ERETAA, ERETAB
Exception return, with pointer authentication
This instruction authenticates the address in ELR, using SP as the
modifier and the specified key, restores
PSTATE from the SPSR for the current
Exception level, and branches to the authenticated address.
Key A is used for ERETAA.
Key B is used for ERETAB.
If the authentication passes, the PE continues execution at the
target of the branch.
For information on behavior if the authentication fails, see
Faulting on pointer authentication.
The authenticated address is not written back to ELR.
The SPSR is checked for the current Exception level for an illegal return event.
See Illegal return events from AArch64 state.
ERETAA and ERETAB are UNDEFINED at EL0.
1
1
0
1
0
1
1
0
1
0
0
1
1
1
1
1
0
0
0
0
1
1
1
1
1
1
1
1
1
1
1
0
ERETAA
1
ERETAB
if !IsFeatureImplemented(FEAT_PAuth) then UNDEFINED;
constant boolean pac = TRUE;
constant boolean use_key_a = (M == '0');
constant boolean auth_then_branch = TRUE;
if PSTATE.EL == EL0 then UNDEFINED;
AArch64.CheckForERetTrap(pac, use_key_a);
bits(64) target = ELR_ELx[];
constant bits(64) modifier = SP[];
if use_key_a then
target = AuthIA(target, modifier, auth_then_branch);
else
target = AuthIB(target, modifier, auth_then_branch);
AArch64.ExceptionReturn(target, SPSR_ELx[]);