From ac8445852e39bf470cef7d5b261fb83dbea0f4c7 Mon Sep 17 00:00:00 2001
From: Jose Marinho <jose.marinho@arm.com>
Date: Mon, 10 May 2021 13:58:50 +0100
Subject: [PATCH] Fixes during 10/05/2021 call
---
source/chapter1-about.rst | 56 -----------------------------------
source/chapter2-uefi.rst | 4 +--
source/conventions.rst | 62 +++++++++++++++++++++++++++++++++++++++
source/index.rst | 2 ++
source/references.rst | 4 ---
5 files changed, 66 insertions(+), 62 deletions(-)
create mode 100644 source/conventions.rst
diff --git a/source/chapter1-about.rst b/source/chapter1-about.rst
index 0eb050e..aaa0d5c 100644
--- a/source/chapter1-about.rst
+++ b/source/chapter1-about.rst
@@ -113,59 +113,3 @@ secondary partition.
.. image:: images/rollback_protection_simple.png
:width: 200px
:align: center
-
-Conventions Used in this Document
-=================================
-
-The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
-"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
-interpreted as described in :rfc:`2119`.
-
-Terms and abbreviations
-=======================
-
-This document uses the following terms and abbreviations.
-
-.. glossary::
-
- UEFI
- Unified Extensible Firmware Interface.
-
- Anti-brickable
- A system is said to be a brick if it cannot boot for a firmware behavior issue
- and no firmware update is possible. Anti-Brickable protection is a set of measures
- to protect against this risk for any firmware component.
-
- Boot firmware
- Firmware that brings up operating system
-
- EBBR
- Embedded Base Boot Requirements
-
- Boot Loader stage 1 (BL1)
- AP Trusted ROM
-
- Boot Loader stage 2 (BL2)
- Trusted Boot Firmware
-
- Boot Loader stage 3-1 (BL31)
- EL3 Runtime Firmware
-
- Boot Loader stage 3-2 (BL32)
- Secure-EL1 Payload (optional)
-
- Boot Loader stage 3-3 (BL33)
- Non-trusted Firmware
-
- SCP Firmware
- System Control Processor firmware
-
- PSGB
- Platform Security Boot Guide
-
- Trusted Substrate
- Set of firmwares that control security and trust aspects of a platform.
- For instance device identity management firmware.
-
- FFA
- Arm Firmware Framework for Armv-8A
diff --git a/source/chapter2-uefi.rst b/source/chapter2-uefi.rst
index 4edb6d5..420631f 100644
--- a/source/chapter2-uefi.rst
+++ b/source/chapter2-uefi.rst
@@ -101,7 +101,7 @@ The OS must accept each image, that has an acceptance pending, by using a capsul
Update permission verification
------------------------------
-The FW management guidelines in [NIST_800_193]_ spacify that the system should check:
+The FW management guidelines in [NIST_800_193]_ specify that the system should check:
#. FW image authenticity.
#. FW update procedure authorization.
@@ -114,7 +114,7 @@ Capsule authorization
^^^^^^^^^^^^^^^^^^^^^
The OS can expose the UpdateCapsule interface to any non-priveliged system user.
-The FW updates initiator or the FW update package creator should
+The FW updates initiator or the FW update package creator should
be an authorized user [NIST_800_193]_.
The capsule or the FW images contained in the capsule should be signed by a platform owner key.
diff --git a/source/conventions.rst b/source/conventions.rst
new file mode 100644
index 0000000..633d6da
--- /dev/null
+++ b/source/conventions.rst
@@ -0,0 +1,62 @@
+
+***********
+Conventions
+***********
+
+Conventions Used in this Document
+=================================
+
+The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
+"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
+interpreted as described in :rfc:`2119`.
+
+Terms and abbreviations
+=======================
+
+This document uses the following terms and abbreviations.
+
+.. glossary::
+
+ UEFI
+ Unified Extensible Firmware Interface.
+
+ Anti-brickable
+ A system is said to be a brick if it cannot boot for a firmware behavior issue
+ and no firmware update is possible. Anti-Brickable protection is a set of measures
+ to protect against this risk for any firmware component.
+
+ Boot firmware
+ Firmware that brings up operating system
+
+ EBBR
+ Embedded Base Boot Requirements
+
+ Boot Loader stage 1 (BL1)
+ AP Trusted ROM
+
+ Boot Loader stage 2 (BL2)
+ Trusted Boot Firmware
+
+ Boot Loader stage 3-1 (BL31)
+ EL3 Runtime Firmware
+
+ Boot Loader stage 3-2 (BL32)
+ Secure-EL1 Payload (optional)
+
+ Boot Loader stage 3-3 (BL33)
+ Non-trusted Firmware
+
+ SCP Firmware
+ System Control Processor firmware
+
+ PSGB
+ Platform Security Boot Guide
+
+ Trusted Substrate
+ Set of firmwares that control security and trust aspects of a platform.
+ For instance device identity management firmware.
+
+ FFA
+ Arm Firmware Framework for Armv-8A
+
+
diff --git a/source/index.rst b/source/index.rst
index 03b0d1f..670071e 100644
--- a/source/index.rst
+++ b/source/index.rst
@@ -18,10 +18,12 @@ Creative Commons, PO Box 1866, Mountain View, CA 94042, USA.
:alt: Creative Commons License
:align: right
+
.. toctree::
:numbered:
chapter1-about
chapter2-uefi
chapter3-fwupdate
+ conventions
references
diff --git a/source/references.rst b/source/references.rst
index f45eec7..a4b6772 100644
--- a/source/references.rst
+++ b/source/references.rst
@@ -1,9 +1,5 @@
.. SPDX-License-Identifier: CC-BY-SA-4.0
-**********
-References
-**********
-
.. [UEFI] `Unified Extensable Firmware Interface Specification v2.9
<https://uefi.org/sites/default/files/resources/UEFI_Spec_2_9_2021_03_18.pdf>`_,
February 2020, `UEFI Forum <http://www.uefi.org>`_
--
GitLab