rc4/asm/rc4-x86_64.pl

60662d10Schristos#! /usr/bin/env perl
*1dcdf01fSchristos# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
*1dcdf01fSchristos#
*1dcdf01fSchristos# Licensed under the OpenSSL license (the "License").  You may not use
*1dcdf01fSchristos# this file except in compliance with the License.  You can obtain a copy
*1dcdf01fSchristos# in the file LICENSE in the source distribution or at
*1dcdf01fSchristos# https://www.openssl.org/source/license.html
*1dcdf01fSchristos
60662d10Schristos#
60662d10Schristos# ====================================================================
*1dcdf01fSchristos# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
60662d10Schristos# project. The module is, however, dual licensed under OpenSSL and
60662d10Schristos# CRYPTOGAMS licenses depending on where you obtain it. For further
60662d10Schristos# details see http://www.openssl.org/~appro/cryptogams/.
60662d10Schristos# ====================================================================
60662d10Schristos#
60662d10Schristos# July 2004
60662d10Schristos#
60662d10Schristos# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
60662d10Schristos# "hand-coded assembler"] doesn't stand for the whole improvement
60662d10Schristos# coefficient. It turned out that eliminating RC4_CHAR from config
60662d10Schristos# line results in ~40% improvement (yes, even for C implementation).
60662d10Schristos# Presumably it has everything to do with AMD cache architecture and
60662d10Schristos# RAW or whatever penalties. Once again! The module *requires* config
60662d10Schristos# line *without* RC4_CHAR! As for coding "secret," I bet on partial
60662d10Schristos# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
60662d10Schristos# I simply 'inc %r8b'. Even though optimization manual discourages
60662d10Schristos# to operate on partial registers, it turned out to be the best bet.
60662d10Schristos# At least for AMD... How IA32E would perform remains to be seen...
60662d10Schristos
60662d10Schristos# November 2004
60662d10Schristos#
60662d10Schristos# As was shown by Marc Bevand reordering of couple of load operations
60662d10Schristos# results in even higher performance gain of 3.3x:-) At least on
60662d10Schristos# Opteron... For reference, 1x in this case is RC4_CHAR C-code
60662d10Schristos# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
60662d10Schristos# Latter means that if you want to *estimate* what to expect from
60662d10Schristos# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz.
60662d10Schristos
60662d10Schristos# November 2004
60662d10Schristos#
60662d10Schristos# Intel P4 EM64T core was found to run the AMD64 code really slow...
60662d10Schristos# The only way to achieve comparable performance on P4 was to keep
60662d10Schristos# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
60662d10Schristos# compose blended code, which would perform even within 30% marginal
60662d10Schristos# on either AMD and Intel platforms, I implement both cases. See
60662d10Schristos# rc4_skey.c for further details...
60662d10Schristos
60662d10Schristos# April 2005
60662d10Schristos#
60662d10Schristos# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing
60662d10Schristos# those with add/sub results in 50% performance improvement of folded
60662d10Schristos# loop...
60662d10Schristos
60662d10Schristos# May 2005
60662d10Schristos#
60662d10Schristos# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
60662d10Schristos# performance by >30% [unlike P4 32-bit case that is]. But this is
60662d10Schristos# provided that loads are reordered even more aggressively! Both code
*1dcdf01fSchristos# paths, AMD64 and EM64T, reorder loads in essentially same manner
60662d10Schristos# as my IA-64 implementation. On Opteron this resulted in modest 5%
60662d10Schristos# improvement [I had to test it], while final Intel P4 performance
60662d10Schristos# achieves respectful 432MBps on 2.8GHz processor now. For reference.
60662d10Schristos# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than
60662d10Schristos# RC4_INT code-path. While if executed on Opteron, it's only 25%
60662d10Schristos# slower than the RC4_INT one [meaning that if CPU µ-arch detection
60662d10Schristos# is not implemented, then this final RC4_CHAR code-path should be
60662d10Schristos# preferred, as it provides better *all-round* performance].
60662d10Schristos
60662d10Schristos# March 2007
60662d10Schristos#
60662d10Schristos# Intel Core2 was observed to perform poorly on both code paths:-( It
60662d10Schristos# apparently suffers from some kind of partial register stall, which
60662d10Schristos# occurs in 64-bit mode only [as virtually identical 32-bit loop was
60662d10Schristos# observed to outperform 64-bit one by almost 50%]. Adding two movzb to
60662d10Schristos# cloop1 boosts its performance by 80%! This loop appears to be optimal
60662d10Schristos# fit for Core2 and therefore the code was modified to skip cloop8 on
60662d10Schristos# this CPU.
60662d10Schristos
60662d10Schristos# May 2010
60662d10Schristos#
60662d10Schristos# Intel Westmere was observed to perform suboptimally. Adding yet
60662d10Schristos# another movzb to cloop1 improved performance by almost 50%! Core2
60662d10Schristos# performance is improved too, but nominally...
60662d10Schristos
60662d10Schristos# May 2011
60662d10Schristos#
60662d10Schristos# The only code path that was not modified is P4-specific one. Non-P4
60662d10Schristos# Intel code path optimization is heavily based on submission by Maxim
60662d10Schristos# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used
*1dcdf01fSchristos# some of the ideas even in attempt to optimize the original RC4_INT
60662d10Schristos# code path... Current performance in cycles per processed byte (less
60662d10Schristos# is better) and improvement coefficients relative to previous
60662d10Schristos# version of this module are:
60662d10Schristos#
60662d10Schristos# Opteron	5.3/+0%(*)
60662d10Schristos# P4		6.5
60662d10Schristos# Core2		6.2/+15%(**)
60662d10Schristos# Westmere	4.2/+60%
60662d10Schristos# Sandy Bridge	4.2/+120%
60662d10Schristos# Atom		9.3/+80%
*1dcdf01fSchristos# VIA Nano	6.4/+4%
*1dcdf01fSchristos# Ivy Bridge	4.1/+30%
*1dcdf01fSchristos# Bulldozer	4.5/+30%(*)
60662d10Schristos#
60662d10Schristos# (*)	But corresponding loop has less instructions, which should have
60662d10Schristos#	positive effect on upcoming Bulldozer, which has one less ALU.
60662d10Schristos#	For reference, Intel code runs at 6.8 cpb rate on Opteron.
60662d10Schristos# (**)	Note that Core2 result is ~15% lower than corresponding result
60662d10Schristos#	for 32-bit code, meaning that it's possible to improve it,
60662d10Schristos#	but more than likely at the cost of the others (see rc4-586.pl
60662d10Schristos#	to get the idea)...
60662d10Schristos
60662d10Schristos$flavour = shift;
60662d10Schristos$output  = shift;
60662d10Schristosif ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
60662d10Schristos
60662d10Schristos$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
60662d10Schristos
60662d10Schristos$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
60662d10Schristos( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
60662d10Schristos( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
60662d10Schristosdie "can't locate x86_64-xlate.pl";
60662d10Schristos
*1dcdf01fSchristosopen OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
60662d10Schristos*STDOUT=*OUT;
60662d10Schristos
60662d10Schristos$dat="%rdi";	    # arg1
60662d10Schristos$len="%rsi";	    # arg2
60662d10Schristos$inp="%rdx";	    # arg3
60662d10Schristos$out="%rcx";	    # arg4
60662d10Schristos
60662d10Schristos{
60662d10Schristos$code=<<___;
60662d10Schristos.text
60662d10Schristos.extern	OPENSSL_ia32cap_P
60662d10Schristos
60662d10Schristos.globl	RC4
60662d10Schristos.type	RC4,\@function,4
60662d10Schristos.align	16
*1dcdf01fSchristosRC4:
*1dcdf01fSchristos.cfi_startproc
*1dcdf01fSchristos	or	$len,$len
60662d10Schristos	jne	.Lentry
60662d10Schristos	ret
60662d10Schristos.Lentry:
60662d10Schristos	push	%rbx
*1dcdf01fSchristos.cfi_push	%rbx
60662d10Schristos	push	%r12
*1dcdf01fSchristos.cfi_push	%r12
60662d10Schristos	push	%r13
*1dcdf01fSchristos.cfi_push	%r13
60662d10Schristos.Lprologue:
60662d10Schristos	mov	$len,%r11
60662d10Schristos	mov	$inp,%r12
60662d10Schristos	mov	$out,%r13
60662d10Schristos___
60662d10Schristosmy $len="%r11";		# reassign input arguments
60662d10Schristosmy $inp="%r12";
60662d10Schristosmy $out="%r13";
60662d10Schristos
60662d10Schristosmy @XX=("%r10","%rsi");
60662d10Schristosmy @TX=("%rax","%rbx");
60662d10Schristosmy $YY="%rcx";
60662d10Schristosmy $TY="%rdx";
60662d10Schristos
60662d10Schristos$code.=<<___;
60662d10Schristos	xor	$XX[0],$XX[0]
60662d10Schristos	xor	$YY,$YY
60662d10Schristos
60662d10Schristos	lea	8($dat),$dat
60662d10Schristos	mov	-8($dat),$XX[0]#b
60662d10Schristos	mov	-4($dat),$YY#b
60662d10Schristos	cmpl	\$-1,256($dat)
60662d10Schristos	je	.LRC4_CHAR
60662d10Schristos	mov	OPENSSL_ia32cap_P(%rip),%r8d
60662d10Schristos	xor	$TX[1],$TX[1]
60662d10Schristos	inc	$XX[0]#b
60662d10Schristos	sub	$XX[0],$TX[1]
60662d10Schristos	sub	$inp,$out
60662d10Schristos	movl	($dat,$XX[0],4),$TX[0]#d
60662d10Schristos	test	\$-16,$len
60662d10Schristos	jz	.Lloop1
60662d10Schristos	bt	\$30,%r8d	# Intel CPU?
60662d10Schristos	jc	.Lintel
60662d10Schristos	and	\$7,$TX[1]
60662d10Schristos	lea	1($XX[0]),$XX[1]
60662d10Schristos	jz	.Loop8
60662d10Schristos	sub	$TX[1],$len
60662d10Schristos.Loop8_warmup:
60662d10Schristos	add	$TX[0]#b,$YY#b
60662d10Schristos	movl	($dat,$YY,4),$TY#d
60662d10Schristos	movl	$TX[0]#d,($dat,$YY,4)
60662d10Schristos	movl	$TY#d,($dat,$XX[0],4)
60662d10Schristos	add	$TY#b,$TX[0]#b
60662d10Schristos	inc	$XX[0]#b
60662d10Schristos	movl	($dat,$TX[0],4),$TY#d
60662d10Schristos	movl	($dat,$XX[0],4),$TX[0]#d
60662d10Schristos	xorb	($inp),$TY#b
60662d10Schristos	movb	$TY#b,($out,$inp)
60662d10Schristos	lea	1($inp),$inp
60662d10Schristos	dec	$TX[1]
60662d10Schristos	jnz	.Loop8_warmup
60662d10Schristos
60662d10Schristos	lea	1($XX[0]),$XX[1]
60662d10Schristos	jmp	.Loop8
60662d10Schristos.align	16
60662d10Schristos.Loop8:
60662d10Schristos___
60662d10Schristosfor ($i=0;$i<8;$i++) {
60662d10Schristos$code.=<<___ if ($i==7);
60662d10Schristos	add	\$8,$XX[1]#b
60662d10Schristos___
60662d10Schristos$code.=<<___;
60662d10Schristos	add	$TX[0]#b,$YY#b
60662d10Schristos	movl	($dat,$YY,4),$TY#d
60662d10Schristos	movl	$TX[0]#d,($dat,$YY,4)
60662d10Schristos	movl	`4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d
60662d10Schristos	ror	\$8,%r8				# ror is redundant when $i=0
60662d10Schristos	movl	$TY#d,4*$i($dat,$XX[0],4)
60662d10Schristos	add	$TX[0]#b,$TY#b
60662d10Schristos	movb	($dat,$TY,4),%r8b
60662d10Schristos___
60662d10Schristospush(@TX,shift(@TX)); #push(@XX,shift(@XX));	# "rotate" registers
60662d10Schristos}
60662d10Schristos$code.=<<___;
60662d10Schristos	add	\$8,$XX[0]#b
60662d10Schristos	ror	\$8,%r8
60662d10Schristos	sub	\$8,$len
60662d10Schristos
60662d10Schristos	xor	($inp),%r8
60662d10Schristos	mov	%r8,($out,$inp)
60662d10Schristos	lea	8($inp),$inp
60662d10Schristos
60662d10Schristos	test	\$-8,$len
60662d10Schristos	jnz	.Loop8
60662d10Schristos	cmp	\$0,$len
60662d10Schristos	jne	.Lloop1
60662d10Schristos	jmp	.Lexit
60662d10Schristos
60662d10Schristos.align	16
60662d10Schristos.Lintel:
60662d10Schristos	test	\$-32,$len
60662d10Schristos	jz	.Lloop1
60662d10Schristos	and	\$15,$TX[1]
60662d10Schristos	jz	.Loop16_is_hot
60662d10Schristos	sub	$TX[1],$len
60662d10Schristos.Loop16_warmup:
60662d10Schristos	add	$TX[0]#b,$YY#b
60662d10Schristos	movl	($dat,$YY,4),$TY#d
60662d10Schristos	movl	$TX[0]#d,($dat,$YY,4)
60662d10Schristos	movl	$TY#d,($dat,$XX[0],4)
60662d10Schristos	add	$TY#b,$TX[0]#b
60662d10Schristos	inc	$XX[0]#b
60662d10Schristos	movl	($dat,$TX[0],4),$TY#d
60662d10Schristos	movl	($dat,$XX[0],4),$TX[0]#d
60662d10Schristos	xorb	($inp),$TY#b
60662d10Schristos	movb	$TY#b,($out,$inp)
60662d10Schristos	lea	1($inp),$inp
60662d10Schristos	dec	$TX[1]
60662d10Schristos	jnz	.Loop16_warmup
60662d10Schristos
60662d10Schristos	mov	$YY,$TX[1]
60662d10Schristos	xor	$YY,$YY
60662d10Schristos	mov	$TX[1]#b,$YY#b
60662d10Schristos
60662d10Schristos.Loop16_is_hot:
60662d10Schristos	lea	($dat,$XX[0],4),$XX[1]
60662d10Schristos___
60662d10Schristossub RC4_loop {
60662d10Schristos  my $i=shift;
60662d10Schristos  my $j=$i<0?0:$i;
60662d10Schristos  my $xmm="%xmm".($j&1);
60662d10Schristos
60662d10Schristos    $code.="	add	\$16,$XX[0]#b\n"		if ($i==15);
60662d10Schristos    $code.="	movdqu	($inp),%xmm2\n"			if ($i==15);
60662d10Schristos    $code.="	add	$TX[0]#b,$YY#b\n"		if ($i<=0);
60662d10Schristos    $code.="	movl	($dat,$YY,4),$TY#d\n";
60662d10Schristos    $code.="	pxor	%xmm0,%xmm2\n"			if ($i==0);
60662d10Schristos    $code.="	psllq	\$8,%xmm1\n"			if ($i==0);
60662d10Schristos    $code.="	pxor	$xmm,$xmm\n"			if ($i<=1);
60662d10Schristos    $code.="	movl	$TX[0]#d,($dat,$YY,4)\n";
60662d10Schristos    $code.="	add	$TY#b,$TX[0]#b\n";
60662d10Schristos    $code.="	movl	`4*($j+1)`($XX[1]),$TX[1]#d\n"	if ($i<15);
60662d10Schristos    $code.="	movz	$TX[0]#b,$TX[0]#d\n";
60662d10Schristos    $code.="	movl	$TY#d,4*$j($XX[1])\n";
60662d10Schristos    $code.="	pxor	%xmm1,%xmm2\n"			if ($i==0);
60662d10Schristos    $code.="	lea	($dat,$XX[0],4),$XX[1]\n"	if ($i==15);
60662d10Schristos    $code.="	add	$TX[1]#b,$YY#b\n"		if ($i<15);
60662d10Schristos    $code.="	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n";
60662d10Schristos    $code.="	movdqu	%xmm2,($out,$inp)\n"		if ($i==0);
60662d10Schristos    $code.="	lea	16($inp),$inp\n"		if ($i==0);
60662d10Schristos    $code.="	movl	($XX[1]),$TX[1]#d\n"		if ($i==15);
60662d10Schristos}
60662d10Schristos	RC4_loop(-1);
60662d10Schristos$code.=<<___;
60662d10Schristos	jmp	.Loop16_enter
60662d10Schristos.align	16
60662d10Schristos.Loop16:
60662d10Schristos___
60662d10Schristos
60662d10Schristosfor ($i=0;$i<16;$i++) {
60662d10Schristos    $code.=".Loop16_enter:\n"		if ($i==1);
60662d10Schristos	RC4_loop($i);
60662d10Schristos	push(@TX,shift(@TX)); 		# "rotate" registers
60662d10Schristos}
60662d10Schristos$code.=<<___;
60662d10Schristos	mov	$YY,$TX[1]
60662d10Schristos	xor	$YY,$YY			# keyword to partial register
60662d10Schristos	sub	\$16,$len
60662d10Schristos	mov	$TX[1]#b,$YY#b
60662d10Schristos	test	\$-16,$len
60662d10Schristos	jnz	.Loop16
60662d10Schristos
60662d10Schristos	psllq	\$8,%xmm1
60662d10Schristos	pxor	%xmm0,%xmm2
60662d10Schristos	pxor	%xmm1,%xmm2
60662d10Schristos	movdqu	%xmm2,($out,$inp)
60662d10Schristos	lea	16($inp),$inp
60662d10Schristos
60662d10Schristos	cmp	\$0,$len
60662d10Schristos	jne	.Lloop1
60662d10Schristos	jmp	.Lexit
60662d10Schristos
60662d10Schristos.align	16
60662d10Schristos.Lloop1:
60662d10Schristos	add	$TX[0]#b,$YY#b
60662d10Schristos	movl	($dat,$YY,4),$TY#d
60662d10Schristos	movl	$TX[0]#d,($dat,$YY,4)
60662d10Schristos	movl	$TY#d,($dat,$XX[0],4)
60662d10Schristos	add	$TY#b,$TX[0]#b
60662d10Schristos	inc	$XX[0]#b
60662d10Schristos	movl	($dat,$TX[0],4),$TY#d
60662d10Schristos	movl	($dat,$XX[0],4),$TX[0]#d
60662d10Schristos	xorb	($inp),$TY#b
60662d10Schristos	movb	$TY#b,($out,$inp)
60662d10Schristos	lea	1($inp),$inp
60662d10Schristos	dec	$len
60662d10Schristos	jnz	.Lloop1
60662d10Schristos	jmp	.Lexit
60662d10Schristos
60662d10Schristos.align	16
60662d10Schristos.LRC4_CHAR:
60662d10Schristos	add	\$1,$XX[0]#b
60662d10Schristos	movzb	($dat,$XX[0]),$TX[0]#d
60662d10Schristos	test	\$-8,$len
60662d10Schristos	jz	.Lcloop1
60662d10Schristos	jmp	.Lcloop8
60662d10Schristos.align	16
60662d10Schristos.Lcloop8:
60662d10Schristos	mov	($inp),%r8d
60662d10Schristos	mov	4($inp),%r9d
60662d10Schristos___
60662d10Schristos# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
60662d10Schristosfor ($i=0;$i<4;$i++) {
60662d10Schristos$code.=<<___;
60662d10Schristos	add	$TX[0]#b,$YY#b
60662d10Schristos	lea	1($XX[0]),$XX[1]
60662d10Schristos	movzb	($dat,$YY),$TY#d
60662d10Schristos	movzb	$XX[1]#b,$XX[1]#d
60662d10Schristos	movzb	($dat,$XX[1]),$TX[1]#d
60662d10Schristos	movb	$TX[0]#b,($dat,$YY)
60662d10Schristos	cmp	$XX[1],$YY
60662d10Schristos	movb	$TY#b,($dat,$XX[0])
60662d10Schristos	jne	.Lcmov$i			# Intel cmov is sloooow...
60662d10Schristos	mov	$TX[0],$TX[1]
60662d10Schristos.Lcmov$i:
60662d10Schristos	add	$TX[0]#b,$TY#b
60662d10Schristos	xor	($dat,$TY),%r8b
60662d10Schristos	ror	\$8,%r8d
60662d10Schristos___
60662d10Schristospush(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
60662d10Schristos}
60662d10Schristosfor ($i=4;$i<8;$i++) {
60662d10Schristos$code.=<<___;
60662d10Schristos	add	$TX[0]#b,$YY#b
60662d10Schristos	lea	1($XX[0]),$XX[1]
60662d10Schristos	movzb	($dat,$YY),$TY#d
60662d10Schristos	movzb	$XX[1]#b,$XX[1]#d
60662d10Schristos	movzb	($dat,$XX[1]),$TX[1]#d
60662d10Schristos	movb	$TX[0]#b,($dat,$YY)
60662d10Schristos	cmp	$XX[1],$YY
60662d10Schristos	movb	$TY#b,($dat,$XX[0])
60662d10Schristos	jne	.Lcmov$i			# Intel cmov is sloooow...
60662d10Schristos	mov	$TX[0],$TX[1]
60662d10Schristos.Lcmov$i:
60662d10Schristos	add	$TX[0]#b,$TY#b
60662d10Schristos	xor	($dat,$TY),%r9b
60662d10Schristos	ror	\$8,%r9d
60662d10Schristos___
60662d10Schristospush(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
60662d10Schristos}
60662d10Schristos$code.=<<___;
60662d10Schristos	lea	-8($len),$len
60662d10Schristos	mov	%r8d,($out)
60662d10Schristos	lea	8($inp),$inp
60662d10Schristos	mov	%r9d,4($out)
60662d10Schristos	lea	8($out),$out
60662d10Schristos
60662d10Schristos	test	\$-8,$len
60662d10Schristos	jnz	.Lcloop8
60662d10Schristos	cmp	\$0,$len
60662d10Schristos	jne	.Lcloop1
60662d10Schristos	jmp	.Lexit
60662d10Schristos___
60662d10Schristos$code.=<<___;
60662d10Schristos.align	16
60662d10Schristos.Lcloop1:
60662d10Schristos	add	$TX[0]#b,$YY#b
60662d10Schristos	movzb	$YY#b,$YY#d
60662d10Schristos	movzb	($dat,$YY),$TY#d
60662d10Schristos	movb	$TX[0]#b,($dat,$YY)
60662d10Schristos	movb	$TY#b,($dat,$XX[0])
60662d10Schristos	add	$TX[0]#b,$TY#b
60662d10Schristos	add	\$1,$XX[0]#b
60662d10Schristos	movzb	$TY#b,$TY#d
60662d10Schristos	movzb	$XX[0]#b,$XX[0]#d
60662d10Schristos	movzb	($dat,$TY),$TY#d
60662d10Schristos	movzb	($dat,$XX[0]),$TX[0]#d
60662d10Schristos	xorb	($inp),$TY#b
60662d10Schristos	lea	1($inp),$inp
60662d10Schristos	movb	$TY#b,($out)
60662d10Schristos	lea	1($out),$out
60662d10Schristos	sub	\$1,$len
60662d10Schristos	jnz	.Lcloop1
60662d10Schristos	jmp	.Lexit
60662d10Schristos
60662d10Schristos.align	16
60662d10Schristos.Lexit:
60662d10Schristos	sub	\$1,$XX[0]#b
60662d10Schristos	movl	$XX[0]#d,-8($dat)
60662d10Schristos	movl	$YY#d,-4($dat)
60662d10Schristos
60662d10Schristos	mov	(%rsp),%r13
*1dcdf01fSchristos.cfi_restore	%r13
60662d10Schristos	mov	8(%rsp),%r12
*1dcdf01fSchristos.cfi_restore	%r12
60662d10Schristos	mov	16(%rsp),%rbx
*1dcdf01fSchristos.cfi_restore	%rbx
60662d10Schristos	add	\$24,%rsp
*1dcdf01fSchristos.cfi_adjust_cfa_offset	-24
60662d10Schristos.Lepilogue:
60662d10Schristos	ret
*1dcdf01fSchristos.cfi_endproc
60662d10Schristos.size	RC4,.-RC4
60662d10Schristos___
60662d10Schristos}
60662d10Schristos
60662d10Schristos$idx="%r8";
60662d10Schristos$ido="%r9";
60662d10Schristos
60662d10Schristos$code.=<<___;
*1dcdf01fSchristos.globl	RC4_set_key
*1dcdf01fSchristos.type	RC4_set_key,\@function,3
60662d10Schristos.align	16
*1dcdf01fSchristosRC4_set_key:
*1dcdf01fSchristos.cfi_startproc
60662d10Schristos	lea	8($dat),$dat
60662d10Schristos	lea	($inp,$len),$inp
60662d10Schristos	neg	$len
60662d10Schristos	mov	$len,%rcx
60662d10Schristos	xor	%eax,%eax
60662d10Schristos	xor	$ido,$ido
60662d10Schristos	xor	%r10,%r10
60662d10Schristos	xor	%r11,%r11
60662d10Schristos
60662d10Schristos	mov	OPENSSL_ia32cap_P(%rip),$idx#d
60662d10Schristos	bt	\$20,$idx#d	# RC4_CHAR?
60662d10Schristos	jc	.Lc1stloop
60662d10Schristos	jmp	.Lw1stloop
60662d10Schristos
60662d10Schristos.align	16
60662d10Schristos.Lw1stloop:
60662d10Schristos	mov	%eax,($dat,%rax,4)
60662d10Schristos	add	\$1,%al
60662d10Schristos	jnc	.Lw1stloop
60662d10Schristos
60662d10Schristos	xor	$ido,$ido
60662d10Schristos	xor	$idx,$idx
60662d10Schristos.align	16
60662d10Schristos.Lw2ndloop:
60662d10Schristos	mov	($dat,$ido,4),%r10d
60662d10Schristos	add	($inp,$len,1),$idx#b
60662d10Schristos	add	%r10b,$idx#b
60662d10Schristos	add	\$1,$len
60662d10Schristos	mov	($dat,$idx,4),%r11d
60662d10Schristos	cmovz	%rcx,$len
60662d10Schristos	mov	%r10d,($dat,$idx,4)
60662d10Schristos	mov	%r11d,($dat,$ido,4)
60662d10Schristos	add	\$1,$ido#b
60662d10Schristos	jnc	.Lw2ndloop
60662d10Schristos	jmp	.Lexit_key
60662d10Schristos
60662d10Schristos.align	16
60662d10Schristos.Lc1stloop:
60662d10Schristos	mov	%al,($dat,%rax)
60662d10Schristos	add	\$1,%al
60662d10Schristos	jnc	.Lc1stloop
60662d10Schristos
60662d10Schristos	xor	$ido,$ido
60662d10Schristos	xor	$idx,$idx
60662d10Schristos.align	16
60662d10Schristos.Lc2ndloop:
60662d10Schristos	mov	($dat,$ido),%r10b
60662d10Schristos	add	($inp,$len),$idx#b
60662d10Schristos	add	%r10b,$idx#b
60662d10Schristos	add	\$1,$len
60662d10Schristos	mov	($dat,$idx),%r11b
60662d10Schristos	jnz	.Lcnowrap
60662d10Schristos	mov	%rcx,$len
60662d10Schristos.Lcnowrap:
60662d10Schristos	mov	%r10b,($dat,$idx)
60662d10Schristos	mov	%r11b,($dat,$ido)
60662d10Schristos	add	\$1,$ido#b
60662d10Schristos	jnc	.Lc2ndloop
60662d10Schristos	movl	\$-1,256($dat)
60662d10Schristos
60662d10Schristos.align	16
60662d10Schristos.Lexit_key:
60662d10Schristos	xor	%eax,%eax
60662d10Schristos	mov	%eax,-8($dat)
60662d10Schristos	mov	%eax,-4($dat)
60662d10Schristos	ret
*1dcdf01fSchristos.cfi_endproc
*1dcdf01fSchristos.size	RC4_set_key,.-RC4_set_key
60662d10Schristos
60662d10Schristos.globl	RC4_options
60662d10Schristos.type	RC4_options,\@abi-omnipotent
60662d10Schristos.align	16
60662d10SchristosRC4_options:
*1dcdf01fSchristos.cfi_startproc
60662d10Schristos	lea	.Lopts(%rip),%rax
60662d10Schristos	mov	OPENSSL_ia32cap_P(%rip),%edx
60662d10Schristos	bt	\$20,%edx
60662d10Schristos	jc	.L8xchar
60662d10Schristos	bt	\$30,%edx
60662d10Schristos	jnc	.Ldone
60662d10Schristos	add	\$25,%rax
60662d10Schristos	ret
60662d10Schristos.L8xchar:
60662d10Schristos	add	\$12,%rax
60662d10Schristos.Ldone:
60662d10Schristos	ret
*1dcdf01fSchristos.cfi_endproc
60662d10Schristos.align	64
60662d10Schristos.Lopts:
60662d10Schristos.asciz	"rc4(8x,int)"
60662d10Schristos.asciz	"rc4(8x,char)"
60662d10Schristos.asciz	"rc4(16x,int)"
60662d10Schristos.asciz	"RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
60662d10Schristos.align	64
60662d10Schristos.size	RC4_options,.-RC4_options
60662d10Schristos___
60662d10Schristos
60662d10Schristos# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
60662d10Schristos#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
60662d10Schristosif ($win64) {
60662d10Schristos$rec="%rcx";
60662d10Schristos$frame="%rdx";
60662d10Schristos$context="%r8";
60662d10Schristos$disp="%r9";
60662d10Schristos
60662d10Schristos$code.=<<___;
60662d10Schristos.extern	__imp_RtlVirtualUnwind
60662d10Schristos.type	stream_se_handler,\@abi-omnipotent
60662d10Schristos.align	16
60662d10Schristosstream_se_handler:
60662d10Schristos	push	%rsi
60662d10Schristos	push	%rdi
60662d10Schristos	push	%rbx
60662d10Schristos	push	%rbp
60662d10Schristos	push	%r12
60662d10Schristos	push	%r13
60662d10Schristos	push	%r14
60662d10Schristos	push	%r15
60662d10Schristos	pushfq
60662d10Schristos	sub	\$64,%rsp
60662d10Schristos
60662d10Schristos	mov	120($context),%rax	# pull context->Rax
60662d10Schristos	mov	248($context),%rbx	# pull context->Rip
60662d10Schristos
60662d10Schristos	lea	.Lprologue(%rip),%r10
60662d10Schristos	cmp	%r10,%rbx		# context->Rip<prologue label
60662d10Schristos	jb	.Lin_prologue
60662d10Schristos
60662d10Schristos	mov	152($context),%rax	# pull context->Rsp
60662d10Schristos
60662d10Schristos	lea	.Lepilogue(%rip),%r10
60662d10Schristos	cmp	%r10,%rbx		# context->Rip>=epilogue label
60662d10Schristos	jae	.Lin_prologue
60662d10Schristos
60662d10Schristos	lea	24(%rax),%rax
60662d10Schristos
60662d10Schristos	mov	-8(%rax),%rbx
60662d10Schristos	mov	-16(%rax),%r12
60662d10Schristos	mov	-24(%rax),%r13
60662d10Schristos	mov	%rbx,144($context)	# restore context->Rbx
60662d10Schristos	mov	%r12,216($context)	# restore context->R12
60662d10Schristos	mov	%r13,224($context)	# restore context->R13
60662d10Schristos
60662d10Schristos.Lin_prologue:
60662d10Schristos	mov	8(%rax),%rdi
60662d10Schristos	mov	16(%rax),%rsi
60662d10Schristos	mov	%rax,152($context)	# restore context->Rsp
60662d10Schristos	mov	%rsi,168($context)	# restore context->Rsi
60662d10Schristos	mov	%rdi,176($context)	# restore context->Rdi
60662d10Schristos
60662d10Schristos	jmp	.Lcommon_seh_exit
60662d10Schristos.size	stream_se_handler,.-stream_se_handler
60662d10Schristos
60662d10Schristos.type	key_se_handler,\@abi-omnipotent
60662d10Schristos.align	16
60662d10Schristoskey_se_handler:
60662d10Schristos	push	%rsi
60662d10Schristos	push	%rdi
60662d10Schristos	push	%rbx
60662d10Schristos	push	%rbp
60662d10Schristos	push	%r12
60662d10Schristos	push	%r13
60662d10Schristos	push	%r14
60662d10Schristos	push	%r15
60662d10Schristos	pushfq
60662d10Schristos	sub	\$64,%rsp
60662d10Schristos
60662d10Schristos	mov	152($context),%rax	# pull context->Rsp
60662d10Schristos	mov	8(%rax),%rdi
60662d10Schristos	mov	16(%rax),%rsi
60662d10Schristos	mov	%rsi,168($context)	# restore context->Rsi
60662d10Schristos	mov	%rdi,176($context)	# restore context->Rdi
60662d10Schristos
60662d10Schristos.Lcommon_seh_exit:
60662d10Schristos
60662d10Schristos	mov	40($disp),%rdi		# disp->ContextRecord
60662d10Schristos	mov	$context,%rsi		# context
60662d10Schristos	mov	\$154,%ecx		# sizeof(CONTEXT)
60662d10Schristos	.long	0xa548f3fc		# cld; rep movsq
60662d10Schristos
60662d10Schristos	mov	$disp,%rsi
60662d10Schristos	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
60662d10Schristos	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
60662d10Schristos	mov	0(%rsi),%r8		# arg3, disp->ControlPc
60662d10Schristos	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
60662d10Schristos	mov	40(%rsi),%r10		# disp->ContextRecord
60662d10Schristos	lea	56(%rsi),%r11		# &disp->HandlerData
60662d10Schristos	lea	24(%rsi),%r12		# &disp->EstablisherFrame
60662d10Schristos	mov	%r10,32(%rsp)		# arg5
60662d10Schristos	mov	%r11,40(%rsp)		# arg6
60662d10Schristos	mov	%r12,48(%rsp)		# arg7
60662d10Schristos	mov	%rcx,56(%rsp)		# arg8, (NULL)
60662d10Schristos	call	*__imp_RtlVirtualUnwind(%rip)
60662d10Schristos
60662d10Schristos	mov	\$1,%eax		# ExceptionContinueSearch
60662d10Schristos	add	\$64,%rsp
60662d10Schristos	popfq
60662d10Schristos	pop	%r15
60662d10Schristos	pop	%r14
60662d10Schristos	pop	%r13
60662d10Schristos	pop	%r12
60662d10Schristos	pop	%rbp
60662d10Schristos	pop	%rbx
60662d10Schristos	pop	%rdi
60662d10Schristos	pop	%rsi
60662d10Schristos	ret
60662d10Schristos.size	key_se_handler,.-key_se_handler
60662d10Schristos
60662d10Schristos.section	.pdata
60662d10Schristos.align	4
60662d10Schristos	.rva	.LSEH_begin_RC4
60662d10Schristos	.rva	.LSEH_end_RC4
60662d10Schristos	.rva	.LSEH_info_RC4
60662d10Schristos
*1dcdf01fSchristos	.rva	.LSEH_begin_RC4_set_key
*1dcdf01fSchristos	.rva	.LSEH_end_RC4_set_key
*1dcdf01fSchristos	.rva	.LSEH_info_RC4_set_key
60662d10Schristos
60662d10Schristos.section	.xdata
60662d10Schristos.align	8
60662d10Schristos.LSEH_info_RC4:
60662d10Schristos	.byte	9,0,0,0
60662d10Schristos	.rva	stream_se_handler
*1dcdf01fSchristos.LSEH_info_RC4_set_key:
60662d10Schristos	.byte	9,0,0,0
60662d10Schristos	.rva	key_se_handler
60662d10Schristos___
60662d10Schristos}
60662d10Schristos
60662d10Schristossub reg_part {
60662d10Schristosmy ($reg,$conv)=@_;
60662d10Schristos    if ($reg =~ /%r[0-9]+/)	{ $reg .= $conv; }
60662d10Schristos    elsif ($conv eq "b")	{ $reg =~ s/%[er]([^x]+)x?/%$1l/;	}
60662d10Schristos    elsif ($conv eq "w")	{ $reg =~ s/%[er](.+)/%$1/;		}
60662d10Schristos    elsif ($conv eq "d")	{ $reg =~ s/%[er](.+)/%e$1/;		}
60662d10Schristos    return $reg;
60662d10Schristos}
60662d10Schristos
60662d10Schristos$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
60662d10Schristos$code =~ s/\`([^\`]*)\`/eval $1/gem;
60662d10Schristos
60662d10Schristosprint $code;
60662d10Schristos
*1dcdf01fSchristosclose STDOUT or die "error closing STDOUT: $!";