Improve the comments and README (part II)

[kconfig-hardened-check.git] / README.md

diff --git a/README.md b/README.md
index 0fd80e94899c614e740cc947201818b26871954f..dbdc1f3b72ae1911268aaceffc8c29823795e2fa 100644 (file)
--- a/README.md
+++ b/README.md
@@ -14,8 +14,8 @@ make our systems more secure.
 
 But nobody likes checking configs manually. So let the computers do their job!
 
-__kconfig-hardened-check__ helps me to check the Linux kernel options
-against my security hardening preferences, which are based on the
+__kconfig-hardened-check__ is a tool for checking the security hardening options of the Linux kernel.
+The recommendations are based on
 
   - [KSPP recommended settings][1]
   - [CLIP OS kernel configuration][2]
@@ -72,12 +72,13 @@ options:
   -h, --help            show this help message and exit
   --version             show program's version number and exit
   -p {X86_64,X86_32,ARM64,ARM}, --print {X86_64,X86_32,ARM64,ARM}
-                        print security hardening preferences for the selected architecture
+                        print the security hardening recommendations for the selected
+                        microarchitecture
   -c CONFIG, --config CONFIG
-                        check the kernel kconfig file against these preferences (also supports
-                        *.gz files)
+                        check the security hardening options in the kernel kconfig file (also
+                        supports *.gz files)
   -l CMDLINE, --cmdline CMDLINE
-                        check the kernel cmdline file against these preferences
+                        check the security hardening options in the kernel cmdline file
   -m {verbose,json,show_ok,show_fail}, --mode {verbose,json,show_ok,show_fail}
                         choose the report mode
 ```