search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
net: introduce qemu_get_queue()
[qemu/ar7.git] / hw / e1000.c
blob14b09d19490c89188aaded28c97fabf1912513a9
1 /*
2 * QEMU e1000 emulation
3 *
4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
6 *
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
12 *
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
17 *
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
22 *
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 */
26
27
28 #include "hw.h"
29 #include "pci/pci.h"
30 #include "net/net.h"
31 #include "net/checksum.h"
32 #include "loader.h"
33 #include "sysemu/sysemu.h"
34 #include "sysemu/dma.h"
35
36 #include "e1000_hw.h"
37
38 #define E1000_DEBUG
39
40 #ifdef E1000_DEBUG
41 enum {
42 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
43 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
44 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
45 DEBUG_RXFILTER, DEBUG_PHY, DEBUG_NOTYET,
46 };
47 #define DBGBIT(x) (1<<DEBUG_##x)
48 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
49
50 #define DBGOUT(what, fmt, ...) do { \
51 if (debugflags & DBGBIT(what)) \
52 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 } while (0)
54 #else
55 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #endif
57
58 #define IOPORT_SIZE 0x40
59 #define PNPMMIO_SIZE 0x20000
60 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
61
62 /* this is the size past which hardware will drop packets when setting LPE=0 */
63 #define MAXIMUM_ETHERNET_VLAN_SIZE 1522
64 /* this is the size past which hardware will drop packets when setting LPE=1 */
65 #define MAXIMUM_ETHERNET_LPE_SIZE 16384
66
67 /*
68 * HW models:
69 * E1000_DEV_ID_82540EM works with Windows and Linux
70 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
71 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
72 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
73 * Others never tested
74 */
75 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
76
77 /*
78 * May need to specify additional MAC-to-PHY entries --
79 * Intel's Windows driver refuses to initialize unless they match
80 */
81 enum {
82 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
83 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
84 /* default to E1000_DEV_ID_82540EM */ 0xc20
85 };
86
87 typedef struct E1000State_st {
88 PCIDevice dev;
89 NICState *nic;
90 NICConf conf;
91 MemoryRegion mmio;
92 MemoryRegion io;
93
94 uint32_t mac_reg[0x8000];
95 uint16_t phy_reg[0x20];
96 uint16_t eeprom_data[64];
97
98 uint32_t rxbuf_size;
99 uint32_t rxbuf_min_shift;
100 struct e1000_tx {
101 unsigned char header[256];
102 unsigned char vlan_header[4];
103 /* Fields vlan and data must not be reordered or separated. */
104 unsigned char vlan[4];
105 unsigned char data[0x10000];
106 uint16_t size;
107 unsigned char sum_needed;
108 unsigned char vlan_needed;
109 uint8_t ipcss;
110 uint8_t ipcso;
111 uint16_t ipcse;
112 uint8_t tucss;
113 uint8_t tucso;
114 uint16_t tucse;
115 uint8_t hdr_len;
116 uint16_t mss;
117 uint32_t paylen;
118 uint16_t tso_frames;
119 char tse;
120 int8_t ip;
121 int8_t tcp;
122 char cptse; // current packet tse bit
123 } tx;
124
125 struct {
126 uint32_t val_in; // shifted in from guest driver
127 uint16_t bitnum_in;
128 uint16_t bitnum_out;
129 uint16_t reading;
130 uint32_t old_eecd;
131 } eecd_state;
132
133 QEMUTimer *autoneg_timer;
134 } E1000State;
135
136 #define defreg(x) x = (E1000_##x>>2)
137 enum {
138 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
139 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
140 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
141 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
142 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
143 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
144 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
145 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
146 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
147 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
148 defreg(VET),
149 };
150
151 static void
152 e1000_link_down(E1000State *s)
153 {
154 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
155 s->phy_reg[PHY_STATUS] &= ~MII_SR_LINK_STATUS;
156 }
157
158 static void
159 e1000_link_up(E1000State *s)
160 {
161 s->mac_reg[STATUS] |= E1000_STATUS_LU;
162 s->phy_reg[PHY_STATUS] |= MII_SR_LINK_STATUS;
163 }
164
165 static void
166 set_phy_ctrl(E1000State *s, int index, uint16_t val)
167 {
168 if ((val & MII_CR_AUTO_NEG_EN) && (val & MII_CR_RESTART_AUTO_NEG)) {
169 qemu_get_queue(s->nic)->link_down = true;
170 e1000_link_down(s);
171 s->phy_reg[PHY_STATUS] &= ~MII_SR_AUTONEG_COMPLETE;
172 DBGOUT(PHY, "Start link auto negotiation\n");
173 qemu_mod_timer(s->autoneg_timer, qemu_get_clock_ms(vm_clock) + 500);
174 }
175 }
176
177 static void
178 e1000_autoneg_timer(void *opaque)
179 {
180 E1000State *s = opaque;
181 qemu_get_queue(s->nic)->link_down = false;
182 e1000_link_up(s);
183 s->phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE;
184 DBGOUT(PHY, "Auto negotiation is completed\n");
185 }
186
187 static void (*phyreg_writeops[])(E1000State *, int, uint16_t) = {
188 [PHY_CTRL] = set_phy_ctrl,
189 };
190
191 enum { NPHYWRITEOPS = ARRAY_SIZE(phyreg_writeops) };
192
193 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
194 static const char phy_regcap[0x20] = {
195 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
196 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
197 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
198 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
199 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
200 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
201 };
202
203 static const uint16_t phy_reg_init[] = {
204 [PHY_CTRL] = 0x1140,
205 [PHY_STATUS] = 0x794d, /* link initially up with not completed autoneg */
206 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
207 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
208 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
209 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
210 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
211 };
212
213 static const uint32_t mac_reg_init[] = {
214 [PBA] = 0x00100030,
215 [LEDCTL] = 0x602,
216 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
217 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
218 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
219 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
220 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
221 E1000_STATUS_LU,
222 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
223 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
224 E1000_MANC_RMCP_EN,
225 };
226
227 static void
228 set_interrupt_cause(E1000State *s, int index, uint32_t val)
229 {
230 if (val && (E1000_DEVID >= E1000_DEV_ID_82547EI_MOBILE)) {
231 /* Only for 8257x */
232 val |= E1000_ICR_INT_ASSERTED;
233 }
234 s->mac_reg[ICR] = val;
235
236 /*
237 * Make sure ICR and ICS registers have the same value.
238 * The spec says that the ICS register is write-only. However in practice,
239 * on real hardware ICS is readable, and for reads it has the same value as
240 * ICR (except that ICS does not have the clear on read behaviour of ICR).
241 *
242 * The VxWorks PRO/1000 driver uses this behaviour.
243 */
244 s->mac_reg[ICS] = val;
245
246 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
247 }
248
249 static void
250 set_ics(E1000State *s, int index, uint32_t val)
251 {
252 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
253 s->mac_reg[IMS]);
254 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
255 }
256
257 static int
258 rxbufsize(uint32_t v)
259 {
260 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
261 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
262 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
263 switch (v) {
264 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
265 return 16384;
266 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
267 return 8192;
268 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
269 return 4096;
270 case E1000_RCTL_SZ_1024:
271 return 1024;
272 case E1000_RCTL_SZ_512:
273 return 512;
274 case E1000_RCTL_SZ_256:
275 return 256;
276 }
277 return 2048;
278 }
279
280 static void e1000_reset(void *opaque)
281 {
282 E1000State *d = opaque;
283 uint8_t *macaddr = d->conf.macaddr.a;
284 int i;
285
286 qemu_del_timer(d->autoneg_timer);
287 memset(d->phy_reg, 0, sizeof d->phy_reg);
288 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
289 memset(d->mac_reg, 0, sizeof d->mac_reg);
290 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
291 d->rxbuf_min_shift = 1;
292 memset(&d->tx, 0, sizeof d->tx);
293
294 if (qemu_get_queue(d->nic)->link_down) {
295 e1000_link_down(d);
296 }
297
298 /* Some guests expect pre-initialized RAH/RAL (AddrValid flag + MACaddr) */
299 d->mac_reg[RA] = 0;
300 d->mac_reg[RA + 1] = E1000_RAH_AV;
301 for (i = 0; i < 4; i++) {
302 d->mac_reg[RA] |= macaddr[i] << (8 * i);
303 d->mac_reg[RA + 1] |= (i < 2) ? macaddr[i + 4] << (8 * i) : 0;
304 }
305 }
306
307 static void
308 set_ctrl(E1000State *s, int index, uint32_t val)
309 {
310 /* RST is self clearing */
311 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
312 }
313
314 static void
315 set_rx_control(E1000State *s, int index, uint32_t val)
316 {
317 s->mac_reg[RCTL] = val;
318 s->rxbuf_size = rxbufsize(val);
319 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
320 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
321 s->mac_reg[RCTL]);
322 qemu_flush_queued_packets(qemu_get_queue(s->nic));
323 }
324
325 static void
326 set_mdic(E1000State *s, int index, uint32_t val)
327 {
328 uint32_t data = val & E1000_MDIC_DATA_MASK;
329 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
330
331 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
332 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
333 else if (val & E1000_MDIC_OP_READ) {
334 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
335 if (!(phy_regcap[addr] & PHY_R)) {
336 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
337 val |= E1000_MDIC_ERROR;
338 } else
339 val = (val ^ data) | s->phy_reg[addr];
340 } else if (val & E1000_MDIC_OP_WRITE) {
341 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
342 if (!(phy_regcap[addr] & PHY_W)) {
343 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
344 val |= E1000_MDIC_ERROR;
345 } else {
346 if (addr < NPHYWRITEOPS && phyreg_writeops[addr]) {
347 phyreg_writeops[addr](s, index, data);
348 }
349 s->phy_reg[addr] = data;
350 }
351 }
352 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
353
354 if (val & E1000_MDIC_INT_EN) {
355 set_ics(s, 0, E1000_ICR_MDAC);
356 }
357 }
358
359 static uint32_t
360 get_eecd(E1000State *s, int index)
361 {
362 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
363
364 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
365 s->eecd_state.bitnum_out, s->eecd_state.reading);
366 if (!s->eecd_state.reading ||
367 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
368 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
369 ret |= E1000_EECD_DO;
370 return ret;
371 }
372
373 static void
374 set_eecd(E1000State *s, int index, uint32_t val)
375 {
376 uint32_t oldval = s->eecd_state.old_eecd;
377
378 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
379 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
380 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
381 return;
382 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
383 s->eecd_state.val_in = 0;
384 s->eecd_state.bitnum_in = 0;
385 s->eecd_state.bitnum_out = 0;
386 s->eecd_state.reading = 0;
387 }
388 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
389 return;
390 if (!(E1000_EECD_SK & val)) { // falling edge
391 s->eecd_state.bitnum_out++;
392 return;
393 }
394 s->eecd_state.val_in <<= 1;
395 if (val & E1000_EECD_DI)
396 s->eecd_state.val_in |= 1;
397 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
398 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
399 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
400 EEPROM_READ_OPCODE_MICROWIRE);
401 }
402 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
403 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
404 s->eecd_state.reading);
405 }
406
407 static uint32_t
408 flash_eerd_read(E1000State *s, int x)
409 {
410 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
411
412 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
413 return (s->mac_reg[EERD]);
414
415 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
416 return (E1000_EEPROM_RW_REG_DONE | r);
417
418 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
419 E1000_EEPROM_RW_REG_DONE | r);
420 }
421
422 static void
423 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
424 {
425 uint32_t sum;
426
427 if (cse && cse < n)
428 n = cse + 1;
429 if (sloc < n-1) {
430 sum = net_checksum_add(n-css, data+css);
431 cpu_to_be16wu((uint16_t *)(data + sloc),
432 net_checksum_finish(sum));
433 }
434 }
435
436 static inline int
437 vlan_enabled(E1000State *s)
438 {
439 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
440 }
441
442 static inline int
443 vlan_rx_filter_enabled(E1000State *s)
444 {
445 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
446 }
447
448 static inline int
449 is_vlan_packet(E1000State *s, const uint8_t *buf)
450 {
451 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
452 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
453 }
454
455 static inline int
456 is_vlan_txd(uint32_t txd_lower)
457 {
458 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
459 }
460
461 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
462 * fill it in, just pad descriptor length by 4 bytes unless guest
463 * told us to strip it off the packet. */
464 static inline int
465 fcs_len(E1000State *s)
466 {
467 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
468 }
469
470 static void
471 e1000_send_packet(E1000State *s, const uint8_t *buf, int size)
472 {
473 NetClientState *nc = qemu_get_queue(s->nic);
474 if (s->phy_reg[PHY_CTRL] & MII_CR_LOOPBACK) {
475 nc->info->receive(nc, buf, size);
476 } else {
477 qemu_send_packet(nc, buf, size);
478 }
479 }
480
481 static void
482 xmit_seg(E1000State *s)
483 {
484 uint16_t len, *sp;
485 unsigned int frames = s->tx.tso_frames, css, sofar, n;
486 struct e1000_tx *tp = &s->tx;
487
488 if (tp->tse && tp->cptse) {
489 css = tp->ipcss;
490 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
491 frames, tp->size, css);
492 if (tp->ip) { // IPv4
493 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
494 tp->size - css);
495 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
496 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
497 } else // IPv6
498 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
499 tp->size - css);
500 css = tp->tucss;
501 len = tp->size - css;
502 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
503 if (tp->tcp) {
504 sofar = frames * tp->mss;
505 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
506 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
507 if (tp->paylen - sofar > tp->mss)
508 tp->data[css + 13] &= ~9; // PSH, FIN
509 } else // UDP
510 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
511 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
512 unsigned int phsum;
513 // add pseudo-header length before checksum calculation
514 sp = (uint16_t *)(tp->data + tp->tucso);
515 phsum = be16_to_cpup(sp) + len;
516 phsum = (phsum >> 16) + (phsum & 0xffff);
517 cpu_to_be16wu(sp, phsum);
518 }
519 tp->tso_frames++;
520 }
521
522 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
523 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
524 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
525 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
526 if (tp->vlan_needed) {
527 memmove(tp->vlan, tp->data, 4);
528 memmove(tp->data, tp->data + 4, 8);
529 memcpy(tp->data + 8, tp->vlan_header, 4);
530 e1000_send_packet(s, tp->vlan, tp->size + 4);
531 } else
532 e1000_send_packet(s, tp->data, tp->size);
533 s->mac_reg[TPT]++;
534 s->mac_reg[GPTC]++;
535 n = s->mac_reg[TOTL];
536 if ((s->mac_reg[TOTL] += s->tx.size) < n)
537 s->mac_reg[TOTH]++;
538 }
539
540 static void
541 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
542 {
543 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
544 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
545 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
546 unsigned int msh = 0xfffff, hdr = 0;
547 uint64_t addr;
548 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
549 struct e1000_tx *tp = &s->tx;
550
551 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
552 op = le32_to_cpu(xp->cmd_and_length);
553 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
554 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
555 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
556 tp->tucss = xp->upper_setup.tcp_fields.tucss;
557 tp->tucso = xp->upper_setup.tcp_fields.tucso;
558 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
559 tp->paylen = op & 0xfffff;
560 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
561 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
562 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
563 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
564 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
565 tp->tso_frames = 0;
566 if (tp->tucso == 0) { // this is probably wrong
567 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
568 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
569 }
570 return;
571 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
572 // data descriptor
573 if (tp->size == 0) {
574 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
575 }
576 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
577 } else {
578 // legacy descriptor
579 tp->cptse = 0;
580 }
581
582 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
583 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
584 tp->vlan_needed = 1;
585 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
586 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
587 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
588 le16_to_cpu(dp->upper.fields.special));
589 }
590
591 addr = le64_to_cpu(dp->buffer_addr);
592 if (tp->tse && tp->cptse) {
593 hdr = tp->hdr_len;
594 msh = hdr + tp->mss;
595 do {
596 bytes = split_size;
597 if (tp->size + bytes > msh)
598 bytes = msh - tp->size;
599
600 bytes = MIN(sizeof(tp->data) - tp->size, bytes);
601 pci_dma_read(&s->dev, addr, tp->data + tp->size, bytes);
602 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
603 memmove(tp->header, tp->data, hdr);
604 tp->size = sz;
605 addr += bytes;
606 if (sz == msh) {
607 xmit_seg(s);
608 memmove(tp->data, tp->header, hdr);
609 tp->size = hdr;
610 }
611 } while (split_size -= bytes);
612 } else if (!tp->tse && tp->cptse) {
613 // context descriptor TSE is not set, while data descriptor TSE is set
614 DBGOUT(TXERR, "TCP segmentation error\n");
615 } else {
616 split_size = MIN(sizeof(tp->data) - tp->size, split_size);
617 pci_dma_read(&s->dev, addr, tp->data + tp->size, split_size);
618 tp->size += split_size;
619 }
620
621 if (!(txd_lower & E1000_TXD_CMD_EOP))
622 return;
623 if (!(tp->tse && tp->cptse && tp->size < hdr))
624 xmit_seg(s);
625 tp->tso_frames = 0;
626 tp->sum_needed = 0;
627 tp->vlan_needed = 0;
628 tp->size = 0;
629 tp->cptse = 0;
630 }
631
632 static uint32_t
633 txdesc_writeback(E1000State *s, dma_addr_t base, struct e1000_tx_desc *dp)
634 {
635 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
636
637 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
638 return 0;
639 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
640 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
641 dp->upper.data = cpu_to_le32(txd_upper);
642 pci_dma_write(&s->dev, base + ((char *)&dp->upper - (char *)dp),
643 &dp->upper, sizeof(dp->upper));
644 return E1000_ICR_TXDW;
645 }
646
647 static uint64_t tx_desc_base(E1000State *s)
648 {
649 uint64_t bah = s->mac_reg[TDBAH];
650 uint64_t bal = s->mac_reg[TDBAL] & ~0xf;
651
652 return (bah << 32) + bal;
653 }
654
655 static void
656 start_xmit(E1000State *s)
657 {
658 dma_addr_t base;
659 struct e1000_tx_desc desc;
660 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
661
662 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
663 DBGOUT(TX, "tx disabled\n");
664 return;
665 }
666
667 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
668 base = tx_desc_base(s) +
669 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
670 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
671
672 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
673 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
674 desc.upper.data);
675
676 process_tx_desc(s, &desc);
677 cause |= txdesc_writeback(s, base, &desc);
678
679 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
680 s->mac_reg[TDH] = 0;
681 /*
682 * the following could happen only if guest sw assigns
683 * bogus values to TDT/TDLEN.
684 * there's nothing too intelligent we could do about this.
685 */
686 if (s->mac_reg[TDH] == tdh_start) {
687 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
688 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
689 break;
690 }
691 }
692 set_ics(s, 0, cause);
693 }
694
695 static int
696 receive_filter(E1000State *s, const uint8_t *buf, int size)
697 {
698 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
699 static const int mta_shift[] = {4, 3, 2, 0};
700 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
701
702 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
703 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
704 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
705 ((vid >> 5) & 0x7f));
706 if ((vfta & (1 << (vid & 0x1f))) == 0)
707 return 0;
708 }
709
710 if (rctl & E1000_RCTL_UPE) // promiscuous
711 return 1;
712
713 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
714 return 1;
715
716 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
717 return 1;
718
719 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
720 if (!(rp[1] & E1000_RAH_AV))
721 continue;
722 ra[0] = cpu_to_le32(rp[0]);
723 ra[1] = cpu_to_le32(rp[1]);
724 if (!memcmp(buf, (uint8_t *)ra, 6)) {
725 DBGOUT(RXFILTER,
726 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
727 (int)(rp - s->mac_reg - RA)/2,
728 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
729 return 1;
730 }
731 }
732 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
733 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
734
735 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
736 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
737 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
738 return 1;
739 DBGOUT(RXFILTER,
740 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
741 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
742 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
743 s->mac_reg[MTA + (f >> 5)]);
744
745 return 0;
746 }
747
748 static void
749 e1000_set_link_status(NetClientState *nc)
750 {
751 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
752 uint32_t old_status = s->mac_reg[STATUS];
753
754 if (nc->link_down) {
755 e1000_link_down(s);
756 } else {
757 e1000_link_up(s);
758 }
759
760 if (s->mac_reg[STATUS] != old_status)
761 set_ics(s, 0, E1000_ICR_LSC);
762 }
763
764 static bool e1000_has_rxbufs(E1000State *s, size_t total_size)
765 {
766 int bufs;
767 /* Fast-path short packets */
768 if (total_size <= s->rxbuf_size) {
769 return s->mac_reg[RDH] != s->mac_reg[RDT];
770 }
771 if (s->mac_reg[RDH] < s->mac_reg[RDT]) {
772 bufs = s->mac_reg[RDT] - s->mac_reg[RDH];
773 } else if (s->mac_reg[RDH] > s->mac_reg[RDT]) {
774 bufs = s->mac_reg[RDLEN] / sizeof(struct e1000_rx_desc) +
775 s->mac_reg[RDT] - s->mac_reg[RDH];
776 } else {
777 return false;
778 }
779 return total_size <= bufs * s->rxbuf_size;
780 }
781
782 static int
783 e1000_can_receive(NetClientState *nc)
784 {
785 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
786
787 return (s->mac_reg[RCTL] & E1000_RCTL_EN) && e1000_has_rxbufs(s, 1);
788 }
789
790 static uint64_t rx_desc_base(E1000State *s)
791 {
792 uint64_t bah = s->mac_reg[RDBAH];
793 uint64_t bal = s->mac_reg[RDBAL] & ~0xf;
794
795 return (bah << 32) + bal;
796 }
797
798 static ssize_t
799 e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size)
800 {
801 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
802 struct e1000_rx_desc desc;
803 dma_addr_t base;
804 unsigned int n, rdt;
805 uint32_t rdh_start;
806 uint16_t vlan_special = 0;
807 uint8_t vlan_status = 0, vlan_offset = 0;
808 uint8_t min_buf[MIN_BUF_SIZE];
809 size_t desc_offset;
810 size_t desc_size;
811 size_t total_size;
812
813 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
814 return -1;
815
816 /* Pad to minimum Ethernet frame length */
817 if (size < sizeof(min_buf)) {
818 memcpy(min_buf, buf, size);
819 memset(&min_buf[size], 0, sizeof(min_buf) - size);
820 buf = min_buf;
821 size = sizeof(min_buf);
822 }
823
824 /* Discard oversized packets if !LPE and !SBP. */
825 if ((size > MAXIMUM_ETHERNET_LPE_SIZE ||
826 (size > MAXIMUM_ETHERNET_VLAN_SIZE
827 && !(s->mac_reg[RCTL] & E1000_RCTL_LPE)))
828 && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) {
829 return size;
830 }
831
832 if (!receive_filter(s, buf, size))
833 return size;
834
835 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
836 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
837 memmove((uint8_t *)buf + 4, buf, 12);
838 vlan_status = E1000_RXD_STAT_VP;
839 vlan_offset = 4;
840 size -= 4;
841 }
842
843 rdh_start = s->mac_reg[RDH];
844 desc_offset = 0;
845 total_size = size + fcs_len(s);
846 if (!e1000_has_rxbufs(s, total_size)) {
847 set_ics(s, 0, E1000_ICS_RXO);
848 return -1;
849 }
850 do {
851 desc_size = total_size - desc_offset;
852 if (desc_size > s->rxbuf_size) {
853 desc_size = s->rxbuf_size;
854 }
855 base = rx_desc_base(s) + sizeof(desc) * s->mac_reg[RDH];
856 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
857 desc.special = vlan_special;
858 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
859 if (desc.buffer_addr) {
860 if (desc_offset < size) {
861 size_t copy_size = size - desc_offset;
862 if (copy_size > s->rxbuf_size) {
863 copy_size = s->rxbuf_size;
864 }
865 pci_dma_write(&s->dev, le64_to_cpu(desc.buffer_addr),
866 buf + desc_offset + vlan_offset, copy_size);
867 }
868 desc_offset += desc_size;
869 desc.length = cpu_to_le16(desc_size);
870 if (desc_offset >= total_size) {
871 desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM;
872 } else {
873 /* Guest zeroing out status is not a hardware requirement.
874 Clear EOP in case guest didn't do it. */
875 desc.status &= ~E1000_RXD_STAT_EOP;
876 }
877 } else { // as per intel docs; skip descriptors with null buf addr
878 DBGOUT(RX, "Null RX descriptor!!\n");
879 }
880 pci_dma_write(&s->dev, base, &desc, sizeof(desc));
881
882 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
883 s->mac_reg[RDH] = 0;
884 /* see comment in start_xmit; same here */
885 if (s->mac_reg[RDH] == rdh_start) {
886 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
887 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
888 set_ics(s, 0, E1000_ICS_RXO);
889 return -1;
890 }
891 } while (desc_offset < total_size);
892
893 s->mac_reg[GPRC]++;
894 s->mac_reg[TPR]++;
895 /* TOR - Total Octets Received:
896 * This register includes bytes received in a packet from the <Destination
897 * Address> field through the <CRC> field, inclusively.
898 */
899 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
900 if (n < s->mac_reg[TORL])
901 s->mac_reg[TORH]++;
902 s->mac_reg[TORL] = n;
903
904 n = E1000_ICS_RXT0;
905 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
906 rdt += s->mac_reg[RDLEN] / sizeof(desc);
907 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
908 s->rxbuf_min_shift)
909 n |= E1000_ICS_RXDMT0;
910
911 set_ics(s, 0, n);
912
913 return size;
914 }
915
916 static uint32_t
917 mac_readreg(E1000State *s, int index)
918 {
919 return s->mac_reg[index];
920 }
921
922 static uint32_t
923 mac_icr_read(E1000State *s, int index)
924 {
925 uint32_t ret = s->mac_reg[ICR];
926
927 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
928 set_interrupt_cause(s, 0, 0);
929 return ret;
930 }
931
932 static uint32_t
933 mac_read_clr4(E1000State *s, int index)
934 {
935 uint32_t ret = s->mac_reg[index];
936
937 s->mac_reg[index] = 0;
938 return ret;
939 }
940
941 static uint32_t
942 mac_read_clr8(E1000State *s, int index)
943 {
944 uint32_t ret = s->mac_reg[index];
945
946 s->mac_reg[index] = 0;
947 s->mac_reg[index-1] = 0;
948 return ret;
949 }
950
951 static void
952 mac_writereg(E1000State *s, int index, uint32_t val)
953 {
954 s->mac_reg[index] = val;
955 }
956
957 static void
958 set_rdt(E1000State *s, int index, uint32_t val)
959 {
960 s->mac_reg[index] = val & 0xffff;
961 if (e1000_has_rxbufs(s, 1)) {
962 qemu_flush_queued_packets(qemu_get_queue(s->nic));
963 }
964 }
965
966 static void
967 set_16bit(E1000State *s, int index, uint32_t val)
968 {
969 s->mac_reg[index] = val & 0xffff;
970 }
971
972 static void
973 set_dlen(E1000State *s, int index, uint32_t val)
974 {
975 s->mac_reg[index] = val & 0xfff80;
976 }
977
978 static void
979 set_tctl(E1000State *s, int index, uint32_t val)
980 {
981 s->mac_reg[index] = val;
982 s->mac_reg[TDT] &= 0xffff;
983 start_xmit(s);
984 }
985
986 static void
987 set_icr(E1000State *s, int index, uint32_t val)
988 {
989 DBGOUT(INTERRUPT, "set_icr %x\n", val);
990 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
991 }
992
993 static void
994 set_imc(E1000State *s, int index, uint32_t val)
995 {
996 s->mac_reg[IMS] &= ~val;
997 set_ics(s, 0, 0);
998 }
999
1000 static void
1001 set_ims(E1000State *s, int index, uint32_t val)
1002 {
1003 s->mac_reg[IMS] |= val;
1004 set_ics(s, 0, 0);
1005 }
1006
1007 #define getreg(x) [x] = mac_readreg
1008 static uint32_t (*macreg_readops[])(E1000State *, int) = {
1009 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
1010 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
1011 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
1012 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
1013 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
1014 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
1015 getreg(TDLEN), getreg(RDLEN),
1016
1017 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
1018 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
1019 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
1020 [CRCERRS ... MPC] = &mac_readreg,
1021 [RA ... RA+31] = &mac_readreg,
1022 [MTA ... MTA+127] = &mac_readreg,
1023 [VFTA ... VFTA+127] = &mac_readreg,
1024 };
1025 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
1026
1027 #define putreg(x) [x] = mac_writereg
1028 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
1029 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
1030 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
1031 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
1032 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
1033 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
1034 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
1035 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
1036 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
1037 [RA ... RA+31] = &mac_writereg,
1038 [MTA ... MTA+127] = &mac_writereg,
1039 [VFTA ... VFTA+127] = &mac_writereg,
1040 };
1041
1042 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
1043
1044 static void
1045 e1000_mmio_write(void *opaque, hwaddr addr, uint64_t val,
1046 unsigned size)
1047 {
1048 E1000State *s = opaque;
1049 unsigned int index = (addr & 0x1ffff) >> 2;
1050
1051 if (index < NWRITEOPS && macreg_writeops[index]) {
1052 macreg_writeops[index](s, index, val);
1053 } else if (index < NREADOPS && macreg_readops[index]) {
1054 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04"PRIx64"\n", index<<2, val);
1055 } else {
1056 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08"PRIx64"\n",
1057 index<<2, val);
1058 }
1059 }
1060
1061 static uint64_t
1062 e1000_mmio_read(void *opaque, hwaddr addr, unsigned size)
1063 {
1064 E1000State *s = opaque;
1065 unsigned int index = (addr & 0x1ffff) >> 2;
1066
1067 if (index < NREADOPS && macreg_readops[index])
1068 {
1069 return macreg_readops[index](s, index);
1070 }
1071 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
1072 return 0;
1073 }
1074
1075 static const MemoryRegionOps e1000_mmio_ops = {
1076 .read = e1000_mmio_read,
1077 .write = e1000_mmio_write,
1078 .endianness = DEVICE_LITTLE_ENDIAN,
1079 .impl = {
1080 .min_access_size = 4,
1081 .max_access_size = 4,
1082 },
1083 };
1084
1085 static uint64_t e1000_io_read(void *opaque, hwaddr addr,
1086 unsigned size)
1087 {
1088 E1000State *s = opaque;
1089
1090 (void)s;
1091 return 0;
1092 }
1093
1094 static void e1000_io_write(void *opaque, hwaddr addr,
1095 uint64_t val, unsigned size)
1096 {
1097 E1000State *s = opaque;
1098
1099 (void)s;
1100 }
1101
1102 static const MemoryRegionOps e1000_io_ops = {
1103 .read = e1000_io_read,
1104 .write = e1000_io_write,
1105 .endianness = DEVICE_LITTLE_ENDIAN,
1106 };
1107
1108 static bool is_version_1(void *opaque, int version_id)
1109 {
1110 return version_id == 1;
1111 }
1112
1113 static int e1000_post_load(void *opaque, int version_id)
1114 {
1115 E1000State *s = opaque;
1116 NetClientState *nc = qemu_get_queue(s->nic);
1117
1118 /* nc.link_down can't be migrated, so infer link_down according
1119 * to link status bit in mac_reg[STATUS] */
1120 nc->link_down = (s->mac_reg[STATUS] & E1000_STATUS_LU) == 0;
1121
1122 return 0;
1123 }
1124
1125 static const VMStateDescription vmstate_e1000 = {
1126 .name = "e1000",
1127 .version_id = 2,
1128 .minimum_version_id = 1,
1129 .minimum_version_id_old = 1,
1130 .post_load = e1000_post_load,
1131 .fields = (VMStateField []) {
1132 VMSTATE_PCI_DEVICE(dev, E1000State),
1133 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
1134 VMSTATE_UNUSED(4), /* Was mmio_base. */
1135 VMSTATE_UINT32(rxbuf_size, E1000State),
1136 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
1137 VMSTATE_UINT32(eecd_state.val_in, E1000State),
1138 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
1139 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
1140 VMSTATE_UINT16(eecd_state.reading, E1000State),
1141 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
1142 VMSTATE_UINT8(tx.ipcss, E1000State),
1143 VMSTATE_UINT8(tx.ipcso, E1000State),
1144 VMSTATE_UINT16(tx.ipcse, E1000State),
1145 VMSTATE_UINT8(tx.tucss, E1000State),
1146 VMSTATE_UINT8(tx.tucso, E1000State),
1147 VMSTATE_UINT16(tx.tucse, E1000State),
1148 VMSTATE_UINT32(tx.paylen, E1000State),
1149 VMSTATE_UINT8(tx.hdr_len, E1000State),
1150 VMSTATE_UINT16(tx.mss, E1000State),
1151 VMSTATE_UINT16(tx.size, E1000State),
1152 VMSTATE_UINT16(tx.tso_frames, E1000State),
1153 VMSTATE_UINT8(tx.sum_needed, E1000State),
1154 VMSTATE_INT8(tx.ip, E1000State),
1155 VMSTATE_INT8(tx.tcp, E1000State),
1156 VMSTATE_BUFFER(tx.header, E1000State),
1157 VMSTATE_BUFFER(tx.data, E1000State),
1158 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
1159 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
1160 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
1161 VMSTATE_UINT32(mac_reg[EECD], E1000State),
1162 VMSTATE_UINT32(mac_reg[EERD], E1000State),
1163 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
1164 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
1165 VMSTATE_UINT32(mac_reg[ICR], E1000State),
1166 VMSTATE_UINT32(mac_reg[ICS], E1000State),
1167 VMSTATE_UINT32(mac_reg[IMC], E1000State),
1168 VMSTATE_UINT32(mac_reg[IMS], E1000State),
1169 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
1170 VMSTATE_UINT32(mac_reg[MANC], E1000State),
1171 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
1172 VMSTATE_UINT32(mac_reg[MPC], E1000State),
1173 VMSTATE_UINT32(mac_reg[PBA], E1000State),
1174 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
1175 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
1176 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
1177 VMSTATE_UINT32(mac_reg[RDH], E1000State),
1178 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
1179 VMSTATE_UINT32(mac_reg[RDT], E1000State),
1180 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
1181 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
1182 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
1183 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
1184 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
1185 VMSTATE_UINT32(mac_reg[TDH], E1000State),
1186 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
1187 VMSTATE_UINT32(mac_reg[TDT], E1000State),
1188 VMSTATE_UINT32(mac_reg[TORH], E1000State),
1189 VMSTATE_UINT32(mac_reg[TORL], E1000State),
1190 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
1191 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
1192 VMSTATE_UINT32(mac_reg[TPR], E1000State),
1193 VMSTATE_UINT32(mac_reg[TPT], E1000State),
1194 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
1195 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
1196 VMSTATE_UINT32(mac_reg[VET], E1000State),
1197 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
1198 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
1199 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
1200 VMSTATE_END_OF_LIST()
1201 }
1202 };
1203
1204 static const uint16_t e1000_eeprom_template[64] = {
1205 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
1206 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
1207 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1208 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1209 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1210 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1211 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1212 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1213 };
1214
1215 /* PCI interface */
1216
1217 static void
1218 e1000_mmio_setup(E1000State *d)
1219 {
1220 int i;
1221 const uint32_t excluded_regs[] = {
1222 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1223 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1224 };
1225
1226 memory_region_init_io(&d->mmio, &e1000_mmio_ops, d, "e1000-mmio",
1227 PNPMMIO_SIZE);
1228 memory_region_add_coalescing(&d->mmio, 0, excluded_regs[0]);
1229 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1230 memory_region_add_coalescing(&d->mmio, excluded_regs[i] + 4,
1231 excluded_regs[i+1] - excluded_regs[i] - 4);
1232 memory_region_init_io(&d->io, &e1000_io_ops, d, "e1000-io", IOPORT_SIZE);
1233 }
1234
1235 static void
1236 e1000_cleanup(NetClientState *nc)
1237 {
1238 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1239
1240 s->nic = NULL;
1241 }
1242
1243 static void
1244 pci_e1000_uninit(PCIDevice *dev)
1245 {
1246 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1247
1248 qemu_del_timer(d->autoneg_timer);
1249 qemu_free_timer(d->autoneg_timer);
1250 memory_region_destroy(&d->mmio);
1251 memory_region_destroy(&d->io);
1252 qemu_del_net_client(qemu_get_queue(d->nic));
1253 }
1254
1255 static NetClientInfo net_e1000_info = {
1256 .type = NET_CLIENT_OPTIONS_KIND_NIC,
1257 .size = sizeof(NICState),
1258 .can_receive = e1000_can_receive,
1259 .receive = e1000_receive,
1260 .cleanup = e1000_cleanup,
1261 .link_status_changed = e1000_set_link_status,
1262 };
1263
1264 static int pci_e1000_init(PCIDevice *pci_dev)
1265 {
1266 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1267 uint8_t *pci_conf;
1268 uint16_t checksum = 0;
1269 int i;
1270 uint8_t *macaddr;
1271
1272 pci_conf = d->dev.config;
1273
1274 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1275 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1276
1277 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */
1278
1279 e1000_mmio_setup(d);
1280
1281 pci_register_bar(&d->dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->mmio);
1282
1283 pci_register_bar(&d->dev, 1, PCI_BASE_ADDRESS_SPACE_IO, &d->io);
1284
1285 memmove(d->eeprom_data, e1000_eeprom_template,
1286 sizeof e1000_eeprom_template);
1287 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1288 macaddr = d->conf.macaddr.a;
1289 for (i = 0; i < 3; i++)
1290 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1291 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1292 checksum += d->eeprom_data[i];
1293 checksum = (uint16_t) EEPROM_SUM - checksum;
1294 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1295
1296 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1297 object_get_typename(OBJECT(d)), d->dev.qdev.id, d);
1298
1299 qemu_format_nic_info_str(qemu_get_queue(d->nic), macaddr);
1300
1301 add_boot_device_path(d->conf.bootindex, &pci_dev->qdev, "/ethernet-phy@0");
1302
1303 d->autoneg_timer = qemu_new_timer_ms(vm_clock, e1000_autoneg_timer, d);
1304
1305 return 0;
1306 }
1307
1308 static void qdev_e1000_reset(DeviceState *dev)
1309 {
1310 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1311 e1000_reset(d);
1312 }
1313
1314 static Property e1000_properties[] = {
1315 DEFINE_NIC_PROPERTIES(E1000State, conf),
1316 DEFINE_PROP_END_OF_LIST(),
1317 };
1318
1319 static void e1000_class_init(ObjectClass *klass, void *data)
1320 {
1321 DeviceClass *dc = DEVICE_CLASS(klass);
1322 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1323
1324 k->init = pci_e1000_init;
1325 k->exit = pci_e1000_uninit;
1326 k->romfile = "pxe-e1000.rom";
1327 k->vendor_id = PCI_VENDOR_ID_INTEL;
1328 k->device_id = E1000_DEVID;
1329 k->revision = 0x03;
1330 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
1331 dc->desc = "Intel Gigabit Ethernet";
1332 dc->reset = qdev_e1000_reset;
1333 dc->vmsd = &vmstate_e1000;
1334 dc->props = e1000_properties;
1335 }
1336
1337 static const TypeInfo e1000_info = {
1338 .name = "e1000",
1339 .parent = TYPE_PCI_DEVICE,
1340 .instance_size = sizeof(E1000State),
1341 .class_init = e1000_class_init,
1342 };
1343
1344 static void e1000_register_types(void)
1345 {
1346 type_register_static(&e1000_info);
1347 }
1348
1349 type_init(e1000_register_types)
AR7 emulation for QEMU