doc: Format security advisory titles and headings

Required so that the advisory documents are all valid RST files (with a
header) and that they all integrate into the document tree.

Change-Id: I68ca2b0b9e648e24b460deb772c471a38518da26
Signed-off-by: Paul Beesley <paul.beesley@arm.com>

docs/security_advisories/security-advisory-tfv-1.rst

+Advisory TFV-1 (CVE-2016-10319)
+===============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Malformed Firmware Update SMC can result in copy of         |
 |                | unexpectedly large data into secure memory                  |

docs/security_advisories/security-advisory-tfv-2.rst

+Advisory TFV-2 (CVE-2017-7564)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Enabled secure self-hosted invasive debug interface can     |
 |                | allow normal world to panic secure world                    |

docs/security_advisories/security-advisory-tfv-3.rst

+Advisory TFV-3 (CVE-2017-7563)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | RO memory is always executable at AArch64 Secure EL1        |
 +================+=============================================================+

docs/security_advisories/security-advisory-tfv-4.rst

+Advisory TFV-4 (CVE-2017-9607)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Malformed Firmware Update SMC can result in copy or         |
 |                | authentication of unexpected data in secure memory in       |

docs/security_advisories/security-advisory-tfv-5.rst

+Advisory TFV-5 (CVE-2017-15031)
+===============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Not initializing or saving/restoring ``PMCR_EL0`` can leak  |
 |                | secure world timing information                             |

docs/security_advisories/security-advisory-tfv-6.rst

+Advisory TFV-6 (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
+============================================================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Arm Trusted Firmware exposure to speculative processor      |
 |                | vulnerabilities using cache timing side-channels            |
@@ -28,13 +31,13 @@ these vulnerabilities on Arm systems, please refer to the `Arm Processor
 Security Update`_.
 
 Variant 1 (`CVE-2017-5753`_)
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+----------------------------
 
 At the time of writing, no vulnerable patterns have been observed in upstream TF
 code, therefore no workarounds have been applied or are planned.
 
 Variant 2 (`CVE-2017-5715`_)
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+----------------------------
 
 Where possible on vulnerable CPUs, Arm recommends invalidating the branch
 predictor as early as possible on entry into the secure world, before any branch
@@ -122,7 +125,7 @@ Cortex-A76, Cortex-A53, Cortex-A55, Cortex-A32, Cortex-A7 and Cortex-A5.
 For more information about non-Arm CPUs, please contact the CPU vendor.
 
 Variant 3 (`CVE-2017-5754`_)
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+----------------------------
 
 This variant is only exploitable between Exception Levels within the same
 translation regime, for example between EL0 and EL1, therefore this variant

docs/security_advisories/security-advisory-tfv-7.rst

+Advisory TFV-7 (CVE-2018-3639)
+==============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Trusted Firmware-A exposure to cache speculation            |
 |                | vulnerability Variant 4                                     |
@@ -46,7 +49,7 @@ for platforms that are unaffected or where the risk is deemed low enough.
 Arm CPUs not mentioned below are unaffected.
 
 Static mitigation
-~~~~~~~~~~~~~~~~~
+-----------------
 
 For affected CPUs, this approach enables the mitigation during EL3
 initialization, following every PE reset. No mechanism is provided to disable
@@ -67,7 +70,7 @@ TF-A implements this approach for the following affected CPUs:
   (``S3_0_C15_C1_0``).
 
 Dynamic mitigation
-~~~~~~~~~~~~~~~~~~
+------------------
 
 For affected CPUs, this approach also enables the mitigation during EL3
 initialization, following every PE reset. In addition, this approach implements

docs/security_advisories/security-advisory-tfv-8.rst

+Advisory TFV-8 (CVE-2018-19440)
+===============================
+
 +----------------+-------------------------------------------------------------+
 | Title          | Not saving x0 to x3 registers can leak information from one |
 |                | Normal World SMC client to another                          |