pvmfw: Zero all scratch memory before guest runs

Zero any memory that could still hold secrets before executing the guest
OS, to reduce as much as possible the risk of leaking them.

Note that this only covers memory that can't be zeroed from high-level
compiled code (i.e. the .bss and .data sections and stack regions) and
doesn't zero the received configuration data, which contains the
BccHandover holding the secret CDIs as that is (and must still be)
zeroed from Rust.

Furthermore, no other region is flushed so data such as the DT or BCC
that must be made available to the guest OS (even if it doesn't
immediately re-enable the MMU) should still be flushed from Rust.

Remove unnecessary ISB in jump_to_payload().

Bug: 270684188
Test: atest MicrodroidHostTests
Change-Id: I8e923a468d1826c00ce1d0b07e1a91f5d2909f99
diff --git a/pvmfw/src/main.rs b/pvmfw/src/main.rs
index 1c22861..96b707e 100644
--- a/pvmfw/src/main.rs
+++ b/pvmfw/src/main.rs
@@ -38,6 +38,7 @@
 
 use alloc::boxed::Box;
 use alloc::string::ToString;
+use core::ops::Range;
 
 use crate::dice::PartialInputs;
 use crate::entry::RebootReason;
@@ -80,7 +81,7 @@
     current_bcc_handover: &[u8],
     debug_policy: Option<&mut [u8]>,
     memory: &mut MemoryTracker,
-) -> Result<(), RebootReason> {
+) -> Result<Range<usize>, RebootReason> {
     info!("pVM firmware");
     debug!("FDT: {:?}", fdt.as_ptr());
     debug!("Signed kernel: {:?} ({:#x} bytes)", signed_kernel.as_ptr(), signed_kernel.len());
@@ -156,7 +157,13 @@
         })?;
 
     info!("Starting payload...");
-    Ok(())
+
+    let bcc_range = {
+        let r = next_bcc.as_ptr_range();
+        (r.start as usize)..(r.end as usize)
+    };
+
+    Ok(bcc_range)
 }
 
 /// Logs the given PCI error and returns the appropriate `RebootReason`.