Docs: Fix spelling typos
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: Ie7729b848b7284696d9b546b676cb4f31ab5db47
diff --git a/docs/configuration/profiles/index.rst b/docs/configuration/profiles/index.rst
index f1669d3..fb24d6e 100644
--- a/docs/configuration/profiles/index.rst
+++ b/docs/configuration/profiles/index.rst
@@ -82,7 +82,7 @@
+----------------------------------------+--------+--------+---------+--------+--------+
1. `MCUBOOT_IMAGGE_NUMBER` value is taken from MCUBoot default configuration,
- execept profile Small.
+ except profile Small.
2. Many platforms redefine `ITS_BUF_SIZE` value.
Each profile has predefined configuration for cryptographic library, located in
diff --git a/docs/configuration/profiles/tfm_profile_medium.rst b/docs/configuration/profiles/tfm_profile_medium.rst
index 1d69e46..6ba55a2 100644
--- a/docs/configuration/profiles/tfm_profile_medium.rst
+++ b/docs/configuration/profiles/tfm_profile_medium.rst
@@ -443,7 +443,7 @@
.. Note::
- - For devices with more contrained memory and flash requirements, it is
+ - For devices with more constrained memory and flash requirements, it is
possible to build with either only TEST_S enabled or only TEST_NS enabled.
This will decrease the size of the test images. Note that both test suites
must still be run to ensure correct operation.
diff --git a/docs/configuration/profiles/tfm_profile_medium_arot-less.rst b/docs/configuration/profiles/tfm_profile_medium_arot-less.rst
index 3abd5c4..c46bd03 100644
--- a/docs/configuration/profiles/tfm_profile_medium_arot-less.rst
+++ b/docs/configuration/profiles/tfm_profile_medium_arot-less.rst
@@ -131,9 +131,9 @@
| ``CRYPTO_ASYM_ENCRYPT_MODULE_ENABLED`` | ``OFF`` | Enable Crypto asymmetric |
| | | encryption operations |
+--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
- | ``TFM_MBEDCRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h`` | Re-use Profile Medium configuration |
+ | ``TFM_MBEDCRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h`` | Reuse Profile Medium configuration |
+--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
- | ``TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_medium.h`` | Re-use Profile Medium configuration |
+ | ``TFM_MBEDCRYPTO_PSA_CRYPTO_CONFIG_PATH`` | ``${CMAKE_SOURCE_DIR}/lib/ext/mbedcrypto/mbedcrypto_config/crypto_config_profile_medium.h`` | Reuse Profile Medium configuration |
+--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
| ``TFM_PARTITION_INITIAL_ATTESTATION`` | ``ON`` | Enable Initial Attestation service |
+--------------------------------------------+-----------------------------------------------------------------------------------------------------+-------------------------------------+
diff --git a/docs/configuration/profiles/tfm_profile_small.rst b/docs/configuration/profiles/tfm_profile_small.rst
index 8c8d9b4..6aa691d 100644
--- a/docs/configuration/profiles/tfm_profile_small.rst
+++ b/docs/configuration/profiles/tfm_profile_small.rst
@@ -172,7 +172,7 @@
It may increase latency and overall time cost to implement cryptography
functionality with single-part operations, compared to with multi-part ones.
Users can enable single-part operations if the usage scenario requires
-single-part opreations to meet its perfermance metrics.
+single-part operations to meet its performance metrics.
Secure Storage
==============
diff --git a/docs/contributing/doc_guidelines.rst b/docs/contributing/doc_guidelines.rst
index 9dea2f3..82af63d 100644
--- a/docs/contributing/doc_guidelines.rst
+++ b/docs/contributing/doc_guidelines.rst
@@ -3,7 +3,7 @@
#####################################
The Trusted Firmware-M project uses `Sphinx`_ to generate the Official
-Documentation from `Restructed Text`_ `.rst` source files,
+Documentation from `reStructuredText`_ `.rst` source files,
The aim is to align as much as possible with the official
`Python Documentation Guidelines`_ while keeping the consistency with the
@@ -125,7 +125,7 @@
print("Hello TF-M")
-Restructured Text supports implicit code-blocks by indenting a section of text,
+reStructuredText supports implicit code-blocks by indenting a section of text,
surrounded by new lines. While this formatting is
allowed, it should be avoided if possible.
@@ -194,7 +194,7 @@
*Copyright (c) XYZ *
Creating in-line links is permitted, but should be avoided if possible. It
-should be only used for consistency purposes or for a small ammount
+should be only used for consistency purposes or for a small amount
of short links.
.. code-block:: restructuredtext
@@ -236,7 +236,7 @@
the document changes.
For example, to get this: :doc:`Adding TF-M Regression Test Suite
-<TF-M-Tests:tfm_test_suites_addition>`; the Restructed Text would look like this:
+<TF-M-Tests:tfm_test_suites_addition>`; the reStructuredText would look like this:
.. code-block:: restructuredtext
@@ -291,13 +291,13 @@
==========
#. `Sphinx`_
-#. `Restructed Text`_
+#. `reStructuredText`_
#. `Python Documentation Guidelines`_
#. `Pygments Lexers`_
#. `Intersphinx`_
.. _Sphinx: https://www.sphinx-doc.org/en/master/
-.. _Restructed Text: https://docutils.sourceforge.io/rst.html
+.. _reStructuredText: https://docutils.sourceforge.io/rst.html
.. _Python Documentation Guidelines: https://devguide.python.org/documentation/style-guide/
.. _Pygments Lexers: https://pygments.org/docs/api/#lexers
.. _Intersphinx: https://www.sphinx-doc.org/en/master/usage/extensions/intersphinx.html
@@ -305,4 +305,4 @@
--------------
-*Copyright (c) 2020-2023, Arm Limited. All rights reserved.*
+*Copyright (c) 2020-2025, Arm Limited. All rights reserved.*
diff --git a/docs/design_docs/booting/secure_boot_hw_key_integration.rst b/docs/design_docs/booting/secure_boot_hw_key_integration.rst
index 7d8afdd..c0d5ec0 100644
--- a/docs/design_docs/booting/secure_boot_hw_key_integration.rst
+++ b/docs/design_docs/booting/secure_boot_hw_key_integration.rst
@@ -29,7 +29,7 @@
MCUBoot code contains a compile-time built-in key array which can store any
number of key(s) for firmware verification: ``bl2/ext/mcuboot/keys.c``. These
public key(s) must be available when MCUBoot image is built. There is a script
-``bl2/ext/mcuboot/scipt/imgtool.py`` which can generate a new key pair, and
+``bl2/ext/mcuboot/scripts/imgtool.py`` which can generate a new key pair, and
extract the public key part in the expected ASN.1 format and encode it as C
structure. The script is also capable of signing the image with the private key.
In order to identify and validate the corresponding public key during image
@@ -75,9 +75,9 @@
HW key(s) might stored in OTP memory which is an expensive resource, so
storing a large key (such as RSA) is inefficient. Therefore, it is assumed that
only the hash of the ROTPK will be stored in the HW. If only the hash of the
-public key is stored in the HW then the whole public key must be transfered to
+public key is stored in the HW then the whole public key must be transferred to
the device, because it must be available during image verification. This
-transfer can be done in the same way as how the hash of the key is transfered
+transfer can be done in the same way as how the hash of the key is transferred
to the device with the current solution. A new TLV type (TLV_KEY) can be
introduced to carry the whole public key. The corresponding public key will be
appended to the image itself in the manifest area. It has the drawback that the
@@ -147,7 +147,7 @@
Tooling
-------
-``bl2/ext/mcuboot/scipt/imgtool.py`` will be modified to include the whole
+``bl2/ext/mcuboot/scripts/imgtool.py`` will be modified to include the whole
public key to the TLV area (instead of the hash).
Table to compare the current and proposed solution::
diff --git a/docs/design_docs/dual-cpu/mailbox_ns_agent_update.rst b/docs/design_docs/dual-cpu/mailbox_ns_agent_update.rst
index 5a804b2..2974910 100644
--- a/docs/design_docs/dual-cpu/mailbox_ns_agent_update.rst
+++ b/docs/design_docs/dual-cpu/mailbox_ns_agent_update.rst
@@ -93,7 +93,7 @@
going to be sent. Before this point, SPM performs the call based on the
agent's ID.
-This specifc ``Agent API`` is non-blocking, unlike the standard FF-M Client
+This specific ``Agent API`` is non-blocking, unlike the standard FF-M Client
APIs. This can improve the communication efficiency between NS clients and
mailbox NS agents. With this mechanism, extra signals and APIs for message
acknowledges are also required.
diff --git a/docs/design_docs/ff_isolation.rst b/docs/design_docs/ff_isolation.rst
index b9727cb..f078dc2 100644
--- a/docs/design_docs/ff_isolation.rst
+++ b/docs/design_docs/ff_isolation.rst
@@ -176,7 +176,7 @@
one running at a time and all others are deactivated, the SPM needs to set up
necessary regions for each asset type in one partition only.
-There is re-usable code like the C-Runtime and RoT Service API which are same
+There is reusable code like the C-Runtime and RoT Service API which are same
across different partitions. TF-M creates a Secure Partition Runtime Library
(SPRTL) as a specific library shared by the Secure Partition. Please refer to
:doc:`Secure Partition Runtime Library </design_docs/services/secure_partition_runtime_library>`
diff --git a/docs/design_docs/media/mailbox_ns_agent1.svg b/docs/design_docs/media/mailbox_ns_agent1.svg
index cfc5298..d2c7fa6 100644
--- a/docs/design_docs/media/mailbox_ns_agent1.svg
+++ b/docs/design_docs/media/mailbox_ns_agent1.svg
@@ -1,3 +1,3 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="463px" height="172px" viewBox="-0.5 -0.5 463 172"><defs/><g><path d="M 303.31 159 L 303.12 54.72" fill="none" stroke="rgb(0, 0, 0)" stroke-width="2" stroke-miterlimit="10" stroke-dasharray="6 6" pointer-events="stroke"/><path d="M 163 159 L 163.6 53.2" fill="none" stroke="rgb(0, 0, 0)" stroke-width="2" stroke-miterlimit="10" stroke-dasharray="6 6" pointer-events="stroke"/><rect x="34" y="60" width="320" height="20" rx="10" ry="10" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="193.5" y="74.5">FF-M API</text></g><rect x="34" y="140" width="90" height="20" fill="none" stroke="none" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="78.5" y="154.5">Trustzone Specific API Set</text></g><rect x="34" y="10" width="400" height="40" rx="6" ry="6" fill="#000000" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#FFFFFF" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="233.5" y="34.5">FF-M Compliant SPM</text></g><rect x="314" y="90" width="120" height="20" rx="3" ry="3" fill="#4d4d4d" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#FFFFFF" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="373.5" y="104.5">Mailbox NS Agent</text></g><rect x="364" y="60" width="70" height="20" rx="10" ry="10" fill="#4d4d4d" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#FFFFFF" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="398.5" y="74.5">Agent API</text></g><rect x="174" y="90" width="120" height="20" rx="3" ry="3" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="233.5" y="104.5">Secure Partition</text></g><rect x="34" y="90" width="120" height="20" rx="3" ry="3" fill="#e6e6e6" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#000000" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="93.5" y="104.5">Trustzone NS Agent</text></g><rect x="184" y="140" width="90" height="20" fill="none" stroke="none" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="228.5" y="154.5">Partiton API Set</text></g><rect x="344" y="140" width="90" height="20" fill="none" stroke="none" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="388.5" y="154.5">Mailbox Specific API Set</text></g></g></svg>
\ No newline at end of file
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="463px" height="172px" viewBox="-0.5 -0.5 463 172"><defs/><g><path d="M 303.31 159 L 303.12 54.72" fill="none" stroke="rgb(0, 0, 0)" stroke-width="2" stroke-miterlimit="10" stroke-dasharray="6 6" pointer-events="stroke"/><path d="M 163 159 L 163.6 53.2" fill="none" stroke="rgb(0, 0, 0)" stroke-width="2" stroke-miterlimit="10" stroke-dasharray="6 6" pointer-events="stroke"/><rect x="34" y="60" width="320" height="20" rx="10" ry="10" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="193.5" y="74.5">FF-M API</text></g><rect x="34" y="140" width="90" height="20" fill="none" stroke="none" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="78.5" y="154.5">Trustzone Specific API Set</text></g><rect x="34" y="10" width="400" height="40" rx="6" ry="6" fill="#000000" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#FFFFFF" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="233.5" y="34.5">FF-M Compliant SPM</text></g><rect x="314" y="90" width="120" height="20" rx="3" ry="3" fill="#4d4d4d" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#FFFFFF" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="373.5" y="104.5">Mailbox NS Agent</text></g><rect x="364" y="60" width="70" height="20" rx="10" ry="10" fill="#4d4d4d" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#FFFFFF" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="398.5" y="74.5">Agent API</text></g><rect x="174" y="90" width="120" height="20" rx="3" ry="3" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="233.5" y="104.5">Secure Partition</text></g><rect x="34" y="90" width="120" height="20" rx="3" ry="3" fill="#e6e6e6" stroke="rgb(0, 0, 0)" pointer-events="all"/><g fill="#000000" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="93.5" y="104.5">Trustzone NS Agent</text></g><rect x="184" y="140" width="90" height="20" fill="none" stroke="none" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="228.5" y="154.5">Partition API Set</text></g><rect x="344" y="140" width="90" height="20" fill="none" stroke="none" pointer-events="all"/><g fill="rgb(0, 0, 0)" font-family="Tahoma" text-anchor="middle" font-size="12px"><text x="388.5" y="154.5">Mailbox Specific API Set</text></g></g></svg>
\ No newline at end of file
diff --git a/docs/design_docs/services/secure_partition_manager.rst b/docs/design_docs/services/secure_partition_manager.rst
index eac3de4..1657153 100644
--- a/docs/design_docs/services/secure_partition_manager.rst
+++ b/docs/design_docs/services/secure_partition_manager.rst
@@ -193,7 +193,7 @@
.. note::
These procedures and their sub-routines are recommended to be applied with
- execution measurement mechansim to mitigate the `Hardware Fault Injection`
+ execution measurement mechanism to mitigate the `Hardware Fault Injection`
attack.
Preparation initialization
@@ -626,7 +626,7 @@
- The SVC handler calls SPM internal routines, and eventually back to the
handler before an exit.
-Under the IPC model implementation, to re-use `ABI 2` in `No-cross-boundary`,
+Under the IPC model implementation, to reuse `ABI 2` in `No-cross-boundary`,
a software ABI needs to be provided.
While under the SFN model plus isolation level 1, both `ABI 1` and `ABI 2` can
diff --git a/docs/design_docs/services/stateless_rot_service.rst b/docs/design_docs/services/stateless_rot_service.rst
index 88af027..4e3f47e 100644
--- a/docs/design_docs/services/stateless_rot_service.rst
+++ b/docs/design_docs/services/stateless_rot_service.rst
@@ -86,7 +86,7 @@
==========================
This chapter describes the changes in programming API for stateless services.
-The following APIs' behavious and message data structure members are updated to
+The following APIs' behaviours and message data structure members are updated to
support the stateless service.
psa_connect()
diff --git a/docs/design_docs/services/symmetric_initial_attest.rst b/docs/design_docs/services/symmetric_initial_attest.rst
index bc20284..f9ae82e 100644
--- a/docs/design_docs/services/symmetric_initial_attest.rst
+++ b/docs/design_docs/services/symmetric_initial_attest.rst
@@ -345,7 +345,7 @@
---------------
``t_cose_mac0_set_signing_key()`` sets the key used in ``COSE_Mac0`` signing.
-Optional ``kid``, as a key identifer, will be encoded into ``COSE_Mac0`` Header
+Optional ``kid``, as a key identifier, will be encoded into ``COSE_Mac0`` Header
unprotected bucket.
.. code-block:: c
diff --git a/docs/design_docs/services/tfm_crypto_design.rst b/docs/design_docs/services/tfm_crypto_design.rst
index f66d2a8..5279332 100644
--- a/docs/design_docs/services/tfm_crypto_design.rst
+++ b/docs/design_docs/services/tfm_crypto_design.rst
@@ -334,7 +334,7 @@
| `CRYPTO_SINGLE_PART_FUNCS_DISABLED`| CMake build | When enabled, only the multipart, i.e. non-integrated APIs will| Not defined (Profile default) |
| | configuration parameter | be available in the service | |
+------------------------------------+---------------------------+----------------------------------------------------------------+--------------------------------------------------------------------------+
- | `CRYPTO_*_MODULE_ENABLED` | CMake build | When enabled, the correspoding shim layer module and relative | Defined (Profile default) |
+ | `CRYPTO_*_MODULE_ENABLED` | CMake build | When enabled, the corresponding shim layer module and relative | Defined (Profile default) |
| | configuration parameters | APIs are available in the service | |
+------------------------------------+---------------------------+----------------------------------------------------------------+--------------------------------------------------------------------------+
| `MBEDTLS_CONFIG_FILE` | Configuration header | The Mbed TLS library can be configured to support different | ``lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h`` |
diff --git a/docs/design_docs/services/tfm_fwu_service.rst b/docs/design_docs/services/tfm_fwu_service.rst
index f97dfd4..ade3541 100644
--- a/docs/design_docs/services/tfm_fwu_service.rst
+++ b/docs/design_docs/services/tfm_fwu_service.rst
@@ -47,7 +47,7 @@
| | the NSPE(i.e. to the applications). | |
+-----------------------------+---------------------------------------------------------------+---------------------------------------------------------------------------------------+
| IPC request handlers | This module handles all the secure requests in IPC model. | ``./secure_fw/partitions/firmware_update/tfm_fwu_req_mngr.c`` |
- | | It maitains the image state context and calls the image ID | |
+ | | It maintains the image state context and calls the image ID | |
| | converter to achieve the firmware update functionalities. | |
+-----------------------------+---------------------------------------------------------------+---------------------------------------------------------------------------------------+
| Shim layer between FWU and | This module provides the APIs with the functionality of | ``./secure_fw/partitions/firmware_update/bootloader/tfm_bootloader_fwu_abstraction.h``|
@@ -159,7 +159,7 @@
Check the authenticity and integrity of the image. If a reboot is required to
complete the check, then mark this image as a candidate so that the next time
-bootloader runs it will take this image as a candidate one to bootup. Return
+bootloader runs it will take this image as a candidate one to boot-up. Return
the error code PSA_SUCCESS_REBOOT.
**Parameters**
@@ -179,7 +179,7 @@
**Description**
Call this API to mark the TRIAL(running) image in component as confirmed to avoid
-revert when next time bootup. Usually, this API is called after the running
+revert when next time boot-up. Usually, this API is called after the running
images have been verified as valid.
**Parameters**
@@ -198,7 +198,7 @@
**Description**
The component is in STAGED state. Call this API to Uninstall the staged image in the
-component so that this image will not be treated as a candidate next time bootup.
+component so that this image will not be treated as a candidate next time boot-up.
**Parameters**
@@ -361,7 +361,7 @@
Reference
*********
-.. [1] `PSA Firwmare Update API <https://arm-software.github.io/psa-api/fwu/1.0/>`_
+.. [1] `PSA Firmware Update API <https://arm-software.github.io/psa-api/fwu/1.0/>`_
--------------
diff --git a/docs/design_docs/software/code_sharing.rst b/docs/design_docs/software/code_sharing.rst
index 14db411..7d06eac 100644
--- a/docs/design_docs/software/code_sharing.rst
+++ b/docs/design_docs/software/code_sharing.rst
@@ -280,7 +280,7 @@
*************************
-Useability considerations
+Usability considerations
*************************
Functions that only use local variables can be shared easily. However, functions
that rely on global variables are a bit tricky. They can still be shared, but
diff --git a/docs/design_docs/software/hardware_abstraction_layer.rst b/docs/design_docs/software/hardware_abstraction_layer.rst
index b93ca38..982a93a 100644
--- a/docs/design_docs/software/hardware_abstraction_layer.rst
+++ b/docs/design_docs/software/hardware_abstraction_layer.rst
@@ -345,7 +345,7 @@
Memory Access Attributes
------------------------
The memory access attributes are encoded as bit fields, you can logic OR them to
-have a combination of the atrributes, for example
+have a combination of the attributes, for example
``TFM_HAL_ACCESS_UNPRIVILEGED | TFM_HAL_ACCESS_READABLE`` is unprivileged
readable. The data type is `uint32_t`.
@@ -782,7 +782,7 @@
**Note**
Please refer to the
-:doc: `IRQ intergration guide<tfm_secure_irq_integration_guide>`
+:doc: `IRQ integration guide<tfm_secure_irq_integration_guide>`
for more information.
************************************
diff --git a/docs/design_docs/tfm_log_system_design_document.rst b/docs/design_docs/tfm_log_system_design_document.rst
index bf9a364..bfea46a 100644
--- a/docs/design_docs/tfm_log_system_design_document.rst
+++ b/docs/design_docs/tfm_log_system_design_document.rst
@@ -198,7 +198,7 @@
.. note::
- It is not recommended to re-use the same HAL for both SPM and SP log
+ It is not recommended to reuse the same HAL for both SPM and SP log
outputting especially when SPM and SP run under different privileged level,
which makes them have a different information confidential level. Unless:
diff --git a/docs/glossary.rst b/docs/glossary.rst
index 5a9014b..f2b9083 100644
--- a/docs/glossary.rst
+++ b/docs/glossary.rst
@@ -26,7 +26,7 @@
in a Secure Partition.
NSPE
- Non Secure Processing Enviroment:
+ Non Secure Processing Environment:
`PSA term`_. In TF-M this means non secure domain typically running an
OS using services provided by TF-M.
diff --git a/docs/integration_guide/index.rst b/docs/integration_guide/index.rst
index fbdea54..1923116 100644
--- a/docs/integration_guide/index.rst
+++ b/docs/integration_guide/index.rst
@@ -133,7 +133,7 @@
situation, which can be done by setting
``CONFIG_TFM_SCHEDULE_WHEN_NS_INTERRUPTED`` to 1. This could be done if the
NSPE is known to be a simple, single-threaded application or if non-secure
-interrupts cannot pre-empt the SPE, for example.
+interrupts cannot preempt the SPE, for example.
**********************************
Integration with non-Cmake systems
diff --git a/docs/integration_guide/non-secure_client_extension_integration_guide.rst b/docs/integration_guide/non-secure_client_extension_integration_guide.rst
index c615605..6fd95ed 100644
--- a/docs/integration_guide/non-secure_client_extension_integration_guide.rst
+++ b/docs/integration_guide/non-secure_client_extension_integration_guide.rst
@@ -98,7 +98,7 @@
uint32_t tfm_nsce_acquire_ctx(uint8_t group_id, uint8_t thread_id)
This function allocates a context for the NS client connection. The `gid` and
-`tid` are the input paramemters. A token will be returned to the NSPE if TF-M
+`tid` are the input parameters. A token will be returned to the NSPE if TF-M
has an available context slot. Otherwise, `TFM_NS_CLIENT_INVALID_TOKEN` is
returned.
It is the responsibility of NSPE RTOS to assign gid and tid for each NS client.
@@ -244,7 +244,7 @@
within a group.
- `gid` and `tid` management: It is the responsibility of NSPE RTOS to manage
- the assignment of `gid` and `tid`. Based on the explaination above, the `gid`
+ the assignment of `gid` and `tid`. Based on the explanation above, the `gid`
could be assigned as a constant value. And, the `tid` can be increased
globally when calling `tfm_nsce_acquire_ctx()` for a new task. Just notice
`tid` may overflow.
diff --git a/docs/integration_guide/platform/platform_deprecation.rst b/docs/integration_guide/platform/platform_deprecation.rst
index ef95256..a31824b 100644
--- a/docs/integration_guide/platform/platform_deprecation.rst
+++ b/docs/integration_guide/platform/platform_deprecation.rst
@@ -15,7 +15,7 @@
2. The merit of the proposal will be considered by the maintainers for a
period of 4 weeks and community can express their opinion on the same
during this time window. The platform owner can veto the proposal and
- incase of multiple platform owners with differing opinion or community
+ in case of multiple platform owners with differing opinion or community
having interest in the platform, then the project maintainer can work
with the platform owner and use their discretion to decide on the
proposal.
diff --git a/docs/integration_guide/platform/porting_tfm_to_a_new_hardware.rst b/docs/integration_guide/platform/porting_tfm_to_a_new_hardware.rst
index 177514b..3d7be09 100644
--- a/docs/integration_guide/platform/porting_tfm_to_a_new_hardware.rst
+++ b/docs/integration_guide/platform/porting_tfm_to_a_new_hardware.rst
@@ -11,9 +11,11 @@
*************
Prerequisites
*************
-Building environnement
-======================
-Make sure you have a working build environnement and that you can build
+
+Building environment
+====================
+
+Make sure you have a working build environment and that you can build
TF-M on AN521 following the
:doc:`Build instructions </building/tfm_build_instruction>`.
@@ -24,6 +26,7 @@
CMSIS Drivers
=============
+
The TF-M stack requires at least two CMSIS HAL implementations:
- `USART <https://www.keil.com/pack/doc/CMSIS/Driver/html/group__usart__interface__gr.html>`_
@@ -127,7 +130,7 @@
Please note that platform folder provides source for building both :term:`SPE`
and :term:`NSPE` parts. The SPE builds directly from the source tree while files
necessary for NSPE platform support are installed to ``<Artifact folder>``
-for building TF-M application as decribed in the
+for building TF-M application as described in the
:doc:`Build instructions </building/tfm_build_instruction>`.
Questions to be answered:
@@ -213,7 +216,7 @@
- Install all files required for building the platform in the Non-secure application [INSTALL_]
The installation section expands the common installation script with the platform specific files.
- The following predefined variables are availble to address the respective subfolders
+ The following predefined variables are available to address the respective subfolders
of the target ``<Artifact folder>``.
+-------------------------------------+------------------------------------------------------------+
@@ -262,7 +265,7 @@
+=====================================+============================================================+
|PLATFORM_HAS_ISOLATION_L3_SUPPORT | Whether the platform has isolation level 3 support |
+-------------------------------------+------------------------------------------------------------+
- |PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT | Wheter the platform has firmware update support |
+ |PLATFORM_HAS_FIRMWARE_UPDATE_SUPPORT | Whether the platform has firmware update support |
+-------------------------------------+------------------------------------------------------------+
|PSA_API_TEST_TARGET | The target platform name of PSA API test |
+-------------------------------------+------------------------------------------------------------+
@@ -406,7 +409,7 @@
from another platform (e.g. arm/mps2/an521) and update the following entries.
General advice: if you don't know beforehand the size you will want for
- these elements you will have to make it iterative from an abitrary value
+ these elements you will have to make it iterative from an arbitrary value
taken from another platform (e.g. arm/mps2/an521)
Note: all size are in bytes
@@ -471,7 +474,7 @@
(location as defined in CMakeLists.txt)
- This is the Run-Time Environnement file from CMSIS, which is there to allow
+ This is the Run-Time Environment file from CMSIS, which is there to allow
enabling or disabling drivers prior to building. If your platform is
designed as a general use platform, this file should contain all the
available CMSIS drivers, and you should provide a recommended configuration.
diff --git a/docs/integration_guide/services/tfm_secure_partition_addition.rst b/docs/integration_guide/services/tfm_secure_partition_addition.rst
index 73cee8e..575b8ff 100644
--- a/docs/integration_guide/services/tfm_secure_partition_addition.rst
+++ b/docs/integration_guide/services/tfm_secure_partition_addition.rst
@@ -92,7 +92,7 @@
.. Note::
The users can use LOW, NORMAL and HIGH to determine the priority of the Secure Partition
- in manifest. They are replaced by 01, 02 and 03 auotmatically when parsing manifest
+ in manifest. They are replaced by 01, 02 and 03 automatically when parsing manifest
lists for section naming.
Here is a manifest reference example for the IPC model:
@@ -452,7 +452,7 @@
.. Note::
The Secure Partition building should be skipped if it is not enabled.
- This should be done by adding the following code at the begining of its ``CMakeLists.txt``
+ This should be done by adding the following code at the beginning of its ``CMakeLists.txt``
.. code-block:: cmake
@@ -747,7 +747,7 @@
``TFM_EXTRA_PARTITION_PATHS``. The orders don't matter either.
``TFM_EXTRA_MANIFEST_LIST_FILES`` and ``TFM_EXTRA_PARTITION_PATHS`` can be
- configurated in multiple extra sources. It is recommended to use CMake list
+ configured in multiple extra sources. It is recommended to use CMake list
``APPEND`` method to avoid unexpected override.
Further Notes
diff --git a/docs/integration_guide/source_structure/source_structure.rst b/docs/integration_guide/source_structure/source_structure.rst
index d7882f4..728b12f 100644
--- a/docs/integration_guide/source_structure/source_structure.rst
+++ b/docs/integration_guide/source_structure/source_structure.rst
@@ -7,7 +7,7 @@
TF-M is designed to provide a user-friendly source structure to ease
integration and service development. This document introduces the source
structure and its design intention of TF-M. Additionally, the folders below are
-important for TF-M integration and descibed in a separate documents:
+important for TF-M integration and described in a separate documents:
.. toctree::
:maxdepth: 1
diff --git a/docs/integration_guide/tfm_fpu_support.rst b/docs/integration_guide/tfm_fpu_support.rst
index 0e1493b..b7bb2c0 100644
--- a/docs/integration_guide/tfm_fpu_support.rst
+++ b/docs/integration_guide/tfm_fpu_support.rst
@@ -59,7 +59,7 @@
linked with ``LINKER_CP_OPTION`` for different FP ABI types. All those
libraries shall be built with ``COMPLIER_CP_FLAG``.
-If FP ABI types mismatch error is generated during build, pleae check whether
+If FP ABI types mismatch error is generated during build, please check whether
the library is compiled with ``COMPILER_CP_FLAG``.
Example:
diff --git a/docs/integration_guide/tfm_secure_irq_integration_guide.rst b/docs/integration_guide/tfm_secure_irq_integration_guide.rst
index 770ff9f..59aafed 100644
--- a/docs/integration_guide/tfm_secure_irq_integration_guide.rst
+++ b/docs/integration_guide/tfm_secure_irq_integration_guide.rst
@@ -10,7 +10,7 @@
are mainly platform integrators and Secure Partition developers.
This document assumes that you have read the PSA Firmware Framework (FF-M) v1.0
-[1]_ and the FF-M v1.1 extensions [2]_ thus have knowlege on the terminologies
+[1]_ and the FF-M v1.1 extensions [2]_ thus have knowledge on the terminologies
such as Secure Partitions and manifests.
************************
@@ -177,7 +177,7 @@
=====================================================
A secure partition shall be granted two parts of permissions to access a device.
-One is the Memory Maped I/O (MMIO) region of the device. The other is the driver
+One is the Memory Mapped I/O (MMIO) region of the device. The other is the driver
codes to access the device.
The MMIO Regions
diff --git a/docs/platform/arm/corstone1000/readme.rst b/docs/platform/arm/corstone1000/readme.rst
index 8a3eab6..f0bcafe 100644
--- a/docs/platform/arm/corstone1000/readme.rst
+++ b/docs/platform/arm/corstone1000/readme.rst
@@ -23,7 +23,7 @@
`Embed protocol`, and the ATU support is removed.
The secure enclave subsystem has ARM's CC-312 (Crypto Cell) hardware to
-accelerate cryptographic operations. Additionaly, platform supports Secure Debug
+accelerate cryptographic operations. Additionally, platform supports Secure Debug
using SDC-600 as the communication interface between host debugger and platform
target. The platform has the build option to enable secure debug protocol to
unlock debug ports during boot time. The protocol is based on ARM's ADAC
@@ -83,10 +83,10 @@
This section can be used to test the secure enclave software independently from
the host. The below configuration builds the secure enclave binaries with regression test
-frame integrated. On boot, secure enclave softwares stack is brought up, and
+frame integrated. On boot, secure enclave software stack is brought up, and
regression tests starts executing at the end of the initialization process. In the
below configuration, host software support is disabled, and meant only
-to test/verify the secure enclave softwares.
+to test/verify the secure enclave software.
Follow the instructions in :doc:`Building instructions </building/tests_build_instruction>`.
diff --git a/docs/platform/arm/mps3/corstone300/README.rst b/docs/platform/arm/mps3/corstone300/README.rst
index 9f783d8..b6f4749 100644
--- a/docs/platform/arm/mps3/corstone300/README.rst
+++ b/docs/platform/arm/mps3/corstone300/README.rst
@@ -110,7 +110,7 @@
#. Copy ``bl2.bin`` and ``tfm_s_ns_signed.bin`` files from
build dir to ``<MPS3 device name>/SOFTWARE/``
#. Rename ``tfm_s_ns_signed.bin`` to ``tfm.bin`` (Filename should not be longer
- than 8 charachters.)
+ than 8 characters.)
#. Open ``<MPS3 device name>/MB/HBI0309C/AN547/images.txt``
#. Update the ``images.txt`` file as follows::
@@ -176,7 +176,7 @@
#. Copy ``bl2.bin`` and ``tfm_s_ns_signed.bin`` files from
build dir to ``<MPS3 device name>/SOFTWARE/``
#. Rename ``tfm_s_ns_signed.bin`` to ``tfm.bin`` (Filename should not be longer
- than 8 charachters.)
+ than 8 characters.)
#. Open ``<MPS3 device name>/MB/HBI0309C/AN552/images.txt``
#. Update the ``images.txt`` file as follows::
diff --git a/docs/platform/arm/rse/rse_fwu_metadata.rst b/docs/platform/arm/rse/rse_fwu_metadata.rst
index 5bb5f75..0c08e7b 100644
--- a/docs/platform/arm/rse/rse_fwu_metadata.rst
+++ b/docs/platform/arm/rse/rse_fwu_metadata.rst
@@ -1,11 +1,11 @@
-###############
-RSE FWU Metdata
-###############
+################
+RSE FWU Metadata
+################
As per the PSA firmware update architecture specification `_DEN0118
<https://developer.arm.com/documentation/den0118/latest/>`_ , fwu metadata and
-private metdata is a collection of fields that primarily serves as an information
-exchange channel between the firwmare update agent and the early stage bootloader.
+private metadata is a collection of fields that primarily serves as an information
+exchange channel between the firmware update agent and the early stage bootloader.
Current code implements version 2 of the metadata as per the spec section A3.2.2.
For RSE, if option ``RSE_GPT_SUPPORT`` is enabled, then the firmware store
diff --git a/docs/platform/armchina/mps3/alcor/README.rst b/docs/platform/armchina/mps3/alcor/README.rst
index 400bad4..2dc9852 100644
--- a/docs/platform/armchina/mps3/alcor/README.rst
+++ b/docs/platform/armchina/mps3/alcor/README.rst
@@ -73,7 +73,7 @@
#. Copy ``bl2.bin`` and ``tfm_s_ns_signed.bin`` files from
build dir to ``<MPS3 device name>/SOFTWARE/``
#. Rename ``tfm_s_ns_signed.bin`` to ``tfm.bin`` (Filename should not be longer
- than 8 charachters.)
+ than 8 characters.)
#. Open ``<MPS3 device name>/MB/HBI0309C/AN557/images.txt``
#. Update the ``images.txt`` file as follows::
diff --git a/docs/platform/nxp/lpcxpresso55s69/README.rst b/docs/platform/nxp/lpcxpresso55s69/README.rst
index 4a5ef84..0cecd73 100644
--- a/docs/platform/nxp/lpcxpresso55s69/README.rst
+++ b/docs/platform/nxp/lpcxpresso55s69/README.rst
@@ -43,7 +43,7 @@
1.3 Building TF-M regression tests
==================================
-To buld the S and NS regression tests without BL2, run the following commands:
+To build the S and NS regression tests without BL2, run the following commands:
.. code:: bash
diff --git a/docs/releases/1.8.0.rst b/docs/releases/1.8.0.rst
index 5c63267..edc35b5 100644
--- a/docs/releases/1.8.0.rst
+++ b/docs/releases/1.8.0.rst
@@ -56,7 +56,7 @@
.. note::
- Profile `Medium-ARoT-less` built with disabled Firmware Update service to algin with other
+ Profile `Medium-ARoT-less` built with disabled Firmware Update service to align with other
TF-M Profiles.
+----------------------+---------------+---------------+---------------+---------------+---------------+
diff --git a/docs/security/security_advisories/stack_seal_vulnerability.rst b/docs/security/security_advisories/stack_seal_vulnerability.rst
index f45605d..5019d0a 100644
--- a/docs/security/security_advisories/stack_seal_vulnerability.rst
+++ b/docs/security/security_advisories/stack_seal_vulnerability.rst
@@ -77,7 +77,7 @@
As described in the white paper, de-privileged interrupt handling is
also vulnerable to this problem. The Library mode of TF-M uses de-privileged
-interrupt handling and does not allow non-secure interrupt to pre-empt the
+interrupt handling and does not allow non-secure interrupt to preempt the
secure interrupt handling. But if the de-privileged handler makes a
Non-Secure callback then there is a chance that Non-Secure world could
return back to Secure world via a fake FNC_RETURN. Under certain
diff --git a/docs/security/security_advisories/user_pointers_mailbox_vectors_vulnerability.rst b/docs/security/security_advisories/user_pointers_mailbox_vectors_vulnerability.rst
index 1fe12a3..91d0fb2 100644
--- a/docs/security/security_advisories/user_pointers_mailbox_vectors_vulnerability.rst
+++ b/docs/security/security_advisories/user_pointers_mailbox_vectors_vulnerability.rst
@@ -18,7 +18,7 @@
+-----------------+------------------------------------------------------------+
| Impact | The mailbox message could contain arbitrary pointers which,|
| | in case of psa_call failure, would lead to write to a |
-| | user-specified adddress in memory. |
+| | user-specified address in memory. |
+-----------------+------------------------------------------------------------+
| Fix Version | 5ae0a02e8 TF-M v2.1.1 |
+-----------------+------------------------------------------------------------+
@@ -49,7 +49,7 @@
vector length. If both calls fail, the reply routine in tfm_spe_mailbox could
take the injected data and write it into a desired location specified by the
invalid length.
-Note that the above sequence would require sending the two mesages through two
+Note that the above sequence would require sending the two messages through two
different mailbox slots.
Mitigation
diff --git a/docs/security/threat_models/generic_threat_model.rst b/docs/security/threat_models/generic_threat_model.rst
index 6f419a4..f85591f 100644
--- a/docs/security/threat_models/generic_threat_model.rst
+++ b/docs/security/threat_models/generic_threat_model.rst
@@ -762,7 +762,7 @@
| | |
| | **Transferred**: If RoT services can directly access NS |
| | memory and read NS input data multiple times during data |
- | | processing, then the RoT service implementor must review |
+ | | processing, then the RoT service implementer must review |
| | and confirm the implementation of the RoT service copies |
| | NS input data into SPE memory area before it processes the |
| | data. TF-M-provided RoT services implement this |
@@ -805,7 +805,7 @@
+---------------+------------------------------------------------------------+
| Category | Tampering |
+---------------+------------------------------------------------------------+
- | Mitigation | **Transferred**: The RoT service implementor must not |
+ | Mitigation | **Transferred**: The RoT service implementer must not |
| | embed memory addresses into a single input/output vector. |
| | If more than 4 memory addresses are required in a RoT |
| | service request, it is recommended to split this request |
@@ -850,7 +850,7 @@
+---------------+------------------------------------------------------------+
| Category | Information disclosure |
+---------------+------------------------------------------------------------+
- | Mitigation | **Transferred**: The RoT service implementor must not |
+ | Mitigation | **Transferred**: The RoT service implementer must not |
| | embed memory addresses into a single input/output vector. |
| | If more than 4 memory addresses are required in a RoT |
| | service request, it is recommended to split this request |
