint16_t e1000_eeprom_template[64] = {
889 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
890 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
891 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
892 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
893 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
894 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
895 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
896 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
897 };
898
899 static uint16_t phy_reg_init[] = {
900 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
901 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
902 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
903 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
904 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
905 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
906 };
907
908 static uint32_t mac_reg_init[] = {
909 [PBA] = 0x00100030,
910 [LEDCTL] = 0x602,
911 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
912 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
913 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
914 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
915 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
916 E1000_STATUS_LU,
917 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
918 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
919 E1000_MANC_RMCP_EN,
920 };
921
922 /* PCI interface */
923
924 static CPUWriteMemoryFunc *e1000_mmio_write[] = {
925 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
926 };
927
928 static CPUReadMemoryFunc *e1000_mmio_read[] = {
929 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
930 };
931
932 static void
933 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
934 uint32_t addr, uint32_t size, int type)
935 {
936 E1000State *d = (E1000State *)pci_dev;
937
938 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08x 0x%08x\n", addr, size);
939
940 d->mmio_base = addr;
941 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
942
943 if (kvm_enabled()) {
944 int i;
945 uint32_t excluded_regs[] = {
946 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
947 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
948 };
949 qemu_kvm_register_coalesced_mmio(addr, excluded_regs[0]);
950 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
951 qemu_kvm_register_coalesced_mmio(addr + excluded_regs[i] + 4,
952 excluded_regs[i + 1] - excluded_regs[i] - 4);
953 }
954 }
955
956 static int
957 pci_e1000_uninit(PCIDevice *dev)
958 {
959 E1000State *d = (E1000State *) dev;
960
961 cpu_unregister_io_memory(d->mmio_index);
962
963 return 0;
964 }
965
966 PCIDevice *
967 pci_e1000_init(PCIBus *bus, NICInfo *nd, int devfn)
968 {
969 E1000State *d;
970 uint8_t *pci_conf;
971 static int instance;
972 uint16_t checksum = 0;
973 char *info_str = "e1000";
974 int i;
975
976 d = (E1000State *)pci_register_device(bus, "e1000",
977 sizeof(E1000State), devfn, NULL, NULL);
978
979 if (!d)
980 return NULL;
981
982 pci_conf = d->dev.config;
983 memset(pci_conf, 0, 256);
984
985 *(uint16_t *)(pci_conf+0x00) = cpu_to_le16(0x8086);
986 *(uint16_t *)(pci_conf+0x02) = cpu_to_le16(E1000_DEVID);
987 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
988 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
989 pci_conf[0x08] = 0x03;
990 pci_conf[0x0a] = 0x00; // ethernet network controller
991 pci_conf[0x0b] = 0x02;
992 pci_conf[0x0c] = 0x10;
993
994 pci_conf[0x3d] = 1; // interrupt pin 0
995
996 d->mmio_index = cpu_register_io_memory(0, e1000_mmio_read,
997 e1000_mmio_write, d);
998
999 pci_register_io_region((PCIDevice *)d, 0, PNPMMIO_SIZE,
1000 PCI_ADDRESS_SPACE_MEM, e1000_mmio_map);
1001
1002 pci_register_io_region((PCIDevice *)d, 1, IOPORT_SIZE,
1003 PCI_ADDRESS_SPACE_IO, ioport_map);
1004
1005 d->instance = instance++;
1006
1007 d->nd = nd;
1008 memmove(d->eeprom_data, e1000_eeprom_template,
1009 sizeof e1000_eeprom_template);
1010 for (i = 0; i < 3; i++)
1011 d->eeprom_data[i] = (nd->macaddr[2*i+1]<<8) | nd->macaddr[2*i];
1012 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1013 checksum += d->eeprom_data[i];
1014 checksum = (uint16_t) EEPROM_SUM - checksum;
1015 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1016
1017 memset(d->phy_reg, 0, sizeof d->phy_reg);
1018 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1019 memset(d->mac_reg, 0, sizeof d->mac_reg);
1020 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1021 d->rxbuf_min_shift = 1;
1022 memset(&d->tx, 0, sizeof d->tx);
1023
1024 d->vc = qemu_new_vlan_client(nd->vlan, e1000_receive,
1025 e1000_can_receive, d);
1026
1027 snprintf(d->vc->info_str, sizeof(d->vc->info_str),
1028 "%s macaddr=%02x:%02x:%02x:%02x:%02x:%02x", info_str,
1029 d->nd->macaddr[0], d->nd->macaddr[1], d->nd->macaddr[2],
1030 d->nd->macaddr[3], d->nd->macaddr[4], d->nd->macaddr[5]);
1031
1032 register_savevm(info_str, d->instance, 1, nic_save, nic_load, d);
1033 d->dev.unregister = pci_e1000_uninit;
1034
1035 return (PCIDevice *)d;
1036 }
Patches shipped by Fedora