(old) | htmldiff from- | (new) |
Return from subroutine, with pointer authentication. This instruction authenticates the address that is held in LR, using SP as the modifier and the specified key, branches to the authenticated address, with a hint that this instruction is a subroutine return.
Key A is used for RETAA, and key B is used for RETAB.
If the authentication passes, the PE continues execution at the target of the branch. If the authentication fails, a Translation fault is generated.
The authenticated address is not written back to LR.
31 | 30 | 29 | 28 | 27 | 26 | 25 | 24 | 23 | 22 | 21 | 20 | 19 | 18 | 17 | 16 | 15 | 14 | 13 | 12 | 11 | 10 | 9 | 8 | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 |
1 | 1 | 0 | 1 | 0 | 1 | 1 | 0 | 0 | 1 | 0 | 1 | 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 | 1 | M | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
Z | op | A | Rn | Rm |
integer n = UInt(Rn);
BranchType branch_type;
integer m = UInt(Rm);
boolean pac = (A == '1');
boolean use_key_a = (M == '0');
boolean source_is_sp = ((Z == '1') && (m == 31));
if !pac && m != 0 then
UNDEFINED;
elsif pac && !if !pac && m != 0 thenUnallocatedEncoding();
elsif pac && !HavePACExt() then
UNDEFINED;
case op of
when '00' branch_type =() then BranchType_INDIRUnallocatedEncoding;
when '01' branch_type =();
case op of
when '00' branch_type = BranchType_INDCALLBranchType_JMP;
when '10' branch_type = when '01' branch_type = BranchType_CALL;
when '10' branch_type = BranchType_RET;
otherwise UNDEFINED;
if pac then
if Z == '0' && m != 31 then
UNDEFINED;
if branch_type == otherwise UnallocatedEncoding();
if pac then
if Z == '0' && m != 31 then
UnallocatedEncoding();
if branch_type == BranchType_RET then
if n !=31 then UnallocatedEncoding then
if n != 31 then UNDEFINED;
();
n = 30;
source_is_sp = TRUE;
bits(64) target = X[n];
case branch_type of
whenif pac then
bits(64) modifier = if source_is_sp then BranchType_INDIR
if InGuardedPage then
if n == 16 || n == 17 then
BTypeNext = '01';
else
BTypeNext = '11';
else
BTypeNext = '01';
when BranchType_INDCALL
BTypeNext = '10';
when BranchType_RET
BTypeNext = '00';
if pac then
bits(64) modifier = if source_is_sp then SP[] else X[m];
if use_key_a then
target = AuthIA(target, modifier);
else
target = AuthIB(target, modifier);
if branch_type == BranchType_INDCALLBranchType_CALL then X[30] = PC[] + 4;
BranchTo(target, branch_type);
Internal version only: isa v30.25v29.05, AdvSIMD v27.01v26.0, pseudocode v85-xml-00bet8_rc3v35.3
; Build timestamp: 2018-09-13T132018-06-16T09:0445
Copyright © 2010-2018 ARM Limited or its affiliates. All rights reserved. This document is Non-Confidential.
(old) | htmldiff from- | (new) |