libbb/sha: improve comments

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko <vda.linux@googlemail.com> 2022-02-10 15:38:10 +0100
committer: Denys Vlasenko <vda.linux@googlemail.com> 2022-02-10 15:38:10 +0100
commit: 6f56fa17131b3cbb84e887c6c5fb202f2492169e (patch)
tree: 3d0bbb352f7e5d56cfb7e529922a77d7176b2e42
parent: 6a6c1c0ea91edeeb18736190feb5a7278d3d1141 (diff)
download: busybox-w32-6f56fa17131b3cbb84e887c6c5fb202f2492169e.tar.gz
busybox-w32-6f56fa17131b3cbb84e887c6c5fb202f2492169e.tar.bz2
busybox-w32-6f56fa17131b3cbb84e887c6c5fb202f2492169e.zip
4 files changed, 20 insertions, 21 deletions
diff --git a/libbb/hash_md5_sha256_x86-32_shaNI.S b/libbb/hash_md5_sha256_x86-32_shaNI.S
index 413e2df9e..4b33449d4 100644
--- a/libbb/hash_md5_sha256_x86-32_shaNI.S
+++ b/libbb/hash_md5_sha256_x86-32_shaNI.S
@@ -4,7 +4,7 @@
 // We use shorter insns, even though they are for "wrong"
 // data type (fp, not int).
 // For Intel, there is no penalty for doing it at all
-// (CPUs which do have such penalty do not support SHA1 insns).
+// (CPUs which do have such penalty do not support SHA insns).
 // For AMD, the penalty is one extra cycle
 // (allegedly: I failed to find measurable difference).
@@ -39,12 +39,13 @@
        .balign 8       # allow decoders to fetch at least 2 first insns
 sha256_process_block64_shaNI:
-        movu128         76+0*16(%eax), XMMTMP /* DCBA (msb-to-lsb: 3,2,1,0) */
+        movu128         76+0*16(%eax), XMMTMP /* ABCD (little-endian dword order) */
-        movu128         76+1*16(%eax), STATE1 /* HGFE */
+        movu128         76+1*16(%eax), STATE1 /* EFGH */
 /* shufps takes dwords 0,1 from *2nd* operand, and dwords 2,3 from 1st one */
        mova128         STATE1, STATE0
-        shufps          SHUF(1,0,1,0), XMMTMP, STATE0 /* ABEF */
+        /* ---          -------------- ABCD -- EFGH */
-        shufps          SHUF(3,2,3,2), XMMTMP, STATE1 /* CDGH */
+        shufps          SHUF(1,0,1,0), XMMTMP, STATE0 /* FEBA */
+        shufps          SHUF(3,2,3,2), XMMTMP, STATE1 /* HGDC */
 /* XMMTMP holds flip mask from here... */
        mova128         PSHUFFLE_BSWAP32_FLIP_MASK, XMMTMP
@@ -232,12 +233,11 @@ sha256_process_block64_shaNI:
                sha256rnds2     STATE1, STATE0
        /* Write hash values back in the correct order */
-        /* STATE0: ABEF (msb-to-lsb: 3,2,1,0) */
-        /* STATE1: CDGH */
        mova128         STATE0, XMMTMP
 /* shufps takes dwords 0,1 from *2nd* operand, and dwords 2,3 from 1st one */
-        shufps          SHUF(3,2,3,2), STATE1, STATE0 /* DCBA */
+        /* ---          -------------- HGDC -- FEBA */
-        shufps          SHUF(1,0,1,0), STATE1, XMMTMP /* HGFE */
+        shufps          SHUF(3,2,3,2), STATE1, STATE0 /* ABCD */
+        shufps          SHUF(1,0,1,0), STATE1, XMMTMP /* EFGH */
        /* add current hash values to previous ones */
        movu128         76+1*16(%eax), STATE1
        paddd           XMMTMP, STATE1
diff --git a/libbb/hash_md5_sha256_x86-64_shaNI.S b/libbb/hash_md5_sha256_x86-64_shaNI.S
index c246762aa..5ed80c2ef 100644
--- a/libbb/hash_md5_sha256_x86-64_shaNI.S
+++ b/libbb/hash_md5_sha256_x86-64_shaNI.S
@@ -4,7 +4,7 @@
 // We use shorter insns, even though they are for "wrong"
 // data type (fp, not int).
 // For Intel, there is no penalty for doing it at all
-// (CPUs which do have such penalty do not support SHA1 insns).
+// (CPUs which do have such penalty do not support SHA insns).
 // For AMD, the penalty is one extra cycle
 // (allegedly: I failed to find measurable difference).
@@ -42,12 +42,13 @@
        .balign 8       # allow decoders to fetch at least 2 first insns
 sha256_process_block64_shaNI:
-        movu128         80+0*16(%rdi), XMMTMP /* DCBA (msb-to-lsb: 3,2,1,0) */
+        movu128         80+0*16(%rdi), XMMTMP /* ABCD (little-endian dword order) */
-        movu128         80+1*16(%rdi), STATE1 /* HGFE */
+        movu128         80+1*16(%rdi), STATE1 /* EFGH */
 /* shufps takes dwords 0,1 from *2nd* operand, and dwords 2,3 from 1st one */
        mova128         STATE1, STATE0
-        shufps          SHUF(1,0,1,0), XMMTMP, STATE0 /* ABEF */
+        /* ---          -------------- ABCD -- EFGH */
-        shufps          SHUF(3,2,3,2), XMMTMP, STATE1 /* CDGH */
+        shufps          SHUF(1,0,1,0), XMMTMP, STATE0 /* FEBA */
+        shufps          SHUF(3,2,3,2), XMMTMP, STATE1 /* HGDC */
 /* XMMTMP holds flip mask from here... */
        mova128         PSHUFFLE_BSWAP32_FLIP_MASK(%rip), XMMTMP
@@ -243,13 +244,11 @@ sha256_process_block64_shaNI:
        paddd           CDGH_SAVE, STATE1
        /* Write hash values back in the correct order */
-        /* STATE0: ABEF (msb-to-lsb: 3,2,1,0) */
-        /* STATE1: CDGH */
        mova128         STATE0, XMMTMP
 /* shufps takes dwords 0,1 from *2nd* operand, and dwords 2,3 from 1st one */
-        shufps          SHUF(3,2,3,2), STATE1, STATE0 /* DCBA */
+        /* ---          -------------- HGDC -- FEBA */
-        shufps          SHUF(1,0,1,0), STATE1, XMMTMP /* HGFE */
+        shufps          SHUF(3,2,3,2), STATE1, STATE0 /* ABCD */
+        shufps          SHUF(1,0,1,0), STATE1, XMMTMP /* EFGH */
        movu128         STATE0, 80+0*16(%rdi)
        movu128         XMMTMP, 80+1*16(%rdi)
diff --git a/libbb/hash_md5_sha_x86-32_shaNI.S b/libbb/hash_md5_sha_x86-32_shaNI.S
index afca98a62..c7fb243ce 100644
--- a/libbb/hash_md5_sha_x86-32_shaNI.S
+++ b/libbb/hash_md5_sha_x86-32_shaNI.S
@@ -4,7 +4,7 @@
 // We use shorter insns, even though they are for "wrong"
 // data type (fp, not int).
 // For Intel, there is no penalty for doing it at all
-// (CPUs which do have such penalty do not support SHA1 insns).
+// (CPUs which do have such penalty do not support SHA insns).
 // For AMD, the penalty is one extra cycle
 // (allegedly: I failed to find measurable difference).
diff --git a/libbb/hash_md5_sha_x86-64_shaNI.S b/libbb/hash_md5_sha_x86-64_shaNI.S
index 54d122788..c13cdec07 100644
--- a/libbb/hash_md5_sha_x86-64_shaNI.S
+++ b/libbb/hash_md5_sha_x86-64_shaNI.S
@@ -4,7 +4,7 @@
 // We use shorter insns, even though they are for "wrong"
 // data type (fp, not int).
 // For Intel, there is no penalty for doing it at all
-// (CPUs which do have such penalty do not support SHA1 insns).
+// (CPUs which do have such penalty do not support SHA insns).
 // For AMD, the penalty is one extra cycle
 // (allegedly: I failed to find measurable difference).
author	Denys Vlasenko <vda.linux@googlemail.com>	2022-02-10 15:38:10 +0100
committer	Denys Vlasenko <vda.linux@googlemail.com>	2022-02-10 15:38:10 +0100
commit	6f56fa17131b3cbb84e887c6c5fb202f2492169e (patch)
tree	3d0bbb352f7e5d56cfb7e529922a77d7176b2e42
parent	6a6c1c0ea91edeeb18736190feb5a7278d3d1141 (diff)
download	busybox-w32-6f56fa17131b3cbb84e887c6c5fb202f2492169e.tar.gz busybox-w32-6f56fa17131b3cbb84e887c6c5fb202f2492169e.tar.bz2 busybox-w32-6f56fa17131b3cbb84e887c6c5fb202f2492169e.zip

diff --git a/libbb/hash_md5_sha256_x86-32_shaNI.S b/libbb/hash_md5_sha256_x86-32_shaNI.S index 413e2df9e..4b33449d4 100644 --- a/libbb/hash_md5_sha256_x86-32_shaNI.S +++ b/libbb/hash_md5_sha256_x86-32_shaNI.S
@@ -4,7 +4,7 @@
4	// We use shorter insns, even though they are for "wrong"	4	// We use shorter insns, even though they are for "wrong"
5	// data type (fp, not int).	5	// data type (fp, not int).
6	// For Intel, there is no penalty for doing it at all	6	// For Intel, there is no penalty for doing it at all
7	// (CPUs which do have such penalty do not support SHA1 insns).	7	// (CPUs which do have such penalty do not support SHA insns).
8	// For AMD, the penalty is one extra cycle	8	// For AMD, the penalty is one extra cycle
9	// (allegedly: I failed to find measurable difference).	9	// (allegedly: I failed to find measurable difference).
10		10
@@ -39,12 +39,13 @@
39	.balign 8 # allow decoders to fetch at least 2 first insns	39	.balign 8 # allow decoders to fetch at least 2 first insns
40	sha256_process_block64_shaNI:	40	sha256_process_block64_shaNI:
41		41
42	movu128 76+016(%eax), XMMTMP / DCBA (msb-to-lsb: 3,2,1,0) */	42	movu128 76+016(%eax), XMMTMP / ABCD (little-endian dword order) */
43	movu128 76+116(%eax), STATE1 / HGFE */	43	movu128 76+116(%eax), STATE1 / EFGH */
44	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */	44	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */
45	mova128 STATE1, STATE0	45	mova128 STATE1, STATE0
46	shufps SHUF(1,0,1,0), XMMTMP, STATE0 /* ABEF */	46	/* --- -------------- ABCD -- EFGH */
47	shufps SHUF(3,2,3,2), XMMTMP, STATE1 /* CDGH */	47	shufps SHUF(1,0,1,0), XMMTMP, STATE0 /* FEBA */
		48	shufps SHUF(3,2,3,2), XMMTMP, STATE1 /* HGDC */
48		49
49	/* XMMTMP holds flip mask from here... */	50	/* XMMTMP holds flip mask from here... */
50	mova128 PSHUFFLE_BSWAP32_FLIP_MASK, XMMTMP	51	mova128 PSHUFFLE_BSWAP32_FLIP_MASK, XMMTMP
@@ -232,12 +233,11 @@ sha256_process_block64_shaNI:
232	sha256rnds2 STATE1, STATE0	233	sha256rnds2 STATE1, STATE0
233		234
234	/* Write hash values back in the correct order */	235	/* Write hash values back in the correct order */
235	/* STATE0: ABEF (msb-to-lsb: 3,2,1,0) */
236	/* STATE1: CDGH */
237	mova128 STATE0, XMMTMP	236	mova128 STATE0, XMMTMP
238	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */	237	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */
239	shufps SHUF(3,2,3,2), STATE1, STATE0 /* DCBA */	238	/* --- -------------- HGDC -- FEBA */
240	shufps SHUF(1,0,1,0), STATE1, XMMTMP /* HGFE */	239	shufps SHUF(3,2,3,2), STATE1, STATE0 /* ABCD */
		240	shufps SHUF(1,0,1,0), STATE1, XMMTMP /* EFGH */
241	/* add current hash values to previous ones */	241	/* add current hash values to previous ones */
242	movu128 76+1*16(%eax), STATE1	242	movu128 76+1*16(%eax), STATE1
243	paddd XMMTMP, STATE1	243	paddd XMMTMP, STATE1


diff --git a/libbb/hash_md5_sha256_x86-64_shaNI.S b/libbb/hash_md5_sha256_x86-64_shaNI.S index c246762aa..5ed80c2ef 100644 --- a/libbb/hash_md5_sha256_x86-64_shaNI.S +++ b/libbb/hash_md5_sha256_x86-64_shaNI.S
@@ -4,7 +4,7 @@
4	// We use shorter insns, even though they are for "wrong"	4	// We use shorter insns, even though they are for "wrong"
5	// data type (fp, not int).	5	// data type (fp, not int).
6	// For Intel, there is no penalty for doing it at all	6	// For Intel, there is no penalty for doing it at all
7	// (CPUs which do have such penalty do not support SHA1 insns).	7	// (CPUs which do have such penalty do not support SHA insns).
8	// For AMD, the penalty is one extra cycle	8	// For AMD, the penalty is one extra cycle
9	// (allegedly: I failed to find measurable difference).	9	// (allegedly: I failed to find measurable difference).
10		10
@@ -42,12 +42,13 @@
42	.balign 8 # allow decoders to fetch at least 2 first insns	42	.balign 8 # allow decoders to fetch at least 2 first insns
43	sha256_process_block64_shaNI:	43	sha256_process_block64_shaNI:
44		44
45	movu128 80+016(%rdi), XMMTMP / DCBA (msb-to-lsb: 3,2,1,0) */	45	movu128 80+016(%rdi), XMMTMP / ABCD (little-endian dword order) */
46	movu128 80+116(%rdi), STATE1 / HGFE */	46	movu128 80+116(%rdi), STATE1 / EFGH */
47	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */	47	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */
48	mova128 STATE1, STATE0	48	mova128 STATE1, STATE0
49	shufps SHUF(1,0,1,0), XMMTMP, STATE0 /* ABEF */	49	/* --- -------------- ABCD -- EFGH */
50	shufps SHUF(3,2,3,2), XMMTMP, STATE1 /* CDGH */	50	shufps SHUF(1,0,1,0), XMMTMP, STATE0 /* FEBA */
		51	shufps SHUF(3,2,3,2), XMMTMP, STATE1 /* HGDC */
51		52
52	/* XMMTMP holds flip mask from here... */	53	/* XMMTMP holds flip mask from here... */
53	mova128 PSHUFFLE_BSWAP32_FLIP_MASK(%rip), XMMTMP	54	mova128 PSHUFFLE_BSWAP32_FLIP_MASK(%rip), XMMTMP
@@ -243,13 +244,11 @@ sha256_process_block64_shaNI:
243	paddd CDGH_SAVE, STATE1	244	paddd CDGH_SAVE, STATE1
244		245
245	/* Write hash values back in the correct order */	246	/* Write hash values back in the correct order */
246	/* STATE0: ABEF (msb-to-lsb: 3,2,1,0) */
247	/* STATE1: CDGH */
248	mova128 STATE0, XMMTMP	247	mova128 STATE0, XMMTMP
249	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */	248	/* shufps takes dwords 0,1 from 2nd operand, and dwords 2,3 from 1st one */
250	shufps SHUF(3,2,3,2), STATE1, STATE0 /* DCBA */	249	/* --- -------------- HGDC -- FEBA */
251	shufps SHUF(1,0,1,0), STATE1, XMMTMP /* HGFE */	250	shufps SHUF(3,2,3,2), STATE1, STATE0 /* ABCD */
252		251	shufps SHUF(1,0,1,0), STATE1, XMMTMP /* EFGH */
253	movu128 STATE0, 80+0*16(%rdi)	252	movu128 STATE0, 80+0*16(%rdi)
254	movu128 XMMTMP, 80+1*16(%rdi)	253	movu128 XMMTMP, 80+1*16(%rdi)
255		254


diff --git a/libbb/hash_md5_sha_x86-32_shaNI.S b/libbb/hash_md5_sha_x86-32_shaNI.S index afca98a62..c7fb243ce 100644 --- a/libbb/hash_md5_sha_x86-32_shaNI.S +++ b/libbb/hash_md5_sha_x86-32_shaNI.S
@@ -4,7 +4,7 @@
4	// We use shorter insns, even though they are for "wrong"	4	// We use shorter insns, even though they are for "wrong"
5	// data type (fp, not int).	5	// data type (fp, not int).
6	// For Intel, there is no penalty for doing it at all	6	// For Intel, there is no penalty for doing it at all
7	// (CPUs which do have such penalty do not support SHA1 insns).	7	// (CPUs which do have such penalty do not support SHA insns).
8	// For AMD, the penalty is one extra cycle	8	// For AMD, the penalty is one extra cycle
9	// (allegedly: I failed to find measurable difference).	9	// (allegedly: I failed to find measurable difference).
10		10


diff --git a/libbb/hash_md5_sha_x86-64_shaNI.S b/libbb/hash_md5_sha_x86-64_shaNI.S index 54d122788..c13cdec07 100644 --- a/libbb/hash_md5_sha_x86-64_shaNI.S +++ b/libbb/hash_md5_sha_x86-64_shaNI.S
@@ -4,7 +4,7 @@
4	// We use shorter insns, even though they are for "wrong"	4	// We use shorter insns, even though they are for "wrong"
5	// data type (fp, not int).	5	// data type (fp, not int).
6	// For Intel, there is no penalty for doing it at all	6	// For Intel, there is no penalty for doing it at all
7	// (CPUs which do have such penalty do not support SHA1 insns).	7	// (CPUs which do have such penalty do not support SHA insns).
8	// For AMD, the penalty is one extra cycle	8	// For AMD, the penalty is one extra cycle
9	// (allegedly: I failed to find measurable difference).	9	// (allegedly: I failed to find measurable difference).
10		10