Update old tunables framework document/script.

Since commit 8b9e9c3c0bae497ad5e2d0ae2f333f62feddcc12, security_level replaces
is_secure. There were some old files need to be updated.

2017-03-23  Sunyeop Lee  <sunyeop97@gmail.com>

	* README.tunables: Updated descriptions.
	* elf/dl-tunables.list: Fixed typo: SXID_NONE -> NONE.
	* scripts/gen-tunables.awk: Updated the code related to the commit.

1 files changed, 7 insertions, 7 deletions

diff --git a/README.tunables b/README.tunables
index df74f3b24b..aace2fca8f 100644
--- a/README.tunables
+++ b/README.tunables
@@ -58,13 +58,13 @@ The list of allowed attributes are:
 
 - env_alias:		An alias environment variable
 
-- is_secure:		Specify whether the tunable should be read for setuid
-			binaries.  True allows the tunable to be read for
-			setuid binaries while false disables it.  Note that
-			even if this is set as true and the value is read, it
-			may not be used if it does not validate against the
-			acceptable values or is not considered safe by the
-			module.
+- security_level:	Specify security level of the tunable.  Valid values:
+
+			SXID_ERASE: (default) Don't read for AT_SECURE binaries and
+				    removed so that child processes can't read it.
+			SXID_IGNORE: Don't read for AT_SECURE binaries, but retained for
+				     non-AT_SECURE subprocesses.
+			NONE: Read all the time.
 
 2. Call either the TUNABLE_SET_VALUE and pass into it the tunable name and a
    pointer to the variable that should be set with the tunable value.