From 23b9cf2215b990314291edcad8c539cae6bfff54 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Tue, 13 Jan 2015 10:01:04 +0100
Subject: [PATCH] Use explicit .byte sequences when assembling aes
 instructions.

---
 ChangeLog                             |  4 ++++
 x86_64/aesni/aes-decrypt-internal.asm | 10 +++++++---
 x86_64/aesni/aes-encrypt-internal.asm | 10 +++++++---
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 8c706595..524fa2bc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2015-01-13  Niels Möller  <nisse@lysator.liu.se>
 
+	* x86_64/aesni/aes-encrypt-internal.asm: Use explicit .byte
+	sequences for aes instructions, don't rely on assembler support.
+	* x86_64/aesni/aes-decrypt-internal.asm: Likewise.
+
 	* aclocal.m4 (NETTLE_CHECK_IFUNC): New macro, checking for ifunc
 	and settting HAVE_LINK_IFUNC if working.
 	* configure.ac: Use it.
diff --git a/x86_64/aesni/aes-decrypt-internal.asm b/x86_64/aesni/aes-decrypt-internal.asm
index 1dfbcb4c..412e8d31 100644
--- a/x86_64/aesni/aes-decrypt-internal.asm
+++ b/x86_64/aesni/aes-decrypt-internal.asm
@@ -44,7 +44,11 @@ define(<CNT>, <%rdx>)
 C Subkey pointer
 define(<KEY>, <%rax>)
 
-	.arch bdver2
+dnl aesdec %xmm1, %xmm0
+define(<AESDEC>, <.byte 0x66, 0x0f, 0x38, 0xde, 0xc1>)
+dnl aesdeclast %xmm1, %xmm0
+define(<AESDECLAST>, <.byte 0x66, 0x0f, 0x38, 0xdf, 0xc1>)
+
 	.file "aes-decrypt-internal.asm"
 
 	C _aes_decrypt(unsigned rounds, const uint32_t *keys,
@@ -77,12 +81,12 @@ PROLOGUE(_nettle_aes_decrypt)
 	add	$16, KEY
 
 	movups	(KEY), %xmm1
-	aesdec	%xmm1, %xmm0
+	AESDEC	C %xmm1, %xmm0
 	decl	XREG(CNT)
 	jnz	.Lround_loop
 
 	movups	16(KEY), %xmm1
-	aesdeclast	%xmm1, %xmm0
+	AESDECLAST	C %xmm1, %xmm0
 
 	movups	%xmm0, (DST)
 	add	$16, SRC
diff --git a/x86_64/aesni/aes-encrypt-internal.asm b/x86_64/aesni/aes-encrypt-internal.asm
index ee925fe5..07f17b25 100644
--- a/x86_64/aesni/aes-encrypt-internal.asm
+++ b/x86_64/aesni/aes-encrypt-internal.asm
@@ -44,7 +44,11 @@ define(<CNT>, <%rdx>)
 C Subkey pointer
 define(<KEY>, <%rax>)
 
-	.arch bdver2
+dnl aesenc %xmm1, %xmm0
+define(<AESENC>, <.byte 0x66, 0x0f, 0x38, 0xdc, 0xc1>)
+dnl aesenclast %xmm1, %xmm0
+define(<AESENCLAST>, <.byte 0x66, 0x0f, 0x38, 0xdd, 0xc1>)
+	
 	.file "aes-encrypt-internal.asm"
 
 	C _aes_encrypt(unsigned rounds, const uint32_t *keys,
@@ -77,12 +81,12 @@ PROLOGUE(_nettle_aes_encrypt)
 	add	$16, KEY
 
 	movups	(KEY), %xmm1
-	aesenc	%xmm1, %xmm0
+	AESENC	C %xmm1, %xmm0
 	decl	XREG(CNT)
 	jnz	.Lround_loop
 
 	movups	16(KEY), %xmm1
-	aesenclast	%xmm1, %xmm0
+	AESENCLAST	C %xmm1, %xmm0
 
 	movups	%xmm0, (DST)
 	add	$16, SRC
-- 
GitLab