3 # ====================================================================
4 # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
5 # project. The module is, however, dual licensed under OpenSSL and
6 # CRYPTOGAMS licenses depending on where you obtain it. For further
7 # details see http://www.openssl.org/~appro/cryptogams/.
8 # ====================================================================
10 # This module implements Poly1305 hash for SPARCv9, vanilla, as well
11 # as VIS3 and FMA extensions.
15 # Numbers are cycles per processed byte with poly1305_blocks alone.
19 # UltraSPARC III 11.9(**)
21 # SPARC T4 1.67(***) 6.55
24 # (*) Comparison to compiler-generated code is really problematic,
25 # because latter's performance varies too much depending on too
26 # many variables. For example, one can measure from 5x to 15x
27 # improvement on T4 for gcc-4.6. Well, in T4 case it's a bit
28 # unfair comparison, because compiler doesn't use VIS3, but
29 # given same initial conditions coefficient varies from 3x to 9x.
30 # (**) Pre-III performance should be even worse; floating-point
31 # performance for UltraSPARC I-IV on the other hand is reported
32 # to be 4.25 for hand-coded assembly, but they are just too old
34 # (***) Multi-process benchmark saturates at ~12.5x single-process
35 # result on 8-core processor, or ~21GBps per 2.85GHz socket.
37 my ($ctx,$inp,$len,$padbit,$shl,$shr) = map("%i$_",(0..5));
38 my ($r0,$r1,$r2,$r3,$s1,$s2,$s3,$h4) = map("%l$_",(0..7));
39 my ($h0,$h1,$h2,$h3, $t0,$t1,$t2) = map("%o$_",(0..5,7));
40 my ($d0,$d1,$d2,$d3) = map("%g$_",(1..4));
43 #include "sparc_arch.h"
46 .register %g2,#scratch
47 .register %g3,#scratch
54 #define LOCALS (STACK_BIAS+STACK_FRAME)
56 .section ".text",#alloc,#execinstr
65 save %sp,-STACK_FRAME-16,%sp
68 SPARC_LOAD_ADDRESS(OPENSSL_sparcv9cap_P,%g1)
71 and %g1,SPARCV9_FMADD|SPARCV9_PREFER_FPU|SPARCV9_VIS3,%g1
72 cmp %g1,SPARCV9_FMADD|SPARCV9_PREFER_FPU
73 be .Lpoly1305_init_fma
77 stx %g0,[$ctx+8] ! zero hash value
81 and $inp,7,$shr ! alignment factor
86 sethi %hi(0x0ffffffc),$t0
88 or $t0,%lo(0x0ffffffc),$t0
91 or $t0,$t1,$t1 ! 0x0ffffffc0ffffffc
92 or $t1,3,$t0 ! 0x0ffffffc0fffffff
94 ldxa [$inp+%g0]0x88,$h0 ! load little-endian key
95 brz,pt $shr,.Lkey_aligned
96 ldxa [$inp+$h1]0x88,$h1
98 ldxa [$inp+$h2]0x88,$h2
109 stx $h0,[$ctx+32+0] ! store key
112 andcc %g1,SPARCV9_VIS3,%g0
117 add %o7,poly1305_blocks_vis3-1b,%o7
119 add %o7,poly1305_emit-poly1305_blocks_vis3,%o5
121 STPTR %o5,[%i2+SIZE_T]
124 restore %g0,1,%o0 ! return 1
128 restore %g0,%g0,%o0 ! return 0
129 .size poly1305_init,.-poly1305_init
131 .globl poly1305_blocks
134 save %sp,-STACK_FRAME,%sp
137 brz,pn $len,.Lno_data
140 ld [$ctx+32+0],$r1 ! load key
145 ld [$ctx+0],$h1 ! load hash value
151 and $inp,7,$shr ! alignment factor
166 ldxa [$inp+%g0]0x88,$d0 ! load little-endian input
167 brz,pt $shr,.Linp_aligned
168 ldxa [$inp+$d1]0x88,$d1
170 ldxa [$inp+$d2]0x88,$d2
180 addcc $d0,$h0,$h0 ! accumulate input
240 srl $h4,2,$t0 ! final reduction step
251 st $h1,[$ctx+0] ! store hash value
260 .size poly1305_blocks,.-poly1305_blocks
262 ########################################################################
263 # VIS3 has umulxhi and addxc...
265 my ($H0,$H1,$H2,$R0,$R1,$S1,$T1) = map("%o$_",(0..5,7));
266 my ($D0,$D1,$D2,$T0) = map("%g$_",(1..4));
270 poly1305_blocks_vis3:
271 save %sp,-STACK_FRAME,%sp
274 brz,pn $len,.Lno_data
277 ldx [$ctx+32+0],$R0 ! load key
280 ldx [$ctx+0],$H0 ! load hash value
284 and $inp,7,$shr ! alignment factor
295 ldxa [$inp+%g0]0x88,$D0 ! load little-endian input
296 brz,pt $shr,.Linp_aligned_vis3
297 ldxa [$inp+$r1]0x88,$D1
299 ldxa [$inp+$r2]0x88,$D2
308 addcc $D0,$H0,$H0 ! accumulate input
313 mulx $R0,$H0,$D0 ! r0*h0
314 addxc $padbit,$H2,$H2
316 mulx $S1,$H1,$T0 ! s1*h1
319 mulx $R1,$H0,$T0 ! r1*h0
323 mulx $R0,$H1,$T0 ! r0*h1
327 mulx $S1,$H2,$T0 ! s1*h2
329 mulx $R0,$H2,$T1 ! r0*h2
333 srlx $D2,2,$T0 ! final reduction step
339 brnz,pt $len,.Loop_vis3
342 stx $H0,[$ctx+0] ! store hash value
348 .size poly1305_blocks_vis3,.-poly1305_blocks_vis3
351 my ($mac,$nonce) = ($inp,$len);
357 save %sp,-STACK_FRAME,%sp
359 ld [$ctx+0],$h1 ! load hash value
365 addcc $h0,5,$r0 ! compare to modulus
370 andcc $h4,4,%g0 ! did it carry/borrow?
373 ld [$nonce+0],$r0 ! load nonce
381 addcc $r0,$h0,$h0 ! accumulate nonce
387 stb $h0,[$mac+0] ! store little-endian result
420 .size poly1305_emit,.-poly1305_emit
424 my ($ctx,$inp,$len,$padbit) = map("%i$_",(0..3));
425 my ($in0,$in1,$in2,$in3,$in4) = map("%o$_",(0..4));
426 my ($i1,$step,$shr,$shl) = map("%l$_",(0..7));
429 my ($h0lo,$h0hi,$h1lo,$h1hi,$h2lo,$h2hi,$h3lo,$h3hi,
430 $two0,$two32,$two64,$two96,$two130,$five_two130,
431 $r0lo,$r0hi,$r1lo,$r1hi,$r2lo,$r2hi,
432 $s2lo,$s2hi,$s3lo,$s3hi,
433 $c0lo,$c0hi,$c1lo,$c1hi,$c2lo,$c2hi,$c3lo,$c3hi) = map("%f".2*$_,(0..31));
435 my ($r3lo,$r3hi,$s1lo,$s1hi) = ($c0lo,$c0hi,$c1lo,$c1hi);
436 my ($x0,$x1,$x2,$x3) = ($c2lo,$c2hi,$c3lo,$c3hi);
437 my ($y0,$y1,$y2,$y3) = ($c1lo,$c1hi,$c3hi,$c3lo);
442 save %sp,-STACK_FRAME-16,%sp
447 add %o7,.Lconsts_fma-1b,%o7
449 ldd [%o7+8*0],$two0 ! load constants
453 ldd [%o7+8*5],$five_two130
455 std $two0,[$ctx+8*0] ! initial hash value, biased 0
456 std $two32,[$ctx+8*1]
457 std $two64,[$ctx+8*2]
458 std $two96,[$ctx+8*3]
460 brz,pn $inp,.Lno_key_fma
463 stx %fsr,[%sp+LOCALS] ! save original %fsr
464 ldx [%o7+8*6],%fsr ! load new %fsr
466 std $two0,[$ctx+8*4] ! key "template"
467 std $two32,[$ctx+8*5]
468 std $two64,[$ctx+8*6]
469 std $two96,[$ctx+8*7]
472 andn $inp,7,$inp ! align pointer
478 ldxa [$inp+%g0]0x88,$in0 ! load little-endian key
479 ldxa [$inp+$i1]0x88,$in2
481 brz $shr,.Lkey_aligned_fma
482 sethi %hi(0xf0000000),$i1 ! 0xf0000000
484 ldxa [$inp+$i2]0x88,$in4
486 srlx $in0,$shr,$in0 ! align data
494 or $i1,3,$i2 ! 0xf0000003
496 andn $in0,$i1,$in0 ! &=0x0fffffff
497 andn $in1,$i2,$in1 ! &=0x0ffffffc
502 st $in0,[$ctx+`8*4+4`] ! fill "template"
503 st $in1,[$ctx+`8*5+4`]
504 st $in2,[$ctx+`8*6+4`]
505 st $in3,[$ctx+`8*7+4`]
507 ldd [$ctx+8*4],$h0lo ! load [biased] key
512 fsubd $h0lo,$two0, $h0lo ! r0
513 ldd [%o7+8*7],$two0 ! more constants
514 fsubd $h1lo,$two32,$h1lo ! r1
516 fsubd $h2lo,$two64,$h2lo ! r2
518 fsubd $h3lo,$two96,$h3lo ! r3
519 ldd [%o7+8*10],$two96
521 fmuld $five_two130,$h1lo,$s1lo ! s1
522 fmuld $five_two130,$h2lo,$s2lo ! s2
523 fmuld $five_two130,$h3lo,$s3lo ! s3
525 faddd $h0lo,$two0, $h0hi
526 faddd $h1lo,$two32,$h1hi
527 faddd $h2lo,$two64,$h2hi
528 faddd $h3lo,$two96,$h3hi
530 fsubd $h0hi,$two0, $h0hi
531 ldd [%o7+8*11],$two0 ! more constants
532 fsubd $h1hi,$two32,$h1hi
533 ldd [%o7+8*12],$two32
534 fsubd $h2hi,$two64,$h2hi
535 ldd [%o7+8*13],$two64
536 fsubd $h3hi,$two96,$h3hi
538 fsubd $h0lo,$h0hi,$h0lo
539 std $h0hi,[$ctx+8*5] ! r0hi
540 fsubd $h1lo,$h1hi,$h1lo
541 std $h1hi,[$ctx+8*7] ! r1hi
542 fsubd $h2lo,$h2hi,$h2lo
543 std $h2hi,[$ctx+8*9] ! r2hi
544 fsubd $h3lo,$h3hi,$h3lo
545 std $h3hi,[$ctx+8*11] ! r3hi
547 faddd $s1lo,$two0, $s1hi
548 faddd $s2lo,$two32,$s2hi
549 faddd $s3lo,$two64,$s3hi
551 fsubd $s1hi,$two0, $s1hi
552 fsubd $s2hi,$two32,$s2hi
553 fsubd $s3hi,$two64,$s3hi
555 fsubd $s1lo,$s1hi,$s1lo
556 fsubd $s2lo,$s2hi,$s2lo
557 fsubd $s3lo,$s3hi,$s3lo
559 ldx [%sp+LOCALS],%fsr ! restore %fsr
561 std $h0lo,[$ctx+8*4] ! r0lo
562 std $h1lo,[$ctx+8*6] ! r1lo
563 std $h2lo,[$ctx+8*8] ! r2lo
564 std $h3lo,[$ctx+8*10] ! r3lo
566 std $s1hi,[$ctx+8*13]
567 std $s2hi,[$ctx+8*15]
568 std $s3hi,[$ctx+8*17]
570 std $s1lo,[$ctx+8*12]
571 std $s2lo,[$ctx+8*14]
572 std $s3lo,[$ctx+8*16]
574 add %o7,poly1305_blocks_fma-.Lconsts_fma,%o0
575 add %o7,poly1305_emit_fma-.Lconsts_fma,%o1
577 STPTR %o1,[%i2+SIZE_T]
580 restore %g0,1,%o0 ! return 1
584 restore %g0,%g0,%o0 ! return 0
585 .size poly1305_init_fma,.-poly1305_init_fma
589 save %sp,-STACK_FRAME-48,%sp
596 add %o7,.Lconsts_fma-1b,%o7
598 ldd [%o7+8*0],$two0 ! load constants
602 ldd [%o7+8*4],$two130
603 ldd [%o7+8*5],$five_two130
605 ldd [$ctx+8*0],$h0lo ! load [biased] hash value
610 std $two0,[%sp+LOCALS+8*0] ! input "template"
611 sethi %hi((1023+52+96)<<20),$in3
612 std $two32,[%sp+LOCALS+8*1]
614 std $two64,[%sp+LOCALS+8*2]
615 st $in3,[%sp+LOCALS+8*3]
618 andn $inp,7,$inp ! align pointer
624 ldxa [$inp+%g0]0x88,$in0 ! load little-endian input
625 brz $shr,.Linp_aligned_fma
626 ldxa [$inp+$i1]0x88,$in2
628 ldxa [$inp+$step]0x88,$in4
631 srlx $in0,$shr,$in0 ! align data
636 srlx $in4,$shr,$in4 ! pre-shift
643 add $step,$inp,$inp ! conditional advance
645 st $in0,[%sp+LOCALS+8*0+4] ! fill "template"
646 st $in1,[%sp+LOCALS+8*1+4]
647 st $in2,[%sp+LOCALS+8*2+4]
648 st $in3,[%sp+LOCALS+8*3+4]
650 ldd [$ctx+8*4],$r0lo ! load key
656 ldd [$ctx+8*10],$r3lo
657 ldd [$ctx+8*11],$r3hi
658 ldd [$ctx+8*12],$s1lo
659 ldd [$ctx+8*13],$s1hi
660 ldd [$ctx+8*14],$s2lo
661 ldd [$ctx+8*15],$s2hi
662 ldd [$ctx+8*16],$s3lo
663 ldd [$ctx+8*17],$s3hi
665 stx %fsr,[%sp+LOCALS+8*4] ! save original %fsr
666 ldx [%o7+8*6],%fsr ! load new %fsr
671 ldd [%sp+LOCALS+8*0],$x0 ! load biased input
672 ldd [%sp+LOCALS+8*1],$x1
673 ldd [%sp+LOCALS+8*2],$x2
674 ldd [%sp+LOCALS+8*3],$x3
676 fsubd $h0lo,$two0, $h0lo ! de-bias hash value
677 fsubd $h1lo,$two32,$h1lo
678 ldxa [$inp+%g0]0x88,$in0 ! modulo-scheduled input load
679 fsubd $h2lo,$two64,$h2lo
680 fsubd $h3lo,$two96,$h3lo
681 ldxa [$inp+$i1]0x88,$in2
683 fsubd $x0,$two0, $x0 ! de-bias input
688 brz $shr,.Linp_aligned_fma2
689 add $step,$inp,$inp ! conditional advance
691 sllx $in0,$shl,$in1 ! align data
695 srlx $in2,$shr,$in4 ! pre-shift
701 faddd $h0lo,$x0,$x0 ! accumulate input
702 stw $in0,[%sp+LOCALS+8*0+4]
704 stw $in1,[%sp+LOCALS+8*1+4]
706 stw $in2,[%sp+LOCALS+8*2+4]
708 stw $in3,[%sp+LOCALS+8*3+4]
715 ldxa [$inp+%g0]0x88,$in0 ! modulo-scheduled input load
716 ldxa [$inp+$i1]0x88,$in2
719 faddd $y0,$h0lo,$h0lo ! accumulate input
720 faddd $y1,$h0hi,$h0hi
721 faddd $y2,$h2lo,$h2lo
722 faddd $y3,$h2hi,$h2hi
724 brz,pn $shr,.Linp_aligned_fma3
725 add $step,$inp,$inp ! conditional advance
727 sllx $in0,$shl,$in1 ! align data
731 srlx $in2,$shr,$in4 ! pre-shift
735 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! base 2^48 -> base 2^32
736 faddd $two64,$h1lo,$c1lo
738 faddd $two64,$h1hi,$c1hi
740 faddd $two130,$h3lo,$c3lo
741 st $in0,[%sp+LOCALS+8*0+4] ! fill "template"
742 faddd $two130,$h3hi,$c3hi
743 st $in1,[%sp+LOCALS+8*1+4]
744 faddd $two32,$h0lo,$c0lo
745 st $in2,[%sp+LOCALS+8*2+4]
746 faddd $two32,$h0hi,$c0hi
747 st $in3,[%sp+LOCALS+8*3+4]
748 faddd $two96,$h2lo,$c2lo
749 faddd $two96,$h2hi,$c2hi
751 fsubd $c1lo,$two64,$c1lo
752 fsubd $c1hi,$two64,$c1hi
753 fsubd $c3lo,$two130,$c3lo
754 fsubd $c3hi,$two130,$c3hi
755 fsubd $c0lo,$two32,$c0lo
756 fsubd $c0hi,$two32,$c0hi
757 fsubd $c2lo,$two96,$c2lo
758 fsubd $c2hi,$two96,$c2hi
760 fsubd $h1lo,$c1lo,$h1lo
761 fsubd $h1hi,$c1hi,$h1hi
762 fsubd $h3lo,$c3lo,$h3lo
763 fsubd $h3hi,$c3hi,$h3hi
764 fsubd $h2lo,$c2lo,$h2lo
765 fsubd $h2hi,$c2hi,$h2hi
766 fsubd $h0lo,$c0lo,$h0lo
767 fsubd $h0hi,$c0hi,$h0hi
769 faddd $h1lo,$c0lo,$h1lo
770 faddd $h1hi,$c0hi,$h1hi
771 faddd $h3lo,$c2lo,$h3lo
772 faddd $h3hi,$c2hi,$h3hi
773 faddd $h2lo,$c1lo,$h2lo
774 faddd $h2hi,$c1hi,$h2hi
775 fmaddd $five_two130,$c3lo,$h0lo,$h0lo
776 fmaddd $five_two130,$c3hi,$h0hi,$h0hi
778 faddd $h1lo,$h1hi,$x1
779 ldd [$ctx+8*12],$s1lo ! reload constants
780 faddd $h3lo,$h3hi,$x3
781 ldd [$ctx+8*13],$s1hi
782 faddd $h2lo,$h2hi,$x2
783 ldd [$ctx+8*10],$r3lo
784 faddd $h0lo,$h0hi,$x0
785 ldd [$ctx+8*11],$r3hi
788 fmuld $x1,$s3lo,$h0lo
789 fmuld $x1,$s3hi,$h0hi
790 fmuld $x1,$r1lo,$h2lo
791 fmuld $x1,$r1hi,$h2hi
792 fmuld $x1,$r0lo,$h1lo
793 fmuld $x1,$r0hi,$h1hi
794 fmuld $x1,$r2lo,$h3lo
795 fmuld $x1,$r2hi,$h3hi
797 fmaddd $x3,$s1lo,$h0lo,$h0lo
798 fmaddd $x3,$s1hi,$h0hi,$h0hi
799 fmaddd $x3,$s3lo,$h2lo,$h2lo
800 fmaddd $x3,$s3hi,$h2hi,$h2hi
801 fmaddd $x3,$s2lo,$h1lo,$h1lo
802 fmaddd $x3,$s2hi,$h1hi,$h1hi
803 fmaddd $x3,$r0lo,$h3lo,$h3lo
804 fmaddd $x3,$r0hi,$h3hi,$h3hi
806 fmaddd $x2,$s2lo,$h0lo,$h0lo
807 fmaddd $x2,$s2hi,$h0hi,$h0hi
808 fmaddd $x2,$r0lo,$h2lo,$h2lo
809 fmaddd $x2,$r0hi,$h2hi,$h2hi
810 fmaddd $x2,$s3lo,$h1lo,$h1lo
811 ldd [%sp+LOCALS+8*0],$y0 ! load [biased] input
812 fmaddd $x2,$s3hi,$h1hi,$h1hi
813 ldd [%sp+LOCALS+8*1],$y1
814 fmaddd $x2,$r1lo,$h3lo,$h3lo
815 ldd [%sp+LOCALS+8*2],$y2
816 fmaddd $x2,$r1hi,$h3hi,$h3hi
817 ldd [%sp+LOCALS+8*3],$y3
819 fmaddd $x0,$r0lo,$h0lo,$h0lo
820 fsubd $y0,$two0, $y0 ! de-bias input
821 fmaddd $x0,$r0hi,$h0hi,$h0hi
823 fmaddd $x0,$r2lo,$h2lo,$h2lo
825 fmaddd $x0,$r2hi,$h2hi,$h2hi
827 fmaddd $x0,$r1lo,$h1lo,$h1lo
828 fmaddd $x0,$r1hi,$h1hi,$h1hi
829 fmaddd $x0,$r3lo,$h3lo,$h3lo
830 fmaddd $x0,$r3hi,$h3hi,$h3hi
832 bcc SIZE_T_CC,.Loop_fma
835 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! base 2^48 -> base 2^32
836 faddd $h0lo,$two32,$c0lo
837 faddd $h0hi,$two32,$c0hi
838 faddd $h2lo,$two96,$c2lo
839 faddd $h2hi,$two96,$c2hi
840 faddd $h1lo,$two64,$c1lo
841 faddd $h1hi,$two64,$c1hi
842 faddd $h3lo,$two130,$c3lo
843 faddd $h3hi,$two130,$c3hi
845 fsubd $c0lo,$two32,$c0lo
846 fsubd $c0hi,$two32,$c0hi
847 fsubd $c2lo,$two96,$c2lo
848 fsubd $c2hi,$two96,$c2hi
849 fsubd $c1lo,$two64,$c1lo
850 fsubd $c1hi,$two64,$c1hi
851 fsubd $c3lo,$two130,$c3lo
852 fsubd $c3hi,$two130,$c3hi
854 fsubd $h1lo,$c1lo,$h1lo
855 fsubd $h1hi,$c1hi,$h1hi
856 fsubd $h3lo,$c3lo,$h3lo
857 fsubd $h3hi,$c3hi,$h3hi
858 fsubd $h2lo,$c2lo,$h2lo
859 fsubd $h2hi,$c2hi,$h2hi
860 fsubd $h0lo,$c0lo,$h0lo
861 fsubd $h0hi,$c0hi,$h0hi
863 faddd $h1lo,$c0lo,$h1lo
864 faddd $h1hi,$c0hi,$h1hi
865 faddd $h3lo,$c2lo,$h3lo
866 faddd $h3hi,$c2hi,$h3hi
867 faddd $h2lo,$c1lo,$h2lo
868 faddd $h2hi,$c1hi,$h2hi
869 fmaddd $five_two130,$c3lo,$h0lo,$h0lo
870 fmaddd $five_two130,$c3hi,$h0hi,$h0hi
872 faddd $h1lo,$h1hi,$x1
873 faddd $h3lo,$h3hi,$x3
874 faddd $h2lo,$h2hi,$x2
875 faddd $h0lo,$h0hi,$x0
877 faddd $x1,$two32,$x1 ! bias
882 ldx [%sp+LOCALS+8*4],%fsr ! restore saved %fsr
884 std $x1,[$ctx+8*1] ! store [biased] hash value
892 .size poly1305_blocks_fma,.-poly1305_blocks_fma
895 my ($mac,$nonce)=($inp,$len);
897 my ($h0,$h1,$h2,$h3,$h4, $d0,$d1,$d2,$d3, $mask
898 ) = (map("%l$_",(0..5)),map("%o$_",(0..4)));
903 save %sp,-STACK_FRAME,%sp
905 ld [$ctx+8*0+0],$d0 ! load hash
914 sethi %hi(0xfff00000),$mask
915 andn $d0,$mask,$d0 ! mask exponent
918 andn $d3,$mask,$d3 ! can be partially reduced...
921 srl $d3,2,$padbit ! ... so reduce
932 addcc $h0,5,$d0 ! compare to modulus
938 srl $mask,2,$mask ! did it carry/borrow?
940 sra $mask,31,$mask ! mask
947 ld [$nonce+0],$d0 ! load nonce
959 addcc $d0,$h0,$h0 ! accumulate nonce
964 stb $h0,[$mac+0] ! write little-endian result
998 .size poly1305_emit_fma,.-poly1305_emit_fma
1005 .word 0x43300000,0x00000000 ! 2^(52+0)
1006 .word 0x45300000,0x00000000 ! 2^(52+32)
1007 .word 0x47300000,0x00000000 ! 2^(52+64)
1008 .word 0x49300000,0x00000000 ! 2^(52+96)
1009 .word 0x4b500000,0x00000000 ! 2^(52+130)
1011 .word 0x37f40000,0x00000000 ! 5/2^130
1012 .word 0,1<<30 ! fsr: truncate, no exceptions
1014 .word 0x44300000,0x00000000 ! 2^(52+16+0)
1015 .word 0x46300000,0x00000000 ! 2^(52+16+32)
1016 .word 0x48300000,0x00000000 ! 2^(52+16+64)
1017 .word 0x4a300000,0x00000000 ! 2^(52+16+96)
1018 .word 0x3e300000,0x00000000 ! 2^(52+16+0-96)
1019 .word 0x40300000,0x00000000 ! 2^(52+16+32-96)
1020 .word 0x42300000,0x00000000 ! 2^(52+16+64-96)
1021 .asciz "Poly1305 for SPARCv9/VIS3/FMA, CRYPTOGAMS by <appro\@openssl.org>"
1026 # Purpose of these subroutines is to explicitly encode VIS instructions,
1027 # so that one can compile the module without having to specify VIS
1028 # extensions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
1029 # Idea is to reserve for option to produce "universal" binary and let
1030 # programmer detect if current CPU is VIS capable at run-time.
1032 my ($mnemonic,$rs1,$rs2,$rd)=@_;
1033 my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
1035 my %visopf = ( "addxc" => 0x011,
1037 "umulxhi" => 0x016 );
1039 $ref = "$mnemonic\t$rs1,$rs2,$rd";
1041 if ($opf=$visopf{$mnemonic}) {
1042 foreach ($rs1,$rs2,$rd) {
1043 return $ref if (!/%([goli])([0-9])/);
1047 return sprintf ".word\t0x%08x !%s",
1048 0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
1056 my ($mnemonic,$rs1,$rs2,$rs3,$rd)=@_;
1058 my %fmaopf = ( "fmadds" => 0x1,
1063 $ref = "$mnemonic\t$rs1,$rs2,$rs3,$rd";
1065 if ($opf=$fmaopf{$mnemonic}) {
1066 foreach ($rs1,$rs2,$rs3,$rd) {
1067 return $ref if (!/%f([0-9]{1,2})/);
1070 return $ref if ($1&1);
1071 # re-encode for upper double register addressing
1076 return sprintf ".word\t0x%08x !%s",
1077 0x81b80000|$rd<<25|$rs1<<14|$rs3<<9|$opf<<5|$rs2,
1084 foreach (split("\n",$code)) {
1085 s/\`([^\`]*)\`/eval $1/ge;
1087 s/\b(umulxhi|addxc[c]{0,2})\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
1088 &unvis3($1,$2,$3,$4)
1090 s/\b(fmadd[sd])\s+(%f[0-9]+),\s*(%f[0-9]+),\s*(%f[0-9]+),\s*(%f[0-9]+)/
1091 &unfma($1,$2,$3,$4,$5)