pvmfw: Zeroize BCC before jumping to payload

As the BCC contains secrets used by pvmfw, zeroize it (and flush to PoU)
to ensure that we don't leak those secrets to the payload.

Bug: 256827715
Test: Read BCC from payload
Change-Id: I38a4296e51c18936b9d42da8e76517fc99a2b98f

pvmfw/Android.bp

@@ -21,6 +21,7 @@ rust_ffi_static {
         "libpvmfw_embedded_key",
         "libtinyvec_nostd",
         "libvmbase",
+        "libzeroize_nostd",
     ],
     apex_available: ["com.android.virt"],
 }

pvmfw/src/entry.rs

@@ -247,7 +247,7 @@ fn main_wrapper(fdt: usize, payload: usize, payload_size: usize) -> Result<(), R
     // This wrapper allows main() to be blissfully ignorant of platform details.
     crate::main(slices.fdt, slices.kernel, slices.ramdisk, &bcc, &mut memory)?;
 
-    // TODO: Overwrite BCC before jumping to payload to avoid leaking our sealing key.
+    helpers::flushed_zeroize(bcc_slice);
 
     info!("Expecting a bug making MMIO_GUARD_UNMAP return NOT_SUPPORTED on success");
     memory.mmio_unmap_all().map_err(|e| {

pvmfw/src/helpers.rs

@@ -15,6 +15,7 @@
 //! Miscellaneous helper functions.
 
 use core::arch::asm;
+use zeroize::Zeroize;
 
 pub const SIZE_4KB: usize = 4 << 10;
 pub const SIZE_2MB: usize = 2 << 20;
@@ -75,3 +76,10 @@ pub fn flush_region(start: usize, size: usize) {
         unsafe { asm!("dc cvau, {x}", x = in(reg) line) }
     }
 }
+
+#[inline]
+/// Overwrites the slice with zeroes, to the point of unification.
+pub fn flushed_zeroize(reg: &mut [u8]) {
+    reg.zeroize();
+    flush_region(reg.as_ptr() as usize, reg.len())
+}