• Douglas Raillard's avatar
    Abort preempted TSP STD SMC after PSCI CPU suspend · 3df6012a
    Douglas Raillard authored
    
    
    Standard SMC requests that are handled in the secure-world by the Secure
    Payload can be preempted by interrupts that must be handled in the
    normal world. When the TSP is preempted the secure context is stored and
    control is passed to the normal world to handle the non-secure
    interrupt. Once completed the preempted secure context is restored. When
    restoring the preempted context, the dispatcher assumes that the TSP
    preempted context is still stored as the SECURE context by the context
    management library.
    
    However, PSCI power management operations causes synchronous entry into
    TSP. This overwrites the preempted SECURE context in the context
    management library. When restoring back the SECURE context, the Secure
    Payload crashes because this context is not the preempted context
    anymore.
    
    This patch avoids corruption of the preempted SECURE context by aborting
    any preempted SMC during PSCI power management calls. The
    abort_std_smc_entry hook of the TSP is called when aborting the SMC
    request.
    
    It also exposes this feature as a FAST SMC callable from normal world to
    abort preempted SMC with FID TSP_FID_ABORT.
    
    Change-Id: I7a70347e9293f47d87b5de20484b4ffefb56b770
    Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
    3df6012a
tspd_main.c 21.7 KB