OSCL-LXR linux-6.0.1/​arch/​x86/​crypto/​sm4-aesni-avx-asm_64.S	Source navigation Diff markup Identifier search General search
	Version: linux-6.0.1 spark-3.0.0 hadoop-3.2.0-src hadoop-3.3.0-src spark-2.4.7 linux-4.15.13 hadoop-2.7.4-src Revert   Change

 /* SPDX-License-Identifier: GPL-2.0-or-later */
 /*
  * SM4 Cipher Algorithm, AES-NI/AVX optimized.
  * as specified in
  * https://tools.ietf.org/id/draft-ribose-cfrg-sm4-10.html
  *
  * Copyright (C) 2018 Markku-Juhani O. Saarinen <mjos@iki.fi>
  * Copyright (C) 2020 Jussi Kivilinna <jussi.kivilinna@iki.fi>
  * Copyright (c) 2021 Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
  */
 
 /* Based on SM4 AES-NI work by libgcrypt and Markku-Juhani O. Saarinen at:
  *  https://github.com/mjosaarinen/sm4ni
  */
 
 #include <linux/linkage.h>
 #include <asm/frame.h>
 
 #define rRIP         (%rip)
 
 #define RX0          %xmm0
 #define RX1          %xmm1
 #define MASK_4BIT    %xmm2
 #define RTMP0        %xmm3
 #define RTMP1        %xmm4
 #define RTMP2        %xmm5
 #define RTMP3        %xmm6
 #define RTMP4        %xmm7
 
 #define RA0          %xmm8
 #define RA1          %xmm9
 #define RA2          %xmm10
 #define RA3          %xmm11
 
 #define RB0          %xmm12
 #define RB1          %xmm13
 #define RB2          %xmm14
 #define RB3          %xmm15
 
 #define RNOT         %xmm0
 #define RBSWAP       %xmm1
 
 
 /* Transpose four 32-bit words between 128-bit vectors. */
 #define transpose_4x4(x0, x1, x2, x3, t1, t2) \
     vpunpckhdq x1, x0, t2;                \
     vpunpckldq x1, x0, x0;                \
                                           \
     vpunpckldq x3, x2, t1;                \
     vpunpckhdq x3, x2, x2;                \
                                           \
     vpunpckhqdq t1, x0, x1;               \
     vpunpcklqdq t1, x0, x0;               \
                                           \
     vpunpckhqdq x2, t2, x3;               \
     vpunpcklqdq x2, t2, x2;
 
 /* pre-SubByte transform. */
 #define transform_pre(x, lo_t, hi_t, mask4bit, tmp0) \
     vpand x, mask4bit, tmp0;                     \
     vpandn x, mask4bit, x;                       \
     vpsrld $4, x, x;                             \
                                                  \
     vpshufb tmp0, lo_t, tmp0;                    \
     vpshufb x, hi_t, x;                          \
     vpxor tmp0, x, x;
 
 /* post-SubByte transform. Note: x has been XOR'ed with mask4bit by
  * 'vaeslastenc' instruction.
  */
 #define transform_post(x, lo_t, hi_t, mask4bit, tmp0) \
     vpandn mask4bit, x, tmp0;                     \
     vpsrld $4, x, x;                              \
     vpand x, mask4bit, x;                         \
                                                   \
     vpshufb tmp0, lo_t, tmp0;                     \
     vpshufb x, hi_t, x;                           \
     vpxor tmp0, x, x;
 
 
 .section    .rodata.cst16, "aM", @progbits, 16
 .align 16
 
 /*
  * Following four affine transform look-up tables are from work by
  * Markku-Juhani O. Saarinen, at https://github.com/mjosaarinen/sm4ni
  *
  * These allow exposing SM4 S-Box from AES SubByte.
  */
 
 /* pre-SubByte affine transform, from SM4 field to AES field. */
 .Lpre_tf_lo_s:
     .quad 0x9197E2E474720701, 0xC7C1B4B222245157
 .Lpre_tf_hi_s:
     .quad 0xE240AB09EB49A200, 0xF052B91BF95BB012
 
 /* post-SubByte affine transform, from AES field to SM4 field. */
 .Lpost_tf_lo_s:
     .quad 0x5B67F2CEA19D0834, 0xEDD14478172BBE82
 .Lpost_tf_hi_s:
     .quad 0xAE7201DD73AFDC00, 0x11CDBE62CC1063BF
 
 /* For isolating SubBytes from AESENCLAST, inverse shift row */
 .Linv_shift_row:
     .byte 0x00, 0x0d, 0x0a, 0x07, 0x04, 0x01, 0x0e, 0x0b
     .byte 0x08, 0x05, 0x02, 0x0f, 0x0c, 0x09, 0x06, 0x03
 
 /* Inverse shift row + Rotate left by 8 bits on 32-bit words with vpshufb */
 .Linv_shift_row_rol_8:
     .byte 0x07, 0x00, 0x0d, 0x0a, 0x0b, 0x04, 0x01, 0x0e
     .byte 0x0f, 0x08, 0x05, 0x02, 0x03, 0x0c, 0x09, 0x06
 
 /* Inverse shift row + Rotate left by 16 bits on 32-bit words with vpshufb */
 .Linv_shift_row_rol_16:
     .byte 0x0a, 0x07, 0x00, 0x0d, 0x0e, 0x0b, 0x04, 0x01
     .byte 0x02, 0x0f, 0x08, 0x05, 0x06, 0x03, 0x0c, 0x09
 
 /* Inverse shift row + Rotate left by 24 bits on 32-bit words with vpshufb */
 .Linv_shift_row_rol_24:
     .byte 0x0d, 0x0a, 0x07, 0x00, 0x01, 0x0e, 0x0b, 0x04
     .byte 0x05, 0x02, 0x0f, 0x08, 0x09, 0x06, 0x03, 0x0c
 
 /* For CTR-mode IV byteswap */
 .Lbswap128_mask:
     .byte 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0
 
 /* For input word byte-swap */
 .Lbswap32_mask:
     .byte 3, 2, 1, 0, 7, 6, 5, 4, 11, 10, 9, 8, 15, 14, 13, 12
 
 .align 4
 /* 4-bit mask */
 .L0f0f0f0f:
     .long 0x0f0f0f0f
 
 /* 12 bytes, only for padding */
 .Lpadding_deadbeef:
     .long 0xdeadbeef, 0xdeadbeef, 0xdeadbeef
 
 
 .text
 .align 16
 
 /*
  * void sm4_aesni_avx_crypt4(const u32 *rk, u8 *dst,
  *                           const u8 *src, int nblocks)
  */
 .align 8
 SYM_FUNC_START(sm4_aesni_avx_crypt4)
     /* input:
      *  %rdi: round key array, CTX
      *  %rsi: dst (1..4 blocks)
      *  %rdx: src (1..4 blocks)
      *  %rcx: num blocks (1..4)
      */
     FRAME_BEGIN
 
     vmovdqu 0*16(%rdx), RA0;
     vmovdqa RA0, RA1;
     vmovdqa RA0, RA2;
     vmovdqa RA0, RA3;
     cmpq $2, %rcx;
     jb .Lblk4_load_input_done;
     vmovdqu 1*16(%rdx), RA1;
     je .Lblk4_load_input_done;
     vmovdqu 2*16(%rdx), RA2;
     cmpq $3, %rcx;
     je .Lblk4_load_input_done;
     vmovdqu 3*16(%rdx), RA3;
 
 .Lblk4_load_input_done:
 
     vmovdqa .Lbswap32_mask rRIP, RTMP2;
     vpshufb RTMP2, RA0, RA0;
     vpshufb RTMP2, RA1, RA1;
     vpshufb RTMP2, RA2, RA2;
     vpshufb RTMP2, RA3, RA3;
 
     vbroadcastss .L0f0f0f0f rRIP, MASK_4BIT;
     vmovdqa .Lpre_tf_lo_s rRIP, RTMP4;
     vmovdqa .Lpre_tf_hi_s rRIP, RB0;
     vmovdqa .Lpost_tf_lo_s rRIP, RB1;
     vmovdqa .Lpost_tf_hi_s rRIP, RB2;
     vmovdqa .Linv_shift_row rRIP, RB3;
     vmovdqa .Linv_shift_row_rol_8 rRIP, RTMP2;
     vmovdqa .Linv_shift_row_rol_16 rRIP, RTMP3;
     transpose_4x4(RA0, RA1, RA2, RA3, RTMP0, RTMP1);
 
 #define ROUND(round, s0, s1, s2, s3)                                \
     vbroadcastss (4*(round))(%rdi), RX0;                        \
     vpxor s1, RX0, RX0;                                         \
     vpxor s2, RX0, RX0;                                         \
     vpxor s3, RX0, RX0; /* s1 ^ s2 ^ s3 ^ rk */                 \
                                                                 \
     /* sbox, non-linear part */                                 \
     transform_pre(RX0, RTMP4, RB0, MASK_4BIT, RTMP0);           \
     vaesenclast MASK_4BIT, RX0, RX0;                            \
     transform_post(RX0, RB1, RB2, MASK_4BIT, RTMP0);            \
                                                                 \
     /* linear part */                                           \
     vpshufb RB3, RX0, RTMP0;                                    \
     vpxor RTMP0, s0, s0; /* s0 ^ x */                           \
     vpshufb RTMP2, RX0, RTMP1;                                  \
     vpxor RTMP1, RTMP0, RTMP0; /* x ^ rol(x,8) */               \
     vpshufb RTMP3, RX0, RTMP1;                                  \
     vpxor RTMP1, RTMP0, RTMP0; /* x ^ rol(x,8) ^ rol(x,16) */   \
     vpshufb .Linv_shift_row_rol_24 rRIP, RX0, RTMP1;            \
     vpxor RTMP1, s0, s0; /* s0 ^ x ^ rol(x,24) */               \
     vpslld $2, RTMP0, RTMP1;                                    \
     vpsrld $30, RTMP0, RTMP0;                                   \
     vpxor RTMP0, s0, s0;                                        \
     /* s0 ^ x ^ rol(x,2) ^ rol(x,10) ^ rol(x,18) ^ rol(x,24) */ \
     vpxor RTMP1, s0, s0;
 
     leaq (32*4)(%rdi), %rax;
 .align 16
 .Lroundloop_blk4:
     ROUND(0, RA0, RA1, RA2, RA3);
     ROUND(1, RA1, RA2, RA3, RA0);
     ROUND(2, RA2, RA3, RA0, RA1);
     ROUND(3, RA3, RA0, RA1, RA2);
     leaq (4*4)(%rdi), %rdi;
     cmpq %rax, %rdi;
     jne .Lroundloop_blk4;
 
 #undef ROUND
 
     vmovdqa .Lbswap128_mask rRIP, RTMP2;
 
     transpose_4x4(RA0, RA1, RA2, RA3, RTMP0, RTMP1);
     vpshufb RTMP2, RA0, RA0;
     vpshufb RTMP2, RA1, RA1;
     vpshufb RTMP2, RA2, RA2;
     vpshufb RTMP2, RA3, RA3;
 
     vmovdqu RA0, 0*16(%rsi);
     cmpq $2, %rcx;
     jb .Lblk4_store_output_done;
     vmovdqu RA1, 1*16(%rsi);
     je .Lblk4_store_output_done;
     vmovdqu RA2, 2*16(%rsi);
     cmpq $3, %rcx;
     je .Lblk4_store_output_done;
     vmovdqu RA3, 3*16(%rsi);
 
 .Lblk4_store_output_done:
     vzeroall;
     FRAME_END
     RET;
 SYM_FUNC_END(sm4_aesni_avx_crypt4)
 
 .align 8
 SYM_FUNC_START_LOCAL(__sm4_crypt_blk8)
     /* input:
      *  %rdi: round key array, CTX
      *  RA0, RA1, RA2, RA3, RB0, RB1, RB2, RB3: eight parallel
      *                      plaintext blocks
      * output:
      *  RA0, RA1, RA2, RA3, RB0, RB1, RB2, RB3: eight parallel
      *                      ciphertext blocks
      */
     FRAME_BEGIN
 
     vmovdqa .Lbswap32_mask rRIP, RTMP2;
     vpshufb RTMP2, RA0, RA0;
     vpshufb RTMP2, RA1, RA1;
     vpshufb RTMP2, RA2, RA2;
     vpshufb RTMP2, RA3, RA3;
     vpshufb RTMP2, RB0, RB0;
     vpshufb RTMP2, RB1, RB1;
     vpshufb RTMP2, RB2, RB2;
     vpshufb RTMP2, RB3, RB3;
 
     vbroadcastss .L0f0f0f0f rRIP, MASK_4BIT;
     transpose_4x4(RA0, RA1, RA2, RA3, RTMP0, RTMP1);
     transpose_4x4(RB0, RB1, RB2, RB3, RTMP0, RTMP1);
 
 #define ROUND(round, s0, s1, s2, s3, r0, r1, r2, r3)                \
     vbroadcastss (4*(round))(%rdi), RX0;                        \
     vmovdqa .Lpre_tf_lo_s rRIP, RTMP4;                          \
     vmovdqa .Lpre_tf_hi_s rRIP, RTMP1;                          \
     vmovdqa RX0, RX1;                                           \
     vpxor s1, RX0, RX0;                                         \
     vpxor s2, RX0, RX0;                                         \
     vpxor s3, RX0, RX0; /* s1 ^ s2 ^ s3 ^ rk */                 \
     vmovdqa .Lpost_tf_lo_s rRIP, RTMP2;                         \
     vmovdqa .Lpost_tf_hi_s rRIP, RTMP3;                         \
     vpxor r1, RX1, RX1;                                         \
     vpxor r2, RX1, RX1;                                         \
     vpxor r3, RX1, RX1; /* r1 ^ r2 ^ r3 ^ rk */                 \
                                                                     \
     /* sbox, non-linear part */                                 \
     transform_pre(RX0, RTMP4, RTMP1, MASK_4BIT, RTMP0);         \
     transform_pre(RX1, RTMP4, RTMP1, MASK_4BIT, RTMP0);         \
     vmovdqa .Linv_shift_row rRIP, RTMP4;                        \
     vaesenclast MASK_4BIT, RX0, RX0;                            \
     vaesenclast MASK_4BIT, RX1, RX1;                            \
     transform_post(RX0, RTMP2, RTMP3, MASK_4BIT, RTMP0);        \
     transform_post(RX1, RTMP2, RTMP3, MASK_4BIT, RTMP0);        \
                                                                     \
     /* linear part */                                           \
     vpshufb RTMP4, RX0, RTMP0;                                  \
     vpxor RTMP0, s0, s0; /* s0 ^ x */                           \
     vpshufb RTMP4, RX1, RTMP2;                                  \
     vmovdqa .Linv_shift_row_rol_8 rRIP, RTMP4;                  \
     vpxor RTMP2, r0, r0; /* r0 ^ x */                           \
     vpshufb RTMP4, RX0, RTMP1;                                  \
     vpxor RTMP1, RTMP0, RTMP0; /* x ^ rol(x,8) */               \
     vpshufb RTMP4, RX1, RTMP3;                                  \
     vmovdqa .Linv_shift_row_rol_16 rRIP, RTMP4;                 \
     vpxor RTMP3, RTMP2, RTMP2; /* x ^ rol(x,8) */               \
     vpshufb RTMP4, RX0, RTMP1;                                  \
     vpxor RTMP1, RTMP0, RTMP0; /* x ^ rol(x,8) ^ rol(x,16) */   \
     vpshufb RTMP4, RX1, RTMP3;                                  \
     vmovdqa .Linv_shift_row_rol_24 rRIP, RTMP4;                 \
     vpxor RTMP3, RTMP2, RTMP2; /* x ^ rol(x,8) ^ rol(x,16) */   \
     vpshufb RTMP4, RX0, RTMP1;                                  \
     vpxor RTMP1, s0, s0; /* s0 ^ x ^ rol(x,24) */               \
     /* s0 ^ x ^ rol(x,2) ^ rol(x,10) ^ rol(x,18) ^ rol(x,24) */ \
     vpslld $2, RTMP0, RTMP1;                                    \
     vpsrld $30, RTMP0, RTMP0;                                   \
     vpxor RTMP0, s0, s0;                                        \
     vpxor RTMP1, s0, s0;                                        \
     vpshufb RTMP4, RX1, RTMP3;                                  \
     vpxor RTMP3, r0, r0; /* r0 ^ x ^ rol(x,24) */               \
     /* r0 ^ x ^ rol(x,2) ^ rol(x,10) ^ rol(x,18) ^ rol(x,24) */ \
     vpslld $2, RTMP2, RTMP3;                                    \
     vpsrld $30, RTMP2, RTMP2;                                   \
     vpxor RTMP2, r0, r0;                                        \
     vpxor RTMP3, r0, r0;
 
     leaq (32*4)(%rdi), %rax;
 .align 16
 .Lroundloop_blk8:
     ROUND(0, RA0, RA1, RA2, RA3, RB0, RB1, RB2, RB3);
     ROUND(1, RA1, RA2, RA3, RA0, RB1, RB2, RB3, RB0);
     ROUND(2, RA2, RA3, RA0, RA1, RB2, RB3, RB0, RB1);
     ROUND(3, RA3, RA0, RA1, RA2, RB3, RB0, RB1, RB2);
     leaq (4*4)(%rdi), %rdi;
     cmpq %rax, %rdi;
     jne .Lroundloop_blk8;
 
 #undef ROUND
 
     vmovdqa .Lbswap128_mask rRIP, RTMP2;
 
     transpose_4x4(RA0, RA1, RA2, RA3, RTMP0, RTMP1);
     transpose_4x4(RB0, RB1, RB2, RB3, RTMP0, RTMP1);
     vpshufb RTMP2, RA0, RA0;
     vpshufb RTMP2, RA1, RA1;
     vpshufb RTMP2, RA2, RA2;
     vpshufb RTMP2, RA3, RA3;
     vpshufb RTMP2, RB0, RB0;
     vpshufb RTMP2, RB1, RB1;
     vpshufb RTMP2, RB2, RB2;
     vpshufb RTMP2, RB3, RB3;
 
     FRAME_END
     RET;
 SYM_FUNC_END(__sm4_crypt_blk8)
 
 /*
  * void sm4_aesni_avx_crypt8(const u32 *rk, u8 *dst,
  *                           const u8 *src, int nblocks)
  */
 .align 8
 SYM_FUNC_START(sm4_aesni_avx_crypt8)
     /* input:
      *  %rdi: round key array, CTX
      *  %rsi: dst (1..8 blocks)
      *  %rdx: src (1..8 blocks)
      *  %rcx: num blocks (1..8)
      */
     cmpq $5, %rcx;
     jb sm4_aesni_avx_crypt4;
 
     FRAME_BEGIN
 
     vmovdqu (0 * 16)(%rdx), RA0;
     vmovdqu (1 * 16)(%rdx), RA1;
     vmovdqu (2 * 16)(%rdx), RA2;
     vmovdqu (3 * 16)(%rdx), RA3;
     vmovdqu (4 * 16)(%rdx), RB0;
     vmovdqa RB0, RB1;
     vmovdqa RB0, RB2;
     vmovdqa RB0, RB3;
     je .Lblk8_load_input_done;
     vmovdqu (5 * 16)(%rdx), RB1;
     cmpq $7, %rcx;
     jb .Lblk8_load_input_done;
     vmovdqu (6 * 16)(%rdx), RB2;
     je .Lblk8_load_input_done;
     vmovdqu (7 * 16)(%rdx), RB3;
 
 .Lblk8_load_input_done:
     call __sm4_crypt_blk8;
 
     cmpq $6, %rcx;
     vmovdqu RA0, (0 * 16)(%rsi);
     vmovdqu RA1, (1 * 16)(%rsi);
     vmovdqu RA2, (2 * 16)(%rsi);
     vmovdqu RA3, (3 * 16)(%rsi);
     vmovdqu RB0, (4 * 16)(%rsi);
     jb .Lblk8_store_output_done;
     vmovdqu RB1, (5 * 16)(%rsi);
     je .Lblk8_store_output_done;
     vmovdqu RB2, (6 * 16)(%rsi);
     cmpq $7, %rcx;
     je .Lblk8_store_output_done;
     vmovdqu RB3, (7 * 16)(%rsi);
 
 .Lblk8_store_output_done:
     vzeroall;
     FRAME_END
     RET;
 SYM_FUNC_END(sm4_aesni_avx_crypt8)
 
 /*
  * void sm4_aesni_avx_ctr_enc_blk8(const u32 *rk, u8 *dst,
  *                                 const u8 *src, u8 *iv)
  */
 .align 8
 SYM_FUNC_START(sm4_aesni_avx_ctr_enc_blk8)
     /* input:
      *  %rdi: round key array, CTX
      *  %rsi: dst (8 blocks)
      *  %rdx: src (8 blocks)
      *  %rcx: iv (big endian, 128bit)
      */
     FRAME_BEGIN
 
     /* load IV and byteswap */
     vmovdqu (%rcx), RA0;
 
     vmovdqa .Lbswap128_mask rRIP, RBSWAP;
     vpshufb RBSWAP, RA0, RTMP0; /* be => le */
 
     vpcmpeqd RNOT, RNOT, RNOT;
     vpsrldq $8, RNOT, RNOT; /* low: -1, high: 0 */
 
 #define inc_le128(x, minus_one, tmp) \
     vpcmpeqq minus_one, x, tmp;  \
     vpsubq minus_one, x, x;      \
     vpslldq $8, tmp, tmp;        \
     vpsubq tmp, x, x;
 
     /* construct IVs */
     inc_le128(RTMP0, RNOT, RTMP2); /* +1 */
     vpshufb RBSWAP, RTMP0, RA1;
     inc_le128(RTMP0, RNOT, RTMP2); /* +2 */
     vpshufb RBSWAP, RTMP0, RA2;
     inc_le128(RTMP0, RNOT, RTMP2); /* +3 */
     vpshufb RBSWAP, RTMP0, RA3;
     inc_le128(RTMP0, RNOT, RTMP2); /* +4 */
     vpshufb RBSWAP, RTMP0, RB0;
     inc_le128(RTMP0, RNOT, RTMP2); /* +5 */
     vpshufb RBSWAP, RTMP0, RB1;
     inc_le128(RTMP0, RNOT, RTMP2); /* +6 */
     vpshufb RBSWAP, RTMP0, RB2;
     inc_le128(RTMP0, RNOT, RTMP2); /* +7 */
     vpshufb RBSWAP, RTMP0, RB3;
     inc_le128(RTMP0, RNOT, RTMP2); /* +8 */
     vpshufb RBSWAP, RTMP0, RTMP1;
 
     /* store new IV */
     vmovdqu RTMP1, (%rcx);
 
     call __sm4_crypt_blk8;
 
     vpxor (0 * 16)(%rdx), RA0, RA0;
     vpxor (1 * 16)(%rdx), RA1, RA1;
     vpxor (2 * 16)(%rdx), RA2, RA2;
     vpxor (3 * 16)(%rdx), RA3, RA3;
     vpxor (4 * 16)(%rdx), RB0, RB0;
     vpxor (5 * 16)(%rdx), RB1, RB1;
     vpxor (6 * 16)(%rdx), RB2, RB2;
     vpxor (7 * 16)(%rdx), RB3, RB3;
 
     vmovdqu RA0, (0 * 16)(%rsi);
     vmovdqu RA1, (1 * 16)(%rsi);
     vmovdqu RA2, (2 * 16)(%rsi);
     vmovdqu RA3, (3 * 16)(%rsi);
     vmovdqu RB0, (4 * 16)(%rsi);
     vmovdqu RB1, (5 * 16)(%rsi);
     vmovdqu RB2, (6 * 16)(%rsi);
     vmovdqu RB3, (7 * 16)(%rsi);
 
     vzeroall;
     FRAME_END
     RET;
 SYM_FUNC_END(sm4_aesni_avx_ctr_enc_blk8)
 
 /*
  * void sm4_aesni_avx_cbc_dec_blk8(const u32 *rk, u8 *dst,
  *                                 const u8 *src, u8 *iv)
  */
 .align 8
 SYM_FUNC_START(sm4_aesni_avx_cbc_dec_blk8)
     /* input:
      *  %rdi: round key array, CTX
      *  %rsi: dst (8 blocks)
      *  %rdx: src (8 blocks)
      *  %rcx: iv
      */
     FRAME_BEGIN
 
     vmovdqu (0 * 16)(%rdx), RA0;
     vmovdqu (1 * 16)(%rdx), RA1;
     vmovdqu (2 * 16)(%rdx), RA2;
     vmovdqu (3 * 16)(%rdx), RA3;
     vmovdqu (4 * 16)(%rdx), RB0;
     vmovdqu (5 * 16)(%rdx), RB1;
     vmovdqu (6 * 16)(%rdx), RB2;
     vmovdqu (7 * 16)(%rdx), RB3;
 
     call __sm4_crypt_blk8;
 
     vmovdqu (7 * 16)(%rdx), RNOT;
     vpxor (%rcx), RA0, RA0;
     vpxor (0 * 16)(%rdx), RA1, RA1;
     vpxor (1 * 16)(%rdx), RA2, RA2;
     vpxor (2 * 16)(%rdx), RA3, RA3;
     vpxor (3 * 16)(%rdx), RB0, RB0;
     vpxor (4 * 16)(%rdx), RB1, RB1;
     vpxor (5 * 16)(%rdx), RB2, RB2;
     vpxor (6 * 16)(%rdx), RB3, RB3;
     vmovdqu RNOT, (%rcx); /* store new IV */
 
     vmovdqu RA0, (0 * 16)(%rsi);
     vmovdqu RA1, (1 * 16)(%rsi);
     vmovdqu RA2, (2 * 16)(%rsi);
     vmovdqu RA3, (3 * 16)(%rsi);
     vmovdqu RB0, (4 * 16)(%rsi);
     vmovdqu RB1, (5 * 16)(%rsi);
     vmovdqu RB2, (6 * 16)(%rsi);
     vmovdqu RB3, (7 * 16)(%rsi);
 
     vzeroall;
     FRAME_END
     RET;
 SYM_FUNC_END(sm4_aesni_avx_cbc_dec_blk8)
 
 /*
  * void sm4_aesni_avx_cfb_dec_blk8(const u32 *rk, u8 *dst,
  *                                 const u8 *src, u8 *iv)
  */
 .align 8
 SYM_FUNC_START(sm4_aesni_avx_cfb_dec_blk8)
     /* input:
      *  %rdi: round key array, CTX
      *  %rsi: dst (8 blocks)
      *  %rdx: src (8 blocks)
      *  %rcx: iv
      */
     FRAME_BEGIN
 
     /* Load input */
     vmovdqu (%rcx), RA0;
     vmovdqu 0 * 16(%rdx), RA1;
     vmovdqu 1 * 16(%rdx), RA2;
     vmovdqu 2 * 16(%rdx), RA3;
     vmovdqu 3 * 16(%rdx), RB0;
     vmovdqu 4 * 16(%rdx), RB1;
     vmovdqu 5 * 16(%rdx), RB2;
     vmovdqu 6 * 16(%rdx), RB3;
 
     /* Update IV */
     vmovdqu 7 * 16(%rdx), RNOT;
     vmovdqu RNOT, (%rcx);
 
     call __sm4_crypt_blk8;
 
     vpxor (0 * 16)(%rdx), RA0, RA0;
     vpxor (1 * 16)(%rdx), RA1, RA1;
     vpxor (2 * 16)(%rdx), RA2, RA2;
     vpxor (3 * 16)(%rdx), RA3, RA3;
     vpxor (4 * 16)(%rdx), RB0, RB0;
     vpxor (5 * 16)(%rdx), RB1, RB1;
     vpxor (6 * 16)(%rdx), RB2, RB2;
     vpxor (7 * 16)(%rdx), RB3, RB3;
 
     vmovdqu RA0, (0 * 16)(%rsi);
     vmovdqu RA1, (1 * 16)(%rsi);
     vmovdqu RA2, (2 * 16)(%rsi);
     vmovdqu RA3, (3 * 16)(%rsi);
     vmovdqu RB0, (4 * 16)(%rsi);
     vmovdqu RB1, (5 * 16)(%rsi);
     vmovdqu RB2, (6 * 16)(%rsi);
     vmovdqu RB3, (7 * 16)(%rsi);
 
     vzeroall;
     FRAME_END
     RET;
 SYM_FUNC_END(sm4_aesni_avx_cfb_dec_blk8)

This page was automatically generated by the 2.1.0 LXR engine. The LXR team