Since there are multiple static analysis tools being used
now, it is better to change references for a particular one
and just point to static analysis section in the documentation.
JIRA is no longer used for tracking security issues. Update it
to Github.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Fix up a handful of references to 'master' in the security documentation
to refer to the new 'main' branch.
Signed-off-by: David Brown <david.brown@linaro.org>
Security documentation contains a code guideline section that is more
about security principles than code guidelines itself. Just removing
the mention do code guideline to avoid possible confusions with
upcoming project code guideline based on MISRA-C.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
While we're working on doc publishing that separates
kernel docs that are release-specific from project docs
that aren't, (temporarily) put the security documents
here so they'll be published with the 1.9 release.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
ReST defines interpreted text roles where text enclosed by single quotes
can be "intrepreted", for example :ref:`some name` becomes a link to
a label anywhere in the doc set named "some name", :c:func:`funcname()`
becomes a link to the API documentation for "funcname", and
:option:`CONFIG_NAME` becomes a link to, in our case, the documentation
for the generated Kconfig option.
This patch fixes uses of `some name` (without a role) by either adding
an explicit role, or changing to ``some name``, which indicates inline
code block formatting (most likely what was intended).
This is a precursor to changing the default behavior of interpreted
text to treat `some name` as :any:`some name` (as configured in
doc/conf.py), which would attempt to create a link to any available
definition of "some name".
We may not change this default role behavior, but it becomes an option
after the fixes in this patch. In any case, this patch fixes incorrect
uses of single-quoted text (possibly introduced because GitHub's
markdown language uses single-quoted text for inline code formatting).
Jira: ZEP-2414
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
More general spelling fixes, and cleaning up stray UTF-8 characters
such as curly-quotes, em- and en-dashes. Use replacement strings
for |reg| and |trade|.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Initial version of some document to capture the secure coding
practices used in the Zephyr project.
Signed-off-by: David Brown <david.brown@linaro.org>
Change-Id: Ic20546a7af832dc7bd193eb91ed44f1badc3ab87
Benjamin Cabé
Flavio Ceolin
Stephanos Ioannidis
David Brown
Thomas Ebert Hansen
David B. Kinder