trf7970a.c 60.9 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
/*
 * TI TRF7970a RFID/NFC Transceiver Driver
 *
 * Copyright (C) 2013 Texas Instruments Incorporated - http://www.ti.com
 *
 * Author: Erick Macias <[email protected]>
 * Author: Felipe Balbi <[email protected]>
 * Author: Mark A. Greer <[email protected]>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2  of
 * the License as published by the Free Software Foundation.
 */

#include <linux/module.h>
#include <linux/device.h>
#include <linux/netdevice.h>
#include <linux/interrupt.h>
19
#include <linux/pm_runtime.h>
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
#include <linux/nfc.h>
#include <linux/skbuff.h>
#include <linux/delay.h>
#include <linux/gpio.h>
#include <linux/of.h>
#include <linux/of_gpio.h>
#include <linux/spi/spi.h>
#include <linux/regulator/consumer.h>

#include <net/nfc/nfc.h>
#include <net/nfc/digital.h>

/* There are 3 ways the host can communicate with the trf7970a:
 * parallel mode, SPI with Slave Select (SS) mode, and SPI without
 * SS mode.  The driver only supports the two SPI modes.
 *
 * The trf7970a is very timing sensitive and the VIN, EN2, and EN
 * pins must asserted in that order and with specific delays in between.
 * The delays used in the driver were provided by TI and have been
39 40 41 42 43 44 45
 * confirmed to work with this driver.  There is a bug with the current
 * version of the trf7970a that requires that EN2 remain low no matter
 * what.  If it goes high, it will generate an RF field even when in
 * passive target mode.  TI has indicated that the chip will work okay
 * when EN2 is left low.  The 'en2-rf-quirk' device tree property
 * indicates that trf7970a currently being used has the erratum and
 * that EN2 must be kept low.
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
 *
 * Timeouts are implemented using the delayed workqueue kernel facility.
 * Timeouts are required so things don't hang when there is no response
 * from the trf7970a (or tag).  Using this mechanism creates a race with
 * interrupts, however.  That is, an interrupt and a timeout could occur
 * closely enough together that one is blocked by the mutex while the other
 * executes.  When the timeout handler executes first and blocks the
 * interrupt handler, it will eventually set the state to IDLE so the
 * interrupt handler will check the state and exit with no harm done.
 * When the interrupt handler executes first and blocks the timeout handler,
 * the cancel_delayed_work() call will know that it didn't cancel the
 * work item (i.e., timeout) and will return zero.  That return code is
 * used by the timer handler to indicate that it should ignore the timeout
 * once its unblocked.
 *
 * Aborting an active command isn't as simple as it seems because the only
 * way to abort a command that's already been sent to the tag is so turn
 * off power to the tag.  If we do that, though, we'd have to go through
 * the entire anticollision procedure again but the digital layer doesn't
65
 * support that.  So, if an abort is received before trf7970a_send_cmd()
66 67 68 69 70 71 72 73 74 75 76
 * has sent the command to the tag, it simply returns -ECANCELED.  If the
 * command has already been sent to the tag, then the driver continues
 * normally and recieves the response data (or error) but just before
 * sending the data upstream, it frees the rx_skb and sends -ECANCELED
 * upstream instead.  If the command failed, that error will be sent
 * upstream.
 *
 * When recieving data from a tag and the interrupt status register has
 * only the SRX bit set, it means that all of the data has been received
 * (once what's in the fifo has been read).  However, depending on timing
 * an interrupt status with only the SRX bit set may not be recived.  In
77 78
 * those cases, the timeout mechanism is used to wait 20 ms in case more
 * data arrives.  After 20 ms, it is assumed that all of the data has been
79 80 81 82
 * received and the accumulated rx data is sent upstream.  The
 * 'TRF7970A_ST_WAIT_FOR_RX_DATA_CONT' state is used for this purpose
 * (i.e., it indicates that some data has been received but we're not sure
 * if there is more coming so a timeout in this state means all data has
83 84
 * been received and there isn't an error).  The delay is 20 ms since delays
 * of ~16 ms have been observed during testing.
85
 *
86 87 88 89 90 91 92
 * When transmitting a frame larger than the FIFO size (127 bytes), the
 * driver will wait 20 ms for the FIFO to drain past the low-watermark
 * and generate an interrupt.  The low-watermark set to 32 bytes so the
 * interrupt should fire after 127 - 32 = 95 bytes have been sent.  At
 * the lowest possible bit rate (6.62 kbps for 15693), it will take up
 * to ~14.35 ms so 20 ms is used for the timeout.
 *
93 94 95 96 97 98 99 100 101
 * Type 2 write and sector select commands respond with a 4-bit ACK or NACK.
 * Having only 4 bits in the FIFO won't normally generate an interrupt so
 * driver enables the '4_bit_RX' bit of the Special Functions register 1
 * to cause an interrupt in that case.  Leaving that bit for a read command
 * messes up the data returned so it is only enabled when the framing is
 * 'NFC_DIGITAL_FRAMING_NFCA_T2T' and the command is not a read command.
 * Unfortunately, that means that the driver has to peek into tx frames
 * when the framing is 'NFC_DIGITAL_FRAMING_NFCA_T2T'.  This is done by
 * the trf7970a_per_cmd_config() routine.
102 103 104 105 106 107 108 109 110 111 112 113 114
 *
 * ISO/IEC 15693 frames specify whether to use single or double sub-carrier
 * frequencies and whether to use low or high data rates in the flags byte
 * of the frame.  This means that the driver has to peek at all 15693 frames
 * to determine what speed to set the communication to.  In addition, write
 * and lock commands use the OPTION flag to indicate that an EOF must be
 * sent to the tag before it will send its response.  So the driver has to
 * examine all frames for that reason too.
 *
 * It is unclear how long to wait before sending the EOF.  According to the
 * Note under Table 1-1 in section 1.6 of
 * http://www.ti.com/lit/ug/scbu011/scbu011.pdf, that wait should be at least
 * 10 ms for TI Tag-it HF-I tags; however testing has shown that is not long
115 116 117
 * enough so 20 ms is used.  So the timer is set to 40 ms - 20 ms to drain
 * up to 127 bytes in the FIFO at the lowest bit rate plus another 20 ms to
 * ensure the wait is long enough before sending the EOF.  This seems to work
118
 * reliably.
119 120
 */

121
#define TRF7970A_SUPPORTED_PROTOCOLS \
122
		(NFC_PROTO_MIFARE_MASK | NFC_PROTO_ISO14443_MASK |	\
123
		 NFC_PROTO_ISO14443_B_MASK | NFC_PROTO_FELICA_MASK | \
124
		 NFC_PROTO_ISO15693_MASK | NFC_PROTO_NFC_DEP_MASK)
125

126 127
#define TRF7970A_AUTOSUSPEND_DELAY		30000 /* 30 seconds */

128 129
#define TRF7970A_RX_SKB_ALLOC_SIZE		256

130
#define TRF7970A_FIFO_SIZE			127
131 132 133 134

/* TX length is 3 nibbles long ==> 4KB - 1 bytes max */
#define TRF7970A_TX_MAX				(4096 - 1)

135
#define TRF7970A_WAIT_FOR_TX_IRQ		20
136
#define TRF7970A_WAIT_FOR_RX_DATA_TIMEOUT	20
137 138
#define TRF7970A_WAIT_FOR_FIFO_DRAIN_TIMEOUT	20
#define TRF7970A_WAIT_TO_ISSUE_ISO15693_EOF	40
139

140 141 142 143 144 145
/* Guard times for various RF technologies (in us) */
#define TRF7970A_GUARD_TIME_NFCA		5000
#define TRF7970A_GUARD_TIME_NFCB		5000
#define TRF7970A_GUARD_TIME_NFCF		20000
#define TRF7970A_GUARD_TIME_15693		1000

146 147 148 149
/* Quirks */
/* Erratum: When reading IRQ Status register on trf7970a, we must issue a
 * read continuous command for IRQ Status and Collision Position registers.
 */
150
#define TRF7970A_QUIRK_IRQ_STATUS_READ		BIT(0)
151
#define TRF7970A_QUIRK_EN2_MUST_STAY_LOW	BIT(1)
152
#define TRF7970A_QUIRK_T5T_RMB_EXTRA_BYTE	BIT(2)
153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168

/* Direct commands */
#define TRF7970A_CMD_IDLE			0x00
#define TRF7970A_CMD_SOFT_INIT			0x03
#define TRF7970A_CMD_RF_COLLISION		0x04
#define TRF7970A_CMD_RF_COLLISION_RESPONSE_N	0x05
#define TRF7970A_CMD_RF_COLLISION_RESPONSE_0	0x06
#define TRF7970A_CMD_FIFO_RESET			0x0f
#define TRF7970A_CMD_TRANSMIT_NO_CRC		0x10
#define TRF7970A_CMD_TRANSMIT			0x11
#define TRF7970A_CMD_DELAY_TRANSMIT_NO_CRC	0x12
#define TRF7970A_CMD_DELAY_TRANSMIT		0x13
#define TRF7970A_CMD_EOF			0x14
#define TRF7970A_CMD_CLOSE_SLOT			0x15
#define TRF7970A_CMD_BLOCK_RX			0x16
#define TRF7970A_CMD_ENABLE_RX			0x17
169 170
#define TRF7970A_CMD_TEST_INT_RF		0x18
#define TRF7970A_CMD_TEST_EXT_RF		0x19
171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243
#define TRF7970A_CMD_RX_GAIN_ADJUST		0x1a

/* Bits determining whether its a direct command or register R/W,
 * whether to use a continuous SPI transaction or not, and the actual
 * direct cmd opcode or regster address.
 */
#define TRF7970A_CMD_BIT_CTRL			BIT(7)
#define TRF7970A_CMD_BIT_RW			BIT(6)
#define TRF7970A_CMD_BIT_CONTINUOUS		BIT(5)
#define TRF7970A_CMD_BIT_OPCODE(opcode)		((opcode) & 0x1f)

/* Registers addresses */
#define TRF7970A_CHIP_STATUS_CTRL		0x00
#define TRF7970A_ISO_CTRL			0x01
#define TRF7970A_ISO14443B_TX_OPTIONS		0x02
#define TRF7970A_ISO14443A_HIGH_BITRATE_OPTIONS	0x03
#define TRF7970A_TX_TIMER_SETTING_H_BYTE	0x04
#define TRF7970A_TX_TIMER_SETTING_L_BYTE	0x05
#define TRF7970A_TX_PULSE_LENGTH_CTRL		0x06
#define TRF7970A_RX_NO_RESPONSE_WAIT		0x07
#define TRF7970A_RX_WAIT_TIME			0x08
#define TRF7970A_MODULATOR_SYS_CLK_CTRL		0x09
#define TRF7970A_RX_SPECIAL_SETTINGS		0x0a
#define TRF7970A_REG_IO_CTRL			0x0b
#define TRF7970A_IRQ_STATUS			0x0c
#define TRF7970A_COLLISION_IRQ_MASK		0x0d
#define TRF7970A_COLLISION_POSITION		0x0e
#define TRF7970A_RSSI_OSC_STATUS		0x0f
#define TRF7970A_SPECIAL_FCN_REG1		0x10
#define TRF7970A_SPECIAL_FCN_REG2		0x11
#define TRF7970A_RAM1				0x12
#define TRF7970A_RAM2				0x13
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS	0x14
#define TRF7970A_NFC_LOW_FIELD_LEVEL		0x16
#define TRF7970A_NFCID1				0x17
#define TRF7970A_NFC_TARGET_LEVEL		0x18
#define TRF79070A_NFC_TARGET_PROTOCOL		0x19
#define TRF7970A_TEST_REGISTER1			0x1a
#define TRF7970A_TEST_REGISTER2			0x1b
#define TRF7970A_FIFO_STATUS			0x1c
#define TRF7970A_TX_LENGTH_BYTE1		0x1d
#define TRF7970A_TX_LENGTH_BYTE2		0x1e
#define TRF7970A_FIFO_IO_REGISTER		0x1f

/* Chip Status Control Register Bits */
#define TRF7970A_CHIP_STATUS_VRS5_3		BIT(0)
#define TRF7970A_CHIP_STATUS_REC_ON		BIT(1)
#define TRF7970A_CHIP_STATUS_AGC_ON		BIT(2)
#define TRF7970A_CHIP_STATUS_PM_ON		BIT(3)
#define TRF7970A_CHIP_STATUS_RF_PWR		BIT(4)
#define TRF7970A_CHIP_STATUS_RF_ON		BIT(5)
#define TRF7970A_CHIP_STATUS_DIRECT		BIT(6)
#define TRF7970A_CHIP_STATUS_STBY		BIT(7)

/* ISO Control Register Bits */
#define TRF7970A_ISO_CTRL_15693_SGL_1OF4_662	0x00
#define TRF7970A_ISO_CTRL_15693_SGL_1OF256_662	0x01
#define TRF7970A_ISO_CTRL_15693_SGL_1OF4_2648	0x02
#define TRF7970A_ISO_CTRL_15693_SGL_1OF256_2648	0x03
#define TRF7970A_ISO_CTRL_15693_DBL_1OF4_667a	0x04
#define TRF7970A_ISO_CTRL_15693_DBL_1OF256_667	0x05
#define TRF7970A_ISO_CTRL_15693_DBL_1OF4_2669	0x06
#define TRF7970A_ISO_CTRL_15693_DBL_1OF256_2669	0x07
#define TRF7970A_ISO_CTRL_14443A_106		0x08
#define TRF7970A_ISO_CTRL_14443A_212		0x09
#define TRF7970A_ISO_CTRL_14443A_424		0x0a
#define TRF7970A_ISO_CTRL_14443A_848		0x0b
#define TRF7970A_ISO_CTRL_14443B_106		0x0c
#define TRF7970A_ISO_CTRL_14443B_212		0x0d
#define TRF7970A_ISO_CTRL_14443B_424		0x0e
#define TRF7970A_ISO_CTRL_14443B_848		0x0f
#define TRF7970A_ISO_CTRL_FELICA_212		0x1a
#define TRF7970A_ISO_CTRL_FELICA_424		0x1b
244 245 246 247 248 249 250 251 252
#define TRF7970A_ISO_CTRL_NFC_NFCA_106		0x01
#define TRF7970A_ISO_CTRL_NFC_NFCF_212		0x02
#define TRF7970A_ISO_CTRL_NFC_NFCF_424		0x03
#define TRF7970A_ISO_CTRL_NFC_CE_14443A		0x00
#define TRF7970A_ISO_CTRL_NFC_CE_14443B		0x01
#define TRF7970A_ISO_CTRL_NFC_CE		BIT(2)
#define TRF7970A_ISO_CTRL_NFC_ACTIVE		BIT(3)
#define TRF7970A_ISO_CTRL_NFC_INITIATOR		BIT(4)
#define TRF7970A_ISO_CTRL_NFC_NFC_CE_MODE	BIT(5)
253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277
#define TRF7970A_ISO_CTRL_RFID			BIT(5)
#define TRF7970A_ISO_CTRL_DIR_MODE		BIT(6)
#define TRF7970A_ISO_CTRL_RX_CRC_N		BIT(7)	/* true == No CRC */

#define TRF7970A_ISO_CTRL_RFID_SPEED_MASK	0x1f

/* Modulator and SYS_CLK Control Register Bits */
#define TRF7970A_MODULATOR_DEPTH(n)		((n) & 0x7)
#define TRF7970A_MODULATOR_DEPTH_ASK10		(TRF7970A_MODULATOR_DEPTH(0))
#define TRF7970A_MODULATOR_DEPTH_OOK		(TRF7970A_MODULATOR_DEPTH(1))
#define TRF7970A_MODULATOR_DEPTH_ASK7		(TRF7970A_MODULATOR_DEPTH(2))
#define TRF7970A_MODULATOR_DEPTH_ASK8_5		(TRF7970A_MODULATOR_DEPTH(3))
#define TRF7970A_MODULATOR_DEPTH_ASK13		(TRF7970A_MODULATOR_DEPTH(4))
#define TRF7970A_MODULATOR_DEPTH_ASK16		(TRF7970A_MODULATOR_DEPTH(5))
#define TRF7970A_MODULATOR_DEPTH_ASK22		(TRF7970A_MODULATOR_DEPTH(6))
#define TRF7970A_MODULATOR_DEPTH_ASK30		(TRF7970A_MODULATOR_DEPTH(7))
#define TRF7970A_MODULATOR_EN_ANA		BIT(3)
#define TRF7970A_MODULATOR_CLK(n)		(((n) & 0x3) << 4)
#define TRF7970A_MODULATOR_CLK_DISABLED		(TRF7970A_MODULATOR_CLK(0))
#define TRF7970A_MODULATOR_CLK_3_6		(TRF7970A_MODULATOR_CLK(1))
#define TRF7970A_MODULATOR_CLK_6_13		(TRF7970A_MODULATOR_CLK(2))
#define TRF7970A_MODULATOR_CLK_13_27		(TRF7970A_MODULATOR_CLK(3))
#define TRF7970A_MODULATOR_EN_OOK		BIT(6)
#define TRF7970A_MODULATOR_27MHZ		BIT(7)

278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293
#define TRF7970A_RX_SPECIAL_SETTINGS_NO_LIM	BIT(0)
#define TRF7970A_RX_SPECIAL_SETTINGS_AGCR	BIT(1)
#define TRF7970A_RX_SPECIAL_SETTINGS_GD_0DB	(0x0 << 2)
#define TRF7970A_RX_SPECIAL_SETTINGS_GD_5DB	(0x1 << 2)
#define TRF7970A_RX_SPECIAL_SETTINGS_GD_10DB	(0x2 << 2)
#define TRF7970A_RX_SPECIAL_SETTINGS_GD_15DB	(0x3 << 2)
#define TRF7970A_RX_SPECIAL_SETTINGS_HBT	BIT(4)
#define TRF7970A_RX_SPECIAL_SETTINGS_M848	BIT(5)
#define TRF7970A_RX_SPECIAL_SETTINGS_C424	BIT(6)
#define TRF7970A_RX_SPECIAL_SETTINGS_C212	BIT(7)

#define TRF7970A_REG_IO_CTRL_VRS(v)		((v) & 0x07)
#define TRF7970A_REG_IO_CTRL_IO_LOW		BIT(5)
#define TRF7970A_REG_IO_CTRL_EN_EXT_PA		BIT(6)
#define TRF7970A_REG_IO_CTRL_AUTO_REG		BIT(7)

294 295
/* IRQ Status Register Bits */
#define TRF7970A_IRQ_STATUS_NORESP		BIT(0) /* ISO15693 only */
296
#define TRF7970A_IRQ_STATUS_NFC_COL_ERROR	BIT(0)
297 298
#define TRF7970A_IRQ_STATUS_COL			BIT(1)
#define TRF7970A_IRQ_STATUS_FRAMING_EOF_ERROR	BIT(2)
299
#define TRF7970A_IRQ_STATUS_NFC_RF		BIT(2)
300
#define TRF7970A_IRQ_STATUS_PARITY_ERROR	BIT(3)
301
#define TRF7970A_IRQ_STATUS_NFC_SDD		BIT(3)
302
#define TRF7970A_IRQ_STATUS_CRC_ERROR		BIT(4)
303
#define TRF7970A_IRQ_STATUS_NFC_PROTO_ERROR	BIT(4)
304 305 306 307 308 309 310 311 312 313
#define TRF7970A_IRQ_STATUS_FIFO		BIT(5)
#define TRF7970A_IRQ_STATUS_SRX			BIT(6)
#define TRF7970A_IRQ_STATUS_TX			BIT(7)

#define TRF7970A_IRQ_STATUS_ERROR				\
		(TRF7970A_IRQ_STATUS_COL |			\
		 TRF7970A_IRQ_STATUS_FRAMING_EOF_ERROR |	\
		 TRF7970A_IRQ_STATUS_PARITY_ERROR |		\
		 TRF7970A_IRQ_STATUS_CRC_ERROR)

314 315 316 317
#define TRF7970A_RSSI_OSC_STATUS_RSSI_MASK	(BIT(2) | BIT(1) | BIT(0))
#define TRF7970A_RSSI_OSC_STATUS_RSSI_X_MASK	(BIT(5) | BIT(4) | BIT(3))
#define TRF7970A_RSSI_OSC_STATUS_RSSI_OSC_OK	BIT(6)

318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333
#define TRF7970A_SPECIAL_FCN_REG1_COL_7_6		BIT(0)
#define TRF7970A_SPECIAL_FCN_REG1_14_ANTICOLL		BIT(1)
#define TRF7970A_SPECIAL_FCN_REG1_4_BIT_RX		BIT(2)
#define TRF7970A_SPECIAL_FCN_REG1_SP_DIR_MODE		BIT(3)
#define TRF7970A_SPECIAL_FCN_REG1_NEXT_SLOT_37US	BIT(4)
#define TRF7970A_SPECIAL_FCN_REG1_PAR43			BIT(5)

#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLH_124	(0x0 << 2)
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLH_120	(0x1 << 2)
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLH_112	(0x2 << 2)
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLH_96	(0x3 << 2)
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLL_4	0x0
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLL_8	0x1
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLL_16	0x2
#define TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLL_32	0x3

334 335 336 337 338
#define TRF7970A_NFC_LOW_FIELD_LEVEL_RFDET(v)	((v) & 0x07)
#define TRF7970A_NFC_LOW_FIELD_LEVEL_CLEX_DIS	BIT(7)

#define TRF7970A_NFC_TARGET_LEVEL_RFDET(v)	((v) & 0x07)
#define TRF7970A_NFC_TARGET_LEVEL_HI_RF		BIT(3)
339
#define TRF7970A_NFC_TARGET_LEVEL_SDD_EN	BIT(5)
340 341 342 343
#define TRF7970A_NFC_TARGET_LEVEL_LD_S_4BYTES	(0x0 << 6)
#define TRF7970A_NFC_TARGET_LEVEL_LD_S_7BYTES	(0x1 << 6)
#define TRF7970A_NFC_TARGET_LEVEL_LD_S_10BYTES	(0x2 << 6)

344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376
#define TRF79070A_NFC_TARGET_PROTOCOL_NFCBR_106		BIT(0)
#define TRF79070A_NFC_TARGET_PROTOCOL_NFCBR_212		BIT(1)
#define TRF79070A_NFC_TARGET_PROTOCOL_NFCBR_424		(BIT(0) | BIT(1))
#define TRF79070A_NFC_TARGET_PROTOCOL_PAS_14443B	BIT(2)
#define TRF79070A_NFC_TARGET_PROTOCOL_PAS_106		BIT(3)
#define TRF79070A_NFC_TARGET_PROTOCOL_FELICA		BIT(4)
#define TRF79070A_NFC_TARGET_PROTOCOL_RF_L		BIT(6)
#define TRF79070A_NFC_TARGET_PROTOCOL_RF_H		BIT(7)

#define TRF79070A_NFC_TARGET_PROTOCOL_106A		\
	 (TRF79070A_NFC_TARGET_PROTOCOL_RF_H |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_RF_L |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_PAS_106 |	\
	  TRF79070A_NFC_TARGET_PROTOCOL_NFCBR_106)

#define TRF79070A_NFC_TARGET_PROTOCOL_106B		\
	 (TRF79070A_NFC_TARGET_PROTOCOL_RF_H |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_RF_L |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_PAS_14443B |	\
	  TRF79070A_NFC_TARGET_PROTOCOL_NFCBR_106)

#define TRF79070A_NFC_TARGET_PROTOCOL_212F		\
	 (TRF79070A_NFC_TARGET_PROTOCOL_RF_H |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_RF_L |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_FELICA |	\
	  TRF79070A_NFC_TARGET_PROTOCOL_NFCBR_212)

#define TRF79070A_NFC_TARGET_PROTOCOL_424F		\
	 (TRF79070A_NFC_TARGET_PROTOCOL_RF_H |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_RF_L |		\
	  TRF79070A_NFC_TARGET_PROTOCOL_FELICA |	\
	  TRF79070A_NFC_TARGET_PROTOCOL_NFCBR_424)

377 378 379 380 381
#define TRF7970A_FIFO_STATUS_OVERFLOW		BIT(7)

/* NFC (ISO/IEC 14443A) Type 2 Tag commands */
#define NFC_T2T_CMD_READ			0x30

382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411
/* ISO 15693 commands codes */
#define ISO15693_CMD_INVENTORY			0x01
#define ISO15693_CMD_READ_SINGLE_BLOCK		0x20
#define ISO15693_CMD_WRITE_SINGLE_BLOCK		0x21
#define ISO15693_CMD_LOCK_BLOCK			0x22
#define ISO15693_CMD_READ_MULTIPLE_BLOCK	0x23
#define ISO15693_CMD_WRITE_MULTIPLE_BLOCK	0x24
#define ISO15693_CMD_SELECT			0x25
#define ISO15693_CMD_RESET_TO_READY		0x26
#define ISO15693_CMD_WRITE_AFI			0x27
#define ISO15693_CMD_LOCK_AFI			0x28
#define ISO15693_CMD_WRITE_DSFID		0x29
#define ISO15693_CMD_LOCK_DSFID			0x2a
#define ISO15693_CMD_GET_SYSTEM_INFO		0x2b
#define ISO15693_CMD_GET_MULTIPLE_BLOCK_SECURITY_STATUS	0x2c

/* ISO 15693 request and response flags */
#define ISO15693_REQ_FLAG_SUB_CARRIER		BIT(0)
#define ISO15693_REQ_FLAG_DATA_RATE		BIT(1)
#define ISO15693_REQ_FLAG_INVENTORY		BIT(2)
#define ISO15693_REQ_FLAG_PROTOCOL_EXT		BIT(3)
#define ISO15693_REQ_FLAG_SELECT		BIT(4)
#define ISO15693_REQ_FLAG_AFI			BIT(4)
#define ISO15693_REQ_FLAG_ADDRESS		BIT(5)
#define ISO15693_REQ_FLAG_NB_SLOTS		BIT(5)
#define ISO15693_REQ_FLAG_OPTION		BIT(6)

#define ISO15693_REQ_FLAG_SPEED_MASK \
		(ISO15693_REQ_FLAG_SUB_CARRIER | ISO15693_REQ_FLAG_DATA_RATE)

412
enum trf7970a_state {
413
	TRF7970A_ST_PWR_OFF,
414
	TRF7970A_ST_RF_OFF,
415 416 417 418 419
	TRF7970A_ST_IDLE,
	TRF7970A_ST_IDLE_RX_BLOCKED,
	TRF7970A_ST_WAIT_FOR_TX_FIFO,
	TRF7970A_ST_WAIT_FOR_RX_DATA,
	TRF7970A_ST_WAIT_FOR_RX_DATA_CONT,
420
	TRF7970A_ST_WAIT_TO_ISSUE_EOF,
421
	TRF7970A_ST_LISTENING,
422
	TRF7970A_ST_LISTENING_MD,
423 424 425 426 427 428 429 430 431 432
	TRF7970A_ST_MAX
};

struct trf7970a {
	enum trf7970a_state		state;
	struct device			*dev;
	struct spi_device		*spi;
	struct regulator		*regulator;
	struct nfc_digital_dev		*ddev;
	u32				quirks;
433
	bool				is_initiator;
434 435 436 437 438
	bool				aborting;
	struct sk_buff			*tx_skb;
	struct sk_buff			*rx_skb;
	nfc_digital_cmd_complete_t	cb;
	void				*cb_arg;
439
	u8				chip_status_ctrl;
440
	u8				iso_ctrl;
441
	u8				iso_ctrl_tech;
442
	u8				modulator_sys_clk_ctrl;
443
	u8				special_fcn_reg1;
444
	unsigned int			guard_time;
445 446
	int				technology;
	int				framing;
447
	u8				md_rf_tech;
448
	u8				tx_cmd;
449
	bool				issue_eof;
450
	bool				adjust_resp_len;
451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488
	int				en2_gpio;
	int				en_gpio;
	struct mutex			lock;
	unsigned int			timeout;
	bool				ignore_timeout;
	struct delayed_work		timeout_work;
};


static int trf7970a_cmd(struct trf7970a *trf, u8 opcode)
{
	u8 cmd = TRF7970A_CMD_BIT_CTRL | TRF7970A_CMD_BIT_OPCODE(opcode);
	int ret;

	dev_dbg(trf->dev, "cmd: 0x%x\n", cmd);

	ret = spi_write(trf->spi, &cmd, 1);
	if (ret)
		dev_err(trf->dev, "%s - cmd: 0x%x, ret: %d\n", __func__, cmd,
				ret);
	return ret;
}

static int trf7970a_read(struct trf7970a *trf, u8 reg, u8 *val)
{
	u8 addr = TRF7970A_CMD_BIT_RW | reg;
	int ret;

	ret = spi_write_then_read(trf->spi, &addr, 1, val, 1);
	if (ret)
		dev_err(trf->dev, "%s - addr: 0x%x, ret: %d\n", __func__, addr,
				ret);

	dev_dbg(trf->dev, "read(0x%x): 0x%x\n", addr, *val);

	return ret;
}

489
static int trf7970a_read_cont(struct trf7970a *trf, u8 reg, u8 *buf, size_t len)
490 491
{
	u8 addr = reg | TRF7970A_CMD_BIT_RW | TRF7970A_CMD_BIT_CONTINUOUS;
492 493
	struct spi_transfer t[2];
	struct spi_message m;
494 495 496 497
	int ret;

	dev_dbg(trf->dev, "read_cont(0x%x, %zd)\n", addr, len);

498 499 500 501 502 503 504 505 506 507 508 509 510
	spi_message_init(&m);

	memset(&t, 0, sizeof(t));

	t[0].tx_buf = &addr;
	t[0].len = sizeof(addr);
	spi_message_add_tail(&t[0], &m);

	t[1].rx_buf = buf;
	t[1].len = len;
	spi_message_add_tail(&t[1], &m);

	ret = spi_sync(trf->spi, &m);
511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539
	if (ret)
		dev_err(trf->dev, "%s - addr: 0x%x, ret: %d\n", __func__, addr,
				ret);
	return ret;
}

static int trf7970a_write(struct trf7970a *trf, u8 reg, u8 val)
{
	u8 buf[2] = { reg, val };
	int ret;

	dev_dbg(trf->dev, "write(0x%x): 0x%x\n", reg, val);

	ret = spi_write(trf->spi, buf, 2);
	if (ret)
		dev_err(trf->dev, "%s - write: 0x%x 0x%x, ret: %d\n", __func__,
				buf[0], buf[1], ret);

	return ret;
}

static int trf7970a_read_irqstatus(struct trf7970a *trf, u8 *status)
{
	int ret;
	u8 buf[2];
	u8 addr;

	addr = TRF7970A_IRQ_STATUS | TRF7970A_CMD_BIT_RW;

540
	if (trf->quirks & TRF7970A_QUIRK_IRQ_STATUS_READ) {
541 542 543 544 545 546 547 548 549 550 551 552 553 554 555
		addr |= TRF7970A_CMD_BIT_CONTINUOUS;
		ret = spi_write_then_read(trf->spi, &addr, 1, buf, 2);
	} else {
		ret = spi_write_then_read(trf->spi, &addr, 1, buf, 1);
	}

	if (ret)
		dev_err(trf->dev, "%s - irqstatus: Status read failed: %d\n",
				__func__, ret);
	else
		*status = buf[0];

	return ret;
}

556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607
static int trf7970a_read_target_proto(struct trf7970a *trf, u8 *target_proto)
{
	int ret;
	u8 buf[2];
	u8 addr;

	addr = TRF79070A_NFC_TARGET_PROTOCOL | TRF7970A_CMD_BIT_RW |
		TRF7970A_CMD_BIT_CONTINUOUS;

	ret = spi_write_then_read(trf->spi, &addr, 1, buf, 2);
	if (ret)
		dev_err(trf->dev, "%s - target_proto: Read failed: %d\n",
				__func__, ret);
	else
		*target_proto = buf[0];

	return ret;
}

static int trf7970a_mode_detect(struct trf7970a *trf, u8 *rf_tech)
{
	int ret;
	u8 target_proto, tech;

	ret = trf7970a_read_target_proto(trf, &target_proto);
	if (ret)
		return ret;

	switch (target_proto) {
	case TRF79070A_NFC_TARGET_PROTOCOL_106A:
		tech = NFC_DIGITAL_RF_TECH_106A;
		break;
	case TRF79070A_NFC_TARGET_PROTOCOL_106B:
		tech = NFC_DIGITAL_RF_TECH_106B;
		break;
	case TRF79070A_NFC_TARGET_PROTOCOL_212F:
		tech = NFC_DIGITAL_RF_TECH_212F;
		break;
	case TRF79070A_NFC_TARGET_PROTOCOL_424F:
		tech = NFC_DIGITAL_RF_TECH_424F;
		break;
	default:
		dev_dbg(trf->dev, "%s - mode_detect: target_proto: 0x%x\n",
				__func__, target_proto);
		return -EIO;
	}

	*rf_tech = tech;

	return ret;
}

608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630
static void trf7970a_send_upstream(struct trf7970a *trf)
{
	dev_kfree_skb_any(trf->tx_skb);
	trf->tx_skb = NULL;

	if (trf->rx_skb && !IS_ERR(trf->rx_skb) && !trf->aborting)
		print_hex_dump_debug("trf7970a rx data: ", DUMP_PREFIX_NONE,
				16, 1, trf->rx_skb->data, trf->rx_skb->len,
				false);

	trf->state = TRF7970A_ST_IDLE;

	if (trf->aborting) {
		dev_dbg(trf->dev, "Abort process complete\n");

		if (!IS_ERR(trf->rx_skb)) {
			kfree_skb(trf->rx_skb);
			trf->rx_skb = ERR_PTR(-ECANCELED);
		}

		trf->aborting = false;
	}

631
	if (trf->adjust_resp_len) {
632 633 634
		if (trf->rx_skb)
			skb_trim(trf->rx_skb, trf->rx_skb->len - 1);

635 636 637
		trf->adjust_resp_len = false;
	}

638 639 640 641 642 643 644 645 646
	trf->cb(trf->ddev, trf->cb_arg, trf->rx_skb);

	trf->rx_skb = NULL;
}

static void trf7970a_send_err_upstream(struct trf7970a *trf, int errno)
{
	dev_dbg(trf->dev, "Error - state: %d, errno: %d\n", trf->state, errno);

647 648
	cancel_delayed_work(&trf->timeout_work);

649 650 651 652 653 654 655
	kfree_skb(trf->rx_skb);
	trf->rx_skb = ERR_PTR(errno);

	trf7970a_send_upstream(trf);
}

static int trf7970a_transmit(struct trf7970a *trf, struct sk_buff *skb,
656
		unsigned int len, u8 *prefix, unsigned int prefix_len)
657
{
658 659
	struct spi_transfer t[2];
	struct spi_message m;
660 661 662 663 664 665
	unsigned int timeout;
	int ret;

	print_hex_dump_debug("trf7970a tx data: ", DUMP_PREFIX_NONE,
			16, 1, skb->data, len, false);

666 667 668 669 670 671 672 673 674 675 676 677 678
	spi_message_init(&m);

	memset(&t, 0, sizeof(t));

	t[0].tx_buf = prefix;
	t[0].len = prefix_len;
	spi_message_add_tail(&t[0], &m);

	t[1].tx_buf = skb->data;
	t[1].len = len;
	spi_message_add_tail(&t[1], &m);

	ret = spi_sync(trf->spi, &m);
679 680 681 682 683 684 685 686 687 688 689 690
	if (ret) {
		dev_err(trf->dev, "%s - Can't send tx data: %d\n", __func__,
				ret);
		return ret;
	}

	skb_pull(skb, len);

	if (skb->len > 0) {
		trf->state = TRF7970A_ST_WAIT_FOR_TX_FIFO;
		timeout = TRF7970A_WAIT_FOR_FIFO_DRAIN_TIMEOUT;
	} else {
691 692 693 694 695
		if (trf->issue_eof) {
			trf->state = TRF7970A_ST_WAIT_TO_ISSUE_EOF;
			timeout = TRF7970A_WAIT_TO_ISSUE_ISO15693_EOF;
		} else {
			trf->state = TRF7970A_ST_WAIT_FOR_RX_DATA;
696 697 698 699 700

			if (!trf->timeout)
				timeout = TRF7970A_WAIT_FOR_TX_IRQ;
			else
				timeout = trf->timeout;
701
		}
702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717
	}

	dev_dbg(trf->dev, "Setting timeout for %d ms, state: %d\n", timeout,
			trf->state);

	schedule_delayed_work(&trf->timeout_work, msecs_to_jiffies(timeout));

	return 0;
}

static void trf7970a_fill_fifo(struct trf7970a *trf)
{
	struct sk_buff *skb = trf->tx_skb;
	unsigned int len;
	int ret;
	u8 fifo_bytes;
718
	u8 prefix;
719 720 721 722 723 724 725 726 727

	ret = trf7970a_read(trf, TRF7970A_FIFO_STATUS, &fifo_bytes);
	if (ret) {
		trf7970a_send_err_upstream(trf, ret);
		return;
	}

	dev_dbg(trf->dev, "Filling FIFO - fifo_bytes: 0x%x\n", fifo_bytes);

728
	fifo_bytes &= ~TRF7970A_FIFO_STATUS_OVERFLOW;
729 730 731

	/* Calculate how much more data can be written to the fifo */
	len = TRF7970A_FIFO_SIZE - fifo_bytes;
732 733 734 735 736 737
	if (!len) {
		schedule_delayed_work(&trf->timeout_work,
			msecs_to_jiffies(TRF7970A_WAIT_FOR_FIFO_DRAIN_TIMEOUT));
		return;
	}

738 739
	len = min(skb->len, len);

740 741 742
	prefix = TRF7970A_CMD_BIT_CONTINUOUS | TRF7970A_FIFO_IO_REGISTER;

	ret = trf7970a_transmit(trf, skb, len, &prefix, sizeof(prefix));
743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765
	if (ret)
		trf7970a_send_err_upstream(trf, ret);
}

static void trf7970a_drain_fifo(struct trf7970a *trf, u8 status)
{
	struct sk_buff *skb = trf->rx_skb;
	int ret;
	u8 fifo_bytes;

	if (status & TRF7970A_IRQ_STATUS_ERROR) {
		trf7970a_send_err_upstream(trf, -EIO);
		return;
	}

	ret = trf7970a_read(trf, TRF7970A_FIFO_STATUS, &fifo_bytes);
	if (ret) {
		trf7970a_send_err_upstream(trf, ret);
		return;
	}

	dev_dbg(trf->dev, "Draining FIFO - fifo_bytes: 0x%x\n", fifo_bytes);

766 767
	fifo_bytes &= ~TRF7970A_FIFO_STATUS_OVERFLOW;

768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799
	if (!fifo_bytes)
		goto no_rx_data;

	if (fifo_bytes > skb_tailroom(skb)) {
		skb = skb_copy_expand(skb, skb_headroom(skb),
				max_t(int, fifo_bytes,
					TRF7970A_RX_SKB_ALLOC_SIZE),
				GFP_KERNEL);
		if (!skb) {
			trf7970a_send_err_upstream(trf, -ENOMEM);
			return;
		}

		kfree_skb(trf->rx_skb);
		trf->rx_skb = skb;
	}

	ret = trf7970a_read_cont(trf, TRF7970A_FIFO_IO_REGISTER,
			skb_put(skb, fifo_bytes), fifo_bytes);
	if (ret) {
		trf7970a_send_err_upstream(trf, ret);
		return;
	}

	/* If received Type 2 ACK/NACK, shift right 4 bits and pass up */
	if ((trf->framing == NFC_DIGITAL_FRAMING_NFCA_T2T) && (skb->len == 1) &&
			(trf->special_fcn_reg1 ==
				 TRF7970A_SPECIAL_FCN_REG1_4_BIT_RX)) {
		skb->data[0] >>= 4;
		status = TRF7970A_IRQ_STATUS_SRX;
	} else {
		trf->state = TRF7970A_ST_WAIT_FOR_RX_DATA_CONT;
800 801 802 803 804 805 806 807 808 809 810 811 812 813 814

		ret = trf7970a_read(trf, TRF7970A_FIFO_STATUS, &fifo_bytes);
		if (ret) {
			trf7970a_send_err_upstream(trf, ret);
			return;
		}

		fifo_bytes &= ~TRF7970A_FIFO_STATUS_OVERFLOW;

		/* If there are bytes in the FIFO, set status to '0' so
		 * the if stmt below doesn't fire and the driver will wait
		 * for the trf7970a to generate another RX interrupt.
		 */
		if (fifo_bytes)
			status = 0;
815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833
	}

no_rx_data:
	if (status == TRF7970A_IRQ_STATUS_SRX) { /* Receive complete */
		trf7970a_send_upstream(trf);
		return;
	}

	dev_dbg(trf->dev, "Setting timeout for %d ms\n",
			TRF7970A_WAIT_FOR_RX_DATA_TIMEOUT);

	schedule_delayed_work(&trf->timeout_work,
			msecs_to_jiffies(TRF7970A_WAIT_FOR_RX_DATA_TIMEOUT));
}

static irqreturn_t trf7970a_irq(int irq, void *dev_id)
{
	struct trf7970a *trf = dev_id;
	int ret;
834
	u8 status, fifo_bytes, iso_ctrl;
835 836 837

	mutex_lock(&trf->lock);

838
	if (trf->state == TRF7970A_ST_RF_OFF) {
839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859
		mutex_unlock(&trf->lock);
		return IRQ_NONE;
	}

	ret = trf7970a_read_irqstatus(trf, &status);
	if (ret) {
		mutex_unlock(&trf->lock);
		return IRQ_NONE;
	}

	dev_dbg(trf->dev, "IRQ - state: %d, status: 0x%x\n", trf->state,
			status);

	if (!status) {
		mutex_unlock(&trf->lock);
		return IRQ_NONE;
	}

	switch (trf->state) {
	case TRF7970A_ST_IDLE:
	case TRF7970A_ST_IDLE_RX_BLOCKED:
860 861 862 863
		/* If initiator and getting interrupts caused by RF noise,
		 * turn off the receiver to avoid unnecessary interrupts.
		 * It will be turned back on in trf7970a_send_cmd() when
		 * the next command is issued.
864
		 */
865
		if (trf->is_initiator && (status & TRF7970A_IRQ_STATUS_ERROR)) {
866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886
			trf7970a_cmd(trf, TRF7970A_CMD_BLOCK_RX);
			trf->state = TRF7970A_ST_IDLE_RX_BLOCKED;
		}

		trf7970a_cmd(trf, TRF7970A_CMD_FIFO_RESET);
		break;
	case TRF7970A_ST_WAIT_FOR_TX_FIFO:
		if (status & TRF7970A_IRQ_STATUS_TX) {
			trf->ignore_timeout =
				!cancel_delayed_work(&trf->timeout_work);
			trf7970a_fill_fifo(trf);
		} else {
			trf7970a_send_err_upstream(trf, -EIO);
		}
		break;
	case TRF7970A_ST_WAIT_FOR_RX_DATA:
	case TRF7970A_ST_WAIT_FOR_RX_DATA_CONT:
		if (status & TRF7970A_IRQ_STATUS_SRX) {
			trf->ignore_timeout =
				!cancel_delayed_work(&trf->timeout_work);
			trf7970a_drain_fifo(trf, status);
887 888 889 890 891 892 893 894 895 896
		} else if (status & TRF7970A_IRQ_STATUS_FIFO) {
			ret = trf7970a_read(trf, TRF7970A_FIFO_STATUS,
					&fifo_bytes);

			fifo_bytes &= ~TRF7970A_FIFO_STATUS_OVERFLOW;

			if (ret)
				trf7970a_send_err_upstream(trf, ret);
			else if (!fifo_bytes)
				trf7970a_cmd(trf, TRF7970A_CMD_FIFO_RESET);
897 898 899 900
		} else if ((status == TRF7970A_IRQ_STATUS_TX) ||
				(!trf->is_initiator &&
				 (status == (TRF7970A_IRQ_STATUS_TX |
					     TRF7970A_IRQ_STATUS_NFC_RF)))) {
901
			trf7970a_cmd(trf, TRF7970A_CMD_FIFO_RESET);
902 903 904 905 906 907 908 909

			if (!trf->timeout) {
				trf->ignore_timeout = !cancel_delayed_work(
						&trf->timeout_work);
				trf->rx_skb = ERR_PTR(0);
				trf7970a_send_upstream(trf);
				break;
			}
910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931

			if (trf->is_initiator)
				break;

			iso_ctrl = trf->iso_ctrl;

			switch (trf->framing) {
			case NFC_DIGITAL_FRAMING_NFCA_STANDARD:
				trf->tx_cmd = TRF7970A_CMD_TRANSMIT_NO_CRC;
				iso_ctrl |= TRF7970A_ISO_CTRL_RX_CRC_N;
				trf->iso_ctrl = 0xff; /* Force ISO_CTRL write */
				break;
			case NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A:
				trf->tx_cmd = TRF7970A_CMD_TRANSMIT;
				iso_ctrl &= ~TRF7970A_ISO_CTRL_RX_CRC_N;
				trf->iso_ctrl = 0xff; /* Force ISO_CTRL write */
				break;
			case NFC_DIGITAL_FRAMING_NFCA_ANTICOL_COMPLETE:
				ret = trf7970a_write(trf,
					TRF7970A_SPECIAL_FCN_REG1,
					TRF7970A_SPECIAL_FCN_REG1_14_ANTICOLL);
				if (ret)
932
					goto err_unlock_exit;
933 934 935 936 937 938 939 940 941 942 943 944

				trf->special_fcn_reg1 =
					TRF7970A_SPECIAL_FCN_REG1_14_ANTICOLL;
				break;
			default:
				break;
			}

			if (iso_ctrl != trf->iso_ctrl) {
				ret = trf7970a_write(trf, TRF7970A_ISO_CTRL,
						iso_ctrl);
				if (ret)
945
					goto err_unlock_exit;
946 947 948

				trf->iso_ctrl = iso_ctrl;
			}
949
		} else {
950 951 952
			trf7970a_send_err_upstream(trf, -EIO);
		}
		break;
953 954 955 956
	case TRF7970A_ST_WAIT_TO_ISSUE_EOF:
		if (status != TRF7970A_IRQ_STATUS_TX)
			trf7970a_send_err_upstream(trf, -EIO);
		break;
957 958 959 960 961 962 963 964 965
	case TRF7970A_ST_LISTENING:
		if (status & TRF7970A_IRQ_STATUS_SRX) {
			trf->ignore_timeout =
				!cancel_delayed_work(&trf->timeout_work);
			trf7970a_drain_fifo(trf, status);
		} else if (!(status & TRF7970A_IRQ_STATUS_NFC_RF)) {
			trf7970a_send_err_upstream(trf, -EIO);
		}
		break;
966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981
	case TRF7970A_ST_LISTENING_MD:
		if (status & TRF7970A_IRQ_STATUS_SRX) {
			trf->ignore_timeout =
				!cancel_delayed_work(&trf->timeout_work);

			ret = trf7970a_mode_detect(trf, &trf->md_rf_tech);
			if (ret) {
				trf7970a_send_err_upstream(trf, ret);
			} else {
				trf->state = TRF7970A_ST_LISTENING;
				trf7970a_drain_fifo(trf, status);
			}
		} else if (!(status & TRF7970A_IRQ_STATUS_NFC_RF)) {
			trf7970a_send_err_upstream(trf, -EIO);
		}
		break;
982 983 984 985 986
	default:
		dev_err(trf->dev, "%s - Driver in invalid state: %d\n",
				__func__, trf->state);
	}

987
err_unlock_exit:
988 989 990 991
	mutex_unlock(&trf->lock);
	return IRQ_HANDLED;
}

992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014
static void trf7970a_issue_eof(struct trf7970a *trf)
{
	int ret;

	dev_dbg(trf->dev, "Issuing EOF\n");

	ret = trf7970a_cmd(trf, TRF7970A_CMD_FIFO_RESET);
	if (ret)
		trf7970a_send_err_upstream(trf, ret);

	ret = trf7970a_cmd(trf, TRF7970A_CMD_EOF);
	if (ret)
		trf7970a_send_err_upstream(trf, ret);

	trf->state = TRF7970A_ST_WAIT_FOR_RX_DATA;

	dev_dbg(trf->dev, "Setting timeout for %d ms, state: %d\n",
			trf->timeout, trf->state);

	schedule_delayed_work(&trf->timeout_work,
			msecs_to_jiffies(trf->timeout));
}

1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027
static void trf7970a_timeout_work_handler(struct work_struct *work)
{
	struct trf7970a *trf = container_of(work, struct trf7970a,
			timeout_work.work);

	dev_dbg(trf->dev, "Timeout - state: %d, ignore_timeout: %d\n",
			trf->state, trf->ignore_timeout);

	mutex_lock(&trf->lock);

	if (trf->ignore_timeout)
		trf->ignore_timeout = false;
	else if (trf->state == TRF7970A_ST_WAIT_FOR_RX_DATA_CONT)
1028
		trf7970a_drain_fifo(trf, TRF7970A_IRQ_STATUS_SRX);
1029 1030
	else if (trf->state == TRF7970A_ST_WAIT_TO_ISSUE_EOF)
		trf7970a_issue_eof(trf);
1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050
	else
		trf7970a_send_err_upstream(trf, -ETIMEDOUT);

	mutex_unlock(&trf->lock);
}

static int trf7970a_init(struct trf7970a *trf)
{
	int ret;

	dev_dbg(trf->dev, "Initializing device - state: %d\n", trf->state);

	ret = trf7970a_cmd(trf, TRF7970A_CMD_SOFT_INIT);
	if (ret)
		goto err_out;

	ret = trf7970a_cmd(trf, TRF7970A_CMD_IDLE);
	if (ret)
		goto err_out;

1051 1052
	usleep_range(1000, 2000);

1053 1054
	trf->chip_status_ctrl &= ~TRF7970A_CHIP_STATUS_RF_ON;

1055 1056 1057 1058 1059 1060
	ret = trf7970a_write(trf, TRF7970A_MODULATOR_SYS_CLK_CTRL, 0);
	if (ret)
		goto err_out;

	trf->modulator_sys_clk_ctrl = 0;

1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072
	ret = trf7970a_write(trf, TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS,
			TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLH_96 |
			TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS_WLL_32);
	if (ret)
		goto err_out;

	ret = trf7970a_write(trf, TRF7970A_SPECIAL_FCN_REG1, 0);
	if (ret)
		goto err_out;

	trf->special_fcn_reg1 = 0;

1073
	trf->iso_ctrl = 0xff;
1074 1075 1076 1077 1078 1079 1080 1081 1082
	return 0;

err_out:
	dev_dbg(trf->dev, "Couldn't init device: %d\n", ret);
	return ret;
}

static void trf7970a_switch_rf_off(struct trf7970a *trf)
{
1083 1084 1085 1086
	if ((trf->state == TRF7970A_ST_PWR_OFF) ||
			(trf->state == TRF7970A_ST_RF_OFF))
		return;

1087 1088
	dev_dbg(trf->dev, "Switching rf off\n");

1089 1090 1091 1092
	trf->chip_status_ctrl &= ~TRF7970A_CHIP_STATUS_RF_ON;

	trf7970a_write(trf, TRF7970A_CHIP_STATUS_CTRL, trf->chip_status_ctrl);

1093
	trf->aborting = false;
1094
	trf->state = TRF7970A_ST_RF_OFF;
1095 1096 1097

	pm_runtime_mark_last_busy(trf->dev);
	pm_runtime_put_autosuspend(trf->dev);
1098 1099
}

1100
static int trf7970a_switch_rf_on(struct trf7970a *trf)
1101
{
1102 1103
	int ret;

1104 1105
	dev_dbg(trf->dev, "Switching rf on\n");

1106
	pm_runtime_get_sync(trf->dev);
1107

1108 1109 1110 1111 1112 1113
	if (trf->state != TRF7970A_ST_RF_OFF) { /* Power on, RF off */
		dev_err(trf->dev, "%s - Incorrect state: %d\n", __func__,
				trf->state);
		return -EINVAL;
	}

1114 1115 1116
	ret = trf7970a_init(trf);
	if (ret) {
		dev_err(trf->dev, "%s - Can't initialize: %d\n", __func__, ret);
1117
		return ret;
1118 1119
	}

1120
	trf->state = TRF7970A_ST_IDLE;
1121 1122

	return 0;
1123 1124 1125 1126 1127
}

static int trf7970a_switch_rf(struct nfc_digital_dev *ddev, bool on)
{
	struct trf7970a *trf = nfc_digital_get_drvdata(ddev);
1128
	int ret = 0;
1129 1130 1131 1132 1133 1134 1135

	dev_dbg(trf->dev, "Switching RF - state: %d, on: %d\n", trf->state, on);

	mutex_lock(&trf->lock);

	if (on) {
		switch (trf->state) {
1136
		case TRF7970A_ST_PWR_OFF:
1137
		case TRF7970A_ST_RF_OFF:
1138
			ret = trf7970a_switch_rf_on(trf);
1139 1140 1141 1142 1143 1144 1145 1146
			break;
		case TRF7970A_ST_IDLE:
		case TRF7970A_ST_IDLE_RX_BLOCKED:
			break;
		default:
			dev_err(trf->dev, "%s - Invalid request: %d %d\n",
					__func__, trf->state, on);
			trf7970a_switch_rf_off(trf);
1147
			ret = -EINVAL;
1148 1149 1150
		}
	} else {
		switch (trf->state) {
1151
		case TRF7970A_ST_PWR_OFF:
1152
		case TRF7970A_ST_RF_OFF:
1153 1154 1155 1156
			break;
		default:
			dev_err(trf->dev, "%s - Invalid request: %d %d\n",
					__func__, trf->state, on);
1157
			ret = -EINVAL;
1158 1159 1160
			/* FALLTHROUGH */
		case TRF7970A_ST_IDLE:
		case TRF7970A_ST_IDLE_RX_BLOCKED:
1161 1162
		case TRF7970A_ST_WAIT_FOR_RX_DATA:
		case TRF7970A_ST_WAIT_FOR_RX_DATA_CONT:
1163 1164 1165 1166 1167
			trf7970a_switch_rf_off(trf);
		}
	}

	mutex_unlock(&trf->lock);
1168
	return ret;
1169 1170
}

1171
static int trf7970a_in_config_rf_tech(struct trf7970a *trf, int tech)
1172 1173 1174 1175 1176 1177 1178
{
	int ret = 0;

	dev_dbg(trf->dev, "rf technology: %d\n", tech);

	switch (tech) {
	case NFC_DIGITAL_RF_TECH_106A:
1179
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_14443A_106;
1180
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_OOK;
1181
		trf->guard_time = TRF7970A_GUARD_TIME_NFCA;
1182
		break;
1183 1184 1185
	case NFC_DIGITAL_RF_TECH_106B:
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_14443B_106;
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_ASK10;
1186
		trf->guard_time = TRF7970A_GUARD_TIME_NFCB;
1187
		break;
1188 1189 1190
	case NFC_DIGITAL_RF_TECH_212F:
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_FELICA_212;
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_ASK10;
1191
		trf->guard_time = TRF7970A_GUARD_TIME_NFCF;
1192 1193 1194 1195
		break;
	case NFC_DIGITAL_RF_TECH_424F:
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_FELICA_424;
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_ASK10;
1196
		trf->guard_time = TRF7970A_GUARD_TIME_NFCF;
1197
		break;
1198
	case NFC_DIGITAL_RF_TECH_ISO15693:
1199
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_15693_SGL_1OF4_2648;
1200
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_OOK;
1201
		trf->guard_time = TRF7970A_GUARD_TIME_15693;
1202
		break;
1203 1204 1205 1206 1207 1208 1209
	default:
		dev_dbg(trf->dev, "Unsupported rf technology: %d\n", tech);
		return -EINVAL;
	}

	trf->technology = tech;

1210 1211 1212 1213 1214 1215 1216 1217
	/* If in initiator mode and not changing the RF tech due to a
	 * PSL sequence (indicated by 'trf->iso_ctrl == 0xff' from
	 * trf7970a_init()), clear the NFC Target Detection Level register
	 * due to erratum.
	 */
	if (trf->iso_ctrl == 0xff)
		ret = trf7970a_write(trf, TRF7970A_NFC_TARGET_LEVEL, 0);

1218 1219 1220
	return ret;
}

1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253
static int trf7970a_is_rf_field(struct trf7970a *trf, bool *is_rf_field)
{
	int ret;
	u8 rssi;

	ret = trf7970a_write(trf, TRF7970A_CHIP_STATUS_CTRL,
			trf->chip_status_ctrl | TRF7970A_CHIP_STATUS_REC_ON);
	if (ret)
		return ret;

	ret = trf7970a_cmd(trf, TRF7970A_CMD_TEST_EXT_RF);
	if (ret)
		return ret;

	usleep_range(50, 60);

	ret = trf7970a_read(trf, TRF7970A_RSSI_OSC_STATUS, &rssi);
	if (ret)
		return ret;

	ret = trf7970a_write(trf, TRF7970A_CHIP_STATUS_CTRL,
			trf->chip_status_ctrl);
	if (ret)
		return ret;

	if (rssi & TRF7970A_RSSI_OSC_STATUS_RSSI_MASK)
		*is_rf_field = true;
	else
		*is_rf_field = false;

	return 0;
}

1254
static int trf7970a_in_config_framing(struct trf7970a *trf, int framing)
1255
{
1256
	u8 iso_ctrl = trf->iso_ctrl_tech;
1257
	bool is_rf_field = false;
1258 1259
	int ret;

1260 1261 1262 1263 1264 1265
	dev_dbg(trf->dev, "framing: %d\n", framing);

	switch (framing) {
	case NFC_DIGITAL_FRAMING_NFCA_SHORT:
	case NFC_DIGITAL_FRAMING_NFCA_STANDARD:
		trf->tx_cmd = TRF7970A_CMD_TRANSMIT_NO_CRC;
1266
		iso_ctrl |= TRF7970A_ISO_CTRL_RX_CRC_N;
1267 1268
		break;
	case NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A:
1269
	case NFC_DIGITAL_FRAMING_NFCA_T4T:
1270 1271
	case NFC_DIGITAL_FRAMING_NFCB:
	case NFC_DIGITAL_FRAMING_NFCB_T4T:
1272 1273
	case NFC_DIGITAL_FRAMING_NFCF:
	case NFC_DIGITAL_FRAMING_NFCF_T3T:
1274 1275
	case NFC_DIGITAL_FRAMING_ISO15693_INVENTORY:
	case NFC_DIGITAL_FRAMING_ISO15693_T5T:
1276 1277
	case NFC_DIGITAL_FRAMING_NFCA_NFC_DEP:
	case NFC_DIGITAL_FRAMING_NFCF_NFC_DEP:
1278
		trf->tx_cmd = TRF7970A_CMD_TRANSMIT;
1279
		iso_ctrl &= ~TRF7970A_ISO_CTRL_RX_CRC_N;
1280 1281 1282
		break;
	case NFC_DIGITAL_FRAMING_NFCA_T2T:
		trf->tx_cmd = TRF7970A_CMD_TRANSMIT;
1283
		iso_ctrl |= TRF7970A_ISO_CTRL_RX_CRC_N;
1284 1285 1286 1287 1288 1289 1290 1291
		break;
	default:
		dev_dbg(trf->dev, "Unsupported Framing: %d\n", framing);
		return -EINVAL;
	}

	trf->framing = framing;

1292 1293 1294 1295 1296 1297 1298 1299 1300
	if (!(trf->chip_status_ctrl & TRF7970A_CHIP_STATUS_RF_ON)) {
		ret = trf7970a_is_rf_field(trf, &is_rf_field);
		if (ret)
			return ret;

		if (is_rf_field)
			return -EBUSY;
	}

1301 1302 1303 1304 1305 1306
	if (iso_ctrl != trf->iso_ctrl) {
		ret = trf7970a_write(trf, TRF7970A_ISO_CTRL, iso_ctrl);
		if (ret)
			return ret;

		trf->iso_ctrl = iso_ctrl;
1307 1308

		ret = trf7970a_write(trf, TRF7970A_MODULATOR_SYS_CLK_CTRL,
1309
				trf->modulator_sys_clk_ctrl);
1310 1311
		if (ret)
			return ret;
1312 1313
	}

1314 1315 1316 1317 1318 1319 1320 1321 1322
	if (!(trf->chip_status_ctrl & TRF7970A_CHIP_STATUS_RF_ON)) {
		ret = trf7970a_write(trf, TRF7970A_CHIP_STATUS_CTRL,
				trf->chip_status_ctrl |
					TRF7970A_CHIP_STATUS_RF_ON);
		if (ret)
			return ret;

		trf->chip_status_ctrl |= TRF7970A_CHIP_STATUS_RF_ON;

1323
		usleep_range(trf->guard_time, trf->guard_time + 1000);
1324 1325
	}

1326
	return 0;
1327 1328 1329 1330 1331 1332
}

static int trf7970a_in_configure_hw(struct nfc_digital_dev *ddev, int type,
		int param)
{
	struct trf7970a *trf = nfc_digital_get_drvdata(ddev);
1333
	int ret;
1334 1335 1336 1337 1338

	dev_dbg(trf->dev, "Configure hw - type: %d, param: %d\n", type, param);

	mutex_lock(&trf->lock);

1339 1340
	trf->is_initiator = true;

1341 1342
	if ((trf->state == TRF7970A_ST_PWR_OFF) ||
			(trf->state == TRF7970A_ST_RF_OFF)) {
1343 1344 1345 1346
		ret = trf7970a_switch_rf_on(trf);
		if (ret)
			goto err_unlock;
	}
1347 1348 1349

	switch (type) {
	case NFC_DIGITAL_CONFIG_RF_TECH:
1350
		ret = trf7970a_in_config_rf_tech(trf, param);
1351 1352
		break;
	case NFC_DIGITAL_CONFIG_FRAMING:
1353
		ret = trf7970a_in_config_framing(trf, param);
1354 1355 1356 1357 1358 1359
		break;
	default:
		dev_dbg(trf->dev, "Unknown type: %d\n", type);
		ret = -EINVAL;
	}

1360
err_unlock:
1361 1362 1363 1364
	mutex_unlock(&trf->lock);
	return ret;
}

1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381
static int trf7970a_is_iso15693_write_or_lock(u8 cmd)
{
	switch (cmd) {
	case ISO15693_CMD_WRITE_SINGLE_BLOCK:
	case ISO15693_CMD_LOCK_BLOCK:
	case ISO15693_CMD_WRITE_MULTIPLE_BLOCK:
	case ISO15693_CMD_WRITE_AFI:
	case ISO15693_CMD_LOCK_AFI:
	case ISO15693_CMD_WRITE_DSFID:
	case ISO15693_CMD_LOCK_DSFID:
		return 1;
		break;
	default:
		return 0;
	}
}

1382 1383 1384
static int trf7970a_per_cmd_config(struct trf7970a *trf, struct sk_buff *skb)
{
	u8 *req = skb->data;
1385
	u8 special_fcn_reg1, iso_ctrl;
1386 1387
	int ret;

1388 1389
	trf->issue_eof = false;

1390 1391 1392
	/* When issuing Type 2 read command, make sure the '4_bit_RX' bit in
	 * special functions register 1 is cleared; otherwise, its a write or
	 * sector select command and '4_bit_RX' must be set.
1393 1394 1395 1396 1397
	 *
	 * When issuing an ISO 15693 command, inspect the flags byte to see
	 * what speed to use.  Also, remember if the OPTION flag is set on
	 * a Type 5 write or lock command so the driver will know that it
	 * has to send an EOF in order to get a response.
1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413
	 */
	if ((trf->technology == NFC_DIGITAL_RF_TECH_106A) &&
			(trf->framing == NFC_DIGITAL_FRAMING_NFCA_T2T)) {
		if (req[0] == NFC_T2T_CMD_READ)
			special_fcn_reg1 = 0;
		else
			special_fcn_reg1 = TRF7970A_SPECIAL_FCN_REG1_4_BIT_RX;

		if (special_fcn_reg1 != trf->special_fcn_reg1) {
			ret = trf7970a_write(trf, TRF7970A_SPECIAL_FCN_REG1,
					special_fcn_reg1);
			if (ret)
				return ret;

			trf->special_fcn_reg1 = special_fcn_reg1;
		}
1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440
	} else if (trf->technology == NFC_DIGITAL_RF_TECH_ISO15693) {
		iso_ctrl = trf->iso_ctrl & ~TRF7970A_ISO_CTRL_RFID_SPEED_MASK;

		switch (req[0] & ISO15693_REQ_FLAG_SPEED_MASK) {
		case 0x00:
			iso_ctrl |= TRF7970A_ISO_CTRL_15693_SGL_1OF4_662;
			break;
		case ISO15693_REQ_FLAG_SUB_CARRIER:
			iso_ctrl |= TRF7970A_ISO_CTRL_15693_DBL_1OF4_667a;
			break;
		case ISO15693_REQ_FLAG_DATA_RATE:
			iso_ctrl |= TRF7970A_ISO_CTRL_15693_SGL_1OF4_2648;
			break;
		case (ISO15693_REQ_FLAG_SUB_CARRIER |
				ISO15693_REQ_FLAG_DATA_RATE):
			iso_ctrl |= TRF7970A_ISO_CTRL_15693_DBL_1OF4_2669;
			break;
		}

		if (iso_ctrl != trf->iso_ctrl) {
			ret = trf7970a_write(trf, TRF7970A_ISO_CTRL, iso_ctrl);
			if (ret)
				return ret;

			trf->iso_ctrl = iso_ctrl;
		}

1441 1442 1443 1444 1445 1446 1447 1448 1449
		if (trf->framing == NFC_DIGITAL_FRAMING_ISO15693_T5T) {
			if (trf7970a_is_iso15693_write_or_lock(req[1]) &&
					(req[0] & ISO15693_REQ_FLAG_OPTION))
				trf->issue_eof = true;
			else if ((trf->quirks &
					TRF7970A_QUIRK_T5T_RMB_EXTRA_BYTE) &&
				 (req[1] == ISO15693_CMD_READ_MULTIPLE_BLOCK))
				trf->adjust_resp_len = true;
		}
1450 1451 1452 1453 1454
	}

	return 0;
}

1455
static int trf7970a_send_cmd(struct nfc_digital_dev *ddev,
1456 1457 1458 1459
		struct sk_buff *skb, u16 timeout,
		nfc_digital_cmd_complete_t cb, void *arg)
{
	struct trf7970a *trf = nfc_digital_get_drvdata(ddev);
1460
	u8 prefix[5];
1461 1462
	unsigned int len;
	int ret;
1463
	u8 status;
1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487

	dev_dbg(trf->dev, "New request - state: %d, timeout: %d ms, len: %d\n",
			trf->state, timeout, skb->len);

	if (skb->len > TRF7970A_TX_MAX)
		return -EINVAL;

	mutex_lock(&trf->lock);

	if ((trf->state != TRF7970A_ST_IDLE) &&
			(trf->state != TRF7970A_ST_IDLE_RX_BLOCKED)) {
		dev_err(trf->dev, "%s - Bogus state: %d\n", __func__,
				trf->state);
		ret = -EIO;
		goto out_err;
	}

	if (trf->aborting) {
		dev_dbg(trf->dev, "Abort process complete\n");
		trf->aborting = false;
		ret = -ECANCELED;
		goto out_err;
	}

1488 1489 1490 1491 1492 1493 1494 1495
	if (timeout) {
		trf->rx_skb = nfc_alloc_recv_skb(TRF7970A_RX_SKB_ALLOC_SIZE,
				GFP_KERNEL);
		if (!trf->rx_skb) {
			dev_dbg(trf->dev, "Can't alloc rx_skb\n");
			ret = -ENOMEM;
			goto out_err;
		}
1496 1497 1498 1499 1500 1501 1502 1503 1504 1505
	}

	if (trf->state == TRF7970A_ST_IDLE_RX_BLOCKED) {
		ret = trf7970a_cmd(trf, TRF7970A_CMD_ENABLE_RX);
		if (ret)
			goto out_err;

		trf->state = TRF7970A_ST_IDLE;
	}

1506 1507 1508 1509 1510
	if (trf->is_initiator) {
		ret = trf7970a_per_cmd_config(trf, skb);
		if (ret)
			goto out_err;
	}
1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523

	trf->ddev = ddev;
	trf->tx_skb = skb;
	trf->cb = cb;
	trf->cb_arg = arg;
	trf->timeout = timeout;
	trf->ignore_timeout = false;

	len = skb->len;

	/* TX data must be prefixed with a FIFO reset cmd, a cmd that depends
	 * on what the current framing is, the address of the TX length byte 1
	 * register (0x1d), and the 2 byte length of the data to be transmitted.
1524
	 * That totals 5 bytes.
1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542
	 */
	prefix[0] = TRF7970A_CMD_BIT_CTRL |
			TRF7970A_CMD_BIT_OPCODE(TRF7970A_CMD_FIFO_RESET);
	prefix[1] = TRF7970A_CMD_BIT_CTRL |
			TRF7970A_CMD_BIT_OPCODE(trf->tx_cmd);
	prefix[2] = TRF7970A_CMD_BIT_CONTINUOUS | TRF7970A_TX_LENGTH_BYTE1;

	if (trf->framing == NFC_DIGITAL_FRAMING_NFCA_SHORT) {
		prefix[3] = 0x00;
		prefix[4] = 0x0f; /* 7 bits */
	} else {
		prefix[3] = (len & 0xf00) >> 4;
		prefix[3] |= ((len & 0xf0) >> 4);
		prefix[4] = ((len & 0x0f) << 4);
	}

	len = min_t(int, skb->len, TRF7970A_FIFO_SIZE);

1543 1544 1545 1546 1547
	/* Clear possible spurious interrupt */
	ret = trf7970a_read_irqstatus(trf, &status);
	if (ret)
		goto out_err;

1548
	ret = trf7970a_transmit(trf, skb, len, prefix, sizeof(prefix));
1549 1550 1551 1552 1553 1554 1555 1556 1557 1558
	if (ret) {
		kfree_skb(trf->rx_skb);
		trf->rx_skb = NULL;
	}

out_err:
	mutex_unlock(&trf->lock);
	return ret;
}

1559
static int trf7970a_tg_config_rf_tech(struct trf7970a *trf, int tech)
1560
{
1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587
	int ret = 0;

	dev_dbg(trf->dev, "rf technology: %d\n", tech);

	switch (tech) {
	case NFC_DIGITAL_RF_TECH_106A:
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_NFC_NFC_CE_MODE |
			TRF7970A_ISO_CTRL_NFC_CE |
			TRF7970A_ISO_CTRL_NFC_CE_14443A;
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_OOK;
		break;
	case NFC_DIGITAL_RF_TECH_212F:
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_NFC_NFC_CE_MODE |
			TRF7970A_ISO_CTRL_NFC_NFCF_212;
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_ASK10;
		break;
	case NFC_DIGITAL_RF_TECH_424F:
		trf->iso_ctrl_tech = TRF7970A_ISO_CTRL_NFC_NFC_CE_MODE |
			TRF7970A_ISO_CTRL_NFC_NFCF_424;
		trf->modulator_sys_clk_ctrl = TRF7970A_MODULATOR_DEPTH_ASK10;
		break;
	default:
		dev_dbg(trf->dev, "Unsupported rf technology: %d\n", tech);
		return -EINVAL;
	}

	trf->technology = tech;
1588

1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602
	/* Normally we write the ISO_CTRL register in
	 * trf7970a_tg_config_framing() because the framing can change
	 * the value written.  However, when sending a PSL RES,
	 * digital_tg_send_psl_res_complete() doesn't call
	 * trf7970a_tg_config_framing() so we must write the register
	 * here.
	 */
	if ((trf->framing == NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED) &&
			(trf->iso_ctrl_tech != trf->iso_ctrl)) {
		ret = trf7970a_write(trf, TRF7970A_ISO_CTRL,
				trf->iso_ctrl_tech);

		trf->iso_ctrl = trf->iso_ctrl_tech;
	}
1603

1604
	return ret;
1605 1606
}

1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673
/* Since this is a target routine, several of the framing calls are
 * made between receiving the request and sending the response so they
 * should take effect until after the response is sent.  This is accomplished
 * by skipping the ISO_CTRL register write here and doing it in the interrupt
 * handler.
 */
static int trf7970a_tg_config_framing(struct trf7970a *trf, int framing)
{
	u8 iso_ctrl = trf->iso_ctrl_tech;
	int ret;

	dev_dbg(trf->dev, "framing: %d\n", framing);

	switch (framing) {
	case NFC_DIGITAL_FRAMING_NFCA_NFC_DEP:
		trf->tx_cmd = TRF7970A_CMD_TRANSMIT_NO_CRC;
		iso_ctrl |= TRF7970A_ISO_CTRL_RX_CRC_N;
		break;
	case NFC_DIGITAL_FRAMING_NFCA_STANDARD:
	case NFC_DIGITAL_FRAMING_NFCA_STANDARD_WITH_CRC_A:
	case NFC_DIGITAL_FRAMING_NFCA_ANTICOL_COMPLETE:
		/* These ones are applied in the interrupt handler */
		iso_ctrl = trf->iso_ctrl; /* Don't write to ISO_CTRL yet */
		break;
	case NFC_DIGITAL_FRAMING_NFCF_NFC_DEP:
		trf->tx_cmd = TRF7970A_CMD_TRANSMIT;
		iso_ctrl &= ~TRF7970A_ISO_CTRL_RX_CRC_N;
		break;
	case NFC_DIGITAL_FRAMING_NFC_DEP_ACTIVATED:
		trf->tx_cmd = TRF7970A_CMD_TRANSMIT;
		iso_ctrl &= ~TRF7970A_ISO_CTRL_RX_CRC_N;
		break;
	default:
		dev_dbg(trf->dev, "Unsupported Framing: %d\n", framing);
		return -EINVAL;
	}

	trf->framing = framing;

	if (iso_ctrl != trf->iso_ctrl) {
		ret = trf7970a_write(trf, TRF7970A_ISO_CTRL, iso_ctrl);
		if (ret)
			return ret;

		trf->iso_ctrl = iso_ctrl;

		ret = trf7970a_write(trf, TRF7970A_MODULATOR_SYS_CLK_CTRL,
				trf->modulator_sys_clk_ctrl);
		if (ret)
			return ret;
	}

	if (!(trf->chip_status_ctrl & TRF7970A_CHIP_STATUS_RF_ON)) {
		ret = trf7970a_write(trf, TRF7970A_CHIP_STATUS_CTRL,
				trf->chip_status_ctrl |
					TRF7970A_CHIP_STATUS_RF_ON);
		if (ret)
			return ret;

		trf->chip_status_ctrl |= TRF7970A_CHIP_STATUS_RF_ON;
	}

	return 0;
}

static int trf7970a_tg_configure_hw(struct nfc_digital_dev *ddev, int type,
		int param)
1674 1675
{
	struct trf7970a *trf = nfc_digital_get_drvdata(ddev);
1676 1677 1678 1679 1680 1681 1682
	int ret;

	dev_dbg(trf->dev, "Configure hw - type: %d, param: %d\n", type, param);

	mutex_lock(&trf->lock);

	trf->is_initiator = false;
1683

1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701
	if ((trf->state == TRF7970A_ST_PWR_OFF) ||
			(trf->state == TRF7970A_ST_RF_OFF)) {
		ret = trf7970a_switch_rf_on(trf);
		if (ret)
			goto err_unlock;
	}

	switch (type) {
	case NFC_DIGITAL_CONFIG_RF_TECH:
		ret = trf7970a_tg_config_rf_tech(trf, param);
		break;
	case NFC_DIGITAL_CONFIG_FRAMING:
		ret = trf7970a_tg_config_framing(trf, param);
		break;
	default:
		dev_dbg(trf->dev, "Unknown type: %d\n", type);
		ret = -EINVAL;
	}
1702

1703 1704 1705
err_unlock:
	mutex_unlock(&trf->lock);
	return ret;
1706 1707
}

1708 1709
static int _trf7970a_tg_listen(struct nfc_digital_dev *ddev, u16 timeout,
		nfc_digital_cmd_complete_t cb, void *arg, bool mode_detect)
1710 1711
{
	struct trf7970a *trf = nfc_digital_get_drvdata(ddev);
1712 1713 1714
	int ret;

	mutex_lock(&trf->lock);
1715

1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744
	if ((trf->state != TRF7970A_ST_IDLE) &&
			(trf->state != TRF7970A_ST_IDLE_RX_BLOCKED)) {
		dev_err(trf->dev, "%s - Bogus state: %d\n", __func__,
				trf->state);
		ret = -EIO;
		goto out_err;
	}

	if (trf->aborting) {
		dev_dbg(trf->dev, "Abort process complete\n");
		trf->aborting = false;
		ret = -ECANCELED;
		goto out_err;
	}

	trf->rx_skb = nfc_alloc_recv_skb(TRF7970A_RX_SKB_ALLOC_SIZE,
			GFP_KERNEL);
	if (!trf->rx_skb) {
		dev_dbg(trf->dev, "Can't alloc rx_skb\n");
		ret = -ENOMEM;
		goto out_err;
	}

	ret = trf7970a_write(trf, TR