pvmfw: Zeroize BCC before jumping to payload As the BCC contains secrets used by pvmfw, zeroize it (and flush to PoU) to ensure that we don't leak those secrets to the payload. Bug: 256827715 Test: Read BCC from payload Change-Id: I38a4296e51c18936b9d42da8e76517fc99a2b98f

commit: 8383c54b3362906f55be3a9f8ccba575e984952e [log] [tgz]
author: Pierre-Clément Tosi <ptosi@google.com> Tue Nov 01 14:07:29 2022 +0000
committer: Pierre-Clément Tosi <ptosi@google.com> Tue Dec 13 16:23:49 2022 +0000
tree: 5d707215ee2aad3f065296c870f2af26c4815a82
parent: 51c68e509148396b6465ac4efdd473c97eaed59d [diff] [blame]
diff --git a/pvmfw/Android.bp b/pvmfw/Android.bp
index b6c115b..356e58f 100644
--- a/pvmfw/Android.bp
+++ b/pvmfw/Android.bp

@@ -21,6 +21,7 @@
         "libpvmfw_embedded_key",
         "libtinyvec_nostd",
         "libvmbase",
+        "libzeroize_nostd",
     ],
     apex_available: ["com.android.virt"],
 }
commit	8383c54b3362906f55be3a9f8ccba575e984952e	[log] [tgz]
author	Pierre-Clément Tosi <ptosi@google.com>	Tue Nov 01 14:07:29 2022 +0000
committer	Pierre-Clément Tosi <ptosi@google.com>	Tue Dec 13 16:23:49 2022 +0000
tree	5d707215ee2aad3f065296c870f2af26c4815a82
parent	51c68e509148396b6465ac4efdd473c97eaed59d [diff] [blame]