4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
31 #include "net/checksum.h"
42 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
43 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
44 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
45 DEBUG_RXFILTER, DEBUG_PHY, DEBUG_NOTYET,
47 #define DBGBIT(x) (1<<DEBUG_##x)
48 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
50 #define DBGOUT(what, fmt, ...) do { \
51 if (debugflags & DBGBIT(what)) \
52 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
55 #define DBGOUT(what, fmt, ...) do {} while (0)
58 #define IOPORT_SIZE 0x40
59 #define PNPMMIO_SIZE 0x20000
60 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
64 * E1000_DEV_ID_82540EM works with Windows and Linux
65 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
66 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
67 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
70 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
73 * May need to specify additional MAC-to-PHY entries --
74 * Intel's Windows driver refuses to initialize unless they match
77 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
78 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
79 /* default to E1000_DEV_ID_82540EM */ 0xc20
82 typedef struct E1000State_st {
89 uint32_t mac_reg[0x8000];
90 uint16_t phy_reg[0x20];
91 uint16_t eeprom_data[64];
94 uint32_t rxbuf_min_shift;
97 unsigned char header[256];
98 unsigned char vlan_header[4];
99 /* Fields vlan and data must not be reordered or separated. */
100 unsigned char vlan[4];
101 unsigned char data[0x10000];
103 unsigned char sum_needed;
104 unsigned char vlan_needed;
118 char cptse; // current packet tse bit
122 uint32_t val_in; // shifted in from guest driver
130 #define defreg(x) x = (E1000_##x>>2)
132 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
133 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
134 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
135 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
136 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
137 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
138 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
139 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
140 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
141 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
146 e1000_link_down(E1000State *s)
148 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
149 s->phy_reg[PHY_STATUS] &= ~MII_SR_LINK_STATUS;
153 e1000_link_up(E1000State *s)
155 s->mac_reg[STATUS] |= E1000_STATUS_LU;
156 s->phy_reg[PHY_STATUS] |= MII_SR_LINK_STATUS;
159 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
160 static const char phy_regcap[0x20] = {
161 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
162 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
163 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
164 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
165 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
166 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
169 static const uint16_t phy_reg_init[] = {
170 [PHY_CTRL] = 0x1140, [PHY_STATUS] = 0x796d, // link initially up
171 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
172 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
173 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
174 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
175 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
178 static const uint32_t mac_reg_init[] = {
181 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
182 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
183 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
184 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
185 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
187 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
188 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
193 set_interrupt_cause(E1000State *s, int index, uint32_t val)
196 val |= E1000_ICR_INT_ASSERTED;
197 s->mac_reg[ICR] = val;
198 s->mac_reg[ICS] = val;
199 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
203 set_ics(E1000State *s, int index, uint32_t val)
205 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
207 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
211 rxbufsize(uint32_t v)
213 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
214 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
215 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
217 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
219 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
221 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
223 case E1000_RCTL_SZ_1024:
225 case E1000_RCTL_SZ_512:
227 case E1000_RCTL_SZ_256:
233 static void e1000_reset(void *opaque)
235 E1000State *d = opaque;
237 memset(d->phy_reg, 0, sizeof d->phy_reg);
238 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
239 memset(d->mac_reg, 0, sizeof d->mac_reg);
240 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
241 d->rxbuf_min_shift = 1;
242 memset(&d->tx, 0, sizeof d->tx);
244 if (d->nic->nc.link_down) {
250 set_ctrl(E1000State *s, int index, uint32_t val)
252 /* RST is self clearing */
253 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
257 set_rx_control(E1000State *s, int index, uint32_t val)
259 s->mac_reg[RCTL] = val;
260 s->rxbuf_size = rxbufsize(val);
261 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
262 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
267 set_mdic(E1000State *s, int index, uint32_t val)
269 uint32_t data = val & E1000_MDIC_DATA_MASK;
270 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
272 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
273 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
274 else if (val & E1000_MDIC_OP_READ) {
275 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
276 if (!(phy_regcap[addr] & PHY_R)) {
277 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
278 val |= E1000_MDIC_ERROR;
280 val = (val ^ data) | s->phy_reg[addr];
281 } else if (val & E1000_MDIC_OP_WRITE) {
282 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
283 if (!(phy_regcap[addr] & PHY_W)) {
284 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
285 val |= E1000_MDIC_ERROR;
287 s->phy_reg[addr] = data;
289 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
291 if (val & E1000_MDIC_INT_EN) {
292 set_ics(s, 0, E1000_ICR_MDAC);
297 get_eecd(E1000State *s, int index)
299 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
301 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
302 s->eecd_state.bitnum_out, s->eecd_state.reading);
303 if (!s->eecd_state.reading ||
304 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
305 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
306 ret |= E1000_EECD_DO;
311 set_eecd(E1000State *s, int index, uint32_t val)
313 uint32_t oldval = s->eecd_state.old_eecd;
315 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
316 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
317 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
319 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
320 s->eecd_state.val_in = 0;
321 s->eecd_state.bitnum_in = 0;
322 s->eecd_state.bitnum_out = 0;
323 s->eecd_state.reading = 0;
325 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
327 if (!(E1000_EECD_SK & val)) { // falling edge
328 s->eecd_state.bitnum_out++;
331 s->eecd_state.val_in <<= 1;
332 if (val & E1000_EECD_DI)
333 s->eecd_state.val_in |= 1;
334 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
335 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
336 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
337 EEPROM_READ_OPCODE_MICROWIRE);
339 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
340 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
341 s->eecd_state.reading);
345 flash_eerd_read(E1000State *s, int x)
347 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
349 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
350 return (s->mac_reg[EERD]);
352 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
353 return (E1000_EEPROM_RW_REG_DONE | r);
355 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
356 E1000_EEPROM_RW_REG_DONE | r);
360 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
367 sum = net_checksum_add(n-css, data+css);
368 cpu_to_be16wu((uint16_t *)(data + sloc),
369 net_checksum_finish(sum));
374 vlan_enabled(E1000State *s)
376 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
380 vlan_rx_filter_enabled(E1000State *s)
382 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
386 is_vlan_packet(E1000State *s, const uint8_t *buf)
388 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
389 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
393 is_vlan_txd(uint32_t txd_lower)
395 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
398 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
399 * fill it in, just pad descriptor length by 4 bytes unless guest
400 * told us to strip it off the packet. */
402 fcs_len(E1000State *s)
404 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
408 e1000_send_packet(E1000State *s, const uint8_t *buf, int size)
410 if (s->phy_reg[PHY_CTRL] & MII_CR_LOOPBACK) {
411 s->nic->nc.info->receive(&s->nic->nc, buf, size);
413 qemu_send_packet(&s->nic->nc, buf, size);
418 xmit_seg(E1000State *s)
421 unsigned int frames = s->tx.tso_frames, css, sofar, n;
422 struct e1000_tx *tp = &s->tx;
424 if (tp->tse && tp->cptse) {
426 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
427 frames, tp->size, css);
428 if (tp->ip) { // IPv4
429 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
431 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
432 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
434 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
437 len = tp->size - css;
438 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
440 sofar = frames * tp->mss;
441 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
442 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
443 if (tp->paylen - sofar > tp->mss)
444 tp->data[css + 13] &= ~9; // PSH, FIN
446 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
447 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
449 // add pseudo-header length before checksum calculation
450 sp = (uint16_t *)(tp->data + tp->tucso);
451 phsum = be16_to_cpup(sp) + len;
452 phsum = (phsum >> 16) + (phsum & 0xffff);
453 cpu_to_be16wu(sp, phsum);
458 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
459 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
460 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
461 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
462 if (tp->vlan_needed) {
463 memmove(tp->vlan, tp->data, 4);
464 memmove(tp->data, tp->data + 4, 8);
465 memcpy(tp->data + 8, tp->vlan_header, 4);
466 e1000_send_packet(s, tp->vlan, tp->size + 4);
468 e1000_send_packet(s, tp->data, tp->size);
471 n = s->mac_reg[TOTL];
472 if ((s->mac_reg[TOTL] += s->tx.size) < n)
477 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
479 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
480 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
481 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
482 unsigned int msh = 0xfffff, hdr = 0;
484 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
485 struct e1000_tx *tp = &s->tx;
487 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
488 op = le32_to_cpu(xp->cmd_and_length);
489 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
490 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
491 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
492 tp->tucss = xp->upper_setup.tcp_fields.tucss;
493 tp->tucso = xp->upper_setup.tcp_fields.tucso;
494 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
495 tp->paylen = op & 0xfffff;
496 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
497 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
498 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
499 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
500 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
502 if (tp->tucso == 0) { // this is probably wrong
503 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
504 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
507 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
510 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
512 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
518 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
519 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
521 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
522 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
523 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
524 le16_to_cpu(dp->upper.fields.special));
527 addr = le64_to_cpu(dp->buffer_addr);
528 if (tp->tse && tp->cptse) {
533 if (tp->size + bytes > msh)
534 bytes = msh - tp->size;
536 bytes = MIN(sizeof(tp->data) - tp->size, bytes);
537 pci_dma_read(&s->dev, addr, tp->data + tp->size, bytes);
538 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
539 memmove(tp->header, tp->data, hdr);
544 memmove(tp->data, tp->header, hdr);
547 } while (split_size -= bytes);
548 } else if (!tp->tse && tp->cptse) {
549 // context descriptor TSE is not set, while data descriptor TSE is set
550 DBGOUT(TXERR, "TCP segmentation error\n");
552 split_size = MIN(sizeof(tp->data) - tp->size, split_size);
553 pci_dma_read(&s->dev, addr, tp->data + tp->size, split_size);
554 tp->size += split_size;
557 if (!(txd_lower & E1000_TXD_CMD_EOP))
559 if (!(tp->tse && tp->cptse && tp->size < hdr))
569 txdesc_writeback(E1000State *s, dma_addr_t base, struct e1000_tx_desc *dp)
571 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
573 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
575 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
576 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
577 dp->upper.data = cpu_to_le32(txd_upper);
578 pci_dma_write(&s->dev, base + ((char *)&dp->upper - (char *)dp),
579 &dp->upper, sizeof(dp->upper));
580 return E1000_ICR_TXDW;
583 static uint64_t tx_desc_base(E1000State *s)
585 uint64_t bah = s->mac_reg[TDBAH];
586 uint64_t bal = s->mac_reg[TDBAL] & ~0xf;
588 return (bah << 32) + bal;
592 start_xmit(E1000State *s)
595 struct e1000_tx_desc desc;
596 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
598 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
599 DBGOUT(TX, "tx disabled\n");
603 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
604 base = tx_desc_base(s) +
605 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
606 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
608 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
609 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
612 process_tx_desc(s, &desc);
613 cause |= txdesc_writeback(s, base, &desc);
615 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
618 * the following could happen only if guest sw assigns
619 * bogus values to TDT/TDLEN.
620 * there's nothing too intelligent we could do about this.
622 if (s->mac_reg[TDH] == tdh_start) {
623 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
624 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
628 set_ics(s, 0, cause);
632 receive_filter(E1000State *s, const uint8_t *buf, int size)
634 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
635 static const int mta_shift[] = {4, 3, 2, 0};
636 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
638 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
639 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
640 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
641 ((vid >> 5) & 0x7f));
642 if ((vfta & (1 << (vid & 0x1f))) == 0)
646 if (rctl & E1000_RCTL_UPE) // promiscuous
649 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
652 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
655 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
656 if (!(rp[1] & E1000_RAH_AV))
658 ra[0] = cpu_to_le32(rp[0]);
659 ra[1] = cpu_to_le32(rp[1]);
660 if (!memcmp(buf, (uint8_t *)ra, 6)) {
662 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
663 (int)(rp - s->mac_reg - RA)/2,
664 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
668 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
669 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
671 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
672 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
673 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
676 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
677 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
678 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
679 s->mac_reg[MTA + (f >> 5)]);
685 e1000_set_link_status(VLANClientState *nc)
687 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
688 uint32_t old_status = s->mac_reg[STATUS];
696 if (s->mac_reg[STATUS] != old_status)
697 set_ics(s, 0, E1000_ICR_LSC);
700 static bool e1000_has_rxbufs(E1000State *s, size_t total_size)
703 /* Fast-path short packets */
704 if (total_size <= s->rxbuf_size) {
705 return s->mac_reg[RDH] != s->mac_reg[RDT] || !s->check_rxov;
707 if (s->mac_reg[RDH] < s->mac_reg[RDT]) {
708 bufs = s->mac_reg[RDT] - s->mac_reg[RDH];
709 } else if (s->mac_reg[RDH] > s->mac_reg[RDT] || !s->check_rxov) {
710 bufs = s->mac_reg[RDLEN] / sizeof(struct e1000_rx_desc) +
711 s->mac_reg[RDT] - s->mac_reg[RDH];
715 return total_size <= bufs * s->rxbuf_size;
719 e1000_can_receive(VLANClientState *nc)
721 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
723 return (s->mac_reg[RCTL] & E1000_RCTL_EN) && e1000_has_rxbufs(s, 1);
726 static uint64_t rx_desc_base(E1000State *s)
728 uint64_t bah = s->mac_reg[RDBAH];
729 uint64_t bal = s->mac_reg[RDBAL] & ~0xf;
731 return (bah << 32) + bal;
735 e1000_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
737 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
738 struct e1000_rx_desc desc;
742 uint16_t vlan_special = 0;
743 uint8_t vlan_status = 0, vlan_offset = 0;
744 uint8_t min_buf[MIN_BUF_SIZE];
749 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
752 /* Pad to minimum Ethernet frame length */
753 if (size < sizeof(min_buf)) {
754 memcpy(min_buf, buf, size);
755 memset(&min_buf[size], 0, sizeof(min_buf) - size);
757 size = sizeof(min_buf);
760 if (!receive_filter(s, buf, size))
763 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
764 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
765 memmove((uint8_t *)buf + 4, buf, 12);
766 vlan_status = E1000_RXD_STAT_VP;
771 rdh_start = s->mac_reg[RDH];
773 total_size = size + fcs_len(s);
774 if (!e1000_has_rxbufs(s, total_size)) {
775 set_ics(s, 0, E1000_ICS_RXO);
779 desc_size = total_size - desc_offset;
780 if (desc_size > s->rxbuf_size) {
781 desc_size = s->rxbuf_size;
783 base = rx_desc_base(s) + sizeof(desc) * s->mac_reg[RDH];
784 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
785 desc.special = vlan_special;
786 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
787 if (desc.buffer_addr) {
788 if (desc_offset < size) {
789 size_t copy_size = size - desc_offset;
790 if (copy_size > s->rxbuf_size) {
791 copy_size = s->rxbuf_size;
793 pci_dma_write(&s->dev, le64_to_cpu(desc.buffer_addr),
794 buf + desc_offset + vlan_offset, copy_size);
796 desc_offset += desc_size;
797 desc.length = cpu_to_le16(desc_size);
798 if (desc_offset >= total_size) {
799 desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM;
801 /* Guest zeroing out status is not a hardware requirement.
802 Clear EOP in case guest didn't do it. */
803 desc.status &= ~E1000_RXD_STAT_EOP;
805 } else { // as per intel docs; skip descriptors with null buf addr
806 DBGOUT(RX, "Null RX descriptor!!\n");
808 pci_dma_write(&s->dev, base, &desc, sizeof(desc));
810 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
813 /* see comment in start_xmit; same here */
814 if (s->mac_reg[RDH] == rdh_start) {
815 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
816 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
817 set_ics(s, 0, E1000_ICS_RXO);
820 } while (desc_offset < total_size);
824 /* TOR - Total Octets Received:
825 * This register includes bytes received in a packet from the <Destination
826 * Address> field through the <CRC> field, inclusively.
828 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
829 if (n < s->mac_reg[TORL])
831 s->mac_reg[TORL] = n;
834 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
835 rdt += s->mac_reg[RDLEN] / sizeof(desc);
836 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
838 n |= E1000_ICS_RXDMT0;
846 mac_readreg(E1000State *s, int index)
848 return s->mac_reg[index];
852 mac_icr_read(E1000State *s, int index)
854 uint32_t ret = s->mac_reg[ICR];
856 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
857 set_interrupt_cause(s, 0, 0);
862 mac_read_clr4(E1000State *s, int index)
864 uint32_t ret = s->mac_reg[index];
866 s->mac_reg[index] = 0;
871 mac_read_clr8(E1000State *s, int index)
873 uint32_t ret = s->mac_reg[index];
875 s->mac_reg[index] = 0;
876 s->mac_reg[index-1] = 0;
881 mac_writereg(E1000State *s, int index, uint32_t val)
883 s->mac_reg[index] = val;
887 set_rdt(E1000State *s, int index, uint32_t val)
890 s->mac_reg[index] = val & 0xffff;
894 set_16bit(E1000State *s, int index, uint32_t val)
896 s->mac_reg[index] = val & 0xffff;
900 set_dlen(E1000State *s, int index, uint32_t val)
902 s->mac_reg[index] = val & 0xfff80;
906 set_tctl(E1000State *s, int index, uint32_t val)
908 s->mac_reg[index] = val;
909 s->mac_reg[TDT] &= 0xffff;
914 set_icr(E1000State *s, int index, uint32_t val)
916 DBGOUT(INTERRUPT, "set_icr %x\n", val);
917 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
921 set_imc(E1000State *s, int index, uint32_t val)
923 s->mac_reg[IMS] &= ~val;
928 set_ims(E1000State *s, int index, uint32_t val)
930 s->mac_reg[IMS] |= val;
934 #define getreg(x) [x] = mac_readreg
935 static uint32_t (*macreg_readops[])(E1000State *, int) = {
936 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
937 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
938 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
939 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
940 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
941 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
942 getreg(TDLEN), getreg(RDLEN),
944 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
945 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
946 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
947 [CRCERRS ... MPC] = &mac_readreg,
948 [RA ... RA+31] = &mac_readreg,
949 [MTA ... MTA+127] = &mac_readreg,
950 [VFTA ... VFTA+127] = &mac_readreg,
952 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
954 #define putreg(x) [x] = mac_writereg
955 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
956 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
957 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
958 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
959 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
960 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
961 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
962 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
963 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
964 [RA ... RA+31] = &mac_writereg,
965 [MTA ... MTA+127] = &mac_writereg,
966 [VFTA ... VFTA+127] = &mac_writereg,
968 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
971 e1000_mmio_write(void *opaque, target_phys_addr_t addr, uint64_t val,
974 E1000State *s = opaque;
975 unsigned int index = (addr & 0x1ffff) >> 2;
977 if (index < NWRITEOPS && macreg_writeops[index]) {
978 macreg_writeops[index](s, index, val);
979 } else if (index < NREADOPS && macreg_readops[index]) {
980 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04"PRIx64"\n", index<<2, val);
982 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08"PRIx64"\n",
988 e1000_mmio_read(void *opaque, target_phys_addr_t addr, unsigned size)
990 E1000State *s = opaque;
991 unsigned int index = (addr & 0x1ffff) >> 2;
993 if (index < NREADOPS && macreg_readops[index])
995 return macreg_readops[index](s, index);
997 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
1001 static const MemoryRegionOps e1000_mmio_ops = {
1002 .read = e1000_mmio_read,
1003 .write = e1000_mmio_write,
1004 .endianness = DEVICE_LITTLE_ENDIAN,
1006 .min_access_size = 4,
1007 .max_access_size = 4,
1011 static uint64_t e1000_io_read(void *opaque, target_phys_addr_t addr,
1014 E1000State *s = opaque;
1020 static void e1000_io_write(void *opaque, target_phys_addr_t addr,
1021 uint64_t val, unsigned size)
1023 E1000State *s = opaque;
1028 static const MemoryRegionOps e1000_io_ops = {
1029 .read = e1000_io_read,
1030 .write = e1000_io_write,
1031 .endianness = DEVICE_LITTLE_ENDIAN,
1034 static bool is_version_1(void *opaque, int version_id)
1036 return version_id == 1;
1039 static const VMStateDescription vmstate_e1000 = {
1042 .minimum_version_id = 1,
1043 .minimum_version_id_old = 1,
1044 .fields = (VMStateField []) {
1045 VMSTATE_PCI_DEVICE(dev, E1000State),
1046 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
1047 VMSTATE_UNUSED(4), /* Was mmio_base. */
1048 VMSTATE_UINT32(rxbuf_size, E1000State),
1049 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
1050 VMSTATE_UINT32(eecd_state.val_in, E1000State),
1051 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
1052 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
1053 VMSTATE_UINT16(eecd_state.reading, E1000State),
1054 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
1055 VMSTATE_UINT8(tx.ipcss, E1000State),
1056 VMSTATE_UINT8(tx.ipcso, E1000State),
1057 VMSTATE_UINT16(tx.ipcse, E1000State),
1058 VMSTATE_UINT8(tx.tucss, E1000State),
1059 VMSTATE_UINT8(tx.tucso, E1000State),
1060 VMSTATE_UINT16(tx.tucse, E1000State),
1061 VMSTATE_UINT32(tx.paylen, E1000State),
1062 VMSTATE_UINT8(tx.hdr_len, E1000State),
1063 VMSTATE_UINT16(tx.mss, E1000State),
1064 VMSTATE_UINT16(tx.size, E1000State),
1065 VMSTATE_UINT16(tx.tso_frames, E1000State),
1066 VMSTATE_UINT8(tx.sum_needed, E1000State),
1067 VMSTATE_INT8(tx.ip, E1000State),
1068 VMSTATE_INT8(tx.tcp, E1000State),
1069 VMSTATE_BUFFER(tx.header, E1000State),
1070 VMSTATE_BUFFER(tx.data, E1000State),
1071 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
1072 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
1073 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
1074 VMSTATE_UINT32(mac_reg[EECD], E1000State),
1075 VMSTATE_UINT32(mac_reg[EERD], E1000State),
1076 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
1077 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
1078 VMSTATE_UINT32(mac_reg[ICR], E1000State),
1079 VMSTATE_UINT32(mac_reg[ICS], E1000State),
1080 VMSTATE_UINT32(mac_reg[IMC], E1000State),
1081 VMSTATE_UINT32(mac_reg[IMS], E1000State),
1082 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
1083 VMSTATE_UINT32(mac_reg[MANC], E1000State),
1084 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
1085 VMSTATE_UINT32(mac_reg[MPC], E1000State),
1086 VMSTATE_UINT32(mac_reg[PBA], E1000State),
1087 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
1088 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
1089 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
1090 VMSTATE_UINT32(mac_reg[RDH], E1000State),
1091 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
1092 VMSTATE_UINT32(mac_reg[RDT], E1000State),
1093 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
1094 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
1095 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
1096 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
1097 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
1098 VMSTATE_UINT32(mac_reg[TDH], E1000State),
1099 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
1100 VMSTATE_UINT32(mac_reg[TDT], E1000State),
1101 VMSTATE_UINT32(mac_reg[TORH], E1000State),
1102 VMSTATE_UINT32(mac_reg[TORL], E1000State),
1103 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
1104 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
1105 VMSTATE_UINT32(mac_reg[TPR], E1000State),
1106 VMSTATE_UINT32(mac_reg[TPT], E1000State),
1107 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
1108 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
1109 VMSTATE_UINT32(mac_reg[VET], E1000State),
1110 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
1111 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
1112 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
1113 VMSTATE_END_OF_LIST()
1117 static const uint16_t e1000_eeprom_template[64] = {
1118 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
1119 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
1120 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1121 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1122 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1123 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1124 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1125 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1131 e1000_mmio_setup(E1000State *d)
1134 const uint32_t excluded_regs[] = {
1135 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1136 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1139 memory_region_init_io(&d->mmio, &e1000_mmio_ops, d, "e1000-mmio",
1141 memory_region_add_coalescing(&d->mmio, 0, excluded_regs[0]);
1142 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1143 memory_region_add_coalescing(&d->mmio, excluded_regs[i] + 4,
1144 excluded_regs[i+1] - excluded_regs[i] - 4);
1145 memory_region_init_io(&d->io, &e1000_io_ops, d, "e1000-io", IOPORT_SIZE);
1149 e1000_cleanup(VLANClientState *nc)
1151 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1157 pci_e1000_uninit(PCIDevice *dev)
1159 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1161 memory_region_destroy(&d->mmio);
1162 memory_region_destroy(&d->io);
1163 qemu_del_vlan_client(&d->nic->nc);
1167 static NetClientInfo net_e1000_info = {
1168 .type = NET_CLIENT_TYPE_NIC,
1169 .size = sizeof(NICState),
1170 .can_receive = e1000_can_receive,
1171 .receive = e1000_receive,
1172 .cleanup = e1000_cleanup,
1173 .link_status_changed = e1000_set_link_status,
1176 static int pci_e1000_init(PCIDevice *pci_dev)
1178 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1180 uint16_t checksum = 0;
1184 pci_conf = d->dev.config;
1186 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1187 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1189 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */
1191 e1000_mmio_setup(d);
1193 pci_register_bar(&d->dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->mmio);
1195 pci_register_bar(&d->dev, 1, PCI_BASE_ADDRESS_SPACE_IO, &d->io);
1197 memmove(d->eeprom_data, e1000_eeprom_template,
1198 sizeof e1000_eeprom_template);
1199 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1200 macaddr = d->conf.macaddr.a;
1201 for (i = 0; i < 3; i++)
1202 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1203 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1204 checksum += d->eeprom_data[i];
1205 checksum = (uint16_t) EEPROM_SUM - checksum;
1206 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1208 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1209 object_get_typename(OBJECT(d)), d->dev.qdev.id, d);
1211 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1213 add_boot_device_path(d->conf.bootindex, &pci_dev->qdev, "/ethernet-phy@0");
1218 static void qdev_e1000_reset(DeviceState *dev)
1220 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1224 static Property e1000_properties[] = {
1225 DEFINE_NIC_PROPERTIES(E1000State, conf),
1226 DEFINE_PROP_END_OF_LIST(),
1229 static void e1000_class_init(ObjectClass *klass, void *data)
1231 DeviceClass *dc = DEVICE_CLASS(klass);
1232 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1234 k->init = pci_e1000_init;
1235 k->exit = pci_e1000_uninit;
1236 k->romfile = "pxe-e1000.rom";
1237 k->vendor_id = PCI_VENDOR_ID_INTEL;
1238 k->device_id = E1000_DEVID;
1240 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
1241 dc->desc = "Intel Gigabit Ethernet";
1242 dc->reset = qdev_e1000_reset;
1243 dc->vmsd = &vmstate_e1000;
1244 dc->props = e1000_properties;
1247 static TypeInfo e1000_info = {
1249 .parent = TYPE_PCI_DEVICE,
1250 .instance_size = sizeof(E1000State),
1251 .class_init = e1000_class_init,
1254 static void e1000_register_types(void)
1256 type_register_static(&e1000_info);
1259 type_init(e1000_register_types)
projects / qemu.git / blob