| /* Intel Pentium-4 mpn_submul_1 -- Multiply a limb vector with a limb and |
| * subtract the result from a second limb vector. |
| * |
| * Copyright 2001, 2002 Free Software Foundation, Inc. |
| * |
| * This file is part of Libgcrypt. |
| * |
| * Libgcrypt is free software; you can redistribute it and/or modify |
| * it under the terms of the GNU Lesser General Public License as |
| * published by the Free Software Foundation; either version 2.1 of |
| * the License, or (at your option) any later version. |
| * |
| * Libgcrypt is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| * GNU Lesser General Public License for more details. |
| * |
| * You should have received a copy of the GNU Lesser General Public |
| * License along with this program; if not, write to the Free Software |
| * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA |
| * |
| * Note: This code is heavily based on the GNU MP Library. |
| * Actually it's the same code with only minor changes in the |
| * way the data is stored; this is to support the abstraction |
| * of an optional secure memory allocation which may be used |
| * to avoid revealing of sensitive data due to paging etc. |
| */ |
| |
| |
| #include "sysdep.h" |
| #include "asm-syntax.h" |
| |
| |
| /******************* |
| * mpi_limb_t |
| * _gcry_mpih_submul_1( mpi_ptr_t res_ptr, (sp + 4) |
| * mpi_ptr_t s1_ptr, (sp + 8) |
| * mpi_size_t s1_size, (sp + 12) |
| * mpi_limb_t s2_limb) (sp + 16) |
| * |
| * P4: 7 cycles/limb, unstable timing, at least on early Pentium4 silicon |
| * (stepping 10). |
| * |
| * This code is not particularly good at 7 c/l. The dependent chain is only |
| * 4 c/l and there's only 4 MMX unit instructions, so it's not clear why that |
| * speed isn't achieved. |
| * |
| * The arrangements made here to get a two instruction dependent chain are |
| * slightly subtle. In the loop the carry (or borrow rather) is a negative |
| * so that a paddq can be used to give a low limb ready to store, and a high |
| * limb ready to become the new carry after a psrlq. |
| * |
| * If the carry was a simple twos complement negative then the psrlq shift |
| * would need to bring in 0 bits or 1 bits according to whether the high was |
| * zero or non-zero, since a non-zero value would represent a negative |
| * needing sign extension. That wouldn't be particularly easy to arrange and |
| * certainly would add an instruction to the dependent chain, so instead an |
| * offset is applied so that the high limb will be 0xFFFFFFFF+c. With c in |
| * the range -0xFFFFFFFF to 0, the value 0xFFFFFFFF+c is in the range 0 to |
| * 0xFFFFFFFF and is therefore always positive and can always have 0 bits |
| * shifted in, which is what psrlq does. |
| * |
| * The extra 0xFFFFFFFF must be subtracted before c is used, but that can be |
| * done off the dependent chain. The total adjustment then is to add |
| * 0xFFFFFFFF00000000 to offset the new carry, and subtract |
| * 0x00000000FFFFFFFF to remove the offset from the current carry, for a net |
| * add of 0xFFFFFFFE00000001. In the code this is applied to the destination |
| * limb when fetched. |
| * |
| * It's also possible to view the 0xFFFFFFFF adjustment as a ones-complement |
| * negative, which is how it's undone for the return value, but that doesn't |
| * seem as clear. |
| */ |
| |
| TEXT |
| ALIGN (4) |
| GLOBL C_SYMBOL_NAME(_gcry_mpih_submul_1) |
| C_SYMBOL_NAME(_gcry_mpih_submul_1:) |
| |
| pxor %mm1, %mm1 |
| |
| .Lstart_1c: |
| movl 8(%esp), %eax |
| pcmpeqd %mm0, %mm0 |
| |
| movd 16(%esp), %mm7 |
| pcmpeqd %mm6, %mm6 |
| |
| movl 4(%esp), %edx |
| psrlq $32, %mm0 |
| |
| movl 12(%esp), %ecx |
| psllq $32, %mm6 |
| |
| psubq %mm0, %mm6 |
| |
| psubq %mm1, %mm0 |
| |
| /* |
| C eax src, incrementing |
| C ebx |
| C ecx loop counter, decrementing |
| C edx dst, incrementing |
| C |
| C mm0 0xFFFFFFFF - borrow |
| C mm6 0xFFFFFFFE00000001 |
| C mm7 multiplier |
| */ |
| |
| .Lloop: |
| movd (%eax), %mm1 |
| leal 4(%eax), %eax |
| movd (%edx), %mm2 |
| paddq %mm6, %mm2 |
| pmuludq %mm7, %mm1 |
| psubq %mm1, %mm2 |
| paddq %mm2, %mm0 |
| subl $1, %ecx |
| movd %mm0, (%edx) |
| psrlq $32, %mm0 |
| leal 4(%edx), %edx |
| jnz .Lloop |
| |
| movd %mm0, %eax |
| notl %eax |
| emms |
| ret |