2 files changed, 39 insertions, 0 deletions
diff --git a/documentation/dev-manual/dev-manual-common-tasks.xml b/documentation/dev-manual/dev-manual-common-tasks.xml
index 3d5a9b6cad..c6e4efd6d9 100644
--- a/documentation/dev-manual/dev-manual-common-tasks.xml
+++ b/documentation/dev-manual/dev-manual-common-tasks.xml
@@ -3534,6 +3534,38 @@
        </section>
    </section>
+    <section id='making-images-more-secure'>
+        <title>Making Images More Secure</title>
+        <para>
+            The Yocto Project has security flags that you can enable that
+            help make your build output more secure.
+            The security flags are in the
+            <filename>meta/conf/distro/include/security_flags.inc</filename>
+            file in your
+            <link linkend='source-directory'>Source Directory</link>
+            (e.g. <filename>poky</filename>).
+        </para>
+        <para>
+            These GCC/LD flags enable more secure code generation.
+            By including the <filename>security_flags.inc</filename>
+            file, you enable flags to the compiler and linker that cause
+            them to generate more secure code.
+            <note>
+                These flags are enabled by default in the
+                <filename>poky-lsb</filename> distribution.
+            </note>
+            Use the following line in your
+            <filename>local.conf</filename> file
+            to enable the security compiler and
+            linker flags to your build:
+            <literallayout class='monospaced'>
+     require conf/distro/include/security_flags.inc
+            </literallayout>
+        </para>
+    </section>
    <section id='creating-your-own-distribution'>
        <title>Creating Your Own Distribution</title>
diff --git a/documentation/ref-manual/ref-variables.xml b/documentation/ref-manual/ref-variables.xml
index 7539136734..22d7f13a0a 100644
--- a/documentation/ref-manual/ref-variables.xml
+++ b/documentation/ref-manual/ref-variables.xml
@@ -1118,6 +1118,13 @@
                    This variable evaluates to the same as
                    <filename><link linkend='var-TARGET_CFLAGS'>TARGET_CFLAGS</link></filename>.
                </para>
+                <para>
+                    For information on flags that help with creating more
+                    secure code, see the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#making-images-more-secure'>Making Images More Secure</ulink>"
+                    section in the Yocto Project Development Manual.
+                </para>
            </glossdef>
        </glossentry>

diff --git a/documentation/dev-manual/dev-manual-common-tasks.xml b/documentation/dev-manual/dev-manual-common-tasks.xml index 3d5a9b6cad..c6e4efd6d9 100644 --- a/documentation/dev-manual/dev-manual-common-tasks.xml +++ b/documentation/dev-manual/dev-manual-common-tasks.xml
@@ -3534,6 +3534,38 @@
3534	</section>	3534	</section>
3535	</section>	3535	</section>
3536		3536
		3537	<section id='making-images-more-secure'>
		3538	<title>Making Images More Secure</title>
		3539
		3540	<para>
		3541	The Yocto Project has security flags that you can enable that
		3542	help make your build output more secure.
		3543	The security flags are in the
		3544	<filename>meta/conf/distro/include/security_flags.inc</filename>
		3545	file in your
		3546	<link linkend='source-directory'>Source Directory</link>
		3547	(e.g. <filename>poky</filename>).
		3548	</para>
		3549
		3550	<para>
		3551	These GCC/LD flags enable more secure code generation.
		3552	By including the <filename>security_flags.inc</filename>
		3553	file, you enable flags to the compiler and linker that cause
		3554	them to generate more secure code.
		3555	<note>
		3556	These flags are enabled by default in the
		3557	<filename>poky-lsb</filename> distribution.
		3558	</note>
		3559	Use the following line in your
		3560	<filename>local.conf</filename> file
		3561	to enable the security compiler and
		3562	linker flags to your build:
		3563	<literallayout class='monospaced'>
		3564	require conf/distro/include/security_flags.inc
		3565	</literallayout>
		3566	</para>
		3567	</section>
		3568
3537	<section id='creating-your-own-distribution'>	3569	<section id='creating-your-own-distribution'>
3538	<title>Creating Your Own Distribution</title>	3570	<title>Creating Your Own Distribution</title>
3539		3571


diff --git a/documentation/ref-manual/ref-variables.xml b/documentation/ref-manual/ref-variables.xml index 7539136734..22d7f13a0a 100644 --- a/documentation/ref-manual/ref-variables.xml +++ b/documentation/ref-manual/ref-variables.xml
@@ -1118,6 +1118,13 @@
1118	This variable evaluates to the same as	1118	This variable evaluates to the same as
1119	<filename><link linkend='var-TARGET_CFLAGS'>TARGET_CFLAGS</link></filename>.	1119	<filename><link linkend='var-TARGET_CFLAGS'>TARGET_CFLAGS</link></filename>.
1120	</para>	1120	</para>
		1121
		1122	<para>
		1123	For information on flags that help with creating more
		1124	secure code, see the
		1125	"<ulink url='&YOCTO_DOCS_DEV_URL;#making-images-more-secure'>Making Images More Secure</ulink>"
		1126	section in the Yocto Project Development Manual.
		1127	</para>
1121	</glossdef>	1128	</glossdef>
1122	</glossentry>	1129	</glossentry>
1123		1130