doc: Format security advisory titles and headings

Required so that the advisory documents are all valid RST files (with a
header) and that they all integrate into the document tree.

Change-Id: I68ca2b0b9e648e24b460deb772c471a38518da26
Signed-off-by: Paul Beesley <[email protected]>

diff --git a/docs/security_advisories/security-advisory-tfv-1.rst b/docs/security_advisories/security-advisory-tfv-1.rst
index e3d1984b0c2b245d6591dc25f25beeeedc5b759f..9d58d083ce53a4a348e591216e5b0a140b87e061 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-1.rst
+++ b/docs/security_advisories/security-advisory-tfv-1.rst
@@ -1,3 +1,6 @@
+Advisory TFV-1 (CVE-2016-10319)
+===============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Malformed Firmware Update SMC can result in copy of         |
 |                | unexpectedly large data into secure memory                  |

diff --git a/docs/security_advisories/security-advisory-tfv-2.rst b/docs/security_advisories/security-advisory-tfv-2.rst
index db4745854ca499641064ed8396eac3ffb5effa05..0ed2a7fb7ffccc68704bcc841ec50a6918b11aba 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-2.rst
+++ b/docs/security_advisories/security-advisory-tfv-2.rst
@@ -1,3 +1,6 @@
+Advisory TFV-2 (CVE-2017-7564)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Enabled secure self-hosted invasive debug interface can     |
 |                | allow normal world to panic secure world                    |

diff --git a/docs/security_advisories/security-advisory-tfv-3.rst b/docs/security_advisories/security-advisory-tfv-3.rst
index 28e10bff260a5dae503d4727e161e7d246ed6346..f74ef1712322e97d19bd3f420de658c65365a8ae 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-3.rst
+++ b/docs/security_advisories/security-advisory-tfv-3.rst
@@ -1,3 +1,6 @@
+Advisory TFV-3 (CVE-2017-7563)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | RO memory is always executable at AArch64 Secure EL1        |
 +================+=============================================================+

diff --git a/docs/security_advisories/security-advisory-tfv-4.rst b/docs/security_advisories/security-advisory-tfv-4.rst
index 386d0da07313257d52234fec68d96ba72af97dc6..66dd5425825ae66cf2488de403ac9ec8b3c9a1da 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-4.rst
+++ b/docs/security_advisories/security-advisory-tfv-4.rst
@@ -1,3 +1,6 @@
+Advisory TFV-4 (CVE-2017-9607)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Malformed Firmware Update SMC can result in copy or         |
 |                | authentication of unexpected data in secure memory in       |

diff --git a/docs/security_advisories/security-advisory-tfv-5.rst b/docs/security_advisories/security-advisory-tfv-5.rst
index 4479bf027e051e22e117618905bedb2d07743c14..2214f2d501ee400148852ec571a15042dc7de71c 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-5.rst
+++ b/docs/security_advisories/security-advisory-tfv-5.rst
@@ -1,3 +1,6 @@
+Advisory TFV-5 (CVE-2017-15031)
+===============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Not initializing or saving/restoring ``PMCR_EL0`` can leak  |
 |                | secure world timing information                             |

diff --git a/docs/security_advisories/security-advisory-tfv-6.rst b/docs/security_advisories/security-advisory-tfv-6.rst
index 7b556d8e8aa9ea1daa3b950183e0d64225098f5b..f968262c2a4c0d71bc620c7e43025d05b0e4cf08 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-6.rst
+++ b/docs/security_advisories/security-advisory-tfv-6.rst
@@ -1,3 +1,6 @@
+Advisory TFV-6 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
+============================================================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Arm Trusted Firmware exposure to speculative processor      |
 |                | vulnerabilities using cache timing side-channels            |
@@ -28,13 +31,13 @@ these vulnerabilities on Arm systems, please refer to the `Arm Processor
 Security Update`_.
 
 Variant 1 (`CVE-2017-5753`_)
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+----------------------------
 
 At the time of writing, no vulnerable patterns have been observed in upstream TF
 code, therefore no workarounds have been applied or are planned.
 
 Variant 2 (`CVE-2017-5715`_)
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+----------------------------
 
 Where possible on vulnerable CPUs, Arm recommends invalidating the branch
 predictor as early as possible on entry into the secure world, before any branch
@@ -122,7 +125,7 @@ Cortex-A76, Cortex-A53, Cortex-A55, Cortex-A32, Cortex-A7 and Cortex-A5.
 For more information about non-Arm CPUs, please contact the CPU vendor.
 
 Variant 3 (`CVE-2017-5754`_)
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+----------------------------
 
 This variant is only exploitable between Exception Levels within the same
 translation regime, for example between EL0 and EL1, therefore this variant

diff --git a/docs/security_advisories/security-advisory-tfv-7.rst b/docs/security_advisories/security-advisory-tfv-7.rst
index 572268aae40d9185552b49cfb9fe3d19bba63de7..8e06762c7470694cc9ce909b035d5ffca3186ac2 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-7.rst
+++ b/docs/security_advisories/security-advisory-tfv-7.rst
@@ -1,3 +1,6 @@
+Advisory TFV-7 (CVE-2018-3639)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Trusted Firmware-A exposure to cache speculation            |
 |                | vulnerability Variant 4                                     |
@@ -46,7 +49,7 @@ for platforms that are unaffected or where the risk is deemed low enough.
 Arm CPUs not mentioned below are unaffected.
 
 Static mitigation
-~~~~~~~~~~~~~~~~~
+-----------------
 
 For affected CPUs, this approach enables the mitigation during EL3
 initialization, following every PE reset. No mechanism is provided to disable
@@ -67,7 +70,7 @@ TF-A implements this approach for the following affected CPUs:
   (``S3_0_C15_C1_0``).
 
 Dynamic mitigation
-~~~~~~~~~~~~~~~~~~
+------------------
 
 For affected CPUs, this approach also enables the mitigation during EL3
 initialization, following every PE reset. In addition, this approach implements

diff --git a/docs/security_advisories/security-advisory-tfv-8.rst b/docs/security_advisories/security-advisory-tfv-8.rst
index eacdc7bcd1a198675c51ff51f9239ff996ac8497..5a5ef7cb10b482296c6f8aadc5f7345fe5f4ff39 100644 (file)
--- a/docs/security_advisories/security-advisory-tfv-8.rst
+++ b/docs/security_advisories/security-advisory-tfv-8.rst
@@ -1,3 +1,6 @@
+Advisory TFV-8 (CVE-2018-19440)
+===============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Not saving x0 to x3 registers can leak information from one |
 |                | Normal World SMC client to another                          |