RETS (pair of capabilities)

Return to sealed capability pair checks the capabilities have the correct properties to be used as a sealed pair, unseals the source Capability registers, branches to an address in the first Capability register and writes the second Capability register to C29, with a hint that this is a return.

integer n = UInt(Cn); integer m = UInt(Cm); BranchType branch_type = BranchType_RET;

Assembler Symbols

<Cn>	Is the capability name of the first source register, encoded in the "Cn" field.

<Cm>	Is the capability name of the second source register, encoded in the "Cm" field.

Operation

CheckCapabilitiesEnabled(); Capability sealed_target = C[n]; Capability sealed_data = C[m]; if !IsInRestricted() && !CapCheckPermissions(sealed_target, CAP_PERM_EXECUTIVE) then sealed_target = CapWithTagClear(sealed_target); Capability target; if CapIsTagSet(sealed_target) && CapIsTagSet(sealed_data) && CapIsSealed(sealed_target) && CapIsSealed(sealed_data) && UInt(CapGetObjectType(sealed_target)) > CAP_MAX_FIXED_SEAL_TYPE && CapGetObjectType(sealed_target) == CapGetObjectType(sealed_data) && CapCheckPermissions(sealed_target, CAP_PERM_BRANCH_SEALED_PAIR) && CapCheckPermissions(sealed_data, CAP_PERM_BRANCH_SEALED_PAIR) && CapCheckPermissions(sealed_target, CAP_PERM_EXECUTE) && !CapCheckPermissions(sealed_data, CAP_PERM_EXECUTE) then target = CapUnseal(sealed_target); C[29] = CapUnseal(sealed_data); else target = CapWithTagClear(sealed_target); C[29] = sealed_data; BranchXToCapability(target, branch_type);

Internal version only: isa v32.13, AdvSIMD v29.04, pseudocode morello-2022-01_rc2, capabilities morello-2022-01_rc2 ; Build timestamp: 2022-01-11T11:23

31	30	29	28	27	26	25	24	23	22	21	20	19	18	17	16	15	14	13	12	11	10	9	8	7	6	5	4	3	2	1	0
1	1	0	0	0	0	1	0	1	1	0	Cm					1	1	0	0	0	1	Cn					0	0	0	0	0
																	opc<1>	opc<0>