doc: Update 1.4 versions and some words

Signed-off-by: lirui34 <ruix.li@intel.com>

doc/asa.rst

@@ -1,7 +1,7 @@
 .. _asa:
 
-Advisory
-********
+Security Advisory
+*****************
 
 We recommend that all developers upgrade to this v1.4 release, which addresses the following security
 issues that were discovered in previous releases:

doc/faq.rst

@@ -74,18 +74,18 @@ ACRN Service VM with the 32G memory size.
    the new efi image into the EFI partition::
 
    # mount /dev/sda1 /mnt
-   # scp -r <host name>@<host address>:<your workspace>/acrn-hypervisor/hypervisor/build/acrn.efi /mnt/EFI/acrn/
+   # scp -r <user name>@<host address>:<your workspace>/acrn-hypervisor/hypervisor/build/acrn.efi /mnt/EFI/acrn/
    # sync && umount /mnt
 
 #. Reboot KBL NUC to enjoy the ACRN with 32G memory.
 
-How to modify the default display output for a UOS?
-***************************************************
+How to modify the default display output for a User VM?
+*******************************************************
 
 Apollo Lake HW has three pipes and each pipe can have three or four planes which
 help to display the overlay video. The hardware can support up to 3 monitors
 simultaneously. Some parameters are available to control how display monitors
-are assigned between the SOS and UOS(s), simplifying the assignment policy and
+are assigned between the Service VM and User VM(s), simplifying the assignment policy and
 providing configuration flexibility for the pipes and planes for various IoT
 scenarios. This is known as the **plane restriction** feature.
 
@@ -96,33 +96,33 @@ scenarios. This is known as the **plane restriction** feature.
 
 Refer to :ref:`GVT-g-kernel-options` for detailed parameter descriptions.
 
-In the default configuration, pipe A is assigned to the SOS and pipes B and C
-are assigned to the UOS, as described by these parameters:
+In the default configuration, pipe A is assigned to the Service VM and pipes B and C
+are assigned to the User VM, as described by these parameters:
 
-* SOS::
+* Service VM::
 
     i915.avail_planes_per_pipe=0x01010F
     i915.domain_plane_owners=0x011111110000
 
-* UOS::
+* User VM::
 
     i915.avail_planes_per_pipe=0x0070F00
 
-To assign pipes A and B to the UOS, while pipe C is assigned to the SOS, use
+To assign pipes A and B to the User VM, while pipe C is assigned to the Service VM, use
 these parameters:
 
-* SOS::
+* Service VM::
 
     i915.avail_planes_per_pipe=0x070101
     i915.domain_plane_owners=0x000011111111
 
-* UOS::
+* User VM::
 
     i915.avail_planes_per_pipe=0x000F0F
 
 .. note::
 
-   The careful reader may have noticed that in all examples given above, the SOS
+   The careful reader may have noticed that in all examples given above, the Service VM
    always has at least one plane per pipe. This is intentional, and the driver
    will enforce this if the parameters do not do this.
 

doc/getting-started/rt_industry.rst

@@ -6,10 +6,10 @@ Getting Started Guide for ACRN Industry Scenario
 Verified version
 ****************
 
-- Clear Linux version: **31470**
+- Clear Linux version: **31670**
 - ACRN-hypervisor tag: **v1.4**
-- ACRN-Kernel(Service VM kernel): **4.19.78-95.iot-lts2018-sos**
-- ACRN-Kernel(Preempt-RT kernel): **acrn-2019w39.1-143000p**
+- ACRN-Kernel(Service VM kernel): **4.19.78-98.iot-lts2018-sos**
+- ACRN-Kernel(Preempt-RT kernel): **acrn-2019w47.3-140000p**
 
 Prerequisites
 *************
@@ -22,17 +22,14 @@ for the RTVM.
   (refer to :ref:`the tables <hardware_setup>` for detailed information).
 - If you need to enable the serial port on KBL NUC, navigate to the
   :ref:`troubleshooting <connect_serial_port>` to prepare the cable.
-- Follow below steps to install Clear Linux OS (Ver: 31470) onto both disks on the KBL NUC:
+- Follow below steps to install Clear Linux OS (Ver: 31670) onto both disks on the KBL NUC:
 
 .. _Clear Linux OS Server image:
-   https://download.clearlinux.org/releases/31470/clear/clear-31470-live-server.iso.xz
+   https://download.clearlinux.org/releases/31670/clear/clear-31670-live-server.iso
 
   #. Create a bootable USB drive on Linux*:
 
-     a. Download and decompress the `Clear Linux OS Server image`_::
-
-        $ unxz clear-31470-live-server.iso.xz
-
+     a. Download the `Clear Linux OS Server image`_.
      #. Plug in the USB drive.
      #. Use the ``lsblk`` command line to identify the USB drive:
 
@@ -50,7 +47,7 @@ for the RTVM.
      #. Unmount all the ``/dev/sdc`` partitions and burn the image onto the USB drive::
 
         $ umount /dev/sdc* 2>/dev/null
-        $ sudo dd if=./clear-31470-live-server.iso of=/dev/sdc oflag=sync status=progress bs=4M
+        $ sudo dd if=./clear-31670-live-server.iso of=/dev/sdc oflag=sync status=progress bs=4M
 
   #. Plug in the USB drive to the KBL NUC and boot from USB.
   #. Launch the Clear Linux OS installer boot menu.
@@ -134,7 +131,7 @@ Use the pre-installed industry ACRN hypervisor
 
    .. code-block:: none
 
-      # ./acrn_quick_setup.sh -s 31470 -d -i
+      # ./acrn_quick_setup.sh -s 31670 -d -i
 
    .. note:: ``-i`` option means the industry scenario efi image will be used, e.g.
       ``acrn.nuc7i7dnb.industry.efi``. For the detailed usage of the ``acrn_quick_setup.sh`` script, 
@@ -192,15 +189,15 @@ Use the ACRN industry out-of-the-box image
 
 #. Download the Service VM industry image::
 
-   # wget https://github.com/projectacrn/acrn-hypervisor/releases/download/acrn-2019w39.1-140000p/sos-industry-31080.img.xz
+   # wget https://github.com/projectacrn/acrn-hypervisor/releases/download/acrn-2019w47.1-140000p/sos-industry-31670.img.xz
 
 #. Decompress the .xz image::
 
-   # xz -d sos-industry-31080.img.xz
+   # xz -d sos-industry-31670.img.xz
 
 #. Burn the Service VM image onto the SATA disk::
 
-   # dd if=sos-industry-31080.img of=/dev/sda bs=4M oflag=sync status=progress
+   # dd if=sos-industry-31670.img of=/dev/sda bs=4M oflag=sync status=progress
 
 #. Configure the EFI firmware to boot the ACRN hypervisor by default:
    
@@ -226,15 +223,15 @@ Install and launch the Preempt-RT VM
 
 #. Download the Preempt-RT VM image::
 
-   # wget https://github.com/projectacrn/acrn-hypervisor/releases/download/acrn-2019w39.1-140000p/preempt-rt-31080.img.xz
+   # wget https://github.com/projectacrn/acrn-hypervisor/releases/download/acrn-2019w47.1-140000p/preempt-rt-31670.img.xz
 
 #. Decompress the xz image::
 
-   # xz -d preempt-rt-31080.img.xz
+   # xz -d preempt-rt-31670.img.xz
 
 #. Burn the Preempt-RT VM image onto the NVMe disk::
 
-   # dd if=preempt-rt-31080.img of=/dev/nvme0n1 bs=4M oflag=sync status=progress
+   # dd if=preempt-rt-31670.img of=/dev/nvme0n1 bs=4M oflag=sync status=progress
 
 #. Use the ``lspci`` command to ensure that the correct NVMe device IDs will
    be used for the passthru before launching the script:
@@ -425,6 +422,8 @@ this, follow the below steps to allocate all housekeeping tasks to core 0:
    .. code-block:: bash
    
       #!/bin/bash
+      # Copyright (C) 2019 Intel Corporation.
+      # SPDX-License-Identifier: BSD-3-Clause
       # Move all IRQs to core 0.
       for i in `cat /proc/interrupts | grep '^ *[0-9]*[0-9]:' | awk {'print $1'} | sed 's/:$//' `;
       do
@@ -525,20 +524,20 @@ EFI image doesn't exist
 You might see the error message if you are running the ``acrn_quick_setup.sh`` script
 on an older Clear Linux OS ( < 31470 ):
 
-   .. code-block:: console
+.. code-block:: console
 
-      /usr/lib/acrn/acrn.nuc7i7dnb.industry.efi doesn't exist.
-      Use one of these efi images from /usr/lib/acrn.
-      ------
-      /usr/lib/acrn/acrn.kbl-nuc-i7.industry.efi
-      ------
-      Copy the efi image to /usr/lib/acrn/acrn.nuc7i7dnb.industry.efi, then run the script again.
+   /usr/lib/acrn/acrn.nuc7i7dnb.industry.efi doesn't exist.
+   Use one of these efi images from /usr/lib/acrn.
+   ------
+   /usr/lib/acrn/acrn.kbl-nuc-i7.industry.efi
+   ------
+   Copy the efi image to /usr/lib/acrn/acrn.nuc7i7dnb.industry.efi, then run the script again.
 
 To fix it, just rename the existing efi image to ``/usr/lib/acrn/acrn.nuc7i7dnb.industry.efi`` and
 then run the script again::
 
-      # cp -r /usr/lib/acrn/acrn.kbl-nuc-i7.industry.efi /usr/lib/acrn/acrn.nuc7i7dnb.industry.efi
-      # ./acrn_quick_setup.sh -s <target version> -i -d
+   # cp -r /usr/lib/acrn/acrn.kbl-nuc-i7.industry.efi /usr/lib/acrn/acrn.nuc7i7dnb.industry.efi
+   # ./acrn_quick_setup.sh -s <target version> -i -d
 
 .. _enabling the network on RTVM:
 
@@ -562,6 +561,5 @@ If you need to access the internet, you must add the following command line to t
       $pm_channel $pm_by_vuart \
       --ovmf /usr/share/acrn/bios/OVMF.fd \
       hard_rtvm
-   
    }
 

doc/release_notes/release_notes_1.4.rst

@@ -22,7 +22,7 @@ or use Git clone and checkout commands::
 The project's online technical documentation is also tagged to correspond
 with a specific release: generated v1.4 documents can be found at https://projectacrn.github.io/1.4/.
 Documentation for the latest (master) branch is found at https://projectacrn.github.io/latest/.
-ACRN v1.4 requires Clear Linux* OS version 31520. Follow the
+ACRN v1.4 requires Clear Linux* OS version 31670. Follow the
 instructions in the :ref:`rt_industry_setup`.
 
 Version 1.4 major features
@@ -31,7 +31,7 @@ Version 1.4 major features
 What's New in v1.4
 ==================
 * ACRN now conforms to the Microsoft* Hypervisor Top-Level Functional Specification (TLFS).
-* Basic CPU sharing capabilities have been added.
+* ACRN scheduler framework re-architected capabilities have been added.
 * WaaG (Windows as a guest) stability and performance has been improved.
 * Realtime performance of the RTVM (preempt-RT kernel-based) has been improved.
 
@@ -39,6 +39,7 @@ Document updates
 ================
 Many new `reference documents <https://projectacrn.github.io>`_ are available, including:
 
+* :ref:`ACRN high-level design <hld>` documents.
 * :ref:`enable-s5`
 * :ref:`enable_laag_secure_boot`
 * :ref:`How-to-enable-secure-boot-for-windows`
@@ -50,8 +51,14 @@ Security Vulnerabilities
 We recommend that all developers upgrade to this v1.4 release, which
 addresses the following security issues that were discovered in previous releases:
 
+Mitigation for Machine Check Error on Page Size Change
+   Improper invalidation for page table updates by a virtual guest operating system for multiple 
+   Intel |reg| Processors may allow an authenticated user to potentially enable denial of service 
+   of the host system via local access. Malicious guest kernel could trigger this issue, CVE-2018-12207.
+
 AP Trampoline Is Accessible to the Service VM
-   This vulnerability is triggered when validating the memory isolation between the VM and hypervisor. The AP Trampoline code exists in the LOW_RAM region in the hypervisor but is
+   This vulnerability is triggered when validating the memory isolation between the VM and hypervisor.
+   The AP Trampoline code exists in the LOW_RAM region in the hypervisor but is
    potentially accessible to the Service VM. This could be used by an attacker to mount DoS
    attacks on the hypervisor if the Service VM is compromised.
 
@@ -189,6 +196,29 @@ release in Sep 2019 (click on the CommitID link to see details):
 
    git log --pretty=format:'- :acrn-commit:`%h` - %s' --after="2019-09-28"
 
+- :acrn-commit:`e0d14b70` - Doc: Grammatical edits to the 1.4 Release Notes.
+- :acrn-commit:`d8bd5088` - doc: Release notes v1.4
+- :acrn-commit:`90a61134` - Doc: Grammatical edits to the Advisory doc.
+- :acrn-commit:`c6bccd5c` - doc: Add Advisory notes
+- :acrn-commit:`94394ae9` - Doc: Grammatical edits to the Enable S5 Guide.
+- :acrn-commit:`b16e5987` - doc: enable s5 guide
+- :acrn-commit:`d473cafe` - dm: Add licenses to the scripts.
+- :acrn-commit:`79294b39` - Doc: Final edits for the HLD-Security doc.
+- :acrn-commit:`865d1a22` - doc: add hld-security guest secure boot description
+- :acrn-commit:`a4713fce` - doc: add copyright/license header to doc scripts
+- :acrn-commit:`04767070` - Doc: Final edits to the HV Hypercall doc.
+- :acrn-commit:`dcfa7587` - Doc: Final edits to the CPU Virt doc
+- :acrn-commit:`ce46f35d` - doc: review edits for rt_industry doc
+- :acrn-commit:`3298891f` - Doc: Final edits to the HLD Overview doc.
+- :acrn-commit:`a74a7551` - Doc: Final edits to Memory Mangt HLD doc.
+- :acrn-commit:`1c3f16f5` - doc: review edit for enable_laag_secure_boot
+- :acrn-commit:`ae126bd5` - doc: review edits for acrn_configuration_tool
+- :acrn-commit:`9687d72e` - doc: add cores and threads for CPU of supported hardware
+- :acrn-commit:`2d0739bf` - doc: fix error in building_from_source doc
+- :acrn-commit:`3b977eef` - doc: clean up the docs in try using acrn table.
+- :acrn-commit:`2a3178aa` - doc: Update Using Windows as Guest VM on ACRN
+- :acrn-commit:`9bd274ae` - doc:modfiy ubuntu build on 18.04
+- :acrn-commit:`7d818c82` - doc: Stop using kconfig to make a customized efi.
 - :acrn-commit:`67c64522` - dm: fix memory free issue for xhci
 - :acrn-commit:`3fb1021d` - Doc: Minor grammatical edits on various files.
 - :acrn-commit:`72f71192` - doc: fix doc build errors previously masked