search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
net: tap: using bool instead of bitfield
[qemu.git] / hw / e1000.c
blob56f50d42fe87cef735673e7a9acc240e5382c1d8
1 /*
2 * QEMU e1000 emulation
3 *
4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
6 *
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
12 *
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
17 *
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
22 *
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 */
26
27
28 #include "hw.h"
29 #include "pci/pci.h"
30 #include "net/net.h"
31 #include "net/checksum.h"
32 #include "loader.h"
33 #include "sysemu/sysemu.h"
34 #include "sysemu/dma.h"
35
36 #include "e1000_hw.h"
37
38 #define E1000_DEBUG
39
40 #ifdef E1000_DEBUG
41 enum {
42 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
43 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
44 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
45 DEBUG_RXFILTER, DEBUG_PHY, DEBUG_NOTYET,
46 };
47 #define DBGBIT(x) (1<<DEBUG_##x)
48 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
49
50 #define DBGOUT(what, fmt, ...) do { \
51 if (debugflags & DBGBIT(what)) \
52 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 } while (0)
54 #else
55 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #endif
57
58 #define IOPORT_SIZE 0x40
59 #define PNPMMIO_SIZE 0x20000
60 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
61
62 /* this is the size past which hardware will drop packets when setting LPE=0 */
63 #define MAXIMUM_ETHERNET_VLAN_SIZE 1522
64 /* this is the size past which hardware will drop packets when setting LPE=1 */
65 #define MAXIMUM_ETHERNET_LPE_SIZE 16384
66
67 /*
68 * HW models:
69 * E1000_DEV_ID_82540EM works with Windows and Linux
70 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
71 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
72 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
73 * Others never tested
74 */
75 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
76
77 /*
78 * May need to specify additional MAC-to-PHY entries --
79 * Intel's Windows driver refuses to initialize unless they match
80 */
81 enum {
82 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
83 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
84 /* default to E1000_DEV_ID_82540EM */ 0xc20
85 };
86
87 typedef struct E1000State_st {
88 PCIDevice dev;
89 NICState *nic;
90 NICConf conf;
91 MemoryRegion mmio;
92 MemoryRegion io;
93
94 uint32_t mac_reg[0x8000];
95 uint16_t phy_reg[0x20];
96 uint16_t eeprom_data[64];
97
98 uint32_t rxbuf_size;
99 uint32_t rxbuf_min_shift;
100 struct e1000_tx {
101 unsigned char header[256];
102 unsigned char vlan_header[4];
103 /* Fields vlan and data must not be reordered or separated. */
104 unsigned char vlan[4];
105 unsigned char data[0x10000];
106 uint16_t size;
107 unsigned char sum_needed;
108 unsigned char vlan_needed;
109 uint8_t ipcss;
110 uint8_t ipcso;
111 uint16_t ipcse;
112 uint8_t tucss;
113 uint8_t tucso;
114 uint16_t tucse;
115 uint8_t hdr_len;
116 uint16_t mss;
117 uint32_t paylen;
118 uint16_t tso_frames;
119 char tse;
120 int8_t ip;
121 int8_t tcp;
122 char cptse; // current packet tse bit
123 } tx;
124
125 struct {
126 uint32_t val_in; // shifted in from guest driver
127 uint16_t bitnum_in;
128 uint16_t bitnum_out;
129 uint16_t reading;
130 uint32_t old_eecd;
131 } eecd_state;
132
133 QEMUTimer *autoneg_timer;
134 } E1000State;
135
136 #define defreg(x) x = (E1000_##x>>2)
137 enum {
138 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
139 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
140 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
141 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
142 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
143 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
144 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
145 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
146 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
147 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
148 defreg(VET),
149 };
150
151 static void
152 e1000_link_down(E1000State *s)
153 {
154 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
155 s->phy_reg[PHY_STATUS] &= ~MII_SR_LINK_STATUS;
156 }
157
158 static void
159 e1000_link_up(E1000State *s)
160 {
161 s->mac_reg[STATUS] |= E1000_STATUS_LU;
162 s->phy_reg[PHY_STATUS] |= MII_SR_LINK_STATUS;
163 }
164
165 static void
166 set_phy_ctrl(E1000State *s, int index, uint16_t val)
167 {
168 if ((val & MII_CR_AUTO_NEG_EN) && (val & MII_CR_RESTART_AUTO_NEG)) {
169 s->nic->nc.link_down = true;
170 e1000_link_down(s);
171 s->phy_reg[PHY_STATUS] &= ~MII_SR_AUTONEG_COMPLETE;
172 DBGOUT(PHY, "Start link auto negotiation\n");
173 qemu_mod_timer(s->autoneg_timer, qemu_get_clock_ms(vm_clock) + 500);
174 }
175 }
176
177 static void
178 e1000_autoneg_timer(void *opaque)
179 {
180 E1000State *s = opaque;
181 s->nic->nc.link_down = false;
182 e1000_link_up(s);
183 s->phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE;
184 DBGOUT(PHY, "Auto negotiation is completed\n");
185 }
186
187 static void (*phyreg_writeops[])(E1000State *, int, uint16_t) = {
188 [PHY_CTRL] = set_phy_ctrl,
189 };
190
191 enum { NPHYWRITEOPS = ARRAY_SIZE(phyreg_writeops) };
192
193 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
194 static const char phy_regcap[0x20] = {
195 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
196 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
197 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
198 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
199 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
200 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
201 };
202
203 static const uint16_t phy_reg_init[] = {
204 [PHY_CTRL] = 0x1140,
205 [PHY_STATUS] = 0x794d, /* link initially up with not completed autoneg */
206 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
207 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
208 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
209 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
210 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
211 };
212
213 static const uint32_t mac_reg_init[] = {
214 [PBA] = 0x00100030,
215 [LEDCTL] = 0x602,
216 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
217 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
218 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
219 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
220 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
221 E1000_STATUS_LU,
222 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
223 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
224 E1000_MANC_RMCP_EN,
225 };
226
227 static void
228 set_interrupt_cause(E1000State *s, int index, uint32_t val)
229 {
230 if (val && (E1000_DEVID >= E1000_DEV_ID_82547EI_MOBILE)) {
231 /* Only for 8257x */
232 val |= E1000_ICR_INT_ASSERTED;
233 }
234 s->mac_reg[ICR] = val;
235
236 /*
237 * Make sure ICR and ICS registers have the same value.
238 * The spec says that the ICS register is write-only. However in practice,
239 * on real hardware ICS is readable, and for reads it has the same value as
240 * ICR (except that ICS does not have the clear on read behaviour of ICR).
241 *
242 * The VxWorks PRO/1000 driver uses this behaviour.
243 */
244 s->mac_reg[ICS] = val;
245
246 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
247 }
248
249 static void
250 set_ics(E1000State *s, int index, uint32_t val)
251 {
252 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
253 s->mac_reg[IMS]);
254 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
255 }
256
257 static int
258 rxbufsize(uint32_t v)
259 {
260 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
261 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
262 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
263 switch (v) {
264 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
265 return 16384;
266 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
267 return 8192;
268 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
269 return 4096;
270 case E1000_RCTL_SZ_1024:
271 return 1024;
272 case E1000_RCTL_SZ_512:
273 return 512;
274 case E1000_RCTL_SZ_256:
275 return 256;
276 }
277 return 2048;
278 }
279
280 static void e1000_reset(void *opaque)
281 {
282 E1000State *d = opaque;
283 uint8_t *macaddr = d->conf.macaddr.a;
284 int i;
285
286 qemu_del_timer(d->autoneg_timer);
287 memset(d->phy_reg, 0, sizeof d->phy_reg);
288 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
289 memset(d->mac_reg, 0, sizeof d->mac_reg);
290 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
291 d->rxbuf_min_shift = 1;
292 memset(&d->tx, 0, sizeof d->tx);
293
294 if (d->nic->nc.link_down) {
295 e1000_link_down(d);
296 }
297
298 /* Some guests expect pre-initialized RAH/RAL (AddrValid flag + MACaddr) */
299 d->mac_reg[RA] = 0;
300 d->mac_reg[RA + 1] = E1000_RAH_AV;
301 for (i = 0; i < 4; i++) {
302 d->mac_reg[RA] |= macaddr[i] << (8 * i);
303 d->mac_reg[RA + 1] |= (i < 2) ? macaddr[i + 4] << (8 * i) : 0;
304 }
305 }
306
307 static void
308 set_ctrl(E1000State *s, int index, uint32_t val)
309 {
310 /* RST is self clearing */
311 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
312 }
313
314 static void
315 set_rx_control(E1000State *s, int index, uint32_t val)
316 {
317 s->mac_reg[RCTL] = val;
318 s->rxbuf_size = rxbufsize(val);
319 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
320 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
321 s->mac_reg[RCTL]);
322 qemu_flush_queued_packets(&s->nic->nc);
323 }
324
325 static void
326 set_mdic(E1000State *s, int index, uint32_t val)
327 {
328 uint32_t data = val & E1000_MDIC_DATA_MASK;
329 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
330
331 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
332 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
333 else if (val & E1000_MDIC_OP_READ) {
334 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
335 if (!(phy_regcap[addr] & PHY_R)) {
336 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
337 val |= E1000_MDIC_ERROR;
338 } else
339 val = (val ^ data) | s->phy_reg[addr];
340 } else if (val & E1000_MDIC_OP_WRITE) {
341 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
342 if (!(phy_regcap[addr] & PHY_W)) {
343 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
344 val |= E1000_MDIC_ERROR;
345 } else {
346 if (addr < NPHYWRITEOPS && phyreg_writeops[addr]) {
347 phyreg_writeops[addr](s, index, data);
348 }
349 s->phy_reg[addr] = data;
350 }
351 }
352 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
353
354 if (val & E1000_MDIC_INT_EN) {
355 set_ics(s, 0, E1000_ICR_MDAC);
356 }
357 }
358
359 static uint32_t
360 get_eecd(E1000State *s, int index)
361 {
362 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
363
364 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
365 s->eecd_state.bitnum_out, s->eecd_state.reading);
366 if (!s->eecd_state.reading ||
367 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
368 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
369 ret |= E1000_EECD_DO;
370 return ret;
371 }
372
373 static void
374 set_eecd(E1000State *s, int index, uint32_t val)
375 {
376 uint32_t oldval = s->eecd_state.old_eecd;
377
378 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
379 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
380 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
381 return;
382 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
383 s->eecd_state.val_in = 0;
384 s->eecd_state.bitnum_in = 0;
385 s->eecd_state.bitnum_out = 0;
386 s->eecd_state.reading = 0;
387 }
388 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
389 return;
390 if (!(E1000_EECD_SK & val)) { // falling edge
391 s->eecd_state.bitnum_out++;
392 return;
393 }
394 s->eecd_state.val_in <<= 1;
395 if (val & E1000_EECD_DI)
396 s->eecd_state.val_in |= 1;
397 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
398 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
399 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
400 EEPROM_READ_OPCODE_MICROWIRE);
401 }
402 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
403 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
404 s->eecd_state.reading);
405 }
406
407 static uint32_t
408 flash_eerd_read(E1000State *s, int x)
409 {
410 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
411
412 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
413 return (s->mac_reg[EERD]);
414
415 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
416 return (E1000_EEPROM_RW_REG_DONE | r);
417
418 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
419 E1000_EEPROM_RW_REG_DONE | r);
420 }
421
422 static void
423 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
424 {
425 uint32_t sum;
426
427 if (cse && cse < n)
428 n = cse + 1;
429 if (sloc < n-1) {
430 sum = net_checksum_add(n-css, data+css);
431 cpu_to_be16wu((uint16_t *)(data + sloc),
432 net_checksum_finish(sum));
433 }
434 }
435
436 static inline int
437 vlan_enabled(E1000State *s)
438 {
439 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
440 }
441
442 static inline int
443 vlan_rx_filter_enabled(E1000State *s)
444 {
445 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
446 }
447
448 static inline int
449 is_vlan_packet(E1000State *s, const uint8_t *buf)
450 {
451 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
452 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
453 }
454
455 static inline int
456 is_vlan_txd(uint32_t txd_lower)
457 {
458 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
459 }
460
461 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
462 * fill it in, just pad descriptor length by 4 bytes unless guest
463 * told us to strip it off the packet. */
464 static inline int
465 fcs_len(E1000State *s)
466 {
467 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
468 }
469
470 static void
471 e1000_send_packet(E1000State *s, const uint8_t *buf, int size)
472 {
473 if (s->phy_reg[PHY_CTRL] & MII_CR_LOOPBACK) {
474 s->nic->nc.info->receive(&s->nic->nc, buf, size);
475 } else {
476 qemu_send_packet(&s->nic->nc, buf, size);
477 }
478 }
479
480 static void
481 xmit_seg(E1000State *s)
482 {
483 uint16_t len, *sp;
484 unsigned int frames = s->tx.tso_frames, css, sofar, n;
485 struct e1000_tx *tp = &s->tx;
486
487 if (tp->tse && tp->cptse) {
488 css = tp->ipcss;
489 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
490 frames, tp->size, css);
491 if (tp->ip) { // IPv4
492 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
493 tp->size - css);
494 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
495 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
496 } else // IPv6
497 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
498 tp->size - css);
499 css = tp->tucss;
500 len = tp->size - css;
501 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
502 if (tp->tcp) {
503 sofar = frames * tp->mss;
504 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
505 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
506 if (tp->paylen - sofar > tp->mss)
507 tp->data[css + 13] &= ~9; // PSH, FIN
508 } else // UDP
509 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
510 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
511 unsigned int phsum;
512 // add pseudo-header length before checksum calculation
513 sp = (uint16_t *)(tp->data + tp->tucso);
514 phsum = be16_to_cpup(sp) + len;
515 phsum = (phsum >> 16) + (phsum & 0xffff);
516 cpu_to_be16wu(sp, phsum);
517 }
518 tp->tso_frames++;
519 }
520
521 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
522 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
523 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
524 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
525 if (tp->vlan_needed) {
526 memmove(tp->vlan, tp->data, 4);
527 memmove(tp->data, tp->data + 4, 8);
528 memcpy(tp->data + 8, tp->vlan_header, 4);
529 e1000_send_packet(s, tp->vlan, tp->size + 4);
530 } else
531 e1000_send_packet(s, tp->data, tp->size);
532 s->mac_reg[TPT]++;
533 s->mac_reg[GPTC]++;
534 n = s->mac_reg[TOTL];
535 if ((s->mac_reg[TOTL] += s->tx.size) < n)
536 s->mac_reg[TOTH]++;
537 }
538
539 static void
540 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
541 {
542 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
543 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
544 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
545 unsigned int msh = 0xfffff, hdr = 0;
546 uint64_t addr;
547 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
548 struct e1000_tx *tp = &s->tx;
549
550 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
551 op = le32_to_cpu(xp->cmd_and_length);
552 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
553 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
554 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
555 tp->tucss = xp->upper_setup.tcp_fields.tucss;
556 tp->tucso = xp->upper_setup.tcp_fields.tucso;
557 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
558 tp->paylen = op & 0xfffff;
559 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
560 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
561 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
562 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
563 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
564 tp->tso_frames = 0;
565 if (tp->tucso == 0) { // this is probably wrong
566 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
567 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
568 }
569 return;
570 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
571 // data descriptor
572 if (tp->size == 0) {
573 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
574 }
575 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
576 } else {
577 // legacy descriptor
578 tp->cptse = 0;
579 }
580
581 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
582 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
583 tp->vlan_needed = 1;
584 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
585 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
586 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
587 le16_to_cpu(dp->upper.fields.special));
588 }
589
590 addr = le64_to_cpu(dp->buffer_addr);
591 if (tp->tse && tp->cptse) {
592 hdr = tp->hdr_len;
593 msh = hdr + tp->mss;
594 do {
595 bytes = split_size;
596 if (tp->size + bytes > msh)
597 bytes = msh - tp->size;
598
599 bytes = MIN(sizeof(tp->data) - tp->size, bytes);
600 pci_dma_read(&s->dev, addr, tp->data + tp->size, bytes);
601 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
602 memmove(tp->header, tp->data, hdr);
603 tp->size = sz;
604 addr += bytes;
605 if (sz == msh) {
606 xmit_seg(s);
607 memmove(tp->data, tp->header, hdr);
608 tp->size = hdr;
609 }
610 } while (split_size -= bytes);
611 } else if (!tp->tse && tp->cptse) {
612 // context descriptor TSE is not set, while data descriptor TSE is set
613 DBGOUT(TXERR, "TCP segmentation error\n");
614 } else {
615 split_size = MIN(sizeof(tp->data) - tp->size, split_size);
616 pci_dma_read(&s->dev, addr, tp->data + tp->size, split_size);
617 tp->size += split_size;
618 }
619
620 if (!(txd_lower & E1000_TXD_CMD_EOP))
621 return;
622 if (!(tp->tse && tp->cptse && tp->size < hdr))
623 xmit_seg(s);
624 tp->tso_frames = 0;
625 tp->sum_needed = 0;
626 tp->vlan_needed = 0;
627 tp->size = 0;
628 tp->cptse = 0;
629 }
630
631 static uint32_t
632 txdesc_writeback(E1000State *s, dma_addr_t base, struct e1000_tx_desc *dp)
633 {
634 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
635
636 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
637 return 0;
638 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
639 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
640 dp->upper.data = cpu_to_le32(txd_upper);
641 pci_dma_write(&s->dev, base + ((char *)&dp->upper - (char *)dp),
642 &dp->upper, sizeof(dp->upper));
643 return E1000_ICR_TXDW;
644 }
645
646 static uint64_t tx_desc_base(E1000State *s)
647 {
648 uint64_t bah = s->mac_reg[TDBAH];
649 uint64_t bal = s->mac_reg[TDBAL] & ~0xf;
650
651 return (bah << 32) + bal;
652 }
653
654 static void
655 start_xmit(E1000State *s)
656 {
657 dma_addr_t base;
658 struct e1000_tx_desc desc;
659 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
660
661 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
662 DBGOUT(TX, "tx disabled\n");
663 return;
664 }
665
666 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
667 base = tx_desc_base(s) +
668 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
669 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
670
671 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
672 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
673 desc.upper.data);
674
675 process_tx_desc(s, &desc);
676 cause |= txdesc_writeback(s, base, &desc);
677
678 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
679 s->mac_reg[TDH] = 0;
680 /*
681 * the following could happen only if guest sw assigns
682 * bogus values to TDT/TDLEN.
683 * there's nothing too intelligent we could do about this.
684 */
685 if (s->mac_reg[TDH] == tdh_start) {
686 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
687 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
688 break;
689 }
690 }
691 set_ics(s, 0, cause);
692 }
693
694 static int
695 receive_filter(E1000State *s, const uint8_t *buf, int size)
696 {
697 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
698 static const int mta_shift[] = {4, 3, 2, 0};
699 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
700
701 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
702 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
703 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
704 ((vid >> 5) & 0x7f));
705 if ((vfta & (1 << (vid & 0x1f))) == 0)
706 return 0;
707 }
708
709 if (rctl & E1000_RCTL_UPE) // promiscuous
710 return 1;
711
712 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
713 return 1;
714
715 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
716 return 1;
717
718 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
719 if (!(rp[1] & E1000_RAH_AV))
720 continue;
721 ra[0] = cpu_to_le32(rp[0]);
722 ra[1] = cpu_to_le32(rp[1]);
723 if (!memcmp(buf, (uint8_t *)ra, 6)) {
724 DBGOUT(RXFILTER,
725 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
726 (int)(rp - s->mac_reg - RA)/2,
727 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
728 return 1;
729 }
730 }
731 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
732 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
733
734 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
735 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
736 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
737 return 1;
738 DBGOUT(RXFILTER,
739 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
740 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
741 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
742 s->mac_reg[MTA + (f >> 5)]);
743
744 return 0;
745 }
746
747 static void
748 e1000_set_link_status(NetClientState *nc)
749 {
750 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
751 uint32_t old_status = s->mac_reg[STATUS];
752
753 if (nc->link_down) {
754 e1000_link_down(s);
755 } else {
756 e1000_link_up(s);
757 }
758
759 if (s->mac_reg[STATUS] != old_status)
760 set_ics(s, 0, E1000_ICR_LSC);
761 }
762
763 static bool e1000_has_rxbufs(E1000State *s, size_t total_size)
764 {
765 int bufs;
766 /* Fast-path short packets */
767 if (total_size <= s->rxbuf_size) {
768 return s->mac_reg[RDH] != s->mac_reg[RDT];
769 }
770 if (s->mac_reg[RDH] < s->mac_reg[RDT]) {
771 bufs = s->mac_reg[RDT] - s->mac_reg[RDH];
772 } else if (s->mac_reg[RDH] > s->mac_reg[RDT]) {
773 bufs = s->mac_reg[RDLEN] / sizeof(struct e1000_rx_desc) +
774 s->mac_reg[RDT] - s->mac_reg[RDH];
775 } else {
776 return false;
777 }
778 return total_size <= bufs * s->rxbuf_size;
779 }
780
781 static int
782 e1000_can_receive(NetClientState *nc)
783 {
784 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
785
786 return (s->mac_reg[RCTL] & E1000_RCTL_EN) && e1000_has_rxbufs(s, 1);
787 }
788
789 static uint64_t rx_desc_base(E1000State *s)
790 {
791 uint64_t bah = s->mac_reg[RDBAH];
792 uint64_t bal = s->mac_reg[RDBAL] & ~0xf;
793
794 return (bah << 32) + bal;
795 }
796
797 static ssize_t
798 e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size)
799 {
800 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
801 struct e1000_rx_desc desc;
802 dma_addr_t base;
803 unsigned int n, rdt;
804 uint32_t rdh_start;
805 uint16_t vlan_special = 0;
806 uint8_t vlan_status = 0, vlan_offset = 0;
807 uint8_t min_buf[MIN_BUF_SIZE];
808 size_t desc_offset;
809 size_t desc_size;
810 size_t total_size;
811
812 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
813 return -1;
814
815 /* Pad to minimum Ethernet frame length */
816 if (size < sizeof(min_buf)) {
817 memcpy(min_buf, buf, size);
818 memset(&min_buf[size], 0, sizeof(min_buf) - size);
819 buf = min_buf;
820 size = sizeof(min_buf);
821 }
822
823 /* Discard oversized packets if !LPE and !SBP. */
824 if ((size > MAXIMUM_ETHERNET_LPE_SIZE ||
825 (size > MAXIMUM_ETHERNET_VLAN_SIZE
826 && !(s->mac_reg[RCTL] & E1000_RCTL_LPE)))
827 && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) {
828 return size;
829 }
830
831 if (!receive_filter(s, buf, size))
832 return size;
833
834 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
835 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
836 memmove((uint8_t *)buf + 4, buf, 12);
837 vlan_status = E1000_RXD_STAT_VP;
838 vlan_offset = 4;
839 size -= 4;
840 }
841
842 rdh_start = s->mac_reg[RDH];
843 desc_offset = 0;
844 total_size = size + fcs_len(s);
845 if (!e1000_has_rxbufs(s, total_size)) {
846 set_ics(s, 0, E1000_ICS_RXO);
847 return -1;
848 }
849 do {
850 desc_size = total_size - desc_offset;
851 if (desc_size > s->rxbuf_size) {
852 desc_size = s->rxbuf_size;
853 }
854 base = rx_desc_base(s) + sizeof(desc) * s->mac_reg[RDH];
855 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
856 desc.special = vlan_special;
857 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
858 if (desc.buffer_addr) {
859 if (desc_offset < size) {
860 size_t copy_size = size - desc_offset;
861 if (copy_size > s->rxbuf_size) {
862 copy_size = s->rxbuf_size;
863 }
864 pci_dma_write(&s->dev, le64_to_cpu(desc.buffer_addr),
865 buf + desc_offset + vlan_offset, copy_size);
866 }
867 desc_offset += desc_size;
868 desc.length = cpu_to_le16(desc_size);
869 if (desc_offset >= total_size) {
870 desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM;
871 } else {
872 /* Guest zeroing out status is not a hardware requirement.
873 Clear EOP in case guest didn't do it. */
874 desc.status &= ~E1000_RXD_STAT_EOP;
875 }
876 } else { // as per intel docs; skip descriptors with null buf addr
877 DBGOUT(RX, "Null RX descriptor!!\n");
878 }
879 pci_dma_write(&s->dev, base, &desc, sizeof(desc));
880
881 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
882 s->mac_reg[RDH] = 0;
883 /* see comment in start_xmit; same here */
884 if (s->mac_reg[RDH] == rdh_start) {
885 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
886 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
887 set_ics(s, 0, E1000_ICS_RXO);
888 return -1;
889 }
890 } while (desc_offset < total_size);
891
892 s->mac_reg[GPRC]++;
893 s->mac_reg[TPR]++;
894 /* TOR - Total Octets Received:
895 * This register includes bytes received in a packet from the <Destination
896 * Address> field through the <CRC> field, inclusively.
897 */
898 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
899 if (n < s->mac_reg[TORL])
900 s->mac_reg[TORH]++;
901 s->mac_reg[TORL] = n;
902
903 n = E1000_ICS_RXT0;
904 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
905 rdt += s->mac_reg[RDLEN] / sizeof(desc);
906 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
907 s->rxbuf_min_shift)
908 n |= E1000_ICS_RXDMT0;
909
910 set_ics(s, 0, n);
911
912 return size;
913 }
914
915 static uint32_t
916 mac_readreg(E1000State *s, int index)
917 {
918 return s->mac_reg[index];
919 }
920
921 static uint32_t
922 mac_icr_read(E1000State *s, int index)
923 {
924 uint32_t ret = s->mac_reg[ICR];
925
926 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
927 set_interrupt_cause(s, 0, 0);
928 return ret;
929 }
930
931 static uint32_t
932 mac_read_clr4(E1000State *s, int index)
933 {
934 uint32_t ret = s->mac_reg[index];
935
936 s->mac_reg[index] = 0;
937 return ret;
938 }
939
940 static uint32_t
941 mac_read_clr8(E1000State *s, int index)
942 {
943 uint32_t ret = s->mac_reg[index];
944
945 s->mac_reg[index] = 0;
946 s->mac_reg[index-1] = 0;
947 return ret;
948 }
949
950 static void
951 mac_writereg(E1000State *s, int index, uint32_t val)
952 {
953 s->mac_reg[index] = val;
954 }
955
956 static void
957 set_rdt(E1000State *s, int index, uint32_t val)
958 {
959 s->mac_reg[index] = val & 0xffff;
960 if (e1000_has_rxbufs(s, 1)) {
961 qemu_flush_queued_packets(&s->nic->nc);
962 }
963 }
964
965 static void
966 set_16bit(E1000State *s, int index, uint32_t val)
967 {
968 s->mac_reg[index] = val & 0xffff;
969 }
970
971 static void
972 set_dlen(E1000State *s, int index, uint32_t val)
973 {
974 s->mac_reg[index] = val & 0xfff80;
975 }
976
977 static void
978 set_tctl(E1000State *s, int index, uint32_t val)
979 {
980 s->mac_reg[index] = val;
981 s->mac_reg[TDT] &= 0xffff;
982 start_xmit(s);
983 }
984
985 static void
986 set_icr(E1000State *s, int index, uint32_t val)
987 {
988 DBGOUT(INTERRUPT, "set_icr %x\n", val);
989 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
990 }
991
992 static void
993 set_imc(E1000State *s, int index, uint32_t val)
994 {
995 s->mac_reg[IMS] &= ~val;
996 set_ics(s, 0, 0);
997 }
998
999 static void
1000 set_ims(E1000State *s, int index, uint32_t val)
1001 {
1002 s->mac_reg[IMS] |= val;
1003 set_ics(s, 0, 0);
1004 }
1005
1006 #define getreg(x) [x] = mac_readreg
1007 static uint32_t (*macreg_readops[])(E1000State *, int) = {
1008 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
1009 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
1010 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
1011 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
1012 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
1013 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
1014 getreg(TDLEN), getreg(RDLEN),
1015
1016 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
1017 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
1018 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
1019 [CRCERRS ... MPC] = &mac_readreg,
1020 [RA ... RA+31] = &mac_readreg,
1021 [MTA ... MTA+127] = &mac_readreg,
1022 [VFTA ... VFTA+127] = &mac_readreg,
1023 };
1024 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
1025
1026 #define putreg(x) [x] = mac_writereg
1027 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
1028 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
1029 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
1030 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
1031 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
1032 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
1033 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
1034 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
1035 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
1036 [RA ... RA+31] = &mac_writereg,
1037 [MTA ... MTA+127] = &mac_writereg,
1038 [VFTA ... VFTA+127] = &mac_writereg,
1039 };
1040
1041 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
1042
1043 static void
1044 e1000_mmio_write(void *opaque, hwaddr addr, uint64_t val,
1045 unsigned size)
1046 {
1047 E1000State *s = opaque;
1048 unsigned int index = (addr & 0x1ffff) >> 2;
1049
1050 if (index < NWRITEOPS && macreg_writeops[index]) {
1051 macreg_writeops[index](s, index, val);
1052 } else if (index < NREADOPS && macreg_readops[index]) {
1053 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04"PRIx64"\n", index<<2, val);
1054 } else {
1055 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08"PRIx64"\n",
1056 index<<2, val);
1057 }
1058 }
1059
1060 static uint64_t
1061 e1000_mmio_read(void *opaque, hwaddr addr, unsigned size)
1062 {
1063 E1000State *s = opaque;
1064 unsigned int index = (addr & 0x1ffff) >> 2;
1065
1066 if (index < NREADOPS && macreg_readops[index])
1067 {
1068 return macreg_readops[index](s, index);
1069 }
1070 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
1071 return 0;
1072 }
1073
1074 static const MemoryRegionOps e1000_mmio_ops = {
1075 .read = e1000_mmio_read,
1076 .write = e1000_mmio_write,
1077 .endianness = DEVICE_LITTLE_ENDIAN,
1078 .impl = {
1079 .min_access_size = 4,
1080 .max_access_size = 4,
1081 },
1082 };
1083
1084 static uint64_t e1000_io_read(void *opaque, hwaddr addr,
1085 unsigned size)
1086 {
1087 E1000State *s = opaque;
1088
1089 (void)s;
1090 return 0;
1091 }
1092
1093 static void e1000_io_write(void *opaque, hwaddr addr,
1094 uint64_t val, unsigned size)
1095 {
1096 E1000State *s = opaque;
1097
1098 (void)s;
1099 }
1100
1101 static const MemoryRegionOps e1000_io_ops = {
1102 .read = e1000_io_read,
1103 .write = e1000_io_write,
1104 .endianness = DEVICE_LITTLE_ENDIAN,
1105 };
1106
1107 static bool is_version_1(void *opaque, int version_id)
1108 {
1109 return version_id == 1;
1110 }
1111
1112 static int e1000_post_load(void *opaque, int version_id)
1113 {
1114 E1000State *s = opaque;
1115
1116 /* nc.link_down can't be migrated, so infer link_down according
1117 * to link status bit in mac_reg[STATUS] */
1118 s->nic->nc.link_down = (s->mac_reg[STATUS] & E1000_STATUS_LU) == 0;
1119
1120 return 0;
1121 }
1122
1123 static const VMStateDescription vmstate_e1000 = {
1124 .name = "e1000",
1125 .version_id = 2,
1126 .minimum_version_id = 1,
1127 .minimum_version_id_old = 1,
1128 .post_load = e1000_post_load,
1129 .fields = (VMStateField []) {
1130 VMSTATE_PCI_DEVICE(dev, E1000State),
1131 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
1132 VMSTATE_UNUSED(4), /* Was mmio_base. */
1133 VMSTATE_UINT32(rxbuf_size, E1000State),
1134 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
1135 VMSTATE_UINT32(eecd_state.val_in, E1000State),
1136 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
1137 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
1138 VMSTATE_UINT16(eecd_state.reading, E1000State),
1139 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
1140 VMSTATE_UINT8(tx.ipcss, E1000State),
1141 VMSTATE_UINT8(tx.ipcso, E1000State),
1142 VMSTATE_UINT16(tx.ipcse, E1000State),
1143 VMSTATE_UINT8(tx.tucss, E1000State),
1144 VMSTATE_UINT8(tx.tucso, E1000State),
1145 VMSTATE_UINT16(tx.tucse, E1000State),
1146 VMSTATE_UINT32(tx.paylen, E1000State),
1147 VMSTATE_UINT8(tx.hdr_len, E1000State),
1148 VMSTATE_UINT16(tx.mss, E1000State),
1149 VMSTATE_UINT16(tx.size, E1000State),
1150 VMSTATE_UINT16(tx.tso_frames, E1000State),
1151 VMSTATE_UINT8(tx.sum_needed, E1000State),
1152 VMSTATE_INT8(tx.ip, E1000State),
1153 VMSTATE_INT8(tx.tcp, E1000State),
1154 VMSTATE_BUFFER(tx.header, E1000State),
1155 VMSTATE_BUFFER(tx.data, E1000State),
1156 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
1157 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
1158 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
1159 VMSTATE_UINT32(mac_reg[EECD], E1000State),
1160 VMSTATE_UINT32(mac_reg[EERD], E1000State),
1161 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
1162 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
1163 VMSTATE_UINT32(mac_reg[ICR], E1000State),
1164 VMSTATE_UINT32(mac_reg[ICS], E1000State),
1165 VMSTATE_UINT32(mac_reg[IMC], E1000State),
1166 VMSTATE_UINT32(mac_reg[IMS], E1000State),
1167 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
1168 VMSTATE_UINT32(mac_reg[MANC], E1000State),
1169 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
1170 VMSTATE_UINT32(mac_reg[MPC], E1000State),
1171 VMSTATE_UINT32(mac_reg[PBA], E1000State),
1172 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
1173 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
1174 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
1175 VMSTATE_UINT32(mac_reg[RDH], E1000State),
1176 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
1177 VMSTATE_UINT32(mac_reg[RDT], E1000State),
1178 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
1179 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
1180 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
1181 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
1182 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
1183 VMSTATE_UINT32(mac_reg[TDH], E1000State),
1184 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
1185 VMSTATE_UINT32(mac_reg[TDT], E1000State),
1186 VMSTATE_UINT32(mac_reg[TORH], E1000State),
1187 VMSTATE_UINT32(mac_reg[TORL], E1000State),
1188 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
1189 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
1190 VMSTATE_UINT32(mac_reg[TPR], E1000State),
1191 VMSTATE_UINT32(mac_reg[TPT], E1000State),
1192 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
1193 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
1194 VMSTATE_UINT32(mac_reg[VET], E1000State),
1195 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
1196 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
1197 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
1198 VMSTATE_END_OF_LIST()
1199 }
1200 };
1201
1202 static const uint16_t e1000_eeprom_template[64] = {
1203 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
1204 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
1205 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1206 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1207 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1208 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1209 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1210 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1211 };
1212
1213 /* PCI interface */
1214
1215 static void
1216 e1000_mmio_setup(E1000State *d)
1217 {
1218 int i;
1219 const uint32_t excluded_regs[] = {
1220 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1221 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1222 };
1223
1224 memory_region_init_io(&d->mmio, &e1000_mmio_ops, d, "e1000-mmio",
1225 PNPMMIO_SIZE);
1226 memory_region_add_coalescing(&d->mmio, 0, excluded_regs[0]);
1227 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1228 memory_region_add_coalescing(&d->mmio, excluded_regs[i] + 4,
1229 excluded_regs[i+1] - excluded_regs[i] - 4);
1230 memory_region_init_io(&d->io, &e1000_io_ops, d, "e1000-io", IOPORT_SIZE);
1231 }
1232
1233 static void
1234 e1000_cleanup(NetClientState *nc)
1235 {
1236 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1237
1238 s->nic = NULL;
1239 }
1240
1241 static void
1242 pci_e1000_uninit(PCIDevice *dev)
1243 {
1244 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1245
1246 qemu_del_timer(d->autoneg_timer);
1247 qemu_free_timer(d->autoneg_timer);
1248 memory_region_destroy(&d->mmio);
1249 memory_region_destroy(&d->io);
1250 qemu_del_net_client(&d->nic->nc);
1251 }
1252
1253 static NetClientInfo net_e1000_info = {
1254 .type = NET_CLIENT_OPTIONS_KIND_NIC,
1255 .size = sizeof(NICState),
1256 .can_receive = e1000_can_receive,
1257 .receive = e1000_receive,
1258 .cleanup = e1000_cleanup,
1259 .link_status_changed = e1000_set_link_status,
1260 };
1261
1262 static int pci_e1000_init(PCIDevice *pci_dev)
1263 {
1264 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1265 uint8_t *pci_conf;
1266 uint16_t checksum = 0;
1267 int i;
1268 uint8_t *macaddr;
1269
1270 pci_conf = d->dev.config;
1271
1272 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1273 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1274
1275 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */
1276
1277 e1000_mmio_setup(d);
1278
1279 pci_register_bar(&d->dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->mmio);
1280
1281 pci_register_bar(&d->dev, 1, PCI_BASE_ADDRESS_SPACE_IO, &d->io);
1282
1283 memmove(d->eeprom_data, e1000_eeprom_template,
1284 sizeof e1000_eeprom_template);
1285 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1286 macaddr = d->conf.macaddr.a;
1287 for (i = 0; i < 3; i++)
1288 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1289 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1290 checksum += d->eeprom_data[i];
1291 checksum = (uint16_t) EEPROM_SUM - checksum;
1292 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1293
1294 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1295 object_get_typename(OBJECT(d)), d->dev.qdev.id, d);
1296
1297 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1298
1299 add_boot_device_path(d->conf.bootindex, &pci_dev->qdev, "/ethernet-phy@0");
1300
1301 d->autoneg_timer = qemu_new_timer_ms(vm_clock, e1000_autoneg_timer, d);
1302
1303 return 0;
1304 }
1305
1306 static void qdev_e1000_reset(DeviceState *dev)
1307 {
1308 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1309 e1000_reset(d);
1310 }
1311
1312 static Property e1000_properties[] = {
1313 DEFINE_NIC_PROPERTIES(E1000State, conf),
1314 DEFINE_PROP_END_OF_LIST(),
1315 };
1316
1317 static void e1000_class_init(ObjectClass *klass, void *data)
1318 {
1319 DeviceClass *dc = DEVICE_CLASS(klass);
1320 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1321
1322 k->init = pci_e1000_init;
1323 k->exit = pci_e1000_uninit;
1324 k->romfile = "pxe-e1000.rom";
1325 k->vendor_id = PCI_VENDOR_ID_INTEL;
1326 k->device_id = E1000_DEVID;
1327 k->revision = 0x03;
1328 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
1329 dc->desc = "Intel Gigabit Ethernet";
1330 dc->reset = qdev_e1000_reset;
1331 dc->vmsd = &vmstate_e1000;
1332 dc->props = e1000_properties;
1333 }
1334
1335 static const TypeInfo e1000_info = {
1336 .name = "e1000",
1337 .parent = TYPE_PCI_DEVICE,
1338 .instance_size = sizeof(E1000State),
1339 .class_init = e1000_class_init,
1340 };
1341
1342 static void e1000_register_types(void)
1343 {
1344 type_register_static(&e1000_info);
1345 }
1346
1347 type_init(e1000_register_types)
QEmu