commit bcc3dd35135b5f41ad2819a20141dd655de677ce
author Douglas Raillard <douglas.raillard@arm.com> Fri Feb 03 18:01:51 2017 +0000
committer Douglas Raillard <douglas.raillard@arm.com> Thu Feb 23 16:04:51 2017 +0000
tree a3cb7ba0d61161ea96811f3d54bf574c75122ea5
parent e53da30cc928ec1ac095cf055d49b2af8e1f6ddc

Fix TSPD implementation of STD SMC ABORT

ABORT SMC used to return to the previously executing world, which
happened to be S-EL1 as it calls a TSP handler using synchronous entry
into the TSP.

Now properly save and restore the non-secure context (including system
registers) and return to non-secure world as it should.

fixes ARM-Software/tf-issues#453

Change-Id: Ie40c79ca2636ab8b6b2ab3106e8f49e0f9117f5f
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>

services/spd/tspd/tspd_main.c

diff --git a/services/spd/tspd/tspd_main.c b/services/spd/tspd/tspd_main.c
index 2850e70..ff515cc 100644
--- a/services/spd/tspd/tspd_main.c
+++ b/services/spd/tspd/tspd_main.c
@@ -612,15 +612,26 @@
 			break;
 		}
 
+		assert(handle == cm_get_context(NON_SECURE));
+		cm_el1_sysregs_context_save(NON_SECURE);
+
 		/* Abort the preempted SMC request */
-		if (!tspd_abort_preempted_smc(tsp_ctx))
+		if (!tspd_abort_preempted_smc(tsp_ctx)) {
 			/*
 			 * If there was no preempted SMC to abort, return
 			 * SMC_UNK.
+			 *
+			 * Restoring the NON_SECURE context is not necessary as
+			 * the synchronous entry did not take place if the
+			 * return code of tspd_abort_preempted_smc is zero.
 			 */
-			SMC_RET1(handle, SMC_UNK);
+			cm_set_next_eret_context(NON_SECURE);
+			break;
+		}
 
-		break;
+		cm_el1_sysregs_context_restore(NON_SECURE);
+		cm_set_next_eret_context(NON_SECURE);
+		SMC_RET0(handle);
 
 		/*
 		 * Request from non secure world to resume the preempted