diff mbox series

[1/3] Add a security manual

Message ID 20260106-security-manual-v1-1-500fe611a4d0@bootlin.com
State Under Review
Headers show
Series Add a security manual | expand

Commit Message

Antonin Godard Jan. 6, 2026, 3:34 p.m. UTC 
A new manual in the documentation, to separate out security-oriented
tasks from other ones. The end-goal of this manual is to be a place
where users can add security tutorials/tips to harden images, or
document ways to deal with vulnerabilities, as long as it's supported by
the Yocto Project.

Add an intro document stating what this manual is for and what it's not
for.

[YOCTO #14509]

Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
---
 documentation/index.rst                 |  1 +
 documentation/security-manual/index.rst | 16 ++++++++++++++++
 documentation/security-manual/intro.rst | 28 ++++++++++++++++++++++++++++
 3 files changed, 45 insertions(+)
diff mbox series

Patch

diff --git a/documentation/index.rst b/documentation/index.rst
index 037edcee6..7d933acc0 100644
--- a/documentation/index.rst
+++ b/documentation/index.rst
@@ -30,6 +30,7 @@  Welcome to the Yocto Project Documentation
    Board Support Package (BSP) Developer's guide <bsp-guide/index>
    Development Tasks Manual <dev-manual/index>
    Linux Kernel Development Manual <kernel-dev/index>
+   Security Manual <security-manual/index>
    Profile and Tracing Manual <profile-manual/index>
    Application Development and the Extensible SDK (eSDK) <sdk-manual/index>
    Toaster Manual <toaster-manual/index>
diff --git a/documentation/security-manual/index.rst b/documentation/security-manual/index.rst
new file mode 100644
index 000000000..92a883f00
--- /dev/null
+++ b/documentation/security-manual/index.rst
@@ -0,0 +1,16 @@ 
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+=============================
+Yocto Project Security Manual
+=============================
+
+|
+
+.. toctree::
+   :caption: Table of Contents
+   :numbered:
+
+   intro
+
+.. include:: /boilerplate.rst
+
diff --git a/documentation/security-manual/intro.rst b/documentation/security-manual/intro.rst
new file mode 100644
index 000000000..03a8ed1ca
--- /dev/null
+++ b/documentation/security-manual/intro.rst
@@ -0,0 +1,28 @@ 
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+************
+Introduction
+************
+
+Welcome to the Yocto Project Security Manual. This manual provides relevant
+procedures necessary for dealing with security-related tasks supported in the
+Yocto Project environment. This manual groups related procedures into
+higher-level sections. Procedures can consist of high-level steps or low-level
+steps depending on the topic.
+
+This manual provides the following:
+
+-  Procedures that help you securing an image with features supported by the
+   Yocto Project; for example making a root filesystem read-only.
+
+-  Procedures related to processes outside of the target images; for example how
+   to deal with vulnerabilities.
+
+This manual does not provide the following:
+
+-  Procedures on security features implemented outside of
+   :term:`OpenEmbedded-Core (OE-Core)`.
+
+-  Documentation on the security mechanisms themselves, which can often be found
+   in the documentation of the feature itself. This manual focuses on how to
+   integrate the security mechanism within the Yocto Project.