search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove the NIC from vlan on usb destroy.
[qemu/mini2440.git] / hw / e1000.c
blob47e20c14d1115a786f4122d2027f634b60688a47
1 /*
2 * QEMU e1000 emulation
3 *
4 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
5 * Copyright (c) 2008 Qumranet
6 * Based on work done by:
7 * Copyright (c) 2007 Dan Aloni
8 * Copyright (c) 2004 Antony T Curtis
9 *
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
14 *
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
19 *
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 */
24
25
26 #include "hw.h"
27 #include "pci.h"
28 #include "net.h"
29
30 #include "e1000_hw.h"
31
32 #define DEBUG
33
34 #ifdef DEBUG
35 enum {
36 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
37 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
38 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
39 DEBUG_RXFILTER, DEBUG_NOTYET,
40 };
41 #define DBGBIT(x) (1<<DEBUG_##x)
42 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
43
44 #define DBGOUT(what, fmt, params...) do { \
45 if (debugflags & DBGBIT(what)) \
46 fprintf(stderr, "e1000: " fmt, ##params); \
47 } while (0)
48 #else
49 #define DBGOUT(what, fmt, params...) do {} while (0)
50 #endif
51
52 #define IOPORT_SIZE 0x40
53 #define PNPMMIO_SIZE 0x20000
54
55 /*
56 * HW models:
57 * E1000_DEV_ID_82540EM works with Windows and Linux
58 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
59 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
60 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
61 * Others never tested
62 */
63 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
64
65 /*
66 * May need to specify additional MAC-to-PHY entries --
67 * Intel's Windows driver refuses to initialize unless they match
68 */
69 enum {
70 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
71 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
72 /* default to E1000_DEV_ID_82540EM */ 0xc20
73 };
74
75 typedef struct E1000State_st {
76 PCIDevice dev;
77 VLANClientState *vc;
78 NICInfo *nd;
79 uint32_t instance;
80 uint32_t mmio_base;
81 int mmio_index;
82
83 uint32_t mac_reg[0x8000];
84 uint16_t phy_reg[0x20];
85 uint16_t eeprom_data[64];
86
87 uint32_t rxbuf_size;
88 uint32_t rxbuf_min_shift;
89 int check_rxov;
90 struct e1000_tx {
91 unsigned char header[256];
92 unsigned char data[0x10000];
93 uint16_t size;
94 unsigned char sum_needed;
95 uint8_t ipcss;
96 uint8_t ipcso;
97 uint16_t ipcse;
98 uint8_t tucss;
99 uint8_t tucso;
100 uint16_t tucse;
101 uint8_t hdr_len;
102 uint16_t mss;
103 uint32_t paylen;
104 uint16_t tso_frames;
105 char tse;
106 char ip;
107 char tcp;
108 char cptse; // current packet tse bit
109 } tx;
110
111 struct {
112 uint32_t val_in; // shifted in from guest driver
113 uint16_t bitnum_in;
114 uint16_t bitnum_out;
115 uint16_t reading;
116 uint32_t old_eecd;
117 } eecd_state;
118 } E1000State;
119
120 #define defreg(x) x = (E1000_##x>>2)
121 enum {
122 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
123 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
124 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
125 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
126 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
127 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
128 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
129 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
130 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
131 defreg(RA), defreg(MTA), defreg(CRCERRS),
132 };
133
134 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
135 static char phy_regcap[0x20] = {
136 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
137 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
138 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
139 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
140 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
141 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
142 };
143
144 static void
145 ioport_map(PCIDevice *pci_dev, int region_num, uint32_t addr,
146 uint32_t size, int type)
147 {
148 DBGOUT(IO, "e1000_ioport_map addr=0x%04x size=0x%08x\n", addr, size);
149 }
150
151 static void
152 set_interrupt_cause(E1000State *s, int index, uint32_t val)
153 {
154 if (val)
155 val |= E1000_ICR_INT_ASSERTED;
156 s->mac_reg[ICR] = val;
157 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
158 }
159
160 static void
161 set_ics(E1000State *s, int index, uint32_t val)
162 {
163 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
164 s->mac_reg[IMS]);
165 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
166 }
167
168 static int
169 rxbufsize(uint32_t v)
170 {
171 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
172 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
173 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
174 switch (v) {
175 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
176 return 16384;
177 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
178 return 8192;
179 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
180 return 4096;
181 case E1000_RCTL_SZ_1024:
182 return 1024;
183 case E1000_RCTL_SZ_512:
184 return 512;
185 case E1000_RCTL_SZ_256:
186 return 256;
187 }
188 return 2048;
189 }
190
191 static void
192 set_rx_control(E1000State *s, int index, uint32_t val)
193 {
194 s->mac_reg[RCTL] = val;
195 s->rxbuf_size = rxbufsize(val);
196 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
197 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
198 s->mac_reg[RCTL]);
199 }
200
201 static void
202 set_mdic(E1000State *s, int index, uint32_t val)
203 {
204 uint32_t data = val & E1000_MDIC_DATA_MASK;
205 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
206
207 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
208 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
209 else if (val & E1000_MDIC_OP_READ) {
210 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
211 if (!(phy_regcap[addr] & PHY_R)) {
212 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
213 val |= E1000_MDIC_ERROR;
214 } else
215 val = (val ^ data) | s->phy_reg[addr];
216 } else if (val & E1000_MDIC_OP_WRITE) {
217 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
218 if (!(phy_regcap[addr] & PHY_W)) {
219 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
220 val |= E1000_MDIC_ERROR;
221 } else
222 s->phy_reg[addr] = data;
223 }
224 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
225 set_ics(s, 0, E1000_ICR_MDAC);
226 }
227
228 static uint32_t
229 get_eecd(E1000State *s, int index)
230 {
231 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
232
233 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
234 s->eecd_state.bitnum_out, s->eecd_state.reading);
235 if (!s->eecd_state.reading ||
236 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
237 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
238 ret |= E1000_EECD_DO;
239 return ret;
240 }
241
242 static void
243 set_eecd(E1000State *s, int index, uint32_t val)
244 {
245 uint32_t oldval = s->eecd_state.old_eecd;
246
247 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
248 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
249 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
250 return;
251 if (!(E1000_EECD_SK & val)) { // falling edge
252 s->eecd_state.bitnum_out++;
253 return;
254 }
255 if (!(val & E1000_EECD_CS)) { // rising, no CS (EEPROM reset)
256 memset(&s->eecd_state, 0, sizeof s->eecd_state);
257 return;
258 }
259 s->eecd_state.val_in <<= 1;
260 if (val & E1000_EECD_DI)
261 s->eecd_state.val_in |= 1;
262 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
263 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
264 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
265 EEPROM_READ_OPCODE_MICROWIRE);
266 }
267 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
268 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
269 s->eecd_state.reading);
270 }
271
272 static uint32_t
273 flash_eerd_read(E1000State *s, int x)
274 {
275 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
276
277 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
278 return 0;
279 return (s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
280 E1000_EEPROM_RW_REG_DONE | r;
281 }
282
283 static unsigned int
284 do_cksum(uint8_t *dp, uint8_t *de)
285 {
286 unsigned int bsum[2] = {0, 0}, i, sum;
287
288 for (i = 1; dp < de; bsum[i^=1] += *dp++)
289 ;
290 sum = (bsum[0] << 8) + bsum[1];
291 sum = (sum >> 16) + (sum & 0xffff);
292 return ~(sum + (sum >> 16));
293 }
294
295 static void
296 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
297 {
298 if (cse && cse < n)
299 n = cse + 1;
300 if (sloc < n-1)
301 cpu_to_be16wu((uint16_t *)(data + sloc),
302 do_cksum(data + css, data + n));
303 }
304
305 static void
306 xmit_seg(E1000State *s)
307 {
308 uint16_t len, *sp;
309 unsigned int frames = s->tx.tso_frames, css, sofar, n;
310 struct e1000_tx *tp = &s->tx;
311
312 if (tp->tse && tp->cptse) {
313 css = tp->ipcss;
314 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
315 frames, tp->size, css);
316 if (tp->ip) { // IPv4
317 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
318 tp->size - css);
319 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
320 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
321 } else // IPv6
322 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
323 tp->size - css);
324 css = tp->tucss;
325 len = tp->size - css;
326 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
327 if (tp->tcp) {
328 sofar = frames * tp->mss;
329 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
330 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
331 if (tp->paylen - sofar > tp->mss)
332 tp->data[css + 13] &= ~9; // PSH, FIN
333 } else // UDP
334 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
335 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
336 // add pseudo-header length before checksum calculation
337 sp = (uint16_t *)(tp->data + tp->tucso);
338 cpu_to_be16wu(sp, be16_to_cpup(sp) + len);
339 }
340 tp->tso_frames++;
341 }
342
343 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
344 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
345 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
346 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
347 qemu_send_packet(s->vc, tp->data, tp->size);
348 s->mac_reg[TPT]++;
349 s->mac_reg[GPTC]++;
350 n = s->mac_reg[TOTL];
351 if ((s->mac_reg[TOTL] += s->tx.size) < n)
352 s->mac_reg[TOTH]++;
353 }
354
355 static void
356 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
357 {
358 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
359 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
360 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
361 unsigned int msh = 0xfffff, hdr = 0;
362 uint64_t addr;
363 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
364 struct e1000_tx *tp = &s->tx;
365
366 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
367 op = le32_to_cpu(xp->cmd_and_length);
368 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
369 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
370 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
371 tp->tucss = xp->upper_setup.tcp_fields.tucss;
372 tp->tucso = xp->upper_setup.tcp_fields.tucso;
373 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
374 tp->paylen = op & 0xfffff;
375 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
376 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
377 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
378 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
379 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
380 tp->tso_frames = 0;
381 if (tp->tucso == 0) { // this is probably wrong
382 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
383 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
384 }
385 return;
386 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
387 // data descriptor
388 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
389 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
390 } else
391 // legacy descriptor
392 tp->cptse = 0;
393
394 addr = le64_to_cpu(dp->buffer_addr);
395 if (tp->tse && tp->cptse) {
396 hdr = tp->hdr_len;
397 msh = hdr + tp->mss;
398 do {
399 bytes = split_size;
400 if (tp->size + bytes > msh)
401 bytes = msh - tp->size;
402 cpu_physical_memory_read(addr, tp->data + tp->size, bytes);
403 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
404 memmove(tp->header, tp->data, hdr);
405 tp->size = sz;
406 addr += bytes;
407 if (sz == msh) {
408 xmit_seg(s);
409 memmove(tp->data, tp->header, hdr);
410 tp->size = hdr;
411 }
412 } while (split_size -= bytes);
413 } else if (!tp->tse && tp->cptse) {
414 // context descriptor TSE is not set, while data descriptor TSE is set
415 DBGOUT(TXERR, "TCP segmentaion Error\n");
416 } else {
417 cpu_physical_memory_read(addr, tp->data + tp->size, split_size);
418 tp->size += split_size;
419 }
420
421 if (!(txd_lower & E1000_TXD_CMD_EOP))
422 return;
423 if (!(tp->tse && tp->cptse && tp->size < hdr))
424 xmit_seg(s);
425 tp->tso_frames = 0;
426 tp->sum_needed = 0;
427 tp->size = 0;
428 tp->cptse = 0;
429 }
430
431 static uint32_t
432 txdesc_writeback(target_phys_addr_t base, struct e1000_tx_desc *dp)
433 {
434 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
435
436 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
437 return 0;
438 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
439 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
440 dp->upper.data = cpu_to_le32(txd_upper);
441 cpu_physical_memory_write(base + ((char *)&dp->upper - (char *)dp),
442 (void *)&dp->upper, sizeof(dp->upper));
443 return E1000_ICR_TXDW;
444 }
445
446 static void
447 start_xmit(E1000State *s)
448 {
449 target_phys_addr_t base;
450 struct e1000_tx_desc desc;
451 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
452
453 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
454 DBGOUT(TX, "tx disabled\n");
455 return;
456 }
457
458 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
459 base = ((uint64_t)s->mac_reg[TDBAH] << 32) + s->mac_reg[TDBAL] +
460 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
461 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
462
463 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
464 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
465 desc.upper.data);
466
467 process_tx_desc(s, &desc);
468 cause |= txdesc_writeback(base, &desc);
469
470 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
471 s->mac_reg[TDH] = 0;
472 /*
473 * the following could happen only if guest sw assigns
474 * bogus values to TDT/TDLEN.
475 * there's nothing too intelligent we could do about this.
476 */
477 if (s->mac_reg[TDH] == tdh_start) {
478 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
479 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
480 break;
481 }
482 }
483 set_ics(s, 0, cause);
484 }
485
486 static int
487 receive_filter(E1000State *s, const uint8_t *buf, int size)
488 {
489 static uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
490 static int mta_shift[] = {4, 3, 2, 0};
491 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
492
493 if (rctl & E1000_RCTL_UPE) // promiscuous
494 return 1;
495
496 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
497 return 1;
498
499 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
500 return 1;
501
502 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
503 if (!(rp[1] & E1000_RAH_AV))
504 continue;
505 ra[0] = cpu_to_le32(rp[0]);
506 ra[1] = cpu_to_le32(rp[1]);
507 if (!memcmp(buf, (uint8_t *)ra, 6)) {
508 DBGOUT(RXFILTER,
509 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
510 (int)(rp - s->mac_reg - RA)/2,
511 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
512 return 1;
513 }
514 }
515 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
516 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
517
518 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
519 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
520 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
521 return 1;
522 DBGOUT(RXFILTER,
523 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
524 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
525 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
526 s->mac_reg[MTA + (f >> 5)]);
527
528 return 0;
529 }
530
531 static int
532 e1000_can_receive(void *opaque)
533 {
534 E1000State *s = opaque;
535
536 return (!(s->mac_reg[RCTL] & E1000_RCTL_EN) ||
537 s->mac_reg[RDH] != s->mac_reg[RDT]);
538 }
539
540 static void
541 e1000_receive(void *opaque, const uint8_t *buf, int size)
542 {
543 E1000State *s = opaque;
544 struct e1000_rx_desc desc;
545 target_phys_addr_t base;
546 unsigned int n, rdt;
547 uint32_t rdh_start;
548
549 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
550 return;
551
552 if (size > s->rxbuf_size) {
553 DBGOUT(RX, "packet too large for buffers (%d > %d)\n", size,
554 s->rxbuf_size);
555 return;
556 }
557
558 if (!receive_filter(s, buf, size))
559 return;
560
561 rdh_start = s->mac_reg[RDH];
562 size += 4; // for the header
563 do {
564 if (s->mac_reg[RDH] == s->mac_reg[RDT] && s->check_rxov) {
565 set_ics(s, 0, E1000_ICS_RXO);
566 return;
567 }
568 base = ((uint64_t)s->mac_reg[RDBAH] << 32) + s->mac_reg[RDBAL] +
569 sizeof(desc) * s->mac_reg[RDH];
570 cpu_physical_memory_read(base, (void *)&desc, sizeof(desc));
571 desc.status |= E1000_RXD_STAT_DD;
572 if (desc.buffer_addr) {
573 cpu_physical_memory_write(le64_to_cpu(desc.buffer_addr),
574 (void *)buf, size);
575 desc.length = cpu_to_le16(size);
576 desc.status |= E1000_RXD_STAT_EOP|E1000_RXD_STAT_IXSM;
577 } else // as per intel docs; skip descriptors with null buf addr
578 DBGOUT(RX, "Null RX descriptor!!\n");
579 cpu_physical_memory_write(base, (void *)&desc, sizeof(desc));
580
581 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
582 s->mac_reg[RDH] = 0;
583 s->check_rxov = 1;
584 /* see comment in start_xmit; same here */
585 if (s->mac_reg[RDH] == rdh_start) {
586 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
587 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
588 set_ics(s, 0, E1000_ICS_RXO);
589 return;
590 }
591 } while (desc.buffer_addr == 0);
592
593 s->mac_reg[GPRC]++;
594 s->mac_reg[TPR]++;
595 n = s->mac_reg[TORL];
596 if ((s->mac_reg[TORL] += size) < n)
597 s->mac_reg[TORH]++;
598
599 n = E1000_ICS_RXT0;
600 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
601 rdt += s->mac_reg[RDLEN] / sizeof(desc);
602 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) << s->rxbuf_min_shift >=
603 s->mac_reg[RDLEN])
604 n |= E1000_ICS_RXDMT0;
605
606 set_ics(s, 0, n);
607 }
608
609 static uint32_t
610 mac_readreg(E1000State *s, int index)
611 {
612 return s->mac_reg[index];
613 }
614
615 static uint32_t
616 mac_icr_read(E1000State *s, int index)
617 {
618 uint32_t ret = s->mac_reg[ICR];
619
620 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
621 set_interrupt_cause(s, 0, 0);
622 return ret;
623 }
624
625 static uint32_t
626 mac_read_clr4(E1000State *s, int index)
627 {
628 uint32_t ret = s->mac_reg[index];
629
630 s->mac_reg[index] = 0;
631 return ret;
632 }
633
634 static uint32_t
635 mac_read_clr8(E1000State *s, int index)
636 {
637 uint32_t ret = s->mac_reg[index];
638
639 s->mac_reg[index] = 0;
640 s->mac_reg[index-1] = 0;
641 return ret;
642 }
643
644 static void
645 mac_writereg(E1000State *s, int index, uint32_t val)
646 {
647 s->mac_reg[index] = val;
648 }
649
650 static void
651 set_rdt(E1000State *s, int index, uint32_t val)
652 {
653 s->check_rxov = 0;
654 s->mac_reg[index] = val & 0xffff;
655 }
656
657 static void
658 set_16bit(E1000State *s, int index, uint32_t val)
659 {
660 s->mac_reg[index] = val & 0xffff;
661 }
662
663 static void
664 set_dlen(E1000State *s, int index, uint32_t val)
665 {
666 s->mac_reg[index] = val & 0xfff80;
667 }
668
669 static void
670 set_tctl(E1000State *s, int index, uint32_t val)
671 {
672 s->mac_reg[index] = val;
673 s->mac_reg[TDT] &= 0xffff;
674 start_xmit(s);
675 }
676
677 static void
678 set_icr(E1000State *s, int index, uint32_t val)
679 {
680 DBGOUT(INTERRUPT, "set_icr %x\n", val);
681 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
682 }
683
684 static void
685 set_imc(E1000State *s, int index, uint32_t val)
686 {
687 s->mac_reg[IMS] &= ~val;
688 set_ics(s, 0, 0);
689 }
690
691 static void
692 set_ims(E1000State *s, int index, uint32_t val)
693 {
694 s->mac_reg[IMS] |= val;
695 set_ics(s, 0, 0);
696 }
697
698 #define getreg(x) [x] = mac_readreg
699 static uint32_t (*macreg_readops[])(E1000State *, int) = {
700 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
701 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
702 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
703 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
704 getreg(RDH), getreg(RDT),
705
706 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
707 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
708 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
709 [CRCERRS ... MPC] = &mac_readreg,
710 [RA ... RA+31] = &mac_readreg,
711 [MTA ... MTA+127] = &mac_readreg,
712 };
713 enum { NREADOPS = sizeof(macreg_readops) / sizeof(*macreg_readops) };
714
715 #define putreg(x) [x] = mac_writereg
716 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
717 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
718 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
719 putreg(RDBAL), putreg(LEDCTL),
720 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
721 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
722 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
723 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
724 [EECD] = set_eecd, [RCTL] = set_rx_control,
725 [RA ... RA+31] = &mac_writereg,
726 [MTA ... MTA+127] = &mac_writereg,
727 };
728 enum { NWRITEOPS = sizeof(macreg_writeops) / sizeof(*macreg_writeops) };
729
730 static void
731 e1000_mmio_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
732 {
733 E1000State *s = opaque;
734 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
735
736 #ifdef TARGET_WORDS_BIGENDIAN
737 val = bswap32(val);
738 #endif
739 if (index < NWRITEOPS && macreg_writeops[index])
740 macreg_writeops[index](s, index, val);
741 else if (index < NREADOPS && macreg_readops[index])
742 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04x\n", index<<2, val);
743 else
744 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08x\n",
745 index<<2, val);
746 }
747
748 static void
749 e1000_mmio_writew(void *opaque, target_phys_addr_t addr, uint32_t val)
750 {
751 // emulate hw without byte enables: no RMW
752 e1000_mmio_writel(opaque, addr & ~3,
753 (val & 0xffff) << (8*(addr & 3)));
754 }
755
756 static void
757 e1000_mmio_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
758 {
759 // emulate hw without byte enables: no RMW
760 e1000_mmio_writel(opaque, addr & ~3,
761 (val & 0xff) << (8*(addr & 3)));
762 }
763
764 static uint32_t
765 e1000_mmio_readl(void *opaque, target_phys_addr_t addr)
766 {
767 E1000State *s = opaque;
768 unsigned int index = ((addr - s->mmio_base) & 0x1ffff) >> 2;
769
770 if (index < NREADOPS && macreg_readops[index])
771 {
772 uint32_t val = macreg_readops[index](s, index);
773 #ifdef TARGET_WORDS_BIGENDIAN
774 val = bswap32(val);
775 #endif
776 return val;
777 }
778 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
779 return 0;
780 }
781
782 static uint32_t
783 e1000_mmio_readb(void *opaque, target_phys_addr_t addr)
784 {
785 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
786 (8 * (addr & 3))) & 0xff;
787 }
788
789 static uint32_t
790 e1000_mmio_readw(void *opaque, target_phys_addr_t addr)
791 {
792 return ((e1000_mmio_readl(opaque, addr & ~3)) >>
793 (8 * (addr & 3))) & 0xffff;
794 }
795
796 int mac_regtosave[] = {
797 CTRL, EECD, EERD, GPRC, GPTC, ICR, ICS, IMC, IMS,
798 LEDCTL, MANC, MDIC, MPC, PBA, RCTL, RDBAH, RDBAL, RDH,
799 RDLEN, RDT, STATUS, SWSM, TCTL, TDBAH, TDBAL, TDH, TDLEN,
800 TDT, TORH, TORL, TOTH, TOTL, TPR, TPT, TXDCTL, WUFC,
801 };
802 enum { MAC_NSAVE = sizeof mac_regtosave/sizeof *mac_regtosave };
803
804 struct {
805 int size;
806 int array0;
807 } mac_regarraystosave[] = { {32, RA}, {128, MTA} };
808 enum { MAC_NARRAYS = sizeof mac_regarraystosave/sizeof *mac_regarraystosave };
809
810 static void
811 nic_save(QEMUFile *f, void *opaque)
812 {
813 E1000State *s = (E1000State *)opaque;
814 int i, j;
815
816 pci_device_save(&s->dev, f);
817 qemu_put_be32s(f, &s->instance);
818 qemu_put_be32s(f, &s->mmio_base);
819 qemu_put_be32s(f, &s->rxbuf_size);
820 qemu_put_be32s(f, &s->rxbuf_min_shift);
821 qemu_put_be32s(f, &s->eecd_state.val_in);
822 qemu_put_be16s(f, &s->eecd_state.bitnum_in);
823 qemu_put_be16s(f, &s->eecd_state.bitnum_out);
824 qemu_put_be16s(f, &s->eecd_state.reading);
825 qemu_put_be32s(f, &s->eecd_state.old_eecd);
826 qemu_put_8s(f, &s->tx.ipcss);
827 qemu_put_8s(f, &s->tx.ipcso);
828 qemu_put_be16s(f, &s->tx.ipcse);
829 qemu_put_8s(f, &s->tx.tucss);
830 qemu_put_8s(f, &s->tx.tucso);
831 qemu_put_be16s(f, &s->tx.tucse);
832 qemu_put_be32s(f, &s->tx.paylen);
833 qemu_put_8s(f, &s->tx.hdr_len);
834 qemu_put_be16s(f, &s->tx.mss);
835 qemu_put_be16s(f, &s->tx.size);
836 qemu_put_be16s(f, &s->tx.tso_frames);
837 qemu_put_8s(f, &s->tx.sum_needed);
838 qemu_put_8s(f, &s->tx.ip);
839 qemu_put_8s(f, &s->tx.tcp);
840 qemu_put_buffer(f, s->tx.header, sizeof s->tx.header);
841 qemu_put_buffer(f, s->tx.data, sizeof s->tx.data);
842 for (i = 0; i < 64; i++)
843 qemu_put_be16s(f, s->eeprom_data + i);
844 for (i = 0; i < 0x20; i++)
845 qemu_put_be16s(f, s->phy_reg + i);
846 for (i = 0; i < MAC_NSAVE; i++)
847 qemu_put_be32s(f, s->mac_reg + mac_regtosave[i]);
848 for (i = 0; i < MAC_NARRAYS; i++)
849 for (j = 0; j < mac_regarraystosave[i].size; j++)
850 qemu_put_be32s(f,
851 s->mac_reg + mac_regarraystosave[i].array0 + j);
852 }
853
854 static int
855 nic_load(QEMUFile *f, void *opaque, int version_id)
856 {
857 E1000State *s = (E1000State *)opaque;
858 int i, j, ret;
859
860 if ((ret = pci_device_load(&s->dev, f)) < 0)
861 return ret;
862 qemu_get_be32s(f, &s->instance);
863 qemu_get_be32s(f, &s->mmio_base);
864 qemu_get_be32s(f, &s->rxbuf_size);
865 qemu_get_be32s(f, &s->rxbuf_min_shift);
866 qemu_get_be32s(f, &s->eecd_state.val_in);
867 qemu_get_be16s(f, &s->eecd_state.bitnum_in);
868 qemu_get_be16s(f, &s->eecd_state.bitnum_out);
869 qemu_get_be16s(f, &s->eecd_state.reading);
870 qemu_get_be32s(f, &s->eecd_state.old_eecd);
871 qemu_get_8s(f, &s->tx.ipcss);
872 qemu_get_8s(f, &s->tx.ipcso);
873 qemu_get_be16s(f, &s->tx.ipcse);
874 qemu_get_8s(f, &s->tx.tucss);
875 qemu_get_8s(f, &s->tx.tucso);
876 qemu_get_be16s(f, &s->tx.tucse);
877 qemu_get_be32s(f, &s->tx.paylen);
878 qemu_get_8s(f, &s->tx.hdr_len);
879 qemu_get_be16s(f, &s->tx.mss);
880 qemu_get_be16s(f, &s->tx.size);
881 qemu_get_be16s(f, &s->tx.tso_frames);
882 qemu_get_8s(f, &s->tx.sum_needed);
883 qemu_get_8s(f, &s->tx.ip);
884 qemu_get_8s(f, &s->tx.tcp);
885 qemu_get_buffer(f, s->tx.header, sizeof s->tx.header);
886 qemu_get_buffer(f, s->tx.data, sizeof s->tx.data);
887 for (i = 0; i < 64; i++)
888 qemu_get_be16s(f, s->eeprom_data + i);
889 for (i = 0; i < 0x20; i++)
890 qemu_get_be16s(f, s->phy_reg + i);
891 for (i = 0; i < MAC_NSAVE; i++)
892 qemu_get_be32s(f, s->mac_reg + mac_regtosave[i]);
893 for (i = 0; i < MAC_NARRAYS; i++)
894 for (j = 0; j < mac_regarraystosave[i].size; j++)
895 qemu_get_be32s(f,
896 s->mac_reg + mac_regarraystosave[i].array0 + j);
897 return 0;
898 }
899
900 static uint16_t e1000_eeprom_template[64] = {
901 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
902 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
903 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
904 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
905 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
906 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
907 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
908 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
909 };
910
911 static uint16_t phy_reg_init[] = {
912 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
913 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
914 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
915 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
916 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
917 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
918 };
919
920 static uint32_t mac_reg_init[] = {
921 [PBA] = 0x00100030,
922 [LEDCTL] = 0x602,
923 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
924 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
925 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
926 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
927 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
928 E1000_STATUS_LU,
929 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
930 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
931 E1000_MANC_RMCP_EN,
932 };
933
934 /* PCI interface */
935
936 static CPUWriteMemoryFunc *e1000_mmio_write[] = {
937 e1000_mmio_writeb, e1000_mmio_writew, e1000_mmio_writel
938 };
939
940 static CPUReadMemoryFunc *e1000_mmio_read[] = {
941 e1000_mmio_readb, e1000_mmio_readw, e1000_mmio_readl
942 };
943
944 static void
945 e1000_mmio_map(PCIDevice *pci_dev, int region_num,
946 uint32_t addr, uint32_t size, int type)
947 {
948 E1000State *d = (E1000State *)pci_dev;
949
950 DBGOUT(MMIO, "e1000_mmio_map addr=0x%08x 0x%08x\n", addr, size);
951
952 d->mmio_base = addr;
953 cpu_register_physical_memory(addr, PNPMMIO_SIZE, d->mmio_index);
954 }
955
956 void
957 pci_e1000_init(PCIBus *bus, NICInfo *nd, int devfn)
958 {
959 E1000State *d;
960 uint8_t *pci_conf;
961 static int instance;
962 uint16_t checksum = 0;
963 char *info_str = "e1000";
964 int i;
965
966 d = (E1000State *)pci_register_device(bus, "e1000",
967 sizeof(E1000State), devfn, NULL, NULL);
968
969 pci_conf = d->dev.config;
970 memset(pci_conf, 0, 256);
971
972 *(uint16_t *)(pci_conf+0x00) = cpu_to_le16(0x8086);
973 *(uint16_t *)(pci_conf+0x02) = cpu_to_le16(E1000_DEVID);
974 *(uint16_t *)(pci_conf+0x04) = cpu_to_le16(0x0407);
975 *(uint16_t *)(pci_conf+0x06) = cpu_to_le16(0x0010);
976 pci_conf[0x08] = 0x03;
977 pci_conf[0x0a] = 0x00; // ethernet network controller
978 pci_conf[0x0b] = 0x02;
979 pci_conf[0x0c] = 0x10;
980
981 pci_conf[0x3d] = 1; // interrupt pin 0
982
983 d->mmio_index = cpu_register_io_memory(0, e1000_mmio_read,
984 e1000_mmio_write, d);
985
986 pci_register_io_region((PCIDevice *)d, 0, PNPMMIO_SIZE,
987 PCI_ADDRESS_SPACE_MEM, e1000_mmio_map);
988
989 pci_register_io_region((PCIDevice *)d, 1, IOPORT_SIZE,
990 PCI_ADDRESS_SPACE_IO, ioport_map);
991
992 d->instance = instance++;
993
994 d->nd = nd;
995 memmove(d->eeprom_data, e1000_eeprom_template,
996 sizeof e1000_eeprom_template);
997 for (i = 0; i < 3; i++)
998 d->eeprom_data[i] = (nd->macaddr[2*i+1]<<8) | nd->macaddr[2*i];
999 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1000 checksum += d->eeprom_data[i];
1001 checksum = (uint16_t) EEPROM_SUM - checksum;
1002 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1003
1004 memset(d->phy_reg, 0, sizeof d->phy_reg);
1005 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
1006 memset(d->mac_reg, 0, sizeof d->mac_reg);
1007 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
1008 d->rxbuf_min_shift = 1;
1009 memset(&d->tx, 0, sizeof d->tx);
1010
1011 d->vc = qemu_new_vlan_client(nd->vlan, e1000_receive,
1012 e1000_can_receive, d);
1013
1014 snprintf(d->vc->info_str, sizeof(d->vc->info_str),
1015 "%s macaddr=%02x:%02x:%02x:%02x:%02x:%02x", info_str,
1016 d->nd->macaddr[0], d->nd->macaddr[1], d->nd->macaddr[2],
1017 d->nd->macaddr[3], d->nd->macaddr[4], d->nd->macaddr[5]);
1018
1019 register_savevm(info_str, d->instance, 1, nic_save, nic_load, d);
1020 }
Samsung s3c2440 and arm920t support for the mini2440 dev board