1 /* 2 * QEMU e1000 emulation 3 * 4 * Software developer's manual: 5 * http://download.intel.com/design/network/manuals/8254x_GBe_SDM.pdf 6 * 7 * Nir Peleg, Tutis Systems Ltd. for Qumranet Inc. 8 * Copyright (c) 2008 Qumranet 9 * Based on work done by: 10 * Copyright (c) 2007 Dan Aloni 11 * Copyright (c) 2004 Antony T Curtis 12 * 13 * This library is free software; you can redistribute it and/or 14 * modify it under the terms of the GNU Lesser General Public 15 * License as published by the Free Software Foundation; either 16 * version 2 of the License, or (at your option) any later version. 17 * 18 * This library is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 21 * Lesser General Public License for more details. 22 * 23 * You should have received a copy of the GNU Lesser General Public 24 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 25 */ 26 27 28 #include "hw/hw.h" 29 #include "hw/pci/pci.h" 30 #include "net/net.h" 31 #include "net/checksum.h" 32 #include "hw/loader.h" 33 #include "sysemu/sysemu.h" 34 #include "sysemu/dma.h" 35 #include "qemu/iov.h" 36 #include "qemu/range.h" 37 38 #include "e1000_regs.h" 39 40 #define E1000_DEBUG 41 42 #ifdef E1000_DEBUG 43 enum { 44 DEBUG_GENERAL, DEBUG_IO, DEBUG_MMIO, DEBUG_INTERRUPT, 45 DEBUG_RX, DEBUG_TX, DEBUG_MDIC, DEBUG_EEPROM, 46 DEBUG_UNKNOWN, DEBUG_TXSUM, DEBUG_TXERR, DEBUG_RXERR, 47 DEBUG_RXFILTER, DEBUG_PHY, DEBUG_NOTYET, 48 }; 49 #define DBGBIT(x) (1<<DEBUG_##x) 50 static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); 51 52 #define DBGOUT(what, fmt, ...) do { \ 53 if (debugflags & DBGBIT(what)) \ 54 fprintf(stderr, "e1000: " fmt, ## __VA_ARGS__); \ 55 } while (0) 56 #else 57 #define DBGOUT(what, fmt, ...) do {} while (0) 58 #endif 59 60 #define IOPORT_SIZE 0x40 61 #define PNPMMIO_SIZE 0x20000 62 #define MIN_BUF_SIZE 60 /* Min. octets in an ethernet frame sans FCS */ 63 64 /* this is the size past which hardware will drop packets when setting LPE=0 */ 65 #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 66 /* this is the size past which hardware will drop packets when setting LPE=1 */ 67 #define MAXIMUM_ETHERNET_LPE_SIZE 16384 68 69 #define MAXIMUM_ETHERNET_HDR_LEN (14+4) 70 71 /* 72 * HW models: 73 * E1000_DEV_ID_82540EM works with Windows, Linux, and OS X <= 10.8 74 * E1000_DEV_ID_82544GC_COPPER appears to work; not well tested 75 * E1000_DEV_ID_82545EM_COPPER works with Linux and OS X >= 10.6 76 * Others never tested 77 */ 78 79 typedef struct E1000State_st { 80 /*< private >*/ 81 PCIDevice parent_obj; 82 /*< public >*/ 83 84 NICState *nic; 85 NICConf conf; 86 MemoryRegion mmio; 87 MemoryRegion io; 88 89 uint32_t mac_reg[0x8000]; 90 uint16_t phy_reg[0x20]; 91 uint16_t eeprom_data[64]; 92 93 uint32_t rxbuf_size; 94 uint32_t rxbuf_min_shift; 95 struct e1000_tx { 96 unsigned char header[256]; 97 unsigned char vlan_header[4]; 98 /* Fields vlan and data must not be reordered or separated. */ 99 unsigned char vlan[4]; 100 unsigned char data[0x10000]; 101 uint16_t size; 102 unsigned char sum_needed; 103 unsigned char vlan_needed; 104 uint8_t ipcss; 105 uint8_t ipcso; 106 uint16_t ipcse; 107 uint8_t tucss; 108 uint8_t tucso; 109 uint16_t tucse; 110 uint8_t hdr_len; 111 uint16_t mss; 112 uint32_t paylen; 113 uint16_t tso_frames; 114 char tse; 115 int8_t ip; 116 int8_t tcp; 117 char cptse; // current packet tse bit 118 } tx; 119 120 struct { 121 uint32_t val_in; /* shifted in from guest driver */ 122 uint16_t bitnum_in; 123 uint16_t bitnum_out; 124 uint16_t reading; 125 uint32_t old_eecd; 126 } eecd_state; 127 128 QEMUTimer *autoneg_timer; 129 130 QEMUTimer *mit_timer; /* Mitigation timer. */ 131 bool mit_timer_on; /* Mitigation timer is running. */ 132 bool mit_irq_level; /* Tracks interrupt pin level. */ 133 uint32_t mit_ide; /* Tracks E1000_TXD_CMD_IDE bit. */ 134 135 /* Compatibility flags for migration to/from qemu 1.3.0 and older */ 136 #define E1000_FLAG_AUTONEG_BIT 0 137 #define E1000_FLAG_MIT_BIT 1 138 #define E1000_FLAG_MAC_BIT 2 139 #define E1000_FLAG_AUTONEG (1 << E1000_FLAG_AUTONEG_BIT) 140 #define E1000_FLAG_MIT (1 << E1000_FLAG_MIT_BIT) 141 #define E1000_FLAG_MAC (1 << E1000_FLAG_MAC_BIT) 142 uint32_t compat_flags; 143 } E1000State; 144 145 #define chkflag(x) (s->compat_flags & E1000_FLAG_##x) 146 147 typedef struct E1000BaseClass { 148 PCIDeviceClass parent_class; 149 uint16_t phy_id2; 150 } E1000BaseClass; 151 152 #define TYPE_E1000_BASE "e1000-base" 153 154 #define E1000(obj) \ 155 OBJECT_CHECK(E1000State, (obj), TYPE_E1000_BASE) 156 157 #define E1000_DEVICE_CLASS(klass) \ 158 OBJECT_CLASS_CHECK(E1000BaseClass, (klass), TYPE_E1000_BASE) 159 #define E1000_DEVICE_GET_CLASS(obj) \ 160 OBJECT_GET_CLASS(E1000BaseClass, (obj), TYPE_E1000_BASE) 161 162 #define defreg(x) x = (E1000_##x>>2) 163 enum { 164 defreg(CTRL), defreg(EECD), defreg(EERD), defreg(GPRC), 165 defreg(GPTC), defreg(ICR), defreg(ICS), defreg(IMC), 166 defreg(IMS), defreg(LEDCTL), defreg(MANC), defreg(MDIC), 167 defreg(MPC), defreg(PBA), defreg(RCTL), defreg(RDBAH), 168 defreg(RDBAL), defreg(RDH), defreg(RDLEN), defreg(RDT), 169 defreg(STATUS), defreg(SWSM), defreg(TCTL), defreg(TDBAH), 170 defreg(TDBAL), defreg(TDH), defreg(TDLEN), defreg(TDT), 171 defreg(TORH), defreg(TORL), defreg(TOTH), defreg(TOTL), 172 defreg(TPR), defreg(TPT), defreg(TXDCTL), defreg(WUFC), 173 defreg(RA), defreg(MTA), defreg(CRCERRS), defreg(VFTA), 174 defreg(VET), defreg(RDTR), defreg(RADV), defreg(TADV), 175 defreg(ITR), 176 }; 177 178 static void 179 e1000_link_down(E1000State *s) 180 { 181 s->mac_reg[STATUS] &= ~E1000_STATUS_LU; 182 s->phy_reg[PHY_STATUS] &= ~MII_SR_LINK_STATUS; 183 s->phy_reg[PHY_STATUS] &= ~MII_SR_AUTONEG_COMPLETE; 184 s->phy_reg[PHY_LP_ABILITY] &= ~MII_LPAR_LPACK; 185 } 186 187 static void 188 e1000_link_up(E1000State *s) 189 { 190 s->mac_reg[STATUS] |= E1000_STATUS_LU; 191 s->phy_reg[PHY_STATUS] |= MII_SR_LINK_STATUS; 192 193 /* E1000_STATUS_LU is tested by e1000_can_receive() */ 194 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 195 } 196 197 static bool 198 have_autoneg(E1000State *s) 199 { 200 return chkflag(AUTONEG) && (s->phy_reg[PHY_CTRL] & MII_CR_AUTO_NEG_EN); 201 } 202 203 static void 204 set_phy_ctrl(E1000State *s, int index, uint16_t val) 205 { 206 /* bits 0-5 reserved; MII_CR_[RESTART_AUTO_NEG,RESET] are self clearing */ 207 s->phy_reg[PHY_CTRL] = val & ~(0x3f | 208 MII_CR_RESET | 209 MII_CR_RESTART_AUTO_NEG); 210 211 /* 212 * QEMU 1.3 does not support link auto-negotiation emulation, so if we 213 * migrate during auto negotiation, after migration the link will be 214 * down. 215 */ 216 if (have_autoneg(s) && (val & MII_CR_RESTART_AUTO_NEG)) { 217 e1000_link_down(s); 218 DBGOUT(PHY, "Start link auto negotiation\n"); 219 timer_mod(s->autoneg_timer, 220 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 500); 221 } 222 } 223 224 static void (*phyreg_writeops[])(E1000State *, int, uint16_t) = { 225 [PHY_CTRL] = set_phy_ctrl, 226 }; 227 228 enum { NPHYWRITEOPS = ARRAY_SIZE(phyreg_writeops) }; 229 230 enum { PHY_R = 1, PHY_W = 2, PHY_RW = PHY_R | PHY_W }; 231 static const char phy_regcap[0x20] = { 232 [PHY_STATUS] = PHY_R, [M88E1000_EXT_PHY_SPEC_CTRL] = PHY_RW, 233 [PHY_ID1] = PHY_R, [M88E1000_PHY_SPEC_CTRL] = PHY_RW, 234 [PHY_CTRL] = PHY_RW, [PHY_1000T_CTRL] = PHY_RW, 235 [PHY_LP_ABILITY] = PHY_R, [PHY_1000T_STATUS] = PHY_R, 236 [PHY_AUTONEG_ADV] = PHY_RW, [M88E1000_RX_ERR_CNTR] = PHY_R, 237 [PHY_ID2] = PHY_R, [M88E1000_PHY_SPEC_STATUS] = PHY_R, 238 [PHY_AUTONEG_EXP] = PHY_R, 239 }; 240 241 /* PHY_ID2 documented in 8254x_GBe_SDM.pdf, pp. 250 */ 242 static const uint16_t phy_reg_init[] = { 243 [PHY_CTRL] = MII_CR_SPEED_SELECT_MSB | 244 MII_CR_FULL_DUPLEX | 245 MII_CR_AUTO_NEG_EN, 246 247 [PHY_STATUS] = MII_SR_EXTENDED_CAPS | 248 MII_SR_LINK_STATUS | /* link initially up */ 249 MII_SR_AUTONEG_CAPS | 250 /* MII_SR_AUTONEG_COMPLETE: initially NOT completed */ 251 MII_SR_PREAMBLE_SUPPRESS | 252 MII_SR_EXTENDED_STATUS | 253 MII_SR_10T_HD_CAPS | 254 MII_SR_10T_FD_CAPS | 255 MII_SR_100X_HD_CAPS | 256 MII_SR_100X_FD_CAPS, 257 258 [PHY_ID1] = 0x141, 259 /* [PHY_ID2] configured per DevId, from e1000_reset() */ 260 [PHY_AUTONEG_ADV] = 0xde1, 261 [PHY_LP_ABILITY] = 0x1e0, 262 [PHY_1000T_CTRL] = 0x0e00, 263 [PHY_1000T_STATUS] = 0x3c00, 264 [M88E1000_PHY_SPEC_CTRL] = 0x360, 265 [M88E1000_PHY_SPEC_STATUS] = 0xac00, 266 [M88E1000_EXT_PHY_SPEC_CTRL] = 0x0d60, 267 }; 268 269 static const uint32_t mac_reg_init[] = { 270 [PBA] = 0x00100030, 271 [LEDCTL] = 0x602, 272 [CTRL] = E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN0 | 273 E1000_CTRL_SPD_1000 | E1000_CTRL_SLU, 274 [STATUS] = 0x80000000 | E1000_STATUS_GIO_MASTER_ENABLE | 275 E1000_STATUS_ASDV | E1000_STATUS_MTXCKOK | 276 E1000_STATUS_SPEED_1000 | E1000_STATUS_FD | 277 E1000_STATUS_LU, 278 [MANC] = E1000_MANC_EN_MNG2HOST | E1000_MANC_RCV_TCO_EN | 279 E1000_MANC_ARP_EN | E1000_MANC_0298_EN | 280 E1000_MANC_RMCP_EN, 281 }; 282 283 /* Helper function, *curr == 0 means the value is not set */ 284 static inline void 285 mit_update_delay(uint32_t *curr, uint32_t value) 286 { 287 if (value && (*curr == 0 || value < *curr)) { 288 *curr = value; 289 } 290 } 291 292 static void 293 set_interrupt_cause(E1000State *s, int index, uint32_t val) 294 { 295 PCIDevice *d = PCI_DEVICE(s); 296 uint32_t pending_ints; 297 uint32_t mit_delay; 298 299 s->mac_reg[ICR] = val; 300 301 /* 302 * Make sure ICR and ICS registers have the same value. 303 * The spec says that the ICS register is write-only. However in practice, 304 * on real hardware ICS is readable, and for reads it has the same value as 305 * ICR (except that ICS does not have the clear on read behaviour of ICR). 306 * 307 * The VxWorks PRO/1000 driver uses this behaviour. 308 */ 309 s->mac_reg[ICS] = val; 310 311 pending_ints = (s->mac_reg[IMS] & s->mac_reg[ICR]); 312 if (!s->mit_irq_level && pending_ints) { 313 /* 314 * Here we detect a potential raising edge. We postpone raising the 315 * interrupt line if we are inside the mitigation delay window 316 * (s->mit_timer_on == 1). 317 * We provide a partial implementation of interrupt mitigation, 318 * emulating only RADV, TADV and ITR (lower 16 bits, 1024ns units for 319 * RADV and TADV, 256ns units for ITR). RDTR is only used to enable 320 * RADV; relative timers based on TIDV and RDTR are not implemented. 321 */ 322 if (s->mit_timer_on) { 323 return; 324 } 325 if (chkflag(MIT)) { 326 /* Compute the next mitigation delay according to pending 327 * interrupts and the current values of RADV (provided 328 * RDTR!=0), TADV and ITR. 329 * Then rearm the timer. 330 */ 331 mit_delay = 0; 332 if (s->mit_ide && 333 (pending_ints & (E1000_ICR_TXQE | E1000_ICR_TXDW))) { 334 mit_update_delay(&mit_delay, s->mac_reg[TADV] * 4); 335 } 336 if (s->mac_reg[RDTR] && (pending_ints & E1000_ICS_RXT0)) { 337 mit_update_delay(&mit_delay, s->mac_reg[RADV] * 4); 338 } 339 mit_update_delay(&mit_delay, s->mac_reg[ITR]); 340 341 if (mit_delay) { 342 s->mit_timer_on = 1; 343 timer_mod(s->mit_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 344 mit_delay * 256); 345 } 346 s->mit_ide = 0; 347 } 348 } 349 350 s->mit_irq_level = (pending_ints != 0); 351 pci_set_irq(d, s->mit_irq_level); 352 } 353 354 static void 355 e1000_mit_timer(void *opaque) 356 { 357 E1000State *s = opaque; 358 359 s->mit_timer_on = 0; 360 /* Call set_interrupt_cause to update the irq level (if necessary). */ 361 set_interrupt_cause(s, 0, s->mac_reg[ICR]); 362 } 363 364 static void 365 set_ics(E1000State *s, int index, uint32_t val) 366 { 367 DBGOUT(INTERRUPT, "set_ics %x, ICR %x, IMR %x\n", val, s->mac_reg[ICR], 368 s->mac_reg[IMS]); 369 set_interrupt_cause(s, 0, val | s->mac_reg[ICR]); 370 } 371 372 static void 373 e1000_autoneg_timer(void *opaque) 374 { 375 E1000State *s = opaque; 376 if (!qemu_get_queue(s->nic)->link_down) { 377 e1000_link_up(s); 378 s->phy_reg[PHY_LP_ABILITY] |= MII_LPAR_LPACK; 379 s->phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE; 380 DBGOUT(PHY, "Auto negotiation is completed\n"); 381 set_ics(s, 0, E1000_ICS_LSC); /* signal link status change to guest */ 382 } 383 } 384 385 static int 386 rxbufsize(uint32_t v) 387 { 388 v &= E1000_RCTL_BSEX | E1000_RCTL_SZ_16384 | E1000_RCTL_SZ_8192 | 389 E1000_RCTL_SZ_4096 | E1000_RCTL_SZ_2048 | E1000_RCTL_SZ_1024 | 390 E1000_RCTL_SZ_512 | E1000_RCTL_SZ_256; 391 switch (v) { 392 case E1000_RCTL_BSEX | E1000_RCTL_SZ_16384: 393 return 16384; 394 case E1000_RCTL_BSEX | E1000_RCTL_SZ_8192: 395 return 8192; 396 case E1000_RCTL_BSEX | E1000_RCTL_SZ_4096: 397 return 4096; 398 case E1000_RCTL_SZ_1024: 399 return 1024; 400 case E1000_RCTL_SZ_512: 401 return 512; 402 case E1000_RCTL_SZ_256: 403 return 256; 404 } 405 return 2048; 406 } 407 408 static void e1000_reset(void *opaque) 409 { 410 E1000State *d = opaque; 411 E1000BaseClass *edc = E1000_DEVICE_GET_CLASS(d); 412 uint8_t *macaddr = d->conf.macaddr.a; 413 int i; 414 415 timer_del(d->autoneg_timer); 416 timer_del(d->mit_timer); 417 d->mit_timer_on = 0; 418 d->mit_irq_level = 0; 419 d->mit_ide = 0; 420 memset(d->phy_reg, 0, sizeof d->phy_reg); 421 memmove(d->phy_reg, phy_reg_init, sizeof phy_reg_init); 422 d->phy_reg[PHY_ID2] = edc->phy_id2; 423 memset(d->mac_reg, 0, sizeof d->mac_reg); 424 memmove(d->mac_reg, mac_reg_init, sizeof mac_reg_init); 425 d->rxbuf_min_shift = 1; 426 memset(&d->tx, 0, sizeof d->tx); 427 428 if (qemu_get_queue(d->nic)->link_down) { 429 e1000_link_down(d); 430 } 431 432 /* Some guests expect pre-initialized RAH/RAL (AddrValid flag + MACaddr) */ 433 d->mac_reg[RA] = 0; 434 d->mac_reg[RA + 1] = E1000_RAH_AV; 435 for (i = 0; i < 4; i++) { 436 d->mac_reg[RA] |= macaddr[i] << (8 * i); 437 d->mac_reg[RA + 1] |= (i < 2) ? macaddr[i + 4] << (8 * i) : 0; 438 } 439 qemu_format_nic_info_str(qemu_get_queue(d->nic), macaddr); 440 } 441 442 static void 443 set_ctrl(E1000State *s, int index, uint32_t val) 444 { 445 /* RST is self clearing */ 446 s->mac_reg[CTRL] = val & ~E1000_CTRL_RST; 447 } 448 449 static void 450 set_rx_control(E1000State *s, int index, uint32_t val) 451 { 452 s->mac_reg[RCTL] = val; 453 s->rxbuf_size = rxbufsize(val); 454 s->rxbuf_min_shift = ((val / E1000_RCTL_RDMTS_QUAT) & 3) + 1; 455 DBGOUT(RX, "RCTL: %d, mac_reg[RCTL] = 0x%x\n", s->mac_reg[RDT], 456 s->mac_reg[RCTL]); 457 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 458 } 459 460 static void 461 set_mdic(E1000State *s, int index, uint32_t val) 462 { 463 uint32_t data = val & E1000_MDIC_DATA_MASK; 464 uint32_t addr = ((val & E1000_MDIC_REG_MASK) >> E1000_MDIC_REG_SHIFT); 465 466 if ((val & E1000_MDIC_PHY_MASK) >> E1000_MDIC_PHY_SHIFT != 1) // phy # 467 val = s->mac_reg[MDIC] | E1000_MDIC_ERROR; 468 else if (val & E1000_MDIC_OP_READ) { 469 DBGOUT(MDIC, "MDIC read reg 0x%x\n", addr); 470 if (!(phy_regcap[addr] & PHY_R)) { 471 DBGOUT(MDIC, "MDIC read reg %x unhandled\n", addr); 472 val |= E1000_MDIC_ERROR; 473 } else 474 val = (val ^ data) | s->phy_reg[addr]; 475 } else if (val & E1000_MDIC_OP_WRITE) { 476 DBGOUT(MDIC, "MDIC write reg 0x%x, value 0x%x\n", addr, data); 477 if (!(phy_regcap[addr] & PHY_W)) { 478 DBGOUT(MDIC, "MDIC write reg %x unhandled\n", addr); 479 val |= E1000_MDIC_ERROR; 480 } else { 481 if (addr < NPHYWRITEOPS && phyreg_writeops[addr]) { 482 phyreg_writeops[addr](s, index, data); 483 } else { 484 s->phy_reg[addr] = data; 485 } 486 } 487 } 488 s->mac_reg[MDIC] = val | E1000_MDIC_READY; 489 490 if (val & E1000_MDIC_INT_EN) { 491 set_ics(s, 0, E1000_ICR_MDAC); 492 } 493 } 494 495 static uint32_t 496 get_eecd(E1000State *s, int index) 497 { 498 uint32_t ret = E1000_EECD_PRES|E1000_EECD_GNT | s->eecd_state.old_eecd; 499 500 DBGOUT(EEPROM, "reading eeprom bit %d (reading %d)\n", 501 s->eecd_state.bitnum_out, s->eecd_state.reading); 502 if (!s->eecd_state.reading || 503 ((s->eeprom_data[(s->eecd_state.bitnum_out >> 4) & 0x3f] >> 504 ((s->eecd_state.bitnum_out & 0xf) ^ 0xf))) & 1) 505 ret |= E1000_EECD_DO; 506 return ret; 507 } 508 509 static void 510 set_eecd(E1000State *s, int index, uint32_t val) 511 { 512 uint32_t oldval = s->eecd_state.old_eecd; 513 514 s->eecd_state.old_eecd = val & (E1000_EECD_SK | E1000_EECD_CS | 515 E1000_EECD_DI|E1000_EECD_FWE_MASK|E1000_EECD_REQ); 516 if (!(E1000_EECD_CS & val)) { /* CS inactive; nothing to do */ 517 return; 518 } 519 if (E1000_EECD_CS & (val ^ oldval)) { /* CS rise edge; reset state */ 520 s->eecd_state.val_in = 0; 521 s->eecd_state.bitnum_in = 0; 522 s->eecd_state.bitnum_out = 0; 523 s->eecd_state.reading = 0; 524 } 525 if (!(E1000_EECD_SK & (val ^ oldval))) { /* no clock edge */ 526 return; 527 } 528 if (!(E1000_EECD_SK & val)) { /* falling edge */ 529 s->eecd_state.bitnum_out++; 530 return; 531 } 532 s->eecd_state.val_in <<= 1; 533 if (val & E1000_EECD_DI) 534 s->eecd_state.val_in |= 1; 535 if (++s->eecd_state.bitnum_in == 9 && !s->eecd_state.reading) { 536 s->eecd_state.bitnum_out = ((s->eecd_state.val_in & 0x3f)<<4)-1; 537 s->eecd_state.reading = (((s->eecd_state.val_in >> 6) & 7) == 538 EEPROM_READ_OPCODE_MICROWIRE); 539 } 540 DBGOUT(EEPROM, "eeprom bitnum in %d out %d, reading %d\n", 541 s->eecd_state.bitnum_in, s->eecd_state.bitnum_out, 542 s->eecd_state.reading); 543 } 544 545 static uint32_t 546 flash_eerd_read(E1000State *s, int x) 547 { 548 unsigned int index, r = s->mac_reg[EERD] & ~E1000_EEPROM_RW_REG_START; 549 550 if ((s->mac_reg[EERD] & E1000_EEPROM_RW_REG_START) == 0) 551 return (s->mac_reg[EERD]); 552 553 if ((index = r >> E1000_EEPROM_RW_ADDR_SHIFT) > EEPROM_CHECKSUM_REG) 554 return (E1000_EEPROM_RW_REG_DONE | r); 555 556 return ((s->eeprom_data[index] << E1000_EEPROM_RW_REG_DATA) | 557 E1000_EEPROM_RW_REG_DONE | r); 558 } 559 560 static void 561 putsum(uint8_t *data, uint32_t n, uint32_t sloc, uint32_t css, uint32_t cse) 562 { 563 uint32_t sum; 564 565 if (cse && cse < n) 566 n = cse + 1; 567 if (sloc < n-1) { 568 sum = net_checksum_add(n-css, data+css); 569 stw_be_p(data + sloc, net_checksum_finish(sum)); 570 } 571 } 572 573 static inline int 574 vlan_enabled(E1000State *s) 575 { 576 return ((s->mac_reg[CTRL] & E1000_CTRL_VME) != 0); 577 } 578 579 static inline int 580 vlan_rx_filter_enabled(E1000State *s) 581 { 582 return ((s->mac_reg[RCTL] & E1000_RCTL_VFE) != 0); 583 } 584 585 static inline int 586 is_vlan_packet(E1000State *s, const uint8_t *buf) 587 { 588 return (be16_to_cpup((uint16_t *)(buf + 12)) == 589 le16_to_cpu(s->mac_reg[VET])); 590 } 591 592 static inline int 593 is_vlan_txd(uint32_t txd_lower) 594 { 595 return ((txd_lower & E1000_TXD_CMD_VLE) != 0); 596 } 597 598 /* FCS aka Ethernet CRC-32. We don't get it from backends and can't 599 * fill it in, just pad descriptor length by 4 bytes unless guest 600 * told us to strip it off the packet. */ 601 static inline int 602 fcs_len(E1000State *s) 603 { 604 return (s->mac_reg[RCTL] & E1000_RCTL_SECRC) ? 0 : 4; 605 } 606 607 static void 608 e1000_send_packet(E1000State *s, const uint8_t *buf, int size) 609 { 610 NetClientState *nc = qemu_get_queue(s->nic); 611 if (s->phy_reg[PHY_CTRL] & MII_CR_LOOPBACK) { 612 nc->info->receive(nc, buf, size); 613 } else { 614 qemu_send_packet(nc, buf, size); 615 } 616 } 617 618 static void 619 xmit_seg(E1000State *s) 620 { 621 uint16_t len, *sp; 622 unsigned int frames = s->tx.tso_frames, css, sofar, n; 623 struct e1000_tx *tp = &s->tx; 624 625 if (tp->tse && tp->cptse) { 626 css = tp->ipcss; 627 DBGOUT(TXSUM, "frames %d size %d ipcss %d\n", 628 frames, tp->size, css); 629 if (tp->ip) { /* IPv4 */ 630 stw_be_p(tp->data+css+2, tp->size - css); 631 stw_be_p(tp->data+css+4, 632 be16_to_cpup((uint16_t *)(tp->data+css+4))+frames); 633 } else { /* IPv6 */ 634 stw_be_p(tp->data+css+4, tp->size - css); 635 } 636 css = tp->tucss; 637 len = tp->size - css; 638 DBGOUT(TXSUM, "tcp %d tucss %d len %d\n", tp->tcp, css, len); 639 if (tp->tcp) { 640 sofar = frames * tp->mss; 641 stl_be_p(tp->data+css+4, ldl_be_p(tp->data+css+4)+sofar); /* seq */ 642 if (tp->paylen - sofar > tp->mss) 643 tp->data[css + 13] &= ~9; /* PSH, FIN */ 644 } else /* UDP */ 645 stw_be_p(tp->data+css+4, len); 646 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) { 647 unsigned int phsum; 648 // add pseudo-header length before checksum calculation 649 sp = (uint16_t *)(tp->data + tp->tucso); 650 phsum = be16_to_cpup(sp) + len; 651 phsum = (phsum >> 16) + (phsum & 0xffff); 652 stw_be_p(sp, phsum); 653 } 654 tp->tso_frames++; 655 } 656 657 if (tp->sum_needed & E1000_TXD_POPTS_TXSM) 658 putsum(tp->data, tp->size, tp->tucso, tp->tucss, tp->tucse); 659 if (tp->sum_needed & E1000_TXD_POPTS_IXSM) 660 putsum(tp->data, tp->size, tp->ipcso, tp->ipcss, tp->ipcse); 661 if (tp->vlan_needed) { 662 memmove(tp->vlan, tp->data, 4); 663 memmove(tp->data, tp->data + 4, 8); 664 memcpy(tp->data + 8, tp->vlan_header, 4); 665 e1000_send_packet(s, tp->vlan, tp->size + 4); 666 } else { 667 e1000_send_packet(s, tp->data, tp->size); 668 } 669 670 s->mac_reg[TPT]++; 671 s->mac_reg[GPTC]++; 672 n = s->mac_reg[TOTL]; 673 if ((s->mac_reg[TOTL] += s->tx.size) < n) 674 s->mac_reg[TOTH]++; 675 } 676 677 static void 678 process_tx_desc(E1000State *s, struct e1000_tx_desc *dp) 679 { 680 PCIDevice *d = PCI_DEVICE(s); 681 uint32_t txd_lower = le32_to_cpu(dp->lower.data); 682 uint32_t dtype = txd_lower & (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D); 683 unsigned int split_size = txd_lower & 0xffff, bytes, sz, op; 684 unsigned int msh = 0xfffff; 685 uint64_t addr; 686 struct e1000_context_desc *xp = (struct e1000_context_desc *)dp; 687 struct e1000_tx *tp = &s->tx; 688 689 s->mit_ide |= (txd_lower & E1000_TXD_CMD_IDE); 690 if (dtype == E1000_TXD_CMD_DEXT) { /* context descriptor */ 691 op = le32_to_cpu(xp->cmd_and_length); 692 tp->ipcss = xp->lower_setup.ip_fields.ipcss; 693 tp->ipcso = xp->lower_setup.ip_fields.ipcso; 694 tp->ipcse = le16_to_cpu(xp->lower_setup.ip_fields.ipcse); 695 tp->tucss = xp->upper_setup.tcp_fields.tucss; 696 tp->tucso = xp->upper_setup.tcp_fields.tucso; 697 tp->tucse = le16_to_cpu(xp->upper_setup.tcp_fields.tucse); 698 tp->paylen = op & 0xfffff; 699 tp->hdr_len = xp->tcp_seg_setup.fields.hdr_len; 700 tp->mss = le16_to_cpu(xp->tcp_seg_setup.fields.mss); 701 tp->ip = (op & E1000_TXD_CMD_IP) ? 1 : 0; 702 tp->tcp = (op & E1000_TXD_CMD_TCP) ? 1 : 0; 703 tp->tse = (op & E1000_TXD_CMD_TSE) ? 1 : 0; 704 tp->tso_frames = 0; 705 if (tp->tucso == 0) { /* this is probably wrong */ 706 DBGOUT(TXSUM, "TCP/UDP: cso 0!\n"); 707 tp->tucso = tp->tucss + (tp->tcp ? 16 : 6); 708 } 709 return; 710 } else if (dtype == (E1000_TXD_CMD_DEXT | E1000_TXD_DTYP_D)) { 711 // data descriptor 712 if (tp->size == 0) { 713 tp->sum_needed = le32_to_cpu(dp->upper.data) >> 8; 714 } 715 tp->cptse = ( txd_lower & E1000_TXD_CMD_TSE ) ? 1 : 0; 716 } else { 717 // legacy descriptor 718 tp->cptse = 0; 719 } 720 721 if (vlan_enabled(s) && is_vlan_txd(txd_lower) && 722 (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) { 723 tp->vlan_needed = 1; 724 stw_be_p(tp->vlan_header, 725 le16_to_cpu(s->mac_reg[VET])); 726 stw_be_p(tp->vlan_header + 2, 727 le16_to_cpu(dp->upper.fields.special)); 728 } 729 730 addr = le64_to_cpu(dp->buffer_addr); 731 if (tp->tse && tp->cptse) { 732 msh = tp->hdr_len + tp->mss; 733 do { 734 bytes = split_size; 735 if (tp->size + bytes > msh) 736 bytes = msh - tp->size; 737 738 bytes = MIN(sizeof(tp->data) - tp->size, bytes); 739 pci_dma_read(d, addr, tp->data + tp->size, bytes); 740 sz = tp->size + bytes; 741 if (sz >= tp->hdr_len && tp->size < tp->hdr_len) { 742 memmove(tp->header, tp->data, tp->hdr_len); 743 } 744 tp->size = sz; 745 addr += bytes; 746 if (sz == msh) { 747 xmit_seg(s); 748 memmove(tp->data, tp->header, tp->hdr_len); 749 tp->size = tp->hdr_len; 750 } 751 split_size -= bytes; 752 } while (bytes && split_size); 753 } else if (!tp->tse && tp->cptse) { 754 // context descriptor TSE is not set, while data descriptor TSE is set 755 DBGOUT(TXERR, "TCP segmentation error\n"); 756 } else { 757 split_size = MIN(sizeof(tp->data) - tp->size, split_size); 758 pci_dma_read(d, addr, tp->data + tp->size, split_size); 759 tp->size += split_size; 760 } 761 762 if (!(txd_lower & E1000_TXD_CMD_EOP)) 763 return; 764 if (!(tp->tse && tp->cptse && tp->size < tp->hdr_len)) { 765 xmit_seg(s); 766 } 767 tp->tso_frames = 0; 768 tp->sum_needed = 0; 769 tp->vlan_needed = 0; 770 tp->size = 0; 771 tp->cptse = 0; 772 } 773 774 static uint32_t 775 txdesc_writeback(E1000State *s, dma_addr_t base, struct e1000_tx_desc *dp) 776 { 777 PCIDevice *d = PCI_DEVICE(s); 778 uint32_t txd_upper, txd_lower = le32_to_cpu(dp->lower.data); 779 780 if (!(txd_lower & (E1000_TXD_CMD_RS|E1000_TXD_CMD_RPS))) 781 return 0; 782 txd_upper = (le32_to_cpu(dp->upper.data) | E1000_TXD_STAT_DD) & 783 ~(E1000_TXD_STAT_EC | E1000_TXD_STAT_LC | E1000_TXD_STAT_TU); 784 dp->upper.data = cpu_to_le32(txd_upper); 785 pci_dma_write(d, base + ((char *)&dp->upper - (char *)dp), 786 &dp->upper, sizeof(dp->upper)); 787 return E1000_ICR_TXDW; 788 } 789 790 static uint64_t tx_desc_base(E1000State *s) 791 { 792 uint64_t bah = s->mac_reg[TDBAH]; 793 uint64_t bal = s->mac_reg[TDBAL] & ~0xf; 794 795 return (bah << 32) + bal; 796 } 797 798 static void 799 start_xmit(E1000State *s) 800 { 801 PCIDevice *d = PCI_DEVICE(s); 802 dma_addr_t base; 803 struct e1000_tx_desc desc; 804 uint32_t tdh_start = s->mac_reg[TDH], cause = E1000_ICS_TXQE; 805 806 if (!(s->mac_reg[TCTL] & E1000_TCTL_EN)) { 807 DBGOUT(TX, "tx disabled\n"); 808 return; 809 } 810 811 while (s->mac_reg[TDH] != s->mac_reg[TDT]) { 812 base = tx_desc_base(s) + 813 sizeof(struct e1000_tx_desc) * s->mac_reg[TDH]; 814 pci_dma_read(d, base, &desc, sizeof(desc)); 815 816 DBGOUT(TX, "index %d: %p : %x %x\n", s->mac_reg[TDH], 817 (void *)(intptr_t)desc.buffer_addr, desc.lower.data, 818 desc.upper.data); 819 820 process_tx_desc(s, &desc); 821 cause |= txdesc_writeback(s, base, &desc); 822 823 if (++s->mac_reg[TDH] * sizeof(desc) >= s->mac_reg[TDLEN]) 824 s->mac_reg[TDH] = 0; 825 /* 826 * the following could happen only if guest sw assigns 827 * bogus values to TDT/TDLEN. 828 * there's nothing too intelligent we could do about this. 829 */ 830 if (s->mac_reg[TDH] == tdh_start) { 831 DBGOUT(TXERR, "TDH wraparound @%x, TDT %x, TDLEN %x\n", 832 tdh_start, s->mac_reg[TDT], s->mac_reg[TDLEN]); 833 break; 834 } 835 } 836 set_ics(s, 0, cause); 837 } 838 839 static int 840 receive_filter(E1000State *s, const uint8_t *buf, int size) 841 { 842 static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 843 static const int mta_shift[] = {4, 3, 2, 0}; 844 uint32_t f, rctl = s->mac_reg[RCTL], ra[2], *rp; 845 846 if (is_vlan_packet(s, buf) && vlan_rx_filter_enabled(s)) { 847 uint16_t vid = be16_to_cpup((uint16_t *)(buf + 14)); 848 uint32_t vfta = le32_to_cpup((uint32_t *)(s->mac_reg + VFTA) + 849 ((vid >> 5) & 0x7f)); 850 if ((vfta & (1 << (vid & 0x1f))) == 0) 851 return 0; 852 } 853 854 if (rctl & E1000_RCTL_UPE) // promiscuous 855 return 1; 856 857 if ((buf[0] & 1) && (rctl & E1000_RCTL_MPE)) // promiscuous mcast 858 return 1; 859 860 if ((rctl & E1000_RCTL_BAM) && !memcmp(buf, bcast, sizeof bcast)) 861 return 1; 862 863 for (rp = s->mac_reg + RA; rp < s->mac_reg + RA + 32; rp += 2) { 864 if (!(rp[1] & E1000_RAH_AV)) 865 continue; 866 ra[0] = cpu_to_le32(rp[0]); 867 ra[1] = cpu_to_le32(rp[1]); 868 if (!memcmp(buf, (uint8_t *)ra, 6)) { 869 DBGOUT(RXFILTER, 870 "unicast match[%d]: %02x:%02x:%02x:%02x:%02x:%02x\n", 871 (int)(rp - s->mac_reg - RA)/2, 872 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); 873 return 1; 874 } 875 } 876 DBGOUT(RXFILTER, "unicast mismatch: %02x:%02x:%02x:%02x:%02x:%02x\n", 877 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); 878 879 f = mta_shift[(rctl >> E1000_RCTL_MO_SHIFT) & 3]; 880 f = (((buf[5] << 8) | buf[4]) >> f) & 0xfff; 881 if (s->mac_reg[MTA + (f >> 5)] & (1 << (f & 0x1f))) 882 return 1; 883 DBGOUT(RXFILTER, 884 "dropping, inexact filter mismatch: %02x:%02x:%02x:%02x:%02x:%02x MO %d MTA[%d] %x\n", 885 buf[0], buf[1], buf[2], buf[3], buf[4], buf[5], 886 (rctl >> E1000_RCTL_MO_SHIFT) & 3, f >> 5, 887 s->mac_reg[MTA + (f >> 5)]); 888 889 return 0; 890 } 891 892 static void 893 e1000_set_link_status(NetClientState *nc) 894 { 895 E1000State *s = qemu_get_nic_opaque(nc); 896 uint32_t old_status = s->mac_reg[STATUS]; 897 898 if (nc->link_down) { 899 e1000_link_down(s); 900 } else { 901 if (have_autoneg(s) && 902 !(s->phy_reg[PHY_STATUS] & MII_SR_AUTONEG_COMPLETE)) { 903 /* emulate auto-negotiation if supported */ 904 timer_mod(s->autoneg_timer, 905 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 500); 906 } else { 907 e1000_link_up(s); 908 } 909 } 910 911 if (s->mac_reg[STATUS] != old_status) 912 set_ics(s, 0, E1000_ICR_LSC); 913 } 914 915 static bool e1000_has_rxbufs(E1000State *s, size_t total_size) 916 { 917 int bufs; 918 /* Fast-path short packets */ 919 if (total_size <= s->rxbuf_size) { 920 return s->mac_reg[RDH] != s->mac_reg[RDT]; 921 } 922 if (s->mac_reg[RDH] < s->mac_reg[RDT]) { 923 bufs = s->mac_reg[RDT] - s->mac_reg[RDH]; 924 } else if (s->mac_reg[RDH] > s->mac_reg[RDT]) { 925 bufs = s->mac_reg[RDLEN] / sizeof(struct e1000_rx_desc) + 926 s->mac_reg[RDT] - s->mac_reg[RDH]; 927 } else { 928 return false; 929 } 930 return total_size <= bufs * s->rxbuf_size; 931 } 932 933 static int 934 e1000_can_receive(NetClientState *nc) 935 { 936 E1000State *s = qemu_get_nic_opaque(nc); 937 938 return (s->mac_reg[STATUS] & E1000_STATUS_LU) && 939 (s->mac_reg[RCTL] & E1000_RCTL_EN) && 940 (s->parent_obj.config[PCI_COMMAND] & PCI_COMMAND_MASTER) && 941 e1000_has_rxbufs(s, 1); 942 } 943 944 static uint64_t rx_desc_base(E1000State *s) 945 { 946 uint64_t bah = s->mac_reg[RDBAH]; 947 uint64_t bal = s->mac_reg[RDBAL] & ~0xf; 948 949 return (bah << 32) + bal; 950 } 951 952 static ssize_t 953 e1000_receive_iov(NetClientState *nc, const struct iovec *iov, int iovcnt) 954 { 955 E1000State *s = qemu_get_nic_opaque(nc); 956 PCIDevice *d = PCI_DEVICE(s); 957 struct e1000_rx_desc desc; 958 dma_addr_t base; 959 unsigned int n, rdt; 960 uint32_t rdh_start; 961 uint16_t vlan_special = 0; 962 uint8_t vlan_status = 0; 963 uint8_t min_buf[MIN_BUF_SIZE]; 964 struct iovec min_iov; 965 uint8_t *filter_buf = iov->iov_base; 966 size_t size = iov_size(iov, iovcnt); 967 size_t iov_ofs = 0; 968 size_t desc_offset; 969 size_t desc_size; 970 size_t total_size; 971 972 if (!(s->mac_reg[STATUS] & E1000_STATUS_LU)) { 973 return -1; 974 } 975 976 if (!(s->mac_reg[RCTL] & E1000_RCTL_EN)) { 977 return -1; 978 } 979 980 /* Pad to minimum Ethernet frame length */ 981 if (size < sizeof(min_buf)) { 982 iov_to_buf(iov, iovcnt, 0, min_buf, size); 983 memset(&min_buf[size], 0, sizeof(min_buf) - size); 984 min_iov.iov_base = filter_buf = min_buf; 985 min_iov.iov_len = size = sizeof(min_buf); 986 iovcnt = 1; 987 iov = &min_iov; 988 } else if (iov->iov_len < MAXIMUM_ETHERNET_HDR_LEN) { 989 /* This is very unlikely, but may happen. */ 990 iov_to_buf(iov, iovcnt, 0, min_buf, MAXIMUM_ETHERNET_HDR_LEN); 991 filter_buf = min_buf; 992 } 993 994 /* Discard oversized packets if !LPE and !SBP. */ 995 if ((size > MAXIMUM_ETHERNET_LPE_SIZE || 996 (size > MAXIMUM_ETHERNET_VLAN_SIZE 997 && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) 998 && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { 999 return size; 1000 } 1001 1002 if (!receive_filter(s, filter_buf, size)) { 1003 return size; 1004 } 1005 1006 if (vlan_enabled(s) && is_vlan_packet(s, filter_buf)) { 1007 vlan_special = cpu_to_le16(be16_to_cpup((uint16_t *)(filter_buf 1008 + 14))); 1009 iov_ofs = 4; 1010 if (filter_buf == iov->iov_base) { 1011 memmove(filter_buf + 4, filter_buf, 12); 1012 } else { 1013 iov_from_buf(iov, iovcnt, 4, filter_buf, 12); 1014 while (iov->iov_len <= iov_ofs) { 1015 iov_ofs -= iov->iov_len; 1016 iov++; 1017 } 1018 } 1019 vlan_status = E1000_RXD_STAT_VP; 1020 size -= 4; 1021 } 1022 1023 rdh_start = s->mac_reg[RDH]; 1024 desc_offset = 0; 1025 total_size = size + fcs_len(s); 1026 if (!e1000_has_rxbufs(s, total_size)) { 1027 set_ics(s, 0, E1000_ICS_RXO); 1028 return -1; 1029 } 1030 do { 1031 desc_size = total_size - desc_offset; 1032 if (desc_size > s->rxbuf_size) { 1033 desc_size = s->rxbuf_size; 1034 } 1035 base = rx_desc_base(s) + sizeof(desc) * s->mac_reg[RDH]; 1036 pci_dma_read(d, base, &desc, sizeof(desc)); 1037 desc.special = vlan_special; 1038 desc.status |= (vlan_status | E1000_RXD_STAT_DD); 1039 if (desc.buffer_addr) { 1040 if (desc_offset < size) { 1041 size_t iov_copy; 1042 hwaddr ba = le64_to_cpu(desc.buffer_addr); 1043 size_t copy_size = size - desc_offset; 1044 if (copy_size > s->rxbuf_size) { 1045 copy_size = s->rxbuf_size; 1046 } 1047 do { 1048 iov_copy = MIN(copy_size, iov->iov_len - iov_ofs); 1049 pci_dma_write(d, ba, iov->iov_base + iov_ofs, iov_copy); 1050 copy_size -= iov_copy; 1051 ba += iov_copy; 1052 iov_ofs += iov_copy; 1053 if (iov_ofs == iov->iov_len) { 1054 iov++; 1055 iov_ofs = 0; 1056 } 1057 } while (copy_size); 1058 } 1059 desc_offset += desc_size; 1060 desc.length = cpu_to_le16(desc_size); 1061 if (desc_offset >= total_size) { 1062 desc.status |= E1000_RXD_STAT_EOP | E1000_RXD_STAT_IXSM; 1063 } else { 1064 /* Guest zeroing out status is not a hardware requirement. 1065 Clear EOP in case guest didn't do it. */ 1066 desc.status &= ~E1000_RXD_STAT_EOP; 1067 } 1068 } else { // as per intel docs; skip descriptors with null buf addr 1069 DBGOUT(RX, "Null RX descriptor!!\n"); 1070 } 1071 pci_dma_write(d, base, &desc, sizeof(desc)); 1072 1073 if (++s->mac_reg[RDH] * sizeof(desc) >= s->mac_reg[RDLEN]) 1074 s->mac_reg[RDH] = 0; 1075 /* see comment in start_xmit; same here */ 1076 if (s->mac_reg[RDH] == rdh_start) { 1077 DBGOUT(RXERR, "RDH wraparound @%x, RDT %x, RDLEN %x\n", 1078 rdh_start, s->mac_reg[RDT], s->mac_reg[RDLEN]); 1079 set_ics(s, 0, E1000_ICS_RXO); 1080 return -1; 1081 } 1082 } while (desc_offset < total_size); 1083 1084 s->mac_reg[GPRC]++; 1085 s->mac_reg[TPR]++; 1086 /* TOR - Total Octets Received: 1087 * This register includes bytes received in a packet from the <Destination 1088 * Address> field through the <CRC> field, inclusively. 1089 */ 1090 n = s->mac_reg[TORL] + size + /* Always include FCS length. */ 4; 1091 if (n < s->mac_reg[TORL]) 1092 s->mac_reg[TORH]++; 1093 s->mac_reg[TORL] = n; 1094 1095 n = E1000_ICS_RXT0; 1096 if ((rdt = s->mac_reg[RDT]) < s->mac_reg[RDH]) 1097 rdt += s->mac_reg[RDLEN] / sizeof(desc); 1098 if (((rdt - s->mac_reg[RDH]) * sizeof(desc)) <= s->mac_reg[RDLEN] >> 1099 s->rxbuf_min_shift) 1100 n |= E1000_ICS_RXDMT0; 1101 1102 set_ics(s, 0, n); 1103 1104 return size; 1105 } 1106 1107 static ssize_t 1108 e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size) 1109 { 1110 const struct iovec iov = { 1111 .iov_base = (uint8_t *)buf, 1112 .iov_len = size 1113 }; 1114 1115 return e1000_receive_iov(nc, &iov, 1); 1116 } 1117 1118 static uint32_t 1119 mac_readreg(E1000State *s, int index) 1120 { 1121 return s->mac_reg[index]; 1122 } 1123 1124 static uint32_t 1125 mac_icr_read(E1000State *s, int index) 1126 { 1127 uint32_t ret = s->mac_reg[ICR]; 1128 1129 DBGOUT(INTERRUPT, "ICR read: %x\n", ret); 1130 set_interrupt_cause(s, 0, 0); 1131 return ret; 1132 } 1133 1134 static uint32_t 1135 mac_read_clr4(E1000State *s, int index) 1136 { 1137 uint32_t ret = s->mac_reg[index]; 1138 1139 s->mac_reg[index] = 0; 1140 return ret; 1141 } 1142 1143 static uint32_t 1144 mac_read_clr8(E1000State *s, int index) 1145 { 1146 uint32_t ret = s->mac_reg[index]; 1147 1148 s->mac_reg[index] = 0; 1149 s->mac_reg[index-1] = 0; 1150 return ret; 1151 } 1152 1153 static void 1154 mac_writereg(E1000State *s, int index, uint32_t val) 1155 { 1156 uint32_t macaddr[2]; 1157 1158 s->mac_reg[index] = val; 1159 1160 if (index == RA + 1) { 1161 macaddr[0] = cpu_to_le32(s->mac_reg[RA]); 1162 macaddr[1] = cpu_to_le32(s->mac_reg[RA + 1]); 1163 qemu_format_nic_info_str(qemu_get_queue(s->nic), (uint8_t *)macaddr); 1164 } 1165 } 1166 1167 static void 1168 set_rdt(E1000State *s, int index, uint32_t val) 1169 { 1170 s->mac_reg[index] = val & 0xffff; 1171 if (e1000_has_rxbufs(s, 1)) { 1172 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 1173 } 1174 } 1175 1176 static void 1177 set_16bit(E1000State *s, int index, uint32_t val) 1178 { 1179 s->mac_reg[index] = val & 0xffff; 1180 } 1181 1182 static void 1183 set_dlen(E1000State *s, int index, uint32_t val) 1184 { 1185 s->mac_reg[index] = val & 0xfff80; 1186 } 1187 1188 static void 1189 set_tctl(E1000State *s, int index, uint32_t val) 1190 { 1191 s->mac_reg[index] = val; 1192 s->mac_reg[TDT] &= 0xffff; 1193 start_xmit(s); 1194 } 1195 1196 static void 1197 set_icr(E1000State *s, int index, uint32_t val) 1198 { 1199 DBGOUT(INTERRUPT, "set_icr %x\n", val); 1200 set_interrupt_cause(s, 0, s->mac_reg[ICR] & ~val); 1201 } 1202 1203 static void 1204 set_imc(E1000State *s, int index, uint32_t val) 1205 { 1206 s->mac_reg[IMS] &= ~val; 1207 set_ics(s, 0, 0); 1208 } 1209 1210 static void 1211 set_ims(E1000State *s, int index, uint32_t val) 1212 { 1213 s->mac_reg[IMS] |= val; 1214 set_ics(s, 0, 0); 1215 } 1216 1217 #define getreg(x) [x] = mac_readreg 1218 static uint32_t (*macreg_readops[])(E1000State *, int) = { 1219 getreg(PBA), getreg(RCTL), getreg(TDH), getreg(TXDCTL), 1220 getreg(WUFC), getreg(TDT), getreg(CTRL), getreg(LEDCTL), 1221 getreg(MANC), getreg(MDIC), getreg(SWSM), getreg(STATUS), 1222 getreg(TORL), getreg(TOTL), getreg(IMS), getreg(TCTL), 1223 getreg(RDH), getreg(RDT), getreg(VET), getreg(ICS), 1224 getreg(TDBAL), getreg(TDBAH), getreg(RDBAH), getreg(RDBAL), 1225 getreg(TDLEN), getreg(RDLEN), getreg(RDTR), getreg(RADV), 1226 getreg(TADV), getreg(ITR), 1227 1228 [TOTH] = mac_read_clr8, [TORH] = mac_read_clr8, 1229 [GPRC] = mac_read_clr4, [GPTC] = mac_read_clr4, 1230 [TPT] = mac_read_clr4, [TPR] = mac_read_clr4, 1231 [ICR] = mac_icr_read, [EECD] = get_eecd, 1232 [EERD] = flash_eerd_read, 1233 1234 [CRCERRS ... MPC] = &mac_readreg, 1235 [RA ... RA+31] = &mac_readreg, 1236 [MTA ... MTA+127] = &mac_readreg, 1237 [VFTA ... VFTA+127] = &mac_readreg, 1238 }; 1239 enum { NREADOPS = ARRAY_SIZE(macreg_readops) }; 1240 1241 #define putreg(x) [x] = mac_writereg 1242 static void (*macreg_writeops[])(E1000State *, int, uint32_t) = { 1243 putreg(PBA), putreg(EERD), putreg(SWSM), putreg(WUFC), 1244 putreg(TDBAL), putreg(TDBAH), putreg(TXDCTL), putreg(RDBAH), 1245 putreg(RDBAL), putreg(LEDCTL), putreg(VET), 1246 1247 [TDLEN] = set_dlen, [RDLEN] = set_dlen, [TCTL] = set_tctl, 1248 [TDT] = set_tctl, [MDIC] = set_mdic, [ICS] = set_ics, 1249 [TDH] = set_16bit, [RDH] = set_16bit, [RDT] = set_rdt, 1250 [IMC] = set_imc, [IMS] = set_ims, [ICR] = set_icr, 1251 [EECD] = set_eecd, [RCTL] = set_rx_control, [CTRL] = set_ctrl, 1252 [RDTR] = set_16bit, [RADV] = set_16bit, [TADV] = set_16bit, 1253 [ITR] = set_16bit, 1254 1255 [RA ... RA+31] = &mac_writereg, 1256 [MTA ... MTA+127] = &mac_writereg, 1257 [VFTA ... VFTA+127] = &mac_writereg, 1258 }; 1259 1260 enum { NWRITEOPS = ARRAY_SIZE(macreg_writeops) }; 1261 1262 enum { MAC_ACCESS_PARTIAL = 1, MAC_ACCESS_FLAG_NEEDED = 2 }; 1263 1264 #define markflag(x) ((E1000_FLAG_##x << 2) | MAC_ACCESS_FLAG_NEEDED) 1265 /* In the array below the meaning of the bits is: [f|f|f|f|f|f|n|p] 1266 * f - flag bits (up to 6 possible flags) 1267 * n - flag needed 1268 * p - partially implenented */ 1269 static const uint8_t mac_reg_access[0x8000] = { 1270 [RDTR] = markflag(MIT), [TADV] = markflag(MIT), 1271 [RADV] = markflag(MIT), [ITR] = markflag(MIT), 1272 }; 1273 1274 static void 1275 e1000_mmio_write(void *opaque, hwaddr addr, uint64_t val, 1276 unsigned size) 1277 { 1278 E1000State *s = opaque; 1279 unsigned int index = (addr & 0x1ffff) >> 2; 1280 1281 if (index < NWRITEOPS && macreg_writeops[index]) { 1282 if (!(mac_reg_access[index] & MAC_ACCESS_FLAG_NEEDED) 1283 || (s->compat_flags & (mac_reg_access[index] >> 2))) { 1284 if (mac_reg_access[index] & MAC_ACCESS_PARTIAL) { 1285 DBGOUT(GENERAL, "Writing to register at offset: 0x%08x. " 1286 "It is not fully implemented.\n", index<<2); 1287 } 1288 macreg_writeops[index](s, index, val); 1289 } else { /* "flag needed" bit is set, but the flag is not active */ 1290 DBGOUT(MMIO, "MMIO write attempt to disabled reg. addr=0x%08x\n", 1291 index<<2); 1292 } 1293 } else if (index < NREADOPS && macreg_readops[index]) { 1294 DBGOUT(MMIO, "e1000_mmio_writel RO %x: 0x%04"PRIx64"\n", 1295 index<<2, val); 1296 } else { 1297 DBGOUT(UNKNOWN, "MMIO unknown write addr=0x%08x,val=0x%08"PRIx64"\n", 1298 index<<2, val); 1299 } 1300 } 1301 1302 static uint64_t 1303 e1000_mmio_read(void *opaque, hwaddr addr, unsigned size) 1304 { 1305 E1000State *s = opaque; 1306 unsigned int index = (addr & 0x1ffff) >> 2; 1307 1308 if (index < NREADOPS && macreg_readops[index]) { 1309 if (!(mac_reg_access[index] & MAC_ACCESS_FLAG_NEEDED) 1310 || (s->compat_flags & (mac_reg_access[index] >> 2))) { 1311 if (mac_reg_access[index] & MAC_ACCESS_PARTIAL) { 1312 DBGOUT(GENERAL, "Reading register at offset: 0x%08x. " 1313 "It is not fully implemented.\n", index<<2); 1314 } 1315 return macreg_readops[index](s, index); 1316 } else { /* "flag needed" bit is set, but the flag is not active */ 1317 DBGOUT(MMIO, "MMIO read attempt of disabled reg. addr=0x%08x\n", 1318 index<<2); 1319 } 1320 } else { 1321 DBGOUT(UNKNOWN, "MMIO unknown read addr=0x%08x\n", index<<2); 1322 } 1323 return 0; 1324 } 1325 1326 static const MemoryRegionOps e1000_mmio_ops = { 1327 .read = e1000_mmio_read, 1328 .write = e1000_mmio_write, 1329 .endianness = DEVICE_LITTLE_ENDIAN, 1330 .impl = { 1331 .min_access_size = 4, 1332 .max_access_size = 4, 1333 }, 1334 }; 1335 1336 static uint64_t e1000_io_read(void *opaque, hwaddr addr, 1337 unsigned size) 1338 { 1339 E1000State *s = opaque; 1340 1341 (void)s; 1342 return 0; 1343 } 1344 1345 static void e1000_io_write(void *opaque, hwaddr addr, 1346 uint64_t val, unsigned size) 1347 { 1348 E1000State *s = opaque; 1349 1350 (void)s; 1351 } 1352 1353 static const MemoryRegionOps e1000_io_ops = { 1354 .read = e1000_io_read, 1355 .write = e1000_io_write, 1356 .endianness = DEVICE_LITTLE_ENDIAN, 1357 }; 1358 1359 static bool is_version_1(void *opaque, int version_id) 1360 { 1361 return version_id == 1; 1362 } 1363 1364 static void e1000_pre_save(void *opaque) 1365 { 1366 E1000State *s = opaque; 1367 NetClientState *nc = qemu_get_queue(s->nic); 1368 1369 /* If the mitigation timer is active, emulate a timeout now. */ 1370 if (s->mit_timer_on) { 1371 e1000_mit_timer(s); 1372 } 1373 1374 /* 1375 * If link is down and auto-negotiation is supported and ongoing, 1376 * complete auto-negotiation immediately. This allows us to look 1377 * at MII_SR_AUTONEG_COMPLETE to infer link status on load. 1378 */ 1379 if (nc->link_down && have_autoneg(s)) { 1380 s->phy_reg[PHY_STATUS] |= MII_SR_AUTONEG_COMPLETE; 1381 } 1382 } 1383 1384 static int e1000_post_load(void *opaque, int version_id) 1385 { 1386 E1000State *s = opaque; 1387 NetClientState *nc = qemu_get_queue(s->nic); 1388 1389 if (!chkflag(MIT)) { 1390 s->mac_reg[ITR] = s->mac_reg[RDTR] = s->mac_reg[RADV] = 1391 s->mac_reg[TADV] = 0; 1392 s->mit_irq_level = false; 1393 } 1394 s->mit_ide = 0; 1395 s->mit_timer_on = false; 1396 1397 /* nc.link_down can't be migrated, so infer link_down according 1398 * to link status bit in mac_reg[STATUS]. 1399 * Alternatively, restart link negotiation if it was in progress. */ 1400 nc->link_down = (s->mac_reg[STATUS] & E1000_STATUS_LU) == 0; 1401 1402 if (have_autoneg(s) && 1403 !(s->phy_reg[PHY_STATUS] & MII_SR_AUTONEG_COMPLETE)) { 1404 nc->link_down = false; 1405 timer_mod(s->autoneg_timer, 1406 qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + 500); 1407 } 1408 1409 return 0; 1410 } 1411 1412 static bool e1000_mit_state_needed(void *opaque) 1413 { 1414 E1000State *s = opaque; 1415 1416 return chkflag(MIT); 1417 } 1418 1419 static bool e1000_full_mac_needed(void *opaque) 1420 { 1421 E1000State *s = opaque; 1422 1423 return chkflag(MAC); 1424 } 1425 1426 static const VMStateDescription vmstate_e1000_mit_state = { 1427 .name = "e1000/mit_state", 1428 .version_id = 1, 1429 .minimum_version_id = 1, 1430 .needed = e1000_mit_state_needed, 1431 .fields = (VMStateField[]) { 1432 VMSTATE_UINT32(mac_reg[RDTR], E1000State), 1433 VMSTATE_UINT32(mac_reg[RADV], E1000State), 1434 VMSTATE_UINT32(mac_reg[TADV], E1000State), 1435 VMSTATE_UINT32(mac_reg[ITR], E1000State), 1436 VMSTATE_BOOL(mit_irq_level, E1000State), 1437 VMSTATE_END_OF_LIST() 1438 } 1439 }; 1440 1441 static const VMStateDescription vmstate_e1000_full_mac_state = { 1442 .name = "e1000/full_mac_state", 1443 .version_id = 1, 1444 .minimum_version_id = 1, 1445 .needed = e1000_full_mac_needed, 1446 .fields = (VMStateField[]) { 1447 VMSTATE_UINT32_ARRAY(mac_reg, E1000State, 0x8000), 1448 VMSTATE_END_OF_LIST() 1449 } 1450 }; 1451 1452 static const VMStateDescription vmstate_e1000 = { 1453 .name = "e1000", 1454 .version_id = 2, 1455 .minimum_version_id = 1, 1456 .pre_save = e1000_pre_save, 1457 .post_load = e1000_post_load, 1458 .fields = (VMStateField[]) { 1459 VMSTATE_PCI_DEVICE(parent_obj, E1000State), 1460 VMSTATE_UNUSED_TEST(is_version_1, 4), /* was instance id */ 1461 VMSTATE_UNUSED(4), /* Was mmio_base. */ 1462 VMSTATE_UINT32(rxbuf_size, E1000State), 1463 VMSTATE_UINT32(rxbuf_min_shift, E1000State), 1464 VMSTATE_UINT32(eecd_state.val_in, E1000State), 1465 VMSTATE_UINT16(eecd_state.bitnum_in, E1000State), 1466 VMSTATE_UINT16(eecd_state.bitnum_out, E1000State), 1467 VMSTATE_UINT16(eecd_state.reading, E1000State), 1468 VMSTATE_UINT32(eecd_state.old_eecd, E1000State), 1469 VMSTATE_UINT8(tx.ipcss, E1000State), 1470 VMSTATE_UINT8(tx.ipcso, E1000State), 1471 VMSTATE_UINT16(tx.ipcse, E1000State), 1472 VMSTATE_UINT8(tx.tucss, E1000State), 1473 VMSTATE_UINT8(tx.tucso, E1000State), 1474 VMSTATE_UINT16(tx.tucse, E1000State), 1475 VMSTATE_UINT32(tx.paylen, E1000State), 1476 VMSTATE_UINT8(tx.hdr_len, E1000State), 1477 VMSTATE_UINT16(tx.mss, E1000State), 1478 VMSTATE_UINT16(tx.size, E1000State), 1479 VMSTATE_UINT16(tx.tso_frames, E1000State), 1480 VMSTATE_UINT8(tx.sum_needed, E1000State), 1481 VMSTATE_INT8(tx.ip, E1000State), 1482 VMSTATE_INT8(tx.tcp, E1000State), 1483 VMSTATE_BUFFER(tx.header, E1000State), 1484 VMSTATE_BUFFER(tx.data, E1000State), 1485 VMSTATE_UINT16_ARRAY(eeprom_data, E1000State, 64), 1486 VMSTATE_UINT16_ARRAY(phy_reg, E1000State, 0x20), 1487 VMSTATE_UINT32(mac_reg[CTRL], E1000State), 1488 VMSTATE_UINT32(mac_reg[EECD], E1000State), 1489 VMSTATE_UINT32(mac_reg[EERD], E1000State), 1490 VMSTATE_UINT32(mac_reg[GPRC], E1000State), 1491 VMSTATE_UINT32(mac_reg[GPTC], E1000State), 1492 VMSTATE_UINT32(mac_reg[ICR], E1000State), 1493 VMSTATE_UINT32(mac_reg[ICS], E1000State), 1494 VMSTATE_UINT32(mac_reg[IMC], E1000State), 1495 VMSTATE_UINT32(mac_reg[IMS], E1000State), 1496 VMSTATE_UINT32(mac_reg[LEDCTL], E1000State), 1497 VMSTATE_UINT32(mac_reg[MANC], E1000State), 1498 VMSTATE_UINT32(mac_reg[MDIC], E1000State), 1499 VMSTATE_UINT32(mac_reg[MPC], E1000State), 1500 VMSTATE_UINT32(mac_reg[PBA], E1000State), 1501 VMSTATE_UINT32(mac_reg[RCTL], E1000State), 1502 VMSTATE_UINT32(mac_reg[RDBAH], E1000State), 1503 VMSTATE_UINT32(mac_reg[RDBAL], E1000State), 1504 VMSTATE_UINT32(mac_reg[RDH], E1000State), 1505 VMSTATE_UINT32(mac_reg[RDLEN], E1000State), 1506 VMSTATE_UINT32(mac_reg[RDT], E1000State), 1507 VMSTATE_UINT32(mac_reg[STATUS], E1000State), 1508 VMSTATE_UINT32(mac_reg[SWSM], E1000State), 1509 VMSTATE_UINT32(mac_reg[TCTL], E1000State), 1510 VMSTATE_UINT32(mac_reg[TDBAH], E1000State), 1511 VMSTATE_UINT32(mac_reg[TDBAL], E1000State), 1512 VMSTATE_UINT32(mac_reg[TDH], E1000State), 1513 VMSTATE_UINT32(mac_reg[TDLEN], E1000State), 1514 VMSTATE_UINT32(mac_reg[TDT], E1000State), 1515 VMSTATE_UINT32(mac_reg[TORH], E1000State), 1516 VMSTATE_UINT32(mac_reg[TORL], E1000State), 1517 VMSTATE_UINT32(mac_reg[TOTH], E1000State), 1518 VMSTATE_UINT32(mac_reg[TOTL], E1000State), 1519 VMSTATE_UINT32(mac_reg[TPR], E1000State), 1520 VMSTATE_UINT32(mac_reg[TPT], E1000State), 1521 VMSTATE_UINT32(mac_reg[TXDCTL], E1000State), 1522 VMSTATE_UINT32(mac_reg[WUFC], E1000State), 1523 VMSTATE_UINT32(mac_reg[VET], E1000State), 1524 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, RA, 32), 1525 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, MTA, 128), 1526 VMSTATE_UINT32_SUB_ARRAY(mac_reg, E1000State, VFTA, 128), 1527 VMSTATE_END_OF_LIST() 1528 }, 1529 .subsections = (const VMStateDescription*[]) { 1530 &vmstate_e1000_mit_state, 1531 &vmstate_e1000_full_mac_state, 1532 NULL 1533 } 1534 }; 1535 1536 /* 1537 * EEPROM contents documented in Tables 5-2 and 5-3, pp. 98-102. 1538 * Note: A valid DevId will be inserted during pci_e1000_init(). 1539 */ 1540 static const uint16_t e1000_eeprom_template[64] = { 1541 0x0000, 0x0000, 0x0000, 0x0000, 0xffff, 0x0000, 0x0000, 0x0000, 1542 0x3000, 0x1000, 0x6403, 0 /*DevId*/, 0x8086, 0 /*DevId*/, 0x8086, 0x3040, 1543 0x0008, 0x2000, 0x7e14, 0x0048, 0x1000, 0x00d8, 0x0000, 0x2700, 1544 0x6cc9, 0x3150, 0x0722, 0x040b, 0x0984, 0x0000, 0xc000, 0x0706, 1545 0x1008, 0x0000, 0x0f04, 0x7fff, 0x4d01, 0xffff, 0xffff, 0xffff, 1546 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 1547 0x0100, 0x4000, 0x121c, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 1548 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0x0000, 1549 }; 1550 1551 /* PCI interface */ 1552 1553 static void 1554 e1000_mmio_setup(E1000State *d) 1555 { 1556 int i; 1557 const uint32_t excluded_regs[] = { 1558 E1000_MDIC, E1000_ICR, E1000_ICS, E1000_IMS, 1559 E1000_IMC, E1000_TCTL, E1000_TDT, PNPMMIO_SIZE 1560 }; 1561 1562 memory_region_init_io(&d->mmio, OBJECT(d), &e1000_mmio_ops, d, 1563 "e1000-mmio", PNPMMIO_SIZE); 1564 memory_region_add_coalescing(&d->mmio, 0, excluded_regs[0]); 1565 for (i = 0; excluded_regs[i] != PNPMMIO_SIZE; i++) 1566 memory_region_add_coalescing(&d->mmio, excluded_regs[i] + 4, 1567 excluded_regs[i+1] - excluded_regs[i] - 4); 1568 memory_region_init_io(&d->io, OBJECT(d), &e1000_io_ops, d, "e1000-io", IOPORT_SIZE); 1569 } 1570 1571 static void 1572 pci_e1000_uninit(PCIDevice *dev) 1573 { 1574 E1000State *d = E1000(dev); 1575 1576 timer_del(d->autoneg_timer); 1577 timer_free(d->autoneg_timer); 1578 timer_del(d->mit_timer); 1579 timer_free(d->mit_timer); 1580 qemu_del_nic(d->nic); 1581 } 1582 1583 static NetClientInfo net_e1000_info = { 1584 .type = NET_CLIENT_OPTIONS_KIND_NIC, 1585 .size = sizeof(NICState), 1586 .can_receive = e1000_can_receive, 1587 .receive = e1000_receive, 1588 .receive_iov = e1000_receive_iov, 1589 .link_status_changed = e1000_set_link_status, 1590 }; 1591 1592 static void e1000_write_config(PCIDevice *pci_dev, uint32_t address, 1593 uint32_t val, int len) 1594 { 1595 E1000State *s = E1000(pci_dev); 1596 1597 pci_default_write_config(pci_dev, address, val, len); 1598 1599 if (range_covers_byte(address, len, PCI_COMMAND) && 1600 (pci_dev->config[PCI_COMMAND] & PCI_COMMAND_MASTER)) { 1601 qemu_flush_queued_packets(qemu_get_queue(s->nic)); 1602 } 1603 } 1604 1605 1606 static void pci_e1000_realize(PCIDevice *pci_dev, Error **errp) 1607 { 1608 DeviceState *dev = DEVICE(pci_dev); 1609 E1000State *d = E1000(pci_dev); 1610 PCIDeviceClass *pdc = PCI_DEVICE_GET_CLASS(pci_dev); 1611 uint8_t *pci_conf; 1612 uint16_t checksum = 0; 1613 int i; 1614 uint8_t *macaddr; 1615 1616 pci_dev->config_write = e1000_write_config; 1617 1618 pci_conf = pci_dev->config; 1619 1620 /* TODO: RST# value should be 0, PCI spec 6.2.4 */ 1621 pci_conf[PCI_CACHE_LINE_SIZE] = 0x10; 1622 1623 pci_conf[PCI_INTERRUPT_PIN] = 1; /* interrupt pin A */ 1624 1625 e1000_mmio_setup(d); 1626 1627 pci_register_bar(pci_dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &d->mmio); 1628 1629 pci_register_bar(pci_dev, 1, PCI_BASE_ADDRESS_SPACE_IO, &d->io); 1630 1631 memmove(d->eeprom_data, e1000_eeprom_template, 1632 sizeof e1000_eeprom_template); 1633 qemu_macaddr_default_if_unset(&d->conf.macaddr); 1634 macaddr = d->conf.macaddr.a; 1635 for (i = 0; i < 3; i++) 1636 d->eeprom_data[i] = (macaddr[2*i+1]<<8) | macaddr[2*i]; 1637 d->eeprom_data[11] = d->eeprom_data[13] = pdc->device_id; 1638 for (i = 0; i < EEPROM_CHECKSUM_REG; i++) 1639 checksum += d->eeprom_data[i]; 1640 checksum = (uint16_t) EEPROM_SUM - checksum; 1641 d->eeprom_data[EEPROM_CHECKSUM_REG] = checksum; 1642 1643 d->nic = qemu_new_nic(&net_e1000_info, &d->conf, 1644 object_get_typename(OBJECT(d)), dev->id, d); 1645 1646 qemu_format_nic_info_str(qemu_get_queue(d->nic), macaddr); 1647 1648 d->autoneg_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, e1000_autoneg_timer, d); 1649 d->mit_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, e1000_mit_timer, d); 1650 } 1651 1652 static void qdev_e1000_reset(DeviceState *dev) 1653 { 1654 E1000State *d = E1000(dev); 1655 e1000_reset(d); 1656 } 1657 1658 static Property e1000_properties[] = { 1659 DEFINE_NIC_PROPERTIES(E1000State, conf), 1660 DEFINE_PROP_BIT("autonegotiation", E1000State, 1661 compat_flags, E1000_FLAG_AUTONEG_BIT, true), 1662 DEFINE_PROP_BIT("mitigation", E1000State, 1663 compat_flags, E1000_FLAG_MIT_BIT, true), 1664 DEFINE_PROP_END_OF_LIST(), 1665 }; 1666 1667 typedef struct E1000Info { 1668 const char *name; 1669 uint16_t device_id; 1670 uint8_t revision; 1671 uint16_t phy_id2; 1672 } E1000Info; 1673 1674 static void e1000_class_init(ObjectClass *klass, void *data) 1675 { 1676 DeviceClass *dc = DEVICE_CLASS(klass); 1677 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); 1678 E1000BaseClass *e = E1000_DEVICE_CLASS(klass); 1679 const E1000Info *info = data; 1680 1681 k->realize = pci_e1000_realize; 1682 k->exit = pci_e1000_uninit; 1683 k->romfile = "efi-e1000.rom"; 1684 k->vendor_id = PCI_VENDOR_ID_INTEL; 1685 k->device_id = info->device_id; 1686 k->revision = info->revision; 1687 e->phy_id2 = info->phy_id2; 1688 k->class_id = PCI_CLASS_NETWORK_ETHERNET; 1689 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories); 1690 dc->desc = "Intel Gigabit Ethernet"; 1691 dc->reset = qdev_e1000_reset; 1692 dc->vmsd = &vmstate_e1000; 1693 dc->props = e1000_properties; 1694 } 1695 1696 static void e1000_instance_init(Object *obj) 1697 { 1698 E1000State *n = E1000(obj); 1699 device_add_bootindex_property(obj, &n->conf.bootindex, 1700 "bootindex", "/ethernet-phy@0", 1701 DEVICE(n), NULL); 1702 } 1703 1704 static const TypeInfo e1000_base_info = { 1705 .name = TYPE_E1000_BASE, 1706 .parent = TYPE_PCI_DEVICE, 1707 .instance_size = sizeof(E1000State), 1708 .instance_init = e1000_instance_init, 1709 .class_size = sizeof(E1000BaseClass), 1710 .abstract = true, 1711 }; 1712 1713 static const E1000Info e1000_devices[] = { 1714 { 1715 .name = "e1000", 1716 .device_id = E1000_DEV_ID_82540EM, 1717 .revision = 0x03, 1718 .phy_id2 = E1000_PHY_ID2_8254xx_DEFAULT, 1719 }, 1720 { 1721 .name = "e1000-82544gc", 1722 .device_id = E1000_DEV_ID_82544GC_COPPER, 1723 .revision = 0x03, 1724 .phy_id2 = E1000_PHY_ID2_82544x, 1725 }, 1726 { 1727 .name = "e1000-82545em", 1728 .device_id = E1000_DEV_ID_82545EM_COPPER, 1729 .revision = 0x03, 1730 .phy_id2 = E1000_PHY_ID2_8254xx_DEFAULT, 1731 }, 1732 }; 1733 1734 static void e1000_register_types(void) 1735 { 1736 int i; 1737 1738 type_register_static(&e1000_base_info); 1739 for (i = 0; i < ARRAY_SIZE(e1000_devices); i++) { 1740 const E1000Info *info = &e1000_devices[i]; 1741 TypeInfo type_info = {}; 1742 1743 type_info.name = info->name; 1744 type_info.parent = TYPE_E1000_BASE; 1745 type_info.class_data = (void *)info; 1746 type_info.class_init = e1000_class_init; 1747 type_info.instance_init = e1000_instance_init; 1748 1749 type_register(&type_info); 1750 } 1751 } 1752 1753 type_init(e1000_register_types) 1754