This question was raised in the 'How to implement a secure IoT system on ARMv8-M' webinar, view all the questions in the round up blog post.
There are separate stacks for the secure and non-secure code. These register values will be pushed onto the secure stack so they won't be exposed to the non-secure code.