boringssl/crypto/fipsmodule/bn/asm
David Benjamin 02514002fd Use dec/jnz instead of loop in bn_add_words and bn_sub_words.
Imported from upstream's a78324d95bd4568ce2c3b34bfa1d6f14cddf92ef. I
think the "regression" part of that change is some tweak to BN_usub and
I guess the bn_*_words was to compensate for it, but we may as well
import it. Apparently the loop instruction is terrible.

Before:
Did 39871000 bn_add_words operations in 1000002us (39870920.3 ops/sec)
Did 38621750 bn_sub_words operations in 1000001us (38621711.4 ops/sec)

After:
Did 64012000 bn_add_words operations in 1000007us (64011551.9 ops/sec)
Did 81792250 bn_sub_words operations in 1000002us (81792086.4 ops/sec)

loop sets no flags (even doing the comparison to zero without ZF) while
dec sets all flags but CF, so Andres and I are assuming that because
this prevents Intel from microcoding it to dec/jnz, they otherwise can't
be bothered to add more circuitry since every compiler has internalized
by now to never use loop.

Change-Id: I3927cd1c7b707841bbe9963e3d4afd7ba9bd9b36
Reviewed-on: https://boringssl-review.googlesource.com/23344
Reviewed-by: Adam Langley <agl@google.com>
2017-11-22 21:56:05 +00:00
..
armv4-mont.pl Revert assembly changes in "Hide CPU capability symbols in C." 2017-10-30 20:39:57 +00:00
armv8-mont.pl
bn-586.pl
co-586.pl
rsaz-avx2.pl
x86_64-gcc.c Use dec/jnz instead of loop in bn_add_words and bn_sub_words. 2017-11-22 21:56:05 +00:00
x86_64-mont5.pl bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal. 2017-11-02 17:07:57 +00:00
x86_64-mont.pl
x86-mont.pl