Exception Return, with pointer authentication. This instruction authenticates the address in ELR, using SP as the modifier and the specified key, the PE restores PSTATE from the SPSR for the current Exception level, and branches to the authenticated address.
Key A is used for ERETAA. Key B is used for ERETAB.
If the authentication passes, the PE continues execution at the target of the branch. For information on behavior if the authentication fails, see Faulting on pointer authentication.
The authenticated address is not written back to ELR.
The PE checks the SPSR for the current Exception level for an illegal return event. See Illegal return events from AArch64 state.
ERETAA and ERETAB are UNDEFINED at EL0.
| 31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
| 1 | 1 | 0 | 1 | 0 | 1 | 1 | 0 | 1 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 | 1 | M | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
| opc | op2 | A | Rn | op4 | |||||||||||||||||||||||||||
boolean use_key_a = (M == '0'); if !IsFeatureImplemented(FEAT_PAuth) then UNDEFINED;
if PSTATE.EL == EL0 then UNDEFINED; AArch64.CheckForERetTrap(TRUE, use_key_a); bits(64) target = ELR_ELx[]; bits(64) modifier = SP[]; if use_key_a then target = AuthIA(target, modifier, TRUE); else target = AuthIB(target, modifier, TRUE); AArch64.ExceptionReturn(target, SPSR_ELx[]);
Internal version only: aarchmrs v2023-12_rel, pseudocode v2023-12_rel, sve v2023-12_rel ; Build timestamp: 2023-12-15T16:46
Copyright © 2010-2023 Arm Limited or its affiliates. All rights reserved. This document is Non-Confidential.