RETAA, RETAB

Return from subroutine, with pointer authentication. This instruction authenticates the address that is held in LR, using SP as the modifier and the specified key, branches to the authenticated address, with a hint that this instruction is a subroutine return.

Key A is used for RETAA, and key B is used for RETAB.

If the authentication passes, the PE continues execution at the target of the branch. If the authentication fails, a Translation fault is generated.

The authenticated address is not written back to LR.

Integer
(Armv8.3)

313029282726252423222120191817161514131211109876543210
110101100101111100001M1111111111
ZopARnRm

RETAA (M == 0)

RETAA

RETAB (M == 1)

RETAB

boolean use_key_a = (M == '0'); if !HavePACExt() then UNDEFINED;

Operation

bits(64) target = X[30]; bits(64) modifier = SP[]; if use_key_a then target = AuthIA(target, modifier); else target = AuthIB(target, modifier); BranchTo(target, BranchType_RET);


Internal version only: isa v30.41, AdvSIMD v27.08, pseudocode r8p5_00bet2_rc5, sve v8.5-00bet10_rc5 ; Build timestamp: 2019-03-28T07:14

Copyright © 2010-2019 Arm Limited or its affiliates. All rights reserved. This document is Non-Confidential.