| OLD | NEW |
|---|
| 1 #if defined(__aarch64__) | 1 #if defined(__aarch64__) |
| 2 #include "arm_arch.h" | 2 #include <openssl/arm_arch.h> |
| 3 | 3 |
| 4 .text | 4 .text |
| 5 #if !defined(__clang__) | 5 #if !defined(__clang__) |
| 6 .arch armv8-a+crypto | 6 .arch armv8-a+crypto |
| 7 #endif | 7 #endif |
| 8 .globl gcm_init_v8 | 8 .globl gcm_init_v8 |
| 9 .type gcm_init_v8,%function | 9 .type gcm_init_v8,%function |
| 10 .align 4 | 10 .align 4 |
| 11 gcm_init_v8: | 11 gcm_init_v8: |
| 12 ld1 {v17.2d},[x1] //load input H | 12 ld1 {v17.2d},[x1] //load input H |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 61 gcm_gmult_v8: | 61 gcm_gmult_v8: |
| 62 ld1 {v17.2d},[x0] //load Xi | 62 ld1 {v17.2d},[x0] //load Xi |
| 63 movi v19.16b,#0xe1 | 63 movi v19.16b,#0xe1 |
| 64 ld1 {v20.2d,v21.2d},[x1] //load twisted H, ... | 64 ld1 {v20.2d,v21.2d},[x1] //load twisted H, ... |
| 65 shl v19.2d,v19.2d,#57 | 65 shl v19.2d,v19.2d,#57 |
| 66 #ifndef __ARMEB__ | 66 #ifndef __ARMEB__ |
| 67 rev64 v17.16b,v17.16b | 67 rev64 v17.16b,v17.16b |
| 68 #endif | 68 #endif |
| 69 ext v3.16b,v17.16b,v17.16b,#8 | 69 ext v3.16b,v17.16b,v17.16b,#8 |
| 70 | 70 |
| 71 » pmull» v0.1q,v20.1d,v3.1d» » //H.lo·Xi.lo | 71 » pmull» v0.1q,v20.1d,v3.1d» » //H.lo·Xi.lo |
| 72 eor v17.16b,v17.16b,v3.16b //Karatsuba pre-processing | 72 eor v17.16b,v17.16b,v3.16b //Karatsuba pre-processing |
| 73 » pmull2» v2.1q,v20.2d,v3.2d» » //H.hi·Xi.hi | 73 » pmull2» v2.1q,v20.2d,v3.2d» » //H.hi·Xi.hi |
| 74 » pmull» v1.1q,v21.1d,v17.1d» » //(H.lo+H.hi)·(Xi.lo+Xi.hi) | 74 » pmull» v1.1q,v21.1d,v17.1d» » //(H.lo+H.hi)·(Xi.lo+Xi.hi) |
| 75 | 75 |
| 76 ext v17.16b,v0.16b,v2.16b,#8 //Karatsuba post-process
ing | 76 ext v17.16b,v0.16b,v2.16b,#8 //Karatsuba post-process
ing |
| 77 eor v18.16b,v0.16b,v2.16b | 77 eor v18.16b,v0.16b,v2.16b |
| 78 eor v1.16b,v1.16b,v17.16b | 78 eor v1.16b,v1.16b,v17.16b |
| 79 eor v1.16b,v1.16b,v18.16b | 79 eor v1.16b,v1.16b,v18.16b |
| 80 pmull v18.1q,v0.1d,v19.1d //1st phase of reduction | 80 pmull v18.1q,v0.1d,v19.1d //1st phase of reduction |
| 81 | 81 |
| 82 ins v2.d[0],v1.d[1] | 82 ins v2.d[0],v1.d[1] |
| 83 ins v1.d[1],v0.d[0] | 83 ins v1.d[1],v0.d[0] |
| 84 eor v0.16b,v1.16b,v18.16b | 84 eor v0.16b,v1.16b,v18.16b |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 128 rev64 v0.16b,v0.16b | 128 rev64 v0.16b,v0.16b |
| 129 #endif | 129 #endif |
| 130 ext v3.16b,v16.16b,v16.16b,#8 //rotate I[0] | 130 ext v3.16b,v16.16b,v16.16b,#8 //rotate I[0] |
| 131 b.lo .Lodd_tail_v8 //x3 was less than 32 | 131 b.lo .Lodd_tail_v8 //x3 was less than 32 |
| 132 ld1 {v17.2d},[x2],x12 //load [rotated] I[1] | 132 ld1 {v17.2d},[x2],x12 //load [rotated] I[1] |
| 133 #ifndef __ARMEB__ | 133 #ifndef __ARMEB__ |
| 134 rev64 v17.16b,v17.16b | 134 rev64 v17.16b,v17.16b |
| 135 #endif | 135 #endif |
| 136 ext v7.16b,v17.16b,v17.16b,#8 | 136 ext v7.16b,v17.16b,v17.16b,#8 |
| 137 eor v3.16b,v3.16b,v0.16b //I[i]^=Xi | 137 eor v3.16b,v3.16b,v0.16b //I[i]^=Xi |
| 138 » pmull» v4.1q,v20.1d,v7.1d» » //H·Ii+1 | 138 » pmull» v4.1q,v20.1d,v7.1d» » //H·Ii+1 |
| 139 eor v17.16b,v17.16b,v7.16b //Karatsuba pre-processing | 139 eor v17.16b,v17.16b,v7.16b //Karatsuba pre-processing |
| 140 pmull2 v6.1q,v20.2d,v7.2d | 140 pmull2 v6.1q,v20.2d,v7.2d |
| 141 b .Loop_mod2x_v8 | 141 b .Loop_mod2x_v8 |
| 142 | 142 |
| 143 .align 4 | 143 .align 4 |
| 144 .Loop_mod2x_v8: | 144 .Loop_mod2x_v8: |
| 145 ext v18.16b,v3.16b,v3.16b,#8 | 145 ext v18.16b,v3.16b,v3.16b,#8 |
| 146 subs x3,x3,#32 //is there more data? | 146 subs x3,x3,#32 //is there more data? |
| 147 » pmull» v0.1q,v22.1d,v3.1d» » //H^2.lo·Xi.lo | 147 » pmull» v0.1q,v22.1d,v3.1d» » //H^2.lo·Xi.lo |
| 148 csel x12,xzr,x12,lo //is it time to zero x12? | 148 csel x12,xzr,x12,lo //is it time to zero x12? |
| 149 | 149 |
| 150 pmull v5.1q,v21.1d,v17.1d | 150 pmull v5.1q,v21.1d,v17.1d |
| 151 eor v18.16b,v18.16b,v3.16b //Karatsuba pre-processing | 151 eor v18.16b,v18.16b,v3.16b //Karatsuba pre-processing |
| 152 » pmull2» v2.1q,v22.2d,v3.2d» » //H^2.hi·Xi.hi | 152 » pmull2» v2.1q,v22.2d,v3.2d» » //H^2.hi·Xi.hi |
| 153 eor v0.16b,v0.16b,v4.16b //accumulate | 153 eor v0.16b,v0.16b,v4.16b //accumulate |
| 154 » pmull2» v1.1q,v21.2d,v18.2d» » //(H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) | 154 » pmull2» v1.1q,v21.2d,v18.2d» » //(H^2.lo+H^2.hi)·(Xi.lo+Xi.hi) |
| 155 ld1 {v16.2d},[x2],x12 //load [rotated] I[i+2] | 155 ld1 {v16.2d},[x2],x12 //load [rotated] I[i+2] |
| 156 | 156 |
| 157 eor v2.16b,v2.16b,v6.16b | 157 eor v2.16b,v2.16b,v6.16b |
| 158 csel x12,xzr,x12,eq //is it time to zero x12? | 158 csel x12,xzr,x12,eq //is it time to zero x12? |
| 159 eor v1.16b,v1.16b,v5.16b | 159 eor v1.16b,v1.16b,v5.16b |
| 160 | 160 |
| 161 ext v17.16b,v0.16b,v2.16b,#8 //Karatsuba post-process
ing | 161 ext v17.16b,v0.16b,v2.16b,#8 //Karatsuba post-process
ing |
| 162 eor v18.16b,v0.16b,v2.16b | 162 eor v18.16b,v0.16b,v2.16b |
| 163 eor v1.16b,v1.16b,v17.16b | 163 eor v1.16b,v1.16b,v17.16b |
| 164 ld1 {v17.2d},[x2],x12 //load [rotated] I[i+3] | 164 ld1 {v17.2d},[x2],x12 //load [rotated] I[i+3] |
| 165 #ifndef __ARMEB__ | 165 #ifndef __ARMEB__ |
| 166 rev64 v16.16b,v16.16b | 166 rev64 v16.16b,v16.16b |
| 167 #endif | 167 #endif |
| 168 eor v1.16b,v1.16b,v18.16b | 168 eor v1.16b,v1.16b,v18.16b |
| 169 pmull v18.1q,v0.1d,v19.1d //1st phase of reduction | 169 pmull v18.1q,v0.1d,v19.1d //1st phase of reduction |
| 170 | 170 |
| 171 #ifndef __ARMEB__ | 171 #ifndef __ARMEB__ |
| 172 rev64 v17.16b,v17.16b | 172 rev64 v17.16b,v17.16b |
| 173 #endif | 173 #endif |
| 174 ins v2.d[0],v1.d[1] | 174 ins v2.d[0],v1.d[1] |
| 175 ins v1.d[1],v0.d[0] | 175 ins v1.d[1],v0.d[0] |
| 176 ext v7.16b,v17.16b,v17.16b,#8 | 176 ext v7.16b,v17.16b,v17.16b,#8 |
| 177 ext v3.16b,v16.16b,v16.16b,#8 | 177 ext v3.16b,v16.16b,v16.16b,#8 |
| 178 eor v0.16b,v1.16b,v18.16b | 178 eor v0.16b,v1.16b,v18.16b |
| 179 » pmull» v4.1q,v20.1d,v7.1d» » //H·Ii+1 | 179 » pmull» v4.1q,v20.1d,v7.1d» » //H·Ii+1 |
| 180 eor v3.16b,v3.16b,v2.16b //accumulate v3.16b early | 180 eor v3.16b,v3.16b,v2.16b //accumulate v3.16b early |
| 181 | 181 |
| 182 ext v18.16b,v0.16b,v0.16b,#8 //2nd phase of reduction | 182 ext v18.16b,v0.16b,v0.16b,#8 //2nd phase of reduction |
| 183 pmull v0.1q,v0.1d,v19.1d | 183 pmull v0.1q,v0.1d,v19.1d |
| 184 eor v3.16b,v3.16b,v18.16b | 184 eor v3.16b,v3.16b,v18.16b |
| 185 eor v17.16b,v17.16b,v7.16b //Karatsuba pre-processing | 185 eor v17.16b,v17.16b,v7.16b //Karatsuba pre-processing |
| 186 eor v3.16b,v3.16b,v0.16b | 186 eor v3.16b,v3.16b,v0.16b |
| 187 pmull2 v6.1q,v20.2d,v7.2d | 187 pmull2 v6.1q,v20.2d,v7.2d |
| 188 b.hs .Loop_mod2x_v8 //there was at least 32 more bytes | 188 b.hs .Loop_mod2x_v8 //there was at least 32 more bytes |
| 189 | 189 |
| 190 eor v2.16b,v2.16b,v18.16b | 190 eor v2.16b,v2.16b,v18.16b |
| 191 ext v3.16b,v16.16b,v16.16b,#8 //re-construct v3.16b | 191 ext v3.16b,v16.16b,v16.16b,#8 //re-construct v3.16b |
| 192 adds x3,x3,#32 //re-construct x3 | 192 adds x3,x3,#32 //re-construct x3 |
| 193 eor v0.16b,v0.16b,v2.16b //re-construct v0.16b | 193 eor v0.16b,v0.16b,v2.16b //re-construct v0.16b |
| 194 b.eq .Ldone_v8 //is x3 zero? | 194 b.eq .Ldone_v8 //is x3 zero? |
| 195 .Lodd_tail_v8: | 195 .Lodd_tail_v8: |
| 196 ext v18.16b,v0.16b,v0.16b,#8 | 196 ext v18.16b,v0.16b,v0.16b,#8 |
| 197 eor v3.16b,v3.16b,v0.16b //inp^=Xi | 197 eor v3.16b,v3.16b,v0.16b //inp^=Xi |
| 198 eor v17.16b,v16.16b,v18.16b //v17.16b is rotated inp^Xi | 198 eor v17.16b,v16.16b,v18.16b //v17.16b is rotated inp^Xi |
| 199 | 199 |
| 200 » pmull» v0.1q,v20.1d,v3.1d» » //H.lo·Xi.lo | 200 » pmull» v0.1q,v20.1d,v3.1d» » //H.lo·Xi.lo |
| 201 eor v17.16b,v17.16b,v3.16b //Karatsuba pre-processing | 201 eor v17.16b,v17.16b,v3.16b //Karatsuba pre-processing |
| 202 » pmull2» v2.1q,v20.2d,v3.2d» » //H.hi·Xi.hi | 202 » pmull2» v2.1q,v20.2d,v3.2d» » //H.hi·Xi.hi |
| 203 » pmull» v1.1q,v21.1d,v17.1d» » //(H.lo+H.hi)·(Xi.lo+Xi.hi) | 203 » pmull» v1.1q,v21.1d,v17.1d» » //(H.lo+H.hi)·(Xi.lo+Xi.hi) |
| 204 | 204 |
| 205 ext v17.16b,v0.16b,v2.16b,#8 //Karatsuba post-process
ing | 205 ext v17.16b,v0.16b,v2.16b,#8 //Karatsuba post-process
ing |
| 206 eor v18.16b,v0.16b,v2.16b | 206 eor v18.16b,v0.16b,v2.16b |
| 207 eor v1.16b,v1.16b,v17.16b | 207 eor v1.16b,v1.16b,v17.16b |
| 208 eor v1.16b,v1.16b,v18.16b | 208 eor v1.16b,v1.16b,v18.16b |
| 209 pmull v18.1q,v0.1d,v19.1d //1st phase of reduction | 209 pmull v18.1q,v0.1d,v19.1d //1st phase of reduction |
| 210 | 210 |
| 211 ins v2.d[0],v1.d[1] | 211 ins v2.d[0],v1.d[1] |
| 212 ins v1.d[1],v0.d[0] | 212 ins v1.d[1],v0.d[0] |
| 213 eor v0.16b,v1.16b,v18.16b | 213 eor v0.16b,v1.16b,v18.16b |
| 214 | 214 |
| 215 ext v18.16b,v0.16b,v0.16b,#8 //2nd phase of reduction | 215 ext v18.16b,v0.16b,v0.16b,#8 //2nd phase of reduction |
| 216 pmull v0.1q,v0.1d,v19.1d | 216 pmull v0.1q,v0.1d,v19.1d |
| 217 eor v18.16b,v18.16b,v2.16b | 217 eor v18.16b,v18.16b,v2.16b |
| 218 eor v0.16b,v0.16b,v18.16b | 218 eor v0.16b,v0.16b,v18.16b |
| 219 | 219 |
| 220 .Ldone_v8: | 220 .Ldone_v8: |
| 221 #ifndef __ARMEB__ | 221 #ifndef __ARMEB__ |
| 222 rev64 v0.16b,v0.16b | 222 rev64 v0.16b,v0.16b |
| 223 #endif | 223 #endif |
| 224 ext v0.16b,v0.16b,v0.16b,#8 | 224 ext v0.16b,v0.16b,v0.16b,#8 |
| 225 st1 {v0.2d},[x0] //write out Xi | 225 st1 {v0.2d},[x0] //write out Xi |
| 226 | 226 |
| 227 ret | 227 ret |
| 228 .size gcm_ghash_v8,.-gcm_ghash_v8 | 228 .size gcm_ghash_v8,.-gcm_ghash_v8 |
| 229 .byte 71,72,65,83,72,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79
,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,4
6,111,114,103,62,0 | 229 .byte 71,72,65,83,72,32,102,111,114,32,65,82,77,118,56,44,32,67,82,89,80,84,79
,71,65,77,83,32,98,121,32,60,97,112,112,114,111,64,111,112,101,110,115,115,108,4
6,111,114,103,62,0 |
| 230 .align 2 | 230 .align 2 |
| 231 .align 2 | 231 .align 2 |
| 232 #endif | 232 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1653973006:
Update BoringSSL to commit afe57cb14d36f70ad4a109fc5e7765d1adc67035 (Closed)
Base URL: git@github.com:dart-lang/sdk.git@master