Exception Return, with pointer authentication. This instruction authenticates the address in ELR, using SP as the modifier and the specified key, the PE restores PSTATE from the SPSR for the current Exception level, and branches to the authenticated address.
Key A is used for ERETAA, and key B is used for ERETAB.
If the authentication passes, the PE continues execution at the target of the branch. If the authentication fails, a Translation fault is generated.
The authenticated address is not written back to ELR.
The PE checks the SPSR for the current Exception level for an illegal return event. See Illegal return events from AArch64 state.
ERETAA and ERETAB are undefined at EL0.
| 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
| 1 | 1 | 0 | 1 | 0 | 1 | 1 | 0 | 1 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 | 1 | M | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
| A | Rn | op4 | |||||||||||||||||||||||||||||
if PSTATE.EL == EL0 then UNDEFINED; boolean pac = (A == '1'); boolean use_key_a = (M == '0'); if !pac && op4 != '00000' then UNDEFINED; elsif pac && (!HavePACExt() || op4 != '11111') then UNDEFINED; if Rn != '11111' then UNDEFINED;
AArch64.CheckForERetTrap(pac, use_key_a); bits(64) target = ELR[]; boolean auth_then_branch = TRUE; if pac then if use_key_a then target = AuthIA(ELR[], SP[], auth_then_branch); else target = AuthIB(ELR[], SP[], auth_then_branch); AArch64.ExceptionReturn(target, SPSR[]);
Internal version only: isa v33.11seprel, AdvSIMD v29.05, pseudocode v2021-09_rel, sve v2021-09_rc3d ; Build timestamp: 2021-10-06T11:41
Copyright © 2010-2021 Arm Limited or its affiliates. All rights reserved. This document is Non-Confidential.