X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/e492db887af6561dd33aa18e3887efaeb219fd16..HEAD:/symm/rijndael-arm64-crypto.S

diff --git a/symm/rijndael-arm64-crypto.S b/symm/rijndael-arm64-crypto.S
index 8739c193..df0bb9d9 100644
--- a/symm/rijndael-arm64-crypto.S
+++ b/symm/rijndael-arm64-crypto.S
@@ -25,19 +25,21 @@
 /// MA 02111-1307, USA.
 
 ///--------------------------------------------------------------------------
-/// External definitions.
+/// Preliminaries.
 
 #include "config.h"
 #include "asm-common.h"
 
+	.arch	armv8-a+crypto
+
 	.extern	F(abort)
 	.extern	F(rijndael_rcon)
 
+	.text
+
 ///--------------------------------------------------------------------------
 /// Main code.
 
-	.arch	armv8-a+crypto
-
 /// The ARM crypto extension implements a little-endian version of AES
 /// (though the manual doesn't actually spell this out and you have to
 /// experiment), but Catacomb's internal interface presents as big-endian so
@@ -108,7 +110,7 @@ FUNC(rijndael_setup_arm64_crypto)
 	// the byte substitution.
 	dup	v0.4s, w14
 	aese	v0.16b, v1.16b		// effectively, just SubBytes
-	mov	w14, v0.4s[0]
+	mov	w14, v0.s[0]
 	b	2f
 
 	// First word of the cycle.  Byte substitution, rotation, and round
@@ -116,7 +118,7 @@ FUNC(rijndael_setup_arm64_crypto)
 1:	ldrb	w13, [x5], #1		// next round constant
 	dup	v0.4s, w14
 	aese	v0.16b, v1.16b		// effectively, just SubBytes
-	mov	w14, v0.4s[0]
+	mov	w14, v0.s[0]
 	eor	w14, w13, w14, ror #8
 
 	// Common ending: mix in the word from the previous cycle and store.
@@ -129,7 +131,7 @@ FUNC(rijndael_setup_arm64_crypto)
 	sub	x6, x6, #1
 	cmp	x8, x3
 	cbz	x6, 9f
-	csel	x8, x8, xzr, cc
+	cmov.cs	x8, xzr
 	b	0b
 
 	// Next job is to construct the decryption keys.  The keys for the