3 # Specific modes implementations for SPARC Architecture 2011. There
4 # is T4 dependency though, an ASI value that is not specified in the
5 # Architecture Manual. But as SPARC universe is rather monocultural,
6 # we imply that processor capable of executing crypto instructions
7 # can handle the ASI in question as well. This means that we ought to
8 # keep eyes open when new processors emerge...
10 # As for above mentioned ASI. It's so called "block initializing
11 # store" which cancels "read" in "read-update-write" on cache lines.
12 # This is "cooperative" optimization, as it reduces overall pressure
13 # on memory interface. Benefits can't be observed/quantified with
14 # usual benchmarks, on the contrary you can notice that single-thread
15 # performance for parallelizable modes is ~1.5% worse for largest
16 # block sizes [though few percent better for not so long ones]. All
17 # this based on suggestions from David Miller.
20 $::frame="STACK_FRAME";
21 $::size_t_cc="SIZE_T_CC";
23 sub asm_init { # to be called with @ARGV as argument
24 for (@_) { $::abibits=64 if (/\-m64/ || /\-xarch\=v9/); }
25 if ($::abibits==64) { $::bias=2047; $::frame=192; $::size_t_cc="%xcc"; }
26 else { $::bias=0; $::frame=112; $::size_t_cc="%icc"; }
30 my ($inp,$out,$len,$key,$ivec)=map("%i$_",(0..5));
32 my ($ileft,$iright,$ooff,$omask,$ivoff,$blk_init)=map("%l$_",(0..7));
34 sub alg_cbc_encrypt_implement {
38 .globl ${alg}${bits}_t4_cbc_encrypt
40 ${alg}${bits}_t4_cbc_encrypt:
41 save %sp, -$::frame, %sp
43 be,pn $::size_t_cc, .L${bits}_cbc_enc_abort
44 sub $inp, $out, $blk_init ! $inp!=$out
46 $::code.=<<___ if (!$::evp);
47 andcc $ivec, 7, $ivoff
48 alignaddr $ivec, %g0, $ivec
50 ldd [$ivec + 0], %f0 ! load ivec
54 faligndata %f0, %f2, %f0
55 faligndata %f2, %f4, %f2
58 $::code.=<<___ if ($::evp);
66 prefetch [$inp + 63], 20
67 call _${alg}${bits}_load_enckey
73 sub $iright, $ileft, $iright
76 movrnz $ooff, 0, $blk_init ! if ( $out&7 ||
77 movleu $::size_t_cc, 0, $blk_init ! $len<128 ||
78 brnz,pn $blk_init, .L${bits}cbc_enc_blk ! $inp==$out)
79 srl $omask, $ooff, $omask
81 alignaddrl $out, %g0, $out
85 .L${bits}_cbc_enc_loop:
92 srlx %o1, $iright, %g1
95 srlx %o2, $iright, %o2
98 xor %g4, %o0, %o0 ! ^= rk[0]
103 fxor %f12, %f0, %f0 ! ^= ivec
105 prefetch [$out + 63], 22
106 prefetch [$inp + 16+63], 20
107 call _${alg}${bits}_encrypt_1x
115 brnz,pt $len, .L${bits}_cbc_enc_loop
118 $::code.=<<___ if ($::evp);
124 $::code.=<<___ if (!$::evp);
128 std %f0, [$ivec + 0] ! write out ivec
132 .L${bits}_cbc_enc_abort:
137 2: ldxa [$inp]0x82, %o0 ! avoid read-after-write hazard
138 ! and ~3x deterioration
140 faligndata %f0, %f0, %f4 ! handle unaligned output
141 faligndata %f0, %f2, %f6
142 faligndata %f2, %f2, %f8
144 stda %f4, [$out + $omask]0xc0 ! partial store
147 orn %g0, $omask, $omask
148 stda %f8, [$out + $omask]0xc0 ! partial store
150 brnz,pt $len, .L${bits}_cbc_enc_loop+4
151 orn %g0, $omask, $omask
153 $::code.=<<___ if ($::evp);
159 $::code.=<<___ if (!$::evp);
163 std %f0, [$ivec + 0] ! write out ivec
169 3: alignaddrl $ivec, $ivoff, %g0 ! handle unaligned ivec
171 srl $omask, $ivoff, $omask
172 faligndata %f0, %f0, %f4
173 faligndata %f0, %f2, %f6
174 faligndata %f2, %f2, %f8
175 stda %f4, [$ivec + $omask]0xc0
178 orn %g0, $omask, $omask
179 stda %f8, [$ivec + $omask]0xc0
185 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
187 .L${bits}cbc_enc_blk:
188 add $out, $len, $blk_init
189 and $blk_init, 63, $blk_init ! tail
190 sub $len, $blk_init, $len
191 add $blk_init, 15, $blk_init ! round up to 16n
193 srl $blk_init, 4, $blk_init
195 .L${bits}_cbc_enc_blk_loop:
201 sllx %o0, $ileft, %o0
202 srlx %o1, $iright, %g1
203 sllx %o1, $ileft, %o1
205 srlx %o2, $iright, %o2
208 xor %g4, %o0, %o0 ! ^= rk[0]
213 fxor %f12, %f0, %f0 ! ^= ivec
215 prefetch [$inp + 16+63], 20
216 call _${alg}${bits}_encrypt_1x
220 stda %f0, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
222 stda %f2, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
223 brnz,pt $len, .L${bits}_cbc_enc_blk_loop
226 membar #StoreLoad|#StoreStore
227 brnz,pt $blk_init, .L${bits}_cbc_enc_loop
230 $::code.=<<___ if ($::evp);
236 $::code.=<<___ if (!$::evp);
240 std %f0, [$ivec + 0] ! write out ivec
246 .type ${alg}${bits}_t4_cbc_encrypt,#function
247 .size ${alg}${bits}_t4_cbc_encrypt,.-${alg}${bits}_t4_cbc_encrypt
251 sub alg_cbc_decrypt_implement {
252 my ($alg,$bits) = @_;
255 .globl ${alg}${bits}_t4_cbc_decrypt
257 ${alg}${bits}_t4_cbc_decrypt:
258 save %sp, -$::frame, %sp
260 be,pn $::size_t_cc, .L${bits}_cbc_dec_abort
261 sub $inp, $out, $blk_init ! $inp!=$out
263 $::code.=<<___ if (!$::evp);
264 andcc $ivec, 7, $ivoff
265 alignaddr $ivec, %g0, $ivec
267 ldd [$ivec + 0], %f12 ! load ivec
269 ldd [$ivec + 8], %f14
270 ldd [$ivec + 16], %f0
271 faligndata %f12, %f14, %f12
272 faligndata %f14, %f0, %f14
275 $::code.=<<___ if ($::evp);
276 ld [$ivec + 0], %f12 ! load ivec
279 ld [$ivec + 12], %f15
283 prefetch [$inp + 63], 20
284 call _${alg}${bits}_load_deckey
287 sll $ileft, 3, $ileft
290 sub $iright, $ileft, $iright
293 movrnz $ooff, 0, $blk_init ! if ( $out&7 ||
294 movleu $::size_t_cc, 0, $blk_init ! $len<256 ||
295 brnz,pn $blk_init, .L${bits}cbc_dec_blk ! $inp==$out)
296 srl $omask, $ooff, $omask
298 andcc $len, 16, %g0 ! is number of blocks even?
300 alignaddrl $out, %g0, $out
301 bz %icc, .L${bits}_cbc_dec_loop2x
303 .L${bits}_cbc_dec_loop:
309 sllx %o0, $ileft, %o0
310 srlx %o1, $iright, %g1
311 sllx %o1, $ileft, %o1
313 srlx %o2, $iright, %o2
316 xor %g4, %o0, %o2 ! ^= rk[0]
321 prefetch [$out + 63], 22
322 prefetch [$inp + 16+63], 20
323 call _${alg}${bits}_decrypt_1x
326 fxor %f12, %f0, %f0 ! ^= ivec
336 brnz,pt $len, .L${bits}_cbc_dec_loop2x
339 $::code.=<<___ if ($::evp);
343 st %f15, [$ivec + 12]
345 $::code.=<<___ if (!$::evp);
346 brnz,pn $ivoff, .L${bits}_cbc_dec_unaligned_ivec
349 std %f12, [$ivec + 0] ! write out ivec
350 std %f14, [$ivec + 8]
353 .L${bits}_cbc_dec_abort:
358 2: ldxa [$inp]0x82, %o0 ! avoid read-after-write hazard
359 ! and ~3x deterioration
361 faligndata %f0, %f0, %f4 ! handle unaligned output
362 faligndata %f0, %f2, %f6
363 faligndata %f2, %f2, %f8
365 stda %f4, [$out + $omask]0xc0 ! partial store
368 orn %g0, $omask, $omask
369 stda %f8, [$out + $omask]0xc0 ! partial store
371 brnz,pt $len, .L${bits}_cbc_dec_loop2x+4
372 orn %g0, $omask, $omask
374 $::code.=<<___ if ($::evp);
378 st %f15, [$ivec + 12]
380 $::code.=<<___ if (!$::evp);
381 brnz,pn $ivoff, .L${bits}_cbc_dec_unaligned_ivec
384 std %f12, [$ivec + 0] ! write out ivec
385 std %f14, [$ivec + 8]
391 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
393 .L${bits}_cbc_dec_loop2x:
401 sllx %o0, $ileft, %o0
402 srlx %o1, $iright, %g1
404 sllx %o1, $ileft, %o1
405 srlx %o2, $iright, %g1
407 sllx %o2, $ileft, %o2
408 srlx %o3, $iright, %g1
410 sllx %o3, $ileft, %o3
411 srlx %o4, $iright, %o4
414 xor %g4, %o0, %o4 ! ^= rk[0]
423 prefetch [$out + 63], 22
424 prefetch [$inp + 32+63], 20
425 call _${alg}${bits}_decrypt_2x
430 fxor %f12, %f0, %f0 ! ^= ivec
444 brnz,pt $len, .L${bits}_cbc_dec_loop2x
447 $::code.=<<___ if ($::evp);
451 st %f15, [$ivec + 12]
453 $::code.=<<___ if (!$::evp);
454 brnz,pn $ivoff, .L${bits}_cbc_dec_unaligned_ivec
457 std %f12, [$ivec + 0] ! write out ivec
458 std %f14, [$ivec + 8]
465 2: ldxa [$inp]0x82, %o0 ! avoid read-after-write hazard
466 ! and ~3x deterioration
468 faligndata %f0, %f0, %f8 ! handle unaligned output
469 faligndata %f0, %f2, %f0
470 faligndata %f2, %f4, %f2
471 faligndata %f4, %f6, %f4
472 faligndata %f6, %f6, %f6
473 stda %f8, [$out + $omask]0xc0 ! partial store
478 orn %g0, $omask, $omask
479 stda %f6, [$out + $omask]0xc0 ! partial store
481 brnz,pt $len, .L${bits}_cbc_dec_loop2x+4
482 orn %g0, $omask, $omask
484 $::code.=<<___ if ($::evp);
488 st %f15, [$ivec + 12]
490 $::code.=<<___ if (!$::evp);
491 brnz,pn $ivoff, .L${bits}_cbc_dec_unaligned_ivec
494 std %f12, [$ivec + 0] ! write out ivec
495 std %f14, [$ivec + 8]
500 .L${bits}_cbc_dec_unaligned_ivec:
501 alignaddrl $ivec, $ivoff, %g0 ! handle unaligned ivec
503 srl $omask, $ivoff, $omask
504 faligndata %f12, %f12, %f0
505 faligndata %f12, %f14, %f2
506 faligndata %f14, %f14, %f4
507 stda %f0, [$ivec + $omask]0xc0
510 orn %g0, $omask, $omask
511 stda %f4, [$ivec + $omask]0xc0
517 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
519 .L${bits}cbc_dec_blk:
520 add $out, $len, $blk_init
521 and $blk_init, 63, $blk_init ! tail
522 sub $len, $blk_init, $len
523 add $blk_init, 15, $blk_init ! round up to 16n
525 srl $blk_init, 4, $blk_init
527 add $blk_init, 1, $blk_init
529 .L${bits}_cbc_dec_blk_loop2x:
537 sllx %o0, $ileft, %o0
538 srlx %o1, $iright, %g1
540 sllx %o1, $ileft, %o1
541 srlx %o2, $iright, %g1
543 sllx %o2, $ileft, %o2
544 srlx %o3, $iright, %g1
546 sllx %o3, $ileft, %o3
547 srlx %o4, $iright, %o4
550 xor %g4, %o0, %o4 ! ^= rk[0]
559 prefetch [$inp + 32+63], 20
560 call _${alg}${bits}_decrypt_2x
566 fxor %f12, %f0, %f0 ! ^= ivec
573 stda %f0, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
575 stda %f2, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
577 stda %f4, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
579 stda %f6, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
580 bgu,pt $::size_t_cc, .L${bits}_cbc_dec_blk_loop2x
583 add $blk_init, $len, $len
584 andcc $len, 1, %g0 ! is number of blocks even?
585 membar #StoreLoad|#StoreStore
586 bnz,pt %icc, .L${bits}_cbc_dec_loop
588 brnz,pn $len, .L${bits}_cbc_dec_loop2x
591 $::code.=<<___ if ($::evp);
592 st %f12, [$ivec + 0] ! write out ivec
595 st %f15, [$ivec + 12]
597 $::code.=<<___ if (!$::evp);
601 std %f12, [$ivec + 0] ! write out ivec
602 std %f14, [$ivec + 8]
607 .type ${alg}${bits}_t4_cbc_decrypt,#function
608 .size ${alg}${bits}_t4_cbc_decrypt,.-${alg}${bits}_t4_cbc_decrypt
612 sub alg_ctr32_implement {
613 my ($alg,$bits) = @_;
616 .globl ${alg}${bits}_t4_ctr32_encrypt
618 ${alg}${bits}_t4_ctr32_encrypt:
619 save %sp, -$::frame, %sp
622 prefetch [$inp + 63], 20
623 call _${alg}${bits}_load_enckey
626 ld [$ivec + 0], %l4 ! counter
634 xor %o5, %g4, %g4 ! ^= rk[0]
636 movxtod %g4, %f14 ! most significant 64 bits
638 sub $inp, $out, $blk_init ! $inp!=$out
641 sll $ileft, 3, $ileft
644 sub $iright, $ileft, $iright
647 movrnz $ooff, 0, $blk_init ! if ( $out&7 ||
648 movleu $::size_t_cc, 0, $blk_init ! $len<256 ||
649 brnz,pn $blk_init, .L${bits}_ctr32_blk ! $inp==$out)
650 srl $omask, $ooff, $omask
652 andcc $len, 16, %g0 ! is number of blocks even?
653 alignaddrl $out, %g0, $out
654 bz %icc, .L${bits}_ctr32_loop2x
656 .L${bits}_ctr32_loop:
662 sllx %o0, $ileft, %o0
663 srlx %o1, $iright, %g1
664 sllx %o1, $ileft, %o1
666 srlx %o2, $iright, %o2
669 xor %g5, %l7, %g1 ! ^= rk[0]
672 srl %l7, 0, %l7 ! clruw
673 prefetch [$out + 63], 22
674 prefetch [$inp + 16+63], 20
676 $::code.=<<___ if ($alg eq "aes");
677 aes_eround01 %f16, %f14, %f2, %f4
678 aes_eround23 %f18, %f14, %f2, %f2
680 $::code.=<<___ if ($alg eq "cmll");
681 camellia_f %f16, %f2, %f14, %f2
682 camellia_f %f18, %f14, %f2, %f0
685 call _${alg}${bits}_encrypt_1x+8
690 fxor %f10, %f0, %f0 ! ^= inp
698 brnz,pt $len, .L${bits}_ctr32_loop2x
705 2: ldxa [$inp]0x82, %o0 ! avoid read-after-write hazard
706 ! and ~3x deterioration
708 faligndata %f0, %f0, %f4 ! handle unaligned output
709 faligndata %f0, %f2, %f6
710 faligndata %f2, %f2, %f8
711 stda %f4, [$out + $omask]0xc0 ! partial store
714 orn %g0, $omask, $omask
715 stda %f8, [$out + $omask]0xc0 ! partial store
717 brnz,pt $len, .L${bits}_ctr32_loop2x+4
718 orn %g0, $omask, $omask
723 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
725 .L${bits}_ctr32_loop2x:
733 sllx %o0, $ileft, %o0
734 srlx %o1, $iright, %g1
736 sllx %o1, $ileft, %o1
737 srlx %o2, $iright, %g1
739 sllx %o2, $ileft, %o2
740 srlx %o3, $iright, %g1
742 sllx %o3, $ileft, %o3
743 srlx %o4, $iright, %o4
746 xor %g5, %l7, %g1 ! ^= rk[0]
749 srl %l7, 0, %l7 ! clruw
753 srl %l7, 0, %l7 ! clruw
754 prefetch [$out + 63], 22
755 prefetch [$inp + 32+63], 20
757 $::code.=<<___ if ($alg eq "aes");
758 aes_eround01 %f16, %f14, %f2, %f8
759 aes_eround23 %f18, %f14, %f2, %f2
760 aes_eround01 %f16, %f14, %f6, %f10
761 aes_eround23 %f18, %f14, %f6, %f6
763 $::code.=<<___ if ($alg eq "cmll");
764 camellia_f %f16, %f2, %f14, %f2
765 camellia_f %f16, %f6, %f14, %f6
766 camellia_f %f18, %f14, %f2, %f0
767 camellia_f %f18, %f14, %f6, %f4
770 call _${alg}${bits}_encrypt_2x+16
776 fxor %f8, %f0, %f0 ! ^= inp
789 brnz,pt $len, .L${bits}_ctr32_loop2x
796 2: ldxa [$inp]0x82, %o0 ! avoid read-after-write hazard
797 ! and ~3x deterioration
799 faligndata %f0, %f0, %f8 ! handle unaligned output
800 faligndata %f0, %f2, %f0
801 faligndata %f2, %f4, %f2
802 faligndata %f4, %f6, %f4
803 faligndata %f6, %f6, %f6
805 stda %f8, [$out + $omask]0xc0 ! partial store
810 orn %g0, $omask, $omask
811 stda %f6, [$out + $omask]0xc0 ! partial store
813 brnz,pt $len, .L${bits}_ctr32_loop2x+4
814 orn %g0, $omask, $omask
819 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
822 add $out, $len, $blk_init
823 and $blk_init, 63, $blk_init ! tail
824 sub $len, $blk_init, $len
825 add $blk_init, 15, $blk_init ! round up to 16n
827 srl $blk_init, 4, $blk_init
829 add $blk_init, 1, $blk_init
831 .L${bits}_ctr32_blk_loop2x:
839 sllx %o0, $ileft, %o0
840 srlx %o1, $iright, %g1
842 sllx %o1, $ileft, %o1
843 srlx %o2, $iright, %g1
845 sllx %o2, $ileft, %o2
846 srlx %o3, $iright, %g1
848 sllx %o3, $ileft, %o3
849 srlx %o4, $iright, %o4
852 xor %g5, %l7, %g1 ! ^= rk[0]
855 srl %l7, 0, %l7 ! clruw
859 srl %l7, 0, %l7 ! clruw
860 prefetch [$inp + 32+63], 20
862 $::code.=<<___ if ($alg eq "aes");
863 aes_eround01 %f16, %f14, %f2, %f8
864 aes_eround23 %f18, %f14, %f2, %f2
865 aes_eround01 %f16, %f14, %f6, %f10
866 aes_eround23 %f18, %f14, %f6, %f6
868 $::code.=<<___ if ($alg eq "cmll");
869 camellia_f %f16, %f2, %f14, %f2
870 camellia_f %f16, %f6, %f14, %f6
871 camellia_f %f18, %f14, %f2, %f0
872 camellia_f %f18, %f14, %f6, %f4
875 call _${alg}${bits}_encrypt_2x+16
882 fxor %f8, %f0, %f0 ! ^= inp
888 stda %f0, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
890 stda %f2, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
892 stda %f4, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
894 stda %f6, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
895 bgu,pt $::size_t_cc, .L${bits}_ctr32_blk_loop2x
898 add $blk_init, $len, $len
899 andcc $len, 1, %g0 ! is number of blocks even?
900 membar #StoreLoad|#StoreStore
901 bnz,pt %icc, .L${bits}_ctr32_loop
903 brnz,pn $len, .L${bits}_ctr32_loop2x
908 .type ${alg}${bits}_t4_ctr32_encrypt,#function
909 .size ${alg}${bits}_t4_ctr32_encrypt,.-${alg}${bits}_t4_ctr32_encrypt
913 sub alg_xts_implement {
914 my ($alg,$bits,$dir) = @_;
915 my ($inp,$out,$len,$key1,$key2,$ivec)=map("%i$_",(0..5));
919 .globl ${alg}${bits}_t4_xts_${dir}crypt
921 ${alg}${bits}_t4_xts_${dir}crypt:
922 save %sp, -$::frame-16, %sp
925 add %fp, $::bias-16, %o1
926 call ${alg}_t4_encrypt
929 add %fp, $::bias-16, %l7
931 add %fp, $::bias-8, %l7
932 ldxa [%l7]0x88, %g3 ! %g3:%g2 is tweak
934 sethi %hi(0x76543210), %l7
935 or %l7, %lo(0x76543210), %l7
936 bmask %l7, %g0, %g0 ! byte swap mask
939 prefetch [$inp + 63], 20
940 call _${alg}${bits}_load_${dir}ckey
944 $code.=<<___ if ($dir eq "de");
951 sub $inp, $out, $blk_init ! $inp!=$out
954 sll $ileft, 3, $ileft
957 sub $iright, $ileft, $iright
960 movrnz $ooff, 0, $blk_init ! if ( $out&7 ||
961 movleu $::size_t_cc, 0, $blk_init ! $len<256 ||
962 brnz,pn $blk_init, .L${bits}_xts_${dir}blk ! $inp==$out)
963 srl $omask, $ooff, $omask
965 andcc $len, 16, %g0 ! is number of blocks even?
967 $code.=<<___ if ($dir eq "de");
968 brz,pn $len, .L${bits}_xts_${dir}steal
971 alignaddrl $out, %g0, $out
972 bz %icc, .L${bits}_xts_${dir}loop2x
974 .L${bits}_xts_${dir}loop:
980 sllx %o0, $ileft, %o0
981 srlx %o1, $iright, %g1
982 sllx %o1, $ileft, %o1
984 srlx %o2, $iright, %o2
989 bshuffle %f12, %f12, %f12
990 bshuffle %f14, %f14, %f14
992 xor %g4, %o0, %o0 ! ^= rk[0]
997 fxor %f12, %f0, %f0 ! ^= tweak[0]
1000 prefetch [$out + 63], 22
1001 prefetch [$inp + 16+63], 20
1002 call _${alg}${bits}_${dir}crypt_1x
1005 fxor %f12, %f0, %f0 ! ^= tweak[0]
1008 srax %g3, 63, %l7 ! next tweak value
1019 brnz,pt $len, .L${bits}_xts_${dir}loop2x
1022 brnz,pn $rem, .L${bits}_xts_${dir}steal
1029 2: ldxa [$inp]0x82, %o0 ! avoid read-after-write hazard
1030 ! and ~3x deterioration
1032 faligndata %f0, %f0, %f4 ! handle unaligned output
1033 faligndata %f0, %f2, %f6
1034 faligndata %f2, %f2, %f8
1035 stda %f4, [$out + $omask]0xc0 ! partial store
1038 orn %g0, $omask, $omask
1039 stda %f8, [$out + $omask]0xc0 ! partial store
1041 brnz,pt $len, .L${bits}_xts_${dir}loop2x+4
1042 orn %g0, $omask, $omask
1044 brnz,pn $rem, .L${bits}_xts_${dir}steal
1050 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1052 .L${bits}_xts_${dir}loop2x:
1055 ldx [$inp + 16], %o2
1057 ldx [$inp + 24], %o3
1059 ldx [$inp + 32], %o4
1060 sllx %o0, $ileft, %o0
1061 srlx %o1, $iright, %g1
1063 sllx %o1, $ileft, %o1
1064 srlx %o2, $iright, %g1
1066 sllx %o2, $ileft, %o2
1067 srlx %o3, $iright, %g1
1069 sllx %o3, $ileft, %o3
1070 srlx %o4, $iright, %o4
1075 bshuffle %f12, %f12, %f12
1076 bshuffle %f14, %f14, %f14
1078 srax %g3, 63, %l7 ! next tweak value
1086 bshuffle %f8, %f8, %f8
1087 bshuffle %f10, %f10, %f10
1089 xor %g4, %o0, %o0 ! ^= rk[0]
1091 xor %g4, %o2, %o2 ! ^= rk[0]
1098 fxor %f12, %f0, %f0 ! ^= tweak[0]
1100 fxor %f8, %f4, %f4 ! ^= tweak[0]
1103 prefetch [$out + 63], 22
1104 prefetch [$inp + 32+63], 20
1105 call _${alg}${bits}_${dir}crypt_2x
1111 srax %g3, 63, %l7 ! next tweak value
1117 bshuffle %f8, %f8, %f8
1118 bshuffle %f10, %f10, %f10
1120 fxor %f12, %f0, %f0 ! ^= tweak[0]
1130 std %f4, [$out + 16]
1131 std %f6, [$out + 24]
1132 brnz,pt $len, .L${bits}_xts_${dir}loop2x
1137 brnz,pn $rem, .L${bits}_xts_${dir}steal
1144 2: ldxa [$inp]0x82, %o0 ! avoid read-after-write hazard
1145 ! and ~3x deterioration
1147 faligndata %f0, %f0, %f8 ! handle unaligned output
1148 faligndata %f0, %f2, %f10
1149 faligndata %f2, %f4, %f12
1150 faligndata %f4, %f6, %f14
1151 faligndata %f6, %f6, %f0
1153 stda %f8, [$out + $omask]0xc0 ! partial store
1154 std %f10, [$out + 8]
1155 std %f12, [$out + 16]
1156 std %f14, [$out + 24]
1158 orn %g0, $omask, $omask
1159 stda %f0, [$out + $omask]0xc0 ! partial store
1161 brnz,pt $len, .L${bits}_xts_${dir}loop2x+4
1162 orn %g0, $omask, $omask
1166 brnz,pn $rem, .L${bits}_xts_${dir}steal
1172 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1174 .L${bits}_xts_${dir}blk:
1175 add $out, $len, $blk_init
1176 and $blk_init, 63, $blk_init ! tail
1177 sub $len, $blk_init, $len
1178 add $blk_init, 15, $blk_init ! round up to 16n
1180 srl $blk_init, 4, $blk_init
1182 add $blk_init, 1, $blk_init
1184 .L${bits}_xts_${dir}blk2x:
1187 ldx [$inp + 16], %o2
1189 ldx [$inp + 24], %o3
1191 ldx [$inp + 32], %o4
1192 sllx %o0, $ileft, %o0
1193 srlx %o1, $iright, %g1
1195 sllx %o1, $ileft, %o1
1196 srlx %o2, $iright, %g1
1198 sllx %o2, $ileft, %o2
1199 srlx %o3, $iright, %g1
1201 sllx %o3, $ileft, %o3
1202 srlx %o4, $iright, %o4
1207 bshuffle %f12, %f12, %f12
1208 bshuffle %f14, %f14, %f14
1210 srax %g3, 63, %l7 ! next tweak value
1218 bshuffle %f8, %f8, %f8
1219 bshuffle %f10, %f10, %f10
1221 xor %g4, %o0, %o0 ! ^= rk[0]
1223 xor %g4, %o2, %o2 ! ^= rk[0]
1230 fxor %f12, %f0, %f0 ! ^= tweak[0]
1232 fxor %f8, %f4, %f4 ! ^= tweak[0]
1235 prefetch [$inp + 32+63], 20
1236 call _${alg}${bits}_${dir}crypt_2x
1242 srax %g3, 63, %l7 ! next tweak value
1248 bshuffle %f8, %f8, %f8
1249 bshuffle %f10, %f10, %f10
1251 fxor %f12, %f0, %f0 ! ^= tweak[0]
1257 stda %f0, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
1259 stda %f2, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
1261 stda %f4, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
1263 stda %f6, [$out]0xe2 ! ASI_BLK_INIT, T4-specific
1264 bgu,pt $::size_t_cc, .L${bits}_xts_${dir}blk2x
1267 add $blk_init, $len, $len
1268 andcc $len, 1, %g0 ! is number of blocks even?
1269 membar #StoreLoad|#StoreStore
1270 bnz,pt %icc, .L${bits}_xts_${dir}loop
1272 brnz,pn $len, .L${bits}_xts_${dir}loop2x
1277 brnz,pn $rem, .L${bits}_xts_${dir}steal
1282 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
1284 $code.=<<___ if ($dir eq "en");
1286 .L${bits}_xts_${dir}steal:
1287 std %f0, [%fp + $::bias-16] ! copy of output
1288 std %f2, [%fp + $::bias-8]
1290 srl $ileft, 3, $ileft
1291 add %fp, $::bias-16, %l7
1292 add $inp, $ileft, $inp ! original $inp+$len&-15
1293 add $out, $ooff, $out ! original $out+$len&-15
1297 .L${bits}_xts_${dir}stealing:
1298 ldub [$inp + $ileft], %o0
1299 ldub [%l7 + $ileft], %o1
1301 stb %o0, [%l7 + $ileft]
1302 stb %o1, [$out + $ileft]
1303 brnz $rem, .L${bits}_xts_${dir}stealing
1309 sub $out, $ooff, $out
1310 ba .L${bits}_xts_${dir}loop ! one more time
1311 mov 1, $len ! $rem is 0
1313 $code.=<<___ if ($dir eq "de");
1315 .L${bits}_xts_${dir}steal:
1320 ldx [$inp + 16], %o2
1321 sllx %o0, $ileft, %o0
1322 srlx %o1, $iright, %g1
1323 sllx %o1, $ileft, %o1
1325 srlx %o2, $iright, %o2
1328 srax %g3, 63, %l7 ! next tweak value
1336 bshuffle %f12, %f12, %f12
1337 bshuffle %f14, %f14, %f14
1339 xor %g4, %o0, %o0 ! ^= rk[0]
1344 fxor %f12, %f0, %f0 ! ^= tweak[0]
1347 call _${alg}${bits}_${dir}crypt_1x
1350 fxor %f12, %f0, %f0 ! ^= tweak[0]
1353 std %f0, [%fp + $::bias-16]
1354 std %f2, [%fp + $::bias-8]
1356 srl $ileft, 3, $ileft
1357 add %fp, $::bias-16, %l7
1358 add $inp, $ileft, $inp ! original $inp+$len&-15
1359 add $out, $ooff, $out ! original $out+$len&-15
1364 .L${bits}_xts_${dir}stealing:
1365 ldub [$inp + $ileft], %o0
1366 ldub [%l7 + $ileft], %o1
1368 stb %o0, [%l7 + $ileft]
1369 stb %o1, [$out + $ileft]
1370 brnz $rem, .L${bits}_xts_${dir}stealing
1376 sub $out, $ooff, $out
1377 ba .L${bits}_xts_${dir}loop ! one more time
1378 mov 1, $len ! $rem is 0
1383 .type ${alg}${bits}_t4_xts_${dir}crypt,#function
1384 .size ${alg}${bits}_t4_xts_${dir}crypt,.-${alg}${bits}_t4_xts_${dir}crypt
1388 # Purpose of these subroutines is to explicitly encode VIS instructions,
1389 # so that one can compile the module without having to specify VIS
1390 # extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
1391 # Idea is to reserve for option to produce "universal" binary and let
1392 # programmer detect if current CPU is VIS capable at run-time.
1394 my ($mnemonic,$rs1,$rs2,$rd)=@_;
1396 my %visopf = ( "faligndata" => 0x048,
1397 "bshuffle" => 0x04c,
1402 $ref = "$mnemonic\t$rs1,$rs2,$rd";
1404 if ($opf=$visopf{$mnemonic}) {
1405 foreach ($rs1,$rs2,$rd) {
1406 return $ref if (!/%f([0-9]{1,2})/);
1409 return $ref if ($1&1);
1410 # re-encode for upper double register addressing
1415 return sprintf ".word\t0x%08x !%s",
1416 0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
1424 my ($mnemonic,$rs1,$rs2,$rd)=@_;
1425 my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
1427 my %visopf = ( "addxc" => 0x011,
1430 "alignaddr" => 0x018,
1432 "alignaddrl" => 0x01a );
1434 $ref = "$mnemonic\t$rs1,$rs2,$rd";
1436 if ($opf=$visopf{$mnemonic}) {
1437 foreach ($rs1,$rs2,$rd) {
1438 return $ref if (!/%([goli])([0-9])/);
1442 return sprintf ".word\t0x%08x !%s",
1443 0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
1450 sub unaes_round { # 4-argument instructions
1451 my ($mnemonic,$rs1,$rs2,$rs3,$rd)=@_;
1453 my %aesopf = ( "aes_eround01" => 0,
1454 "aes_eround23" => 1,
1455 "aes_dround01" => 2,
1456 "aes_dround23" => 3,
1457 "aes_eround01_l"=> 4,
1458 "aes_eround23_l"=> 5,
1459 "aes_dround01_l"=> 6,
1460 "aes_dround23_l"=> 7,
1461 "aes_kexpand1" => 8 );
1463 $ref = "$mnemonic\t$rs1,$rs2,$rs3,$rd";
1465 if (defined($opf=$aesopf{$mnemonic})) {
1466 $rs3 = ($rs3 =~ /%f([0-6]*[02468])/) ? (($1|$1>>5)&31) : $rs3;
1467 foreach ($rs1,$rs2,$rd) {
1468 return $ref if (!/%f([0-9]{1,2})/);
1471 return $ref if ($1&1);
1472 # re-encode for upper double register addressing
1477 return sprintf ".word\t0x%08x !%s",
1478 2<<30|$rd<<25|0x19<<19|$rs1<<14|$rs3<<9|$opf<<5|$rs2,
1485 sub unaes_kexpand { # 3-argument instructions
1486 my ($mnemonic,$rs1,$rs2,$rd)=@_;
1488 my %aesopf = ( "aes_kexpand0" => 0x130,
1489 "aes_kexpand2" => 0x131 );
1491 $ref = "$mnemonic\t$rs1,$rs2,$rd";
1493 if (defined($opf=$aesopf{$mnemonic})) {
1494 foreach ($rs1,$rs2,$rd) {
1495 return $ref if (!/%f([0-9]{1,2})/);
1498 return $ref if ($1&1);
1499 # re-encode for upper double register addressing
1504 return sprintf ".word\t0x%08x !%s",
1505 2<<30|$rd<<25|0x36<<19|$rs1<<14|$opf<<5|$rs2,
1512 sub uncamellia_f { # 4-argument instructions
1513 my ($mnemonic,$rs1,$rs2,$rs3,$rd)=@_;
1516 $ref = "$mnemonic\t$rs1,$rs2,$rs3,$rd";
1519 $rs3 = ($rs3 =~ /%f([0-6]*[02468])/) ? (($1|$1>>5)&31) : $rs3;
1520 foreach ($rs1,$rs2,$rd) {
1521 return $ref if (!/%f([0-9]{1,2})/);
1524 return $ref if ($1&1);
1525 # re-encode for upper double register addressing
1530 return sprintf ".word\t0x%08x !%s",
1531 2<<30|$rd<<25|0x19<<19|$rs1<<14|$rs3<<9|0xc<<5|$rs2,
1538 sub uncamellia3 { # 3-argument instructions
1539 my ($mnemonic,$rs1,$rs2,$rd)=@_;
1541 my %cmllopf = ( "camellia_fl" => 0x13c,
1542 "camellia_fli" => 0x13d );
1544 $ref = "$mnemonic\t$rs1,$rs2,$rd";
1546 if (defined($opf=$cmllopf{$mnemonic})) {
1547 foreach ($rs1,$rs2,$rd) {
1548 return $ref if (!/%f([0-9]{1,2})/);
1551 return $ref if ($1&1);
1552 # re-encode for upper double register addressing
1557 return sprintf ".word\t0x%08x !%s",
1558 2<<30|$rd<<25|0x36<<19|$rs1<<14|$opf<<5|$rs2,
1565 sub unmovxtox { # 2-argument instructions
1566 my ($mnemonic,$rs,$rd)=@_;
1567 my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24, "f" => 0 );
1569 my %movxopf = ( "movdtox" => 0x110,
1570 "movstouw" => 0x111,
1571 "movstosw" => 0x113,
1573 "movwtos" => 0x119 );
1575 $ref = "$mnemonic\t$rs,$rd";
1577 if (defined($opf=$movxopf{$mnemonic})) {
1579 return $ref if (!/%([fgoli])([0-9]{1,2})/);
1582 return $ref if ($2&1);
1583 # re-encode for upper double register addressing
1588 return sprintf ".word\t0x%08x !%s",
1589 2<<30|$rd<<25|0x36<<19|$opf<<5|$rs,
1597 my ($mnemonic)=shift;
1600 my %desopf = ( "des_round" => 0b1001,
1601 "des_ip" => 0b100110100,
1602 "des_iip" => 0b100110101,
1603 "des_kexpand" => 0b100110110 );
1605 $ref = "$mnemonic\t".join(",",@_);
1607 if (defined($opf=$desopf{$mnemonic})) { # 4-arg
1608 if ($mnemonic eq "des_round") {
1609 foreach (@args[0..3]) {
1610 return $ref if (!/%f([0-9]{1,2})/);
1613 return $ref if ($1&1);
1614 # re-encode for upper double register addressing
1618 return sprintf ".word\t0x%08x !%s",
1619 2<<30|0b011001<<19|$opf<<5|$args[0]<<14|$args[1]|$args[2]<<9|$args[3]<<25,
1621 } elsif ($mnemonic eq "des_kexpand") { # 3-arg
1622 foreach (@args[0..2]) {
1623 return $ref if (!/(%f)?([0-9]{1,2})/);
1626 return $ref if ($2&1);
1627 # re-encode for upper double register addressing
1631 return sprintf ".word\t0x%08x !%s",
1632 2<<30|0b110110<<19|$opf<<5|$args[0]<<14|$args[1]|$args[2]<<25,
1635 foreach (@args[0..1]) {
1636 return $ref if (!/%f([0-9]{1,2})/);
1639 return $ref if ($2&1);
1640 # re-encode for upper double register addressing
1644 return sprintf ".word\t0x%08x !%s",
1645 2<<30|0b110110<<19|$opf<<5|$args[0]<<14|$args[1]<<25,
1653 sub emit_assembler {
1654 foreach (split("\n",$::code)) {
1655 s/\`([^\`]*)\`/eval $1/ge;
1657 s/\b(f[a-z]+2[sd]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})\s*$/$1\t%f0,$2,$3/go;
1659 s/\b(aes_[edk][^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*([%fx0-9]+),\s*(%f[0-9]{1,2})/
1660 &unaes_round($1,$2,$3,$4,$5)
1662 s/\b(aes_kexpand[02])\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
1663 &unaes_kexpand($1,$2,$3,$4)
1665 s/\b(camellia_f)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*([%fx0-9]+),\s*(%f[0-9]{1,2})/
1666 &uncamellia_f($1,$2,$3,$4,$5)
1668 s/\b(camellia_[^s]+)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
1669 &uncamellia3($1,$2,$3,$4)
1671 s/\b(des_\w+)\s+(%f[0-9]{1,2}),\s*([%fx0-9]+)(?:,\s*(%f[0-9]{1,2})(?:,\s*(%f[0-9]{1,2}))?)?/
1672 &undes($1,$2,$3,$4,$5)
1674 s/\b(mov[ds]to\w+)\s+(%f[0-9]{1,2}),\s*(%[goli][0-7])/
1675 &unmovxtox($1,$2,$3)
1677 s/\b(mov[xw]to[ds])\s+(%[goli][0-7]),\s*(%f[0-9]{1,2})/
1678 &unmovxtox($1,$2,$3)
1680 s/\b([fb][^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
1683 s/\b(umulxhi|bmask|addxc[c]{0,2}|alignaddr[l]*)\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
1684 &unvis3($1,$2,$3,$4)
projects / openssl.git / blob