diff options
author | David Hu <david.hu@arm.com> | 2021-07-08 20:48:19 +0800 |
---|---|---|
committer | David Hu <david.hu@arm.com> | 2021-07-13 10:16:12 +0200 |
commit | 0e6b44e149c9b8de5990f0d942131699db1f47a7 (patch) | |
tree | 150754921bcda4c91014c5c7a2941a6f0399d028 /docs | |
parent | 802f588b98b22d78cc882c74490d33e89835553a (diff) | |
download | trusted-firmware-m-0e6b44e149c9b8de5990f0d942131699db1f47a7.tar.gz |
Docs: Move design documents into a dedicated folder
Collect all the design documents under a dedicated design_docs folder.
Update the links in other documents.
Change-Id: I2da761a11317144185e960c539f2245d3d46fd2a
Signed-off-by: David Hu <david.hu@arm.com>
Diffstat (limited to 'docs')
-rw-r--r-- | docs/contributing/code_review_guide.rst | 2 | ||||
-rw-r--r-- | docs/integration_guide/os_migration_guide_armv8m.rst | 2 | ||||
-rw-r--r-- | docs/integration_guide/services/tfm_ps_integration_guide.rst | 2 | ||||
-rw-r--r-- | docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst | 2 | ||||
-rw-r--r-- | docs/integration_guide/tfm_integration_guide.rst | 4 | ||||
-rw-r--r-- | docs/releases/1.3.0.rst | 6 | ||||
-rw-r--r-- | docs/security/threat_models/generic_threat_model.rst | 6 | ||||
-rw-r--r-- | docs/technical_references/design_docs/code_sharing.rst (renamed from docs/technical_references/code_sharing.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/dual-cpu/booting_a_dual_core_system.rst (renamed from docs/technical_references/dual-cpu/booting_a_dual_core_system.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/dual-cpu/communication_prototype_between_nspe_and_spe_in_dual_core_systems.rst (renamed from docs/technical_references/dual-cpu/communication_prototype_between_nspe_and_spe_in_dual_core_systems.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/dual-cpu/dual_core_mailbox_arch.png (renamed from docs/technical_references/dual-cpu/dual_core_mailbox_arch.png) | bin | 31782 -> 31782 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/dual-cpu/index.rst (renamed from docs/technical_references/dual-cpu/index.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/dual-cpu/mailbox_design_on_dual_core_system.rst (renamed from docs/technical_references/dual-cpu/mailbox_design_on_dual_core_system.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/dual-cpu/tfm_multi_core_access_check.rst (renamed from docs/technical_references/dual-cpu/tfm_multi_core_access_check.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/enum_implicit_casting.rst (renamed from docs/technical_references/enum_implicit_casting.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/ff_isolation.rst (renamed from docs/technical_references/ff_isolation.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/hardware_abstraction_layer.rst (renamed from docs/technical_references/hardware_abstraction_layer.rst) | 2 | ||||
-rw-r--r-- | docs/technical_references/design_docs/index.rst | 13 | ||||
-rw-r--r-- | docs/technical_references/design_docs/media/hal_structure.png (renamed from docs/technical_references/media/hal_structure.png) | bin | 32736 -> 32736 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/media/symmetric_initial_attest/attest_token_finish.png (renamed from docs/technical_references/media/symmetric_initial_attest/attest_token_finish.png) | bin | 14947 -> 14947 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/media/symmetric_initial_attest/attest_token_start.png (renamed from docs/technical_references/media/symmetric_initial_attest/attest_token_start.png) | bin | 30230 -> 30230 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/media/symmetric_initial_attest/ia_service_flow.png (renamed from docs/technical_references/media/symmetric_initial_attest/ia_service_flow.png) | bin | 50354 -> 50354 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/media/symmetric_initial_attest/iat_decode.png (renamed from docs/technical_references/media/symmetric_initial_attest/iat_decode.png) | bin | 40309 -> 40309 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/media/symmetric_initial_attest/overall_diagram.png (renamed from docs/technical_references/media/symmetric_initial_attest/overall_diagram.png) | bin | 14536 -> 14536 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/media/tfm_crypto_design.png (renamed from docs/technical_references/media/tfm_crypto_design.png) | bin | 32529 -> 32529 bytes | |||
-rw-r--r-- | docs/technical_references/design_docs/profiles/index.rst (renamed from docs/technical_references/profiles/index.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/profiles/tfm_profile_large.rst (renamed from docs/technical_references/profiles/tfm_profile_large.rst) | 8 | ||||
-rw-r--r-- | docs/technical_references/design_docs/profiles/tfm_profile_medium.rst (renamed from docs/technical_references/profiles/tfm_profile_medium.rst) | 4 | ||||
-rw-r--r-- | docs/technical_references/design_docs/profiles/tfm_profile_small.rst (renamed from docs/technical_references/profiles/tfm_profile_small.rst) | 4 | ||||
-rw-r--r-- | docs/technical_references/design_docs/ps_key_management.rst (renamed from docs/technical_references/ps_key_management.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/secure_boot_hw_key_integration.rst (renamed from docs/technical_references/secure_boot_hw_key_integration.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/secure_boot_rollback_protection.rst (renamed from docs/technical_references/secure_boot_rollback_protection.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/secure_enclave_solution.rst (renamed from docs/technical_references/secure_enclave_solution.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/source_structure.rst (renamed from docs/technical_references/source_structure.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/stateless_rot_service.rst (renamed from docs/technical_references/stateless_rot_service.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/symmetric_initial_attest.rst (renamed from docs/technical_references/symmetric_initial_attest.rst) | 2 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_code_generation_with_jinja2.rst (renamed from docs/technical_references/tfm_code_generation_with_jinja2.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_cooperative_scheduling_rules.rst (renamed from docs/technical_references/tfm_cooperative_scheduling_rules.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_crypto_design.rst (renamed from docs/technical_references/tfm_crypto_design.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_fwu_service.rst (renamed from docs/technical_references/tfm_fwu_service.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_its_512_flash.rst (renamed from docs/technical_references/tfm_its_512_flash.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_its_service.rst (renamed from docs/technical_references/tfm_its_service.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_log_system_design_document.rst (renamed from docs/technical_references/tfm_log_system_design_document.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_non_secure_client_management.rst (renamed from docs/technical_references/tfm_non_secure_client_management.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_ns_client_identification.rst (renamed from docs/technical_references/tfm_ns_client_identification.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_partition_and_service_design_document.rst (renamed from docs/technical_references/tfm_partition_and_service_design_document.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_physical_attack_mitigation.rst (renamed from docs/technical_references/tfm_physical_attack_mitigation.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_psa_inter_process_communication.rst (renamed from docs/technical_references/tfm_psa_inter_process_communication.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_secure_boot.rst (renamed from docs/technical_references/tfm_secure_boot.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_secure_irq_handling.rst (renamed from docs/technical_references/tfm_secure_irq_handling.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_secure_partition_interrupt_handling.rst (renamed from docs/technical_references/tfm_secure_partition_interrupt_handling.rst) | 2 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_secure_partition_runtime_library.rst (renamed from docs/technical_references/tfm_secure_partition_runtime_library.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/design_docs/tfm_uniform_secure_service_signature.rst (renamed from docs/technical_references/tfm_uniform_secure_service_signature.rst) | 0 | ||||
-rw-r--r-- | docs/technical_references/index.rst | 2 | ||||
-rw-r--r-- | docs/technical_references/index.rst.in | 30 | ||||
-rw-r--r-- | docs/technical_references/instructions/run_tfm_examples_on_arm_platforms.rst | 4 |
56 files changed, 38 insertions, 57 deletions
diff --git a/docs/contributing/code_review_guide.rst b/docs/contributing/code_review_guide.rst index e9ed9699f4..08d72a2832 100644 --- a/docs/contributing/code_review_guide.rst +++ b/docs/contributing/code_review_guide.rst @@ -15,7 +15,7 @@ The prerequisites before going to the review stage: - Read the :doc:`Contributing Process </docs/contributing/contributing_process>` to know basic concepts. -- Read the :doc:`Source Structure </docs/technical_references/source_structure>` +- Read the :doc:`Source Structure </docs/technical_references/design_docs/source_structure>` for structure related reference. The review guidelines consist of these items: diff --git a/docs/integration_guide/os_migration_guide_armv8m.rst b/docs/integration_guide/os_migration_guide_armv8m.rst index 1ca4e3df06..a3b5806160 100644 --- a/docs/integration_guide/os_migration_guide_armv8m.rst +++ b/docs/integration_guide/os_migration_guide_armv8m.rst @@ -24,7 +24,7 @@ List of requirements then it also have to use the ``enum tfm_status_e tfm_register_client_id (int32_t ns_client_id)`` API function provided by TF-M, as described in - :doc:`NS client identification documentation </docs/technical_references/tfm_ns_client_identification>`. + :doc:`NS client identification documentation </docs/technical_references/design_docs/tfm_ns_client_identification>`. - if the OS doesn't support the API mentioned above, it should set ``TFM_NS_CLIENT_IDENTIFICATION`` to ``OFF`` in the cmake system. - .. Note:: diff --git a/docs/integration_guide/services/tfm_ps_integration_guide.rst b/docs/integration_guide/services/tfm_ps_integration_guide.rst index 2c6da7b490..50c83a47ab 100644 --- a/docs/integration_guide/services/tfm_ps_integration_guide.rst +++ b/docs/integration_guide/services/tfm_ps_integration_guide.rst @@ -293,7 +293,7 @@ TF-M core tracks the current client IDs running in the secure or non-secure processing environment. It provides a dedicated API to retrieve the client ID which performs the service request. -:doc:`NS client identification documentation </docs/technical_references/tfm_ns_client_identification>` +:doc:`NS client identification documentation </docs/technical_references/design_docs/tfm_ns_client_identification>` provides further details on how client identification works. PS service uses that TF-M core API to retrieve the client ID and associate it diff --git a/docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst b/docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst index 9b8ed3d4c5..4fb467f5a9 100644 --- a/docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst +++ b/docs/integration_guide/services/tfm_psa_proxy_integration_guide.rst @@ -9,7 +9,7 @@ TF-M PSA Proxy partition is responsible for forwarding all the PSA RoT messages to a Secure Enclave, this way virtually providing all the PSA RoT services. Proxy can only be used in IPC model, for context and design details please check the -:doc:`Secure Enclave design document </docs/technical_references/secure_enclave_solution>`. +:doc:`Secure Enclave design document </docs/technical_references/design_docs/secure_enclave_solution>`. Currently to forward the PSA Client call parameters Proxy must read them with ``psa_read`` into a memory area shared with the Secure Enclave. (Similarily diff --git a/docs/integration_guide/tfm_integration_guide.rst b/docs/integration_guide/tfm_integration_guide.rst index a543fd0828..f0f2a1ef55 100644 --- a/docs/integration_guide/tfm_integration_guide.rst +++ b/docs/integration_guide/tfm_integration_guide.rst @@ -112,7 +112,7 @@ See ``interface/src/tfm_ns_interface.c.example`` for more details. TF-M provides a reference implementation of NS mailbox on multi-core platforms, under folder ``interface/src/multi_core``. -See :doc:`Mailbox design </docs/technical_references/dual-cpu/mailbox_design_on_dual_core_system>` +See :doc:`Mailbox design </docs/technical_references/design_docs/dual-cpu/mailbox_design_on_dual_core_system>` for TF-M multi-core mailbox design. Interface with non-secure world regression tests @@ -135,7 +135,7 @@ implementation of these wrappers to be able to run the tests. NS client Identification ======================== See -:doc:`ns client identification documentation </docs/technical_references/tfm_ns_client_identification>`. +:doc:`ns client identification documentation </docs/technical_references/design_docs/tfm_ns_client_identification>`. ********************* Non-secure interrupts diff --git a/docs/releases/1.3.0.rst b/docs/releases/1.3.0.rst index 9e281cb05f..0f4984f911 100644 --- a/docs/releases/1.3.0.rst +++ b/docs/releases/1.3.0.rst @@ -160,11 +160,11 @@ Reference .. [3] :doc:`TF-M generic threat model </docs/security/threat_models/generic_threat_model>` - .. [4] :doc:`TF-M physical attack mitigation </docs/technical_references/tfm_physical_attack_mitigation>` + .. [4] :doc:`TF-M physical attack mitigation </docs/technical_references/design_docs/tfm_physical_attack_mitigation>` - .. [5] :doc:`TF-M Profile Large design </docs/technical_references/profiles/tfm_profile_large>` + .. [5] :doc:`TF-M Profile Large design </docs/technical_references/design_docs/profiles/tfm_profile_large>` - .. [6] :doc:`Code sharing between independently linked XIP binaries </docs/technical_references/code_sharing>` + .. [6] :doc:`Code sharing between independently linked XIP binaries </docs/technical_references/design_docs/code_sharing>` .. [7] :doc:`Security Handling </docs/security/security>` diff --git a/docs/security/threat_models/generic_threat_model.rst b/docs/security/threat_models/generic_threat_model.rst index 63569512f8..94f510b52f 100644 --- a/docs/security/threat_models/generic_threat_model.rst +++ b/docs/security/threat_models/generic_threat_model.rst @@ -1107,7 +1107,7 @@ Reference .. [FF-M] `ArmĀ® Platform Security Architecture Firmware Framework 1.0 <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Architect/DEN0063-PSA_Firmware_Framework-1.0.0-2.pdf?revision=2d1429fa-4b5b-461a-a60e-4ef3d8f7f4b4>`_ -.. [DUAL-CPU-BOOT] :doc:`Booting a dual core system </docs/technical_references/dual-cpu/booting_a_dual_core_system>` +.. [DUAL-CPU-BOOT] :doc:`Booting a dual core system </docs/technical_references/design_docs/dual-cpu/booting_a_dual_core_system>` .. [CVSS] `Common Vulnerability Scoring System Version 3.1 Calculator <https://www.first.org/cvss/calculator/3.1>`_ @@ -1115,9 +1115,9 @@ Reference .. [STRIDE] `The STRIDE Threat Model <https://docs.microsoft.com/en-us/previous-versions/commerce-server/ee823878(v=cs.20)?redirectedfrom=MSDN>`_ -.. [SECURE-BOOT] :doc:`Secure boot </docs/technical_references/tfm_secure_boot>` +.. [SECURE-BOOT] :doc:`Secure boot </docs/technical_references/design_docs/tfm_secure_boot>` -.. [ROLLBACK-PROTECT] :doc:`Rollback protection in TF-M secure boot </docs/technical_references/secure_boot_rollback_protection>` +.. [ROLLBACK-PROTECT] :doc:`Rollback protection in TF-M secure boot </docs/technical_references/design_docs/secure_boot_rollback_protection>` .. [STACK-SEAL] `Armv8-M processor Secure software Stack Sealing vulnerability <https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing>`_ diff --git a/docs/technical_references/code_sharing.rst b/docs/technical_references/design_docs/code_sharing.rst index 322d7eddcb..322d7eddcb 100644 --- a/docs/technical_references/code_sharing.rst +++ b/docs/technical_references/design_docs/code_sharing.rst diff --git a/docs/technical_references/dual-cpu/booting_a_dual_core_system.rst b/docs/technical_references/design_docs/dual-cpu/booting_a_dual_core_system.rst index 0a88ab3674..0a88ab3674 100644 --- a/docs/technical_references/dual-cpu/booting_a_dual_core_system.rst +++ b/docs/technical_references/design_docs/dual-cpu/booting_a_dual_core_system.rst diff --git a/docs/technical_references/dual-cpu/communication_prototype_between_nspe_and_spe_in_dual_core_systems.rst b/docs/technical_references/design_docs/dual-cpu/communication_prototype_between_nspe_and_spe_in_dual_core_systems.rst index 1ab1413d3b..1ab1413d3b 100644 --- a/docs/technical_references/dual-cpu/communication_prototype_between_nspe_and_spe_in_dual_core_systems.rst +++ b/docs/technical_references/design_docs/dual-cpu/communication_prototype_between_nspe_and_spe_in_dual_core_systems.rst diff --git a/docs/technical_references/dual-cpu/dual_core_mailbox_arch.png b/docs/technical_references/design_docs/dual-cpu/dual_core_mailbox_arch.png Binary files differindex 79f5654465..79f5654465 100644 --- a/docs/technical_references/dual-cpu/dual_core_mailbox_arch.png +++ b/docs/technical_references/design_docs/dual-cpu/dual_core_mailbox_arch.png diff --git a/docs/technical_references/dual-cpu/index.rst b/docs/technical_references/design_docs/dual-cpu/index.rst index f302748333..f302748333 100644 --- a/docs/technical_references/dual-cpu/index.rst +++ b/docs/technical_references/design_docs/dual-cpu/index.rst diff --git a/docs/technical_references/dual-cpu/mailbox_design_on_dual_core_system.rst b/docs/technical_references/design_docs/dual-cpu/mailbox_design_on_dual_core_system.rst index 60ac467d0f..60ac467d0f 100644 --- a/docs/technical_references/dual-cpu/mailbox_design_on_dual_core_system.rst +++ b/docs/technical_references/design_docs/dual-cpu/mailbox_design_on_dual_core_system.rst diff --git a/docs/technical_references/dual-cpu/tfm_multi_core_access_check.rst b/docs/technical_references/design_docs/dual-cpu/tfm_multi_core_access_check.rst index 9ea9afdfe2..9ea9afdfe2 100644 --- a/docs/technical_references/dual-cpu/tfm_multi_core_access_check.rst +++ b/docs/technical_references/design_docs/dual-cpu/tfm_multi_core_access_check.rst diff --git a/docs/technical_references/enum_implicit_casting.rst b/docs/technical_references/design_docs/enum_implicit_casting.rst index 01c8ce73f0..01c8ce73f0 100644 --- a/docs/technical_references/enum_implicit_casting.rst +++ b/docs/technical_references/design_docs/enum_implicit_casting.rst diff --git a/docs/technical_references/ff_isolation.rst b/docs/technical_references/design_docs/ff_isolation.rst index 41dd4fc0fb..41dd4fc0fb 100644 --- a/docs/technical_references/ff_isolation.rst +++ b/docs/technical_references/design_docs/ff_isolation.rst diff --git a/docs/technical_references/hardware_abstraction_layer.rst b/docs/technical_references/design_docs/hardware_abstraction_layer.rst index 645426f617..b574a3d6ce 100644 --- a/docs/technical_references/hardware_abstraction_layer.rst +++ b/docs/technical_references/design_docs/hardware_abstraction_layer.rst @@ -61,7 +61,7 @@ Here lists a minimal set of necessary functionalities: - There is a non-secure :term:`HAL` that focuses on the mailbox operation API for Dual-core topology. For more information about it, please refer to :doc:`Mailbox Design in TF-M on Dual-core System - </docs/technical_references/dual-cpu/mailbox_design_on_dual_core_system>`. + </docs/technical_references/design_docs/dual-cpu/mailbox_design_on_dual_core_system>`. - The minimal set of :term:`TF-M` :term:`HAL` is sufficient for Secure Partitions by using customized peripheral interfaces. To provide easier portability for the Secure Partitions, a Secure Partition :term:`HAL` is diff --git a/docs/technical_references/design_docs/index.rst b/docs/technical_references/design_docs/index.rst new file mode 100644 index 0000000000..3566e03dee --- /dev/null +++ b/docs/technical_references/design_docs/index.rst @@ -0,0 +1,13 @@ +Design documents +================ + +.. toctree:: + :maxdepth: 2 + :glob: + + */index + * + +-------------- + +*Copyright (c) 2021, Arm Limited. All rights reserved.* diff --git a/docs/technical_references/media/hal_structure.png b/docs/technical_references/design_docs/media/hal_structure.png Binary files differindex 0f4c4c0018..0f4c4c0018 100644 --- a/docs/technical_references/media/hal_structure.png +++ b/docs/technical_references/design_docs/media/hal_structure.png diff --git a/docs/technical_references/media/symmetric_initial_attest/attest_token_finish.png b/docs/technical_references/design_docs/media/symmetric_initial_attest/attest_token_finish.png Binary files differindex 548e79d3d1..548e79d3d1 100644 --- a/docs/technical_references/media/symmetric_initial_attest/attest_token_finish.png +++ b/docs/technical_references/design_docs/media/symmetric_initial_attest/attest_token_finish.png diff --git a/docs/technical_references/media/symmetric_initial_attest/attest_token_start.png b/docs/technical_references/design_docs/media/symmetric_initial_attest/attest_token_start.png Binary files differindex ac39cf258e..ac39cf258e 100644 --- a/docs/technical_references/media/symmetric_initial_attest/attest_token_start.png +++ b/docs/technical_references/design_docs/media/symmetric_initial_attest/attest_token_start.png diff --git a/docs/technical_references/media/symmetric_initial_attest/ia_service_flow.png b/docs/technical_references/design_docs/media/symmetric_initial_attest/ia_service_flow.png Binary files differindex 288bc534fb..288bc534fb 100644 --- a/docs/technical_references/media/symmetric_initial_attest/ia_service_flow.png +++ b/docs/technical_references/design_docs/media/symmetric_initial_attest/ia_service_flow.png diff --git a/docs/technical_references/media/symmetric_initial_attest/iat_decode.png b/docs/technical_references/design_docs/media/symmetric_initial_attest/iat_decode.png Binary files differindex e35183bacc..e35183bacc 100644 --- a/docs/technical_references/media/symmetric_initial_attest/iat_decode.png +++ b/docs/technical_references/design_docs/media/symmetric_initial_attest/iat_decode.png diff --git a/docs/technical_references/media/symmetric_initial_attest/overall_diagram.png b/docs/technical_references/design_docs/media/symmetric_initial_attest/overall_diagram.png Binary files differindex 893c62eedf..893c62eedf 100644 --- a/docs/technical_references/media/symmetric_initial_attest/overall_diagram.png +++ b/docs/technical_references/design_docs/media/symmetric_initial_attest/overall_diagram.png diff --git a/docs/technical_references/media/tfm_crypto_design.png b/docs/technical_references/design_docs/media/tfm_crypto_design.png Binary files differindex 6e8d48b200..6e8d48b200 100644 --- a/docs/technical_references/media/tfm_crypto_design.png +++ b/docs/technical_references/design_docs/media/tfm_crypto_design.png diff --git a/docs/technical_references/profiles/index.rst b/docs/technical_references/design_docs/profiles/index.rst index e856cf8078..e856cf8078 100644 --- a/docs/technical_references/profiles/index.rst +++ b/docs/technical_references/design_docs/profiles/index.rst diff --git a/docs/technical_references/profiles/tfm_profile_large.rst b/docs/technical_references/design_docs/profiles/tfm_profile_large.rst index 45e51f40a1..d59ae61f04 100644 --- a/docs/technical_references/profiles/tfm_profile_large.rst +++ b/docs/technical_references/design_docs/profiles/tfm_profile_large.rst @@ -436,9 +436,9 @@ instruction guide [9]_. Reference ********* -.. [1] :doc:`Trusted Firmware-M Profile Small Design </docs/technical_references/profiles/tfm_profile_small>` +.. [1] :doc:`Trusted Firmware-M Profile Small Design </docs/technical_references/design_docs/profiles/tfm_profile_small>` -.. [2] :doc:`Trusted Firmware-M Profile Medium Design </docs/technical_references/profiles/tfm_profile_medium>` +.. [2] :doc:`Trusted Firmware-M Profile Medium Design </docs/technical_references/design_docs/profiles/tfm_profile_medium>` .. [3] `PSA Certified Level 3 Lightweight Protection Profile <https://www.psacertified.org/app/uploads/2020/12/JSADEN009-PSA_Certified_Level_3_LW_PP-1.0-BET02.pdf>`_ @@ -446,9 +446,9 @@ Reference .. [5] `The Transport Layer Security (TLS) Protocol Version 1.2 <https://tools.ietf.org/html/rfc5246>`_ -.. [6] :doc:`Physical attack mitigation in Trusted Firmware-M </docs/technical_references/tfm_physical_attack_mitigation>` +.. [6] :doc:`Physical attack mitigation in Trusted Firmware-M </docs/technical_references/design_docs/tfm_physical_attack_mitigation>` -.. [7] :doc:`Crypto design </docs/technical_references/tfm_crypto_design>` +.. [7] :doc:`Crypto design </docs/technical_references/design_docs/tfm_crypto_design>` .. [8] :doc:`ITS integration guide </docs/integration_guide/services/tfm_its_integration_guide>` diff --git a/docs/technical_references/profiles/tfm_profile_medium.rst b/docs/technical_references/design_docs/profiles/tfm_profile_medium.rst index 6b384c7414..5bc4d57a35 100644 --- a/docs/technical_references/profiles/tfm_profile_medium.rst +++ b/docs/technical_references/design_docs/profiles/tfm_profile_medium.rst @@ -470,7 +470,7 @@ Reference .. [RFC7925] `Transport Layer Security (TLS) / Datagram Transport Layer Security (DTLS) Profiles for the Internet of Things <https://tools.ietf.org/html/rfc7925>`_ -.. [PROFILE-S] :doc:`Trusted Firmware-M Profile Small Design </docs/technical_references/profiles/tfm_profile_small>` +.. [PROFILE-S] :doc:`Trusted Firmware-M Profile Small Design </docs/technical_references/design_docs/profiles/tfm_profile_small>` .. [RFC7252] `The Constrained Application Protocol (CoAP) <https://tools.ietf.org/html/rfc7252>`_ @@ -478,7 +478,7 @@ Reference .. [RFC7251] `AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for TLS <https://tools.ietf.org/html/rfc7251>`_ -.. [CRYPTO-DESIGN] :doc:`Crypto design </docs/technical_references/tfm_crypto_design>` +.. [CRYPTO-DESIGN] :doc:`Crypto design </docs/technical_references/design_docs/tfm_crypto_design>` .. [ITS-INTEGRATE] :doc:`ITS integration guide </docs/integration_guide/services/tfm_its_integration_guide>` diff --git a/docs/technical_references/profiles/tfm_profile_small.rst b/docs/technical_references/design_docs/profiles/tfm_profile_small.rst index 17f6f496db..51d78f22ee 100644 --- a/docs/technical_references/profiles/tfm_profile_small.rst +++ b/docs/technical_references/design_docs/profiles/tfm_profile_small.rst @@ -636,9 +636,9 @@ Reference .. [8] `PSA Attestation API 1.0 (ARM IHI 0085) <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Implement/IHI0085-PSA_Attestation_API-1.0.2.pdf?revision=eef78753-c77e-4b24-bcf0-65596213b4c1&la=en&hash=E5E0353D612077AFDCE3F2F3708A50C77A74B2A3>`_ -.. [9] :doc:`Secure boot </docs/technical_references/tfm_secure_boot>` +.. [9] :doc:`Secure boot </docs/technical_references/design_docs/tfm_secure_boot>` -.. [10] :doc:`Crypto design </docs/technical_references/tfm_crypto_design>` +.. [10] :doc:`Crypto design </docs/technical_references/design_docs/tfm_crypto_design>` .. [11] :doc:`TF-M build instruction </docs/technical_references/instructions/tfm_build_instruction>` diff --git a/docs/technical_references/ps_key_management.rst b/docs/technical_references/design_docs/ps_key_management.rst index 80a39be492..80a39be492 100644 --- a/docs/technical_references/ps_key_management.rst +++ b/docs/technical_references/design_docs/ps_key_management.rst diff --git a/docs/technical_references/secure_boot_hw_key_integration.rst b/docs/technical_references/design_docs/secure_boot_hw_key_integration.rst index 186e4a649b..186e4a649b 100644 --- a/docs/technical_references/secure_boot_hw_key_integration.rst +++ b/docs/technical_references/design_docs/secure_boot_hw_key_integration.rst diff --git a/docs/technical_references/secure_boot_rollback_protection.rst b/docs/technical_references/design_docs/secure_boot_rollback_protection.rst index 711fac321e..711fac321e 100644 --- a/docs/technical_references/secure_boot_rollback_protection.rst +++ b/docs/technical_references/design_docs/secure_boot_rollback_protection.rst diff --git a/docs/technical_references/secure_enclave_solution.rst b/docs/technical_references/design_docs/secure_enclave_solution.rst index 1f4ecc6290..1f4ecc6290 100644 --- a/docs/technical_references/secure_enclave_solution.rst +++ b/docs/technical_references/design_docs/secure_enclave_solution.rst diff --git a/docs/technical_references/source_structure.rst b/docs/technical_references/design_docs/source_structure.rst index b2de0dda20..b2de0dda20 100644 --- a/docs/technical_references/source_structure.rst +++ b/docs/technical_references/design_docs/source_structure.rst diff --git a/docs/technical_references/stateless_rot_service.rst b/docs/technical_references/design_docs/stateless_rot_service.rst index 964c18cef0..964c18cef0 100644 --- a/docs/technical_references/stateless_rot_service.rst +++ b/docs/technical_references/design_docs/stateless_rot_service.rst diff --git a/docs/technical_references/symmetric_initial_attest.rst b/docs/technical_references/design_docs/symmetric_initial_attest.rst index b53ab3c87d..c139d6433d 100644 --- a/docs/technical_references/symmetric_initial_attest.rst +++ b/docs/technical_references/design_docs/symmetric_initial_attest.rst @@ -588,7 +588,7 @@ Reference .. [1] `PSA Attestation API 1.0 (ARM IHI 0085) <https://developer.arm.com/-/media/Files/pdf/PlatformSecurityArchitecture/Implement/IHI0085-PSA_Attestation_API-1.0.2.pdf?revision=eef78753-c77e-4b24-bcf0-65596213b4c1&la=en&hash=E5E0353D612077AFDCE3F2F3708A50C77A74B2A3>`_ -.. [2] :doc:`Trusted Firmware-M Profile Small Design </docs/technical_references/profiles/tfm_profile_small>` +.. [2] :doc:`Trusted Firmware-M Profile Small Design </docs/technical_references/design_docs/profiles/tfm_profile_small>` .. [3] :doc:`Initial Attestation Service Integration Guide </docs/integration_guide/services/tfm_attestation_integration_guide>` diff --git a/docs/technical_references/tfm_code_generation_with_jinja2.rst b/docs/technical_references/design_docs/tfm_code_generation_with_jinja2.rst index f16fc29fe7..f16fc29fe7 100644 --- a/docs/technical_references/tfm_code_generation_with_jinja2.rst +++ b/docs/technical_references/design_docs/tfm_code_generation_with_jinja2.rst diff --git a/docs/technical_references/tfm_cooperative_scheduling_rules.rst b/docs/technical_references/design_docs/tfm_cooperative_scheduling_rules.rst index b1c4e768b3..b1c4e768b3 100644 --- a/docs/technical_references/tfm_cooperative_scheduling_rules.rst +++ b/docs/technical_references/design_docs/tfm_cooperative_scheduling_rules.rst diff --git a/docs/technical_references/tfm_crypto_design.rst b/docs/technical_references/design_docs/tfm_crypto_design.rst index e2785a5dfa..e2785a5dfa 100644 --- a/docs/technical_references/tfm_crypto_design.rst +++ b/docs/technical_references/design_docs/tfm_crypto_design.rst diff --git a/docs/technical_references/tfm_fwu_service.rst b/docs/technical_references/design_docs/tfm_fwu_service.rst index 46c98f32fa..46c98f32fa 100644 --- a/docs/technical_references/tfm_fwu_service.rst +++ b/docs/technical_references/design_docs/tfm_fwu_service.rst diff --git a/docs/technical_references/tfm_its_512_flash.rst b/docs/technical_references/design_docs/tfm_its_512_flash.rst index 00f60f8acf..00f60f8acf 100644 --- a/docs/technical_references/tfm_its_512_flash.rst +++ b/docs/technical_references/design_docs/tfm_its_512_flash.rst diff --git a/docs/technical_references/tfm_its_service.rst b/docs/technical_references/design_docs/tfm_its_service.rst index a9c71b7ac6..a9c71b7ac6 100644 --- a/docs/technical_references/tfm_its_service.rst +++ b/docs/technical_references/design_docs/tfm_its_service.rst diff --git a/docs/technical_references/tfm_log_system_design_document.rst b/docs/technical_references/design_docs/tfm_log_system_design_document.rst index 269bcfc69d..269bcfc69d 100644 --- a/docs/technical_references/tfm_log_system_design_document.rst +++ b/docs/technical_references/design_docs/tfm_log_system_design_document.rst diff --git a/docs/technical_references/tfm_non_secure_client_management.rst b/docs/technical_references/design_docs/tfm_non_secure_client_management.rst index 133ae92e40..133ae92e40 100644 --- a/docs/technical_references/tfm_non_secure_client_management.rst +++ b/docs/technical_references/design_docs/tfm_non_secure_client_management.rst diff --git a/docs/technical_references/tfm_ns_client_identification.rst b/docs/technical_references/design_docs/tfm_ns_client_identification.rst index 4ef8e90d0a..4ef8e90d0a 100644 --- a/docs/technical_references/tfm_ns_client_identification.rst +++ b/docs/technical_references/design_docs/tfm_ns_client_identification.rst diff --git a/docs/technical_references/tfm_partition_and_service_design_document.rst b/docs/technical_references/design_docs/tfm_partition_and_service_design_document.rst index 223e212cf4..223e212cf4 100644 --- a/docs/technical_references/tfm_partition_and_service_design_document.rst +++ b/docs/technical_references/design_docs/tfm_partition_and_service_design_document.rst diff --git a/docs/technical_references/tfm_physical_attack_mitigation.rst b/docs/technical_references/design_docs/tfm_physical_attack_mitigation.rst index ee0734eb85..ee0734eb85 100644 --- a/docs/technical_references/tfm_physical_attack_mitigation.rst +++ b/docs/technical_references/design_docs/tfm_physical_attack_mitigation.rst diff --git a/docs/technical_references/tfm_psa_inter_process_communication.rst b/docs/technical_references/design_docs/tfm_psa_inter_process_communication.rst index 19691711bc..19691711bc 100644 --- a/docs/technical_references/tfm_psa_inter_process_communication.rst +++ b/docs/technical_references/design_docs/tfm_psa_inter_process_communication.rst diff --git a/docs/technical_references/tfm_secure_boot.rst b/docs/technical_references/design_docs/tfm_secure_boot.rst index 61bdcb55f4..61bdcb55f4 100644 --- a/docs/technical_references/tfm_secure_boot.rst +++ b/docs/technical_references/design_docs/tfm_secure_boot.rst diff --git a/docs/technical_references/tfm_secure_irq_handling.rst b/docs/technical_references/design_docs/tfm_secure_irq_handling.rst index b9baae912a..b9baae912a 100644 --- a/docs/technical_references/tfm_secure_irq_handling.rst +++ b/docs/technical_references/design_docs/tfm_secure_irq_handling.rst diff --git a/docs/technical_references/tfm_secure_partition_interrupt_handling.rst b/docs/technical_references/design_docs/tfm_secure_partition_interrupt_handling.rst index 79dea0c012..f58fb96492 100644 --- a/docs/technical_references/tfm_secure_partition_interrupt_handling.rst +++ b/docs/technical_references/design_docs/tfm_secure_partition_interrupt_handling.rst @@ -40,7 +40,7 @@ manifest file IRQ declaration example ]} See -:doc:`secure IRQ handling </docs/technical_references/tfm_secure_irq_handling>` +:doc:`secure IRQ handling </docs/technical_references/design_docs/tfm_secure_irq_handling>` for further information on IRQ source and signal. Partition ISR function diff --git a/docs/technical_references/tfm_secure_partition_runtime_library.rst b/docs/technical_references/design_docs/tfm_secure_partition_runtime_library.rst index 97e8444174..97e8444174 100644 --- a/docs/technical_references/tfm_secure_partition_runtime_library.rst +++ b/docs/technical_references/design_docs/tfm_secure_partition_runtime_library.rst diff --git a/docs/technical_references/tfm_uniform_secure_service_signature.rst b/docs/technical_references/design_docs/tfm_uniform_secure_service_signature.rst index 70c6c6031a..70c6c6031a 100644 --- a/docs/technical_references/tfm_uniform_secure_service_signature.rst +++ b/docs/technical_references/design_docs/tfm_uniform_secure_service_signature.rst diff --git a/docs/technical_references/index.rst b/docs/technical_references/index.rst index b98df2338a..eabc0e1d91 100644 --- a/docs/technical_references/index.rst +++ b/docs/technical_references/index.rst @@ -5,11 +5,9 @@ Technical References :maxdepth: 2 :titlesonly: :glob: - :numbered: */index /tools/index - * -------------- diff --git a/docs/technical_references/index.rst.in b/docs/technical_references/index.rst.in deleted file mode 100644 index b5cf149af8..0000000000 --- a/docs/technical_references/index.rst.in +++ /dev/null @@ -1,30 +0,0 @@ -Design Documents -================ - -.. toctree:: - :maxdepth: 1 - :caption: Accepted design documents - :glob: - :numbered: - - @ACCEPTED_DD_LIST@ - -.. toctree:: - :maxdepth: 1 - :caption: Draft design documents - :glob: - :numbered: - - @DRAFT_DD_LIST@ - -.. toctree:: - :maxdepth: 1 - :caption: Rejected design documents - :glob: - :numbered: - - @REJECTED_DD_LIST@ - --------------- - -*Copyright (c) 2019, Arm Limited. All rights reserved.* diff --git a/docs/technical_references/instructions/run_tfm_examples_on_arm_platforms.rst b/docs/technical_references/instructions/run_tfm_examples_on_arm_platforms.rst index 965d3e9ead..256147f911 100644 --- a/docs/technical_references/instructions/run_tfm_examples_on_arm_platforms.rst +++ b/docs/technical_references/instructions/run_tfm_examples_on_arm_platforms.rst @@ -4,7 +4,7 @@ Run TF-M examples on Arm platforms Instructions for how to run TF-M and example test application on Arm platforms. Follow :doc:`build instruction <tfm_build_instruction>` to build the binaries. -Follow :doc:`secure boot </docs/technical_references/tfm_secure_boot>` to build the +Follow :doc:`secure boot </docs/technical_references/design_docs/tfm_secure_boot>` to build the binaries with or without BL2 bootloader. **************************************************************** @@ -562,7 +562,7 @@ port (baud 115200 8n1) the following messages:: Firmware upgrade and image validation with BL2 bootloader ========================================================= High level operation of BL2 bootloader and instructions for testing firmware -upgrade is described in :doc:`secure boot </docs/technical_references/tfm_secure_boot>`. +upgrade is described in :doc:`secure boot </docs/technical_references/design_docs/tfm_secure_boot>`. -------------- |