search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
qemu-log: Add new log category for guest bugs
[qemu/pbrook.git] / hw / e1000.c
blob63fee10794d9bd2394a20aec38cba83ea15b567b
1 /*
2 * QEMU e1000 emulation
3 *
4 * Software developer's manual:
5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf
6 *
7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc.
8 * Copyright (c) 2008 Qumranet
9 * Based on work done by:
10 * Copyright (c) 2007 Dan Aloni
11 * Copyright (c) 2004 Antony T Curtis
12 *
13 * This library is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU Lesser General Public
15 * License as published by the Free Software Foundation; either
16 * version 2 of the License, or (at your option) any later version.
17 *
18 * This library is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 * Lesser General Public License for more details.
22 *
23 * You should have received a copy of the GNU Lesser General Public
24 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
25 */
26
27
28 #include "hw.h"
29 #include "pci.h"
30 #include "net.h"
31 #include "net/checksum.h"
32 #include "loader.h"
33 #include "sysemu.h"
34 #include "dma.h"
35
36 #include "e1000_hw.h"
37
38 #define E1000_DEBUG
39
40 #ifdef E1000_DEBUG
41 enum {
42 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT,
43 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM,
44 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR,
45 DEBUG_RXFILTER, DEBUG_PHY, DEBUG_NOTYET,
46 };
47 #define DBGBIT(x) (1<<DEBUG_##x)
48 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL);
49
50 #define DBGOUT(what, fmt, ...) do { \
51 if (debugflags & DBGBIT(what)) \
52 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \
53 } while (0)
54 #else
55 #define DBGOUT(what, fmt, ...) do {} while (0)
56 #endif
57
58 #define IOPORT_SIZE 0x40
59 #define PNPMMIO_SIZE 0x20000
60 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */
61
62 /*
63 * HW models:
64 * E1000_DEV_ID_82540EM works with Windows and Linux
65 * E1000_DEV_ID_82573L OK with windoze and Linux 2.6.22,
66 * appears to perform better than 82540EM, but breaks with Linux 2.6.18
67 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested
68 * Others never tested
69 */
70 enum { E1000_DEVID = E1000_DEV_ID_82540EM };
71
72 /*
73 * May need to specify additional MAC-to-PHY entries --
74 * Intel's Windows driver refuses to initialize unless they match
75 */
76 enum {
77 PHY_ID2_INIT = E1000_DEVID == E1000_DEV_ID_82573L ? 0xcc2 :
78 E1000_DEVID == E1000_DEV_ID_82544GC_COPPER ? 0xc30 :
79 /* default to E1000_DEV_ID_82540EM */ 0xc20
80 };
81
82 typedef struct E1000State_st {
83 PCIDevice dev;
84 NICState *nic;
85 NICConf conf;
86 MemoryRegion mmio;
87 MemoryRegion io;
88
89 uint32_t mac_reg[0x8000];
90 uint16_t phy_reg[0x20];
91 uint16_t eeprom_data[64];
92
93 uint32_t rxbuf_size;
94 uint32_t rxbuf_min_shift;
95 int check_rxov;
96 struct e1000_tx {
97 unsigned char header[256];
98 unsigned char vlan_header[4];
99 /* Fields vlan and data must not be reordered or separated. */
100 unsigned char vlan[4];
101 unsigned char data[0x10000];
102 uint16_t size;
103 unsigned char sum_needed;
104 unsigned char vlan_needed;
105 uint8_t ipcss;
106 uint8_t ipcso;
107 uint16_t ipcse;
108 uint8_t tucss;
109 uint8_t tucso;
110 uint16_t tucse;
111 uint8_t hdr_len;
112 uint16_t mss;
113 uint32_t paylen;
114 uint16_t tso_frames;
115 char tse;
116 int8_t ip;
117 int8_t tcp;
118 char cptse; // current packet tse bit
119 } tx;
120
121 struct {
122 uint32_t val_in; // shifted in from guest driver
123 uint16_t bitnum_in;
124 uint16_t bitnum_out;
125 uint16_t reading;
126 uint32_t old_eecd;
127 } eecd_state;
128
129 QEMUTimer *autoneg_timer;
130 } E1000State;
131
132 #define defreg(x) x = (E1000_##x>>2)
133 enum {
134 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC),
135 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC),
136 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC),
137 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH),
138 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT),
139 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH),
140 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT),
141 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL),
142 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC),
143 defreg(RA), defreg(MTA), defreg(CRCERRS),defreg(VFTA),
144 defreg(VET),
145 };
146
147 static void
148 e1000_link_down(E1000State *s)
149 {
150 s->mac_reg[STATUS] &= ~E1000_STATUS_LU;
151 s->phy_reg[PHY_STATUS] &= ~MII_SR_LINK_STATUS;
152 }
153
154 static void
155 e1000_link_up(E1000State *s)
156 {
157 s->mac_reg[STATUS] |= E1000_STATUS_LU;
158 s->phy_reg[PHY_STATUS] |= MII_SR_LINK_STATUS;
159 }
160
161 static void
162 set_phy_ctrl(E1000State *s, int index, uint16_t val)
163 {
164 if ((val & MII_CR_AUTO_NEG_EN) && (val & MII_CR_RESTART_AUTO_NEG)) {
165 s->nic->nc.link_down = true;
166 e1000_link_down(s);
167 s->phy_reg[PHY_STATUS] &= ~MII_SR_AUTONEG_COMPLETE;
168 DBGOUT(PHY, "Start link auto negotiation\n");
169 qemu_mod_timer(s->autoneg_timer, qemu_get_clock_ms(vm_clock) + 500);
170 }
171 }
172
173 static void
174 e1000_autoneg_timer(void *opaque)
175 {
176 E1000State *s = opaque;
177 s->nic->nc.link_down = false;
178 e1000_link_up(s);
179 s->phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE;
180 DBGOUT(PHY, "Auto negotiation is completed\n");
181 }
182
183 static void (*phyreg_writeops[])(E1000State *, int, uint16_t) = {
184 [PHY_CTRL] = set_phy_ctrl,
185 };
186
187 enum { NPHYWRITEOPS = ARRAY_SIZE(phyreg_writeops) };
188
189 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W };
190 static const char phy_regcap[0x20] = {
191 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW,
192 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW,
193 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW,
194 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R,
195 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R,
196 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R
197 };
198
199 static const uint16_t phy_reg_init[] = {
200 [PHY_CTRL] = 0x1140,
201 [PHY_STATUS] = 0x794d, /* link initially up with not completed autoneg */
202 [PHY_ID1] = 0x141, [PHY_ID2] = PHY_ID2_INIT,
203 [PHY_1000T_CTRL] = 0x0e00, [M88E1000_PHY_SPEC_CTRL] = 0x360,
204 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, [PHY_AUTONEG_ADV] = 0xde1,
205 [PHY_LP_ABILITY] = 0x1e0, [PHY_1000T_STATUS] = 0x3c00,
206 [M88E1000_PHY_SPEC_STATUS] = 0xac00,
207 };
208
209 static const uint32_t mac_reg_init[] = {
210 [PBA] = 0x00100030,
211 [LEDCTL] = 0x602,
212 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 |
213 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU,
214 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE |
215 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK |
216 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD |
217 E1000_STATUS_LU,
218 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN |
219 E1000_MANC_ARP_EN | E1000_MANC_0298_EN |
220 E1000_MANC_RMCP_EN,
221 };
222
223 static void
224 set_interrupt_cause(E1000State *s, int index, uint32_t val)
225 {
226 if (val && (E1000_DEVID >= E1000_DEV_ID_82547EI_MOBILE)) {
227 /* Only for 8257x */
228 val |= E1000_ICR_INT_ASSERTED;
229 }
230 s->mac_reg[ICR] = val;
231 s->mac_reg[ICS] = val;
232 qemu_set_irq(s->dev.irq[0], (s->mac_reg[IMS] & s->mac_reg[ICR]) != 0);
233 }
234
235 static void
236 set_ics(E1000State *s, int index, uint32_t val)
237 {
238 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR],
239 s->mac_reg[IMS]);
240 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]);
241 }
242
243 static int
244 rxbufsize(uint32_t v)
245 {
246 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 |
247 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 |
248 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256;
249 switch (v) {
250 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384:
251 return 16384;
252 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192:
253 return 8192;
254 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096:
255 return 4096;
256 case E1000_RCTL_SZ_1024:
257 return 1024;
258 case E1000_RCTL_SZ_512:
259 return 512;
260 case E1000_RCTL_SZ_256:
261 return 256;
262 }
263 return 2048;
264 }
265
266 static void e1000_reset(void *opaque)
267 {
268 E1000State *d = opaque;
269
270 qemu_del_timer(d->autoneg_timer);
271 memset(d->phy_reg, 0, sizeof d->phy_reg);
272 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init);
273 memset(d->mac_reg, 0, sizeof d->mac_reg);
274 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init);
275 d->rxbuf_min_shift = 1;
276 memset(&d->tx, 0, sizeof d->tx);
277
278 if (d->nic->nc.link_down) {
279 e1000_link_down(d);
280 }
281 }
282
283 static void
284 set_ctrl(E1000State *s, int index, uint32_t val)
285 {
286 /* RST is self clearing */
287 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST;
288 }
289
290 static void
291 set_rx_control(E1000State *s, int index, uint32_t val)
292 {
293 s->mac_reg[RCTL] = val;
294 s->rxbuf_size = rxbufsize(val);
295 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1;
296 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT],
297 s->mac_reg[RCTL]);
298 qemu_flush_queued_packets(&s->nic->nc);
299 }
300
301 static void
302 set_mdic(E1000State *s, int index, uint32_t val)
303 {
304 uint32_t data = val & E1000_MDIC_DATA_MASK;
305 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT);
306
307 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy #
308 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR;
309 else if (val & E1000_MDIC_OP_READ) {
310 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr);
311 if (!(phy_regcap[addr] & PHY_R)) {
312 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr);
313 val |= E1000_MDIC_ERROR;
314 } else
315 val = (val ^ data) | s->phy_reg[addr];
316 } else if (val & E1000_MDIC_OP_WRITE) {
317 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data);
318 if (!(phy_regcap[addr] & PHY_W)) {
319 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr);
320 val |= E1000_MDIC_ERROR;
321 } else {
322 if (addr < NPHYWRITEOPS && phyreg_writeops[addr]) {
323 phyreg_writeops[addr](s, index, data);
324 }
325 s->phy_reg[addr] = data;
326 }
327 }
328 s->mac_reg[MDIC] = val | E1000_MDIC_READY;
329
330 if (val & E1000_MDIC_INT_EN) {
331 set_ics(s, 0, E1000_ICR_MDAC);
332 }
333 }
334
335 static uint32_t
336 get_eecd(E1000State *s, int index)
337 {
338 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd;
339
340 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n",
341 s->eecd_state.bitnum_out, s->eecd_state.reading);
342 if (!s->eecd_state.reading ||
343 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >>
344 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1)
345 ret |= E1000_EECD_DO;
346 return ret;
347 }
348
349 static void
350 set_eecd(E1000State *s, int index, uint32_t val)
351 {
352 uint32_t oldval = s->eecd_state.old_eecd;
353
354 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS |
355 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ);
356 if (!(E1000_EECD_CS & val)) // CS inactive; nothing to do
357 return;
358 if (E1000_EECD_CS & (val ^ oldval)) { // CS rise edge; reset state
359 s->eecd_state.val_in = 0;
360 s->eecd_state.bitnum_in = 0;
361 s->eecd_state.bitnum_out = 0;
362 s->eecd_state.reading = 0;
363 }
364 if (!(E1000_EECD_SK & (val ^ oldval))) // no clock edge
365 return;
366 if (!(E1000_EECD_SK & val)) { // falling edge
367 s->eecd_state.bitnum_out++;
368 return;
369 }
370 s->eecd_state.val_in <<= 1;
371 if (val & E1000_EECD_DI)
372 s->eecd_state.val_in |= 1;
373 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) {
374 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1;
375 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) ==
376 EEPROM_READ_OPCODE_MICROWIRE);
377 }
378 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n",
379 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out,
380 s->eecd_state.reading);
381 }
382
383 static uint32_t
384 flash_eerd_read(E1000State *s, int x)
385 {
386 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START;
387
388 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0)
389 return (s->mac_reg[EERD]);
390
391 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG)
392 return (E1000_EEPROM_RW_REG_DONE | r);
393
394 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) |
395 E1000_EEPROM_RW_REG_DONE | r);
396 }
397
398 static void
399 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse)
400 {
401 uint32_t sum;
402
403 if (cse && cse < n)
404 n = cse + 1;
405 if (sloc < n-1) {
406 sum = net_checksum_add(n-css, data+css);
407 cpu_to_be16wu((uint16_t *)(data + sloc),
408 net_checksum_finish(sum));
409 }
410 }
411
412 static inline int
413 vlan_enabled(E1000State *s)
414 {
415 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0);
416 }
417
418 static inline int
419 vlan_rx_filter_enabled(E1000State *s)
420 {
421 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0);
422 }
423
424 static inline int
425 is_vlan_packet(E1000State *s, const uint8_t *buf)
426 {
427 return (be16_to_cpup((uint16_t *)(buf + 12)) ==
428 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
429 }
430
431 static inline int
432 is_vlan_txd(uint32_t txd_lower)
433 {
434 return ((txd_lower & E1000_TXD_CMD_VLE) != 0);
435 }
436
437 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't
438 * fill it in, just pad descriptor length by 4 bytes unless guest
439 * told us to strip it off the packet. */
440 static inline int
441 fcs_len(E1000State *s)
442 {
443 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4;
444 }
445
446 static void
447 e1000_send_packet(E1000State *s, const uint8_t *buf, int size)
448 {
449 if (s->phy_reg[PHY_CTRL] & MII_CR_LOOPBACK) {
450 s->nic->nc.info->receive(&s->nic->nc, buf, size);
451 } else {
452 qemu_send_packet(&s->nic->nc, buf, size);
453 }
454 }
455
456 static void
457 xmit_seg(E1000State *s)
458 {
459 uint16_t len, *sp;
460 unsigned int frames = s->tx.tso_frames, css, sofar, n;
461 struct e1000_tx *tp = &s->tx;
462
463 if (tp->tse && tp->cptse) {
464 css = tp->ipcss;
465 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n",
466 frames, tp->size, css);
467 if (tp->ip) { // IPv4
468 cpu_to_be16wu((uint16_t *)(tp->data+css+2),
469 tp->size - css);
470 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
471 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames);
472 } else // IPv6
473 cpu_to_be16wu((uint16_t *)(tp->data+css+4),
474 tp->size - css);
475 css = tp->tucss;
476 len = tp->size - css;
477 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len);
478 if (tp->tcp) {
479 sofar = frames * tp->mss;
480 cpu_to_be32wu((uint32_t *)(tp->data+css+4), // seq
481 be32_to_cpupu((uint32_t *)(tp->data+css+4))+sofar);
482 if (tp->paylen - sofar > tp->mss)
483 tp->data[css + 13] &= ~9; // PSH, FIN
484 } else // UDP
485 cpu_to_be16wu((uint16_t *)(tp->data+css+4), len);
486 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) {
487 unsigned int phsum;
488 // add pseudo-header length before checksum calculation
489 sp = (uint16_t *)(tp->data + tp->tucso);
490 phsum = be16_to_cpup(sp) + len;
491 phsum = (phsum >> 16) + (phsum & 0xffff);
492 cpu_to_be16wu(sp, phsum);
493 }
494 tp->tso_frames++;
495 }
496
497 if (tp->sum_needed & E1000_TXD_POPTS_TXSM)
498 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse);
499 if (tp->sum_needed & E1000_TXD_POPTS_IXSM)
500 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse);
501 if (tp->vlan_needed) {
502 memmove(tp->vlan, tp->data, 4);
503 memmove(tp->data, tp->data + 4, 8);
504 memcpy(tp->data + 8, tp->vlan_header, 4);
505 e1000_send_packet(s, tp->vlan, tp->size + 4);
506 } else
507 e1000_send_packet(s, tp->data, tp->size);
508 s->mac_reg[TPT]++;
509 s->mac_reg[GPTC]++;
510 n = s->mac_reg[TOTL];
511 if ((s->mac_reg[TOTL] += s->tx.size) < n)
512 s->mac_reg[TOTH]++;
513 }
514
515 static void
516 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
517 {
518 uint32_t txd_lower = le32_to_cpu(dp->lower.data);
519 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D);
520 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op;
521 unsigned int msh = 0xfffff, hdr = 0;
522 uint64_t addr;
523 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp;
524 struct e1000_tx *tp = &s->tx;
525
526 if (dtype == E1000_TXD_CMD_DEXT) { // context descriptor
527 op = le32_to_cpu(xp->cmd_and_length);
528 tp->ipcss = xp->lower_setup.ip_fields.ipcss;
529 tp->ipcso = xp->lower_setup.ip_fields.ipcso;
530 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse);
531 tp->tucss = xp->upper_setup.tcp_fields.tucss;
532 tp->tucso = xp->upper_setup.tcp_fields.tucso;
533 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse);
534 tp->paylen = op & 0xfffff;
535 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len;
536 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss);
537 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0;
538 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0;
539 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0;
540 tp->tso_frames = 0;
541 if (tp->tucso == 0) { // this is probably wrong
542 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n");
543 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6);
544 }
545 return;
546 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) {
547 // data descriptor
548 if (tp->size == 0) {
549 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8;
550 }
551 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0;
552 } else {
553 // legacy descriptor
554 tp->cptse = 0;
555 }
556
557 if (vlan_enabled(s) && is_vlan_txd(txd_lower) &&
558 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
559 tp->vlan_needed = 1;
560 cpu_to_be16wu((uint16_t *)(tp->vlan_header),
561 le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
562 cpu_to_be16wu((uint16_t *)(tp->vlan_header + 2),
563 le16_to_cpu(dp->upper.fields.special));
564 }
565
566 addr = le64_to_cpu(dp->buffer_addr);
567 if (tp->tse && tp->cptse) {
568 hdr = tp->hdr_len;
569 msh = hdr + tp->mss;
570 do {
571 bytes = split_size;
572 if (tp->size + bytes > msh)
573 bytes = msh - tp->size;
574
575 bytes = MIN(sizeof(tp->data) - tp->size, bytes);
576 pci_dma_read(&s->dev, addr, tp->data + tp->size, bytes);
577 if ((sz = tp->size + bytes) >= hdr && tp->size < hdr)
578 memmove(tp->header, tp->data, hdr);
579 tp->size = sz;
580 addr += bytes;
581 if (sz == msh) {
582 xmit_seg(s);
583 memmove(tp->data, tp->header, hdr);
584 tp->size = hdr;
585 }
586 } while (split_size -= bytes);
587 } else if (!tp->tse && tp->cptse) {
588 // context descriptor TSE is not set, while data descriptor TSE is set
589 DBGOUT(TXERR, "TCP segmentation error\n");
590 } else {
591 split_size = MIN(sizeof(tp->data) - tp->size, split_size);
592 pci_dma_read(&s->dev, addr, tp->data + tp->size, split_size);
593 tp->size += split_size;
594 }
595
596 if (!(txd_lower & E1000_TXD_CMD_EOP))
597 return;
598 if (!(tp->tse && tp->cptse && tp->size < hdr))
599 xmit_seg(s);
600 tp->tso_frames = 0;
601 tp->sum_needed = 0;
602 tp->vlan_needed = 0;
603 tp->size = 0;
604 tp->cptse = 0;
605 }
606
607 static uint32_t
608 txdesc_writeback(E1000State *s, dma_addr_t base, struct e1000_tx_desc *dp)
609 {
610 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data);
611
612 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS)))
613 return 0;
614 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) &
615 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU);
616 dp->upper.data = cpu_to_le32(txd_upper);
617 pci_dma_write(&s->dev, base + ((char *)&dp->upper - (char *)dp),
618 &dp->upper, sizeof(dp->upper));
619 return E1000_ICR_TXDW;
620 }
621
622 static uint64_t tx_desc_base(E1000State *s)
623 {
624 uint64_t bah = s->mac_reg[TDBAH];
625 uint64_t bal = s->mac_reg[TDBAL] & ~0xf;
626
627 return (bah << 32) + bal;
628 }
629
630 static void
631 start_xmit(E1000State *s)
632 {
633 dma_addr_t base;
634 struct e1000_tx_desc desc;
635 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE;
636
637 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) {
638 DBGOUT(TX, "tx disabled\n");
639 return;
640 }
641
642 while (s->mac_reg[TDH] != s->mac_reg[TDT]) {
643 base = tx_desc_base(s) +
644 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH];
645 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
646
647 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH],
648 (void *)(intptr_t)desc.buffer_addr, desc.lower.data,
649 desc.upper.data);
650
651 process_tx_desc(s, &desc);
652 cause |= txdesc_writeback(s, base, &desc);
653
654 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN])
655 s->mac_reg[TDH] = 0;
656 /*
657 * the following could happen only if guest sw assigns
658 * bogus values to TDT/TDLEN.
659 * there's nothing too intelligent we could do about this.
660 */
661 if (s->mac_reg[TDH] == tdh_start) {
662 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n",
663 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]);
664 break;
665 }
666 }
667 set_ics(s, 0, cause);
668 }
669
670 static int
671 receive_filter(E1000State *s, const uint8_t *buf, int size)
672 {
673 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
674 static const int mta_shift[] = {4, 3, 2, 0};
675 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp;
676
677 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) {
678 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14));
679 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) +
680 ((vid >> 5) & 0x7f));
681 if ((vfta & (1 << (vid & 0x1f))) == 0)
682 return 0;
683 }
684
685 if (rctl & E1000_RCTL_UPE) // promiscuous
686 return 1;
687
688 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast
689 return 1;
690
691 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast))
692 return 1;
693
694 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) {
695 if (!(rp[1] & E1000_RAH_AV))
696 continue;
697 ra[0] = cpu_to_le32(rp[0]);
698 ra[1] = cpu_to_le32(rp[1]);
699 if (!memcmp(buf, (uint8_t *)ra, 6)) {
700 DBGOUT(RXFILTER,
701 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n",
702 (int)(rp - s->mac_reg - RA)/2,
703 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
704 return 1;
705 }
706 }
707 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n",
708 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
709
710 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3];
711 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff;
712 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f)))
713 return 1;
714 DBGOUT(RXFILTER,
715 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n",
716 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5],
717 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5,
718 s->mac_reg[MTA + (f >> 5)]);
719
720 return 0;
721 }
722
723 static void
724 e1000_set_link_status(NetClientState *nc)
725 {
726 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
727 uint32_t old_status = s->mac_reg[STATUS];
728
729 if (nc->link_down) {
730 e1000_link_down(s);
731 } else {
732 e1000_link_up(s);
733 }
734
735 if (s->mac_reg[STATUS] != old_status)
736 set_ics(s, 0, E1000_ICR_LSC);
737 }
738
739 static bool e1000_has_rxbufs(E1000State *s, size_t total_size)
740 {
741 int bufs;
742 /* Fast-path short packets */
743 if (total_size <= s->rxbuf_size) {
744 return s->mac_reg[RDH] != s->mac_reg[RDT] || !s->check_rxov;
745 }
746 if (s->mac_reg[RDH] < s->mac_reg[RDT]) {
747 bufs = s->mac_reg[RDT] - s->mac_reg[RDH];
748 } else if (s->mac_reg[RDH] > s->mac_reg[RDT] || !s->check_rxov) {
749 bufs = s->mac_reg[RDLEN] / sizeof(struct e1000_rx_desc) +
750 s->mac_reg[RDT] - s->mac_reg[RDH];
751 } else {
752 return false;
753 }
754 return total_size <= bufs * s->rxbuf_size;
755 }
756
757 static int
758 e1000_can_receive(NetClientState *nc)
759 {
760 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
761
762 return (s->mac_reg[RCTL] & E1000_RCTL_EN) && e1000_has_rxbufs(s, 1);
763 }
764
765 static uint64_t rx_desc_base(E1000State *s)
766 {
767 uint64_t bah = s->mac_reg[RDBAH];
768 uint64_t bal = s->mac_reg[RDBAL] & ~0xf;
769
770 return (bah << 32) + bal;
771 }
772
773 static ssize_t
774 e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size)
775 {
776 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
777 struct e1000_rx_desc desc;
778 dma_addr_t base;
779 unsigned int n, rdt;
780 uint32_t rdh_start;
781 uint16_t vlan_special = 0;
782 uint8_t vlan_status = 0, vlan_offset = 0;
783 uint8_t min_buf[MIN_BUF_SIZE];
784 size_t desc_offset;
785 size_t desc_size;
786 size_t total_size;
787
788 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN))
789 return -1;
790
791 /* Pad to minimum Ethernet frame length */
792 if (size < sizeof(min_buf)) {
793 memcpy(min_buf, buf, size);
794 memset(&min_buf[size], 0, sizeof(min_buf) - size);
795 buf = min_buf;
796 size = sizeof(min_buf);
797 }
798
799 if (!receive_filter(s, buf, size))
800 return size;
801
802 if (vlan_enabled(s) && is_vlan_packet(s, buf)) {
803 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(buf + 14)));
804 memmove((uint8_t *)buf + 4, buf, 12);
805 vlan_status = E1000_RXD_STAT_VP;
806 vlan_offset = 4;
807 size -= 4;
808 }
809
810 rdh_start = s->mac_reg[RDH];
811 desc_offset = 0;
812 total_size = size + fcs_len(s);
813 if (!e1000_has_rxbufs(s, total_size)) {
814 set_ics(s, 0, E1000_ICS_RXO);
815 return -1;
816 }
817 do {
818 desc_size = total_size - desc_offset;
819 if (desc_size > s->rxbuf_size) {
820 desc_size = s->rxbuf_size;
821 }
822 base = rx_desc_base(s) + sizeof(desc) * s->mac_reg[RDH];
823 pci_dma_read(&s->dev, base, &desc, sizeof(desc));
824 desc.special = vlan_special;
825 desc.status |= (vlan_status | E1000_RXD_STAT_DD);
826 if (desc.buffer_addr) {
827 if (desc_offset < size) {
828 size_t copy_size = size - desc_offset;
829 if (copy_size > s->rxbuf_size) {
830 copy_size = s->rxbuf_size;
831 }
832 pci_dma_write(&s->dev, le64_to_cpu(desc.buffer_addr),
833 buf + desc_offset + vlan_offset, copy_size);
834 }
835 desc_offset += desc_size;
836 desc.length = cpu_to_le16(desc_size);
837 if (desc_offset >= total_size) {
838 desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM;
839 } else {
840 /* Guest zeroing out status is not a hardware requirement.
841 Clear EOP in case guest didn't do it. */
842 desc.status &= ~E1000_RXD_STAT_EOP;
843 }
844 } else { // as per intel docs; skip descriptors with null buf addr
845 DBGOUT(RX, "Null RX descriptor!!\n");
846 }
847 pci_dma_write(&s->dev, base, &desc, sizeof(desc));
848
849 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN])
850 s->mac_reg[RDH] = 0;
851 s->check_rxov = 1;
852 /* see comment in start_xmit; same here */
853 if (s->mac_reg[RDH] == rdh_start) {
854 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n",
855 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]);
856 set_ics(s, 0, E1000_ICS_RXO);
857 return -1;
858 }
859 } while (desc_offset < total_size);
860
861 s->mac_reg[GPRC]++;
862 s->mac_reg[TPR]++;
863 /* TOR - Total Octets Received:
864 * This register includes bytes received in a packet from the <Destination
865 * Address> field through the <CRC> field, inclusively.
866 */
867 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4;
868 if (n < s->mac_reg[TORL])
869 s->mac_reg[TORH]++;
870 s->mac_reg[TORL] = n;
871
872 n = E1000_ICS_RXT0;
873 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH])
874 rdt += s->mac_reg[RDLEN] / sizeof(desc);
875 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >>
876 s->rxbuf_min_shift)
877 n |= E1000_ICS_RXDMT0;
878
879 set_ics(s, 0, n);
880
881 return size;
882 }
883
884 static uint32_t
885 mac_readreg(E1000State *s, int index)
886 {
887 return s->mac_reg[index];
888 }
889
890 static uint32_t
891 mac_icr_read(E1000State *s, int index)
892 {
893 uint32_t ret = s->mac_reg[ICR];
894
895 DBGOUT(INTERRUPT, "ICR read: %x\n", ret);
896 set_interrupt_cause(s, 0, 0);
897 return ret;
898 }
899
900 static uint32_t
901 mac_read_clr4(E1000State *s, int index)
902 {
903 uint32_t ret = s->mac_reg[index];
904
905 s->mac_reg[index] = 0;
906 return ret;
907 }
908
909 static uint32_t
910 mac_read_clr8(E1000State *s, int index)
911 {
912 uint32_t ret = s->mac_reg[index];
913
914 s->mac_reg[index] = 0;
915 s->mac_reg[index-1] = 0;
916 return ret;
917 }
918
919 static void
920 mac_writereg(E1000State *s, int index, uint32_t val)
921 {
922 s->mac_reg[index] = val;
923 }
924
925 static void
926 set_rdt(E1000State *s, int index, uint32_t val)
927 {
928 s->check_rxov = 0;
929 s->mac_reg[index] = val & 0xffff;
930 if (e1000_has_rxbufs(s, 1)) {
931 qemu_flush_queued_packets(&s->nic->nc);
932 }
933 }
934
935 static void
936 set_16bit(E1000State *s, int index, uint32_t val)
937 {
938 s->mac_reg[index] = val & 0xffff;
939 }
940
941 static void
942 set_dlen(E1000State *s, int index, uint32_t val)
943 {
944 s->mac_reg[index] = val & 0xfff80;
945 }
946
947 static void
948 set_tctl(E1000State *s, int index, uint32_t val)
949 {
950 s->mac_reg[index] = val;
951 s->mac_reg[TDT] &= 0xffff;
952 start_xmit(s);
953 }
954
955 static void
956 set_icr(E1000State *s, int index, uint32_t val)
957 {
958 DBGOUT(INTERRUPT, "set_icr %x\n", val);
959 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val);
960 }
961
962 static void
963 set_imc(E1000State *s, int index, uint32_t val)
964 {
965 s->mac_reg[IMS] &= ~val;
966 set_ics(s, 0, 0);
967 }
968
969 static void
970 set_ims(E1000State *s, int index, uint32_t val)
971 {
972 s->mac_reg[IMS] |= val;
973 set_ics(s, 0, 0);
974 }
975
976 #define getreg(x) [x] = mac_readreg
977 static uint32_t (*macreg_readops[])(E1000State *, int) = {
978 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL),
979 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL),
980 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS),
981 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL),
982 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS),
983 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL),
984 getreg(TDLEN), getreg(RDLEN),
985
986 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, [GPRC] = mac_read_clr4,
987 [GPTC] = mac_read_clr4, [TPR] = mac_read_clr4, [TPT] = mac_read_clr4,
988 [ICR] = mac_icr_read, [EECD] = get_eecd, [EERD] = flash_eerd_read,
989 [CRCERRS ... MPC] = &mac_readreg,
990 [RA ... RA+31] = &mac_readreg,
991 [MTA ... MTA+127] = &mac_readreg,
992 [VFTA ... VFTA+127] = &mac_readreg,
993 };
994 enum { NREADOPS = ARRAY_SIZE(macreg_readops) };
995
996 #define putreg(x) [x] = mac_writereg
997 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = {
998 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC),
999 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH),
1000 putreg(RDBAL), putreg(LEDCTL), putreg(VET),
1001 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl,
1002 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics,
1003 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt,
1004 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr,
1005 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl,
1006 [RA ... RA+31] = &mac_writereg,
1007 [MTA ... MTA+127] = &mac_writereg,
1008 [VFTA ... VFTA+127] = &mac_writereg,
1009 };
1010
1011 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) };
1012
1013 static void
1014 e1000_mmio_write(void *opaque, target_phys_addr_t addr, uint64_t val,
1015 unsigned size)
1016 {
1017 E1000State *s = opaque;
1018 unsigned int index = (addr & 0x1ffff) >> 2;
1019
1020 if (index < NWRITEOPS && macreg_writeops[index]) {
1021 macreg_writeops[index](s, index, val);
1022 } else if (index < NREADOPS && macreg_readops[index]) {
1023 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04"PRIx64"\n", index<<2, val);
1024 } else {
1025 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08"PRIx64"\n",
1026 index<<2, val);
1027 }
1028 }
1029
1030 static uint64_t
1031 e1000_mmio_read(void *opaque, target_phys_addr_t addr, unsigned size)
1032 {
1033 E1000State *s = opaque;
1034 unsigned int index = (addr & 0x1ffff) >> 2;
1035
1036 if (index < NREADOPS && macreg_readops[index])
1037 {
1038 return macreg_readops[index](s, index);
1039 }
1040 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2);
1041 return 0;
1042 }
1043
1044 static const MemoryRegionOps e1000_mmio_ops = {
1045 .read = e1000_mmio_read,
1046 .write = e1000_mmio_write,
1047 .endianness = DEVICE_LITTLE_ENDIAN,
1048 .impl = {
1049 .min_access_size = 4,
1050 .max_access_size = 4,
1051 },
1052 };
1053
1054 static uint64_t e1000_io_read(void *opaque, target_phys_addr_t addr,
1055 unsigned size)
1056 {
1057 E1000State *s = opaque;
1058
1059 (void)s;
1060 return 0;
1061 }
1062
1063 static void e1000_io_write(void *opaque, target_phys_addr_t addr,
1064 uint64_t val, unsigned size)
1065 {
1066 E1000State *s = opaque;
1067
1068 (void)s;
1069 }
1070
1071 static const MemoryRegionOps e1000_io_ops = {
1072 .read = e1000_io_read,
1073 .write = e1000_io_write,
1074 .endianness = DEVICE_LITTLE_ENDIAN,
1075 };
1076
1077 static bool is_version_1(void *opaque, int version_id)
1078 {
1079 return version_id == 1;
1080 }
1081
1082 static int e1000_post_load(void *opaque, int version_id)
1083 {
1084 E1000State *s = opaque;
1085
1086 /* nc.link_down can't be migrated, so infer link_down according
1087 * to link status bit in mac_reg[STATUS] */
1088 s->nic->nc.link_down = (s->mac_reg[STATUS] & E1000_STATUS_LU) == 0;
1089
1090 return 0;
1091 }
1092
1093 static const VMStateDescription vmstate_e1000 = {
1094 .name = "e1000",
1095 .version_id = 2,
1096 .minimum_version_id = 1,
1097 .minimum_version_id_old = 1,
1098 .post_load = e1000_post_load,
1099 .fields = (VMStateField []) {
1100 VMSTATE_PCI_DEVICE(dev, E1000State),
1101 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */
1102 VMSTATE_UNUSED(4), /* Was mmio_base. */
1103 VMSTATE_UINT32(rxbuf_size, E1000State),
1104 VMSTATE_UINT32(rxbuf_min_shift, E1000State),
1105 VMSTATE_UINT32(eecd_state.val_in, E1000State),
1106 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State),
1107 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State),
1108 VMSTATE_UINT16(eecd_state.reading, E1000State),
1109 VMSTATE_UINT32(eecd_state.old_eecd, E1000State),
1110 VMSTATE_UINT8(tx.ipcss, E1000State),
1111 VMSTATE_UINT8(tx.ipcso, E1000State),
1112 VMSTATE_UINT16(tx.ipcse, E1000State),
1113 VMSTATE_UINT8(tx.tucss, E1000State),
1114 VMSTATE_UINT8(tx.tucso, E1000State),
1115 VMSTATE_UINT16(tx.tucse, E1000State),
1116 VMSTATE_UINT32(tx.paylen, E1000State),
1117 VMSTATE_UINT8(tx.hdr_len, E1000State),
1118 VMSTATE_UINT16(tx.mss, E1000State),
1119 VMSTATE_UINT16(tx.size, E1000State),
1120 VMSTATE_UINT16(tx.tso_frames, E1000State),
1121 VMSTATE_UINT8(tx.sum_needed, E1000State),
1122 VMSTATE_INT8(tx.ip, E1000State),
1123 VMSTATE_INT8(tx.tcp, E1000State),
1124 VMSTATE_BUFFER(tx.header, E1000State),
1125 VMSTATE_BUFFER(tx.data, E1000State),
1126 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64),
1127 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20),
1128 VMSTATE_UINT32(mac_reg[CTRL], E1000State),
1129 VMSTATE_UINT32(mac_reg[EECD], E1000State),
1130 VMSTATE_UINT32(mac_reg[EERD], E1000State),
1131 VMSTATE_UINT32(mac_reg[GPRC], E1000State),
1132 VMSTATE_UINT32(mac_reg[GPTC], E1000State),
1133 VMSTATE_UINT32(mac_reg[ICR], E1000State),
1134 VMSTATE_UINT32(mac_reg[ICS], E1000State),
1135 VMSTATE_UINT32(mac_reg[IMC], E1000State),
1136 VMSTATE_UINT32(mac_reg[IMS], E1000State),
1137 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State),
1138 VMSTATE_UINT32(mac_reg[MANC], E1000State),
1139 VMSTATE_UINT32(mac_reg[MDIC], E1000State),
1140 VMSTATE_UINT32(mac_reg[MPC], E1000State),
1141 VMSTATE_UINT32(mac_reg[PBA], E1000State),
1142 VMSTATE_UINT32(mac_reg[RCTL], E1000State),
1143 VMSTATE_UINT32(mac_reg[RDBAH], E1000State),
1144 VMSTATE_UINT32(mac_reg[RDBAL], E1000State),
1145 VMSTATE_UINT32(mac_reg[RDH], E1000State),
1146 VMSTATE_UINT32(mac_reg[RDLEN], E1000State),
1147 VMSTATE_UINT32(mac_reg[RDT], E1000State),
1148 VMSTATE_UINT32(mac_reg[STATUS], E1000State),
1149 VMSTATE_UINT32(mac_reg[SWSM], E1000State),
1150 VMSTATE_UINT32(mac_reg[TCTL], E1000State),
1151 VMSTATE_UINT32(mac_reg[TDBAH], E1000State),
1152 VMSTATE_UINT32(mac_reg[TDBAL], E1000State),
1153 VMSTATE_UINT32(mac_reg[TDH], E1000State),
1154 VMSTATE_UINT32(mac_reg[TDLEN], E1000State),
1155 VMSTATE_UINT32(mac_reg[TDT], E1000State),
1156 VMSTATE_UINT32(mac_reg[TORH], E1000State),
1157 VMSTATE_UINT32(mac_reg[TORL], E1000State),
1158 VMSTATE_UINT32(mac_reg[TOTH], E1000State),
1159 VMSTATE_UINT32(mac_reg[TOTL], E1000State),
1160 VMSTATE_UINT32(mac_reg[TPR], E1000State),
1161 VMSTATE_UINT32(mac_reg[TPT], E1000State),
1162 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State),
1163 VMSTATE_UINT32(mac_reg[WUFC], E1000State),
1164 VMSTATE_UINT32(mac_reg[VET], E1000State),
1165 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32),
1166 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128),
1167 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128),
1168 VMSTATE_END_OF_LIST()
1169 }
1170 };
1171
1172 static const uint16_t e1000_eeprom_template[64] = {
1173 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000,
1174 0x3000, 0x1000, 0x6403, E1000_DEVID, 0x8086, E1000_DEVID, 0x8086, 0x3040,
1175 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700,
1176 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706,
1177 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff,
1178 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1179 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
1180 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000,
1181 };
1182
1183 /* PCI interface */
1184
1185 static void
1186 e1000_mmio_setup(E1000State *d)
1187 {
1188 int i;
1189 const uint32_t excluded_regs[] = {
1190 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS,
1191 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE
1192 };
1193
1194 memory_region_init_io(&d->mmio, &e1000_mmio_ops, d, "e1000-mmio",
1195 PNPMMIO_SIZE);
1196 memory_region_add_coalescing(&d->mmio, 0, excluded_regs[0]);
1197 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++)
1198 memory_region_add_coalescing(&d->mmio, excluded_regs[i] + 4,
1199 excluded_regs[i+1] - excluded_regs[i] - 4);
1200 memory_region_init_io(&d->io, &e1000_io_ops, d, "e1000-io", IOPORT_SIZE);
1201 }
1202
1203 static void
1204 e1000_cleanup(NetClientState *nc)
1205 {
1206 E1000State *s = DO_UPCAST(NICState, nc, nc)->opaque;
1207
1208 s->nic = NULL;
1209 }
1210
1211 static void
1212 pci_e1000_uninit(PCIDevice *dev)
1213 {
1214 E1000State *d = DO_UPCAST(E1000State, dev, dev);
1215
1216 qemu_del_timer(d->autoneg_timer);
1217 qemu_free_timer(d->autoneg_timer);
1218 memory_region_destroy(&d->mmio);
1219 memory_region_destroy(&d->io);
1220 qemu_del_net_client(&d->nic->nc);
1221 }
1222
1223 static NetClientInfo net_e1000_info = {
1224 .type = NET_CLIENT_OPTIONS_KIND_NIC,
1225 .size = sizeof(NICState),
1226 .can_receive = e1000_can_receive,
1227 .receive = e1000_receive,
1228 .cleanup = e1000_cleanup,
1229 .link_status_changed = e1000_set_link_status,
1230 };
1231
1232 static int pci_e1000_init(PCIDevice *pci_dev)
1233 {
1234 E1000State *d = DO_UPCAST(E1000State, dev, pci_dev);
1235 uint8_t *pci_conf;
1236 uint16_t checksum = 0;
1237 int i;
1238 uint8_t *macaddr;
1239
1240 pci_conf = d->dev.config;
1241
1242 /* TODO: RST# value should be 0, PCI spec 6.2.4 */
1243 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10;
1244
1245 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */
1246
1247 e1000_mmio_setup(d);
1248
1249 pci_register_bar(&d->dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->mmio);
1250
1251 pci_register_bar(&d->dev, 1, PCI_BASE_ADDRESS_SPACE_IO, &d->io);
1252
1253 memmove(d->eeprom_data, e1000_eeprom_template,
1254 sizeof e1000_eeprom_template);
1255 qemu_macaddr_default_if_unset(&d->conf.macaddr);
1256 macaddr = d->conf.macaddr.a;
1257 for (i = 0; i < 3; i++)
1258 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i];
1259 for (i = 0; i < EEPROM_CHECKSUM_REG; i++)
1260 checksum += d->eeprom_data[i];
1261 checksum = (uint16_t) EEPROM_SUM - checksum;
1262 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum;
1263
1264 d->nic = qemu_new_nic(&net_e1000_info, &d->conf,
1265 object_get_typename(OBJECT(d)), d->dev.qdev.id, d);
1266
1267 qemu_format_nic_info_str(&d->nic->nc, macaddr);
1268
1269 add_boot_device_path(d->conf.bootindex, &pci_dev->qdev, "/ethernet-phy@0");
1270
1271 d->autoneg_timer = qemu_new_timer_ms(vm_clock, e1000_autoneg_timer, d);
1272
1273 return 0;
1274 }
1275
1276 static void qdev_e1000_reset(DeviceState *dev)
1277 {
1278 E1000State *d = DO_UPCAST(E1000State, dev.qdev, dev);
1279 e1000_reset(d);
1280 }
1281
1282 static Property e1000_properties[] = {
1283 DEFINE_NIC_PROPERTIES(E1000State, conf),
1284 DEFINE_PROP_END_OF_LIST(),
1285 };
1286
1287 static void e1000_class_init(ObjectClass *klass, void *data)
1288 {
1289 DeviceClass *dc = DEVICE_CLASS(klass);
1290 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1291
1292 k->init = pci_e1000_init;
1293 k->exit = pci_e1000_uninit;
1294 k->romfile = "pxe-e1000.rom";
1295 k->vendor_id = PCI_VENDOR_ID_INTEL;
1296 k->device_id = E1000_DEVID;
1297 k->revision = 0x03;
1298 k->class_id = PCI_CLASS_NETWORK_ETHERNET;
1299 dc->desc = "Intel Gigabit Ethernet";
1300 dc->reset = qdev_e1000_reset;
1301 dc->vmsd = &vmstate_e1000;
1302 dc->props = e1000_properties;
1303 }
1304
1305 static TypeInfo e1000_info = {
1306 .name = "e1000",
1307 .parent = TYPE_PCI_DEVICE,
1308 .instance_size = sizeof(E1000State),
1309 .class_init = e1000_class_init,
1310 };
1311
1312 static void e1000_register_types(void)
1313 {
1314 type_register_static(&e1000_info);
1315 }
1316
1317 type_init(e1000_register_types)
Various patches