From: Denis Vlasenko <vda@port.imtp.ilyichevsk.odessa.ua>

Switches sha512 to asm-optimized 64bit rotation.  Reduces sha512 code size
by ~300 insns, ~1K:

# size sha512.o.old sha512.o
   text    data     bss     dec     hex filename
   6642     364       0    7006    1b5e sha512.o.old
   5587     364       0    5951    173f sha512.o

Run-tested with tcrypt module.

I also looked into optimizing cast[56] and sha256 by replacing their 32bit
rotation functions/macros, but it had no measurable effect on i386.  gcc
seems to be on par with asm there.

Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/crypto/sha512.c |   13 ++++---------
 1 files changed, 4 insertions(+), 9 deletions(-)

diff -puN crypto/sha512.c~sha512-use-asm-optimized-bit-rotation crypto/sha512.c
--- 25/crypto/sha512.c~sha512-use-asm-optimized-bit-rotation	2004-10-03 16:33:29.703029872 -0700
+++ 25-akpm/crypto/sha512.c	2004-10-03 16:33:29.708029112 -0700
@@ -43,11 +43,6 @@ static inline u64 Maj(u64 x, u64 y, u64 
         return (x & y) | (z & (x | y));
 }
 
-static inline u64 RORu64(u64 x, u64 y)
-{
-        return (x >> y) | (x << (64 - y));
-}
-
 const u64 sha512_K[80] = {
         0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
         0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
@@ -78,10 +73,10 @@ const u64 sha512_K[80] = {
         0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL,
 };
 
-#define e0(x)       (RORu64(x,28) ^ RORu64(x,34) ^ RORu64(x,39))
-#define e1(x)       (RORu64(x,14) ^ RORu64(x,18) ^ RORu64(x,41))
-#define s0(x)       (RORu64(x, 1) ^ RORu64(x, 8) ^ (x >> 7))
-#define s1(x)       (RORu64(x,19) ^ RORu64(x,61) ^ (x >> 6))
+#define e0(x)       (ror64(x,28) ^ ror64(x,34) ^ ror64(x,39))
+#define e1(x)       (ror64(x,14) ^ ror64(x,18) ^ ror64(x,41))
+#define s0(x)       (ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7))
+#define s1(x)       (ror64(x,19) ^ ror64(x,61) ^ (x >> 6))
 
 /* H* initial state for SHA-512 */
 #define H0         0x6a09e667f3bcc908ULL
_