Improve the comments and README (part II)

db71a9e2 · Alexander Popov · 82a4ee73 · db71a9e2 · db71a9e2
Commit db71a9e2 authored Jun 12, 2023 by Alexander Popov
Show whitespace changes
Inline Side-by-side

Showing with 13 additions and 11 deletions

README.md README.md +7 -5

__init__.py kconfig_hardened_check/__init__.py +6 -6

No files found.
--- a/README.md
+++ b/README.md
@@ -63,8 +63,8 @@ Some Linux distributions also provide `kconfig-hardened-check` as a package.
 ## Usage
 ```
-usage: kconfig-hardened-check [-h] [--version] [-p {X86_64,X86_32,ARM64,ARM}] [-c CONFIG] [-l CMDLINE]
+usage: kconfig-hardened-check [-h] [--version] [-p {X86_64,X86_32,ARM64,ARM}] [-c CONFIG]
-                              [-m {verbose,json,show_ok,show_fail}]
+                              [-l CMDLINE] [-m {verbose,json,show_ok,show_fail}]
 A tool for checking the security hardening options of the Linux kernel
@@ -72,11 +72,13 @@ options:
  -h, --help            show this help message and exit
  --version             show program's version number and exit
  -p {X86_64,X86_32,ARM64,ARM}, --print {X86_64,X86_32,ARM64,ARM}
-                        print security hardening options for the selected architecture
+                        print the security hardening recommendations for the selected
+                        microarchitecture
  -c CONFIG, --config CONFIG
-                        check security hardening options in the kernel kconfig file (also supports *.gz files)
+                        check the security hardening options in the kernel kconfig file (also
+                        supports *.gz files)
  -l CMDLINE, --cmdline CMDLINE
-                        check security hardening options in the kernel cmdline file
+                        check the security hardening options in the kernel cmdline file
  -m {verbose,json,show_ok,show_fail}, --mode {verbose,json,show_ok,show_fail}
                        choose the report mode
 ```

--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -40,9 +40,9 @@ def detect_arch(fname, archs):
                    if arch is None:
                        arch = option
                    else:
-                        return None, 'more than one supported architecture is detected'
+                        return None, 'more than one supported microarchitecture is detected'
        if arch is None:
-            return None, 'failed to detect architecture'
+            return None, 'failed to detect microarchitecture'
        return arch, 'OK'
@@ -209,11 +209,11 @@ def main():
                            description='A tool for checking the security hardening options of the Linux kernel')
    parser.add_argument('--version', action='version', version='%(prog)s ' + __version__)
    parser.add_argument('-p', '--print', choices=supported_archs,
-                        help='print security hardening options for the selected architecture')
+                        help='print the security hardening recommendations for the selected microarchitecture')
    parser.add_argument('-c', '--config',
-                        help='check security hardening options in the kernel kconfig file (also supports *.gz files)')
+                        help='check the security hardening options in the kernel kconfig file (also supports *.gz files)')
    parser.add_argument('-l', '--cmdline',
-                        help='check security hardening options in the kernel cmdline file')
+                        help='check the security hardening options in the kernel cmdline file')
    parser.add_argument('-m', '--mode', choices=report_modes,
                        help='choose the report mode')
    args = parser.parse_args()
@@ -239,7 +239,7 @@ def main():
        if arch is None:
            sys.exit(f'[!] ERROR: {msg}')
        if mode != 'json':
-            print(f'[+] Detected architecture: {arch}')
+            print(f'[+] Detected microarchitecture: {arch}')
        kernel_version, msg = detect_kernel_version(args.config)
        if kernel_version is None: