Fix register usage comment in ARMv8 Montgomery sqr asm.

In the bn_sqr8x_mont function, a comment describing the accumulation step for the partial product a[1]*a[0] incorrectly referenced the low part ('lo') of the product. The value being added to the temporary register t[2] is actually the high part ('hi') of that multiplication.
Correct the comment from "t[2]+lo(a[1]*a[0])" to "t[2]+hi(a[1]*a[0])".

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29436)

diff --git a/crypto/bn/asm/armv8-mont.pl b/crypto/bn/asm/armv8-mont.pl
index f1692caae70d8ea67bbcff459ec83ca4d6125627..32f2821d3b7ea0c05ea3441a357ce14d8fa6e69b 100755 (executable)
--- a/crypto/bn/asm/armv8-mont.pl
+++ b/crypto/bn/asm/armv8-mont.pl
@@ -780,7 +780,7 @@ __bn_sqr8x_mont:
        umulh   $t2,$a4,$a0
        stp     $acc0,$acc1,[$tp],#8*2  // t[0..1]
        adc     $acc0,xzr,xzr           // t[8]
-       adds    $acc2,$acc2,$t3         // t[2]+lo(a[1]*a[0])
+       adds    $acc2,$acc2,$t3         // t[2]+hi(a[1]*a[0])
        umulh   $t3,$a5,$a0
        adcs    $acc3,$acc3,$t0
        umulh   $t0,$a6,$a0