Lines Matching refs:xmm0
56 movdqu (%rsi),%xmm0 /* load master key into %xmm0 */
57 movdqa %xmm0,(%rdi) /* store master key as the first round key */
59 aeskeygenassist $0x1,%xmm0,%xmm2
61 aeskeygenassist $0x2,%xmm0,%xmm2
63 aeskeygenassist $0x4,%xmm0,%xmm2
65 aeskeygenassist $0x8,%xmm0,%xmm2
67 aeskeygenassist $0x10,%xmm0,%xmm2
69 aeskeygenassist $0x20,%xmm0,%xmm2
71 aeskeygenassist $0x40,%xmm0,%xmm2
73 aeskeygenassist $0x80,%xmm0,%xmm2
75 aeskeygenassist $0x1b,%xmm0,%xmm2
77 aeskeygenassist $0x36,%xmm0,%xmm2
90 movdqu (%rsi),%xmm0 /* load master key [0:128) into %xmm0 */
92 movdqa %xmm0,(%rdi) /* store master key [0:128) as round key */
96 aeskeygenassist $0x2,%xmm0,%xmm2
100 aeskeygenassist $0x8,%xmm0,%xmm2
104 aeskeygenassist $0x20,%xmm0,%xmm2
108 aeskeygenassist $0x80,%xmm0,%xmm2
121 movdqu (%rsi),%xmm0 /* load master key [0:128) into %xmm0 */
123 movdqa %xmm0,(%rdi) /* store master key [0:128) as round key */
128 aeskeygenassist $0x1,%xmm0,%xmm2
132 aeskeygenassist $0x2,%xmm0,%xmm2
136 aeskeygenassist $0x4,%xmm0,%xmm2
140 aeskeygenassist $0x8,%xmm0,%xmm2
144 aeskeygenassist $0x10,%xmm0,%xmm2
148 aeskeygenassist $0x20,%xmm0,%xmm2
156 * aesni_expand128(uint128_t *rkp@rdi, uint128_t prk@xmm0,
161 * 3. Set %xmm0 to it.
167 * %xmm0 = (prk[0], prk[1], prk[2], prk[3])
173 * %xmm0 = rk, the round key we just computed
197 movdqa %xmm0,%xmm4
198 movdqa %xmm0,%xmm5
199 movdqa %xmm0,%xmm6
205 * %xmm0 := (rk[0] = t ^ prk[0],
210 pxor %xmm2,%xmm0
211 pxor %xmm4,%xmm0
212 pxor %xmm5,%xmm0
213 pxor %xmm6,%xmm0
215 movdqa %xmm0,(%rdi) /* store round key */
221 * aesni_expand192a(uint128_t *rkp@rdi, uint128_t prk@xmm0,
229 * %xmm0 = (prk[0], prk[1], prk[2], prk[3])
236 * %xmm0 = nrk, second round key we just computed
274 movdqa %xmm0,%xmm4
275 movdqa %xmm0,%xmm5
276 movdqa %xmm0,%xmm6
277 movdqa %xmm0,%xmm7
293 * nrk to end up in %xmm0 at the end, so gather rk into %xmm1 and
294 * nrk into %xmm0.
297 /* %xmm0 := (nrk[0], nrk[1], nrk[1], nrk[1]) */
298 pshufd $0b11111110,%xmm4,%xmm0
311 * %xmm0 := (nrk[0],
316 pxor %xmm6,%xmm0
317 pxor %xmm7,%xmm0
323 movdqa %xmm0,0x10(%rdi) /* store next round key */
329 * aesni_expand192b(uint128_t *roundkey@rdi, uint128_t prk@xmm0,
337 * %xmm0 = (prk[0], prk[1], prk[2], prk[3])
344 * %xmm0 = rk, the round key we just computed
377 shufps $0b01001110,%xmm0,%xmm1
398 pshufd $0b00001110,%xmm0,%xmm4
404 /* %xmm0 := (rk[0], rk[1], rk[2], rk[3]) */
405 movdqa %xmm1,%xmm0
419 movdqa %xmm0,(%rdi) /* store round key */
425 * aesni_expand256a(uint128_t *rkp@rdi, uint128_t pprk@xmm0,
433 * %xmm0 = (pprk[0], pprk[1], pprk[2], pprk[3])
440 * %xmm0 = rk, the round key we just computed
454 * aesni_expand256b(uint128_t *rkp@rdi, uint128_t prk@xmm0,
462 * %xmm0 = (prk[0], prk[1], prk[2], prk[3])
469 * %xmm0 = prk, previous round key, preserved from entry
499 * %xmm0 := (rk[0] = t ^ pprk[0],
525 movdqa (%rdi,%rdx),%xmm0 /* load last round key */
526 movdqa %xmm0,(%rsi) /* store last round key verbatim */
529 1: movdqa (%rdi,%rdx),%xmm0 /* load round key */
530 aesimc %xmm0,%xmm0 /* convert encryption to decryption */
531 movdqa %xmm0,(%rsi) /* store round key */
535 movdqa (%rdi),%xmm0 /* load first round key */
536 movdqa %xmm0,(%rsi) /* store first round key verbatim */
549 movdqu (%rsi),%xmm0
551 movdqu %xmm0,(%rdx)
564 movdqu (%rsi),%xmm0
566 movdqu %xmm0,(%rdx)
585 movdqu (%r8),%xmm0 /* xmm0 := chaining value */
589 pxor %xmm1,%xmm0 /* xmm0 := cv ^ ptxt */
591 call aesni_enc1 /* xmm0 := ciphertext block */
592 movdqu %xmm0,(%rdx)
596 movdqu %xmm0,(%r8) /* store chaining value */
619 movdqu -0x10(%rsi,%r10),%xmm0 /* xmm0 := last ciphertext block */
620 movdqu %xmm0,(%r8) /* update iv */
624 pxor %xmm8,%xmm0 /* xmm0 := ptxt */
625 movdqu %xmm0,(%rdx,%r10) /* store plaintext block */
626 movdqa %xmm8,%xmm0 /* move cv = ciphertext block */
628 call aesni_dec1 /* xmm0 := cv ^ ptxt */
631 pxor (%rsp),%xmm0 /* xmm0 := ptxt */
632 movdqu %xmm0,(%rdx) /* store first plaintext block */
660 pxor %xmm7,%xmm0 /* xmm0 := ptxt[0] */
661 movdqu %xmm0,(%rdx,%r10) /* store plaintext block */
668 movdqu -0x80(%rsi,%r10),%xmm0 /* xmm0 := ciphertext block[n-8] */
675 movdqa %xmm0,%xmm9
694 pxor (%rsp),%xmm0 /* xmm0 := ptxt[0] */
695 movdqu %xmm0,(%rdx) /* store first plaintext block */
716 1: movdqu (%rsi),%xmm0 /* xmm0 := ptxt */
718 pxor %xmm15,%xmm0 /* xmm0 := ptxt ^ tweak */
720 call aesni_enc1 /* xmm0 := AES(ptxt ^ tweak) */
721 pxor %xmm15,%xmm0 /* xmm0 := AES(ptxt ^ tweak) ^ tweak */
722 movdqu %xmm0,(%rdx) /* store ciphertext block */
724 call aesni_xts_mulx /* xmm15 *= x; trash xmm0 */
763 movdqu (%rsi),%xmm0 /* xmm[i] := ptxt[i] */
773 pxor %xmm8,%xmm0 /* xmm[i] := ptxt[i] ^ tweak[i] */
783 pxor (%rsp),%xmm0 /* xmm[i] := AES(...) ^ tweak[i] */
791 movdqu %xmm0,(%rdx) /* store ciphertext blocks */
824 1: movdqu (%rsi),%xmm0 /* xmm0 := ctxt */
826 pxor %xmm15,%xmm0 /* xmm0 := ctxt ^ tweak */
828 call aesni_dec1 /* xmm0 := AES(ctxt ^ tweak) */
829 pxor %xmm15,%xmm0 /* xmm0 := AES(ctxt ^ tweak) ^ tweak */
830 movdqu %xmm0,(%rdx) /* store plaintext block */
832 call aesni_xts_mulx /* xmm15 *= x; trash xmm0 */
871 movdqu (%rsi),%xmm0 /* xmm[i] := ptxt[i] */
881 pxor %xmm8,%xmm0 /* xmm[i] := ptxt[i] ^ tweak[i] */
891 pxor (%rsp),%xmm0 /* xmm[i] := AES(...) ^ tweak[i] */
899 movdqu %xmm0,(%rdx) /* store ciphertext blocks */
920 * Uses %xmm0 as temporary.
933 pxor %xmm0,%xmm0 /* xmm0 := 0 */
934 pcmpgtq %xmm15,%xmm0 /* xmm0[i] := -1 if 0 > xmm15[i] else 0 */
935 pshufd $0b01001110,%xmm0,%xmm0 /* swap halves of xmm0 */
936 pand xtscarry(%rip),%xmm0 /* copy xtscarry according to mask */
938 pxor %xmm0,%xmm15 /* incorporate (a) and (b) */
974 movdqu (%rcx),%xmm0 /* xmm0 := auth */
978 1: pxor (%rsi),%xmm0 /* xmm0 ^= plaintext block */
981 call aesni_enc1 /* xmm0 := auth'; trash rax,rcx,xmm8 */
984 movdqu %xmm0,(%rdx) /* store auth' */
1004 movdqu (%r8),%xmm0 /* xmm0 := auth */
1013 pxor %xmm3,%xmm0 /* xmm0 := auth ^ ptxt */
1021 movdqu %xmm0,(%r8) /* store updated auth */
1048 movdqa %xmm2,%xmm0 /* xmm0 := ctr (le) */
1050 pshufb %xmm4,%xmm0 /* xmm0 := ctr (be) */
1052 call aesni_enc1 /* xmm0 := pad; trash rax/rcx/xmm8 */
1065 movdqa %xmm2,%xmm0 /* xmm0 := ctr (le) */
1067 pshufb %xmm4,%xmm0 /* xmm0 := ctr (be) */
1069 call aesni_enc2 /* xmm0 := pad, xmm1 := auth';
1071 2: pxor %xmm0,%xmm3 /* xmm3 := ptxt */
1079 movdqa %xmm1,%xmm0 /* xmm0 := auth ^ ptxt */
1081 call aesni_enc1 /* xmm0 := auth' */
1083 movdqu %xmm0,(%r8) /* store updated auth */
1103 * aesni_enc1(const struct aesenc *enckey@rdi, uint128_t block@xmm0,
1106 * Encrypt a single AES block in %xmm0.
1114 pxor (%rdi),%xmm0 /* xor in first round key */
1120 1: aesenc %xmm8,%xmm0
1124 aesenclast %xmm8,%xmm0
1129 * aesni_enc2(const struct aesenc *enckey@rdi, uint128_t block0@xmm0,
1132 * Encrypt two AES blocks in %xmm0 and %xmm1.
1144 pxor %xmm8,%xmm0 /* xor in first round key */
1148 1: aesenc %xmm8,%xmm0
1153 aesenclast %xmm8,%xmm0
1159 * aesni_enc8(const struct aesenc *enckey@rdi, uint128_t block0@xmm0, ...,
1162 * Encrypt eight AES blocks in %xmm0 through %xmm7 in parallel.
1171 pxor %xmm8,%xmm0
1184 1: aesenc %xmm8,%xmm0
1195 aesenclast %xmm8,%xmm0
1207 * aesni_dec1(const struct aesdec *deckey@rdi, uint128_t block@xmm0,
1210 * Decrypt a single AES block in %xmm0.
1218 pxor (%rdi),%xmm0 /* xor in first round key */
1224 1: aesdec %xmm8,%xmm0
1228 aesdeclast %xmm8,%xmm0
1233 * aesni_dec8(const struct aesdec *deckey@rdi, uint128_t block0@xmm0, ...,
1236 * Decrypt eight AES blocks in %xmm0 through %xmm7 in parallel.
1245 pxor %xmm8,%xmm0
1258 1: aesdec %xmm8,%xmm0
1269 aesdeclast %xmm8,%xmm0
Indexes created Sat Oct 25 16:10:12 GMT 2025