From e1c9ed16dca8115a052e08732ec66ce29c9da746 Mon Sep 17 00:00:00 2001
From: Joshua Lock <joshua.g.lock@intel.com>
Date: Thu, 18 Aug 2016 12:42:54 +0100
Subject: security_flags: update comment header

Embelish a little on the utility of the extra compiler and linker
flags enabled by this include.

Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
---
 meta/conf/distro/include/security_flags.inc | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'meta')

diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index 698f4c25ad..295c733d3e 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -1,6 +1,9 @@
-# Setup extra CFLAGS and LDFLAGS which have 'security' benefits. These 
-# don't work universally, there are recipes which can't use one, the other
-# or both so a blacklist is maintained here. The idea would be over
+# Setup extra CFLAGS and LDFLAGS which:
+# * add extra compilation checks for known security anti-patterns
+# * generate extra code to protect against various attacks
+# * harden the produced binaries to provide extra protection against attacks.
+# These don't work universally, there are recipes which can't use one, the
+# other or both so a blacklist is maintained here. The idea would be over
 # time to reduce this list to nothing.
 # From a Yocto Project perspective, this file is included and tested
 # in the DISTRO="poky-lsb" configuration.
-- 
cgit 1.2.3-korg