aarch64: Verify alignment of load base address

According to https://www.kernel.org/doc/Documentation/arm64/booting.txt:

"The Image must be placed text_offset bytes from a 2MB aligned base
address anywhere in usable system RAM and called there."

For the aarch64 case, the kernel_offset parameter allows a VMM to
specify the desired base address at which to load the image in
guest memory, while text_offset is contained in the Image header.

Ensure that the base address requested by the VMM meets the 2 MB
alignment requirement.

Related to #12

Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com>

Author: aljimenezb

coverage_config_aarch64.json

@@ -1,5 +1,5 @@
 {
-  "coverage_score": 80.8,
+  "coverage_score": 80.7,
   "exclude_path": "",
   "crate_features": "pe"
 }

src/loader/aarch64/pe/mod.rs

@@ -1,3 +1,4 @@
+// Copyright © 2020, Oracle and/or its affiliates.
 // Copyright (c) 2019 Intel Corporation. All rights reserved.
 // Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 //
@@ -48,6 +49,8 @@ pub enum Error {
     InvalidImage,
     /// Invalid Image magic number.
     InvalidImageMagicNumber,
+    /// Invalid base address alignment
+    InvalidBaseAddrAlignment,
 }
 
 impl error::Error for Error {
@@ -63,6 +66,7 @@ impl error::Error for Error {
             Error::InvalidImageMagicNumber => "Invalid Image magic number",
             Error::DtbTooBig => "Device tree image too big",
             Error::ReadKernelImage => "Unable to read kernel image",
+            Error::InvalidBaseAddrAlignment => "Base address not aligned to 2 MB",
         }
     }
 }
@@ -96,7 +100,7 @@ impl KernelLoader for PE {
     /// # Arguments
     ///
     /// * `guest_mem` - The guest memory where the kernel image is loaded.
-    /// * `kernel_offset` - 2MB-aligned base addres in guest memory at at which to load the kernel.
+    /// * `kernel_offset` - 2MB-aligned base addres in guest memory at which to load the kernel.
     /// * `kernel_image` - Input Image format kernel image.
     /// * `highmem_start_address` - ignored on ARM64.
     ///
@@ -135,6 +139,14 @@ impl KernelLoader for PE {
             text_offset = 0x80000;
         }
 
+        // Validate that kernel_offset is 2 MB aligned, as required by the
+        // arm64 boot protocol
+        if let Some(kernel_offset) = kernel_offset {
+            if kernel_offset.raw_value() % 0x0020_0000 != 0 {
+                return Err(Error::InvalidBaseAddrAlignment.into());
+            }
+        }
+
         let mem_offset = kernel_offset
             .unwrap_or(GuestAddress(0))
             .checked_add(text_offset)
@@ -218,6 +230,14 @@ mod tests {
         assert_eq!(loader_result.kernel_load.raw_value(), 0x280000);
         assert_eq!(loader_result.kernel_end, 0x281000);
 
+        // Attempt to load the kernel at an address that is not aligned to 2MB boundary
+        let kernel_offset = GuestAddress(0x0030_0000);
+        let loader_result = PE::load(&gm, Some(kernel_offset), &mut Cursor::new(&image), None);
+        assert_eq!(
+            loader_result,
+            Err(KernelLoaderError::Pe(Error::InvalidBaseAddrAlignment))
+        );
+
         image[0x39] = 0x0;
         let loader_result = PE::load(&gm, Some(kernel_addr), &mut Cursor::new(&image), None);
         assert_eq!(