doc: Use proper note and warning annotations

The documentation contains plenty of notes and warnings. Enable special rendering of these blocks by converting the note prefix into a .. note:: annotation. Change-Id: I34e26ca6bf313d335672ab6c2645741900338822 Signed-off-by: Paul Beesley <paul.beesley@arm.com>
2025-04-19 11:04:20 +00:00 · 2019-03-13 16:20:44 +00:00 · 2019-03-13 16:20:44 +00:00 · e1c5026ac7
commit e1c5026ac7
parent f94102ba96
14 changed files with 168 additions and 113 deletions
--- a/docs/change-log.rst
+++ b/docs/change-log.rst
@ -1186,7 +1186,8 @@ New features
 -  Migrated to use SPDX[0] license identifiers to make software license
   auditing simpler.
-   *NOTE:* Files that have been imported by FreeBSD have not been modified.
+   .. note::
      Files that have been imported by FreeBSD have not been modified.
   [0]: https://spdx.org/
@ -2205,7 +2206,8 @@ New features
   be used on the AEMv8 and Cortex-A57-A53 Base FVPs, as well as the Foundation
   FVP.
-   NOTE: The software will not work on Version 1.0 of the Foundation FVP.
+   .. note::
      The software will not work on Version 1.0 of the Foundation FVP.
 -  Enabled third party contributions. Added a new contributing.md containing
   instructions for how to contribute and updated copyright text in all files
@ -2236,13 +2238,16 @@ New features
   FIP from NOR flash, although some support for image loading using semi-
   hosting is retained.
-   NOTE: Building a FIP by default is a non-backwards-compatible change.
+   .. note::
      Building a FIP by default is a non-backwards-compatible change.
-   NOTE: Generic BL2 code now loads a BL3-3 (non-trusted firmware) image into
+   .. note::
      Generic BL2 code now loads a BL3-3 (non-trusted firmware) image into
      DRAM instead of expecting this to be pre-loaded at known location. This is
      also a non-backwards-compatible change.
-   NOTE: Some non-trusted firmware (e.g. UEFI) will need to be rebuilt so that
+   .. note::
      Some non-trusted firmware (e.g. UEFI) will need to be rebuilt so that
      it knows the new location to execute from and no longer needs to copy
      particular code modules to DRAM itself.
@ -2270,8 +2275,11 @@ New features
   Dispatcher (TSPD), which is loaded as an EL3 runtime service. The TSPD
   implements Secure Monitor functionality such as world switching and
   EL1 context management, and is responsible for communication with the TSP.
-   NOTE: The TSPD does not yet contain support for secure world interrupts.
+
-   NOTE: The TSP/TSPD is not built by default.
+   .. note::
      The TSPD does not yet contain support for secure world interrupts.
   .. note::
      The TSP/TSPD is not built by default.
 Issues resolved since last release
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
--- a/docs/components/exception-handling.rst
+++ b/docs/components/exception-handling.rst
@ -193,7 +193,7 @@ priority assignment:
   6 and 5), the platform can partition into 4 secure priority ranges: ``0x0``,
   ``0x20``, ``0x40``, and ``0x60``. See `Interrupt handling example`_.
-Note:
+.. note::
   The Arm GIC architecture requires that a GIC implementation that supports two
   security states must implement at least 32 priority levels; i.e., at least 5
@ -215,7 +215,7 @@ priority level descriptors. Each entry in the array is of type
 ``ehf_pri_desc_t``, and declares a priority level, and shall be populated by the
 ``EHF_PRI_DESC()`` macro.
-Note:
+.. warning::
   The macro ``EHF_PRI_DESC()`` installs the descriptors in the array at a
   computed index, and not necessarily where the macro is placed in the array.
--- a/docs/design/auth-framework.rst
+++ b/docs/design/auth-framework.rst
@ -953,9 +953,11 @@ sources in the build for the various algorithms. Setting the variable to
 `rsa+ecdsa` enables support for both rsa and ecdsa algorithms in the mbedTLS
 library.
-Note: If code size is a concern, the build option ``MBEDTLS_SHA256_SMALLER`` can
+.. note::
-be defined in the platform Makefile. It will make mbed TLS use an implementation
+   If code size is a concern, the build option ``MBEDTLS_SHA256_SMALLER`` can
-of SHA-256 with smaller memory footprint (~1.5 KB less) but slower (~30%).
+   be defined in the platform Makefile. It will make mbed TLS use an
   implementation of SHA-256 with smaller memory footprint (~1.5 KB less) but
   slower (~30%).
 --------------
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@ -1141,7 +1141,9 @@ returning through EL3 and running the non-trusted firmware (BL33):
   ``bl31_register_bl32_init()`` which provides a SPD-defined mechanism to
   invoke a 'world-switch synchronous call' to Secure-EL1 to run the BL32
   entrypoint.
-   NOTE: The Test SPD service included with TF-A provides one implementation
+
   .. note::
      The Test SPD service included with TF-A provides one implementation
      of such a mechanism.
   On completion BL32 returns control to BL31 via a SMC, and on receipt the
@ -1675,7 +1677,8 @@ The location of the BL32 image will result in different memory maps. This is
 illustrated for both FVP and Juno in the following diagrams, using the TSP as
 an example.
-Note: Loading the BL32 image in TZC secured DRAM doesn't change the memory
+.. note::
   Loading the BL32 image in TZC secured DRAM doesn't change the memory
   layout of the other images in Trusted SRAM.
 CONFIG section in memory layouts shown below contains:
@ -2215,7 +2218,8 @@ The default memory layout for each BL image is as follows:
       |       Code        |
       +-------------------+ BLx_BASE
-Note: The 2KB alignment for the exception vectors is an architectural
+.. note::
   The 2KB alignment for the exception vectors is an architectural
   requirement.
 The read-write data start on a new memory page so that they can be mapped with
--- a/docs/design/interrupt-framework-design.rst
+++ b/docs/design/interrupt-framework-design.rst
@ -416,7 +416,8 @@ runtime.
 Test secure payload dispatcher behavior
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-**Note:** where this document discusses ``TSP_NS_INTR_ASYNC_PREEMPT`` as being
+.. note::
   Where this document discusses ``TSP_NS_INTR_ASYNC_PREEMPT`` as being
   ``1``, the same results also apply when ``EL3_EXCEPTION_HANDLING`` is ``1``.
 The TSPD only handles Secure-EL1 interrupts and is provided with the following
--- a/docs/design/reset-design.rst
+++ b/docs/design/reset-design.rst
@ -23,7 +23,8 @@ configuration, some of these steps might be unnecessary. The following sections
 guide the platform integrator by indicating which build options exclude which
 steps, depending on the capability of the platform.
-Note: If BL31 is used as the TF-A entry point instead of BL1, the diagram
+.. note::
   If BL31 is used as the TF-A entry point instead of BL1, the diagram
   above is still relevant, as all these operations will occur in BL31 in
   this case. Please refer to section 6 "Using BL31 entrypoint as the reset
   address" for more information.
--- a/docs/design/trusted-board-boot.rst
+++ b/docs/design/trusted-board-boot.rst
@ -141,7 +141,8 @@ if any of the steps fail.
   compared with the hash of the ROTPK read from the trusted root-key storage
   registers. If they match, the BL2 hash is read from the certificate.
-   Note: the matching operation is platform specific and is currently
+   .. note::
      The matching operation is platform specific and is currently
      unimplemented on the Arm development platforms.
 -  BL1 loads the BL2 image. Its hash is calculated and compared with the hash
--- a/docs/getting_started/porting-guide.rst
+++ b/docs/getting_started/porting-guide.rst
@ -331,7 +331,9 @@ must also be defined:
   SCP_BL2U image identifier, used by BL1 to fetch an image descriptor
   corresponding to SCP_BL2U.
-   NOTE: TF-A does not provide source code for this image.
+
   .. note::
      TF-A does not provide source code for this image.
 If the Non-Secure Firmware Updater ROM, NS_BL1U is used, the following must
 also be defined:
@ -340,7 +342,9 @@ also be defined:
   Defines the base address in non-secure ROM where NS_BL1U executes.
   Must be aligned on a page-size boundary.
-   NOTE: TF-A does not provide source code for this image.
+
   .. note::
      TF-A does not provide source code for this image.
 -  **#define : NS_BL1U_IMAGE_ID**
@ -354,7 +358,9 @@ be defined:
   Defines the base address in non-secure memory where NS_BL2U executes.
   Must be aligned on a page-size boundary.
-   NOTE: TF-A does not provide source code for this image.
+
   .. note::
      TF-A does not provide source code for this image.
 -  **#define : NS_BL2U_IMAGE_ID**
@ -1000,7 +1006,8 @@ situation from which it cannot recover. This function must not return,
 and must be implemented in assembly because it may be called before the C
 environment is initialized.
-Note: The address from where it was called is stored in x30 (Link Register).
+.. note::
   The address from where it was called is stored in x30 (Link Register).
   The default implementation simply spins.
 Function : plat_get_bl_image_load_info()
@ -1042,9 +1049,10 @@ value will weaken the protection as the attacker could easily write the right
 value as part of the attack most of the time. Therefore, it should return a
 true random number.
-Note: For the protection to be effective, the global data need to be placed at
+.. warning::
-a lower address than the stack bases. Failure to do so would allow an attacker
+   For the protection to be effective, the global data need to be placed at
-to overwrite the canary as part of the stack buffer overflow attack.
+   a lower address than the stack bases. Failure to do so would allow an
   attacker to overwrite the canary as part of the stack buffer overflow attack.
 Function : plat_flush_next_bl_params()
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@ -2564,10 +2572,12 @@ makefiles in order to benefit from them. By default, they will cause the crash
 output to be routed over the normal console infrastructure and get printed on
 consoles configured to output in crash state. ``console_set_scope()`` can be
 used to control whether a console is used for crash output.
-NOTE: Platforms are responsible for making sure that they only mark consoles for
+
-use in the crash scope that are able to support this, i.e. that are written in
+.. note::
-assembly and conform with the register clobber rules for putc() (x0-x2, x16-x17)
+   Platforms are responsible for making sure that they only mark consoles for
-and flush() (x0-x3, x16-x17) crash callbacks.
+   use in the crash scope that are able to support this, i.e. that are written
   in assembly and conform with the register clobber rules for putc()
   (x0-x2, x16-x17) and flush() (x0-x3, x16-x17) crash callbacks.
 In some cases (such as debugging very early crashes that happen before the
 normal boot console can be set up), platforms may want to control crash output
--- a/docs/getting_started/rt-svc-writers-guide.rst
+++ b/docs/getting_started/rt-svc-writers-guide.rst
@ -260,7 +260,8 @@ The ``cookie`` parameter to the handler is reserved for future use and can be
 ignored. The ``handle`` is returned by the SMC handler - completion of the
 handler function must always be via one of the ``SMC_RETn()`` macros.
-NOTE: The PSCI and Test Secure-EL1 Payload Dispatcher services do not follow
+.. note::
   The PSCI and Test Secure-EL1 Payload Dispatcher services do not follow
   all of the above requirements yet.
 Services that contain multiple sub-services
--- a/docs/getting_started/user-guide.rst
+++ b/docs/getting_started/user-guide.rst
@ -96,7 +96,8 @@ targets which both utilise the `checkpatch.pl` script that ships with the Linux
 source tree. The project also defines certain *checkpatch* options in the
 ``.checkpatch.conf`` file in the top-level directory.
-**Note:** Checkpatch errors will gate upstream merging of pull requests.
+.. note::
   Checkpatch errors will gate upstream merging of pull requests.
   Checkpatch warnings will not gate merging but should be reviewed and fixed if
   possible.
@ -718,7 +719,8 @@ Common build options
   of certificates in the FIP and FWU_FIP depends upon the value of the
   ``GENERATE_COT`` option.
-   Note: This option depends on ``CREATE_KEYS`` to be enabled. If the keys
+   .. warning::
      This option depends on ``CREATE_KEYS`` to be enabled. If the keys
      already exist in disk, they will be overwritten without further notice.
 -  ``TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
@ -739,7 +741,8 @@ Common build options
   interrupts to TSP allowing it to save its context and hand over
   synchronously to EL3 via an SMC.
-   Note: when ``EL3_EXCEPTION_HANDLING`` is ``1``, ``TSP_NS_INTR_ASYNC_PREEMPT``
+   .. note::
      When ``EL3_EXCEPTION_HANDLING`` is ``1``, ``TSP_NS_INTR_ASYNC_PREEMPT``
      must also be set to ``1``.
 -  ``USE_ARM_LINK``: This flag determines whether to enable support for ARM
@ -948,7 +951,8 @@ version to 2 is recommended for DS-5 versions older than 5.16.
 When debugging logic problems it might also be useful to disable all compiler
 optimizations by using ``-O0``.
-NOTE: Using ``-O0`` could cause output images to be larger and base addresses
+.. warning::
   Using ``-O0`` could cause output images to be larger and base addresses
   might need to be recalculated (see the **Memory layout on Arm development
   platforms** section in the `Firmware Design`_).
@ -1205,11 +1209,13 @@ images with support for these features:
       NS_BL2U=<path-to>/<ns_bl2u_image>                               \
       all fip fwu_fip
-   Note: The BL2U image will be built by default and added to the FWU_FIP.
+   .. note::
      The BL2U image will be built by default and added to the FWU_FIP.
      The user may override this by adding ``BL2U=<path-to>/<bl2u_image>``
      to the command line above.
-   Note: Building and installing the non-secure and SCP FWU images (NS_BL1U,
+   .. note::
      Building and installing the non-secure and SCP FWU images (NS_BL1U,
      NS_BL2U and SCP_BL2U) is outside the scope of this document.
   The result of this build will be bl1.bin, fip.bin and fwu_fip.bin binaries.
@ -1252,19 +1258,24 @@ This section provides Juno and FVP specific instructions to build Trusted
 Firmware, obtain the additional required firmware, and pack it all together in
 a single FIP binary. It assumes that a `Linaro Release`_ has been installed.
-Note: Pre-built binaries for AArch32 are available from Linaro Release 16.12
+.. note::
-onwards. Before that release, pre-built binaries are only available for AArch64.
+   Pre-built binaries for AArch32 are available from Linaro Release 16.12
   onwards. Before that release, pre-built binaries are only available for
   AArch64.
-Note: Follow the full instructions for one platform before switching to a
+.. warning::
   Follow the full instructions for one platform before switching to a
   different one. Mixing instructions for different platforms may result in
   corrupted binaries.
-Note: The uboot image downloaded by the Linaro workspace script does not always
+.. warning::
   The uboot image downloaded by the Linaro workspace script does not always
   match the uboot image packaged as BL33 in the corresponding fip file. It is
   recommended to use the version that is packaged in the fip file using the
   instructions below.
-Note: For the FVP, the kernel FDT is packaged in FIP during build and loaded
+.. note::
   For the FVP, the kernel FDT is packaged in FIP during build and loaded
   by the firmware at runtime. See `Obtaining the Flattened Device Trees`_
   section for more info on selecting the right FDT to use.
@ -1291,12 +1302,14 @@ section for more info on selecting the right FDT to use.
   current working directory. The SCP_BL2 image corresponds to
   ``scp-fw.bin`` and BL33 corresponds to ``nt-fw.bin``.
-   Note: The fiptool will complain if the images to be unpacked already
+   .. note::
      The fiptool will complain if the images to be unpacked already
      exist in the current directory. If that is the case, either delete those
      files or use the ``--force`` option to overwrite.
-   Note: For AArch32, the instructions below assume that nt-fw.bin is a normal
+   .. note::
-   world boot loader that supports AArch32.
+      For AArch32, the instructions below assume that nt-fw.bin is a
      normal world boot loader that supports AArch32.
 #. Build TF-A images and create a new FIP for FVP
@ -1662,6 +1675,7 @@ The latest version of the AArch64 build of TF-A has been tested on the following
 Arm FVPs without shifted affinities, and that do not support threaded CPU cores
 (64-bit host machine only).
 .. note::
   The FVP models used are Version 11.6 Build 45, unless otherwise stated.
 -  ``FVP_Base_AEMv8A-AEMv8A``
@ -1699,30 +1713,36 @@ Arm FVPs without shifted affinities, and that do not support threaded CPU cores
 -  ``FVP_Base_AEMv8A-AEMv8A``
 -  ``FVP_Base_Cortex-A32x4``
-NOTE: The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities, which
+.. note::
   The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities, which
   is not compatible with legacy GIC configurations. Therefore this FVP does not
   support these legacy GIC configurations.
-NOTE: The build numbers quoted above are those reported by launching the FVP
+.. note::
   The build numbers quoted above are those reported by launching the FVP
   with the ``--version`` parameter.
-NOTE: Linaro provides a ramdisk image in prebuilt FVP configurations and full
+.. note::
   Linaro provides a ramdisk image in prebuilt FVP configurations and full
   file systems that can be downloaded separately. To run an FVP with a virtio
   file system image an additional FVP configuration option
   ``-C bp.virtioblockdevice.image_path="<path-to>/<file-system-image>`` can be
   used.
-NOTE: The software will not work on Version 1.0 of the Foundation FVP.
+.. note::
   The software will not work on Version 1.0 of the Foundation FVP.
   The commands below would report an ``unhandled argument`` error in this case.
-NOTE: FVPs can be launched with ``--cadi-server`` option such that a
+.. note::
-CADI-compliant debugger (for example, Arm DS-5) can connect to and control its
+   FVPs can be launched with ``--cadi-server`` option such that a
-execution.
+   CADI-compliant debugger (for example, Arm DS-5) can connect to and control
   its execution.
-NOTE: Since FVP model Version 11.0 Build 11.0.34 and Version 8.5 Build 0.8.5202
+.. warning::
-the internal synchronisation timings changed compared to older versions of the
+   Since FVP model Version 11.0 Build 11.0.34 and Version 8.5 Build 0.8.5202
-models. The models can be launched with ``-Q 100`` option if they are required
+   the internal synchronisation timings changed compared to older versions of
-to match the run time characteristics of the older versions.
+   the models. The models can be launched with ``-Q 100`` option if they are
   required to match the run time characteristics of the older versions.
 The Foundation FVP is a cut down version of the AArch64 Base FVP. It can be
 downloaded for free from `Arm's website`_.
@ -1743,7 +1763,8 @@ be found in the TF-A source directory under ``fdts/``. The Foundation FVP has
 a subset of the Base FVP components. For example, the Foundation FVP lacks
 CLCD and MMC support, and has only one CPU cluster.
-Note: It is not recommended to use the FDTs built along the kernel because not
+.. note::
   It is not recommended to use the FDTs built along the kernel because not
   all FDTs are available from there.
 The dynamic configuration capability is enabled in the firmware for FVPs.
@ -1851,8 +1872,9 @@ with 8 CPUs using the AArch64 build of TF-A.
    --data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000 \
    --data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
-Note: The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires a
+.. note::
-specific DTS for all the CPUs to be loaded.
+   The ``FVP_Base_RevC-2xAEMv8A`` has shifted affinities and requires
   a specific DTS for all the CPUs to be loaded.
 Running on the AEMv8 Base FVP (AArch32) with reset to BL1 entrypoint
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@ -2010,7 +2032,8 @@ with 8 CPUs using the AArch32 build of TF-A.
    --data cluster0.cpu0="<path-to>/<kernel-binary>"@0x80080000  \
    --data cluster0.cpu0="<path-to>/<ramdisk>"@0x84000000
-Note: The load address of ``<bl32-binary>`` depends on the value ``BL32_BASE``.
+.. note::
   The load address of ``<bl32-binary>`` depends on the value ``BL32_BASE``.
   It should match the address programmed into the RVBAR register as well.
 Running on the Cortex-A57-A53 Base FVP with reset to BL31 entrypoint
--- a/docs/index.rst
+++ b/docs/index.rst
@ -153,6 +153,7 @@ The latest version of the AArch64 build of TF-A has been tested on the following
 Arm FVPs without shifted affinities, and that do not support threaded CPU cores
 (64-bit host machine only).
 .. note::
   The FVP models used are Version 11.5 Build 33, unless otherwise stated.
 -  ``FVP_Base_AEMv8A-AEMv8A``
@ -190,7 +191,8 @@ Arm FVPs without shifted affinities, and that do not support threaded CPU cores
 -  ``FVP_Base_AEMv8A-AEMv8A``
 -  ``FVP_Base_Cortex-A32x4``
-NOTE: The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities.
+.. note::
   The ``FVP_Base_RevC-2xAEMv8A`` FVP only supports shifted affinities.
 The Foundation FVP can be downloaded free of charge. The Base FVPs can be
 licensed from Arm. See the `Arm FVP website`_.
--- a/docs/plat/rpi3.rst
+++ b/docs/plat/rpi3.rst
@ -270,11 +270,12 @@ The following build options are supported:
  BL32_EXTRA1=tee-pager_v2.bin  BL32_EXTRA2=tee-pageable_v2.bin``
  to put the binaries into the FIP.
-  Note: If OP-TEE is used it may be needed to add the following options to the
+  .. warning::
     If OP-TEE is used it may be needed to add the following options to the
     Linux command line so that the USB driver doesn't use FIQs:
     ``dwc_otg.fiq_enable=0 dwc_otg.fiq_fsm_enable=0 dwc_otg.nak_holdoff=0``.
-  This will unfortunately reduce the performance of the USB driver. It is needed
+     This will unfortunately reduce the performance of the USB driver. It is
-  when using Raspbian, for example.
+     needed when using Raspbian, for example.
 - ``TRUSTED_BOARD_BOOT``: This port supports TBB. Set this option to 1 to enable
  it. In order to use TBB, you might want to set ``GENERATE_COT=1`` to let the
--- a/docs/process/coding-guidelines.rst
+++ b/docs/process/coding-guidelines.rst
@ -7,7 +7,8 @@ and provide feedback.
 Some of the guidelines may also apply to other codebases.
-**Note:** the existing TF codebase does not necessarily comply with all the
+.. note::
   The existing TF codebase does not necessarily comply with all the
   below guidelines but the intent is for it to do so eventually.
 Checkpatch overrides
--- a/license.rst
+++ b/license.rst
@ -27,7 +27,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 --------------
-Note:
+.. note::
   Individual files contain the following tag instead of the full license text.
 ::